Test Info
Issuer | https://testop.funet.fi |
---|---|
Profile | [] |
Test ID | OP-Req-id_token_hint |
Test description | Using prompt=none with user hint through id_token_hint |
Timestamp | 2019-04-29T13:02:41Z |
Conditions
same-authn: status=OK [Verifies that the same authentication was used twice in the flow.]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK
Trace Output
0 | phase | <--<-- 0 --- Webfinger -->--> |
0 | not expected to do | WebFinger |
0 | phase | <--<-- 1 --- Discovery -->--> |
0 | provider_config |
|
1 | http response |
|
1 | ProviderConfigurationResponse |
|
1 | phase | <--<-- 2 --- Registration -->--> |
1 | register |
|
1 | RegistrationRequest |
|
2 | http response |
|
2 | RegistrationResponse |
|
2 | phase | <--<-- 3 --- AsyncAuthn -->--> |
2 | AuthorizationRequest |
|
2 | redirect url | https://testop.funet.fi/idp/profile/oidc/authorize?state=YLRfvptRCXve5PtR&nonce=GuieIpfc5PjPgGM5&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&client_id=_048c601b8fd75e1f0bef7907e921a608 |
2 | redirect | https://testop.funet.fi/idp/profile/oidc/authorize?state=YLRfvptRCXve5PtR&nonce=GuieIpfc5PjPgGM5&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&client_id=_048c601b8fd75e1f0bef7907e921a608 |
4 | http args | {} |
5 | response | URL with fragment |
5 | response | id_token=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJWVUc0Nzc3WVAzTk1VNUtSRkVTWDZTS1JBUFhMRTRNSSIsImF1ZCI6Il8wNDhjNjAxYjhmZDc1ZTFmMGJlZjc5MDdlOTIxYTYwOCIsImFjciI6InBhc3N3b3JkIiwiYXV0aF90aW1lIjoxNTU2NTQyMzg4LCJpc3MiOiJodHRwczpcL1wvdGVzdG9wLmZ1bmV0LmZpIiwiZXhwIjoxNTU2NTQ2NTU5LCJpYXQiOjE1NTY1NDI5NTksIm5vbmNlIjoiR3VpZUlwZmM1UGpQZ0dNNSJ9.LLWwEF5H94iXVYwbuA3b4rmHLGKM2dya-nVkaKzUc-uAaBtadJSCNYXOe3jmTJV2CpP1OTPZKTV-zIxTh9dvGgpW82kHrRewz1U9g1GhSnlds_CXFL6jbNLzfnKqIZHFGbHDqnHLdO4JHqUQ0SEVyuh8uCHGvi7K_3Sxn_UHv_Cl_XGBq1Q_nPbbdxYQKgq-Pjc3a_rQAtWpKPIr4sQ52JiWLr1RaDf7CFcwoxSJtA1lvC15UWvT9ln8CBwnA0nYAJeHIXyEG-HIMHzektxm1XtOuAFjhrNb5HsfxMa1EZBrenCAOgbwPC-BEtgaEfhm_y6A5nx6gGjO2--s2uen0A&state=YLRfvptRCXve5PtR |
