Test Info

Issuerhttps://isamfed.com:30443/test
Profile[]
Test IDOP-Req-max_age=1
Test descriptionRequesting ID Token with max_age=1 seconds restriction
Timestamp2019-06-17T15:07:17Z

Conditions


claims-check: status=OK [Checks if specific claims is present or not]
auth_time-check: status=OK [Check that the auth_time returned in the ID Token is in the expected range.]
multiple-sign-on: status=OK [Verifies that multiple authentications was used in the flow]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK

Trace Output

0phase<--<-- 0 --- Webfinger -->-->
0not expected to doWebFinger
0phase<--<-- 1 --- Discovery -->-->
0provider_config
kwargs:{'issuer': 'https://isamfed.com:30443/test'}
0http response
url:https://isamfed.com:30443/test/.well-known/openid-configuration status_code:200
0ProviderConfigurationResponse
{
    "authorization_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize",
    "claims_parameter_supported": false,
    "claims_supported": [
        "realmName",
        "preferred_username",
        "given_name",
        "uid",
        "upn",
        "groupIds",
        "employee_id",
        "name",
        "tenantId",
        "mobile_number",
        "department",
        "job_title",
        "family_name",
        "email"
    ],
    "device_authorize_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/device_authorize",
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:jwt-bearer",
        "implicit",
        "urn:ietf:params:oauth:grant-type:saml2-bearer",
        "urn:ietf:params:oauth:grant-type:device_code",
        "client_credentials",
        "password",
        "authorization_code",
        "refresh_token"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA-OAEP-256"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC-HS256"
    ],
    "id_token_signing_alg_values_supported": [
        "RS256"
    ],
    "introspect_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/introspect",
    "issuer": "https://isamfed.com:30443/test",
    "jwks_uri": "https://isamfed.com:30443/mga/sps/jwks",
    "name": "OIDCDefinition",
    "poc": "https://isamfed.com:30443/mga/",
    "registration_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition",
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "response_modes_supported": [
        "fragment",
        "form_post"
    ],
    "response_types_supported": [
        "token",
        "id_token",
        "token id_token",
        "code",
        "code id_token",
        "code token id_token",
        "code token",
        "none"
    ],
    "revocation_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/revoke",
    "subject_types_supported": [
        "public"
    ],
    "token_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/token",
    "token_endpoint_auth_methods_supported": [
        "private_key_jwt",
        "client_secret_post",
        "client_secret_basic"
    ],
    "user_authorize_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/user_authorize",
    "userinfo_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/userinfo",
    "userinfo_signing_alg_values_supported": [
        "RS256"
    ],
    "version": "3.0"
}
0phase<--<-- 2 --- Registration -->-->
0register
kwargs:{'response_types': ['code id_token token'], 'grant_types': ['authorization_code', 'implicit'], 'application_name': 'OIC test tool', 'application_type': 'web', 'redirect_uris': ['https://op.certification.openid.net:61737/authz_cb'], 'contacts': ['roland@example.com'], 'post_logout_redirect_uris': ['https://op.certification.openid.net:61737/logout'], 'url': 'https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition', 'jwks_uri': 'https://op.certification.openid.net:61737/static/jwks_61737.json', 'token_endpoint_auth_method': 'private_key_jwt'}
