Test Info

Issuerhttps://oidc-test.ergon.ch
Profile[]
Test IDOP-prompt-none-LoggedIn
Test descriptionRequest with prompt=none when logged in [Basic, Implicit, Hybrid]
Timestamp2020-02-03T16:51:34Z

Conditions


same-authn: status=OK [Verifies that the same authentication was used twice in the flow.]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK

Trace Output

0phase<--<-- 0 --- Webfinger -->-->
0not expected to doWebFinger
0phase<--<-- 1 --- Discovery -->-->
0not expected to doDynamic discovery
0phase<--<-- 2 --- Registration -->-->
0not expected to doDynamic registration
0phase<--<-- 3 --- AsyncAuthn -->-->
0AuthorizationRequest
{
    "client_id": "oidcConformance_clientId",
    "nonce": "ERZGI03o6E6sGlva",
    "redirect_uri": "https://op.certification.openid.net:60272/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "nCAXLK2cSlef667E"
}
0redirect urlhttps://oidc-test.ergon.ch/auth-oidc/oauth2/oidcConformance_clientId?state=nCAXLK2cSlef667E&nonce=ERZGI03o6E6sGlva&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60272%2Fauthz_cb&client_id=oidcConformance_clientId
0redirecthttps://oidc-test.ergon.ch/auth-oidc/oauth2/oidcConformance_clientId?state=nCAXLK2cSlef667E&nonce=ERZGI03o6E6sGlva&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60272%2Fauthz_cb&client_id=oidcConformance_clientId
0responseResponse URL with query part
0response{'code': 'cP8wOXhN9y0-KaRtlOGL6f_WrGU~v2WWvMj_gYNrwTXb1I_6IA5B1uyDELLOoncmXz07', 'state': 'nCAXLK2cSlef667E'}
0response{'code': 'cP8wOXhN9y0-KaRtlOGL6f_WrGU~v2WWvMj_gYNrwTXb1I_6IA5B1uyDELLOoncmXz07', 'state': 'nCAXLK2cSlef667E'}
0AuthorizationResponse
{
    "code": "cP8wOXhN9y0-KaRtlOGL6f_WrGU~v2WWvMj_gYNrwTXb1I_6IA5B1uyDELLOoncmXz07",
    "state": "nCAXLK2cSlef667E"
}
0phase<--<-- 4 --- AccessToken -->-->
0requestop_args: {'state': 'nCAXLK2cSlef667E'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60272/authz_cb'}
0do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:60272/authz_cb', 'code': 'cP8wOXhN9y0-KaRtlOGL6f_WrGU~v2WWvMj_gYNrwTXb1I_6IA5B1uyDELLOoncmXz07', 'state': 'nCAXLK2cSlef667E', 'grant_type': 'authorization_code', 'client_id': 'oidcConformance_clientId'}, 'state': 'nCAXLK2cSlef667E', 'authn_method': 'client_secret_basic'}
0AccessTokenRequest
{
    "code": "cP8wOXhN9y0-KaRtlOGL6f_WrGU~v2WWvMj_gYNrwTXb1I_6IA5B1uyDELLOoncmXz07",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60272/authz_cb",
    "state": "nCAXLK2cSlef667E"
}
0request_urlhttps://oidc-test.ergon.ch/auth-oidc/oauth2/oidcConformance_clientId
0request_http_args{'headers': {'Authorization': 'Basic b2lkY0NvbmZvcm1hbmNlX2NsaWVudElkOml4MG9vQ2hlX2VlcmUxTXVrX29vamVpOUllX0VpdGhhaTRq', 'Content-Type': 'application/x-www-form-urlencoded'}}
