0 | phase | <--<-- 0 --- Webfinger -->--> |
0 | not expected to do | WebFinger |
0 | phase | <--<-- 1 --- Discovery -->--> |
0 | provider_config | kwargs:{'issuer': 'https://isamfed.com:30443/test'}
|
0 | http response | url:https://isamfed.com:30443/test/.well-known/openid-configuration status_code:200
|
0 | ProviderConfigurationResponse | {
"authorization_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize",
"claims_parameter_supported": false,
"claims_supported": [
"realmName",
"preferred_username",
"given_name",
"uid",
"upn",
"groupIds",
"employee_id",
"name",
"tenantId",
"mobile_number",
"department",
"job_title",
"family_name",
"email"
],
"device_authorize_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/device_authorize",
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:jwt-bearer",
"implicit",
"urn:ietf:params:oauth:grant-type:saml2-bearer",
"urn:ietf:params:oauth:grant-type:device_code",
"client_credentials",
"password",
"authorization_code",
"refresh_token"
],
"id_token_encryption_alg_values_supported": [
"RSA-OAEP-256"
],
"id_token_encryption_enc_values_supported": [
"A128CBC-HS256"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"introspect_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/introspect",
"issuer": "https://isamfed.com:30443/test",
"jwks_uri": "https://isamfed.com:30443/mga/sps/jwks",
"name": "OIDCDefinition",
"poc": "https://isamfed.com:30443/mga/",
"registration_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition",
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"response_modes_supported": [
"fragment",
"form_post"
],
"response_types_supported": [
"token",
"id_token",
"token id_token",
"code",
"code id_token",
"code token id_token",
"code token",
"none"
],
"revocation_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/revoke",
"subject_types_supported": [
"public"
],
"token_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/token",
"token_endpoint_auth_methods_supported": [
"private_key_jwt",
"client_secret_post",
"client_secret_basic"
],
"user_authorize_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/user_authorize",
"userinfo_endpoint": "https://isamfed.com:30443/mga/sps/oauth/oauth20/userinfo",
"userinfo_signing_alg_values_supported": [
"RS256"
],
"version": "3.0"
}
|
0 | phase | <--<-- 2 --- Registration -->--> |
