0 | phase | <--<-- 0 --- Webfinger -->--> |
0 | not expected to do | WebFinger |
0 | phase | <--<-- 1 --- Discovery -->--> |
0 | provider_config | kwargs:{'issuer': 'https://isamfed.com:30443/test'}
|
0 | http response | url:https://isamfed.com:30443/test/.well-known/openid-configuration status_code:200
|
0 | ProviderConfigurationResponse | {
"authorization_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize",
"claims_parameter_supported": false,
"claims_supported": [
"realmName",
"preferred_username",
"given_name",
"uid",
"upn",
"groupIds",
"employee_id",
"name",
"tenantId",
"mobile_number",
"department",
"job_title",
"family_name",
"email"
],
"device_authorize_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/device_authorize",
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:jwt-bearer",
"implicit",
"urn:ietf:params:oauth:grant-type:saml2-bearer",
"urn:ietf:params:oauth:grant-type:device_code",
"client_credentials",
"password",
"authorization_code",
"refresh_token"
],
"id_token_encryption_alg_values_supported": [
"RSA-OAEP-256"
],
"id_token_encryption_enc_values_supported": [
"A128CBC-HS256"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"introspect_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/introspect",
"issuer": "https://isamfed.com:30443/test",
"jwks_uri": "https://isamfed.com:30443/mga/sps/jwks",
"name": "OIDCDefinition",
"poc": "https://isamfed.com:30443/mga/",
"registration_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition",
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"response_modes_supported": [
"fragment",
"form_post"
],
"response_types_supported": [
"token",
"id_token",
"token id_token",
"code",
"code id_token",
"code token id_token",
"code token",
"none"
],
"revocation_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/revoke",
"subject_types_supported": [
"public"
],
"token_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/token",
"token_endpoint_auth_methods_supported": [
"private_key_jwt",
"client_secret_post",
"client_secret_basic"
],
"user_authorize_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/user_authorize",
"userinfo_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/userinfo",
"userinfo_signing_alg_values_supported": [
"RS256"
],
"version": "3.0"
}
|
0 | phase | <--<-- 2 --- Registration -->--> |
