0.0 | phase | <--<-- 0 --- Webfinger -->--> |
0.0 | not expected to do | WebFinger |
0.0 | phase | <--<-- 1 --- Discovery -->--> |
0.001 | not expected to do | Dynamic discovery |
0.001 | phase | <--<-- 2 --- Registration -->--> |
0.001 | register | kwargs:{'response_types': ['code'], 'grant_types': ['authorization_code'], 'application_name': 'OIC test tool', 'application_type': 'web', 'redirect_uris': ['https://op.certification.openid.net:61401/authz_cb'], 'contacts': ['roland@example.com'], 'post_logout_redirect_uris': ['https://op.certification.openid.net:61401/logout'], 'url': 'https://oidc-conformance.ping-eng.com:9031/as/clients.oauth2', 'jwks_uri': 'https://op.certification.openid.net:61401/static/jwks_61401.json'}
|
0.001 | RegistrationRequest | {
"application_type": "web",
"contacts": [
"roland@example.com"
],
"grant_types": [
"authorization_code"
],
"jwks_uri": "https://op.certification.openid.net:61401/static/jwks_61401.json",
"post_logout_redirect_uris": [
"https://op.certification.openid.net:61401/logout"
],
"redirect_uris": [
"https://op.certification.openid.net:61401/authz_cb"
],
"request_uris": [
"https://op.certification.openid.net:61401/requests/876669ef2b3891075309a06e00b98e6ace4cfca108af01becb9a804fff95d8c4#np1MjKc9IXWSyYYy"
],
"response_types": [
"code"
]
}
|
0.322 | http response | url:https://oidc-conformance.ping-eng.com:9031/as/clients.oauth2 status_code:201
|
0.323 | RegistrationResponse | {
"client_id": "dc-gjHaegwC1Y6pcn0drGAqNQ",
"client_name": "dc-gjHaegwC1Y6pcn0drGAqNQ",
"client_secret": "oT2vhcnwCwSC6n8vH6gGFH",
"client_secret_expires_at": 0,
"grant_access_session_revocation_api": false,
"grant_types": [
"refresh_token",
"authorization_code"
],
"jwks_uri": "https://op.certification.openid.net:61401/static/jwks_61401.json",
"persistent_grant_expiration_type": "server_default",
"pingaccess_logout_capable": false,
"redirect_uris": [
"https://op.certification.openid.net:61401/authz_cb"
],
"refresh_token_rolling_policy": "server_default",
"response_types": [
"code"
],
"scope": "address phone edit openid profile admin email",
"token_endpoint_auth_method": "client_secret_basic",
"validate_using_all_eligible_atms": false
}
|
0.323 | phase | <--<-- 3 --- AsyncAuthn -->--> |
0.323 | AuthorizationRequest | {
"client_id": "dc-gjHaegwC1Y6pcn0drGAqNQ",
"nonce": "fuoqHgviL0rcrj22",
"redirect_uri": "https://op.certification.openid.net:61401/authz_cb",
"response_type": "code",
"scope": "openid",
