OpenID Connect Provider Certification Test Result

Test Info

Issuer	https://oidc-conformance.ping-eng.com:9031
Profile	[]
Test ID	OP-scope-phone
Test description	Scope requesting phone claims
Timestamp	2018-09-20T22:55:04Z

Conditions


verify-scopes: status=OK [Verifies that the claims corresponding to the requested scopes are returned]
check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK

Trace Output

0.0	phase	<--<-- 0 --- Webfinger -->-->
0.0	not expected to do	WebFinger
0.0	phase	<--<-- 1 --- Discovery -->-->
0.0	not expected to do	Dynamic discovery
0.0	phase	<--<-- 2 --- Registration -->-->
0.001	register	`kwargs:{'response_types': ['id_token token'], 'grant_types': ['implicit'], 'application_name': 'OIC test tool', 'application_type': 'web', 'redirect_uris': ['https://op.certification.openid.net:61401/authz_cb'], 'contacts': ['roland@example.com'], 'post_logout_redirect_uris': ['https://op.certification.openid.net:61401/logout'], 'url': 'https://oidc-conformance.ping-eng.com:9031/as/clients.oauth2', 'jwks_uri': 'https://op.certification.openid.net:61401/static/jwks_61401.json'}`
0.001	RegistrationRequest	{ "application_type": "web", "contacts": [ "roland@example.com" ], "grant_types": [ "implicit" ], "jwks_uri": "https://op.certification.openid.net:61401/static/jwks_61401.json", "post_logout_redirect_uris": [ "https://op.certification.openid.net:61401/logout" ], "redirect_uris": [ "https://op.certification.openid.net:61401/authz_cb" ], "request_uris": [ "https://op.certification.openid.net:61401/requests/876669ef2b3891075309a06e00b98e6ace4cfca108af01becb9a804fff95d8c4#EeMcGF0cyRYJRd2y" ], "response_types": [ "id_token token" ] }
0.363	http response	`url:https://oidc-conformance.ping-eng.com:9031/as/clients.oauth2 status_code:201`
0.364	RegistrationResponse	{ "client_id": "dc-7pQYwsWCZ2AlPnwkgqeLMK", "client_name": "dc-7pQYwsWCZ2AlPnwkgqeLMK", "client_secret": "11FwLKP2BONudnhkREL3kk", "client_secret_expires_at": 0, "grant_access_session_revocation_api": false, "grant_types": [ "implicit" ], "jwks_uri": "https://op.certification.openid.net:61401/static/jwks_61401.json", "persistent_grant_expiration_type": "server_default", "pingaccess_logout_capable": false, "redirect_uris": [ "https://op.certification.openid.net:61401/authz_cb" ], "refresh_token_rolling_policy": "server_default", "response_types": [ "id_token token" ], "scope": "address phone edit openid profile admin email", "token_endpoint_auth_method": "client_secret_basic", "validate_using_all_eligible_atms": false }
