Test Info
Issuer | https://isamfed.com:30443/test |
---|---|
Profile | [] |
Test ID | OP-Req-max_age=10000 |
Test description | Requesting ID Token with max_age=10000 seconds restriction |
Timestamp | 2019-06-17T08:07:47Z |
Conditions
claims-check: status=OK [Checks if specific claims is present or not]
Done: status=OK
Trace Output
0 | phase | <--<-- 0 --- Webfinger -->--> |
0 | not expected to do | WebFinger |
0 | phase | <--<-- 1 --- Discovery -->--> |
0 | provider_config |
|
0 | http response |
|
0 | ProviderConfigurationResponse |
|
0 | phase | <--<-- 2 --- Registration -->--> |
0 | not expected to do | Dynamic registration |
0 | phase | <--<-- 3 --- AsyncAuthn -->--> |
0 | AuthorizationRequest |
|
0 | redirect url | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=nIxVFMRZz2mLc25B&nonce=k7dluT6jw36QiCI8&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61396%2Fauthz_cb&client_id=clientID |
0 | redirect | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=nIxVFMRZz2mLc25B&nonce=k7dluT6jw36QiCI8&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61396%2Fauthz_cb&client_id=clientID |
1 | http args | {} |
2 | response | URL with fragment |
2 | response | id_token=eyJraWQiOiJfdWhQZGVHclRXeG9iRmVIMFhiempKcFJyenAzQ0I5bmtueDF5RlYxRy0wIiwiYWxnIjoiUlMyNTYifQ.eyJub25jZSI6Ims3ZGx1VDZqdzM2UWlDSTgiLCJpYXQiOjE1NjA3NTg4NjUsImlzcyI6Imh0dHBzOi8vaXNhbWZlZC5jb206MzA0NDMvdGVzdCIsInN1YiI6InRlc3R1c2VyIiwiZXhwIjoxNTYwNzYyMjg1LCJhdWQiOiJjbGllbnRJRCJ9.2CWOowYHSxMr8rTHGx6StYs73z3AdQX7zSPoDJVSQhMs2GKf2uecTekbJ0oAT6ekmXrPvln6aPFpAgIPhrPrAzMFxwofT982lGYqDOvTEvmDepseiZg0dUmyjlb1eP9kWPmqL7a_1oMWUPwrDpyZSmecsXlFyr7wVwWiusrsTYfb7LXsv3yxZy-QJrCcdy0xc0zEhXyMSE_sgwayDe17aq6OLq7RFccLBJgj_wew2D_kIeSofwm5Bzn2YhLMjWOWmfKy3nehWG_vbOb5KrP2UE_dpuz6ibKDMf8goEV1mGGUg2v4lyIZtw2S_Q-szLeQlIfLJfCk225jzF1Ko2fNuw&state=nIxVFMRZz2mLc25B |
2 | response | {'id_token': 'eyJraWQiOiJfdWhQZGVHclRXeG9iRmVIMFhiempKcFJyenAzQ0I5bmtueDF5RlYxRy0wIiwiYWxnIjoiUlMyNTYifQ.eyJub25jZSI6Ims3ZGx1VDZqdzM2UWlDSTgiLCJpYXQiOjE1NjA3NTg4NjUsImlzcyI6Imh0dHBzOi8vaXNhbWZlZC5jb206MzA0NDMvdGVzdCIsInN1YiI6InRlc3R1c2VyIiwiZXhwIjoxNTYwNzYyMjg1LCJhdWQiOiJjbGllbnRJRCJ9.2CWOowYHSxMr8rTHGx6StYs73z3AdQX7zSPoDJVSQhMs2GKf2uecTekbJ0oAT6ekmXrPvln6aPFpAgIPhrPrAzMFxwofT982lGYqDOvTEvmDepseiZg0dUmyjlb1eP9kWPmqL7a_1oMWUPwrDpyZSmecsXlFyr7wVwWiusrsTYfb7LXsv3yxZy-QJrCcdy0xc0zEhXyMSE_sgwayDe17aq6OLq7RFccLBJgj_wew2D_kIeSofwm5Bzn2YhLMjWOWmfKy3nehWG_vbOb5KrP2UE_dpuz6ibKDMf8goEV1mGGUg2v4lyIZtw2S_Q-szLeQlIfLJfCk225jzF1Ko2fNuw', 'state': 'nIxVFMRZz2mLc25B'} |
2 | AuthorizationResponse |
|
2 | phase | <--<-- 4 --- AccessToken -->--> |
2 | phase | <--<-- 5 --- AsyncAuthn -->--> |
2 | AuthorizationRequest |
|
2 | redirect url | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=X1baKwH4cAwndTg7&nonce=w8gaxvfPMSQbk373&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61396%2Fauthz_cb&max_age=10000&client_id=clientID |
2 | redirect | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=X1baKwH4cAwndTg7&nonce=w8gaxvfPMSQbk373&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61396%2Fauthz_cb&max_age=10000&client_id=clientID |
3 | http args | {} |
3 | response | URL with fragment |
3 | response | id_token=eyJraWQiOiJfdWhQZGVHclRXeG9iRmVIMFhiempKcFJyenAzQ0I5bmtueDF5RlYxRy0wIiwiYWxnIjoiUlMyNTYifQ.eyJhdXRoX3RpbWUiOjE1NjA3NTg4NjcsIm5vbmNlIjoidzhnYXh2ZlBNU1FiazM3MyIsImlhdCI6MTU2MDc1ODg2NiwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My90ZXN0Iiwic3ViIjoidGVzdHVzZXIiLCJleHAiOjE1NjA3NjIyODYsImF1ZCI6ImNsaWVudElEIn0.1PWBW55siCJbvTIRxqhdI3BH5gzYksvzqapdt0psQdiOwUZsAQWgNfVEYTcjC4D9ch2OPSkGQu90rplgCj557u6kRS3Ic1OEOkIzovX2YYCiqH6NydnADURzsb0fB1PT1IWs4xIZFTu9IygIqIVzQIjB3yT3Ze-u7IYDzxu9SnfQdkX6CCldz5BHDDrrRv651AxOFCYOWX80LkqeRItmlnycZokJ6AESVaaTnBPiqVXAuPRxXOrlAdgb-UGUdN9Qf_bCdPaTE1uncf81GkSYWDkKG3XeUBMIako8g0ZSjDtLbNj-vLutq7wZOL4DrBHdHHBKW9oRYBpvSHIamoTkcQ&state=X1baKwH4cAwndTg7 |
3 | response | {'id_token': 'eyJraWQiOiJfdWhQZGVHclRXeG9iRmVIMFhiempKcFJyenAzQ0I5bmtueDF5RlYxRy0wIiwiYWxnIjoiUlMyNTYifQ.eyJhdXRoX3RpbWUiOjE1NjA3NTg4NjcsIm5vbmNlIjoidzhnYXh2ZlBNU1FiazM3MyIsImlhdCI6MTU2MDc1ODg2NiwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My90ZXN0Iiwic3ViIjoidGVzdHVzZXIiLCJleHAiOjE1NjA3NjIyODYsImF1ZCI6ImNsaWVudElEIn0.1PWBW55siCJbvTIRxqhdI3BH5gzYksvzqapdt0psQdiOwUZsAQWgNfVEYTcjC4D9ch2OPSkGQu90rplgCj557u6kRS3Ic1OEOkIzovX2YYCiqH6NydnADURzsb0fB1PT1IWs4xIZFTu9IygIqIVzQIjB3yT3Ze-u7IYDzxu9SnfQdkX6CCldz5BHDDrrRv651AxOFCYOWX80LkqeRItmlnycZokJ6AESVaaTnBPiqVXAuPRxXOrlAdgb-UGUdN9Qf_bCdPaTE1uncf81GkSYWDkKG3XeUBMIako8g0ZSjDtLbNj-vLutq7wZOL4DrBHdHHBKW9oRYBpvSHIamoTkcQ', 'state': 'X1baKwH4cAwndTg7'} |
3 | AuthorizationResponse |
|
3 | phase | <--<-- 6 --- AccessToken -->--> |
3 | phase | <--<-- 7 --- Done -->--> |
3 | end | |
3 | assertion | ClaimsCheck |
3 | condition | claims-check: status=OK [Checks if specific claims is present or not] |
3 | assertion | SameAuthn |
3 | condition | Done: status=OK |
Result
PASSED