0 | register | kwargs:{'response_types': ['id_token'], 'grant_types': ['implicit'], 'application_name': 'OIC test tool', 'application_type': 'web', 'redirect_uris': ['https://op.certification.openid.net:61584/authz_cb'], 'contacts': ['roland@example.com'], 'post_logout_redirect_uris': ['https://op.certification.openid.net:61584/logout'], 'url': 'https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition', 'jwks_uri': 'https://op.certification.openid.net:61584/static/jwks_61584.json', 'token_endpoint_auth_method': 'private_key_jwt'}
|
0 | RegistrationRequest | {
"application_type": "web",
"contacts": [
"roland@example.com"
],
"grant_types": [
"implicit"
],
"jwks_uri": "https://op.certification.openid.net:61584/static/jwks_61584.json",
"post_logout_redirect_uris": [
"https://op.certification.openid.net:61584/logout"
],
"redirect_uris": [
"https://op.certification.openid.net:61584/authz_cb"
],
"response_types": [
"id_token"
],
"token_endpoint_auth_method": "private_key_jwt"
}
|
0 | http response | url:https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition status_code:200
|
0 | RegistrationResponse | {
"application_type": "web",
"client_id": "AT8OsS5BmHsIWCTCbrPY",
"client_id_issued_at": 1560785012,
"client_secret": "bVqTQiUHtTpsyO0Q5qOI",
"client_secret_expires_at": 0,
"contacts": [
"roland@example.com"
],
"grant_types": [
"implicit"
],
"jwks_uri": "https://op.certification.openid.net:61584/static/jwks_61584.json",
"post_logout_redirect_uris": [
"https://op.certification.openid.net:61584/logout"
],
"redirect_uris": [
"https://op.certification.openid.net:61584/authz_cb"
],
"registration_access_token": "iGYeteAIKoJPTRUHPPFR",
"registration_client_uri": "https://isamfed.com:30443/mga/sps/oauth/oauth20/register/OIDCDefinition?client_id=AT8OsS5BmHsIWCTCbrPY",
"response_types": [
"id_token"
],
"token_endpoint_auth_method": "private_key_jwt"
}
|
0 | phase | <--<-- 3 --- AsyncAuthn -->--> |
0 | AuthorizationRequest | {
"client_id": "AT8OsS5BmHsIWCTCbrPY",
"nonce": "lpeuG8Rg2BSTU1n2",
"redirect_uri": "https://op.certification.openid.net:61584/authz_cb",
"response_type": "id_token",
"scope": "openid",
"state": "NY8i5HZLgqsVlujQ"
}
|
0 | redirect url | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=NY8i5HZLgqsVlujQ&nonce=lpeuG8Rg2BSTU1n2&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61584%2Fauthz_cb&client_id=AT8OsS5BmHsIWCTCbrPY |
