Compliance test for OpenID providers

There are no conformance tests (at least officially approved) that I know of - even for 1.1. Certainly its something that would be very high value. Same goes for oAuth - they're both complex protocols and sometimes event the spec doesn't cover everything.

Probably the only thing you can do right now is thorough unit testing coverage locally.


You could look at http://test-id.net/ which has a set of tests written in .net.


There's this thing for 1.1-only: http://openidenabled.com/resources/openid-test/diagnose-server/

We never upgraded it for 2.0. Once or twice a year someone comes along and says "hey, we should have better testing tools," but as far as I (and others, judging from the responses here) know, none of those efforts has bore fruit yet.

Edited to add: another related project is at http://code.google.com/p/openid-test/