0 | register | kwargs:{'response_types': ['code id_token token'], 'grant_types': ['authorization_code', 'refresh_token'], 'application_name': 'OIC test tool', 'application_type': 'web', 'redirect_uris': ['https://op.certification.openid.net:61737/authz_cb'], 'contacts': ['roland@example.com'], 'post_logout_redirect_uris': ['https://op.certification.openid.net:61737/logout'], 'url': 'https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition', 'jwks_uri': 'https://op.certification.openid.net:61737/static/jwks_61737.json', 'token_endpoint_auth_method': 'private_key_jwt'}
|
0 | RegistrationRequest | {
"application_type": "web",
"contacts": [
"roland@example.com"
],
"grant_types": [
"authorization_code",
"implicit",
"refresh_token"
],
"jwks_uri": "https://op.certification.openid.net:61737/static/jwks_61737.json",
"post_logout_redirect_uris": [
"https://op.certification.openid.net:61737/logout"
],
"redirect_uris": [
"https://op.certification.openid.net:61737/authz_cb"
],
"response_types": [
"code id_token token"
],
"token_endpoint_auth_method": "private_key_jwt"
}
|
1 | http response | url:https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition status_code:200
|
1 | RegistrationResponse | {
"application_type": "web",
"client_id": "S8L8OJGkXwvJDuzcnCuc",
"client_id_issued_at": 1560787038,
"client_secret": "urEeO3HU79Ar5RqPokZo",
"client_secret_expires_at": 0,
"contacts": [
"roland@example.com"
],
"grant_types": [
"authorization_code",
"implicit",
"refresh_token"
],
"jwks_uri": "https://op.certification.openid.net:61737/static/jwks_61737.json",
"post_logout_redirect_uris": [
"https://op.certification.openid.net:61737/logout"
],
"redirect_uris": [
"https://op.certification.openid.net:61737/authz_cb"
],
"registration_access_token": "Utkd19sAgN1YWkWhL9Zn",
"registration_client_uri": "https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition?client_id=S8L8OJGkXwvJDuzcnCuc",
"response_types": [
"code",
"id_token",
"token"
],
"token_endpoint_auth_method": "private_key_jwt"
}
|
1 | phase | <--<-- 3 --- AsyncAuthn -->--> |
1 | AuthorizationRequest | {
"client_id": "S8L8OJGkXwvJDuzcnCuc",
"nonce": "wmMSivXlySF1IuXr",
"prompt": [
"consent"
],
"redirect_uri": "https://op.certification.openid.net:61737/authz_cb",
"response_type": "code id_token token",
"scope": "openid offline_access",
"state": "ERvr5vGIayVSLXGh"
}
|
