Discovery Client Get Endpoints Basic

Uses the GetEndpoints Service to obtain all Endpoints for a given Server URI. General Tests in the Request - EndpointURL: is not null or empty, and contains a valid URL (syntax check) - LocaleIds: syntax of each specified locale is correct. - ProfileUris: is not null or empty and each profile URI is a valid URL.


Questions? Contact us
Generated: 22/11/2021 at 17:22:12 p.m.
Discovery Client Get Endpoints Basic - 52 Test Cases
Test Case Id Test Type Keywords Test Case Description Test Requirements Expected Result

001

Lab GetEndpoints  Using the default parameter values, monitor service call and analyze passed parameter for correctness and adherence to the Specifications.
A list of endpoints matching the criteria are returned and correctly processed by the Client.
For each endpoint received, test that the Client can actually connect using it.
For each endpoint that the Client displays it should be able to connect to; meaning that some endpoints may be filtered and therefore not shown.

002

Lab GetEndpoints  Query the endpoints of a remote UA Server.
Verify EndpointUrl contains the network address the client used to access the discovery endpoint.

003

Lab GetEndpoints  Specify a single locale in the search as supported by the OPC UA Server being tested against.
For example, search for US-EN or DE etc.
Client verifies the locale under the Server (applicationDescription) `applicationName` (localizedText) parameter.

004

Lab GetEndpoints  Specify multiple locales in the search based on those interested by the end-user. For example search for `EN-US` and `DE-DE`.
Verify the client can correctly request the locales in a single call.
Client verifies the locale under the Server (applicationDescription) `applicationName` (localizedText) parameter.

005

Lab GetEndpoints  Specify an empty list
Server will return default locale. Verify client can identify default locale and whether it can use it or not. If the default is not a supported locale, then the Client may still use the endpoint based on end-user input or a configuration setting.

006

GetEndpoints  Specify a single Transport ProfileUri, for example: `SOAP-HTTP WS-SC UA Binary`.
Client correctly requests the transport profile(s) of interest and verifies the endpoints returned match (`transportProfileUri` parameter) the request.

007

GetEndpoints  Specify multiple Transport ProfileUris.
Client correctly requests the transport profile(s) of interest and verifies the endpoints returned match (`transportProfileUri` parameter) the request.

008

GetEndpoints  If the Client caches the endpoints of a Server then use an entry to connect to an endpoint that no longer exists in the specified Server.
Client logs and/or displays some kind of informational message to the end-user that the endpoint is no longer valid.
Client may/should rebuild its cache by calling GetEndpoints on the Server (a full discovery may be required to accomplish this).
CU: Discovery Client Get Endpoints Dynamic.

009

GetEndpoints  For a client that supports a limited set of transport protocols, the client requests the different transport ProfileUris that it supports:
1 SOAP-HTTP WS-SC UA Binary
2 SOAP-HTTP WS-SC UA XML
3 SOAP-HTTP WS-SC UA XML Binary
4 UA TCP UA-SC UA Binary
Check the client is able to use a transport profile as returned, e.g. if it requests UA TCP then it uses UA TCP for the transport. If it requested multiple profiles then it will use one that was returned.
Check each transport.

010

CTT GetEndpoints  Client queries a local or remote Server using default parameters.
Server replies with multiple identical endpoints except that they are unique because of their security profile.
Client treats each endpoint as a separate entity, even though they appear to be the same.
If results are displayed in a graphical environment then they include some indication of the security differences (it is also recommended that more secure selection appear in a preferential manner).
If a client does not display the list, but just uses one to connect then the Client uses an Endpoint returned in the call.

011

CTT GetEndpoints  When querying a Remote UA Server, the Server replies Endpoints[0].SecurityMode = NONE.
If client displays the information in a graphical environment, then it should also warn an end-user about the risks of using an insecure remote connection.

