Test info

Profile: {'openid-configuration': 'config', 'response_type': 'code', 'crypto': 'none+sign', 'registration': 'static'}
Timestamp: 2017-05-26T13:56:43Z
Test description: Scope requesting email claims [Basic, Implicit, Hybrid]
Test ID: OP-scope-email
Issuer: https://is.biocryptology.net/

Test output


__AuthorizationRequest:pre__
[check-response-type]
	status: OK
	description: Checks that the asked for response type are among the supported
[check-endpoint]
	status: OK
	description: Checks that the necessary endpoint exists at a server
__After completing the test flow:__
[check-http-response]
	status: OK
	description: Checks that the HTTP response status is within the 200 or 300 range
[verify-response]
	status: OK
	description: Checks that the last response was one of a possible set of OpenID Connect Responses
[verify-scopes]
	status: OK
	description: Verifies that the claims corresponding to the requested scopes are returned
__X:==== END ====__

Trace output


0.000453 ------------ DiscoveryRequest ------------
0.000468 Provider info discover from 'https://is.biocryptology.net'
0.000476 --> URL: https://is.biocryptology.net/.well-known/openid-configuration
0.559772 ProviderConfigurationResponse: {
  "authorization_endpoint": "https://is.biocryptology.net/V1/auth",
  "check_session_iframe": "http://default.com",
  "claims_parameter_supported": false,
  "claims_supported": [
    "sub",
    "website",
    "zoneinfo",
    "email_verified",
    "birthdate",
    "address",
    "gender",
    "profile",
    "iss",
    "phone_number_verified",
    "given_name",
    "middle_name",
    "locale",
    "picture",
    "updated_at",
    "auth_time",
    "name",
    "nickname",
    "phone_number",
    "family_name",
    "prefered_username",
    "email"
  ],
  "end_session_endpoint": "https://is.biocryptology.net/V1/end",
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "id_token_signing_alg_values_supported": [
    "ES512",
    "ES384",
    "ES256",
    "RS512",
    "RS384",
    "RS256",
    "HS512",
    "HS384",
    "HS256"
  ],
  "issuer": "https://is.biocryptology.net/",
  "jwks_uri": "https://is.biocryptology.net/V1/jwks",
  "registration_endpoint": "http://default.com",
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP",
    "RSA1_5"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM",
    "A256CBC-HS512",
    "A256CBC-HS384",
    "A256CBC-HS256",
    "A256CBC",
    "A128GCM",
    "A128CBC-HS512",
    "A128CBC-HS384",
    "A128CBC-HS256",
    "A128CBC"
  ],
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "require_request_uri_registration": false,
  "response_modes_supported": [
    "fragment",
    "query",
    "form_post"
  ],
  "response_types_supported": [
    "code",
    "id_token",
    "id_token token",
    "code id_token",
    "code token",
    "code id_token token"
  ],
  "revocation_endpoint": "http://default.com",
  "scopes_supported": [
    "phone",
    "address",
    "openid",
    "email",
    "profile"
  ],
  "service_documentation": "http://default.com",
  "subject_types_supported": [
    "public"
  ],
  "token_endpoint": "https://is.biocryptology.net/V1/token",
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post"
  ],
  "userinfo_endpoint": "https://is.biocryptology.net/V1/userinfo",
  "version": "3.0"
}
1.104196 JWKS: {
  "keys": [
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "aDNT9W5MMFjpnQz5NYCbZw",
      "kty": "RSA",
      "n": "AIARwlnHKy97bV3CxBWXwxY84ZFLTnVZxna56aqabB1C6K_t04MCZJX1ucxsN1UooIo0go52qVbJNm_yLvyM61JD8UkGQE0EmIHE1Et-DPy3Z5pEgZONUHAet_uTjr7Blhjili_aXpMZ4BfJrbF8oW6jo4Ao83cLMyn3f_LJoqEp",