5 | response | {'id_token': 'eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJWVUc0Nzc3WVAzTk1VNUtSRkVTWDZTS1JBUFhMRTRNSSIsImF1ZCI6Il8wNDhjNjAxYjhmZDc1ZTFmMGJlZjc5MDdlOTIxYTYwOCIsImFjciI6InBhc3N3b3JkIiwiYXV0aF90aW1lIjoxNTU2NTQyMzg4LCJpc3MiOiJodHRwczpcL1wvdGVzdG9wLmZ1bmV0LmZpIiwiZXhwIjoxNTU2NTQ2NTU5LCJpYXQiOjE1NTY1NDI5NTksIm5vbmNlIjoiR3VpZUlwZmM1UGpQZ0dNNSJ9.LLWwEF5H94iXVYwbuA3b4rmHLGKM2dya-nVkaKzUc-uAaBtadJSCNYXOe3jmTJV2CpP1OTPZKTV-zIxTh9dvGgpW82kHrRewz1U9g1GhSnlds_CXFL6jbNLzfnKqIZHFGbHDqnHLdO4JHqUQ0SEVyuh8uCHGvi7K_3Sxn_UHv_Cl_XGBq1Q_nPbbdxYQKgq-Pjc3a_rQAtWpKPIr4sQ52JiWLr1RaDf7CFcwoxSJtA1lvC15UWvT9ln8CBwnA0nYAJeHIXyEG-HIMHzektxm1XtOuAFjhrNb5HsfxMa1EZBrenCAOgbwPC-BEtgaEfhm_y6A5nx6gGjO2--s2uen0A', 'state': 'YLRfvptRCXve5PtR'} |
5 | AuthorizationResponse |
|
5 | phase | <--<-- 4 --- AccessToken -->--> |
5 | phase | <--<-- 5 --- AsyncAuthn -->--> |
5 | AuthorizationRequest |
|
5 | redirect url | https://testop.funet.fi/idp/profile/oidc/authorize?state=TH39yDunZ3dSMJ50&nonce=BNoyArIoYwysJzxx&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&prompt=none&id_token_hint=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJWVUc0Nzc3WVAzTk1VNUtSRkVTWDZTS1JBUFhMRTRNSSIsImF1ZCI6Il8wNDhjNjAxYjhmZDc1ZTFmMGJlZjc5MDdlOTIxYTYwOCIsImFjciI6InBhc3N3b3JkIiwiYXV0aF90aW1lIjoxNTU2NTQyMzg4LCJpc3MiOiJodHRwczpcL1wvdGVzdG9wLmZ1bmV0LmZpIiwiZXhwIjoxNTU2NTQ2NTU5LCJpYXQiOjE1NTY1NDI5NTksIm5vbmNlIjoiR3VpZUlwZmM1UGpQZ0dNNSJ9.LLWwEF5H94iXVYwbuA3b4rmHLGKM2dya-nVkaKzUc-uAaBtadJSCNYXOe3jmTJV2CpP1OTPZKTV-zIxTh9dvGgpW82kHrRewz1U9g1GhSnlds_CXFL6jbNLzfnKqIZHFGbHDqnHLdO4JHqUQ0SEVyuh8uCHGvi7K_3Sxn_UHv_Cl_XGBq1Q_nPbbdxYQKgq-Pjc3a_rQAtWpKPIr4sQ52JiWLr1RaDf7CFcwoxSJtA1lvC15UWvT9ln8CBwnA0nYAJeHIXyEG-HIMHzektxm1XtOuAFjhrNb5HsfxMa1EZBrenCAOgbwPC-BEtgaEfhm_y6A5nx6gGjO2--s2uen0A&client_id=_048c601b8fd75e1f0bef7907e921a608 |
5 | redirect | https://testop.funet.fi/idp/profile/oidc/authorize?state=TH39yDunZ3dSMJ50&nonce=BNoyArIoYwysJzxx&response_type=id_token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&prompt=none&id_token_hint=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJWVUc0Nzc3WVAzTk1VNUtSRkVTWDZTS1JBUFhMRTRNSSIsImF1ZCI6Il8wNDhjNjAxYjhmZDc1ZTFmMGJlZjc5MDdlOTIxYTYwOCIsImFjciI6InBhc3N3b3JkIiwiYXV0aF90aW1lIjoxNTU2NTQyMzg4LCJpc3MiOiJodHRwczpcL1wvdGVzdG9wLmZ1bmV0LmZpIiwiZXhwIjoxNTU2NTQ2NTU5LCJpYXQiOjE1NTY1NDI5NTksIm5vbmNlIjoiR3VpZUlwZmM1UGpQZ0dNNSJ9.LLWwEF5H94iXVYwbuA3b4rmHLGKM2dya-nVkaKzUc-uAaBtadJSCNYXOe3jmTJV2CpP1OTPZKTV-zIxTh9dvGgpW82kHrRewz1U9g1GhSnlds_CXFL6jbNLzfnKqIZHFGbHDqnHLdO4JHqUQ0SEVyuh8uCHGvi7K_3Sxn_UHv_Cl_XGBq1Q_nPbbdxYQKgq-Pjc3a_rQAtWpKPIr4sQ52JiWLr1RaDf7CFcwoxSJtA1lvC15UWvT9ln8CBwnA0nYAJeHIXyEG-HIMHzektxm1XtOuAFjhrNb5HsfxMa1EZBrenCAOgbwPC-BEtgaEfhm_y6A5nx6gGjO2--s2uen0A&client_id=_048c601b8fd75e1f0bef7907e921a608 |
