Test Info
Issuer | https://isamfed.com:30443/test |
---|---|
Profile | [] |
Test ID | OP-scope-profile |
Test description | Scope requesting profile claims |
Timestamp | 2019-06-17T08:05:19Z |
Conditions
verify-scopes: status=WARNING, message=The following claims were missing from the returned information: ['given_name', 'family_name', 'middle_name', 'nickname', 'profile', 'picture', 'website', 'gender', 'birthdate', 'zoneinfo', 'locale', 'updated_at', 'preferred_username'] [Verifies that the claims corresponding to the requested scopes are returned]
check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK
Trace Output
0 | phase | <--<-- 0 --- Webfinger -->--> |
0 | not expected to do | WebFinger |
0 | phase | <--<-- 1 --- Discovery -->--> |
0 | provider_config |
|
0 | http response |
|
0 | ProviderConfigurationResponse |
|
0 | phase | <--<-- 2 --- Registration -->--> |
0 | not expected to do | Dynamic registration |
0 | phase | <--<-- 3 --- AsyncAuthn -->--> |
0 | AuthorizationRequest |
|
0 | redirect url | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=a4OclHBMYrN9K5jq&nonce=R94aO8JyvWONYbnM&response_type=id_token+token&scope=openid+profile&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61515%2Fauthz_cb&client_id=clientID |
0 | redirect | https://isamfed.com:30443/mga/sps/oauth/oauth20/authorize?state=a4OclHBMYrN9K5jq&nonce=R94aO8JyvWONYbnM&response_type=id_token+token&scope=openid+profile&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61515%2Fauthz_cb&client_id=clientID |
1 | http args | {} |
1 | response | URL with fragment |
1 | response | access_token=44jgXgg24zxBcTFW2J5U&state=a4OclHBMYrN9K5jq&expires_in=3599&token_type=bearer&scope=openid%20profile&id_token=eyJraWQiOiJfdWhQZGVHclRXeG9iRmVIMFhiempKcFJyenAzQ0I5bmtueDF5RlYxRy0wIiwiYWxnIjoiUlMyNTYifQ.eyJub25jZSI6IlI5NGFPOEp5dldPTllibk0iLCJuYW1lIjoiaXNhbWZlZCB0ZXN0dXNlciIsImlhdCI6MTU2MDc1ODcxNywiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My90ZXN0IiwiYXRfaGFzaCI6InlVRjdibFZTUU9FRlhZdnpKZnpPQmciLCJzdWIiOiJ0ZXN0dXNlciIsImV4cCI6MTU2MDc2MjEzNywiYXVkIjoiY2xpZW50SUQifQ.dsqb1aB7AOdf_5ZFm_jEN_iSFObUzZH4OtakzPIeOEnh7SgjOAI9N76nUy1BMWdKzRK6RAd3EZU5vLtDjzCOVY-2azdhqB0tsG8uL-wOhKgO8P8meabOZqG9SYvdnVVriS-Xt2lOROqOuuoqyBHMdfbRoFT5FKlfVHB_G8Bo8MibcI81T0wBZ_Ahx2mEvPIxMX4Y1-y_HbNZCjav5w-IdSlY4K1OwwM-lmfT6nDiR6qPTcUjSuYTKrJ-9sEhS068DcoUN-uhR3ZhgFViuVeSJaFLpbn-dpXLPBrVz_pupSy-pj4_69yhPuJhGYW0lxvh_3q8SP9eydPYLnCbqT8jOw |
1 | response | {'access_token': '44jgXgg24zxBcTFW2J5U', 'state': 'a4OclHBMYrN9K5jq', 'expires_in': 3599, 'token_type': 'bearer', 'scope': 'openid profile', 'id_token': 'eyJraWQiOiJfdWhQZGVHclRXeG9iRmVIMFhiempKcFJyenAzQ0I5bmtueDF5RlYxRy0wIiwiYWxnIjoiUlMyNTYifQ.eyJub25jZSI6IlI5NGFPOEp5dldPTllibk0iLCJuYW1lIjoiaXNhbWZlZCB0ZXN0dXNlciIsImlhdCI6MTU2MDc1ODcxNywiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTozMDQ0My90ZXN0IiwiYXRfaGFzaCI6InlVRjdibFZTUU9FRlhZdnpKZnpPQmciLCJzdWIiOiJ0ZXN0dXNlciIsImV4cCI6MTU2MDc2MjEzNywiYXVkIjoiY2xpZW50SUQifQ.dsqb1aB7AOdf_5ZFm_jEN_iSFObUzZH4OtakzPIeOEnh7SgjOAI9N76nUy1BMWdKzRK6RAd3EZU5vLtDjzCOVY-2azdhqB0tsG8uL-wOhKgO8P8meabOZqG9SYvdnVVriS-Xt2lOROqOuuoqyBHMdfbRoFT5FKlfVHB_G8Bo8MibcI81T0wBZ_Ahx2mEvPIxMX4Y1-y_HbNZCjav5w-IdSlY4K1OwwM-lmfT6nDiR6qPTcUjSuYTKrJ-9sEhS068DcoUN-uhR3ZhgFViuVeSJaFLpbn-dpXLPBrVz_pupSy-pj4_69yhPuJhGYW0lxvh_3q8SP9eydPYLnCbqT8jOw'} |
1 | AuthorizationResponse |
|
1 | phase | <--<-- 4 --- AccessToken -->--> |
1 | phase | <--<-- 5 --- UserInfo -->--> |
1 | do_user_info_request |
|
1 | request | {'body': None} |
1 | request_url | https://isamfed.com:30443/mga/sps/oauth/oauth20/userinfo |
1 | request_http_args | {'headers': {'Authorization': 'Bearer 44jgXgg24zxBcTFW2J5U'}} |
2 | http response |
|
2 | OpenIDSchema |
|
2 | OpenIDSchema |
|
2 | phase | <--<-- 6 --- Done -->--> |
2 | end | |
2 | assertion | VerifyScopes |
2 | condition | verify-scopes: status=WARNING, message=The following claims were missing from the returned information: ['given_name', 'family_name', 'middle_name', 'nickname', 'profile', 'picture', 'website', 'gender', 'birthdate', 'zoneinfo', 'locale', 'updated_at', 'preferred_username'] [Verifies that the claims corresponding to the requested scopes are returned] |
2 | assertion | CheckHTTPResponse |
2 | condition | check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks] |
2 | assertion | VerifyResponse |
2 | condition | verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses] |
2 | condition | Done: status=OK |
Result
WARNING
Warnings:
The following claims were missing from the returned information: ['given_name', 'family_name', 'middle_name', 'nickname', 'profile', 'picture', 'website', 'gender', 'birthdate', 'zoneinfo', 'locale', 'updated_at', 'preferred_username']