Test Info

Test descriptionRequesting ID Token with max_age=1 seconds restriction
Profile[]
Timestamp2018-05-17T15:39:07Z
Issuerhttps://reference.mobileconnect.io/mobileconnect
Test IDOP-Req-max_age=1

Conditions


verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
multiple-sign-on: status=OK [Verifies that multiple authentications was used in the flow]
claims-check: status=OK [Checks if specific claims is present or not]
auth_time-check: status=OK [Check that the auth_time returned in the ID Token is in the expected range.]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Webfinger -->-->
0.0not expected to doWebFinger
0.0phase<--<-- 1 --- Discovery -->-->
0.0provider_config
kwargs:{'issuer': 'https://reference.mobileconnect.io/mobileconnect'}
0.355http response
url:https://reference.mobileconnect.io/mobileconnect/.well-known/openid-configuration status_code:200
0.357ProviderConfigurationResponse
{
    "acr_values_supported": [
        "2",
        "3"
    ],
    "authorization_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/auth",
    "check_session_iframe": "https://reference.mobileconnect.io/mobileconnect/opframe.php",
    "claim_types_supported": [
        "normal"
    ],
    "claims_locales_supported": [
        "en-US"
    ],
    "claims_parameter_supported": true,
    "claims_supported": [
        "name",
        "given_name",
        "family_name",
        "middle_name",
        "nickname",
        "preferred_username",
        "profile",
        "picture",
        "website",
        "email",
        "email_verified",
        "gender",
        "birthdate",
        "zoneinfo",
        "locale",
        "phone_number",
        "phone_number_verified",
        "address",
        "updated_at"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "end_session_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/endsession",
    "grant_types_supported": [
        "authorization_code"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC-HS256",
        "A256CBC-HS512",
        "A128GCM",
        "A256GCM"
    ],
    "id_token_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512"
    ],
    "issuer": "https://reference.mobileconnect.io/mobileconnect",
    "jwks_uri": "https://reference.mobileconnect.io/mobileconnect/op.jwk",
    "login_hint_methods_supported": [
        "MSISDN",
        "ENCR_MSISDN",
        "PCR"
    ],
    "mc_atp_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/atp",
    "mobile_connect_version_supported": [
        {
            "openid": "mc_v1.1"
        },
        {
            "openid mc_authn": "mc_v1.2"
        },
        {
            "openid mc_authz": "mc_v1.2"
        },
        {
            "openid mc_identity_phonenumber": "mc_v1.2"
        },
        {
            "openid mc_identity_signup": "mc_v1.2"
        },
        {
            "openid mc_identity_nationalid": "mc_v1.2"
        },
        {
            "openid mc_atp": "mc_v1.2"
        }
    ],
    "op_policy_uri": "https://reference.mobileconnect.io/mobileconnect/index.php/op_policy",
    "op_tos_uri": "https://reference.mobileconnect.io/mobileconnect/index.php/op_tos",
    "premiuminfo_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/premiuminfo",
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC-HS256",
        "A256CBC-HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512"
    ],
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "response_types_supported": [
        "code",
        "code token",
        "code id_token",
        "token",
        "token id_token",
