Test Info
Issuer | https://testop.funet.fi |
---|---|
Profile | [] |
Test ID | OP-Registration-Sub-Differ |
Test description | Public and pairwise sub values differ |
Timestamp | 2019-04-29T13:16:16Z |
Conditions
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
different_sub: status=OK [Verifies that the sub value differs between public and pairwise subject types.]
Done: status=OK
Trace Output
0 | phase | <--<-- 0 --- Webfinger -->--> |
0 | not expected to do | WebFinger |
0 | phase | <--<-- 1 --- Discovery -->--> |
0 | provider_config |
|
0 | http response |
|
0 | ProviderConfigurationResponse |
|
0 | phase | <--<-- 2 --- Registration -->--> |
0 | register |
|
0 | RegistrationRequest |
|
1 | http response |
|
1 | RegistrationResponse |
|
1 | phase | <--<-- 3 --- AsyncAuthn -->--> |
1 | AuthorizationRequest |
|
1 | redirect url | https://testop.funet.fi/idp/profile/oidc/authorize?state=tJYN0CrZuwMLPsNZ&nonce=n74tCeAsLLizbImW&response_type=id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&client_id=_cbf4327caf1c5c063dd69b2375e9afe9 |
1 | redirect | https://testop.funet.fi/idp/profile/oidc/authorize?state=tJYN0CrZuwMLPsNZ&nonce=n74tCeAsLLizbImW&response_type=id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&client_id=_cbf4327caf1c5c063dd69b2375e9afe9 |
4 | http args | {} |
4 | response | URL with fragment |
4 | response | access_token=AAdzZWNyZXQx03yza1ZEUytCpUTzNQh-aYj3sxa-AMIRYKLc8tQKcaIfocVwRE6gisYwPHrXSNJzccpZWWbDOAjPKyjyhnSAhDhLa8L5di4certJviY1n1RAt6GnP2c93SZb1F75d6RXdLoXraB73l2TIR7i_XmPb81aHDUmtRvzNb01pFaFPrH8Qkx9L-aALV79NGOHYOO9bZcq7H9-AJlpSGIBZgyYr21nvLhtR-OOib-mdAAXc7t_EQF__KquNg-MjvTnLpCmzhkd0w6WBPuNYJ-rX_8xyyNKUsz0RzyAAxAaJOv3hcfL56wmRbxBma6kPntnOKJkZOvEP-h5LwOgV5bPvCgTPnuQgQN05I5l-2YP8zv6UVWH8zdkYrYZeXVUNdaWfaMYGtFjIKAWTe0ZnvThMKV4EPFR2b1l3zlrn35nNlA2FubqCv-67M66Vy_EXLZZDeFK0c5qn0auit41uXRkI_YO2CQUCAx77qnEVjI6AIi2jw&id_token=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiS2dvbnVWbFlNTC1YUFhQNzhVQ0dxdyIsInN1YiI6IlZVRzQ3NzdZUDNOTVU1S1JGRVNYNlNLUkFQWExFNE1JIiwiYXVkIjoiX2NiZjQzMjdjYWYxYzVjMDYzZGQ2OWIyMzc1ZTlhZmU5IiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDMwMTEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDczNzIsImlhdCI6MTU1NjU0Mzc3Miwibm9uY2UiOiJuNzR0Q2VBc0xMaXpiSW1XIn0.KreaUQ7V4IF1rIDSJxjH21Oxjyb7PuwTzYBX2uFOru9FRMh7ePK4bvEQAgwVJCRGR8laqbWiexD4PXR79AKtWJRUaWAfyRMOiBoL6ysnK2e8lpdX0WUENdl83a18VdliDmiG1eCz9LF661cMIYIn8GwWz4s98NICHXViSJSZDWmHVWfrbPN20unGJ4CcO9KbCkDNdJqqwcWEkEJxUnOG_26SsZ_BaDX5gsPQ5cmXuYk4gsxb8DhTDsRU8yees-RWtnrScVaIGsMLhZysLJQqUJ11NHZjG0jyWEgDh8rpRxou-OCxLZs1BCQGGfC14YBZxffK7Gbkh9bk2WI8S-Kcuw&state=tJYN0CrZuwMLPsNZ&token_type=Bearer&expires_in=600 |