6 | http args | {} |
6 | response | URL with fragment |
6 | response | id_token=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJWVUc0Nzc3WVAzTk1VNUtSRkVTWDZTS1JBUFhMRTRNSSIsImF1ZCI6Il8wNDhjNjAxYjhmZDc1ZTFmMGJlZjc5MDdlOTIxYTYwOCIsImFjciI6InBhc3N3b3JkIiwiYXV0aF90aW1lIjoxNTU2NTQyMzg4LCJpc3MiOiJodHRwczpcL1wvdGVzdG9wLmZ1bmV0LmZpIiwiZXhwIjoxNTU2NTQ2NTYxLCJpYXQiOjE1NTY1NDI5NjEsIm5vbmNlIjoiQk5veUFySW9Zd3lzSnp4eCJ9.Hbu2Huu8ZnFwqej3eYuKz9cpSbdOXNUqmVLsUWK42b2t1JylnuTM_j7isuVZ7Mf755Ji_i645JBXmpgMFkLMRPCCKSHLefs3B00UtBrd41pJPwzEYKqLYefTh1YXExhrTJn12iOYEeIoNUf5vJucc9U0aaDVaAPJl2uHgmHsveD4KafZh4vXZS5x0NZP2zEhkihJGfLvZRCa4bRAjnkhtUow-7EWbmu8fApxgLx6U8f7Nqh_10ijGruX3dsbB1mGTgKV3SZ3OXZDT4mPiZ3qJDftBmFMT7uqRFymuzFnCF8HbDrf81B3wgE_MiW8BpudHflyJe9m2KlmFRrusO98CQ&state=TH39yDunZ3dSMJ50 |
6 | response | {'id_token': 'eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJWVUc0Nzc3WVAzTk1VNUtSRkVTWDZTS1JBUFhMRTRNSSIsImF1ZCI6Il8wNDhjNjAxYjhmZDc1ZTFmMGJlZjc5MDdlOTIxYTYwOCIsImFjciI6InBhc3N3b3JkIiwiYXV0aF90aW1lIjoxNTU2NTQyMzg4LCJpc3MiOiJodHRwczpcL1wvdGVzdG9wLmZ1bmV0LmZpIiwiZXhwIjoxNTU2NTQ2NTYxLCJpYXQiOjE1NTY1NDI5NjEsIm5vbmNlIjoiQk5veUFySW9Zd3lzSnp4eCJ9.Hbu2Huu8ZnFwqej3eYuKz9cpSbdOXNUqmVLsUWK42b2t1JylnuTM_j7isuVZ7Mf755Ji_i645JBXmpgMFkLMRPCCKSHLefs3B00UtBrd41pJPwzEYKqLYefTh1YXExhrTJn12iOYEeIoNUf5vJucc9U0aaDVaAPJl2uHgmHsveD4KafZh4vXZS5x0NZP2zEhkihJGfLvZRCa4bRAjnkhtUow-7EWbmu8fApxgLx6U8f7Nqh_10ijGruX3dsbB1mGTgKV3SZ3OXZDT4mPiZ3qJDftBmFMT7uqRFymuzFnCF8HbDrf81B3wgE_MiW8BpudHflyJe9m2KlmFRrusO98CQ', 'state': 'TH39yDunZ3dSMJ50'} |
6 | AuthorizationResponse |
|
6 | phase | <--<-- 6 --- AccessToken -->--> |
6 | phase | <--<-- 7 --- Done -->--> |
6 | end | |
6 | assertion | SameAuthn |
6 | condition | same-authn: status=OK [Verifies that the same authentication was used twice in the flow.] |
6 | assertion | VerifyResponse |
6 | condition | verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses] |
6 | condition | Done: status=OK |
Result
PASSED