012

GetEndpoints  Client queries using default parameters. Server response includes endpoints identifying each possible application type (SERVER_0, CLIENT_1, CLIENTANDSERVER_2, DISCOVERYSERVER_3)
Client is able to identify the different application types.
If/when displaying this information the Client may filter the list to show only those endpoints that are supported and/or display the different application types differently.
Client does not allow the selection of a Client endpoint or any other application type that it does not support.

013

GetEndpoints  Client queries using default parameters. Server response includes endpoints identifying each possible MessageSecurityMode (INVALID_0, NONE_1, SIGN_2, SIGNANDENCRYPT_3)
Client is able to identify those endpoints which specify supported MessageSecurityMode types.
If/when displaying this information the Client may filter the list to show only those endpoints that are supported of the valid MessageSecurityMode (value >=1 && <=3) and/or display the different application types differently.
Client does not allow the selection of an endpoint using a MessageSecurityMode that it does not support (e.g. 0).

014

GetEndpoints  Client queries using default parameters. Server response includes endpoints identifying each possible UserTokenPolicy type (ANONYMOUS_0, USERNAME_1, CERTIFICATE_2, ISSUEDTOKEN_3
Client is able to identify those endpoints which specify supported UserTokenPolicy types.
If/when displaying this information the Client may filter the list to show only the endpoints configured with a UserTokenPolicy that the Client supports and/or display the different security types differently.

015

GetEndpoints  Client queries using default parameters. Server response includes endpoints identifying various security levels.
If the Client is able to identify relative `secureness` among the individual endpoints based on associated security level then it may choose to display or sort the endpoint lists accordingly.

016

GetEndpoints  Client queries using default parameters. Server response includes one or more endpoints which specify a GatewayServerUri and one or more endpoints which do not specify a GatewayServerUri.
Client is able to identify and differentiate those endpoints which specify a gatewayServerUri and those which do not.
The Client would be recommended to provide some form visualization or notification that an endpoint (containing a gatewayServerUri) would be connected to via a Gateway.

017

GetEndpoints  Client queries using default parameters. Server response includes one or more endpoints which specify a DiscoveryProfileUri and one or more endpoints which do not specify a DiscoveryProfileUri.
Client is able to identify and differentiate those endpoints which specify a discoveryProfileUri and those which do not. Client is able to identify any discoveryProfileUri which it does not support.

018

GetEndpoints  ServiceResult = Good.
endpointDescriptions[0].UserIdentityTokens are empty, when a secure channel is desired.
Client assumes that the only identity token type is Anonymous.

Err-001

Lab GetEndpoints  Randomly inject one of the following status codes into the Service Result.
Repeat this test numerous times each time varying the code:

1. Bad_NothingToDo
2. Bad_InternalError
3. Bad_OutOfMemory
4. Bad_RequestTooLarge
5. Bad_ResponseTooLarge
6. Bad_UnexpectedError
7. Bad_UserAccessDenied
8. Bad_Timeout

Err-002

CTT GetEndpoints  ServiceResult = Good.
Endpoints are empty.
Client reports that nothing was received.

Err-003

CTT GetEndpoints  Servers[0] endpoint information is copied 100% into EndPoints [1] and EndPoints [2]
Ideally, the Client would identify and remove any duplicate information, although this is not a requirement.

Err-004

CTT GetEndpoints  Client request includes filter such as: localeIds and/or profileUris.
Server returns results outside bounds of the filter.
Ideally, the Client would identify endpoints which do not conform to the filter, although this is not a requirement

Err-005

CTT GetEndpoints  ServiceResult = Good, the first EndPoints[] endpointUrl is empty.
Client may choose to filter the endpoint from a display and/or report to the end-user that an invalid endpoint was received.

Err-006

CTT GetEndpoints  ServiceResult = Good, EndPoints [0] endPointUrl uses different IP/Hostname than defined in ServerCertificate.
[Spoofing scenario] Client must verify that endpointUrl matches the HostNames specified in the Certificate.
Client may choose to filter the endpoint from a display and/or report to the end-user that an invalid endpoint was received citing the hostname specifically.
For interactive Clients they may choose to prompt the end-user to override and accept the use of the endpoint in order to connect to the UA Server.