0requestgrant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60272%2Fauthz_cb&code=cP8wOXhN9y0-KaRtlOGL6f_WrGU%7Ev2WWvMj_gYNrwTXb1I_6IA5B1uyDELLOoncmXz07&state=nCAXLK2cSlef667E
1http response
url:https://oidc-test.ergon.ch/auth-oidc/oauth2/oidcConformance_clientId status_code:200
1response{'access_token': 'hIUEd8In1E2szwZOuIEjWkIW2vE~WTL8vuzrRfHl8_aaHDb_g0Er3HDCkE2nihFKpJ0k', 'refresh_token': 'i5bx8rdo-nJG9TfX13NqhHRqEPc~tSijce5S9zX_fwd4PS7NdGuSeZaRTJ_pdbvMFxGE', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtaWtlIiwiYXVkIjoib2lkY0NvbmZvcm1hbmNlX2NsaWVudElkIiwiYXV0aF90aW1lIjoxNTgwNzQ4NTM2LCJpc3MiOiJodHRwczpcL1wvb2lkYy10ZXN0LmVyZ29uLmNoIiwiZXhwIjoxNTgwNzQ4ODEyLCJpYXQiOjE1ODA3NDg2OTIsIm5vbmNlIjoiRVJaR0kwM282RTZzR2x2YSJ9.KAaIdznNboAr_mLULPpshFLw2pCyTtZmQPyi0xfdSYY', 'token_type': 'bearer', 'expires_in': 179}
1AccessTokenResponse
{
    "access_token": "hIUEd8In1E2szwZOuIEjWkIW2vE~WTL8vuzrRfHl8_aaHDb_g0Er3HDCkE2nihFKpJ0k",
    "expires_in": 179,
    "id_token": {
        "aud": [
            "oidcConformance_clientId"
        ],
        "auth_time": 1580748536,
        "exp": 1580748812,
        "iat": 1580748692,
        "iss": "https://oidc-test.ergon.ch",
        "nonce": "ERZGI03o6E6sGlva",
        "sub": "mike"
    },
    "refresh_token": "i5bx8rdo-nJG9TfX13NqhHRqEPc~tSijce5S9zX_fwd4PS7NdGuSeZaRTJ_pdbvMFxGE",
    "token_type": "bearer"
}
1jws header{'typ': 'JWT', 'alg': 'HS256'}
1phase<--<-- 5 --- AsyncAuthn -->-->
1AuthorizationRequest
{
    "client_id": "oidcConformance_clientId",
    "nonce": "Mj8pdBDRBJ4kDRgQ",
    "prompt": [
        "none"
    ],
    "redirect_uri": "https://op.certification.openid.net:60272/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "8Hu05VSPxndNLTcl"
}
1redirect urlhttps://oidc-test.ergon.ch/auth-oidc/oauth2/oidcConformance_clientId?state=8Hu05VSPxndNLTcl&nonce=Mj8pdBDRBJ4kDRgQ&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60272%2Fauthz_cb&prompt=none&client_id=oidcConformance_clientId
1redirecthttps://oidc-test.ergon.ch/auth-oidc/oauth2/oidcConformance_clientId?state=8Hu05VSPxndNLTcl&nonce=Mj8pdBDRBJ4kDRgQ&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60272%2Fauthz_cb&prompt=none&client_id=oidcConformance_clientId
2responseResponse URL with query part
2response{'code': 'WsNEYXzq2xxdvam1tZLFBZGYxNw~zBdKn1qR5TWHuCxhJOLtZo5hxwEYjonhztFyrszh', 'state': '8Hu05VSPxndNLTcl'}
2response{'code': 'WsNEYXzq2xxdvam1tZLFBZGYxNw~zBdKn1qR5TWHuCxhJOLtZo5hxwEYjonhztFyrszh', 'state': '8Hu05VSPxndNLTcl'}
2AuthorizationResponse
{
    "code": "WsNEYXzq2xxdvam1tZLFBZGYxNw~zBdKn1qR5TWHuCxhJOLtZo5hxwEYjonhztFyrszh",
    "state": "8Hu05VSPxndNLTcl"
