Test info

Profile: {'openid-configuration': 'config', 'response_type': 'id_token+token', 'crypto': 'encrypt+none+sign', 'registration': 'static'}
Timestamp: 2016-02-01T23:30:21Z
Test description: Scope requesting profile claims [Basic, Implicit, Hybrid]
Test ID: OP-scope-profile
Issuer: https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth

Test output


__AuthorizationRequest:pre__
[check-response-type]
	status: OK
	description: Checks that the asked for response type are among the supported
[check-endpoint]
	status: OK
	description: Checks that the necessary endpoint exists at a server
__After completing the test flow:__
[check-http-response]
	status: OK
	description: Checks that the HTTP response status is within the 200 or 300 range
[verify-response]
	status: OK
	description: Checks that the last response was one of a possible set of OpenID Connect Responses
[verify-scopes]
	status: WARNING
	description: Verifies that the claims corresponding to the requested scopes are returned
	info: The following claims were missing from the returned information: ['middle_name', 'nickname', 'profile', 'picture', 'website', 'gender', 'birthdate', 'zoneinfo', 'locale']
__X:==== END ====__

Trace output


0.000463 ------------ DiscoveryRequest ------------
0.000481 Provider info discover from 'https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth'
0.000489 --> URL: https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/.well-known/openid-configuration
0.923340 ProviderConfigurationResponse: {
  "account_endpoint": "https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/account",
  "authorization_endpoint": "https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/authorise",
  "claims_parameter_supported": false,
  "claims_supported": [
    "address",
    "email",
    "family_name",
    "given_name",
    "name",
    "phone_number",
    "preferred_username",
    "sub",
    "updated_at"
  ],
  "display_values_supported": [
    "page",
    "popup",
    "touch",
    "wap"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "issuer": "https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth",
  "jwks_uri": "https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/keys",
  "request_parameter_supported": false,
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": true,
  "response_types_supported": [
    "code",
    "token",
    "id_token",
    "token id_token"
  ],
  "revocation_endpoint": "https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/revoke",
  "scopes_supported": [
    "openid",
    "address",
    "profile",
    "email",
    "phone"
  ],
  "subject_types_supported": [
    "public"
  ],
  "token_endpoint": "https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/token",
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post"
  ],
  "userinfo_endpoint": "https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/userinfo",
  "version": "3.0"
}
1.875095 JWKS: {
  "keys": [
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "468b1763-142a-43da-96e0-53f2b6e1a7ac",
      "kty": "RSA",
      "n": "AM_U2ExHALTmiq8KLBZC7pKylVyr-r6oZrnwaUxQEMxZ6W8D0j_ijYmtj33qFqLCZ7iiAXC5DFDe96UxqxzAAsXUrqEHkhp2KWOZeXiyi0d-94jhZRLdpv9f_imWH-61d_Wj51XkXBSwUIZiwMYjP9ZeMK0gU5fU4fONBCnrIG6y-fbNSFsTiM-QvWG-KMU88o26XQNK924678_sgpVLYoeuKcEtEdvpNCGamttMMhi2B_vzVxn_dIbpsAGf5GbxCfyKw1w4Y9-bYX7YbV0GW25tjnh2Setfoo0EjImMeSQpXO-FYZgI39tSSF2Gm1d1aFu7bBlGYT9W1HUG3rRgUxs",