      "use": "sig"
    },
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "F--2fX97Rvwc0LghUHGSfg",
      "kty": "RSA",
      "n": "AJ0pyiUzlQqO-dyPPb_OD5YMOF_GPhut9eIItetBte0pLICZMaICu-Rm-zQkIEedlM3S3Kcg2yl8HvdJqXa9764_O3m3duQrA74Fe7U1-hynwBmtq8gLn8ae5qTbZ8nN03Y2MrW9Q24rGnkbUhwjhNs_o7dE5NlRmejRLtfzFpkB",
      "use": "sig"
    },
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "RUw8ctDE3-uf0dIKyMmcCQ",
      "kty": "RSA",
      "n": "AI_CmTELVBkX_FtbAod88lqaQ7U-JLXchkpboj2zCRm5dXcnBKqzVItVZjRzET2Vdy9uXfD87OCyUiMRnLD_vToYwzytKaLY8kmK4_qtTbQN4Z5g1YxLHPZjKuwPKL05K2RsGh3Q7Raww8h8-pA_vrS7qzz6Dz30BEh5b2rS40Ud",
      "use": "sig"
    }
  ]
}
1.108956 ------------ AuthorizationRequest ------------
1.110737 --> URL: https://is.biocryptology.net/V1/auth?scope=openid+email&state=jXSB2rPeoMobj8hI&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61018%2Fauthz_cb&response_type=code&client_id=swipe
1.110745 --> BODY: None
1.638409 <-- state=jXSB2rPeoMobj8hI&code=ReVqnXfehnaKLSxNT68f6g
1.638860 AuthorizationResponse: {
  "code": "ReVqnXfehnaKLSxNT68f6g",
  "state": "jXSB2rPeoMobj8hI"
}
1.639196 ------------ AccessTokenRequest ------------
1.641022 --> URL: https://is.biocryptology.net/V1/token
1.641033 --> BODY: code=ReVqnXfehnaKLSxNT68f6g&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61018%2Fauthz_cb&grant_type=authorization_code&state_hash=HPBe_3vJWKIk8w6zlsCVH9NT7zj7Nt4XRYlRiAJf4h4%3D
1.641045 --> HEADERS: {'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic c3dpcGU6c3dpcGU='}
2.251627 <-- STATUS: 200
2.251766 <-- BODY: {"access_token":"FdPeUzxV6PJnLmnscGM3tA","expires_in":3600,"refresh_token":"wWPWPh7sS4W1SFHQJR_rZQ","scope":"openid email","token_type":"Bearer","id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6ImFETlQ5VzVNTUZqcG5RejVOWUNiWncifQ.eyJhY3IiOiIwIiwiYXVkIjoic3dpcGUiLCJhdXRoX3RpbWUiOjE0OTU4MDcwMDIsImF6cCI6InN3aXBlIiwiYXRfaGFzaCI6IkM2Y2lPMDhCYmd1UHFNa2pGUDdEc3ciLCJjX2hhc2giOiJsMEtxRnZ5ck9tQ3dUMVo4ZzNXdUJnIiwiaWF0IjoxNDk1ODA3MDAyLCJleHAiOjE0OTU4MTA2MDIsImlzcyI6Imh0dHBzOi8vaXMuYmlvY3J5cHRvbG9neS5uZXQvIiwic3ViIjoiTVEifQ.AACA5i10XQuS9RRHAY2rmD1Oat7esnUWHdkzlVoE5rcPmEw53OIagRs8oQPX21UW-Bcr2dX6ML4ZfJKHfBsgRp4k0jT_z_33HE1FEPFmioEIOiQU8iEunURLlP5jfwqskobfj8P5Gi9Suu_4bVOc0ZeDbCgpsoy5dGiI26nrJEE"}
2.831630 AccessTokenResponse: {
  "access_token": "FdPeUzxV6PJnLmnscGM3tA",
  "expires_in": 3600,
  "id_token": {
    "claims": {
      "acr": "0",
      "at_hash": "C6ciO08BbguPqMkjFP7Dsw",
      "aud": [
        "swipe"
      ],
      "auth_time": 1495807002,
      "azp": "swipe",
      "c_hash": "l0KqFvyrOmCwT1Z8g3WuBg",
      "exp": 1495810602,
      "iat": 1495807002,
      "iss": "https://is.biocryptology.net/",
      "sub": "MQ"
    },
    "jws header parameters": {
      "alg": "RS256",
      "kid": "aDNT9W5MMFjpnQz5NYCbZw"
    }
  },
  "refresh_token": "wWPWPh7sS4W1SFHQJR_rZQ",
  "scope": "openid email",
  "token_type": "Bearer"
}
2.836675 ------------ UserInfoRequest ------------
2.836984 --> URL: https://is.biocryptology.net/V1/userinfo
2.836990 --> BODY: None
2.836999 --> HEADERS: {'Authorization': u'Bearer FdPeUzxV6PJnLmnscGM3tA'}
3.497422 <-- STATUS: 200
3.497504 Available verification keys: [(u'aDNT9W5MMFjpnQz5NYCbZw', u'RSA'), (u'F--2fX97Rvwc0LghUHGSfg', u'RSA'), (u'RUw8ctDE3-uf0dIKyMmcCQ', u'RSA')]
3.497542 Available decryption keys: [('a0', 'RSA'), ('a3', 'EC')]
3.497648 <-- BODY: {"email":"hanscan@hanscan.com","sub":"MQ","email_verified":true}
3.498457 UserInfo: {
  "email": "hanscan@hanscan.com",
  "email_verified": true,
  "sub": "MQ"
}
3.503422 ==== END ====

Result

PASSED