Test info
Profile: {'openid-configuration': 'config', 'response_type': 'code', 'crypto': 'sign', 'registration': 'static'}
Timestamp: 2016-05-25T16:41:54Z
Test description: Claims request with essential name claim [Basic, Implicit, Hybrid]
Test ID: OP-claims-essential
Issuer: https://op-certification.okta.com
Test output
__AuthorizationRequest:pre__
[check-response-type]
status: OK
description: Checks that the asked for response type are among the supported
[check-endpoint]
status: OK
description: Checks that the necessary endpoint exists at a server
__After completing the test flow:__
[check-http-response]
status: OK
description: Checks that the HTTP response status is within the 200 or 300 range
[verify-claims]
status: WARNING
description: Verifies that the UserInfo returned is consistent with what was asked for
info: Missing required claim: name
__X:==== END ====__
Trace output
0.000498 ------------ DiscoveryRequest ------------
0.000516 Provider info discover from 'https://op-certification.okta.com'
0.000542 --> URL: https://op-certification.okta.com/.well-known/openid-configuration
0.054189 ProviderConfigurationResponse: {
"authorization_endpoint": "https://op-certification.okta.com/oauth2/v1/authorize",
"claims_parameter_supported": false,
"claims_supported": [
"iss",
"sub",
"aud",
"iat",
"exp",
"auth_time",
"amr",
"idp",
"nonce",
"name",
"nickname",
"preferred_username",
"given_name",
"middle_name",
"family_name",
"email",
"email_verified",
"profile",
"zoneinfo",
"locale",
"address",
"phone_number",
"updated_at"
],
"code_challenge_methods_supported": [
"S256"
],
"grant_types_supported": [
"authorization_code",
"implicit",
"refresh_token"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"issuer": "https://op-certification.okta.com",
"jwks_uri": "https://op-certification.okta.com/oauth2/v1/keys",
"request_parameter_supported": false,
"request_uri_parameter_supported": true,
"require_request_uri_registration": true,
"response_modes_supported": [
"query",
"fragment",
"form_post",
"okta_post_message"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token"
],
"scopes_supported": [
"openid",
"email",
"profile",
"address",
"phone"
],
"subject_types_supported": [
"public"
],
"token_endpoint": "https://op-certification.okta.com/oauth2/v1/token",
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"none"
],