        "code token id_token",
        "id_token"
    ],
    "scopes_supported": [
        "openid",
        "mc_authn",
        "mc_authz",
        "profile",
        "email",
        "address",
        "phone",
        "mc_identity_phonenumber",
        "mc_identity_signup",
        "mc_identity_nationalid",
        "mc_atp"
    ],
    "service_documentation": "https://reference.mobileconnect.io/mobileconnect/index.php/servicedocs",
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "token_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/token",
    "token_endpoint_auth_methods_supported": [
        "client_secret_post",
        "client_secret_basic",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512"
    ],
    "ui_locales_supported": [
        "en-US"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP"
    ],
    "userinfo_encryption_enc_values_supported": [
        "A128CBC-HS256",
        "A256CBC-HS512",
        "A128GCM",
        "A256GCM"
    ],
    "userinfo_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/userinfo",
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512"
    ],
    "version": "3.0"
}
0.357phase<--<-- 2 --- Registration -->-->
0.357not expected to doDynamic registration
0.357phase<--<-- 3 --- AsyncAuthn -->-->
0.357AuthorizationRequest
{
    "client_id": "7cf82bd4-71c3-47df-9c49-70fae9c9b142",
    "nonce": "Hgb06JFGakI8jUZY",
    "redirect_uri": "https://op.certification.openid.net:61286/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "97RJd6LZjCVszlsv"
}
0.358redirect urlhttps://reference.mobileconnect.io/mobileconnect/index.php/auth?response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61286%2Fauthz_cb&scope=openid&nonce=Hgb06JFGakI8jUZY&client_id=7cf82bd4-71c3-47df-9c49-70fae9c9b142&state=97RJd6LZjCVszlsv
0.358redirecthttps://reference.mobileconnect.io/mobileconnect/index.php/auth?response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61286%2Fauthz_cb&scope=openid&nonce=Hgb06JFGakI8jUZY&client_id=7cf82bd4-71c3-47df-9c49-70fae9c9b142&state=97RJd6LZjCVszlsv
0.53response{'code': 'Dqtw4bxfCWszUlifJqWPSMsJqzlK114JeNvdY8QM7hY', 'state': '97RJd6LZjCVszlsv'}
0.531response{'code': 'Dqtw4bxfCWszUlifJqWPSMsJqzlK114JeNvdY8QM7hY', 'state': '97RJd6LZjCVszlsv'}
0.531AuthorizationResponse
{
    "code": "Dqtw4bxfCWszUlifJqWPSMsJqzlK114JeNvdY8QM7hY",
    "state": "97RJd6LZjCVszlsv"
}
0.531phase<--<-- 4 --- AccessToken -->-->
0.531requestop_args: {'state': '97RJd6LZjCVszlsv'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:61286/authz_cb'}
0.531do_access_token_request
kwargs:{'request_args': {'grant_type': 'authorization_code', 'client_id': '7cf82bd4-71c3-47df-9c49-70fae9c9b142', 'code': 'Dqtw4bxfCWszUlifJqWPSMsJqzlK114JeNvdY8QM7hY', 'redirect_uri': 'https://op.certification.openid.net:61286/authz_cb', 'state': '97RJd6LZjCVszlsv'}, 'state': '97RJd6LZjCVszlsv'}
0.531AccessTokenRequest
{
    "code": "Dqtw4bxfCWszUlifJqWPSMsJqzlK114JeNvdY8QM7hY",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:61286/authz_cb",
    "state": "97RJd6LZjCVszlsv"
}
0.531request_urlhttps://reference.mobileconnect.io/mobileconnect/index.php/token
0.531request_http_args{'headers': {'Authorization': 'Basic N2NmODJiZDQtNzFjMy00N2RmLTljNDktNzBmYWU5YzliMTQyOmNhNmE5ZDVjLTg5OTctNDZmOC05NjQwLTdiNTE5MWQyNGVkZQ==', 'Content-Type': 'application/x-www-form-urlencoded'}}
0.531requestgrant_type=authorization_code&code=Dqtw4bxfCWszUlifJqWPSMsJqzlK114JeNvdY8QM7hY&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61286%2Fauthz_cb&state=97RJd6LZjCVszlsv
0.932http response
