Test Info
Issuer | https://testop.funet.fi |
---|---|
Profile | [] |
Test ID | OP-Req-id_token_hint |
Test description | Using prompt=none with user hint through id_token_hint |
Timestamp | 2019-04-29T13:37:32Z |
Conditions
same-authn: status=OK [Verifies that the same authentication was used twice in the flow.]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK
Trace Output
0 | phase | <--<-- 0 --- Webfinger -->--> |
0 | not expected to do | WebFinger |
0 | phase | <--<-- 1 --- Discovery -->--> |
0 | provider_config |
|
1 | http response |
|
1 | ProviderConfigurationResponse |
|
1 | phase | <--<-- 2 --- Registration -->--> |
1 | register |
|
1 | RegistrationRequest |
|
2 | http response |
|
2 | RegistrationResponse |
|
2 | phase | <--<-- 3 --- AsyncAuthn -->--> |
2 | AuthorizationRequest |
|
2 | redirect url | https://testop.funet.fi/idp/profile/oidc/authorize?state=bcKaq4JNLxRKQ2e3&nonce=3e4KXyu8xpXY58it&response_type=id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&client_id=_cc556ba2854ccff8232ff2a6d4b7644a |
2 | redirect | https://testop.funet.fi/idp/profile/oidc/authorize?state=bcKaq4JNLxRKQ2e3&nonce=3e4KXyu8xpXY58it&response_type=id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&client_id=_cc556ba2854ccff8232ff2a6d4b7644a |
5 | http args | {} |
5 | response | URL with fragment |
5 | response | access_token=AAdzZWNyZXQxK2zO36rljTrbcr5sFw2hxk5WqNKBcrR3OwwQRKZ1R83F_FqNh2sVD4f322HWpULm0lN5ZM_nKOyP7yGnxOVl9FXt6h9dNuKAqo-rK929ql3kAw_oL-AHsVXTDk_0QUVXmdRVMR-_Cbq0mYjAtuE_gxl6YV3P14Bzuu-GLyazE_je2jgoIdzFdDL8zzZy-vCKzPcKnl70FPIivi9nw6xIDCT3pdHIdXiut0-0T53wzk_nPMFtZ2YcnMFYtC99YnVhEbgv9AJbQDo-cytSXyZuaLzOAA5XNqhMzOR0Dw_m_sWt-D1n5utlb9V1d351bimtkRCsYSExoq4KZ3M1CUwVXhqyBc0RnzqurEohxGo_YAQfHTrAoHIzICdd3TRJY3HmUtfZO-IIed_NsihlsGLnSkRs_8pgnI77Dr9Qvj27pp8iGoZcJpKV9rQiPnrLYd3mUYpi4huFD8Yqpgkm9Zyv29sQSVDOE_w9UEvinDoEPhU&id_token=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiZGJJc0tFZ3p0T1FXcVZKS1I0LVMzQSIsInN1YiI6IlZVRzQ3NzdZUDNOTVU1S1JGRVNYNlNLUkFQWExFNE1JIiwiYXVkIjoiX2NjNTU2YmEyODU0Y2NmZjgyMzJmZjJhNmQ0Yjc2NDRhIiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDQ1MDEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDg2NTAsImlhdCI6MTU1NjU0NTA1MCwibm9uY2UiOiIzZTRLWHl1OHhwWFk1OGl0In0.eVCn3wHHiwOERtRUy67DEK2_ky5amUWoKEaaMoKSobvNjdzNQuJEJBmPTabl2o8wEeBBDm5QuOgjqMfZbMB3O1-MY6NQBjo6nNmAU0eGh-AaNs-COdRtLKwZv-j8dxilEd4SFSmASp_iEp8nXrZnExbSWVF7gQhXW39bdbxk8Vd6YPan8z2NMr6KU17K2HdictyIK0ulgF7RJDDzxTgCn3HSnXmxBDjKIk17HU0wWoeATS2Wi_WRUQDmO5L_0el3bxX6irJoeVV3-00jekGxvzORudnbwR1NI28vrMi7ukYdx-R25dXuDkmRIezXvPGvhHCk1EE1F4GsrRMfWaT4dA&state=bcKaq4JNLxRKQ2e3&token_type=Bearer&expires_in=600 |
5 | response | {'access_token': 'AAdzZWNyZXQxK2zO36rljTrbcr5sFw2hxk5WqNKBcrR3OwwQRKZ1R83F_FqNh2sVD4f322HWpULm0lN5ZM_nKOyP7yGnxOVl9FXt6h9dNuKAqo-rK929ql3kAw_oL-AHsVXTDk_0QUVXmdRVMR-_Cbq0mYjAtuE_gxl6YV3P14Bzuu-GLyazE_je2jgoIdzFdDL8zzZy-vCKzPcKnl70FPIivi9nw6xIDCT3pdHIdXiut0-0T53wzk_nPMFtZ2YcnMFYtC99YnVhEbgv9AJbQDo-cytSXyZuaLzOAA5XNqhMzOR0Dw_m_sWt-D1n5utlb9V1d351bimtkRCsYSExoq4KZ3M1CUwVXhqyBc0RnzqurEohxGo_YAQfHTrAoHIzICdd3TRJY3HmUtfZO-IIed_NsihlsGLnSkRs_8pgnI77Dr9Qvj27pp8iGoZcJpKV9rQiPnrLYd3mUYpi4huFD8Yqpgkm9Zyv29sQSVDOE_w9UEvinDoEPhU', 'id_token': 'eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiZGJJc0tFZ3p0T1FXcVZKS1I0LVMzQSIsInN1YiI6IlZVRzQ3NzdZUDNOTVU1S1JGRVNYNlNLUkFQWExFNE1JIiwiYXVkIjoiX2NjNTU2YmEyODU0Y2NmZjgyMzJmZjJhNmQ0Yjc2NDRhIiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDQ1MDEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDg2NTAsImlhdCI6MTU1NjU0NTA1MCwibm9uY2UiOiIzZTRLWHl1OHhwWFk1OGl0In0.eVCn3wHHiwOERtRUy67DEK2_ky5amUWoKEaaMoKSobvNjdzNQuJEJBmPTabl2o8wEeBBDm5QuOgjqMfZbMB3O1-MY6NQBjo6nNmAU0eGh-AaNs-COdRtLKwZv-j8dxilEd4SFSmASp_iEp8nXrZnExbSWVF7gQhXW39bdbxk8Vd6YPan8z2NMr6KU17K2HdictyIK0ulgF7RJDDzxTgCn3HSnXmxBDjKIk17HU0wWoeATS2Wi_WRUQDmO5L_0el3bxX6irJoeVV3-00jekGxvzORudnbwR1NI28vrMi7ukYdx-R25dXuDkmRIezXvPGvhHCk1EE1F4GsrRMfWaT4dA', 'state': 'bcKaq4JNLxRKQ2e3', 'token_type': 'Bearer', 'expires_in': 600} |
5 | AuthorizationResponse |
|
5 | phase | <--<-- 4 --- AccessToken -->--> |
5 | phase | <--<-- 5 --- AsyncAuthn -->--> |
5 | AuthorizationRequest |
|
5 | redirect url | https://testop.funet.fi/idp/profile/oidc/authorize?state=xkXUMoBa1oj5gxiP&nonce=IPWI6jHxSGt6IjZi&response_type=id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&prompt=none&id_token_hint=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiZGJJc0tFZ3p0T1FXcVZKS1I0LVMzQSIsInN1YiI6IlZVRzQ3NzdZUDNOTVU1S1JGRVNYNlNLUkFQWExFNE1JIiwiYXVkIjoiX2NjNTU2YmEyODU0Y2NmZjgyMzJmZjJhNmQ0Yjc2NDRhIiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDQ1MDEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDg2NTAsImlhdCI6MTU1NjU0NTA1MCwibm9uY2UiOiIzZTRLWHl1OHhwWFk1OGl0In0.eVCn3wHHiwOERtRUy67DEK2_ky5amUWoKEaaMoKSobvNjdzNQuJEJBmPTabl2o8wEeBBDm5QuOgjqMfZbMB3O1-MY6NQBjo6nNmAU0eGh-AaNs-COdRtLKwZv-j8dxilEd4SFSmASp_iEp8nXrZnExbSWVF7gQhXW39bdbxk8Vd6YPan8z2NMr6KU17K2HdictyIK0ulgF7RJDDzxTgCn3HSnXmxBDjKIk17HU0wWoeATS2Wi_WRUQDmO5L_0el3bxX6irJoeVV3-00jekGxvzORudnbwR1NI28vrMi7ukYdx-R25dXuDkmRIezXvPGvhHCk1EE1F4GsrRMfWaT4dA&client_id=_cc556ba2854ccff8232ff2a6d4b7644a |
5 | redirect | https://testop.funet.fi/idp/profile/oidc/authorize?state=xkXUMoBa1oj5gxiP&nonce=IPWI6jHxSGt6IjZi&response_type=id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60028%2Fauthz_cb&prompt=none&id_token_hint=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiZGJJc0tFZ3p0T1FXcVZKS1I0LVMzQSIsInN1YiI6IlZVRzQ3NzdZUDNOTVU1S1JGRVNYNlNLUkFQWExFNE1JIiwiYXVkIjoiX2NjNTU2YmEyODU0Y2NmZjgyMzJmZjJhNmQ0Yjc2NDRhIiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDQ1MDEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDg2NTAsImlhdCI6MTU1NjU0NTA1MCwibm9uY2UiOiIzZTRLWHl1OHhwWFk1OGl0In0.eVCn3wHHiwOERtRUy67DEK2_ky5amUWoKEaaMoKSobvNjdzNQuJEJBmPTabl2o8wEeBBDm5QuOgjqMfZbMB3O1-MY6NQBjo6nNmAU0eGh-AaNs-COdRtLKwZv-j8dxilEd4SFSmASp_iEp8nXrZnExbSWVF7gQhXW39bdbxk8Vd6YPan8z2NMr6KU17K2HdictyIK0ulgF7RJDDzxTgCn3HSnXmxBDjKIk17HU0wWoeATS2Wi_WRUQDmO5L_0el3bxX6irJoeVV3-00jekGxvzORudnbwR1NI28vrMi7ukYdx-R25dXuDkmRIezXvPGvhHCk1EE1F4GsrRMfWaT4dA&client_id=_cc556ba2854ccff8232ff2a6d4b7644a |
6 | http args | {} |
6 | response | URL with fragment |
6 | response | access_token=AAdzZWNyZXQxkJWWJ22Fu4bES2j43US69ZQxlm1LJ5fFeyCp2n2SwE5eW8lcNp5XOzCu3L3SLG4YSWd1ZHvkysAlcNhKo_RbfGnUZM64Z0ki-TKwh3hajzq7Lo-qZhVhXXGWro-ZJCG8-0DunQrBmluluFehuuSZgDNkmvR59mqpNFIQX1QVOfVPUn6jKuHy0GzcDri9gSM7WzRWGfNeFhPRZhMZOVuwtWZ1AGwg3YpN-cElLZom7oBWrO5Y_xqJjtyQ6sanlklGZtSRe0sc_tXMB74HATyObgnhvgDEG-g46Dl2s2G32z0sHj1pezFV_nTijmezCf8nmN4qfCJq2mpkPmJCkglVjMXlItE4iDTIoP2jIdWsFFStWcQXfJwCB7SThwwmULImEH3wpKqaCy7B9Q9Bt8c021pafb_mM3tlu3_p99P2V71JL_Krhv37DnJbuIF9UTiu8vaVUBsClNfetA2nvbumjfLojlFnvdXKee4xV8jjqQ&id_token=eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiVEFmbzE4S1VWNU5GRzBJdkk3NmdHZyIsInN1YiI6IlZVRzQ3NzdZUDNOTVU1S1JGRVNYNlNLUkFQWExFNE1JIiwiYXVkIjoiX2NjNTU2YmEyODU0Y2NmZjgyMzJmZjJhNmQ0Yjc2NDRhIiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDQ1MDEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDg2NTIsImlhdCI6MTU1NjU0NTA1Miwibm9uY2UiOiJJUFdJNmpIeFNHdDZJalppIn0.ISZ8znZfn5vW0BXsrfXuygpAQd4D_cGfMEMM9uLXtsesX0_mUIO4sIQUoaTz7VMWPtTyE-WxyL1b4UMGPM5sZCwW0tdiL-4SKfPXwpkz41H0LzmmPgpJui1HAEBEYL8hQf7dK9Qpw_0ldqmQmEfARuVohhpmpvrAbI5XOAda6Ymf9h_lY0-Y0Fpa9mvYQquefBH4j0lrEPPxwRRD_6glcYtRC36tRLMg2O1Uyp1LZDjp_H8S5VFQ6ugAvuuN7XjNPJS3jfihLrNLbJAqd3sI5vTta-KfwYzPBJp5h5jH9cwGyQGTA2VRxufXfRN883PUXyp2M-viGMPbVkEeYMJ0AQ&state=xkXUMoBa1oj5gxiP&token_type=Bearer&expires_in=600 |
6 | response | {'access_token': 'AAdzZWNyZXQxkJWWJ22Fu4bES2j43US69ZQxlm1LJ5fFeyCp2n2SwE5eW8lcNp5XOzCu3L3SLG4YSWd1ZHvkysAlcNhKo_RbfGnUZM64Z0ki-TKwh3hajzq7Lo-qZhVhXXGWro-ZJCG8-0DunQrBmluluFehuuSZgDNkmvR59mqpNFIQX1QVOfVPUn6jKuHy0GzcDri9gSM7WzRWGfNeFhPRZhMZOVuwtWZ1AGwg3YpN-cElLZom7oBWrO5Y_xqJjtyQ6sanlklGZtSRe0sc_tXMB74HATyObgnhvgDEG-g46Dl2s2G32z0sHj1pezFV_nTijmezCf8nmN4qfCJq2mpkPmJCkglVjMXlItE4iDTIoP2jIdWsFFStWcQXfJwCB7SThwwmULImEH3wpKqaCy7B9Q9Bt8c021pafb_mM3tlu3_p99P2V71JL_Krhv37DnJbuIF9UTiu8vaVUBsClNfetA2nvbumjfLojlFnvdXKee4xV8jjqQ', 'id_token': 'eyJraWQiOiJ0ZXN0a2V5UlMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiVEFmbzE4S1VWNU5GRzBJdkk3NmdHZyIsInN1YiI6IlZVRzQ3NzdZUDNOTVU1S1JGRVNYNlNLUkFQWExFNE1JIiwiYXVkIjoiX2NjNTU2YmEyODU0Y2NmZjgyMzJmZjJhNmQ0Yjc2NDRhIiwiYWNyIjoicGFzc3dvcmQiLCJhdXRoX3RpbWUiOjE1NTY1NDQ1MDEsImlzcyI6Imh0dHBzOlwvXC90ZXN0b3AuZnVuZXQuZmkiLCJleHAiOjE1NTY1NDg2NTIsImlhdCI6MTU1NjU0NTA1Miwibm9uY2UiOiJJUFdJNmpIeFNHdDZJalppIn0.ISZ8znZfn5vW0BXsrfXuygpAQd4D_cGfMEMM9uLXtsesX0_mUIO4sIQUoaTz7VMWPtTyE-WxyL1b4UMGPM5sZCwW0tdiL-4SKfPXwpkz41H0LzmmPgpJui1HAEBEYL8hQf7dK9Qpw_0ldqmQmEfARuVohhpmpvrAbI5XOAda6Ymf9h_lY0-Y0Fpa9mvYQquefBH4j0lrEPPxwRRD_6glcYtRC36tRLMg2O1Uyp1LZDjp_H8S5VFQ6ugAvuuN7XjNPJS3jfihLrNLbJAqd3sI5vTta-KfwYzPBJp5h5jH9cwGyQGTA2VRxufXfRN883PUXyp2M-viGMPbVkEeYMJ0AQ', 'state': 'xkXUMoBa1oj5gxiP', 'token_type': 'Bearer', 'expires_in': 600} |
6 | AuthorizationResponse |
|
6 | phase | <--<-- 6 --- AccessToken -->--> |
6 | phase | <--<-- 7 --- Done -->--> |
6 | end | |
6 | assertion | SameAuthn |
6 | condition | same-authn: status=OK [Verifies that the same authentication was used twice in the flow.] |
6 | assertion | VerifyResponse |
6 | condition | verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses] |
6 | condition | Done: status=OK |
Result
PASSED