Err-007

CTT GetEndpoints  ServiceResult = Good. Endpoints[0].ApplicationUri is empty.
Client identifies the incomplete endpoint description.
Client discards the endpoint.
Client may report a message that an invalid record was received.

Err-008

CTT GetEndpoints  ServiceResult = Good. Endpoints[0].DiscoveryUrls is empty.
Client identifies the incomplete endpoint description.
Client discards the endpoint.
Client may report a message that an invalid record was received.

Err-009

CTT GetEndpoints  ServiceResult = Good, EndPoints[0] server is null.
Client identifies the incomplete endpoint description.
Client discards the endpoint.
Client may report a message that an invalid record was received.

Err-010

CTT GetEndpoints  ServiceResult = Good. Endpoints[0].Server.ApplicationType is CLIENT_1, gatewayServerUri is not empty.
Client ignores or marks the record differently so as to not be used.

Err-011

CTT GetEndpoints  ServiceResult = Good. Endpoints[0].Server.ApplicationType is CLIENT_1, discoveryProfileUri is not empty
Client ignores or marks the record differently so as to not be used.

Err-012

CTT GetEndpoints  ServiceResult = Good. Endpoints[0].Server.ApplicationType is CLIENT_1 discoveryUrls is not empty.
Client ignores or marks the record differently so as to not be used.

Err-013

CTT GetEndpoints  ServiceResult = Good, EndPoints [0].server.applicationUri is different from EndPoints [0].serverCertificate.applicationUri
Note: Part 4, table 104 states the applicationUri in both places (as stated above) must match.
[Spoofing scenario]Client can identify that ApplicationUri`s do not match. Client reports an Error and marks the record differently so as to not be used. The Client may also discard the record from being used and/or displayed.

Err-014

Lab GetEndpoints  Certificate is valid but not trusted by the client.
Client is able to identify the un-trusted certificate.
Client may elect to trust the certificate based on its configuration or at the request of the end-user.

Err-015

Lab GetEndpoints  Certificate is not valid: expired.
Client is able to identify the invalid certificate and refuses the connection unless overruled by the end-user or based on the configuration.

Err-016

Lab GetEndpoints  Certificate is not valid: `valid from` is in the future.
Note: Part 4 clause 6.1.5 states that a certificate is valid if it has passed its issue date. Also Table 101.
Client is able to identify the invalid certificate and warns the end-user.
Client refuses the connection unless overruled by the end-user or based on the configuration.

Err-017

Lab GetEndpoints  Unavailable  Certificate is valid but does not support required keyUsage (parameter within the serverCertificate).
Client reports that an invalid certificate has been received.
Client discards the endpoint record so that it will not be available for use with establishing a session.

Err-018

Lab GetEndpoints  Unavailable  Certificate is valid but does not support required ExtendedKeyUsage (parameter within the serverCertificate).
Client reports that an invalid certificate has been received.
Client discards the endpoint record so that it will not be available for use with establishing a session.

Err-019

Lab GetEndpoints  Unavailable  Certificate hostnames list is empty.
Client is able to identify the bad certificate.
Client refuses the connection unless overruled by the end-user or based on the configuration.

Err-020

Lab GetEndpoints  Unavailable  Certificate is invalid, the hash does not compute (certificate has been modified).
Client reports that an invalid certificate has been received.
Client discards the endpoint record so that it will not be available for use with establishing a session.

Err-021

CTT GetEndpoints  ServiceResult = Good, endpoints[0].SecurityMode is INVALID_0.
Client is able to identify the invalid security mode and does not use the endpoint for a connection.
A Client with a GUI may filter the record or display it in an error state.

Err-022

CTT GetEndpoints  ServiceResult = Good, one of the endpointDescriptions contains an invalid SecurityPolicyUri (empty)
Client logs and/or displays an error to the end-user and does not use the endpoint for a connection.
A Client with a GUI may filter the record or display it in an error state.