1 | redirect url | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=ERvr5vGIayVSLXGh&nonce=wmMSivXlySF1IuXr&response_type=code+id_token+token&scope=openid+offline_access&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&prompt=consent&client_id=S8L8OJGkXwvJDuzcnCuc |
1 | redirect | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=ERvr5vGIayVSLXGh&nonce=wmMSivXlySF1IuXr&response_type=code+id_token+token&scope=openid+offline_access&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&prompt=consent&client_id=S8L8OJGkXwvJDuzcnCuc |
6 | http args | {} |
6 | response | URL with fragment |
6 | response | access_token=IrKLiVJ9vV3uUNIBXHaX&state=ERvr5vGIayVSLXGh&expires_in=3599&token_type=bearer&code=ScT4KTbupgZWqytuervrCeQQGCu72K&scope=openid%20offline_access&id_token=eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.VI2jnD_E2X79VYXopmN4QT24bMrJ8aS4oB8-emvJd08EIfavTePuHBBgObtYmRNN9RNE4YUiVuthus0_F5aZN4isIr5N7GuiPpIYV5ou8xN9zT2PZi_AX3-0CdWaXFTEJeEMulGvtZShcd3fduvTUp7vnxXnm0n2bkn2TK8VgMbWcI071qkgp3v9CZy8hJgjZ0z7QPIqojQpTvu2hV8fORh9BywqxZcvO-Gd6-s8vrGeVaBW8NjJA2k-eqsYJxiW4p6rcAOAMRBvZc0kchzroyFMhcnqZjX6cOwZKiD0pFSaaoNxTuDGq8kF3Dtq7nphK7Wx0abqgt_XHyp-D54Gfw.WK9slwDzyl6y034TddkvCA.HOLUZI0jL9jdvukvsIza6HGA1M4oRvVQ2mCDkEyqg_4b8Af39IlokrLFeKbq4oShDcB8EVH6liLkR1f0I3Guqr2KxRDDiBMwB2LogqkhG91CQDVarIWInxg9UW9EETFxmUMRI_WEJ0r4eyd2skl-AMVUmcoiULhhDn0eC4ZH-W4odpeS3ILHloGpK8bLyQAe2V_FR4eJR95m8nM8TWCEFZ6taQoJIIiO5fUwD1Om5sYi-5tMIdcvTV-Rkxb7enaStEpAN47MJNTPbFsXj8NNafOb98W0hxL0bfPZCWMpA70SSL5GniHf24NcBIoaoqK32SQKq9xHgOmFyKi911Raey_mXZ8kC-1hFwfeMxVidgx4W5LW1lxpCSuFL4wVZDw9kD6_qYp6EeAWRF_g646aeQKYqUAJqc2Ew7XSORUDNSb3xXlGkSafx2m7n88N0NyKqDjz-hhIUTWvgwVdItaK1wvFmDUH-asnGIRqNXX3OAPUWgg4c32mqqtgcjZGB04-v8tAL4Rw75IcklK29_jY2DZ0oW9ZHrxJlWJYIgqtkxDAEJ7f7SkGoKd-5OcXrXRQeqep-xJt1TqabnaCbpRdQnTuVH4kLuGuDfiRjdzv1p95uSLUkuEzwsAFlCKI67DJ8yHyhpe7lqrxBJ8GivwgNDJQAEmIX3jU6ADPrckp5818osmYIhlsRylga0SztkJF7dIe5i49zH4hTq6lcxkxG3Jm7M-3D0E0Xn9wJDGCMyjNa0ONED2HPCNQyo0zvrrK-HZddGoStxaicNwdJpSCfZgKmLzLPj9od-9BDy2Q9Ld4iQbGaJOVjO8sykrdLjoVxSYGeVomr39eMo2ftcP8AH89Dq-6neVJSGHKRg_J5QYvZgkYgJTZwkeNWwV86go5X6Twe4xvBZ4D6n2tnoEBml2E-3U1aAb0oObTzQTSJNuihixyaZoUM6WivE0rMDro9GJvCe8HM1G1IVVbIspkww.6juiMm9rFu5usRNBLz8hpQ |