4 | response | {'access_token': 'AAdzZWNyZXQx03yza1ZEUytCpUTzNQh-aYj3sxa-AMIRYKLc8tQKcaIfocVwRE6gisYwPHrXSNJzccpZWWbDOAjPKyjyhnSAhDhLa8L5di4certJviY1n1RAt6GnP2c93SZb1F75d6RXdLoXraB73l2TIR7i_XmPb81aHDUmtRvzNb01pFaFPrH8Qkx9L-aALV79NGOHYOO9bZcq7H9-AJlpSGIBZgyYr21nvLhtR-OOib-mdAAXc7t_EQF__KquNg-MjvTnLpCmzhkd0w6WBPuNYJ-rX_8xyyNKUsz0RzyAAxAaJOv3hcfL56wmRbxBma6kPntnOKJkZOvEP-h5LwOgV5bPvCgTPnuQgQN05I5l-2YP8zv6UVWH8zdkYrYZeXVUNdaWfaMYGtFjIKAWTe0ZnvThMKV4EPFR2b1l3zlrn35nNlA2FubqCv-67M66Vy_EXLZZDeFK0c5qn0auit41uXRkI_YO2CQUCAx77qnEVjI6AIi2jw', 'id_token': 'eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiS2dvbnVWbFlNTC1YUFhQNzhVQ0dxdyIsInN1YiI6IlZVRzQ3NzdZUDNOTVU1S1JGRVNYNlNLUkFQWExFNE1JIiwiYXVkIjoiX2NiZjQzMjdjYWYxYzVjMDYzZGQ2OWIyMzc1ZTlhZmU5IiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDMwMTEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDczNzIsImlhdCI6MTU1NjU0Mzc3Miwibm9uY2UiOiJuNzR0Q2VBc0xMaXpiSW1XIn0.KreaUQ7V4IF1rIDSJxjH21Oxjyb7PuwTzYBX2uFOru9FRMh7ePK4bvEQAgwVJCRGR8laqbWiexD4PXR79AKtWJRUaWAfyRMOiBoL6ysnK2e8lpdX0WUENdl83a18VdliDmiG1eCz9LF661cMIYIn8GwWz4s98NICHXViSJSZDWmHVWfrbPN20unGJ4CcO9KbCkDNdJqqwcWEkEJxUnOG_26SsZ_BaDX5gsPQ5cmXuYk4gsxb8DhTDsRU8yees-RWtnrScVaIGsMLhZysLJQqUJ11NHZjG0jyWEgDh8rpRxou-OCxLZs1BCQGGfC14YBZxffK7Gbkh9bk2WI8S-Kcuw', 'state': 'tJYN0CrZuwMLPsNZ', 'token_type': 'Bearer', 'expires_in': 600} |
4 | AuthorizationResponse |
|
4 | phase | <--<-- 4 --- AccessToken -->--> |
4 | phase | <--<-- 5 --- Registration -->--> |
4 | register |
|
4 | RegistrationRequest |
|
6 | http response |
|
6 | RegistrationResponse |
|
6 | phase | <--<-- 6 --- AsyncAuthn -->--> |
6 | AuthorizationRequest |
|
6 | redirect url | https://testop.funet.fi/idp/profile/oidc/authorize?state=2OkVZ6x0MOdz6vHz&nonce=EzPD5t73b41kk2PF&response_type=id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&client_id=_40ac91d840f90b8591a0868182c5a059 |
6 | redirect | https://testop.funet.fi/idp/profile/oidc/authorize?state=2OkVZ6x0MOdz6vHz&nonce=EzPD5t73b41kk2PF&response_type=id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&client_id=_40ac91d840f90b8591a0868182c5a059 |
8 | http args | {} |
8 | response | URL with fragment |
8 | response | access_token=AAdzZWNyZXQxrjM0LaLLKXvK2bVagZuZ3WNO9yl7wl_R74Rc65zrMkz3AjhduVhkVd27AXKo3x16VJHnFo7jPjdf9qDJEv7HlN7j5GQqWryP965rEtjxzUnkoxkWUghh0sYCwfI2FdPqv-gmoyyvsPHzNS15-tDZk5PTRUrCsMR5NDGXqYmHDGFsytfMhtVDSAQfttQbWpB_trlQdvyQD0Tx7zhaYkP0Kfz4DMpXrED0cvYFqr7hsCeJpE-A1kl267glVBxwHZukKuvgbfSifgTd3qEeO28rKjE-IRBdwbtNG3K_DYELL-3o9RYA7ILrNfZlOWzpPWCueJ5P0J0_z2sORcPh_H-GQatv-ae3gv9HeuLltN-XztftTjjE2o5NAeQV2jnZPs-MqgqzNEVWisfjv2fpABd-4VITxAhaPyjBi1o0suW1