"userinfo_endpoint": "https://op-certification.okta.com/oauth2/v1/userinfo",
"version": "3.0"
}
0.119792 JWKS: {
"keys": [
{
"alg": "RS256",
"e": "AQAB",
"kid": "pc8CQZ8w8fZk62oe3lqqUpHq4LfUcOoBn6EXlP2dPi0",
"kty": "RSA",
"n": "0Ynq2m-XVvriDf7B-bCr1j70QXznL_4bVSjcgSwYRS819tiEcEopYr3JMRQwS7t7q9gQ5Vzqjr4qyP8CuZMlThn2BNRLlReYionOzLXfSjlEO4n6OvN5sdl8V5NmdN6ZpzuJU76OZeR7xI54OA0J993EC9SKfMxnni2qVcqxXid47dxJwT9EeeyZWvDusKcB49YQSyuaCgWFifF5Ku9ovxIYnS_TAMO5Cdopftw1ORGUDaXjvMQBFguJebvEfq8VWzR-hpgExm9_zlxHEpLoEhbuvk57U0mNM7brqJQE6g8xFBwYWSgIu80s9piPlzc-fg1CSmoLXFuMhPMZ5dhKnQ",
"use": "sig",
"x5c": [
"MIIDsDCCApigAwIBAgIGAVSgezkjMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEUMBIGA1UECwwLU1NPUHJvdmlkZXIxGTAXBgNVBAMMEG9wLWNlcnRpZmljYXRpb24xHDAaBgkqhkiG9w0BCQEWDWluZm9Ab2t0YS5jb20wHhcNMTYwNTExMTU0MDUwWhcNMjYwNTExMTU0MTUwWjCBmDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xDTALBgNVBAoMBE9rdGExFDASBgNVBAsMC1NTT1Byb3ZpZGVyMRkwFwYDVQQDDBBvcC1jZXJ0aWZpY2F0aW9uMRwwGgYJKoZIhvcNAQkBFg1pbmZvQG9rdGEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ynq2m+XVvriDf7B+bCr1j70QXznL/4bVSjcgSwYRS819tiEcEopYr3JMRQwS7t7q9gQ5Vzqjr4qyP8CuZMlThn2BNRLlReYionOzLXfSjlEO4n6OvN5sdl8V5NmdN6ZpzuJU76OZeR7xI54OA0J993EC9SKfMxnni2qVcqxXid47dxJwT9EeeyZWvDusKcB49YQSyuaCgWFifF5Ku9ovxIYnS/TAMO5Cdopftw1ORGUDaXjvMQBFguJebvEfq8VWzR+hpgExm9/zlxHEpLoEhbuvk57U0mNM7brqJQE6g8xFBwYWSgIu80s9piPlzc+fg1CSmoLXFuMhPMZ5dhKnQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQCTNFck+kD+Qo3JfSsPn9MBX+8UynwrMXjBkrM3iWwFp2dfuXYqJ3KTdhgJ387OHfYjAYW/n+1I+anhylH8WMTD8/t24OyajwINX3c7ch+vNbT3UeMzjsD3Fxz15B7vn3ezcHivDnFj0R+WJu+fk3hLeYsjAxSJ16E52zyXT1qz2uTzFb3JasEHv+JbUCsAXBz1wUrVUJxLH8f194o74o3wDrTT2TtM/6iPZLM///w1YJshpoMnkLaFHeG0ZxeXuXuHU2ORIz634HmwVbppyC/eOwlkJWYAStrKBXg3yaN8ClxqCzo9pVs7/FLmAa1TyOb/dfepyK5RzjjYFjWjt6P0"
],
"x5t": "SnAGe3D7JBPA6T-8bv8Fc_Ar_J4"
}
]
}
0.133432 ------------ AuthorizationRequest ------------
0.134176 --> URL: https://op-certification.okta.com/oauth2/v1/authorize?state=yiFA6ckautLb0rg6&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60593%2Fauthz_cb&response_type=code&client_id=yWK5oTypwZeCO7cJ8Y5x&claims=%7B%22userinfo%22%3A+%7B%22name%22%3A+%7B%22essential%22%3A+true%7D%7D%7D&scope=openid
0.134184 --> BODY: None
0.557152 <-- code=6imVq6yfeQVYEn0Fl7LU&state=yiFA6ckautLb0rg6
0.557635 AuthorizationResponse: {
"code": "6imVq6yfeQVYEn0Fl7LU",
"state": "yiFA6ckautLb0rg6"
}