Err-023

CTT GetEndpoints  ServiceResult = Good.
EndpointDescriptions[0].SecurityPolicyUri contains a string that is not formatted as a Uri.
Client logs and/or displays an error to the end-user and does not use the endpoint for a connection.
A Client with a GUI may filter the record or display it in an error state.

Err-024

CTT GetEndpoints  ServiceResult = Good.
Response includes endpoints where one endpoint specifies a SecurityPolicyUri which is not supported by the client.
Client logs and/or displays or in some manner identifies or excludes those endpoints which specify unsupported SecurityPolicyUri.

Err-025

CTT GetEndpoints  ServiceResult = Good.
Response includes endpoints where all endpoints specify a SecurityPolicyUri which is not supported by the client.
Client logs and/or displays or in some manner identifies or excludes those endpoints which specify unsupported SecurityPolicyUri.

Err-026

CTT GetEndpoints  ServiceResult = Good. Response includes at least one endpoint where userIdentityTokens.tokenType is ISSUEDTOKEN_3 but userIdentityTokens.issuedtokenType is empty.
Client logs and/or displays an error to the end-user about misbehaving server and does not use the endpoint for a connection. The endpoint is not displayed or is displayed while being identified in error state.

Err-027

CTT GetEndpoints  ServiceResult = Good. Response includes at least one endpoint where userIdentityTokens.tokenType is not ISSUEDTOKEN_3 but userIdentityTokens.issuedtokenType is not empty.
Client may report a warning to the end-user about this problem, but it is not required to.
The client can use the endpoint.

Err-028

CTT GetEndpoints  ServiceResult = Good.
endpointDescriptions[0].transportProfileUri is empty.
Client logs and/or displays an error to the end-user about misbehaving server and does not use the endpoint for a connection. The endpoint is not displayed or is displayed while being identified in error state.

Err-029

CTT GetEndpoints  ServiceResult = Good.
endpointDescriptions[0].transportProfileUri is not a valid Uri.
Client logs and/or displays an error to the end-user about misbehaving server and does not use the endpoint for a connection. The endpoint is not displayed or is displayed while being identified in error state.

Err-030

CTT GetEndpoints  Client queries specifying one or more profileUris. Server response includes endpoints which do not support the requested profileUri.
The client may simply process/use the endpoints it receives.
A Client may validate the response and do `client-side filtering` and if so then report these problems to the end user. But this is not a requirement.

Err-031

CTT GetEndpoints  Client queries specifying one or more profileUris. Server response includes endpoints where one or more endpoints support the requested profileUri and one or more endpoints do not support the requested profileUri.
The client may simply process/use the endpoints it receives.
A Client may validate the response and do `client-side filtering` and if so then report these problems to the end user. But this is not a requirement.

Err-032

CTT GetEndpoints  ServiceResult = Good.
endpointDescriptions[0].securityLevel is 0.
If client displays the information in a graphical environment, then it should also warn an end-user about the risks of using an insecure remote connection. This warning can occur on attempting to connect or as part of what is being displayed.
If the client does not display information, then it should log or generate a warning about an insecure connection.

Err-033

CTT GetEndpoints  ServiceResult = Good.
endpointDescriptions[*].securityLevel is different for each returned endpoint, e.g.
* 10
* 100
* 254
Client provides this information to the end-user in a way that clearly reflects which endpoints are more secure and recommended for connection.
If no GUI is available as part of a client, the client should select the most secure endpoint that matches other requirements (e.g. if TCP is preferred, but HTTP is supported then can select less secure TCP connection of more secure TCP). But a 0 is a special case and anything that is more secure should be select over it.

Err-034

CTT GetEndpoints  ServiceResult = Good. Response includes multiple endpoint descriptions where all indicate the same security Level but with varying securityModes and userTokenPolicy`s.
If the client has the capability to organize endpoints based on `secureness` then should utilize the alternate fields securityMode and/or userIdentityTokens.
If no GUI present, then Client may opt to use the endpoint that matches its configuration, e.g. use the most secure or use the fastest. The behavior must be verified against the documentation.