Test Info

Issuerhttps://oidc-conformance.ping-eng.com:9031
Profile[]
Test IDOP-ClientAuth-SecretPost-Dynamic
Test descriptionAccess token request with client_secret_post authentication
Timestamp2018-09-21T17:50:27Z

Conditions


verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Webfinger -->-->
0.0not expected to doWebFinger
0.0phase<--<-- 1 --- Discovery -->-->
0.0not expected to doDynamic discovery
0.0phase<--<-- 2 --- Registration -->-->
0.001register
kwargs:{'response_types': ['code id_token token'], 'grant_types': ['authorization_code', 'implicit'], 'application_name': 'OIC test tool', 'application_type': 'web', 'redirect_uris': ['https://op.certification.openid.net:61401/authz_cb'], 'contacts': ['roland@example.com'], 'post_logout_redirect_uris': ['https://op.certification.openid.net:61401/logout'], 'url': 'https://oidc-conformance.ping-eng.com:9031/as/clients.oauth2', 'jwks_uri': 'https://op.certification.openid.net:61401/static/jwks_61401.json', 'token_endpoint_auth_method': 'client_secret_post'}
0.001RegistrationRequest
{
    "application_type": "web",
    "contacts": [
        "roland@example.com"
    ],
    "grant_types": [
        "implicit",
        "authorization_code"
    ],
    "jwks_uri": "https://op.certification.openid.net:61401/static/jwks_61401.json",
    "post_logout_redirect_uris": [
        "https://op.certification.openid.net:61401/logout"
    ],
    "redirect_uris": [
        "https://op.certification.openid.net:61401/authz_cb"
    ],
    "request_uris": [
        "https://op.certification.openid.net:61401/requests/876669ef2b3891075309a06e00b98e6ace4cfca108af01becb9a804fff95d8c4#8vMzZNr7HyLfEve4"
    ],
    "response_types": [
        "code id_token token"
    ],
    "token_endpoint_auth_method": "client_secret_post"
}
0.33http response
url:https://oidc-conformance.ping-eng.com:9031/as/clients.oauth2 status_code:201
0.331RegistrationResponse
{
    "client_id": "dc-zZLaFnajgqDCgQDI3JLSMT",
    "client_name": "dc-zZLaFnajgqDCgQDI3JLSMT",
    "client_secret": "tynAWavMv8ikCJGRrNB4XG",
    "client_secret_expires_at": 0,
    "grant_access_session_revocation_api": false,
    "grant_types": [
        "implicit",
        "authorization_code"
    ],
    "jwks_uri": "https://op.certification.openid.net:61401/static/jwks_61401.json",
    "persistent_grant_expiration_type": "server_default",
    "pingaccess_logout_capable": false,
    "redirect_uris": [
