-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feat] OIDC Provider staff panel for testing a RP #72
Comments
@dezhizhang1985 please add a concrete navbar with history page of user accesses The application where to develop this feature is relying_party_test. Then we need a django global settings dictionary, fullfilled of packages-as-string (dynamically importables), each package has a function with a common name and a common set of kwargs. Each function returns the issued tokens and also the authz code, all in. When a staff user comes in the test page here we have to get OR create all the available tests (take from that setting dict) FROM/TO here. If a test is already done, we'll represent the status. If not we create it without a status. All the tests are now represented to the staff user. He can checks the status of these and run these again, using the current session (using your browser) or via batch. The only way to have tests via batch is if the RP support a public url where to trigger the authz request to a provider. Va batch the code would be similar to this, using an embedded chrome browser that can take screenshots
pointing and clicking via web we also need a bunch of js lines of code that inspect the values of these DOM input fields
and also the id of the pressed button (that has the id of the test), via POST. If batch the view will execute the embedded browser starting from the authz url of the RP, collects http status code and takes a screeshot. If browser the operator will check by hands and will mark the test as failed. |
SPID/CIE QaD testsOnce the submission passes the initial checks the request is saved and a batch will start the
The tests produces a json report. Considerations
|
This feature will be developed by AgID so this issue is on hold untill we don't get a clear plan |
if a user gets logged in and he is a staff (user.is_staff == True) we MUST redirect the user to the testing page instead of the consent one.
In the testing page the user (staff) can select one of the several test we'll have to check the compliances of a RP to SPID and/or CIE id.
the user can also be able to change the attributes, remove or add, to be released to the RPs.
The text was updated successfully, but these errors were encountered: