CREATE OAUTH2OIDC NODE TO ALLOW SAME AUTHENTICATION METHODS USED

Create OAuth2/OIDC Node to allow same authentication methods used and supported by our own OpenID Connect provider and clients (OPENAM-16314)

[OPENAM-17491] Manually test PKI Created: 2021-03-03  Updated: 2021-03-08  Resolved: 2021-03-08

Status:

Closed

Project:

OpenAM

Component/s:

authentication, oauth2, OpenID Connect

Affects Version/s:

None

Fix Version/s:

7.1.0

Type:

Sub-task

Priority:

Major

Reporter:

Kevin Umebolu

Assignee:

Alun Daley

Resolution:

Fixed

Votes:

0

Labels:

CustomerRFE, NEWTON

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original Estimate:

Not Specified

Rank:

1|i03vlc:

Sprint:

AM 2021.02 - Water Turbine, AM 2021.03 - Chess, AM 2021.04 - Mariners Compass

Comment by Alun Daley [ 2021-03-03 ]

Test Cases

1. Mapping new secret id exposes new jwk at RP jwk uri

2. Mapping new secret id and selecting TLS_CLIENT_AUTH in client config facilitates AM sending client certs to OP and successfully obtaining an id/access token

3. Lack of new secret id mapping means no jwk exposed at jwk URI

4. Lack of new secret id mapping and selecting TLS_CLIENT_AUTH in client config results in no client certs being sent

Comment by Alun Daley [ 2021-03-04 ]

https://drive.google.com/file/d/1yy2KfgGX7ssb5xEQQN7smN2sjE024fZD/view