      "use": "sig"
    }
  ]
}
1.880948 ------------ AuthorizationRequest ------------
1.881423 --> URL: https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/authorise?nonce=OMPCKmOo70Av&state=w4PPIpv5rhoYw8C0&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60441%2Fauthz_cb&response_type=id_token+token&client_id=403a008d-5a9b-46f3-873e-e683435a249b&scope=openid+profile
1.881433 --> BODY: None
2.293143 QUERY_STRING:
3.934246 <-- access_token=h3XSLl8uTHyn_pIRmbWp9A&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ2OGIxNzYzLTE0MmEtNDNkYS05NmUwLTUzZjJiNmUxYTdhYyJ9.eyJpc3MiOiJodHRwczovL2VjMi01NC0xNTMtMTY5LTE1MS5hcC1zb3V0aGVhc3QtMi5jb21wdXRlLmFtYXpvbmF3cy5jb20vb2F1dGgiLCJhdWQiOiI0MDNhMDA4ZC01YTliLTQ2ZjMtODczZS1lNjgzNDM1YTI0OWIiLCJleHAiOiIxNDU0MzczMDMxIiwiaWF0IjoiMTQ1NDM2OTQzMSIsImF1dGhfdGltZSI6IjE0NTQzNjkwNTciLCJub25jZSI6Ik9NUENLbU9vNzBBdiIsImF1dGhfbW9kZSI6InNpbXBsZSIsInN1YiI6IjRkMjVjYjQ3LWEwNjMtNDJjMS05ZmU0LWQxMDBmYjEwMDk4YyIsImF0X2hhc2giOiJCZXhOOVltQzVZUGVVbzJscG9QbWtnIn0.ZTzdxlTf75WFw0WAL8TofqQ8uu1PcTGOG27EBF3iqZjcapOIi7InO0sjVFLO1JqQ51-qyhtR8hISkrVMVrdRRVbUPU6GdlwMzp06f3RtHKQD9XWRHoHYi6QxeIVUkAuHL77W1PJmwVSocmCls-R_dAasru41g9wA9W2YdrqcUdKVXulsWjl8d8MH8_vRxhbfBf9Cr_qOmZ6dW7ISSZZE-D7_fV95JvnMwuYf5_1_NZsWzi1gMhNd_0JRJw17an3XyhHb4b9XT9TxC4kg_yWBdQR4jHS7aDJJayfimlELlScAFYmfxrhnpj348PenCtdHzPQs8YO7WWuEm6q9MnNYhg&state=w4PPIpv5rhoYw8C0
4.860627 AuthorizationResponse: {
  "access_token": "h3XSLl8uTHyn_pIRmbWp9A",
  "id_token": {
    "claims": {
      "at_hash": "BexN9YmC5YPeUo2lpoPmkg",
      "aud": [
        "403a008d-5a9b-46f3-873e-e683435a249b"
      ],
      "auth_mode": "simple",
      "auth_time": "1454369057",
      "exp": "1454373031",
      "iat": "1454369431",
      "iss": "https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth",
      "nonce": "OMPCKmOo70Av",
      "sub": "4d25cb47-a063-42c1-9fe4-d100fb10098c"
    },
    "jws header parameters": {
      "alg": "RS256",
      "kid": "468b1763-142a-43da-96e0-53f2b6e1a7ac",
      "typ": "JWT"
    }
  },
  "state": "w4PPIpv5rhoYw8C0"
}
4.861228 ------------ UserInfoRequest ------------
4.861516 --> URL: https://ec2-54-153-169-151.ap-southeast-2.compute.amazonaws.com/oauth/userinfo
4.861523 --> BODY: None
4.861533 --> HEADERS: {'Authorization': u'Bearer h3XSLl8uTHyn_pIRmbWp9A'}
5.799454 <-- STATUS: 200
5.799525 Available verification keys: [(u'468b1763-142a-43da-96e0-53f2b6e1a7ac', u'RSA')]
5.799562 Available decryption keys: [('a0', 'RSA'), ('a3', 'EC')]
5.799662 <-- BODY: {
  "sub" : "4d25cb47-a063-42c1-9fe4-d100fb10098c",
  "preferred_username" : "mhunter@deltawing.com.au",
  "given_name" : "Magaret",
  "updated_at" : 1453869753,
  "name" : "Magaret Hunter",
  "family_name" : "Hunter"
}
5.800695 UserInfo: {
  "family_name": "Hunter",
  "given_name": "Magaret",
  "name": "Magaret Hunter",
  "preferred_username": "mhunter@deltawing.com.au",
  "sub": "4d25cb47-a063-42c1-9fe4-d100fb10098c",
  "updated_at": 1453869753
}
5.806872 ==== END ====

Result

WARNING
Warnings:
The following claims were missing from the returned information: ['middle_name', 'nickname', 'profile', 'picture', 'website', 'gender', 'birthdate', 'zoneinfo', 'locale']