6 | response | {'access_token': 'IrKLiVJ9vV3uUNIBXHaX', 'state': 'ERvr5vGIayVSLXGh', 'expires_in': 3599, 'token_type': 'bearer', 'code': 'ScT4KTbupgZWqytuervrCeQQGCu72K', 'scope': 'openid offline_access', 'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.VI2jnD_E2X79VYXopmN4QT24bMrJ8aS4oB8-emvJd08EIfavTePuHBBgObtYmRNN9RNE4YUiVuthus0_F5aZN4isIr5N7GuiPpIYV5ou8xN9zT2PZi_AX3-0CdWaXFTEJeEMulGvtZShcd3fduvTUp7vnxXnm0n2bkn2TK8VgMbWcI071qkgp3v9CZy8hJgjZ0z7QPIqojQpTvu2hV8fORh9BywqxZcvO-Gd6-s8vrGeVaBW8NjJA2k-eqsYJxiW4p6rcAOAMRBvZc0kchzroyFMhcnqZjX6cOwZKiD0pFSaaoNxTuDGq8kF3Dtq7nphK7Wx0abqgt_XHyp-D54Gfw.WK9slwDzyl6y034TddkvCA.HOLUZI0jL9jdvukvsIza6HGA1M4oRvVQ2mCDkEyqg_4b8Af39IlokrLFeKbq4oShDcB8EVH6liLkR1f0I3Guqr2KxRDDiBMwB2LogqkhG91CQDVarIWInxg9UW9EETFxmUMRI_WEJ0r4eyd2skl-AMVUmcoiULhhDn0eC4ZH-W4odpeS3ILHloGpK8bLyQAe2V_FR4eJR95m8nM8TWCEFZ6taQoJIIiO5fUwD1Om5sYi-5tMIdcvTV-Rkxb7enaStEpAN47MJNTPbFsXj8NNafOb98W0hxL0bfPZCWMpA70SSL5GniHf24NcBIoaoqK32SQKq9xHgOmFyKi911Raey_mXZ8kC-1hFwfeMxVidgx4W5LW1lxpCSuFL4wVZDw9kD6_qYp6EeAWRF_g646aeQKYqUAJqc2Ew7XSORUDNSb3xXlGkSafx2m7n88N0NyKqDjz-hhIUTWvgwVdItaK1wvFmDUH-asnGIRqNXX3OAPUWgg4c32mqqtgcjZGB04-v8tAL4Rw75IcklK29_jY2DZ0oW9ZHrxJlWJYIgqtkxDAEJ7f7SkGoKd-5OcXrXRQeqep-xJt1TqabnaCbpRdQnTuVH4kLuGuDfiRjdzv1p95uSLUkuEzwsAFlCKI67DJ8yHyhpe7lqrxBJ8GivwgNDJQAEmIX3jU6ADPrckp5818osmYIhlsRylga0SztkJF7dIe5i49zH4hTq6lcxkxG3Jm7M-3D0E0Xn9wJDGCMyjNa0ONED2HPCNQyo0zvrrK-HZddGoStxaicNwdJpSCfZgKmLzLPj9od-9BDy2Q9Ld4iQbGaJOVjO8sykrdLjoVxSYGeVomr39eMo2ftcP8AH89Dq-6neVJSGHKRg_J5QYvZgkYgJTZwkeNWwV86go5X6Twe4xvBZ4D6n2tnoEBml2E-3U1aAb0oObTzQTSJNuihixyaZoUM6WivE0rMDro9GJvCe8HM1G1IVVbIspkww.6juiMm9rFu5usRNBLz8hpQ'} |
6 | AuthorizationResponse | {
"access_token": "IrKLiVJ9vV3uUNIBXHaX",
"code": "ScT4KTbupgZWqytuervrCeQQGCu72K",
"expires_in": 3599,
"id_token": {
"at_hash": "zwOcBB7kOkAkWFyReAz7fg",
"aud": [
"S8L8OJGkXwvJDuzcnCuc"
],
"c_hash": "pfu1SCVb9AXlDepYW8YZhg",
"exp": 1560790463,
"iat": 1560787043,
"iss": "https://isamfed.com:30443/test",
"nonce": "wmMSivXlySF1IuXr",
"sub": "testuser"
},
"scope": "openid offline_access",
"state": "ERvr5vGIayVSLXGh",
"token_type": "bearer"
}
|
6 | phase | <--<-- 4 --- AccessToken -->--> |
6 | request | op_args: {'state': 'ERvr5vGIayVSLXGh', 'authn_method': 'private_key_jwt'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:61737/authz_cb'} |
6 | do_access_token_request | kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:61737/authz_cb', 'code': 'ScT4KTbupgZWqytuervrCeQQGCu72K', 'state': 'ERvr5vGIayVSLXGh', 'grant_type': 'authorization_code', 'client_id': 'S8L8OJGkXwvJDuzcnCuc'}, 'state': 'ERvr5vGIayVSLXGh', 'authn_method': 'private_key_jwt'}
