OpenID Connect InteropでRPが実施すべきテスト一覧を残しておく。
Use the OP http://www.kodtest.se:8088/ . This OP supports provider info discovery and client registration. When you issue the authorization request specify for instance scope="openid email". To verify that the OP acted on the scope specification you have to do a Userinfo request and check that there it contains email and email_verified claims.
- リクエストでscope=openid emailを指定
- UserInfoレスポンスでemail, verifiedが返ってくることを確認