Test info
Profile: {'openid-configuration': 'config', 'response_type': 'code+token', 'crypto': 'none+sign', 'registration': 'static'}
Timestamp: 2017-05-30T12:37:29Z
Test description: Trying to use authorization code twice should result in revoking previously issued access tokens [Basic, Hybrid]
Test ID: OP-OAuth-2nd-Revokes
Issuer: https://is.biocryptology.net/
Test output
__AuthorizationRequest:pre__
[check-response-type]
status: OK
description: Checks that the asked for response type are among the supported
[check-endpoint]
status: OK
description: Checks that the necessary endpoint exists at a server
__After completing the test flow:__
[verify-response]
status: OK
description: Checks that the last response was one of a possible set of OpenID Connect Responses
__X:==== END ====__
Trace output
0.000299 ------------ DiscoveryRequest ------------
0.000313 Provider info discover from 'https://is.biocryptology.net'
0.000319 --> URL: https://is.biocryptology.net/.well-known/openid-configuration
0.571380 ProviderConfigurationResponse: {
"authorization_endpoint": "https://is.biocryptology.net/V1/auth",
"check_session_iframe": "http://default.com",
"claims_parameter_supported": false,
"claims_supported": [
"sub",
"website",
"zoneinfo",
"email_verified",
"birthdate",
"address",
"gender",
"profile",
"iss",
"phone_number_verified",
"given_name",
"middle_name",
"locale",
"picture",
"updated_at",
"auth_time",
"name",
"nickname",
"phone_number",
"family_name",
"prefered_username",
"email"
],
"end_session_endpoint": "https://is.biocryptology.net/V1/end",
"grant_types_supported": [
"authorization_code",
"implicit"
],
"id_token_signing_alg_values_supported": [
"ES512",
"ES384",
"ES256",
"RS512",
"RS384",
"RS256",
"HS512",
"HS384",
"HS256"
],
"issuer": "https://is.biocryptology.net/",
"jwks_uri": "https://is.biocryptology.net/V1/jwks",
"registration_endpoint": "http://default.com",
"request_object_encryption_alg_values_supported": [
"RSA-OAEP",
"RSA1_5"
],
"request_object_encryption_enc_values_supported": [
"A256GCM",
"A256CBC-HS512",
"A256CBC-HS384",
"A256CBC-HS256",
"A256CBC",
"A128GCM",
"A128CBC-HS512",
"A128CBC-HS384",
"A128CBC-HS256",
"A128CBC"
],
"request_parameter_supported": true,
"request_uri_parameter_supported": false,
"require_request_uri_registration": false,
"response_modes_supported": [
"fragment",
"query",
"form_post"
],
"response_types_supported": [
"code",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"revocation_endpoint": "http://default.com",
"scopes_supported": [
"email",
"profile",
"phone",
"openid",
"address"
],
"service_documentation": "http://default.com",
"subject_types_supported": [
"public"
],
"token_endpoint": "https://is.biocryptology.net/V1/token",
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"userinfo_endpoint": "https://is.biocryptology.net/V1/userinfo",
"version": "3.0"
}
1.176567 JWKS: {
"keys": [
{
"alg": "RS256",
"e": "AQAB",
"kid": "MNW3_u22nAteMK20TYs1Cw",
"kty": "RSA",
"n": "AI_uKVNJfjEOoKUePXV46VX3dTuL0LrWKmEGbxCJSu6N9PXgeTA3gsM5DVrN9csD6mGcb_Oi1jbEc8duis6JLRXYGT-_ZsVZi2M2Yx1FInuukIP9ZgOdNfPA1ANvkKyoG4QNUzG5cgxDmeP-UikzjGYObzWEFHb9CT_l-yBTgPt_",
"use": "sig"
},
{
"alg": "RS256",
"e": "AQAB",
"kid": "auG8aS4okJqDRIY2eLD9fA",
"kty": "RSA",
"n": "AMRaFFJr_TQ1-XB5JzZ0iF1d2wEeAuxe4ZjjVgbDYwvbyfidZnpfn-lUbzxxVVJj6ItQTNVz3tsGaBM4rwqFH_qDlap84wLv1vjLONLEZDa2xIXiTlA0fvyPuIJcEE1cm9OY36jPhueoA40MRMdXiOU5gfr5wlJtUCLICexV5i-X",
"use": "sig"
},
{
"alg": "RS256",
"e": "AQAB",
"kid": "r61PR-erDJljxqEv01Sm0g",
"kty": "RSA",