|
6 | AccessTokenRequest | {
"client_assertion": "eyJhbGciOiJSUzI1NiIsImtpZCI6Ind0MjVPZ3lSX256RzNPb1E3ZGFhMnJMNi1nTW5GZGZSekJqaFVWUHU4UlEifQ.eyJpc3MiOiAiUzhMOE9KR2tYd3ZKRHV6Y25DdWMiLCAic3ViIjogIlM4TDhPSkdrWHd2SkR1emNuQ3VjIiwgImF1ZCI6IFsiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My9tZ2Evc3BzL29hdXRoL29hdXRoMjAvdG9rZW4iXSwgImp0aSI6ICJidG1RdmpYd0NkRkpZS2R6Mlc5ZmJ0N3R5VXl2VjY4WiIsICJleHAiOiAxNTYwNzg3NjQ0LCAiaWF0IjogMTU2MDc4NzA0NH0.cwcVIZktC2djNFD0KZO0-aazN8v7soap6swJ-jfPOq4N9ReLfKfxP-68KjlWmlyX-9W0IwNGHmtzsAnZSZjUqLQkEMTrRagGvy_IaFOceeRTPGp2eedEhV199OYXGwogp9RE6-fXq3Q_nArsqkxuFv4iOE2SI3GtC4_l65TLAqVsPeg9VRdj4G52TSsQT9GijcTd1XQ6HGtoL8rDlbs_IKewjGPx4ifbncZ5jMHk8RhuxhoDb-NW9CSEUzsN10GqA4F6ljUVX25_VWaq71lWQHiOeCyva-CgQbaivK9UzVMlNXRaRqSr4fE0-L8YywU6aCyN7I2C1naxOXCN-xVz3w",
"client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
"code": "ScT4KTbupgZWqytuervrCeQQGCu72K",
"grant_type": "authorization_code",
"redirect_uri": "https://op.certification.openid.net:61737/authz_cb",
"state": "ERvr5vGIayVSLXGh"
}
|
6 | request_url | https://isamfed.com:30443/mga/sps/oauth/oauth20/token |
6 | request_http_args | {'headers': {'Content-Type': 'application/x-www-form-urlencoded'}} |
6 | request | grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61737%2Fauthz_cb&code=ScT4KTbupgZWqytuervrCeQQGCu72K&state=ERvr5vGIayVSLXGh&client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6Ind0MjVPZ3lSX256RzNPb1E3ZGFhMnJMNi1nTW5GZGZSekJqaFVWUHU4UlEifQ.eyJpc3MiOiAiUzhMOE9KR2tYd3ZKRHV6Y25DdWMiLCAic3ViIjogIlM4TDhPSkdrWHd2SkR1emNuQ3VjIiwgImF1ZCI6IFsiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My9tZ2Evc3BzL29hdXRoL29hdXRoMjAvdG9rZW4iXSwgImp0aSI6ICJidG1RdmpYd0NkRkpZS2R6Mlc5ZmJ0N3R5VXl2VjY4WiIsICJleHAiOiAxNTYwNzg3NjQ0LCAiaWF0IjogMTU2MDc4NzA0NH0.cwcVIZktC2djNFD0KZO0-aazN8v7soap6swJ-jfPOq4N9ReLfKfxP-68KjlWmlyX-9W0IwNGHmtzsAnZSZjUqLQkEMTrRagGvy_IaFOceeRTPGp2eedEhV199OYXGwogp9RE6-fXq3Q_nArsqkxuFv4iOE2SI3GtC4_l65TLAqVsPeg9VRdj4G52TSsQT9GijcTd1XQ6HGtoL8rDlbs_IKewjGPx4ifbncZ5jMHk8RhuxhoDb-NW9CSEUzsN10GqA4F6ljUVX25_VWaq71lWQHiOeCyva-CgQbaivK9UzVMlNXRaRqSr4fE0-L8YywU6aCyN7I2C1naxOXCN-xVz3w&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer |
7 | http response | url:https://isamfed.com:30443/mga/sps/oauth/oauth20/token status_code:200
|