0.364	phase	<--<-- 3 --- AsyncAuthn -->-->
0.365	AuthorizationRequest	`{ "client_id": "dc-7pQYwsWCZ2AlPnwkgqeLMK", "nonce": "ihTf26e7QBbIXJkz", "redirect_uri": "https://op.certification.openid.net:61401/authz_cb", "response_type": "id_token token", "scope": "openid phone", "state": "yqmo0A0c8vNg9mnO" }`
0.365	redirect url	https://oidc-conformance.ping-eng.com:9031/as/authorization.oauth2?state=yqmo0A0c8vNg9mnO&nonce=ihTf26e7QBbIXJkz&response_type=id_token+token&scope=openid+phone&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&client_id=dc-7pQYwsWCZ2AlPnwkgqeLMK
0.365	redirect	https://oidc-conformance.ping-eng.com:9031/as/authorization.oauth2?state=yqmo0A0c8vNg9mnO&nonce=ihTf26e7QBbIXJkz&response_type=id_token+token&scope=openid+phone&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61401%2Fauthz_cb&client_id=dc-7pQYwsWCZ2AlPnwkgqeLMK
2.14	http args	{}
2.453	response	URL with fragment
2.454	response	access_token=eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiLCJwaG9uZSJdLCJjbGllbnRfaWRfbmFtZSI6ImRjLTdwUVl3c1dDWjJBbFBud2tncWVMTUsiLCJhZ2lkIjoieklsNVE0Tm5abUYxVVkxcmlrOTg3U2xlaHU1ek1MOU0iLCJVc2VybmFtZSI6ImpvZSIsIk9yZ05hbWUiOiJQaW5nIElkZW50aXR5IENvcnBvcmF0aW9uIiwiZXhwIjoxNTM3NDkxMzAzfQ.Dgemski501JRIuBfOF6zRXkVfaIaAOthgo-oCIH4MDS7v-cjvZdBGa8B0WHIIWUis_hVkLkQjscCXgUupOT-KFMk9n-ehBUEOW_EH-Ns53eU83ugKbLFzd08V4DXCSsTTmQxCRl2lUdqF9VUexvJgxMDQrjFhQBXcaBUs5xkRrgA3LKo84YNGLLhv4eDdbZ3QEBH4E2sWzglElZjGVUeITec_4u37Xat9zPq-DGnooqKqEDTM-tGGTEJdr55elYyatIiqDbeziRd-XO0J02DJqYU0DzjZk1NkafkNrzNzy53SONgmT7vCdoZNJciSDnJfYwx4HBVe-agNSPJKNZmQA&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlJvMmxnRXNPdFdJMlJiRUxLRV85amZvSVRxWSJ9.eyJzdWIiOiJqb2UiLCJhdWQiOiJkYy03cFFZd3NXQ1oyQWxQbndrZ3FlTE1LIiwianRpIjoiTnRWWEpDUlEzeVlmTFZoc0E2SU5ubCIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTUzNzQ4NDEwMywiZXhwIjoxNTM3NDg0NDAzLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBob25lX251bWJlciI6Iig1NTUpIDU1NS01NTU1IiwicGkuc3JpIjoib2U4bVNNYk5fQlFpYk5VeEFUUG1xWWgxRTNvIiwibm9uY2UiOiJpaFRmMjZlN1FCYklYSmt6IiwiYXV0aF90aW1lIjoxNTM3NDgzMTA1LCJhdF9oYXNoIjoiZlhJTkdPcnRpV0tfRTM3MVRSd0drQSIsInNfaGFzaCI6IkRqSWdrNFM4VTI4WEl3Z1MxU2sySFEifQ.crmo3lnttbMTQUn2YzQylUzXeP5uD-paLARDST0tnEZ_4XZ0en24gNMGXD28lU1DEInhP8fkfUWYIknY_xz-36c1_Ino3EYTkCwtjdKDY5yrbKiQ48ZWM41vkzeHDTwUSokQOu935HTmve_KEPaBIpO11jakn3d6gKY82Mr3pImTtwzhGJhQzqm0AziVj3lnJQQa15bJziueFdvP8EMZUpQ-gdlCs8Epewj7x6R0ZcvFueYecr1nQSxWqqJY0p5CVZYFles4cLQEutN7Kz7p91UWIVlhNwmsCE14Xm1FIif8VOLHWQenEBchpmKrF8fzgg1vPHaVddf-A6uG2ZXpmw&state=yqmo0A0c8vNg9mnO&token_type=Bearer&expires_in=7199