"n": "AJVG_Q0e2y6QQAfXowHQBNrZ2bKSbJ094oqTXJgqClG8jHkE1GMnuHORqap5PvCnbO47Mhm18aTTsdrodJC4SVLSCQtVnIhRzV8OHYfkZgHV16tUNcsBPMF-sYnfD7J9UtC7eify6dZPMqM0Bf2EK09fdvJpCmD7pxY5TDVo3inb",
"use": "sig"
}
]
}
1.186175 ------------ AuthorizationRequest ------------
1.188928 --> URL: https://is.biocryptology.net/V1/auth?nonce=c2WSIN7fHb58&state=9hhXFwwC1gDR6YSj&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61022%2Fauthz_cb&response_type=code+token&client_id=swipe&scope=openid
1.188944 --> BODY: None
1.606379 QUERY_STRING:
2.476432 <-- state=9hhXFwwC1gDR6YSj&access_token=pbwCUhJPSa66Wpt69LGslA&token_type=Bearer&expires_in=3600&code=tLJDZrH1C0yUROI--3K3zg
2.476941 AuthorizationResponse: {
"access_token": "pbwCUhJPSa66Wpt69LGslA",
"code": "tLJDZrH1C0yUROI--3K3zg",
"expires_in": 3600,
"state": "9hhXFwwC1gDR6YSj",
"token_type": "Bearer"
}
2.477339 ------------ AccessTokenRequest ------------
2.479282 --> URL: https://is.biocryptology.net/V1/token
2.479296 --> BODY: code=tLJDZrH1C0yUROI--3K3zg&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61022%2Fauthz_cb&grant_type=authorization_code&state_hash=XFP--TwVDYye2ArmNCUbE_pfJ3_Vdecmm6v39wijiSs%3D
2.479310 --> HEADERS: {'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic c3dpcGU6c3dpcGU='}
3.062533 <-- STATUS: 200
3.062673 <-- BODY: {"access_token":"pbwCUhJPSa66Wpt69LGslA","expires_in":3600,"refresh_token":"UC10NKcqDVhwJLhQztDFGA","scope":"openid","token_type":"Bearer","id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1OVzNfdTIybkF0ZU1LMjBUWXMxQ3cifQ.eyJhY3IiOiIwIiwiYXVkIjoic3dpcGUiLCJhdXRoX3RpbWUiOjE0OTYxNDc4NTQsImF6cCI6InN3aXBlIiwiYXRfaGFzaCI6Ik5WVUNFeWNnZkN6WVhtNmRHVW5pVEEiLCJjX2hhc2giOiJXSzBFZFl2Q2JwZHJfd1lLYmJkZlZBIiwiaWF0IjoxNDk2MTQ3ODU0LCJleHAiOjE0OTYxNTE0NTQsImlzcyI6Imh0dHBzOi8vaXMuYmlvY3J5cHRvbG9neS5uZXQvIiwibm9uY2UiOiJjMldTSU43ZkhiNTgiLCJzdWIiOiJNUSJ9.f5knp2hjqSp9WOP9NHlmvrypRlb2ciDICyBqLS9Nq2dAH-ckgAWIUaDjgWK9ywxB7WceJ9lUzPEAJHL1F77b95757IOk3rDlExceasYxuRWSlgX5nPEwYFlpU6I4zKgXyHJG1NCUOFRSFTEzownwx1solkzYbLnWiTuH1hkIQnQ"}
3.606927 AccessTokenResponse: {
"access_token": "pbwCUhJPSa66Wpt69LGslA",
"expires_in": 3600,
"id_token": {
"claims": {
"acr": "0",
"at_hash": "NVUCEycgfCzYXm6dGUniTA",
"aud": [
"swipe"
],
"auth_time": 1496147854,
"azp": "swipe",
"c_hash": "WK0EdYvCbpdr_wYKbbdfVA",
"exp": 1496151454,
"iat": 1496147854,
"iss": "https://is.biocryptology.net/",
"nonce": "c2WSIN7fHb58",
"sub": "MQ"
},
"jws header parameters": {
"alg": "RS256",
"kid": "MNW3_u22nAteMK20TYs1Cw"
}
},
"refresh_token": "UC10NKcqDVhwJLhQztDFGA",
"scope": "openid",
"token_type": "Bearer"
}
3.617117 ------------ AccessTokenRequest ------------
3.618954 --> URL: https://is.biocryptology.net/V1/token
3.618965 --> BODY: code=tLJDZrH1C0yUROI--3K3zg&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61022%2Fauthz_cb&grant_type=authorization_code&state_hash=XFP--TwVDYye2ArmNCUbE_pfJ3_Vdecmm6v39wijiSs%3D
3.618977 --> HEADERS: {'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic c3dpcGU6c3dpcGU='}
4.255103 <-- STATUS: 400
4.255299 ErrorResponse: {
"error": "access_denied",
"error_description": "Code is invalid",
"error_uri": null
}
4.265475 ------------ UserInfoRequest ------------
4.265790 --> URL: https://is.biocryptology.net/V1/userinfo
4.265797 --> BODY: None
4.265806 --> HEADERS: {'Authorization': u'Bearer pbwCUhJPSa66Wpt69LGslA'}
4.853563 <-- STATUS: 400
4.853772 ErrorResponse: {
"error": "access_denied",
"error_description": "unable to retrieve id token",
"error_uri": null
}
4.863693 ==== END ====
Result
PASSED