"state": "temijSli5X3TYGO0"
}
|
0.324 | redirect url | https://oidc-conformance.ping-eng.com:9031/as/authorization.oauth2?state=temijSli5X3TYGO0&nonce=fuoqHgviL0rcrj22&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&client_id=dc-gjHaegwC1Y6pcn0drGAqNQ |
0.324 | redirect | https://oidc-conformance.ping-eng.com:9031/as/authorization.oauth2?state=temijSli5X3TYGO0&nonce=fuoqHgviL0rcrj22&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&client_id=dc-gjHaegwC1Y6pcn0drGAqNQ |
2.159 | response | Response URL with query part |
2.159 | response | {'code': 'DCWaZCoAUY0s6ly_Xu6RbzYvogfI2Q-l2jBrDT4t', 'state': 'temijSli5X3TYGO0'} |
2.159 | response | {'code': 'DCWaZCoAUY0s6ly_Xu6RbzYvogfI2Q-l2jBrDT4t', 'state': 'temijSli5X3TYGO0'} |
2.16 | AuthorizationResponse | {
"code": "DCWaZCoAUY0s6ly_Xu6RbzYvogfI2Q-l2jBrDT4t",
"state": "temijSli5X3TYGO0"
}
|
2.16 | phase | <--<-- 4 --- AccessToken -->--> |
2.16 | request | op_args: {'state': 'temijSli5X3TYGO0'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:61401/authz_cb'} |
2.16 | do_access_token_request | kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:61401/authz_cb', 'code': 'DCWaZCoAUY0s6ly_Xu6RbzYvogfI2Q-l2jBrDT4t', 'state': 'temijSli5X3TYGO0', 'grant_type': 'authorization_code', 'client_id': 'dc-gjHaegwC1Y6pcn0drGAqNQ'}, 'state': 'temijSli5X3TYGO0'}
|
2.16 | AccessTokenRequest | {
"code": "DCWaZCoAUY0s6ly_Xu6RbzYvogfI2Q-l2jBrDT4t",
"grant_type": "authorization_code",
"redirect_uri": "https://op.certification.openid.net:61401/authz_cb",
"state": "temijSli5X3TYGO0"
}
|
2.16 | request_url | https://oidc-conformance.ping-eng.com:9031/as/token.oauth2 |
2.16 | request_http_args | {'headers': {'Authorization': 'Basic ZGMtZ2pIYWVnd0MxWTZwY24wZHJHQXFOUTpvVDJ2aGNud0N3U0M2bjh2SDZnR0ZI', 'Content-Type': 'application/x-www-form-urlencoded'}} |
2.16 | request | grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&code=DCWaZCoAUY0s6ly_Xu6RbzYvogfI2Q-l2jBrDT4t&state=temijSli5X3TYGO0 |
2.521 | http response | url:https://oidc-conformance.ping-eng.com:9031/as/token.oauth2 status_code:200
|
2.523 | response | {'access_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy1nakhhZWd3QzFZNnBjbjBkckdBcU5RIiwiYWdpZCI6IjMwNDZLWTQ2ekpZV1dsS2xiaEV0OHd5MWFnTFBDWmh6IiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzQ3NzUzMH0.KruCZnHC3lQk6-uEOgP0h1trI7vbvRB0pJiOYWUHsG38XPyS7aXdFCcgiIi09k6lqtkE7FW_wkxLpmEUzeHGarWnkHJb5NwUrMY3TsLjCb7GNfn_GaRDI9q49rx8GgoscncxrmGLWAPDHNLpIx-MTK6b2RNdv61hY2kPOO-T1OSlkUz-9eK8OXT7gq-La9x6GLQhiZAn8SjnA4424nxCVdFx0hsvL2DNdsD5FinaJ2aOln9q4m0LFcz0pkegqHN_fSVgLndS5HRwehuHvSpwctBdLWdz23x7fkXubswhaIANDKv7pVQ0RAMtR7KoDMrAe85KTMZh1vVXzjSlGvGBmA', 