        "https://op.certification.openid.net:61401/authz_cb"
    ],
    "refresh_token_rolling_policy": "server_default",
    "response_types": [
        "code id_token token"
    ],
    "scope": "address phone edit openid profile admin email",
    "token_endpoint_auth_method": "client_secret_post",
    "validate_using_all_eligible_atms": false
}
0.331phase<--<-- 3 --- AsyncAuthn -->-->
0.331AuthorizationRequest
{
    "client_id": "dc-zZLaFnajgqDCgQDI3JLSMT",
    "nonce": "nz9vq4o8ZrGjjDLF",
    "redirect_uri": "https://op.certification.openid.net:61401/authz_cb",
    "response_type": "code id_token token",
    "scope": "openid",
    "state": "zLR1B0OM6eo6bZ5Z"
}
0.332redirect urlhttps://oidc-conformance.ping-eng.com:9031/as/authorization.oauth2?state=zLR1B0OM6eo6bZ5Z&nonce=nz9vq4o8ZrGjjDLF&response_type=code+id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&client_id=dc-zZLaFnajgqDCgQDI3JLSMT
0.332redirecthttps://oidc-conformance.ping-eng.com:9031/as/authorization.oauth2?state=zLR1B0OM6eo6bZ5Z&nonce=nz9vq4o8ZrGjjDLF&response_type=code+id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&client_id=dc-zZLaFnajgqDCgQDI3JLSMT
1.887http args{}
2.221responseURL with fragment
2.221responseaccess_token=eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy16WkxhRm5hamdxRENnUURJM0pMU01UIiwiYWdpZCI6IktWMUdqTnlVb1h1N295OFJVSm5hb0VFa1RodzIwN1NrIiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzU1OTQyNn0.Mv9RnTybFup6wosBVPTbdyMKIUmkSCHEBkOdTD3TCGinhVxmv0fS1Ov5BLtJZS_lmLxxNs9ioJPAmpNLcPVq4lKhDPpdcCUIxy0rl6haKFxqXdnyyPprJcygy0K1DGTa5cgQj3INai6QGTI-XurHM69sIucb_k0QyV0Oh0A748sqymKrxGYGVu-OzGeur71q1cjwlGY5uNoAJ6873dtVlotm9czAPX3s_dghcPd1KLkWN7m38Y8fiSOSHiqb0vvBE-ZUS64pa2dwSw2zgpsR3y6euXm1RLYPxGBLu6yhnoqgZnflqKIWW94ut5I9o5iPMqaxkS_d0iUen5zrCr3twg&code=70NcXpy2dl_lzStzdt39sJb8PpOi39_LA48IeLI4&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InExa19WZW9TcXRKX0Y1Y2ZlRXRRRkJHcW1LOCJ9.eyJzdWIiOiJqb2UiLCJhdWQiOiJkYy16WkxhRm5hamdxRENnUURJM0pMU01UIiwianRpIjoiQjhBUjF5UU1SY3lUUlBsT3JSbE1CaiIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTUzNzU1MjIyNiwiZXhwIjoxNTM3NTUyNTI2LCJwaS5zcmkiOiJPY21ITy1ldVFiRFZjZlp1OHZaSzJrWWJlV28iLCJub25jZSI6Im56OXZxNG84WnJHampETEYiLCJhdXRoX3RpbWUiOjE1Mzc1NTE3NjYsImNfaGFzaCI6ImQ1amlVMHdFWDY5QkwtS3NGOEJZWVEiLCJhdF9oYXNoIjoiWHc4bDhsbHJQa2VSbk4wTndZTzFmUSIsInNfaGFzaCI6IkhzS2t0MjQ1U25HZkF6WVgzSE5aYVEifQ.HF_P2ZyudWWkkgR9Bcu0CiYf6BLcF5Zjvh6Raj7V1ydC4zd4C_W4wTB-obrtkH-l4Rs8yrjmAa9KPqM5E1CGrSC51XZev_9ZftA2aZVf_NfAshNI1k9jIf-wPYicO7KdqTbb0qDnK4Agl-gAQ_y_svJz8LaZ315wzwwDCtIvPpq3P_Axd33GXQTiIl82EyZyenbhHj7hk9enDw6Sknxs3jkEDGSkX3MmYlh5UaqFjMJs-y8MCnnMJ9XciBbweqDsBMTOkcBhbtgQkrDdHnJBBqXZjsfnpZDw4Ld3tAW3ttloVGR2ddpnf5_RCsmRBHgO4CWSNwi4G2hk814qKGK8LA&state=zLR1B0OM6eo6bZ5Z&token_type=Bearer&expires_in=7199
