Test info

Profile: {'openid-configuration': 'no-config', 'response_type': 'code', 'crypto': 'none', 'registration': 'static'}
Timestamp: 2016-01-26T05:00:14Z
Test description: Scope requesting email claims [Basic, Implicit, Hybrid]
Test ID: OP-scope-email
Issuer: http://dualstack.3a-test-1256922533.ap-northeast-1.elb.amazonaws.com:8081/

Test output


__AuthorizationRequest:pre__
[check-response-type]
	status: OK
	description: Checks that the asked for response type are among the supported
[check-endpoint]
	status: OK
	description: Checks that the necessary endpoint exists at a server
__After completing the test flow:__
[check-http-response]
	status: OK
	description: Checks that the HTTP response status is within the 200 or 300 range
[verify-response]
	status: OK
	description: Checks that the last response was one of a possible set of OpenID Connect Responses
[verify-scopes]
	status: OK
	description: Verifies that the claims corresponding to the requested scopes are returned
__X:==== END ====__

Trace output


0.000336 'scopes_supported' not defined in provider configuration
0.000488 ------------ AuthorizationRequest ------------
0.000865 --> URL: http://dualstack.3a-test-1256922533.ap-northeast-1.elb.amazonaws.com:8081/oc_v/AuthorizationEndpoint?scope=openid+email&state=wOfD0OGbQ5HImHqH&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60347%2Fauthz_cb&response_type=code&client_id=CLIANT9999
0.000870 --> BODY: None
33.942218 <-- state=wOfD0OGbQ5HImHqH&code=v76bkehoarYvnMNm
33.942669 AuthorizationResponse: {
  "code": "v76bkehoarYvnMNm",
  "state": "wOfD0OGbQ5HImHqH"
}
33.943167 ------------ AccessTokenRequest ------------
33.943657 --> URL: http://dualstack.3a-test-1256922533.ap-northeast-1.elb.amazonaws.com:8081/oc_v/AuthorizationCode/
33.943664 --> BODY: code=v76bkehoarYvnMNm&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60347%2Fauthz_cb
33.943678 --> HEADERS: {'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': u'Basic Q0xJQU5UOTk5OTpjbGlhbnRfOTk5OQ=='}
34.438727 <-- STATUS: 200
34.438778 <-- BODY: {"scope":"email","expires_in":3599,"token_type":"Bearer","id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJleHAiOjE0NTM3ODgwMTMsImF6cCI6IkNMSUFOVDk5OTkiLCJzdWIiOiJzZWlub3UxMjg0NiIsImF1ZCI6IkNMSUFOVDk5OTkiLCJpc3MiOiJodHRwczpcL1wvZHVhbHN0YWNrLjNhLXRlc3QtMTI1NjkyMjUzMy5hcC1ub3J0aGVhc3QtMS5lbGIuYW1hem9uYXdzLmNvbTo4MDgxXC8iLCJpYXQiOjE0NTM3ODQ0MTN9.","access_token":"3tdOMcnQBqbDOe1h6xqJmWr8bTGzOxoa"}
34.440403 AccessTokenResponse: {
  "access_token": "3tdOMcnQBqbDOe1h6xqJmWr8bTGzOxoa",
  "expires_in": 3599,
  "id_token": {
    "claims": {
      "aud": [
        "CLIANT9999"
      ],
      "azp": "CLIANT9999",
      "exp": 1453788013,
      "iat": 1453784413,
      "iss": "https://dualstack.3a-test-1256922533.ap-northeast-1.elb.amazonaws.com:8081/",
      "sub": "seinou12846"
    },
    "jws header parameters": {
      "alg": "none",
      "typ": "JWT"
    }
  },
  "scope": "email",
  "token_type": "Bearer"
}
34.450207 ------------ UserInfoRequest ------------
34.450500 --> URL: http://dualstack.3a-test-1256922533.ap-northeast-1.elb.amazonaws.com:8081/oc_v/UserInfoEndpoint/
34.450506 --> BODY: None
34.450516 --> HEADERS: {'Authorization': u'Bearer 3tdOMcnQBqbDOe1h6xqJmWr8bTGzOxoa'}
35.048714 <-- STATUS: 200
35.459969 Available verification keys: [(u'2011-04-29', u'RSA')]
35.460016 Available decryption keys: [('a0', 'RSA'), ('a3', 'EC')]
35.460039 <-- BODY: {"sub":"seinou12846","email":"taro@nex.co.jp","email_verified":"taro@nex.co.jp","iss":"https:\/\/dualstack.3a-test-1256922533.ap-northeast-1.elb.amazonaws.com:8081\/","aud":"CLIANT9999"}
35.460952 UserInfo: {
  "aud": "CLIANT9999",
  "email": "taro@nex.co.jp",
  "email_verified": "taro@nex.co.jp",
  "iss": "https://dualstack.3a-test-1256922533.ap-northeast-1.elb.amazonaws.com:8081/",
  "sub": "seinou12846"
}
35.470705 ==== END ====

Result

PASSED