7 | response | {'access_token': 'aF2T0baXg27aiHK0sQBh', 'refresh_token': 'Ch0WeAA6DcNWs6khcOCVkoWhLsuUnt3RdbNXUq2t', 'scope': 'openid offline_access', 'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.cqQEkkb6WMTBhf3M4IeY02BxcB-tOFjONYXPX99QLe9Wn-ZBFqsWFqf4W_76ShIuZJyRCDeDDDjqY3GB89YCakkrQ_EVck7cVYS-98AQghEyWwIt9buKKyKiV0FRmhXumn9PAQnl5Wmxar69GCd83n3Oh-z5pCrS6UjXkz1fCKX7OREhdXIkfdZPQlRBawyLpx2sHqHRQh45HAqfkFatjppy_XWidNfBMwF61FZsCD22x9DSvWAyDeruIPnGbyZHJC5ns_d09a-DTr2AYzyldZjWERcx7qCplWFGifAtfaIxSfE_g18-On4sAyLR07wqwjikmL_3Zk_uf8WwguimWA.3N3jG8Rwj5OlNmDEhCJL4g.NDC0LncqfKN0gMw-pRSY-0ng2pxop8jDigdWVQQdutHcQ4Yvxy1MEmEwdZHNK7LeW4I-7cX9hcdzJQuM6ZyXgRkd-MgE8a3tEH6i9nePPOXp693vkWUgzmGv12fZbyqAZ_kw94oX4pguqtFT-lzyq77PM0ix0rec_it7euMTl6u4t6a6zUWz75-1oN6pHb_5Y6YCoEzveXvs2VjrvFQi7WJaAVTF2NQqVK0Wn3CAu-mUdVxtWL_z5K2KkmIbYjjCRJhlycIuwrzx_JYtHrgcdOykRAHUYBUoIPTMvPaM8biUbkno_r00l2lFxJ0MuXiQ-5SjZ3cT-5P4goq1MLexfbZgQRve10cum4r1b4hVl9ySCeA4nxeCxyWVKyjkonDEvDR7t4NdTe9pNzRsIjyvVGHF2FG7rkhJq9e3Cfs0-srCJ6avVgWKCJpcQtoyd7JJUhg87PiXVrxOqYMbmt-cf5pmcSEi4zeivtKUzVJpKEQoYkh94D1K_GSNluRRV3iKBZ7vg14YFk9UC31cVN68dk28_ZGiA4v7ugaghAb08DH-0tX-M8MRbf7qrqbSA0fmL1q9VaJ0DGr-u2hMYtqEj69BB11qfUxyWm5gpj7ghd5KfZZe9ProuWAn97v0h_TkNhkZBsX1KHvkH071e7PdfAvkJ8A7lWG_nhr7tlL0KA81FvHlPRlvOp_3E7opY_8e3EDn4yLHCYBTxaFiVy6Rm6pcYqytQjjA2JHq4wyda5X2Emh-7mMtsC5KuQ_U-QBq1O2vNHpn4zjACHtCk9n5-Fvn0Kx32iZ5cwvhRbgHjUa6QBDfEupU8pZoW3xZRslxq4hh4z9CfJTh7NCTfv215yAvjwrpwsuXbltuFW2yQsKQDvzV5ys9wBpOhxjPNbyFBuXs3bdJ89CzI1y1ZdeV5Hmoo2ANOhXMzdKtklCsWyGzfaGgi6EzLriZ5muBTsmSL6r-ra-EuJC4SSIse5lbPQ.fA1bKlRBg7jN2WVhK-HaRQ', 'token_type': 'bearer', 'expires_in': 3599} |
7 | AccessTokenResponse | {
"access_token": "aF2T0baXg27aiHK0sQBh",
"expires_in": 3599,
"id_token": {
"at_hash": "haG1lHrvQcCNKh_Iv2XGRA",
"aud": [
"S8L8OJGkXwvJDuzcnCuc"
],
"exp": 1560790465,
"iat": 1560787045,
"iss": "https://isamfed.com:30443/test",
"nonce": "wmMSivXlySF1IuXr",
"rt_hash": "pz3Tw5cKuzX_sHSTp_D-WQ",
"sub": "testuser"
},
"refresh_token": "Ch0WeAA6DcNWs6khcOCVkoWhLsuUnt3RdbNXUq2t",
"scope": "openid offline_access",
"token_type": "bearer"
}
|
7 | jws header | {'kid': '_uhPdeGrTWxobFeH0XbzjJpRrzp3CB9nknx1yFV1G-0', 'alg': 'RS256'} |
7 | jwe header | {'alg': 'RSA-OAEP-256', 'enc': 'A128CBC-HS256', 'kid': 'gtH4v3Yr2QqLreBSz0ByQQ8vkf8eFo1KIit3s-3Bbww', 'cty': 'JWT'} |
7 | phase | <--<-- 5 --- RotateSigKeys -->--> |
7 | phase | <--<-- 6 --- RefreshAccessToken -->--> |
7 | RefreshAccessTokenRequest | {