2.221response{'access_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy16WkxhRm5hamdxRENnUURJM0pMU01UIiwiYWdpZCI6IktWMUdqTnlVb1h1N295OFJVSm5hb0VFa1RodzIwN1NrIiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzU1OTQyNn0.Mv9RnTybFup6wosBVPTbdyMKIUmkSCHEBkOdTD3TCGinhVxmv0fS1Ov5BLtJZS_lmLxxNs9ioJPAmpNLcPVq4lKhDPpdcCUIxy0rl6haKFxqXdnyyPprJcygy0K1DGTa5cgQj3INai6QGTI-XurHM69sIucb_k0QyV0Oh0A748sqymKrxGYGVu-OzGeur71q1cjwlGY5uNoAJ6873dtVlotm9czAPX3s_dghcPd1KLkWN7m38Y8fiSOSHiqb0vvBE-ZUS64pa2dwSw2zgpsR3y6euXm1RLYPxGBLu6yhnoqgZnflqKIWW94ut5I9o5iPMqaxkS_d0iUen5zrCr3twg', 'code': '70NcXpy2dl_lzStzdt39sJb8PpOi39_LA48IeLI4', 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6InExa19WZW9TcXRKX0Y1Y2ZlRXRRRkJHcW1LOCJ9.eyJzdWIiOiJqb2UiLCJhdWQiOiJkYy16WkxhRm5hamdxRENnUURJM0pMU01UIiwianRpIjoiQjhBUjF5UU1SY3lUUlBsT3JSbE1CaiIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTUzNzU1MjIyNiwiZXhwIjoxNTM3NTUyNTI2LCJwaS5zcmkiOiJPY21ITy1ldVFiRFZjZlp1OHZaSzJrWWJlV28iLCJub25jZSI6Im56OXZxNG84WnJHampETEYiLCJhdXRoX3RpbWUiOjE1Mzc1NTE3NjYsImNfaGFzaCI6ImQ1amlVMHdFWDY5QkwtS3NGOEJZWVEiLCJhdF9oYXNoIjoiWHc4bDhsbHJQa2VSbk4wTndZTzFmUSIsInNfaGFzaCI6IkhzS2t0MjQ1U25HZkF6WVgzSE5aYVEifQ.HF_P2ZyudWWkkgR9Bcu0CiYf6BLcF5Zjvh6Raj7V1ydC4zd4C_W4wTB-obrtkH-l4Rs8yrjmAa9KPqM5E1CGrSC51XZev_9ZftA2aZVf_NfAshNI1k9jIf-wPYicO7KdqTbb0qDnK4Agl-gAQ_y_svJz8LaZ315wzwwDCtIvPpq3P_Axd33GXQTiIl82EyZyenbhHj7hk9enDw6Sknxs3jkEDGSkX3MmYlh5UaqFjMJs-y8MCnnMJ9XciBbweqDsBMTOkcBhbtgQkrDdHnJBBqXZjsfnpZDw4Ld3tAW3ttloVGR2ddpnf5_RCsmRBHgO4CWSNwi4G2hk814qKGK8LA', 'state': 'zLR1B0OM6eo6bZ5Z', 'token_type': 'Bearer', 'expires_in': 7199}
2.522AuthorizationResponse
{
    "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy16WkxhRm5hamdxRENnUURJM0pMU01UIiwiYWdpZCI6IktWMUdqTnlVb1h1N295OFJVSm5hb0VFa1RodzIwN1NrIiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzU1OTQyNn0.Mv9RnTybFup6wosBVPTbdyMKIUmkSCHEBkOdTD3TCGinhVxmv0fS1Ov5BLtJZS_lmLxxNs9ioJPAmpNLcPVq4lKhDPpdcCUIxy0rl6haKFxqXdnyyPprJcygy0K1DGTa5cgQj3INai6QGTI-XurHM69sIucb_k0QyV0Oh0A748sqymKrxGYGVu-OzGeur71q1cjwlGY5uNoAJ6873dtVlotm9czAPX3s_dghcPd1KLkWN7m38Y8fiSOSHiqb0vvBE-ZUS64pa2dwSw2zgpsR3y6euXm1RLYPxGBLu6yhnoqgZnflqKIWW94ut5I9o5iPMqaxkS_d0iUen5zrCr3twg",