url:https://reference.mobileconnect.io/mobileconnect/index.php/token status_code:200
0.933response{'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IlBIUE9QLTAwIn0.eyJpc3MiOiJodHRwczpcL1wvcmVmZXJlbmNlLm1vYmlsZWNvbm5lY3QuaW9cL21vYmlsZWNvbm5lY3QiLCJzdWIiOiJGM0VFRDU1RC01RTZELTQ4MjktODhBNi1BMzY1MzI1QThBNUMiLCJhdWQiOlsiN2NmODJiZDQtNzFjMy00N2RmLTljNDktNzBmYWU5YzliMTQyIl0sImV4cCI6MTUyNjU3MTgzNiwiaWF0IjoxNTI2NTcxNTM2LCJub25jZSI6IkhnYjA2SkZHYWtJOGpVWlkiLCJhdF9oYXNoIjoiRlNfNTF0WlcxcnVJU1pJWFMwanJMZyIsImF1dGhfdGltZSI6MTUyNjU3MTQyOCwiYWNyIjoiMiIsImF6cCI6IjdjZjgyYmQ0LTcxYzMtNDdkZi05YzQ5LTcwZmFlOWM5YjE0MiIsImhhc2hlZF9sb2dpbl9oaW50IjoiZTNiMGM0NDI5OGZjMWMxNDlhZmJmNGM4OTk2ZmI5MjQyN2FlNDFlNDY0OWI5MzRjYTQ5NTk5MWI3ODUyYjg1NSJ9.Z5d4u2X98f3YxXhsw73C9Cn5--wx2LRUGZQ5aLoxV6nP___UgUzPwdH6Z8XLCdybVbUaMYUU63Zq4fNCjaHKeSgh38q83aK0gxSo6vP6aDbPGKv64KGLn13BUXZv3b2SJdrhT5zHyZQw_rfL-vQvPlAHDaQ6_xsZbS6VJXV4-GE', 'token_type': 'Bearer', 'expires_in': 3600, 'access_token': 'Kof7qtt7c3QM84tg2oszLJLAmePYJKv3ydMOAzDhcYQ'}
1.291AccessTokenResponse
{
    "access_token": "Kof7qtt7c3QM84tg2oszLJLAmePYJKv3ydMOAzDhcYQ",
    "expires_in": 3600,
    "id_token": {
        "acr": "2",
        "at_hash": "FS_51tZW1ruISZIXS0jrLg",
        "aud": [
            "7cf82bd4-71c3-47df-9c49-70fae9c9b142"
        ],
        "auth_time": 1526571428,
        "azp": "7cf82bd4-71c3-47df-9c49-70fae9c9b142",
        "exp": 1526571836,
        "hashed_login_hint": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
        "iat": 1526571536,
        "iss": "https://reference.mobileconnect.io/mobileconnect",
        "nonce": "Hgb06JFGakI8jUZY",
        "sub": "F3EED55D-5E6D-4829-88A6-A365325A8A5C"
    },
    "token_type": "Bearer"
}
1.291phase<--<-- 5 --- Note -->-->
2.726phase<--<-- 6 --- Webfinger -->-->
2.726not expected to doWebFinger
2.726phase<--<-- 7 --- Discovery -->-->
2.726provider_config
kwargs:{'issuer': 'https://reference.mobileconnect.io/mobileconnect'}
3.08http response
url:https://reference.mobileconnect.io/mobileconnect/.well-known/openid-configuration status_code:200
3.082ProviderConfigurationResponse
{
    "acr_values_supported": [
        "2",
        "3"
    ],
    "authorization_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/auth",
    "check_session_iframe": "https://reference.mobileconnect.io/mobileconnect/opframe.php",
    "claim_types_supported": [
        "normal"
    ],
    "claims_locales_supported": [
        "en-US"
    ],
    "claims_parameter_supported": true,
    "claims_supported": [
        "name",
        "given_name",
        "family_name",
        "middle_name",
        "nickname",
        "preferred_username",
        "profile",
        "picture",
        "website",
        "email",
        "email_verified",
        "gender",
        "birthdate",
        "zoneinfo",
        "locale",
        "phone_number",
        "phone_number_verified",
        "address",
        "updated_at"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "end_session_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/endsession",
    "grant_types_supported": [
        "authorization_code"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC-HS256",
        "A256CBC-HS512",
        "A128GCM",
        "A256GCM"
    ],
    "id_token_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512"
    ],
    "issuer": "https://reference.mobileconnect.io/mobileconnect",
    "jwks_uri": "https://reference.mobileconnect.io/mobileconnect/op.jwk",
    "login_hint_methods_supported": [
        "MSISDN",
        "ENCR_MSISDN",
        "PCR"
    ],