}
2phase<--<-- 6 --- AccessToken -->-->
2requestop_args: {'state': '8Hu05VSPxndNLTcl'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60272/authz_cb'}
2do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:60272/authz_cb', 'code': 'WsNEYXzq2xxdvam1tZLFBZGYxNw~zBdKn1qR5TWHuCxhJOLtZo5hxwEYjonhztFyrszh', 'state': '8Hu05VSPxndNLTcl', 'grant_type': 'authorization_code', 'client_id': 'oidcConformance_clientId'}, 'state': '8Hu05VSPxndNLTcl', 'authn_method': 'client_secret_basic'}
2AccessTokenRequest
{
    "code": "WsNEYXzq2xxdvam1tZLFBZGYxNw~zBdKn1qR5TWHuCxhJOLtZo5hxwEYjonhztFyrszh",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60272/authz_cb",
    "state": "8Hu05VSPxndNLTcl"
}
2request_urlhttps://oidc-test.ergon.ch/auth-oidc/oauth2/oidcConformance_clientId
2request_http_args{'headers': {'Authorization': 'Basic b2lkY0NvbmZvcm1hbmNlX2NsaWVudElkOml4MG9vQ2hlX2VlcmUxTXVrX29vamVpOUllX0VpdGhhaTRq', 'Content-Type': 'application/x-www-form-urlencoded'}}
2requestgrant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60272%2Fauthz_cb&code=WsNEYXzq2xxdvam1tZLFBZGYxNw%7EzBdKn1qR5TWHuCxhJOLtZo5hxwEYjonhztFyrszh&state=8Hu05VSPxndNLTcl
2http response
url:https://oidc-test.ergon.ch/auth-oidc/oauth2/oidcConformance_clientId status_code:200
2response{'access_token': '6F4h-zKOHSY3eKrgh1OkxSfsGt0~7zCuGdSC7wTUp-x0rzFJnL_ZQXGSMVRo_ADEvOMn', 'refresh_token': 'ifEsEUM0-_8gVLmPqQMU2W9czvI~q6-GZmP1izDOA20AQvjLLet6henjgVmRQGkbMX7L', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtaWtlIiwiYXVkIjoib2lkY0NvbmZvcm1hbmNlX2NsaWVudElkIiwiYXV0aF90aW1lIjoxNTgwNzQ4NTM2LCJpc3MiOiJodHRwczpcL1wvb2lkYy10ZXN0LmVyZ29uLmNoIiwiZXhwIjoxNTgwNzQ4ODE0LCJpYXQiOjE1ODA3NDg2OTQsIm5vbmNlIjoiTWo4cGRCRFJCSjRrRFJnUSJ9.Br-erbs-LFzRtQY-YDelLiSTKStnc9QZ2aMo1lpGI2g', 'token_type': 'bearer', 'expires_in': 179}
2AccessTokenResponse
{
    "access_token": "6F4h-zKOHSY3eKrgh1OkxSfsGt0~7zCuGdSC7wTUp-x0rzFJnL_ZQXGSMVRo_ADEvOMn",
    "expires_in": 179,
    "id_token": {
        "aud": [
            "oidcConformance_clientId"
        ],
        "auth_time": 1580748536,
        "exp": 1580748814,
        "iat": 1580748694,
        "iss": "https://oidc-test.ergon.ch",
        "nonce": "Mj8pdBDRBJ4kDRgQ",
        "sub": "mike"
    },
    "refresh_token": "ifEsEUM0-_8gVLmPqQMU2W9czvI~q6-GZmP1izDOA20AQvjLLet6henjgVmRQGkbMX7L",
    "token_type": "bearer"
}
2jws header{'typ': 'JWT', 'alg': 'HS256'}
2phase<--<-- 7 --- Done -->-->
2end
2assertionSameAuthn
2conditionsame-authn: status=OK [Verifies that the same authentication was used twice in the flow.]
2assertionVerifyResponse
2conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
2conditionDone: status=OK

Result

PASSED