    "code": "70NcXpy2dl_lzStzdt39sJb8PpOi39_LA48IeLI4",
    "expires_in": 7199,
    "id_token": {
        "at_hash": "Xw8l8llrPkeRnN0NwYO1fQ",
        "aud": [
            "dc-zZLaFnajgqDCgQDI3JLSMT"
        ],
        "auth_time": 1537551766,
        "c_hash": "d5jiU0wEX69BL-KsF8BYYQ",
        "exp": 1537552526,
        "iat": 1537552226,
        "iss": "https://oidc-conformance.ping-eng.com:9031",
        "jti": "B8AR1yQMRcyTRPlOrRlMBj",
        "nonce": "nz9vq4o8ZrGjjDLF",
        "pi.sri": "OcmHO-euQbDVcfZu8vZK2kYbeWo",
        "s_hash": "HsKkt245SnGfAzYX3HNZaQ",
        "sub": "joe"
    },
    "state": "zLR1B0OM6eo6bZ5Z",
    "token_type": "Bearer"
}
2.522phase<--<-- 4 --- AccessToken -->-->
2.522requestop_args: {'state': 'zLR1B0OM6eo6bZ5Z', 'authn_method': 'client_secret_post'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:61401/authz_cb'}
2.522do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:61401/authz_cb', 'code': '70NcXpy2dl_lzStzdt39sJb8PpOi39_LA48IeLI4', 'state': 'zLR1B0OM6eo6bZ5Z', 'grant_type': 'authorization_code', 'client_id': 'dc-zZLaFnajgqDCgQDI3JLSMT'}, 'state': 'zLR1B0OM6eo6bZ5Z', 'authn_method': 'client_secret_post'}
2.522AccessTokenRequest
{
    "client_id": "dc-zZLaFnajgqDCgQDI3JLSMT",
    "client_secret": "tynAWavMv8ikCJGRrNB4XG",
    "code": "70NcXpy2dl_lzStzdt39sJb8PpOi39_LA48IeLI4",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:61401/authz_cb",
    "state": "zLR1B0OM6eo6bZ5Z"
}
2.523request_urlhttps://oidc-conformance.ping-eng.com:9031/as/token.oauth2
2.523request_http_args{'headers': {'Content-Type': 'application/x-www-form-urlencoded'}}
2.523requestgrant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&code=70NcXpy2dl_lzStzdt39sJb8PpOi39_LA48IeLI4&state=zLR1B0OM6eo6bZ5Z&client_id=dc-zZLaFnajgqDCgQDI3JLSMT&client_secret=tynAWavMv8ikCJGRrNB4XG
2.873http response
url:https://oidc-conformance.ping-eng.com:9031/as/token.oauth2 status_code:200
2.874response{'access_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy16WkxhRm5hamdxRENnUURJM0pMU01UIiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzU1OTQyN30.PVdabUyPLp1j4LuCNHKRE0yVfgbqaMTcsfh3v6MRaxtIkDUIEunmyXkIkDUSJGbHagTxL9ziPRx3lNFfln7d1VKHEK3sL2IgZLCpEa38sPhLe47xykzq9Cr8NK7CaWNVuAT5w66ElfjXeZml4h0LPBZI4FN0d-84AmmX1JUxNf-bfa0w2TDa_wrbFElNBhn7V6tcENSNGgP3F54kH0D5rbNoT1bgMhr45OZOUzrwH_Zrlg9iCrIR5IZ2OZeEDU5S_ZU5zPsU3xjRqIHF7WkWlSBJL2XwMAIE4IP-Ell62MrQqQkzh3SAt4H0OXXillZGbdSKWMlNi0P2qKQ_DchvXg', 