0 | redirect | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=NY8i5HZLgqsVlujQ&nonce=lpeuG8Rg2BSTU1n2&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61584%2Fauthz_cb&client_id=AT8OsS5BmHsIWCTCbrPY |
1 | http args | {} |
1 | response | URL with fragment |
1 | response | id_token=eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.hhrkSFtlG97fsXFwPZ_7GVbBwpDbc-pNnbyaP_PEhj7EAGH6Jt3nHZ0augNa6kmrK_IF6FxmGTJhDjldAqreA-_9xBfWjRLeQeu19zuIwUtQOD5vntvA4pYrsiYz-5j81dU3xi0r0hwrKIAQhjcfhrKu5EPg80FlYjnAVYYNRRjaBV6PDuVJLotdNA9ZgQxQPU7EmWLJqAsAeeUmrGxn3XfbEY6fCn8xZiMiHJZXQh4kUEEOErzSC9mPP2iD2E3PMk8BgUOndZEMFcHdCi9Xgt6z-mRXci6M8V50QtGiG-NAeIPCOxYhYHjeglFfCj-NxcVg67sDCzpbLNmt67fI_g.3cDtELRBaSzYHRLW0t9qlw.GxRIiWU0lrgz4FI9hUYIReSl8x2iOeNaUq78kH8S0hoSX_5GIOAehT3fWYUpZ41H0IGRmPbmNMFu77Yy3vv0TzAXhi36pjYpzaAYqUEdjbBM1BCMsVRQsBuW4v3K3_xKS8LTs7b2OzyvFRkhFOknSLE0z0rsJHIh-YFHZq-qa71MnPZHzzBHnKX_jHZ-bp5wEmMCEYa8I5sIwZhtsCs1mKFD9d_E7CplQEqV1iMHyeZUhxJPq7EDC33-4v1XpAvG8b15f4o4r6EOFS9kBcI6yuKBrkbR2dBjmE4FEObm3XKdpeHePh89V_jmp9VEv1AiPJv00SRvwCMMl6auNJFtLZYQUKRguOd_RL8JGI6vB-wl8_5WhjnBC_uo5lwA8CpR12Y3YdL7BTNAOZEGlKFgZ1zznMvh4AdwzO8Eh9rVIfMOcqY6yqRu4fi2APc_PJkTRgXTrl1QapWI39yGEpK16eclYz32pwLzlkiGxSrbE1eMw7ksrTzkqryQknJkSzHcPTDHv5HghXfKRAGZpgSIG2YSagdR8bFrhRNOP06yDWokq-MuXFm1xeuiYLL727Ens4dTDYjxsLX-QHN58GuK11NqJHUQcZyJoHqlRqRMH5DDJyAdhkss4OTx-voNePALEJvEIEBmYxwwsiqZjRJo9pF_SbIlDfh2XrFOV31BZJ7NXUJ2BV_2sk7zVWh94S-0LeaCmyDHiQwyHR0yG7oHWY0X1lCpoITvWBIilp2VSfVGaCof5nD3ftRHWoBXYCBbbNqRlav7U1ajW0C0Eof2DLK4m8U_PTLO-cLqDydiAGVNvOJV0QaR3GSFAIsnXnN0nup9WKD_R_ipWhb3xLnAfw.KIP2VIquURtshH3lXqI-CQ&state=NY8i5HZLgqsVlujQ |
1 | response | {'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.hhrkSFtlG97fsXFwPZ_7GVbBwpDbc-pNnbyaP_PEhj7EAGH6Jt3nHZ0augNa6kmrK_IF6FxmGTJhDjldAqreA-_9xBfWjRLeQeu19zuIwUtQOD5vntvA4pYrsiYz-5j81dU3xi0r0hwrKIAQhjcfhrKu5EPg80FlYjnAVYYNRRjaBV6PDuVJLotdNA9ZgQxQPU7EmWLJqAsAeeUmrGxn3XfbEY6fCn8xZiMiHJZXQh4kUEEOErzSC9mPP2iD2E3PMk8BgUOndZEMFcHdCi9Xgt6z-mRXci6M8V50QtGiG-NAeIPCOxYhYHjeglFfCj-NxcVg67sDCzpbLNmt67fI_g.3cDtELRBaSzYHRLW0t9qlw.GxRIiWU0lrgz4FI9hUYIReSl8x2iOeNaUq78kH8S0hoSX_5GIOAehT3fWYUpZ41H0IGRmPbmNMFu77Yy3vv0TzAXhi36pjYpzaAYqUEdjbBM1BCMsVRQsBuW4v3K3_xKS8LTs7b2OzyvFRkhFOknSLE0z0rsJHIh-YFHZq-qa71MnPZHzzBHnKX_jHZ-bp5wEmMCEYa8I5sIwZhtsCs1mKFD9d_E7CplQEqV1iMHyeZUhxJPq7EDC33-4v1XpAvG8b15f4o4r6EOFS9kBcI6yuKBrkbR2dBjmE4FEObm3XKdpeHePh89V_jmp9VEv1AiPJv00SRvwCMMl6auNJFtLZYQUKRguOd_RL8JGI6vB-wl8_5WhjnBC_uo5lwA8CpR12Y3YdL7BTNAOZEGlKFgZ1zznMvh