2.454	response	{'access_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiLCJwaG9uZSJdLCJjbGllbnRfaWRfbmFtZSI6ImRjLTdwUVl3c1dDWjJBbFBud2tncWVMTUsiLCJhZ2lkIjoieklsNVE0Tm5abUYxVVkxcmlrOTg3U2xlaHU1ek1MOU0iLCJVc2VybmFtZSI6ImpvZSIsIk9yZ05hbWUiOiJQaW5nIElkZW50aXR5IENvcnBvcmF0aW9uIiwiZXhwIjoxNTM3NDkxMzAzfQ.Dgemski501JRIuBfOF6zRXkVfaIaAOthgo-oCIH4MDS7v-cjvZdBGa8B0WHIIWUis_hVkLkQjscCXgUupOT-KFMk9n-ehBUEOW_EH-Ns53eU83ugKbLFzd08V4DXCSsTTmQxCRl2lUdqF9VUexvJgxMDQrjFhQBXcaBUs5xkRrgA3LKo84YNGLLhv4eDdbZ3QEBH4E2sWzglElZjGVUeITec_4u37Xat9zPq-DGnooqKqEDTM-tGGTEJdr55elYyatIiqDbeziRd-XO0J02DJqYU0DzjZk1NkafkNrzNzy53SONgmT7vCdoZNJciSDnJfYwx4HBVe-agNSPJKNZmQA', 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IlJvMmxnRXNPdFdJMlJiRUxLRV85amZvSVRxWSJ9.eyJzdWIiOiJqb2UiLCJhdWQiOiJkYy03cFFZd3NXQ1oyQWxQbndrZ3FlTE1LIiwianRpIjoiTnRWWEpDUlEzeVlmTFZoc0E2SU5ubCIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTUzNzQ4NDEwMywiZXhwIjoxNTM3NDg0NDAzLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBob25lX251bWJlciI6Iig1NTUpIDU1NS01NTU1IiwicGkuc3JpIjoib2U4bVNNYk5fQlFpYk5VeEFUUG1xWWgxRTNvIiwibm9uY2UiOiJpaFRmMjZlN1FCYklYSmt6IiwiYXV0aF90aW1lIjoxNTM3NDgzMTA1LCJhdF9oYXNoIjoiZlhJTkdPcnRpV0tfRTM3MVRSd0drQSIsInNfaGFzaCI6IkRqSWdrNFM4VTI4WEl3Z1MxU2sySFEifQ.crmo3lnttbMTQUn2YzQylUzXeP5uD-paLARDST0tnEZ_4XZ0en24gNMGXD28lU1DEInhP8fkfUWYIknY_xz-36c1_Ino3EYTkCwtjdKDY5yrbKiQ48ZWM41vkzeHDTwUSokQOu935HTmve_KEPaBIpO11jakn3d6gKY82Mr3pImTtwzhGJhQzqm0AziVj3lnJQQa15bJziueFdvP8EMZUpQ-gdlCs8Epewj7x6R0ZcvFueYecr1nQSxWqqJY0p5CVZYFles4cLQEutN7Kz7p91UWIVlhNwmsCE14Xm1FIif8VOLHWQenEBchpmKrF8fzgg1vPHaVddf-A6uG2ZXpmw', 'state': 'yqmo0A0c8vNg9mnO', 'token_type': 'Bearer', 'expires_in': 7199}
2.764	AuthorizationResponse	{ "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiLCJwaG9uZSJdLCJjbGllbnRfaWRfbmFtZSI6ImRjLTdwUVl3c1dDWjJBbFBud2tncWVMTUsiLCJhZ2lkIjoieklsNVE0Tm5abUYxVVkxcmlrOTg3U2xlaHU1ek1MOU0iLCJVc2VybmFtZSI6ImpvZSIsIk9yZ05hbWUiOiJQaW5nIElkZW50aXR5IENvcnBvcmF0aW9uIiwiZXhwIjoxNTM3NDkxMzAzfQ.Dgemski501JRIuBfOF6zRXkVfaIaAOthgo-oCIH4MDS7v-cjvZdBGa8B0WHIIWUis_hVkLkQjscCXgUupOT-KFMk9n-ehBUEOW_EH-Ns53eU83ugKbLFzd08V4DXCSsTTmQxCRl2lUdqF9VUexvJgxMDQrjFhQBXcaBUs5xkRrgA3LKo84YNGLLhv4eDdbZ3QEBH4E2sWzglElZjGVUeITec_4u37Xat9zPq-DGnooqKqEDTM-tGGTEJdr55elYyatIiqDbeziRd-XO0J02DJqYU0DzjZk1NkafkNrzNzy53SONgmT7vCdoZNJciSDnJfYwx4HBVe-agNSPJKNZmQA", "expires_in": 