    "mc_atp_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/atp",
    "mobile_connect_version_supported": [
        {
            "openid": "mc_v1.1"
        },
        {
            "openid mc_authn": "mc_v1.2"
        },
        {
            "openid mc_authz": "mc_v1.2"
        },
        {
            "openid mc_identity_phonenumber": "mc_v1.2"
        },
        {
            "openid mc_identity_signup": "mc_v1.2"
        },
        {
            "openid mc_identity_nationalid": "mc_v1.2"
        },
        {
            "openid mc_atp": "mc_v1.2"
        }
    ],
    "op_policy_uri": "https://reference.mobileconnect.io/mobileconnect/index.php/op_policy",
    "op_tos_uri": "https://reference.mobileconnect.io/mobileconnect/index.php/op_tos",
    "premiuminfo_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/premiuminfo",
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC-HS256",
        "A256CBC-HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512"
    ],
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "response_types_supported": [
        "code",
        "code token",
        "code id_token",
        "token",
        "token id_token",
        "code token id_token",
        "id_token"
    ],
    "scopes_supported": [
        "openid",
        "mc_authn",
        "mc_authz",
        "profile",
        "email",
        "address",
        "phone",
        "mc_identity_phonenumber",
        "mc_identity_signup",
        "mc_identity_nationalid",
        "mc_atp"
    ],
    "service_documentation": "https://reference.mobileconnect.io/mobileconnect/index.php/servicedocs",
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "token_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/token",
    "token_endpoint_auth_methods_supported": [
        "client_secret_post",
        "client_secret_basic",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512"
    ],
    "ui_locales_supported": [
        "en-US"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP"
    ],
    "userinfo_encryption_enc_values_supported": [
        "A128CBC-HS256",
        "A256CBC-HS512",
        "A128GCM",
        "A256GCM"
    ],
    "userinfo_endpoint": "https://reference.mobileconnect.io/mobileconnect/index.php/userinfo",
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512"
    ],
    "version": "3.0"
}
3.082phase<--<-- 8 --- Registration -->-->
3.082not expected to doDynamic registration
3.082phase<--<-- 9 --- AsyncAuthn -->-->
3.083AuthorizationRequest
{
    "client_id": "7cf82bd4-71c3-47df-9c49-70fae9c9b142",
    "max_age": 1,
    "nonce": "mSjbyds4Qa1TW0AK",
    "redirect_uri": "https://op.certification.openid.net:61286/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "6D8LflvvHu4KCY5M"
}
3.083redirect urlhttps://reference.mobileconnect.io/mobileconnect/index.php/auth?max_age=1&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61286%2Fauthz_cb&scope=openid&nonce=mSjbyds4Qa1TW0AK&client_id=7cf82bd4-71c3-47df-9c49-70fae9c9b142&state=6D8LflvvHu4KCY5M
3.083redirecthttps://reference.mobileconnect.io/mobileconnect/index.php/auth?max_age=1&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61286%2Fauthz_cb&scope=openid&nonce=mSjbyds4Qa1TW0AK&client_id=7cf82bd4-71c3-47df-9c49-70fae9c9b142&state=6D8LflvvHu4KCY5M
11.763response{'code': 'IP9X4HEtARajxtJJk8F9TYRnVFre6QDY_DjjD4HibPM', 'state': '6D8LflvvHu4KCY5M'}
11.763response{'code': 'IP9X4HEtARajxtJJk8F9TYRnVFre6QDY_DjjD4HibPM', 'state': '6D8LflvvHu4KCY5M'}
11.763AuthorizationResponse
{
    "code": "IP9X4HEtARajxtJJk8F9TYRnVFre6QDY_DjjD4HibPM",