0RegistrationRequest
{
    "application_type": "web",
    "contacts": [
        "roland@example.com"
    ],
    "grant_types": [
        "authorization_code",
        "implicit"
    ],
    "jwks_uri": "https://op.certification.openid.net:61737/static/jwks_61737.json",
    "post_logout_redirect_uris": [
        "https://op.certification.openid.net:61737/logout"
    ],
    "redirect_uris": [
        "https://op.certification.openid.net:61737/authz_cb"
    ],
    "response_types": [
        "code id_token token"
    ],
    "token_endpoint_auth_method": "private_key_jwt"
}
0http response
url:https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition status_code:200
0RegistrationResponse
{
    "application_type": "web",
    "client_id": "2EpCmJFl7eDx4QtfSdZN",
    "client_id_issued_at": 1560784028,
    "client_secret": "5f5DviVjnwtlFybmGJ3U",
    "client_secret_expires_at": 0,
    "contacts": [
        "roland@example.com"
    ],
    "grant_types": [
        "authorization_code",
        "implicit"
    ],
    "jwks_uri": "https://op.certification.openid.net:61737/static/jwks_61737.json",
    "post_logout_redirect_uris": [
        "https://op.certification.openid.net:61737/logout"
    ],
    "redirect_uris": [
        "https://op.certification.openid.net:61737/authz_cb"
    ],
    "registration_access_token": "2zUc51q4JY5lg0jdkStE",
    "registration_client_uri": "https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition?client_id=2EpCmJFl7eDx4QtfSdZN",
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "token_endpoint_auth_method": "private_key_jwt"
}
0phase<--<-- 3 --- AsyncAuthn -->-->
0AuthorizationRequest
{
    "client_id": "2EpCmJFl7eDx4QtfSdZN",
    "nonce": "lUoIghFAb7q68lkv",
    "redirect_uri": "https://op.certification.openid.net:61737/authz_cb",
    "response_type": "code id_token token",
    "scope": "openid",
    "state": "qKcffTE8yeBpAahx"
}
0redirect urlhttps://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=qKcffTE8yeBpAahx&nonce=lUoIghFAb7q68lkv&response_type=code+id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&client_id=2EpCmJFl7eDx4QtfSdZN
0redirecthttps://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=qKcffTE8yeBpAahx&nonce=lUoIghFAb7q68lkv&response_type=code+id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&client_id=2EpCmJFl7eDx4QtfSdZN
1http args{}
2responseURL with fragment
2responseaccess_token=JRbuMZYibSjaSy5wpwBm&state=qKcffTE8yeBpAahx&expires_in=3599&token_type=bearer&code=hWX6mjyDpyQ4WRlBcRKOlfie7BIf3l&scope=openid&id_token=eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.UDZa8wjSknyicaZzlKoZRGMgP7ITUsiAPUHtNFqNAaYDxw1V9Nl3p0XmGkVk8O9QTcuusxyK25m91NTCXdSUAXvR2Jw179HjRd3hCEj3q3vhhE5tuByTFNP1QKVVUoQm4YxQPmwGn9RJSF80M9-VdsSE8fB6yZ5poOkfqyONbr0YQ49mEq7L4OQ5fbUNuHgWO8R9nrWVGxUzpcaxOCKXH4Ro557z4ppFFARblk11LPYfDOcTGMXqjGBNd5NITo6aWHQV5d7CSXSgAmoNJuPiIKHqV_9JAdLHYdXpEKn7VGy89jeA74BXBmKYIQ1WSQW9i_P1JKSOHnOsyJRwVt7VjA.rj0y5sBpBp7RvolMNWeygA.GGzNddekg00HhgpqufBe6jAMLjGsh5aS5g58NNjyWwOTTcOMw8bd7m4iU_q773P8wjAwb8wXiNUF-lFlYcmUrt0GHajmV9qYo4bIDk3f3ceJVoDJ6a_Y330jfrhSBX4LZn-tAC-wTjL7HrGh8S5nRrViQMyuKRuvWK1QcIIH5mh_c70kES3-w6kO_XaXfOwa1nJGIJoA6h-ZKbjUhBON7CKuRg214DW_FyjSvjztUoaw5JrVYewEq1dLMhWoU6pxz-cLZVUGOpedDFSfw4ID29MfmLhwVr8_GSCqfNLXSjdpVX5daq5DDpN_PDkhHkBY3MUumaTHAWSW5sLypgH1uHfHFhXEJubMD2OqfLrfSW1t0TcoKsL57O4hhNqDMa2w4L5TwvvSZECn1obA9mgOi-SsjWzkhDP7UzcLX-tckWSndMoSmE-OxjCKysHwmjeY6nR_n4kpMphhy7IjZzaAQFU4QfKvDQlVuH-xFQdUanJaBXMH9RgHgpXPkXaFdnCiVkCKPGiv91tmHgM2ZdahrJZiDbl9-fqaYQqrZqVjX08LyF_oIm1ALVVRxuY_TyFobxSafxEh3fUOfun9BII3azHeDfp0rNc-EtpZWZRP6Bt-67e44S5JpAjlkpFBOdfKrB7nbxEYNYiFBiGjjDDQ9dDSdjK8bktKjsPngh-ajEOlCWD6eR68G72duQC4wMC19CwwKeOtbGEFyveE0HfLtayQIiQeNJtU1VGwToaZt1zNMOo0nb1ecBk8iZA3_eE9uglQ1ynfeUlbrkS90OPbmGfecq47KdOhGAlK1DfyqfT8d_vsoY5Mlieu4lpIbm-A9nYRPvF6HHbpeS58r1Q-BzvdGSj5bsJ4sFJMfwXWKIGpgSdAWmc-P2RWCSdeQx30p0FOm3TIaCfm56T7pGwGQFXUGDUK3gwUivEfOv30vXk_0WcCmM3yJ2fpJGqxzbr2t780zTbx7ymeKSOSwXrbHA._1O4Y8zd50aqp1DXyhBvNQ