"client_assertion": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkJlYTFmMHRNOWFhRmpkTU5YSmk4RXJhbDhFR0dWdjducF9NVjdUdlJ0UFEifQ.eyJpc3MiOiAiUzhMOE9KR2tYd3ZKRHV6Y25DdWMiLCAic3ViIjogIlM4TDhPSkdrWHd2SkR1emNuQ3VjIiwgImF1ZCI6IFsiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My9tZ2Evc3BzL29hdXRoL29hdXRoMjAvdG9rZW4iXSwgImp0aSI6ICJ1V0ZjZUpPaDZrTWx0WnRTOWNMcGpGZ2xuWWY3elBONCIsICJleHAiOiAxNTYwNzg3NjQ1LCAiaWF0IjogMTU2MDc4NzA0NX0.sXhvFlPAjmd2t_vJ-CVK_oMOFAeGVJ2Y33jMzd49UYeDJttmTS-klDAjancYiQaEFY6j7IjdsZLqGDuDTjiwr1fI5iSR0YWobPGKP-T0J7LXTnEkOwC0aJTnfGuh4hfXT7uZpKgAhtnCNXO-hujfd8umYE8u3XuzZ3SvfkIVImeJuqB4u08HiIuRce1kukZ5qoPjzIWluz8XWl3rY--lZDiCbV1Xcl7AehRNJde-lpkLDKA9z-fhNxEHm9gpUph8Upgb1b2PN6SUceGV7zqqI7WcwhP0A42fC0UxCuJBww_85rvio2ZRrBuR02WzvmvUYnh2edfZLsHpnJHg2JVcfg",
"client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
"grant_type": "refresh_token",
"refresh_token": "Ch0WeAA6DcNWs6khcOCVkoWhLsuUnt3RdbNXUq2t",
"scope": "openid offline_access"
}
|
7 | request | {'grant_type': 'refresh_token', 'refresh_token': 'Ch0WeAA6DcNWs6khcOCVkoWhLsuUnt3RdbNXUq2t', 'scope': 'openid offline_access', 'client_assertion': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IkJlYTFmMHRNOWFhRmpkTU5YSmk4RXJhbDhFR0dWdjducF9NVjdUdlJ0UFEifQ.eyJpc3MiOiAiUzhMOE9KR2tYd3ZKRHV6Y25DdWMiLCAic3ViIjogIlM4TDhPSkdrWHd2SkR1emNuQ3VjIiwgImF1ZCI6IFsiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My9tZ2Evc3BzL29hdXRoL29hdXRoMjAvdG9rZW4iXSwgImp0aSI6ICJ1V0ZjZUpPaDZrTWx0WnRTOWNMcGpGZ2xuWWY3elBONCIsICJleHAiOiAxNTYwNzg3NjQ1LCAiaWF0IjogMTU2MDc4NzA0NX0.sXhvFlPAjmd2t_vJ-CVK_oMOFAeGVJ2Y33jMzd49UYeDJttmTS-klDAjancYiQaEFY6j7IjdsZLqGDuDTjiwr1fI5iSR0YWobPGKP-T0J7LXTnEkOwC0aJTnfGuh4hfXT7uZpKgAhtnCNXO-hujfd8umYE8u3XuzZ3SvfkIVImeJuqB4u08HiIuRce1kukZ5qoPjzIWluz8XWl3rY--lZDiCbV1Xcl7AehRNJde-lpkLDKA9z-fhNxEHm9gpUph8Upgb1b2PN6SUceGV7zqqI7WcwhP0A42fC0UxCuJBww_85rvio2ZRrBuR02WzvmvUYnh2edfZLsHpnJHg2JVcfg', 'client_assertion_type': 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'} |
8 | http response | url:https://isamfed.com:30443/mga/sps/oauth/oauth20/token status_code:200
|
8 | http response | url:https://isamfed.com:30443/mga/sps/oauth/oauth20/token status_code:200
|
8 | handle_response | kwargs:{'r': , 'csi': }
|