'refresh_token': 'iaf6kj5a3D5HGrKcRE86LamsRTAMzTD8FPvs9wgkxy', 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IlJvMmxnRXNPdFdJMlJiRUxLRV85amZvSVRxWSJ9.eyJzdWIiOiJqb2UiLCJhdWQiOiJkYy1nakhhZWd3QzFZNnBjbjBkckdBcU5RIiwianRpIjoiWEVOQU04TGpyTWJIRnhER3E2WHJsciIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTUzNzQ3MDMyOSwiZXhwIjoxNTM3NDcwNjI5LCJwaS5zcmkiOiJfQ3kzZk93Mko0dFhMdTZ5eUVUQlpuNkZSRVEiLCJub25jZSI6ImZ1b3FIZ3ZpTDByY3JqMjIiLCJhdXRoX3RpbWUiOjE1Mzc0Njk5ODYsInNfaGFzaCI6ImtqX0E4bU9CSEZuMGdxTkF1U2tXa0EifQ.Ccfl1TU6Gmee6Hbj20saVw4YBunQJC8NaA0Xb8jAX2PVexRBKqOFXPN1cGHtsLy5GC98eXO_gUZX0TIJQIRPWCSVhzTqZJFczWn3LZJ7zTUKHnoPIdhH2DiUVWH7_JruC_M2y9_q7i2OtrtD0s8sUe1OaxM5AwHw5K1tAxzrSFvn4HEDiY66Ojrk-1d--ipILRIQoU_fycEn62yVUkfWXrHUMoIxIoYWu8uKvb2QORWgkCRPdhYp1XixmSqpUpX7hQ4PEbJbdh2G_qP8Z2dKu1m6bGQ7RFFr0AUwqLv2SYZTOXH-1-wbS9nI_pShjRHeAFq7juhPoGFxspBheCd_Ng', 'token_type': 'Bearer', 'expires_in': 7199} |
2.829 | AccessTokenResponse | {
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy1nakhhZWd3QzFZNnBjbjBkckdBcU5RIiwiYWdpZCI6IjMwNDZLWTQ2ekpZV1dsS2xiaEV0OHd5MWFnTFBDWmh6IiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzQ3NzUzMH0.KruCZnHC3lQk6-uEOgP0h1trI7vbvRB0pJiOYWUHsG38XPyS7aXdFCcgiIi09k6lqtkE7FW_wkxLpmEUzeHGarWnkHJb5NwUrMY3TsLjCb7GNfn_GaRDI9q49rx8GgoscncxrmGLWAPDHNLpIx-MTK6b2RNdv61hY2kPOO-T1OSlkUz-9eK8OXT7gq-La9x6GLQhiZAn8SjnA4424nxCVdFx0hsvL2DNdsD5FinaJ2aOln9q4m0LFcz0pkegqHN_fSVgLndS5HRwehuHvSpwctBdLWdz23x7fkXubswhaIANDKv7pVQ0RAMtR7KoDMrAe85KTMZh1vVXzjSlGvGBmA",
"expires_in": 7199,
"id_token": {
"aud": [
"dc-gjHaegwC1Y6pcn0drGAqNQ"
],
"auth_time": 1537469986,
"exp": 1537470629,
"iat": 1537470329,
"iss": "https://oidc-conformance.ping-eng.com:9031",
"jti": "XENAM8LjrMbHFxDGq6Xrlr",
"nonce": "fuoqHgviL0rcrj22",
"pi.sri": "_Cy3fOw2J4tXLu6yyETBZn6FREQ",
"s_hash": "kj_A8mOBHFn0gqNAuSkWkA",
"sub": "joe"
},
"refresh_token": "iaf6kj5a3D5HGrKcRE86LamsRTAMzTD8FPvs9wgkxy",
"token_type": "Bearer"
}
|
2.829 | phase | <--<-- 5 --- AsyncAuthn -->--> |
2.83 | AuthorizationRequest | {
"client_id": "dc-gjHaegwC1Y6pcn0drGAqNQ",
"nonce": "lXOm9RLaXjcodFEC",
"prompt": [
"none"
],
"redirect_uri": "https://op.certification.openid.net:61401/authz_cb",
"response_type": "code",
"scope": "openid",
"state": "hlLkNG6QJ6G8MkNE"
}
|