2response{'access_token': 'JRbuMZYibSjaSy5wpwBm', 'state': 'qKcffTE8yeBpAahx', 'expires_in': 3599, 'token_type': 'bearer', 'code': 'hWX6mjyDpyQ4WRlBcRKOlfie7BIf3l', 'scope': 'openid', 'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.UDZa8wjSknyicaZzlKoZRGMgP7ITUsiAPUHtNFqNAaYDxw1V9Nl3p0XmGkVk8O9QTcuusxyK25m91NTCXdSUAXvR2Jw179HjRd3hCEj3q3vhhE5tuByTFNP1QKVVUoQm4YxQPmwGn9RJSF80M9-VdsSE8fB6yZ5poOkfqyONbr0YQ49mEq7L4OQ5fbUNuHgWO8R9nrWVGxUzpcaxOCKXH4Ro557z4ppFFARblk11LPYfDOcTGMXqjGBNd5NITo6aWHQV5d7CSXSgAmoNJuPiIKHqV_9JAdLHYdXpEKn7VGy89jeA74BXBmKYIQ1WSQW9i_P1JKSOHnOsyJRwVt7VjA.rj0y5sBpBp7RvolMNWeygA.GGzNddekg00HhgpqufBe6jAMLjGsh5aS5g58NNjyWwOTTcOMw8bd7m4iU_q773P8wjAwb8wXiNUF-lFlYcmUrt0GHajmV9qYo4bIDk3f3ceJVoDJ6a_Y330jfrhSBX4LZn-tAC-wTjL7HrGh8S5nRrViQMyuKRuvWK1QcIIH5mh_c70kES3-w6kO_XaXfOwa1nJGIJoA6h-ZKbjUhBON7CKuRg214DW_FyjSvjztUoaw5JrVYewEq1dLMhWoU6pxz-cLZVUGOpedDFSfw4ID29MfmLhwVr8_GSCqfNLXSjdpVX5daq5DDpN_PDkhHkBY3MUumaTHAWSW5sLypgH1uHfHFhXEJubMD2OqfLrfSW1t0TcoKsL57O4hhNqDMa2w4L5TwvvSZECn1obA9mgOi-SsjWzkhDP7UzcLX-tckWSndMoSmE-OxjCKysHwmjeY6nR_n4kpMphhy7IjZzaAQFU4QfKvDQlVuH-xFQdUanJaBXMH9RgHgpXPkXaFdnCiVkCKPGiv91tmHgM2ZdahrJZiDbl9-fqaYQqrZqVjX08LyF_oIm1ALVVRxuY_TyFobxSafxEh3fUOfun9BII3azHeDfp0rNc-EtpZWZRP6Bt-67e44S5JpAjlkpFBOdfKrB7nbxEYNYiFBiGjjDDQ9dDSdjK8bktKjsPngh-ajEOlCWD6eR68G72duQC4wMC19CwwKeOtbGEFyveE0HfLtayQIiQeNJtU1VGwToaZt1zNMOo0nb1ecBk8iZA3_eE9uglQ1ynfeUlbrkS90OPbmGfecq47KdOhGAlK1DfyqfT8d_vsoY5Mlieu4lpIbm-A9nYRPvF6HHbpeS58r1Q-BzvdGSj5bsJ4sFJMfwXWKIGpgSdAWmc-P2RWCSdeQx30p0FOm3TIaCfm56T7pGwGQFXUGDUK3gwUivEfOv30vXk_0WcCmM3yJ2fpJGqxzbr2t780zTbx7ymeKSOSwXrbHA._1O4Y8zd50aqp1DXyhBvNQ'}
2AuthorizationResponse
{
    "access_token": "JRbuMZYibSjaSy5wpwBm",
    "code": "hWX6mjyDpyQ4WRlBcRKOlfie7BIf3l",
    "expires_in": 3599,
    "id_token": {
        "at_hash": "An6RCwiMZ5BlcCG-PPtE2Q",
        "aud": [
            "2EpCmJFl7eDx4QtfSdZN"
        ],
        "c_hash": "9frGOe33YIzgNct3HpGYwg",
        "exp": 1560787449,
        "iat": 1560784029,
        "iss": "https://isamfed.com:30443/test",
        "nonce": "lUoIghFAb7q68lkv",
        "sub": "testuser"
    },
    "scope": "openid",
    "state": "qKcffTE8yeBpAahx",
    "token_type": "bearer"
}
2phase<--<-- 4 --- AccessToken -->-->
2requestop_args: {'state': 'qKcffTE8yeBpAahx'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:61737/authz_cb'}
2do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:61737/authz_cb', 'code': 'hWX6mjyDpyQ4WRlBcRKOlfie7BIf3l', 'state': 'qKcffTE8yeBpAahx', 'grant_type': 'authorization_code', 'client_id': '2EpCmJFl7eDx4QtfSdZN'}, 'state': 'qKcffTE8yeBpAahx', 'authn_method': 'private_key_jwt'}
2AccessTokenRequest
{
    "client_assertion": "eyJhbGciOiJSUzI1NiIsImtpZCI6Ind0MjVPZ3lSX256RzNPb1E3ZGFhMnJMNi1nTW5GZGZSekJqaFVWUHU4UlEifQ.eyJpc3MiOiAiMkVwQ21KRmw3ZUR4NFF0ZlNkWk4iLCAic3ViIjogIjJFcENtSkZsN2VEeDRRdGZTZFpOIiwgImF1ZCI6IFsiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My9tZ2Evc3BzL29hdXRoL29hdXRoMjAvdG9rZW4iXSwgImp0aSI6ICJxOERSTEVYYkFRWGxveXRLeUVXR2U3VENTTFQ1OUNUbiIsICJleHAiOiAxNTYwNzg0NjMwLCAiaWF0IjogMTU2MDc4NDAzMH0.p-CnbZWF0Nw3JXSHkou5gOfN0q8LWaJO6Cbd8POqfdnnyr3DVN2WNgSP9vAidBVa70L6CZVdjmf3MiTUl3NLlQ0Ra_TQEYvUAYb5dZpS9h1mibTa0SRON83y0qCD4by04qnhodT5jxIdNf4FComrVa2Y11Xuc-2veDFe33B4G6b37yv9xm2oLoHUZCC-dcw1sYnoNOb4UrimCRZtE8I41zFWMIvMRUUBppEupBX8pAsFWE9xhYs_mzpv7f9xZHSAdW72owoEbFtY41ZsSXsNI5_IgsO66pohcibsoJqHQjHPyq9oGyHJTGEjUwelaClvqaaqddOWLD_lb1yY7OeKYA",
    "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
    "code": "hWX6mjyDpyQ4WRlBcRKOlfie7BIf3l",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:61737/authz_cb",