4AdwzO8Eh9rVIfMOcqY6yqRu4fi2APc_PJkTRgXTrl1QapWI39yGEpK16eclYz32pwLzlkiGxSrbE1eMw7ksrTzkqryQknJkSzHcPTDHv5HghXfKRAGZpgSIG2YSagdR8bFrhRNOP06yDWokq-MuXFm1xeuiYLL727Ens4dTDYjxsLX-QHN58GuK11NqJHUQcZyJoHqlRqRMH5DDJyAdhkss4OTx-voNePALEJvEIEBmYxwwsiqZjRJo9pF_SbIlDfh2XrFOV31BZJ7NXUJ2BV_2sk7zVWh94S-0LeaCmyDHiQwyHR0yG7oHWY0X1lCpoITvWBIilp2VSfVGaCof5nD3ftRHWoBXYCBbbNqRlav7U1ajW0C0Eof2DLK4m8U_PTLO-cLqDydiAGVNvOJV0QaR3GSFAIsnXnN0nup9WKD_R_ipWhb3xLnAfw.KIP2VIquURtshH3lXqI-CQ', 'state': 'NY8i5HZLgqsVlujQ'} |
1 | AuthorizationResponse | {
"id_token": {
"aud": [
"AT8OsS5BmHsIWCTCbrPY"
],
"exp": 1560788432,
"iat": 1560785012,
"iss": "https://isamfed.com:30443/test",
"nonce": "lpeuG8Rg2BSTU1n2",
"sub": "testuser"
},
"state": "NY8i5HZLgqsVlujQ"
}
|
1 | phase | <--<-- 4 --- AccessToken -->--> |
1 | phase | <--<-- 5 --- AsyncAuthn -->--> |
1 | AuthorizationRequest | {
"client_id": "AT8OsS5BmHsIWCTCbrPY",
"nonce": "9iPXyTuqXi6HO6LK",
"prompt": [
"none"
],
"redirect_uri": "https://op.certification.openid.net:61584/authz_cb",
"response_type": "id_token",
"scope": "openid",
"state": "d0AV9Wqt99BQ0tDL"
}
|
1 | redirect url | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=d0AV9Wqt99BQ0tDL&nonce=9iPXyTuqXi6HO6LK&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61584%2Fauthz_cb&prompt=none&client_id=AT8OsS5BmHsIWCTCbrPY |
1 | redirect | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=d0AV9Wqt99BQ0tDL&nonce=9iPXyTuqXi6HO6LK&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61584%2Fauthz_cb&prompt=none&client_id=AT8OsS5BmHsIWCTCbrPY |
2 | http args | {} |
3 | response | URL with fragment |
3 | response | id_token=eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.IaCDsfdVfB_smiyHUvQXRdIxUH738x1Nbjv0-vxZ2-XGsPjjvNQgH3KIr3A9xoypXeyfoCD5lqJUDZsH6tYwML1vLw_qxDdskRkby2EVkYzy0EAfnhUg059Rlpm0NNJr2yYLctwmhTx9lV1ozoRdooGu7CrcnnAP6hnwJSyKz639DV7gjsslaOp3NYNt0kgF4ImFb_s6GucSyYcfiO6nPq98UnYODuLa3s8QneUJ3_r61Ol5IPbaumJXY8KYFDZYvGxUt1spm_QIjp2QwBkTS-mZF6V7ZnlfQlcTFwJ3zBx5ljHTRQpGJDGuf75MqiwGpIfRBEp_KSFyGDYHg09mPg.iErNgB1nwDkYYokCPhUWwg.PPx5FxtwQqsrXdpE5tDsMmAczq_mIe8_G1LmaF0eQ3iGXVY3TIFZ8q1EYt37mVFwXAvXRlL1dDuoAFbVA5Lc7GZlLEegFX8Y6RkWOm3oO1ZallctbBgtFwwBYW5OOPUTtCgQXOLxoIbDSj0Z01mT4VjOmYvWAJeTRnZIDljKIK3qGM9LGHrLZBX-ANgHfocoT9Q43K_YxdHIgd-Xii1i7y6Ae74HA90Kf80JPZ-_mSdfH4_QlzP1m5nuPFy6nKTIOGYGGegXm3FyMtVq4E4uLcaZHluXObEvdS6X-XXo3Z0ByMI3WcBFJVL7mPp_NGiatSfN4vXlN9fM1MIsf6qKYrEwREyTtFe2i3dfJpGVC_NcW6gglowCSk9O7Dy6HH-ACfTwYLweoNrn3HFWygqKopsuyaBQrEcv6EVnMRXQIfC2w-pbTq7uZDTB2UdhmZsD_Qsaz16uKfYe9fjaeyMG_PJVsG4LAU4k5zqlhAZe3RZ1aHtNOCGM0uSa8SmzkDGC41VU2DwK00DXBaxfAf_LVu5zyC0cDMERuXUJO88XwHwY7ChxtJ85Yl4JiVaGY6CZGe5NQBtV54zBDLpjEHQL8AK0JDvzgfRA43PZ2i02Mxz6BwTTWLGVF1KMpodEAqtbUYcT_IwZtbAFcKygXM4h6D6UfbFTd-BYLJpCXotuECXb1sqI6I4zm0m73ODCiZ52M6jGhq6dc0XVCnt6iyphVmKcibzOKIviMQHaoFO59-DT8Hw_tmkP5EAXoypAK6CEWYYvKm1tZwEaqd8BW2mK1E8mVYnUkil0fSLtcVyAwnfP71K7a3x6HiusurWOP20EIRLPm2_5W47-JnbiAdkr6g.w9ireuXKjytskVV9jCgnOQ&state=d0AV9Wqt99BQ0tDL |
3 | response | {'id_token': 'eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoiZ3RINHYzWXIyUXFMcmVCU3owQnlRUTh2a2Y4ZUZvMUtJaXQzcy0zQmJ3dyIsImN0eSI6IkpXVCJ9.IaCDsfdVfB_smiyHUvQXRdIxUH738x1Nbjv0-vxZ2-XGsPjjvNQgH3KIr3A9xoypXeyfoCD5lqJUDZsH6tYwML1vLw_qxDdskRkby2EVkYzy0EAfnhUg059Rlpm0NNJr2yYLctwmhTx9lV1ozoRdooGu7CrcnnAP6hnwJSyKz639DV7gjsslaOp3NYNt0kgF4ImFb_s6GucSyYcfiO6nPq98UnYODuLa3s8QneUJ3_r61Ol5IPbaumJXY8KYFDZYvGxUt1spm_QIjp2QwBkTS-mZF6V7ZnlfQlcTFwJ3zBx5ljHTRQpGJDGuf75MqiwGpIfRBEp_KSFyGDYHg09mPg.iErNgB1nwDkYYokCPhUWwg.PPx5FxtwQqsrXdpE5tDsMmAczq_mIe8_G1LmaF0eQ3iGXVY3TIFZ8q1EYt37mVFwXAvXRlL1dDuoAFbVA5Lc7GZlLEegFX8Y6RkWOm3oO1ZallctbBgtFwwBYW5OOPUTtCgQXOLxoIbDSj0Z01mT4VjOmYvWAJeTRnZIDljKIK3qGM9LGHrLZBX-ANgHfocoT9Q43K_YxdHIgd-Xii1i7y6Ae74HA90Kf80JPZ-_mSdfH4_QlzP1m5nuPFy6nKTIOGYGGegXm3FyMtVq4E4uLcaZHluXObEvdS6X-XXo3Z0ByMI3WcBFJVL7mPp_NGiatSfN4vXlN9fM1MIsf6qKYrEwREyTtFe2i3dfJpGVC_NcW6gglowCSk9O7Dy6HH-ACfTwYLweoNrn3HFWygqKopsuyaBQrEcv6EVnMRXQIfC2w-pbTq7uZDTB2UdhmZsD_Qsaz16uKfYe9fjaeyMG_PJVsG4LAU4k5zqlhAZe3RZ1aHtNOCGM0uSa8SmzkDGC41VU2DwK00DXBaxfAf_LVu5zyC0cDMERuXUJO88XwHwY7ChxtJ85Yl4JiVaGY6CZGe5NQBtV54zBDLpjEHQL8AK0JDvzgfRA43PZ2i02Mxz6BwTTWLGVF1KMpodEAqtbUYcT_IwZtbAFcKygXM4h6D6UfbFTd-BYLJpCXotuECXb1sqI6I4zm0m73ODCiZ52M6jGhq6dc0XVCnt6iyphVmKcibzOKIviMQHaoFO59-DT8Hw_tmkP5EAXoypAK6CEWYYvKm1tZwEaqd8BW2mK1E8mVYnUkil0fSLtcVyAwnfP71K7a3x6HiusurWOP20EIRLPm2_5W47-JnbiAdkr6g.w9ireuXKjytskVV9jCgnOQ', 'state': 'd0AV9Wqt99BQ0tDL'} |
3 | AuthorizationResponse | {
"id_token": {
"aud": [
"AT8OsS5BmHsIWCTCbrPY"
],
"exp": 1560788434,
"iat": 1560785014,
"iss": "https://isamfed.com:30443/test",
"nonce": "9iPXyTuqXi6HO6LK",
"sub": "testuser"
},
"state": "d0AV9Wqt99BQ0tDL"
}
|
3 | phase | <--<-- 6 --- AccessToken -->--> |
3 | phase | <--<-- 7 --- Done -->--> |
3 | end | |
3 | assertion | SameAuthn |
3 | condition | Done: status=OK |