2.83 | redirect url | https://oidc-conformance.ping-eng.com:9031/as/authorization.oauth2?state=hlLkNG6QJ6G8MkNE&nonce=lXOm9RLaXjcodFEC&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&prompt=none&client_id=dc-gjHaegwC1Y6pcn0drGAqNQ |
2.83 | redirect | https://oidc-conformance.ping-eng.com:9031/as/authorization.oauth2?state=hlLkNG6QJ6G8MkNE&nonce=lXOm9RLaXjcodFEC&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&prompt=none&client_id=dc-gjHaegwC1Y6pcn0drGAqNQ |
3.125 | response | Response URL with query part |
3.125 | response | {'code': 'enZEtWF-XdtJzjIesho-62w3TWo2v947ikdELMrp', 'state': 'hlLkNG6QJ6G8MkNE'} |
3.125 | response | {'code': 'enZEtWF-XdtJzjIesho-62w3TWo2v947ikdELMrp', 'state': 'hlLkNG6QJ6G8MkNE'} |
3.126 | AuthorizationResponse | {
"code": "enZEtWF-XdtJzjIesho-62w3TWo2v947ikdELMrp",
"state": "hlLkNG6QJ6G8MkNE"
}
|
3.126 | phase | <--<-- 6 --- AccessToken -->--> |
3.126 | request | op_args: {'state': 'hlLkNG6QJ6G8MkNE'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:61401/authz_cb'} |
3.126 | do_access_token_request | kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:61401/authz_cb', 'code': 'enZEtWF-XdtJzjIesho-62w3TWo2v947ikdELMrp', 'state': 'hlLkNG6QJ6G8MkNE', 'grant_type': 'authorization_code', 'client_id': 'dc-gjHaegwC1Y6pcn0drGAqNQ'}, 'state': 'hlLkNG6QJ6G8MkNE'}
|
3.126 | AccessTokenRequest | {
"code": "enZEtWF-XdtJzjIesho-62w3TWo2v947ikdELMrp",
"grant_type": "authorization_code",
"redirect_uri": "https://op.certification.openid.net:61401/authz_cb",
"state": "hlLkNG6QJ6G8MkNE"
}
|
3.126 | request_url | https://oidc-conformance.ping-eng.com:9031/as/token.oauth2 |
3.126 | request_http_args | {'headers': {'Authorization': 'Basic ZGMtZ2pIYWVnd0MxWTZwY24wZHJHQXFOUTpvVDJ2aGNud0N3U0M2bjh2SDZnR0ZI', 'Content-Type': 'application/x-www-form-urlencoded'}} |
3.126 | request | grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&code=enZEtWF-XdtJzjIesho-62w3TWo2v947ikdELMrp&state=hlLkNG6QJ6G8MkNE |
3.468 | http response | url:https://oidc-conformance.ping-eng.com:9031/as/token.oauth2 status_code:200
|
3.469 | response | {'access_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy1nakhhZWd3QzFZNnBjbjBkckdBcU5RIiwiYWdpZCI6IjMwNDZLWTQ2ekpZV1dsS2xiaEV0OHd5MWFnTFBDWmh6IiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzQ3NzUzMX0.LNYFap0fYGs-ABOmoP6txbmNV0hTy_h5iXInyh0lnCUhq49I06K_60LAI1-HRW6r5CIYHrS6Pje9nTliD2V8PfQj-lBnPd2xwxvEm_A1J6MGoJgNapJPuSEWtn8a8o1_8PDcXiZqK4zClj48zCblkZnzhVNBlNc6HFLnTP_IeYMwni1mWJU4rDxzY1kN00Nm3HjKWIwHA-SxcPuckV4PMaIXTorE28Bu2IzLm7s5b8kV4ff-WdbSwoBJwTsAMtbi7svqeMjPrZOQKyITRnZ0HOh6HOCFD7K-laKxidHXbmRD315Qb96avJJLqTduxIZiHmfRqSFvtoG9gvo1JOINhw', 