    "state": "qKcffTE8yeBpAahx"
}
2request_urlhttps://isamfed.com:30443/mga/sps/oauth/oauth20/token
2request_http_args{'headers': {'Content-Type': 'application/x-www-form-urlencoded'}}
2requestgrant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&code=hWX6mjyDpyQ4WRlBcRKOlfie7BIf3l&state=qKcffTE8yeBpAahx&client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6Ind0MjVPZ3lSX256RzNPb1E3ZGFhMnJMNi1nTW5GZGZSekJqaFVWUHU4UlEifQ.eyJpc3MiOiAiMkVwQ21KRmw3ZUR4NFF0ZlNkWk4iLCAic3ViIjogIjJFcENtSkZsN2VEeDRRdGZTZFpOIiwgImF1ZCI6IFsiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My9tZ2Evc3BzL29hdXRoL29hdXRoMjAvdG9rZW4iXSwgImp0aSI6ICJxOERSTEVYYkFRWGxveXRLeUVXR2U3VENTTFQ1OUNUbiIsICJleHAiOiAxNTYwNzg0NjMwLCAiaWF0IjogMTU2MDc4NDAzMH0.p-CnbZWF0Nw3JXSHkou5gOfN0q8LWaJO6Cbd8POqfdnnyr3DVN2WNgSP9vAidBVa70L6CZVdjmf3MiTUl3NLlQ0Ra_TQEYvUAYb5dZpS9h1mibTa0SRON83y0qCD4by04qnhodT5jxIdNf4FComrVa2Y11Xuc-2veDFe33B4G6b37yv9xm2oLoHUZCC-dcw1sYnoNOb4UrimCRZtE8I41zFWMIvMRUUBppEupBX8pAsFWE9xhYs_mzpv7f9xZHSAdW72owoEbFtY41ZsSXsNI5_IgsO66pohcibsoJqHQjHPyq9oGyHJTGEjUwelaClvqaaqddOWLD_lb1yY7OeKYA&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
3http response
url:https://isamfed.com:30443/mga/sps/oauth/oauth20/token status_code:200
3response{'access_token': 'HIbJ8agstseIrUvZGwXw', 'refresh_token': 'mgK2UGP2mjcLCbkIGC01mJMM79hl5snLewkDi0gy', 'scope': 'openid', 'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.gPS4aJvqLDhNRwB28sQ4GMw5Nx-b1lKS7FaJzlYnuMzFJ0cWyEllrF1FF7cIf97dowEQf-bKdSs8IuHXH3Lo7RJhfBI9EQnh5ZQoT_WRWVuQuGAidDupI754bbzJxwF8PpMvw04BP2cHKCHzM8Ve9Wuhg9mbo8Yv6L9iqghfEucL0ASWt-ZY65zz7lXAibSbY2GKzPyxTa_e7vfU4yiKMJwXMWc-CmJfWkB9Vh5FPhU22Mt5Tn7_22Eof5XEUwKyNf1lZFma_XyuubZYMTeGGiy3ot6NeXdnPFjq8ETbeAXCVmyX__Lri8_F7Hfi4eT4z63G-VQU7886ZzhIs3PXwA.E7HbctkPZZtD0a2GlsFXaQ.l-L70X1O2GkdTT1HTXK2qU-Pvfried30O27SPOH4KB1izUdG8DE5gKDWuBQGdht2xTx3iNQdWaMWrT2ox7cWNMHZDRBa1qyZxx5mb_57wreh2rOan-0S2_N1T34C6LstSf2Q9rxq-fA4aLnRFcZ2C0pZtf33vqqXLlwyq6Ure_rvepK9GijCQNg7VjfBQAyChwLkff4s017quLRVtik0q6xpnrq9n7tN1rtg0u0NBCZHA05U0YEur3wsy0-nUcLFqQEiGj0f24KF10Li4iJSMrigmW0dT5-JAEQXPo72b2DMYJidDN5sRWk_fEprZD134vhpp5mLZMkymaAxaihW7yuqh7WsuIMw8qCIVgV6ehwlbWRaSAooWiuAzS8GzDPk5axqsn8P9GqbO7SzErZErCrL6UZn36vK_pvlviGxuhlGcJnLzovdQ8NRZLFMeP1jvFi-eAfuTQqFHGSX-QFCl-MvFpgo-slwTqBswOGjDStTNQBRjoz8HULVxpfYXJ3jwSqfTc4L8y0e96X6G24JA9n_3QL4HsOy3N1b9rBBJ4zSkcssUa0PWePCx3r6eM66I9MuVue9h7aWsTkw503t-rL6OxE2gOxsUhs4E8NgeD-2PU_fhPOLx6I6ibEbYN-OSMM2ry6P_pLOrEvAC9lA0lqNEs1WexG_YtpIut934eV24p9chI8fwnq5obQaKDDIEiifOxiHWNVc3iRpAVXm-hpajjRW-kS2XkP07YWIRj0ov40FDmwULCo2U8R8eSnbi1R_Vdf6qW47VyDntqQokILk3eMiH88icx_O5NNcautvtgoE3b-ty535YLgUua-GvZI0XW-FSb53cFfs5le9wKVc4sUNOAaQ3NDmIiu5TemZDJ_UDlc7EJf5oKzKvl-xFxee2wkdDk7T1Hn2ZP_UUGxllmdaOEq5c4AGVzjzmkMwJc483PC0Ms92jo4ME7Tucie6iCR1Sqc2i4269T_srg.6KbxGEIERNMreaijxMPE3g', 'token_type': 'bearer', 'expires_in': 3599}
3AccessTokenResponse
{
    "access_token": "HIbJ8agstseIrUvZGwXw",
    "expires_in": 3599,
    "id_token": {
        "at_hash": "qJo5oT7yXcQeG0Z52uCyuQ",
        "aud": [
            "2EpCmJFl7eDx4QtfSdZN"
        ],
        "exp": 1560787450,
        "iat": 1560784030,
        "iss": "https://isamfed.com:30443/test",
        "nonce": "lUoIghFAb7q68lkv",
        "rt_hash": "a-TLYWFDRD15a-cWDp126g",
        "sub": "testuser"
    },
    "refresh_token": "mgK2UGP2mjcLCbkIGC01mJMM79hl5snLewkDi0gy",
    "scope": "openid",
    "token_type": "bearer"
}
3jws header{'kid': '_uhPdeGrTWxobFeH0XbzjJpRrzp3CB9nknx1yFV1G-0', 'alg': 'RS256'}
3jwe header{'alg': 'RSA-OAEP-256', 'enc': 'A128CBC-HS256', 'kid': 'gtH4v3Yr2QqLreBSz0ByQQ8vkf8eFo1KIit3s-3Bbww', 'cty': 'JWT'}
3phase<--<-- 5 --- Note -->-->
3phase<--<-- 6 --- Webfinger -->-->
3not expected to doWebFinger
3phase<--<-- 7 --- Discovery -->-->