0.558021 ------------ AccessTokenRequest ------------
0.558456 --> URL: https://op-certification.okta.com/oauth2/v1/token
0.558464 --> BODY: code=6imVq6yfeQVYEn0Fl7LU&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60593%2Fauthz_cb
0.558477 --> HEADERS: {'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': u'Basic eVdLNW9UeXB3WmVDTzdjSjhZNXg6eDZ3MW5yVTlYbW8wbnRlQkowXzlMUEo2VloyNERSY0s4ZVdaYXhCZw=='}
0.715621 <-- STATUS: 200
0.715687 <-- BODY: {"access_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InBjOENRWjh3OGZaazYyb2UzbHFxVXBIcTRMZlVjT29CbjZFWGxQMmRQaTAifQ.eyJ2ZXIiOjEsImp0aSI6IktCUlhyM1ViNXNlNzg2RmtZWGJoIiwiaXNzIjoiaHR0cHM6Ly9vcC1jZXJ0aWZpY2F0aW9uLm9rdGEuY29tIiwiYXVkIjoieVdLNW9UeXB3WmVDTzdjSjhZNXgiLCJzdWIiOiIwMHU1OHRrbGR4eTRKWlRBMjB4NyIsImlhdCI6MTQ2NDE5NDUxNCwiZXhwIjoxNDY0MTk4MTE0LCJjbGllbnRfaWQiOiJ5V0s1b1R5cHdaZUNPN2NKOFk1eCIsInVpZCI6IjAwdTU4dGtsZHh5NEpaVEEyMHg3Iiwic2NwIjpbIm9wZW5pZCJdfQ.RCCUwrFfoKGRKxt3v5LgNjtC-jcoum-q-T09T_I27veKP5YaoRAzncyzTDpk6o22lbs04DyIZkoCHUwik_smZNSw9gKG7dHyc5UblvL13dUQDjJAcRvUBmToYOttvIJ4VGsNDpWlbuilo1s6yA5jFOjKFuyvqANu422P_UY4urlofzru2-E3QNoDdOq5fZ8jVaQnSVPoDtRvNv59vbO6tEFmdQ19C6XUZ4Uj7b0mVtmKT-5OuLAoAiqeEke43pMXfOraK_UzSsRjBpYpE_Vp2ey7o8Hpxmc3Ijen0MO2VhHbFcvcAV9hC0nJ4YesMSyQWC8k-g-u8AQNmDobKW-0Xg","token_type":"Bearer","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InBjOENRWjh3OGZaazYyb2UzbHFxVXBIcTRMZlVjT29CbjZFWGxQMmRQaTAifQ.eyJzdWIiOiIwMHU1OHRrbGR4eTRKWlRBMjB4NyIsInZlciI6MSwiaXNzIjoiaHR0cHM6Ly9vcC1jZXJ0aWZpY2F0aW9uLm9rdGEuY29tIiwiYXVkIjoieVdLNW9UeXB3WmVDTzdjSjhZNXgiLCJpYXQiOjE0NjQxOTQ1MTQsImV4cCI6MTQ2NDE5ODExNCwianRpIjoib0RHanZCaWtVRmVLVENmNkN2cVIiLCJhbXIiOlsicHdkIl0sImlkcCI6IjAwbzU4ZGVyYW9yWGJDbmNNMHg3IiwiYXV0aF90aW1lIjoxNDY0MTk0NTE0LCJhdF9oYXNoIjoiZGc5QldSWDRSVHRjaVd3aGQ5NXJfZyJ9.r_vl38MlRqUhHj66ZbsamFmiUsu8uDpieJI32uE53fyFhmXsHMjhCMPLB-_zQFe477uHHXfkNhMnr3hwyLNaf3FVLmiw7hlv9VjK3DLt011IChilv_sL4KRocixRnQM6u1XdsBf5E1UzyX3ovxPEl35y4lHZoJfd2lHiq3G-SeTPSERIJRerGWZbDwvsQoG6zqbDL08xncEnabyPHR9V1Y1OtUk1r0lkglz5NOqEMEHZcxseMV06Occ5feeH-uhDj6TcB0iU4MgvvQkL1-Fma059KLWnl1qhpertxctnWLwvjRL0gLhLWXkvTgRgHRgyVmmmidgf8BueFr8QMoN9tQ"}
0.783406 AccessTokenResponse: {
