Enhance OAuth integration test to check security of the OAuth server
--------------------------------------------------------------------
Key: AMDATUAUTH-70
URL: http://jira.amdatu.org/jira/browse/AMDATUAUTH-70
Project: Amdatu Auth
Issue Type: Improvement
Components: OAuth server
Affects Versions: 0.1.1
Reporter: Ivo Ladage - van Doorn
Fix For: 0.2.2
It would be a good idea to enhance the OAuth integration test to specifically
test its security. For example:
- Sending no oauth_verifier
- Sending the wrong oauth_verifier
- Obtain a request token for an non existing consumer
- Obtain a request token for an existing consumer with the wrong consumer secret
- Exchanging request token for access token with the wrong token secret
- Authorizing an access token
- Authorizing a request token without userid
- Using expired tokens
- Replay attacks
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
Amdatu-developers mailing list
[email protected]
http://lists.amdatu.org/mailman/listinfo/amdatu-developers