3provider_config
kwargs:{'issuer': 'https://isamfed.com:30443/test'}
4http response
url:https://isamfed.com:30443/test/.well-known/openid-configuration status_code:200
4ProviderConfigurationResponse
{
    "authorization_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize",
    "claims_parameter_supported": false,
    "claims_supported": [
        "realmName",
        "preferred_username",
        "given_name",
        "uid",
        "upn",
        "groupIds",
        "employee_id",
        "name",
        "tenantId",
        "mobile_number",
        "department",
        "job_title",
        "family_name",
        "email"
    ],
    "device_authorize_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/device_authorize",
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:jwt-bearer",
        "implicit",
        "urn:ietf:params:oauth:grant-type:saml2-bearer",
        "urn:ietf:params:oauth:grant-type:device_code",
        "client_credentials",
        "password",
        "authorization_code",
        "refresh_token"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA-OAEP-256"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC-HS256"
    ],
    "id_token_signing_alg_values_supported": [
        "RS256"
    ],
    "introspect_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/introspect",
    "issuer": "https://isamfed.com:30443/test",
    "jwks_uri": "https://isamfed.com:30443/mga/sps/jwks",
    "name": "OIDCDefinition",
    "poc": "https://isamfed.com:30443/mga/",
    "registration_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition",
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "response_modes_supported": [
        "fragment",
        "form_post"
    ],
    "response_types_supported": [
        "token",
        "id_token",
        "token id_token",
        "code",
        "code id_token",
        "code token id_token",
        "code token",
        "none"
    ],
    "revocation_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/revoke",
    "subject_types_supported": [
        "public"
    ],
    "token_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/token",
    "token_endpoint_auth_methods_supported": [
        "private_key_jwt",
        "client_secret_post",
        "client_secret_basic"
    ],
    "user_authorize_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/user_authorize",
    "userinfo_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/userinfo",
    "userinfo_signing_alg_values_supported": [
        "RS256"
    ],
    "version": "3.0"
}
4phase<--<-- 8 --- Registration -->-->
4register
kwargs:{'response_types': ['code id_token token'], 'grant_types': ['authorization_code', 'implicit'], 'application_name': 'OIC test tool', 'application_type': 'web', 'redirect_uris': ['https://op.certification.openid.net:61737/authz_cb'], 'contacts': ['roland@example.com'], 'post_logout_redirect_uris': ['https://op.certification.openid.net:61737/logout'], 'url': 'https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition', 'jwks_uri': 'https://op.certification.openid.net:61737/static/jwks_61737.json', 'token_endpoint_auth_method': 'private_key_jwt'}
4RegistrationRequest
{
    "application_type": "web",
    "contacts": [
        "roland@example.com"
    ],
    "grant_types": [
        "authorization_code",
        "implicit"
    ],
    "jwks_uri": "https://op.certification.openid.net:61737/static/jwks_61737.json",
    "post_logout_redirect_uris": [
        "https://op.certification.openid.net:61737/logout"
    ],
    "redirect_uris": [
        "https://op.certification.openid.net:61737/authz_cb"
    ],
    "response_types": [
        "code id_token token"
    ],
    "token_endpoint_auth_method": "private_key_jwt"
}
4http response