8 | response | {'access_token': 'eJbfsQQryHrBJ0Mpn4w1', 'refresh_token': 'IUjGFiGvZYy1sxEtxn9QDJSMYGiNtLsqFc9OodUP', 'scope': 'openid offline_access', 'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.fsO0klb5HYrHijxi46FLzuGPJIyT04J9AjE-swcKeWXz1osajBtTFPg3fgvdZwDYjeOr-8eE7GBHaDUde8HOiuIhDn6rduM_jdupmid-o09akH7_sXP58jFGF0djXzaSwuKfy_N1K7QkDFmLwyMHLH305McwuTeIbk1_kcYSvaO6k09W_VzlPWHxgFUdhQsPqIg9tVbS9qwSTNpfWlvRtbmlqJE-WHHDhgGSyHE_bKObYtev8qJYsVt5iTVz9NPbH5IgwhVDB7NACfkXjE7RhmYv33Lx8hfy0cO1STM7E_DXNETVjoGy1VPsONoY2qEsPUm4W3aei5nKCKeh8MQJZA.710127eRUwFLUFQdXXKYbQ.SCG1y-cmP5hbljXp1S-vSQBfbgAZFrxIxtxWfccw9FBp_t4WutmCbLs5x-2BvQ0uH_UkZEmy_qFqOJltR59aYHzb1lgnRElQZckd0yJn4PL0OUd9BL7Gn0CZymrbbmWAPh8-Ns8VnMKhtK-iar5iL6GcUbXb88es7UWFZJKSACvFMvmouwvTpj7nsdz8OxxDovbNry4yGvFyBVh8GoMrOhyl5J9L0MjeGGIqNPgaa_1qXyE_Oi_dm0bDSsueUcXSYIlLSIzYkMuq2JIroQTFCRgQ9k9WfyuJ8MNULnoawomVqyi44H3K2Efzo7Wk8JTq5pWeF2NVKw1RcPoHKR3rYjOV42Xu-aAbfuFtgTC8azXpAqoQEr37TsUWRhMkq07ZHpbzj3YxVreGrjnz3smd1OoYSNwqjnAtcn9ybxQB0opXUzYiADzqof_iCbSG6NmA0FBcrQ65uIBQUA9X8TGiDoT7e7VZYmQBIeiQHrMlbMU6qM2TMg2zbOwIoPi0gqAwUreFzW84EG-nZ1RERXBjXZUn-y_dmO2AAKSi-9tXR4b4bkYqy00WugYZndbpsLweAe2rsy2m3uRfWTD-xKSj1t4jOr-YhnNSmc2aOpzK8FH1eCU38fIvnLPWSj1b6-X0LJ6r3i3_OvkrIcK1wHVDz0nCelQSJOxFRbYauchltbVgrqKvWK3RKcrFPpUUbJm7T6spLpLEmAyHDr8uIBGLBOG0RZic1YsUzGfvvVPSoy1kJhcCgrab5LOMbB5WZ0WSdwT-Ynr74f6S_dF8MttI6CICzTsZg963vvzwftTnS3UFNY0_0arfE4A74a-9t1UtWTzchaEKLbo0s7eZOQeVTmJm4747qym-XFcnoEL76T348CiOnXmKem6iiop5du91yGRAbxpPG4m-Y45yJSmWbO-TQtSUyN_7gy1uWiQqszEyK6Wnu9WsnX3VOiIpce70AytmkQqjpStCOdWDMWNYVQ.alhh4wzWGR4GCmWCisKRdQ', 'token_type': 'bearer', 'expires_in': 3599} |
8 | jws header | {'kid': '_uhPdeGrTWxobFeH0XbzjJpRrzp3CB9nknx1yFV1G-0', 'alg': 'RS256'} |
8 | jwe header | {'alg': 'RSA-OAEP-256', 'enc': 'A128CBC-HS256', 'kid': 'gtH4v3Yr2QqLreBSz0ByQQ8vkf8eFo1KIit3s-3Bbww', 'cty': 'JWT'} |
8 | AccessTokenResponse | {
"access_token": "eJbfsQQryHrBJ0Mpn4w1",
"expires_in": 3599,
"id_token": {
"at_hash": "L6yF5VHusVHKk9SCsbnmbA",
"aud": [
"S8L8OJGkXwvJDuzcnCuc"
],
"exp": 1560790466,
"iat": 1560787046,
"iss": "https://isamfed.com:30443/test",
"nonce": "wmMSivXlySF1IuXr",
"rt_hash": "zlh_DAo9gV6F4l4V5Wp0fQ",
"sub": "testuser"
},
"refresh_token": "IUjGFiGvZYy1sxEtxn9QDJSMYGiNtLsqFc9OodUP",
"scope": "openid offline_access",
"token_type": "bearer"
}
|
8 | phase | <--<-- 7 --- Done -->--> |
8 | end | |
8 | assertion | CheckHTTPResponse |
8 | condition | check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks] |
8 | condition | Done: status=OK |