Uploaded image for project: 'PUBLIC - OAuth2'
  1. PUBLIC - OAuth2
  2. OAUTH2-219

OAuth2 tests covering 7.1.0 release - Part 2 our of 3

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.0-portal_7.1.0
    • Fix Version/s: 1.0-portal_7.1.0
    • Component/s: None
    • Labels:
      None

      Description

      Implemented stories

      • --OAUTH2-96-- REQ029.UC001 PREVENT Misuse of Authorization Code to Impersonate Resource Owner
        • INTEGRATION: SecurityTest
      • --OAUTH2-97-- REQ029.UC002 PREVENT Authorization Code Redirection URI Manipulation (open redirect)
        • INTEGRATION: SecurityTest
      • --OAUTH2-98-- REQ029.UC003 PREVENT Attacking ‘redirect_uri’ (leaking authorization codes through XSS)
        • No automated test possible
      • --OAUTH2-99-- REQ029.UC004 PREVENT Clickjacking
        • INTEGRATION: SecurityTest
      • --OAUTH2-101-- REQ031.UC001 PREVENT TOCTOU when registering new scopes after access tokens have been granted (global scopes/aliases)
        • MISSING
      • --OAUTH2-102-- REQ031.UC002 PREVENT TOCTOU when registering new scopes after access tokens have been granted (Name conflicting scopes)
        • MISSING
      • --OAUTH2-28-- REQ015 [RFC 7662] OAuth 2.0 Token Introspection
        • MISSING

        Attachments

          Issue Links

          relates

          Sub-Task - The sub-task of the issue OAUTH2-96 REQ029.UC001 PREVENT Misuse of Authorization Code to Impersonate Resource Owner

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Sub-Task - The sub-task of the issue OAUTH2-97 REQ029.UC002 PREVENT Authorization Code Redirection URI Manipulation (open redirect)

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Sub-Task - The sub-task of the issue OAUTH2-98 REQ029.UC003 PREVENT Attacking ‘redirect_uri’ (leaking authorization codes through XSS)

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Sub-Task - The sub-task of the issue OAUTH2-99 REQ029.UC004 PREVENT Clickjacking

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Sub-Task - The sub-task of the issue OAUTH2-101 REQ031.UC001 PREVENT TOCTOU when registering new scopes after access tokens have been granted (global scopes/aliases)

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Sub-Task - The sub-task of the issue OAUTH2-102 REQ031.UC002 PREVENT TOCTOU when registering new scopes after access tokens have been granted (Name conflicting scopes)

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. OAUTH2-28 REQ015 [RFC 7662] OAuth 2.0 Token Introspection

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Task - OAUTH2-179 OAuth2 tests covering 7.1.0 release - Part 1 out of 3

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              tomas.polesovsky Tomáš Polešovský
              Participants of an Issue:
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:

                  Packages

                  Version Package
                  1.0-portal_7.1.0