    "state": "6D8LflvvHu4KCY5M"
}
11.764phase<--<-- 10 --- AccessToken -->-->
11.764requestop_args: {'state': '6D8LflvvHu4KCY5M'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:61286/authz_cb'}
11.764do_access_token_request
kwargs:{'request_args': {'grant_type': 'authorization_code', 'client_id': '7cf82bd4-71c3-47df-9c49-70fae9c9b142', 'code': 'IP9X4HEtARajxtJJk8F9TYRnVFre6QDY_DjjD4HibPM', 'redirect_uri': 'https://op.certification.openid.net:61286/authz_cb', 'state': '6D8LflvvHu4KCY5M'}, 'state': '6D8LflvvHu4KCY5M'}
11.764AccessTokenRequest
{
    "code": "IP9X4HEtARajxtJJk8F9TYRnVFre6QDY_DjjD4HibPM",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:61286/authz_cb",
    "state": "6D8LflvvHu4KCY5M"
}
11.764request_urlhttps://reference.mobileconnect.io/mobileconnect/index.php/token
11.764request_http_args{'headers': {'Authorization': 'Basic N2NmODJiZDQtNzFjMy00N2RmLTljNDktNzBmYWU5YzliMTQyOmNhNmE5ZDVjLTg5OTctNDZmOC05NjQwLTdiNTE5MWQyNGVkZQ==', 'Content-Type': 'application/x-www-form-urlencoded'}}
11.764requestgrant_type=authorization_code&code=IP9X4HEtARajxtJJk8F9TYRnVFre6QDY_DjjD4HibPM&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61286%2Fauthz_cb&state=6D8LflvvHu4KCY5M
12.176http response
url:https://reference.mobileconnect.io/mobileconnect/index.php/token status_code:200
12.177response{'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IlBIUE9QLTAwIn0.eyJpc3MiOiJodHRwczpcL1wvcmVmZXJlbmNlLm1vYmlsZWNvbm5lY3QuaW9cL21vYmlsZWNvbm5lY3QiLCJzdWIiOiJGM0VFRDU1RC01RTZELTQ4MjktODhBNi1BMzY1MzI1QThBNUMiLCJhdWQiOlsiN2NmODJiZDQtNzFjMy00N2RmLTljNDktNzBmYWU5YzliMTQyIl0sImV4cCI6MTUyNjU3MTg0NywiaWF0IjoxNTI2NTcxNTQ3LCJub25jZSI6Im1TamJ5ZHM0UWExVFcwQUsiLCJhdF9oYXNoIjoiR1BOcTkwNUl5aElxWVhvLUV4WE9fQSIsImF1dGhfdGltZSI6MTUyNjU3MTU0NCwiYWNyIjoiMiIsImFtciI6WyJPSyJdLCJhenAiOiI3Y2Y4MmJkNC03MWMzLTQ3ZGYtOWM0OS03MGZhZTljOWIxNDIiLCJoYXNoZWRfbG9naW5faGludCI6ImUzYjBjNDQyOThmYzFjMTQ5YWZiZjRjODk5NmZiOTI0MjdhZTQxZTQ2NDliOTM0Y2E0OTU5OTFiNzg1MmI4NTUifQ.GbfaMvTVByCOsstPbJW7YqwkLUu2c6M1qn0WyQhHu1nUYm1VCjTevCtPNCOLFeBJ9u8MFqaNCZNkQfIzR2-5wcOTw1UpdH0ugViFWaCmPkF2GGYBFWgUuSWJScQLkhkkiPFNJfuswuXv5Jqq3A73mmTBwfXyGEM2KNUSPMLfLVU', 'token_type': 'Bearer', 'expires_in': 3600, 'access_token': 'siQpfefmwM1lBrnvIHrWCprM0Ya_RiK25XmASd2CAXI'}
12.179AccessTokenResponse
{
    "access_token": "siQpfefmwM1lBrnvIHrWCprM0Ya_RiK25XmASd2CAXI",
    "expires_in": 3600,
    "id_token": {
        "acr": "2",
        "amr": [
            "OK"
        ],
        "at_hash": "GPNq905IyhIqYXo-ExXO_A",
        "aud": [
            "7cf82bd4-71c3-47df-9c49-70fae9c9b142"
        ],
        "auth_time": 1526571544,
        "azp": "7cf82bd4-71c3-47df-9c49-70fae9c9b142",
        "exp": 1526571847,
        "hashed_login_hint": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
        "iat": 1526571547,
        "iss": "https://reference.mobileconnect.io/mobileconnect",
        "nonce": "mSjbyds4Qa1TW0AK",
        "sub": "F3EED55D-5E6D-4829-88A6-A365325A8A5C"
    },
    "token_type": "Bearer"
}
12.18phase<--<-- 11 --- Done -->-->
12.18end
12.18assertionVerifyResponse
12.18conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
12.18assertionMultipleSignOn
12.181conditionmultiple-sign-on: status=OK [Verifies that multiple authentications was used in the flow]
12.181assertionClaimsCheck
12.181conditionclaims-check: status=OK [Checks if specific claims is present or not]
12.181assertionAuthTimeCheck
12.181conditionauth_time-check: status=OK [Check that the auth_time returned in the ID Token is in the expected range.]
12.181conditionDone: status=OK

Result

PASSED