url:https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition status_code:200
4RegistrationResponse
{
    "application_type": "web",
    "client_id": "fTbCo6p57WM8pIGCOepy",
    "client_id_issued_at": 1560784032,
    "client_secret": "sDyBkIOU9H3Hyfh7jazo",
    "client_secret_expires_at": 0,
    "contacts": [
        "roland@example.com"
    ],
    "grant_types": [
        "authorization_code",
        "implicit"
    ],
    "jwks_uri": "https://op.certification.openid.net:61737/static/jwks_61737.json",
    "post_logout_redirect_uris": [
        "https://op.certification.openid.net:61737/logout"
    ],
    "redirect_uris": [
        "https://op.certification.openid.net:61737/authz_cb"
    ],
    "registration_access_token": "tFrOTXtrCUDM7A098cAB",
    "registration_client_uri": "https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition?client_id=fTbCo6p57WM8pIGCOepy",
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "token_endpoint_auth_method": "private_key_jwt"
}
4phase<--<-- 9 --- AsyncAuthn -->-->
4AuthorizationRequest
{
    "client_id": "fTbCo6p57WM8pIGCOepy",
    "max_age": 1,
    "nonce": "s1CljEzKpZduO9gj",
    "redirect_uri": "https://op.certification.openid.net:61737/authz_cb",
    "response_type": "code id_token token",
    "scope": "openid",
    "state": "ONhT8xx9eO9cYHkR"
}
4redirect urlhttps://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=ONhT8xx9eO9cYHkR&nonce=s1CljEzKpZduO9gj&response_type=code+id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&max_age=1&client_id=fTbCo6p57WM8pIGCOepy
4redirecthttps://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=ONhT8xx9eO9cYHkR&nonce=s1CljEzKpZduO9gj&response_type=code+id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&max_age=1&client_id=fTbCo6p57WM8pIGCOepy
8http args{}
8responseURL with fragment
8responseaccess_token=hbD9kw5712c4FyTgL9is&state=ONhT8xx9eO9cYHkR&expires_in=3599&token_type=bearer&code=GpB2vUPlx62DZpxhujFO7yQXZlMe5y&scope=openid&id_token=eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.SytUO5lIEV-wfsIqdK7-Vc03hJZinQk2fBCliSV2_Y_LZiaFeTaHkxuzAnuawETA_b74cfgxYMA-UTDOlvzX-bEVcW8QMZkOIYX94Bmlvj3MvY3YtJYgDzh2KGjI0uMitFHZ94JOFYQLj0JElMXuGvQLgtXSue3G-wAf8W2c38gxCIibG7nTDazR8TBjFZZFc9SKTZBBHnwc5zjGIWuK3OhjJwupDbMAfhzkojXZ1elJKosWxOk2hFvT3DvKG6ho4EL1fviW8XFs4gnaFjnlOZEf9cx_UmROoe9BSEwsZd8DQpnVY0hviuDbeZyzXqd6Tmq2CYykSrzaxkNzU6eBpg.0raQ63ZX2PWft9Z-BX54rg.8WyI36aYD9ybSGGIGLQEhOKgD6wJ6uc_dio2l0I8N4JgaExy1DArJzX3O-cLzZPoeVRmu1dIp_Jzo8u0szyQ2g5uKmTwpENvH8-unsrrEJHvHQqXvtregjg7BUm1jPSfxU_T12HhStCg_Pnh5n2dgLGDn8M-IUs5noqFLlypCFPoV3M_-4UGNnmLeAWkWcIhmdwLdgp8c1Dj-pw2JybkzQgRUqyeB2XHe6ertR0LcYSsaYCWwF-f-8vJxwO5BIvmLLk4_f3coQIM0s8Z9FBbw1f-mh0l602lVpGud7fwOXr0fRcVC3kmt_p6GZFPQt-swg33V7N6sluDg4j3H2aPRjy1MH5YPd_PxXiqswi_M3czcT02eHPJRi6VztK9yq7PfidDaiSWX1l7Sphwi3gV8MbE9IB39nOUIZwHcZkUI_qVwM0xQxajOA4lq4uoD8Rr7KosQmQzjdFFwf5-7BiAg25UkQhkCCO0fK6JEq17vIvYcYy1gYTdiVPe8O1bGBg9R73h8syUOHC5SbLstSAk152JawclHiHPpRuyNhV8H9KjH1kFKtagxFxuBkIU0kgNGiODbCvH5jzimC0ljTxFadcFcS5NZ3WeKK7sF9nJiy_VKt1HwLaoAGx5H8OW3wwAuEoLyAcEM2gSQAVJCfn4smJPSx-3Zf84NFnzi-78tJaEyg9zYu1tkRN0heVquvPKb08OL3hi30WD4Ppg1s-PqJsjFu_V1GC_svefZetvD2L0Jv0VK68vFmfjkKJj3iyX5lP5uZqC6OcobsthY9TZb51sxZvSg5iL7caTHugube1it9fgW6IJOBDI6Ik_2LWgkp1OMd99l1x_nOIO9rRa0k5KEyDbFmS_k0IqblJYC1nzd5tiGepuxxc3AZEjYJU6NprMZvSBRnj-_h7yCSJLoIYGe4C7_DonSLJcAes69PS8gIkgEBkvsvxGVdvu_GxmdX0cVrxphROQvVzx-gGKhi9-fcaxD6OEUrONNKLRH4Ppntr_lAfg3iHXENtYGDBo.PLq3CZu5exUXbMxyAaLJdw