'refresh_token': 'WsNMV1LGfBfRw3FeZ9iPBwVv3pxDgEQASckplwOoWq', 'scope': 'openid', 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IlJvMmxnRXNPdFdJMlJiRUxLRV85amZvSVRxWSJ9.eyJzdWIiOiJqb2UiLCJhdWQiOiJkYy1nakhhZWd3QzFZNnBjbjBkckdBcU5RIiwianRpIjoiTTRGMzQxN1R3bHlPU2dXeHBGMGVjOSIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTUzNzQ3MDMzMCwiZXhwIjoxNTM3NDcwNjMwLCJwaS5zcmkiOiJfQ3kzZk93Mko0dFhMdTZ5eUVUQlpuNkZSRVEiLCJub25jZSI6ImxYT205UkxhWGpjb2RGRUMiLCJhdXRoX3RpbWUiOjE1Mzc0Njk5ODYsInNfaGFzaCI6IlVOYV9BaWhwam5meC12SWc2a2FseVEifQ.i-Jc4Q5zmQqOQLuo8f4_CGp96-zI12H13W_8aAnzj8QwikoEDrTUm-hL9IxD7QXra0jajR4no9Dl1O4OKdRzpwNcN-l2XFEon0PwxRyCQFPDH-YSv4E1CXfRMD687R2BScigPMpVyS0IvqmMmGvknNHp2SY-GcrTuHTErNAywUVdYoFEL3HN4Zvr7E8KWErQN7F7USsJ8A5BRbCjp2UgKzh8yC9j95v2bXOMpfwOhurqkVwxhexuX0kNP-0b3IOMBd_6ApRIjyYcrr_mWAlpEHRYjnFNFSG7nEtiwxtMXQgzZHnlmCfPojA3ezyfXnX1uJQiSv7OrQFqElFBfGgTkQ', 'token_type': 'Bearer', 'expires_in': 7199} |
3.471 | AccessTokenResponse | {
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy1nakhhZWd3QzFZNnBjbjBkckdBcU5RIiwiYWdpZCI6IjMwNDZLWTQ2ekpZV1dsS2xiaEV0OHd5MWFnTFBDWmh6IiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzQ3NzUzMX0.LNYFap0fYGs-ABOmoP6txbmNV0hTy_h5iXInyh0lnCUhq49I06K_60LAI1-HRW6r5CIYHrS6Pje9nTliD2V8PfQj-lBnPd2xwxvEm_A1J6MGoJgNapJPuSEWtn8a8o1_8PDcXiZqK4zClj48zCblkZnzhVNBlNc6HFLnTP_IeYMwni1mWJU4rDxzY1kN00Nm3HjKWIwHA-SxcPuckV4PMaIXTorE28Bu2IzLm7s5b8kV4ff-WdbSwoBJwTsAMtbi7svqeMjPrZOQKyITRnZ0HOh6HOCFD7K-laKxidHXbmRD315Qb96avJJLqTduxIZiHmfRqSFvtoG9gvo1JOINhw",
"expires_in": 7199,
"id_token": {
"aud": [
"dc-gjHaegwC1Y6pcn0drGAqNQ"
],
"auth_time": 1537469986,
"exp": 1537470630,
"iat": 1537470330,
"iss": "https://oidc-conformance.ping-eng.com:9031",
"jti": "M4F3417TwlyOSgWxpF0ec9",
"nonce": "lXOm9RLaXjcodFEC",
"pi.sri": "_Cy3fOw2J4tXLu6yyETBZn6FREQ",
"s_hash": "UNa_Aihpjnfx-vIg6kalyQ",
"sub": "joe"
},
"refresh_token": "WsNMV1LGfBfRw3FeZ9iPBwVv3pxDgEQASckplwOoWq",
"scope": "openid",
"token_type": "Bearer"
}
|
3.471 | phase | <--<-- 7 --- Done -->--> |
3.471 | end | |
3.472 | assertion | SameAuthn |
3.472 | condition | same-authn: status=OK [Verifies that the same authentication was used twice in the flow.] |
3.472 | assertion | VerifyResponse |
3.472 | condition | verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses] |
3.472 | condition | Done: status=OK |