7199, "id_token": { "at_hash": "fXINGOrtiWK_E371TRwGkA", "aud": [ "dc-7pQYwsWCZ2AlPnwkgqeLMK" ], "auth_time": 1537483105, "exp": 1537484403, "iat": 1537484103, "iss": "https://oidc-conformance.ping-eng.com:9031", "jti": "NtVXJCRQ3yYfLVhsA6INnl", "nonce": "ihTf26e7QBbIXJkz", "phone_number": "(555) 555-5555", "phone_number_verified": true, "pi.sri": "oe8mSMbN_BQibNUxATPmqYh1E3o", "s_hash": "DjIgk4S8U28XIwgS1Sk2HQ", "sub": "joe" }, "state": "yqmo0A0c8vNg9mnO", "token_type": "Bearer" }
2.764	phase	<--<-- 4 --- AccessToken -->-->
2.764	phase	<--<-- 5 --- UserInfo -->-->
2.764	do_user_info_request	`kwargs:{'state': 'yqmo0A0c8vNg9mnO', 'method': 'GET', 'authn_method': 'bearer_header'}`
2.765	request	{'body': None}
2.765	request_url	https://oidc-conformance.ping-eng.com:9031/idp/userinfo.openid
2.765	request_http_args	{'headers': {'Authorization': 'Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIn0.eyJzY29wZSI6WyJvcGVuaWQiLCJwaG9uZSJdLCJjbGllbnRfaWRfbmFtZSI6ImRjLTdwUVl3c1dDWjJBbFBud2tncWVMTUsiLCJhZ2lkIjoieklsNVE0Tm5abUYxVVkxcmlrOTg3U2xlaHU1ek1MOU0iLCJVc2VybmFtZSI6ImpvZSIsIk9yZ05hbWUiOiJQaW5nIElkZW50aXR5IENvcnBvcmF0aW9uIiwiZXhwIjoxNTM3NDkxMzAzfQ.Dgemski501JRIuBfOF6zRXkVfaIaAOthgo-oCIH4MDS7v-cjvZdBGa8B0WHIIWUis_hVkLkQjscCXgUupOT-KFMk9n-ehBUEOW_EH-Ns53eU83ugKbLFzd08V4DXCSsTTmQxCRl2lUdqF9VUexvJgxMDQrjFhQBXcaBUs5xkRrgA3LKo84YNGLLhv4eDdbZ3QEBH4E2sWzglElZjGVUeITec_4u37Xat9zPq-DGnooqKqEDTM-tGGTEJdr55elYyatIiqDbeziRd-XO0J02DJqYU0DzjZk1NkafkNrzNzy53SONgmT7vCdoZNJciSDnJfYwx4HBVe-agNSPJKNZmQA'}}
3.198	http response	`url:https://oidc-conformance.ping-eng.com:9031/idp/userinfo.openid status_code:200`
3.199	OpenIDSchema	`{ "phone_number": "(555) 555-5555", "phone_number_verified": true, "sub": "joe" }`
3.199	OpenIDSchema	`{ "phone_number": "(555) 555-5555", "phone_number_verified": true, "sub": "joe" }`
3.199	phase	<--<-- 6 --- Done -->-->
3.199	end
3.2	assertion	VerifyScopes
3.2	condition	verify-scopes: status=OK [Verifies that the claims corresponding to the requested scopes are returned]
3.2	assertion	CheckHTTPResponse
3.201	condition	check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
3.201	assertion	VerifyResponse
3.201	condition	verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
3.201	condition	Done: status=OK

Result

PASSED

(C) 2017-2018 - OpenID Foundation
E-mail: certification@oidf.org
Issues: Github

Version: 2.1.4