8response{'access_token': 'hbD9kw5712c4FyTgL9is', 'state': 'ONhT8xx9eO9cYHkR', 'expires_in': 3599, 'token_type': 'bearer', 'code': 'GpB2vUPlx62DZpxhujFO7yQXZlMe5y', 'scope': 'openid', 'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.SytUO5lIEV-wfsIqdK7-Vc03hJZinQk2fBCliSV2_Y_LZiaFeTaHkxuzAnuawETA_b74cfgxYMA-UTDOlvzX-bEVcW8QMZkOIYX94Bmlvj3MvY3YtJYgDzh2KGjI0uMitFHZ94JOFYQLj0JElMXuGvQLgtXSue3G-wAf8W2c38gxCIibG7nTDazR8TBjFZZFc9SKTZBBHnwc5zjGIWuK3OhjJwupDbMAfhzkojXZ1elJKosWxOk2hFvT3DvKG6ho4EL1fviW8XFs4gnaFjnlOZEf9cx_UmROoe9BSEwsZd8DQpnVY0hviuDbeZyzXqd6Tmq2CYykSrzaxkNzU6eBpg.0raQ63ZX2PWft9Z-BX54rg.8WyI36aYD9ybSGGIGLQEhOKgD6wJ6uc_dio2l0I8N4JgaExy1DArJzX3O-cLzZPoeVRmu1dIp_Jzo8u0szyQ2g5uKmTwpENvH8-unsrrEJHvHQqXvtregjg7BUm1jPSfxU_T12HhStCg_Pnh5n2dgLGDn8M-IUs5noqFLlypCFPoV3M_-4UGNnmLeAWkWcIhmdwLdgp8c1Dj-pw2JybkzQgRUqyeB2XHe6ertR0LcYSsaYCWwF-f-8vJxwO5BIvmLLk4_f3coQIM0s8Z9FBbw1f-mh0l602lVpGud7fwOXr0fRcVC3kmt_p6GZFPQt-swg33V7N6sluDg4j3H2aPRjy1MH5YPd_PxXiqswi_M3czcT02eHPJRi6VztK9yq7PfidDaiSWX1l7Sphwi3gV8MbE9IB39nOUIZwHcZkUI_qVwM0xQxajOA4lq4uoD8Rr7KosQmQzjdFFwf5-7BiAg25UkQhkCCO0fK6JEq17vIvYcYy1gYTdiVPe8O1bGBg9R73h8syUOHC5SbLstSAk152JawclHiHPpRuyNhV8H9KjH1kFKtagxFxuBkIU0kgNGiODbCvH5jzimC0ljTxFadcFcS5NZ3WeKK7sF9nJiy_VKt1HwLaoAGx5H8OW3wwAuEoLyAcEM2gSQAVJCfn4smJPSx-3Zf84NFnzi-78tJaEyg9zYu1tkRN0heVquvPKb08OL3hi30WD4Ppg1s-PqJsjFu_V1GC_svefZetvD2L0Jv0VK68vFmfjkKJj3iyX5lP5uZqC6OcobsthY9TZb51sxZvSg5iL7caTHugube1it9fgW6IJOBDI6Ik_2LWgkp1OMd99l1x_nOIO9rRa0k5KEyDbFmS_k0IqblJYC1nzd5tiGepuxxc3AZEjYJU6NprMZvSBRnj-_h7yCSJLoIYGe4C7_DonSLJcAes69PS8gIkgEBkvsvxGVdvu_GxmdX0cVrxphROQvVzx-gGKhi9-fcaxD6OEUrONNKLRH4Ppntr_lAfg3iHXENtYGDBo.PLq3CZu5exUXbMxyAaLJdw'}
8AuthorizationResponse
{
    "access_token": "hbD9kw5712c4FyTgL9is",
    "code": "GpB2vUPlx62DZpxhujFO7yQXZlMe5y",
    "expires_in": 3599,
    "id_token": {
        "at_hash": "5fYhecYFa4Dc0v7JmOErJw",
        "aud": [
            "fTbCo6p57WM8pIGCOepy"
        ],
        "auth_time": 1560784036,
        "c_hash": "6-uPidnAS0_QVHxI86Up5w",
        "exp": 1560787456,
        "iat": 1560784036,
        "iss": "https://isamfed.com:30443/test",
        "nonce": "s1CljEzKpZduO9gj",
        "sub": "testuser"
    },
    "scope": "openid",
    "state": "ONhT8xx9eO9cYHkR",
    "token_type": "bearer"
}
8phase<--<-- 10 --- AccessToken -->-->
8requestop_args: {'state': 'ONhT8xx9eO9cYHkR'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:61737/authz_cb'}
8do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:61737/authz_cb', 'code': 'GpB2vUPlx62DZpxhujFO7yQXZlMe5y', 'state': 'ONhT8xx9eO9cYHkR', 'grant_type': 'authorization_code', 'client_id': 'fTbCo6p57WM8pIGCOepy'}, 'state': 'ONhT8xx9eO9cYHkR', 'authn_method': 'private_key_jwt'}
8AccessTokenRequest
{
    "client_assertion": "eyJhbGciOiJSUzI1NiIsImtpZCI6Ind0MjVPZ3lSX256RzNPb1E3ZGFhMnJMNi1nTW5GZGZSekJqaFVWUHU4UlEifQ.eyJpc3MiOiAiZlRiQ282cDU3V004cElHQ09lcHkiLCAic3ViIjogImZUYkNvNnA1N1dNOHBJR0NPZXB5IiwgImF1ZCI6IFsiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My9tZ2Evc3BzL29hdXRoL29hdXRoMjAvdG9rZW4iXSwgImp0aSI6ICI0cDh2eVRrbGNHbnJDQnJOaE9STnh6MDZXQ1NYYmtmRyIsICJleHAiOiAxNTYwNzg0NjM2LCAiaWF0IjogMTU2MDc4NDAzNn0.cxpddrlD3WMLj40OVQUK4065mQyAUZMZt6hrsbDLgqvxpI8V5WEj2NeoO974Mz43ffDTC5sLGH2UXrLhKJZBp1-rinqRTx9dwPLwlzDMH_2qFmXSFmKB6ITuQMMqnehhDrp8BDh50wGl-LrOz2jfhomih8aKSppY_veXm1_dc_503eOOsMF7pAZ4eg6Y-fdm9Ve5GrfOPRYk6YiIvbo4f9sKITHQH_Q8iW7k-b-25KdOM0swfKN_uc3f8ugSm2ikaA0GMu3kha2PzHfyFmzu1lDCwHXP7EJFlowmqSprmwI2uiOC9KsHJwi6G-_Z8EdpHwTyg-g_TTG9Ks8o6Nn1cQ",
    "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
    "code": "GpB2vUPlx62DZpxhujFO7yQXZlMe5y",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:61737/authz_cb",
    "state": "ONhT8xx9eO9cYHkR"
}
8request_urlhttps://isamfed.com:30443/mga/sps/oauth/oauth20/token
8request_http_args{'headers': {'Content-Type': 'application/x-www-form-urlencoded'}}