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InBjOENRWjh3OGZaazYyb2UzbHFxVXBIcTRMZlVjT29CbjZFWGxQMmRQaTAifQ.eyJ2ZXIiOjEsImp0aSI6IktCUlhyM1ViNXNlNzg2RmtZWGJoIiwiaXNzIjoiaHR0cHM6Ly9vcC1jZXJ0aWZpY2F0aW9uLm9rdGEuY29tIiwiYXVkIjoieVdLNW9UeXB3WmVDTzdjSjhZNXgiLCJzdWIiOiIwMHU1OHRrbGR4eTRKWlRBMjB4NyIsImlhdCI6MTQ2NDE5NDUxNCwiZXhwIjoxNDY0MTk4MTE0LCJjbGllbnRfaWQiOiJ5V0s1b1R5cHdaZUNPN2NKOFk1eCIsInVpZCI6IjAwdTU4dGtsZHh5NEpaVEEyMHg3Iiwic2NwIjpbIm9wZW5pZCJdfQ.RCCUwrFfoKGRKxt3v5LgNjtC-jcoum-q-T09T_I27veKP5YaoRAzncyzTDpk6o22lbs04DyIZkoCHUwik_smZNSw9gKG7dHyc5UblvL13dUQDjJAcRvUBmToYOttvIJ4VGsNDpWlbuilo1s6yA5jFOjKFuyvqANu422P_UY4urlofzru2-E3QNoDdOq5fZ8jVaQnSVPoDtRvNv59vbO6tEFmdQ19C6XUZ4Uj7b0mVtmKT-5OuLAoAiqeEke43pMXfOraK_UzSsRjBpYpE_Vp2ey7o8Hpxmc3Ijen0MO2VhHbFcvcAV9hC0nJ4YesMSyQWC8k-g-u8AQNmDobKW-0Xg",
"expires_in": 3600,
"id_token": {
"claims": {
"amr": [
"pwd"
],
"at_hash": "dg9BWRX4RTtciWwhd95r_g",
"aud": [
"yWK5oTypwZeCO7cJ8Y5x"
],
"auth_time": 1464194514,
"exp": 1464198114,
"iat": 1464194514,
"idp": "00o58deraorXbCncM0x7",
"iss": "https://op-certification.okta.com",
"jti": "oDGjvBikUFeKTCf6CvqR",
"sub": "00u58tkldxy4JZTA20x7",
"ver": 1
},
"jws header parameters": {
"alg": "RS256",
"kid": "pc8CQZ8w8fZk62oe3lqqUpHq4LfUcOoBn6EXlP2dPi0"
}
},
"token_type": "Bearer"
}
0.798023 ------------ UserInfoRequest ------------
0.798410 --> URL: https://op-certification.okta.com/oauth2/v1/userinfo
0.798418 --> BODY: None
0.798443 --> HEADERS: {'Authorization': u'Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InBjOENRWjh3OGZaazYyb2UzbHFxVXBIcTRMZlVjT29CbjZFWGxQMmRQaTAifQ.eyJ2ZXIiOjEsImp0aSI6IktCUlhyM1ViNXNlNzg2RmtZWGJoIiwiaXNzIjoiaHR0cHM6Ly9vcC1jZXJ0aWZpY2F0aW9uLm9rdGEuY29tIiwiYXVkIjoieVdLNW9UeXB3WmVDTzdjSjhZNXgiLCJzdWIiOiIwMHU1OHRrbGR4eTRKWlRBMjB4NyIsImlhdCI6MTQ2NDE5NDUxNCwiZXhwIjoxNDY0MTk4MTE0LCJjbGllbnRfaWQiOiJ5V0s1b1R5cHdaZUNPN2NKOFk1eCIsInVpZCI6IjAwdTU4dGtsZHh5NEpaVEEyMHg3Iiwic2NwIjpbIm9wZW5pZCJdfQ.RCCUwrFfoKGRKxt3v5LgNjtC-jcoum-q-T09T_I27veKP5YaoRAzncyzTDpk6o22lbs04DyIZkoCHUwik_smZNSw9gKG7dHyc5UblvL13dUQDjJAcRvUBmToYOttvIJ4VGsNDpWlbuilo1s6yA5jFOjKFuyvqANu422P_UY4urlofzru2-E3QNoDdOq5fZ8jVaQnSVPoDtRvNv59vbO6tEFmdQ19C6XUZ4Uj7b0mVtmKT-5OuLAoAiqeEke43pMXfOraK_UzSsRjBpYpE_Vp2ey7o8Hpxmc3Ijen0MO2VhHbFcvcAV9hC0nJ4YesMSyQWC8k-g-u8AQNmDobKW-0Xg'}
0.972740 <-- STATUS: 200
0.972820 Available verification keys: [(u'pc8CQZ8w8fZk62oe3lqqUpHq4LfUcOoBn6EXlP2dPi0', u'RSA')]
0.972858 Available decryption keys: [('a0', 'RSA'), ('a3', 'EC')]
0.972889 <-- BODY: {"sub":"00u58tkldxy4JZTA20x7"}
0.973646 UserInfo: {
"sub": "00u58tkldxy4JZTA20x7"
}
0.987433 ==== END ====
Result
WARNING
Warnings:
Missing required claim: name