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6InExa19WZW9TcXRKX0Y1Y2ZlRXRRRkJHcW1LOCJ9.eyJzdWIiOiJqb2UiLCJhdWQiOiJkYy16WkxhRm5hamdxRENnUURJM0pMU01UIiwianRpIjoiQjhBUjF5UU1SY3lUUlBsT3JSbE1CaiIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTUzNzU1MjIyNiwiZXhwIjoxNTM3NTUyNTI2LCJwaS5zcmkiOiJPY21ITy1ldVFiRFZjZlp1OHZaSzJrWWJlV28iLCJub25jZSI6Im56OXZxNG84WnJHampETEYiLCJhdXRoX3RpbWUiOjE1Mzc1NTE3NjYsImNfaGFzaCI6ImQ1amlVMHdFWDY5QkwtS3NGOEJZWVEiLCJhdF9oYXNoIjoiWHc4bDhsbHJQa2VSbk4wTndZTzFmUSIsInNfaGFzaCI6IkhzS2t0MjQ1U25HZkF6WVgzSE5aYVEifQ.HF_P2ZyudWWkkgR9Bcu0CiYf6BLcF5Zjvh6Raj7V1ydC4zd4C_W4wTB-obrtkH-l4Rs8yrjmAa9KPqM5E1CGrSC51XZev_9ZftA2aZVf_NfAshNI1k9jIf-wPYicO7KdqTbb0qDnK4Agl-gAQ_y_svJz8LaZ315wzwwDCtIvPpq3P_Axd33GXQTiIl82EyZyenbhHj7hk9enDw6Sknxs3jkEDGSkX3MmYlh5UaqFjMJs-y8MCnnMJ9XciBbweqDsBMTOkcBhbtgQkrDdHnJBBqXZjsfnpZDw4Ld3tAW3ttloVGR2ddpnf5_RCsmRBHgO4CWSNwi4G2hk814qKGK8LA', 'token_type': 'Bearer', 'expires_in': 7199}
2.877AccessTokenResponse
{
    "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiXSwiY2xpZW50X2lkX25hbWUiOiJkYy16WkxhRm5hamdxRENnUURJM0pMU01UIiwiVXNlcm5hbWUiOiJqb2UiLCJPcmdOYW1lIjoiUGluZyBJZGVudGl0eSBDb3Jwb3JhdGlvbiIsImV4cCI6MTUzNzU1OTQyN30.PVdabUyPLp1j4LuCNHKRE0yVfgbqaMTcsfh3v6MRaxtIkDUIEunmyXkIkDUSJGbHagTxL9ziPRx3lNFfln7d1VKHEK3sL2IgZLCpEa38sPhLe47xykzq9Cr8NK7CaWNVuAT5w66ElfjXeZml4h0LPBZI4FN0d-84AmmX1JUxNf-bfa0w2TDa_wrbFElNBhn7V6tcENSNGgP3F54kH0D5rbNoT1bgMhr45OZOUzrwH_Zrlg9iCrIR5IZ2OZeEDU5S_ZU5zPsU3xjRqIHF7WkWlSBJL2XwMAIE4IP-Ell62MrQqQkzh3SAt4H0OXXillZGbdSKWMlNi0P2qKQ_DchvXg",
    "expires_in": 7199,
    "id_token": {
        "at_hash": "Xw8l8llrPkeRnN0NwYO1fQ",
        "aud": [
            "dc-zZLaFnajgqDCgQDI3JLSMT"
        ],
        "auth_time": 1537551766,
        "c_hash": "d5jiU0wEX69BL-KsF8BYYQ",
        "exp": 1537552526,
        "iat": 1537552226,
        "iss": "https://oidc-conformance.ping-eng.com:9031",
        "jti": "B8AR1yQMRcyTRPlOrRlMBj",
        "nonce": "nz9vq4o8ZrGjjDLF",
        "pi.sri": "OcmHO-euQbDVcfZu8vZK2kYbeWo",
        "s_hash": "HsKkt245SnGfAzYX3HNZaQ",
        "sub": "joe"
    },
    "token_type": "Bearer"
}
2.877phase<--<-- 5 --- Done -->-->
2.877end
2.878assertionVerifyResponse
2.878conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
2.878conditionDone: status=OK

Result

PASSED