8requestgrant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&code=GpB2vUPlx62DZpxhujFO7yQXZlMe5y&state=ONhT8xx9eO9cYHkR&client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6Ind0MjVPZ3lSX256RzNPb1E3ZGFhMnJMNi1nTW5GZGZSekJqaFVWUHU4UlEifQ.eyJpc3MiOiAiZlRiQ282cDU3V004cElHQ09lcHkiLCAic3ViIjogImZUYkNvNnA1N1dNOHBJR0NPZXB5IiwgImF1ZCI6IFsiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My9tZ2Evc3BzL29hdXRoL29hdXRoMjAvdG9rZW4iXSwgImp0aSI6ICI0cDh2eVRrbGNHbnJDQnJOaE9STnh6MDZXQ1NYYmtmRyIsICJleHAiOiAxNTYwNzg0NjM2LCAiaWF0IjogMTU2MDc4NDAzNn0.cxpddrlD3WMLj40OVQUK4065mQyAUZMZt6hrsbDLgqvxpI8V5WEj2NeoO974Mz43ffDTC5sLGH2UXrLhKJZBp1-rinqRTx9dwPLwlzDMH_2qFmXSFmKB6ITuQMMqnehhDrp8BDh50wGl-LrOz2jfhomih8aKSppY_veXm1_dc_503eOOsMF7pAZ4eg6Y-fdm9Ve5GrfOPRYk6YiIvbo4f9sKITHQH_Q8iW7k-b-25KdOM0swfKN_uc3f8ugSm2ikaA0GMu3kha2PzHfyFmzu1lDCwHXP7EJFlowmqSprmwI2uiOC9KsHJwi6G-_Z8EdpHwTyg-g_TTG9Ks8o6Nn1cQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
9http response
url:https://isamfed.com:30443/mga/sps/oauth/oauth20/token status_code:200
9response{'access_token': 'rXq6zCIgXE6lmM3GGy0p', 'refresh_token': 'uWfvhXxDFkiJdmO5kH42o3xQ52C0pf5Ba0dqsPjR', 'scope': 'openid', 'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.kDPQXBSDSpHbVCj_IpiUnQT2aCLPNezkYog2Te4EVhjgDyGaAtIzBLjPyFfl_7rscSNQzyAeS415-817QprW5lqUIRbVSHmTHNyHx7wIcmxT74AjjKB-OrKDnCFYpaSCTwy2_933DrezbsvKiJDc9GTiMQlbDJYy0fF15pH2RsZfMjZmHy8TStZlMvnzSC7raJeP0agBiW0S9zMQ0mq2a7msNUJ0ylZN2ZBpQYvAsWV5sUMPC8-is6Smp_moF6gIlwyaQgTkfVzJWJOZZD0Sepj8EeboQjXZfttStV9OVjU--9mF3dH4YBBVbvyBFn3wot0bdzM6FRI7ang9D6gGxg.zZiUQoOu797UU8ho3S-ADg.LagO3lYSuAZ3MqgOG4sm4CxljsQpPpa7jgCN-ieBbEpNpXrhfj8lENdpHyWtSAAwrx-NpYeDp4ke_IVyoaMDQ2NwrzFjHX3npk2CpS2pFA0p_7CTg8Ptau8zsogL8XPYJn9WCiTQ45nP0DGwToYWqZ4p8OpuzaTzypvCvA2gPjRB4iR3iNjC9SDZVqreC24O8lqmYa6bFgCAFuZZM6ilh1cMHrJhpj54DChoScqo4zZg7V7KmcMO0antsx0DYXnDX59YBpnNQRXDXhQqRZ7UBvPHxb-XssMh1zoDDEFAQ4-UuPik6KmiM4nG3GVIOjLnS6zmbD6-rBx9yntVg5LeHZOusEZwlDdDqM9RyDFAS9MXcoKg_CvbMHis_pS1Mbgx7MAWDeX5ibzfI4AFy2De97VMg8bpwHYQ6KzfAefEsLcUyzT9pCeDaD-CWWC8jTBQYbjqF9glbP6i0VlO5xr-Epf68IGb6veZOcPIgjxU-SnRkY3jpeQVtklQDcdXabPC6TFTACCbAwBxYtuPsbI2i1-5n_-ry6afVzue-9UkckdvIBWm_CDi3G24u_2bUe1nY8jL0tzlX3AiRwy7nF0B6YPoDAwiJXmutBmhaxfX4vK44QQVXFvTl07mSzau-m7Q0wMc5cYg5XEVqbNtSSeUnigXwsi5b-5xdmyjULUkswCRD79MbPs5zD9Z1IkHE0f5WXVMJJchPm3LrHxz2IFXI3TSQbTOvlgXm8FMu7LtItfIN6NzUdDXBYvMlyHTJlpPzJ2gRJ0Mn5kzbAoH5wOvFUlpv8ggFLseQGK7o5WrFhb_57Iw_VIN0SLDjW2w8_nQLnUEajE3Q6oSVo_vlZorXPHKutIANVOa12eXOj8r_WKCmvqH-4bJkM3ZYqvjr5eoCKaink-mJibGuLku0nW0P2debRN3RFC6YVpGTaMwYLAWZqqD4KXUHNFJBxpI4Oy1lmxAR4fGFFzlXwTJxhrnXl6pHL9QiLiiGD7hHz_-EK6-xU-eeLudwXbOTKAmlqIB.m3ASblqFzkxERWQobo6xmw', 'token_type': 'bearer', 'expires_in': 3599}
9AccessTokenResponse
{
    "access_token": "rXq6zCIgXE6lmM3GGy0p",
    "expires_in": 3599,
    "id_token": {
        "at_hash": "zbWkrCjdDUshC7bhgRgClw",
        "aud": [
            "fTbCo6p57WM8pIGCOepy"
        ],
        "auth_time": 1560784037,
        "exp": 1560787457,
        "iat": 1560784037,
        "iss": "https://isamfed.com:30443/test",
        "nonce": "s1CljEzKpZduO9gj",
        "rt_hash": "mPjtOer2P5jp3hS1bTM4YQ",
        "sub": "testuser"
    },
    "refresh_token": "uWfvhXxDFkiJdmO5kH42o3xQ52C0pf5Ba0dqsPjR",
    "scope": "openid",
    "token_type": "bearer"
}
9jws header{'kid': '_uhPdeGrTWxobFeH0XbzjJpRrzp3CB9nknx1yFV1G-0', 'alg': 'RS256'}
9jwe header{'alg': 'RSA-OAEP-256', 'enc': 'A128CBC-HS256', 'kid': 'gtH4v3Yr2QqLreBSz0ByQQ8vkf8eFo1KIit3s-3Bbww', 'cty': 'JWT'}
9phase<--<-- 11 --- Done -->-->
9end
9assertionClaimsCheck
9conditionclaims-check: status=OK [Checks if specific claims is present or not]
9assertionAuthTimeCheck
9conditionauth_time-check: status=OK [Check that the auth_time returned in the ID Token is in the expected range.]
9assertionMultipleSignOn
9conditionmultiple-sign-on: status=OK [Verifies that multiple authentications was used in the flow]
9assertionVerifyResponse
9conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
9conditionDone: status=OK

Result

PASSED