KMsSdNcPHYgu3PWoeJVUGKULVZ3nkSBBxuazu_Th9tXnF9dDW5yEkU1M159nMNtM8h0&id_token=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiaWk3YzYzRE11TVU0TDBaMjNaSERhZyIsInN1YiI6Ik9IVlA3Q0NVUUpUQjJGRklFS1JKVERKTVZLUU5IUzZGIiwiYXVkIjoiXzQwYWM5MWQ4NDBmOTBiODU5MWEwODY4MTgyYzVhMDU5IiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDMwMTEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDczNzYsImlhdCI6MTU1NjU0Mzc3Niwibm9uY2UiOiJFelBENXQ3M2I0MWtrMlBGIn0.m-Xj3MGX1BET-r7dPe9rgwke-9-64O37FhNNh6W38JQyJs2FjQKN9xp5QbppUNSnBXva90c1dlAnOXePy-s59SrjNeIDO3ZGYRjpPjG3olPtlv89nEjsn4M5mODaUSKWhEtj7jYWDi4Oo7oyX63bcCVoFRiProxaOV-hkcg8ie8FgIvPIF9AaIJtB0TSKHQ2O4zgMQUFub0-eVfWsyeYu7BgCkliIt4QxKAfjfYVqPON_lr01c7KPBFBR_-XX1a2KW_WZBRFrdeY7Eiel8qWnhbOgD6rMJsRBuYfhDumB597Kn08h2-1biEYlplxv_A6WKV59l7AgeO6laBzl53X8g&state=2OkVZ6x0MOdz6vHz&token_type=Bearer&expires_in=600 |
8 | response | {'access_token': 'AAdzZWNyZXQxrjM0LaLLKXvK2bVagZuZ3WNO9yl7wl_R74Rc65zrMkz3AjhduVhkVd27AXKo3x16VJHnFo7jPjdf9qDJEv7HlN7j5GQqWryP965rEtjxzUnkoxkWUghh0sYCwfI2FdPqv-gmoyyvsPHzNS15-tDZk5PTRUrCsMR5NDGXqYmHDGFsytfMhtVDSAQfttQbWpB_trlQdvyQD0Tx7zhaYkP0Kfz4DMpXrED0cvYFqr7hsCeJpE-A1kl267glVBxwHZukKuvgbfSifgTd3qEeO28rKjE-IRBdwbtNG3K_DYELL-3o9RYA7ILrNfZlOWzpPWCueJ5P0J0_z2sORcPh_H-GQatv-ae3gv9HeuLltN-XztftTjjE2o5NAeQV2jnZPs-MqgqzNEVWisfjv2fpABd-4VITxAhaPyjBi1o0suW1KMsSdNcPHYgu3PWoeJVUGKULVZ3nkSBBxuazu_Th9tXnF9dDW5yEkU1M159nMNtM8h0', 'id_token': 'eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiaWk3YzYzRE11TVU0TDBaMjNaSERhZyIsInN1YiI6Ik9IVlA3Q0NVUUpUQjJGRklFS1JKVERKTVZLUU5IUzZGIiwiYXVkIjoiXzQwYWM5MWQ4NDBmOTBiODU5MWEwODY4MTgyYzVhMDU5IiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDMwMTEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDczNzYsImlhdCI6MTU1NjU0Mzc3Niwibm9uY2UiOiJFelBENXQ3M2I0MWtrMlBGIn0.m-Xj3MGX1BET-r7dPe9rgwke-9-64O37FhNNh6W38JQyJs2FjQKN9xp5QbppUNSnBXva90c1dlAnOXePy-s59SrjNeIDO3ZGYRjpPjG3olPtlv89nEjsn4M5mODaUSKWhEtj7jYWDi4Oo7oyX63bcCVoFRiProxaOV-hkcg8ie8FgIvPIF9AaIJtB0TSKHQ2O4zgMQUFub0-eVfWsyeYu7BgCkliIt4QxKAfjfYVqPON_lr01c7KPBFBR_-XX1a2KW_WZBRFrdeY7Eiel8qWnhbOgD6rMJsRBuYfhDumB597Kn08h2-1biEYlplxv_A6WKV59l7AgeO6laBzl53X8g', 'state': '2OkVZ6x0MOdz6vHz', 'token_type': 'Bearer', 'expires_in': 600} |
8 | AuthorizationResponse |
|
8 | phase | <--<-- 7 --- AccessToken -->--> |
8 | phase | <--<-- 8 --- Done -->--> |
8 | end | |
8 | assertion | VerifyResponse |
8 | condition | verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses] |
8 | assertion | CheckUserID |
8 | condition | different_sub: status=OK [Verifies that the sub value differs between public and pairwise subject types.] |
8 | condition | Done: status=OK |
Result
PASSED