OpenID Connect Provider Certification Test Result

Test Info

Issuer	https://cloud-api.loginradius.com/sso/oidc/v2/internal-mayank/oidctest
Profile	[]
Test ID	OP-Response-form_post
Test description	Request with response_mode=form_post
Timestamp	2020-07-09T09:22:36Z

Conditions


verify-authn-response: status=OK [Checks that the last response was a JSON encoded authentication message]
Done: status=OK

Trace Output

0	phase	<--<-- 0 --- Webfinger -->-->
0	not expected to do	WebFinger
0	phase	<--<-- 1 --- Discovery -->-->
0	provider_config	`kwargs:{'issuer': 'https://cloud-api.loginradius.com/sso/oidc/v2/internal-mayank/oidctest'}`
1	http response	`url:https://cloud-api.loginradius.com/sso/oidc/v2/internal-mayank/oidctest/.well-known/openid-configuration status_code:200`
1	ProviderConfigurationResponse	{ "acr_values_supported": [ "loginradius:nist:level:1:re-auth" ], "authorization_endpoint": "https://cloud-api.loginradius.com/sso/oidc/v2/oidctest/authorize", "backchannel_logout_session_supported": false, "backchannel_logout_supported": false, "claims_parameter_supported": false, "claims_supported": [ "middle_name", "name", "LastName", "phone_number_verified", "gender", "locale", "auth_time", "Uid", "Favicon", "website", "acr", "FirstName", "CustomFields.customerid", "birthdate", "phone_number", "profile", "email_verified", "address", "updated_at", "email", "nickname", "preferred_username", "picture", "zoneinfo", "Country", "given_name", "UserName", "family_name" ], "frontchannel_logout_session_supported": false, "frontchannel_logout_supported": false, "grant_types_supported": [ "authorization_code", "refresh_token" ], "id_token_signing_alg_values_supported": [ "RS256" ], "issuer": "https://cloud-api.loginradius.com/sso/oidc/v2/internal-mayank/oidctest", "jwks_uri": "https://cloud-api.loginradius.com/sso/oidc/v2/internal-mayank/oidctest/jwks", "request_parameter_supported": false, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "response_modes_supported": [ "query", "form_post", "fragment" ], "response_types_supported": [ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ], "revocation_endpoint": "https://cloud-api.loginradius.com/sso/oidc/v2/oidctest/revoke", "scopes_supported": [ "openid", "email", "phone", "profile", "address" ], "subject_types_supported": [ "public" ], "token_endpoint": "https://cloud-api.loginradius.com/sso/oidc/v2/oidctest/token", "token_endpoint_auth_methods_supported": [ "client_secret_post", "client_secret_basic" ], "userinfo_endpoint": "https://cloud-api.loginradius.com/sso/oidc/v2/internal-mayank/oidctest/userinfo", "version": "3.0" }
1	phase	<--<-- 2 --- Registration -->-->
1	not expected to do	Dynamic registration
1	phase	<--<-- 3 --- AsyncAuthn -->-->
1	AuthorizationRequest	`{ "client_id": "112563f6-1480-40b8-8e28-e072ca212c82", "nonce": "WPeH7PpM8vIz4lE2", "redirect_uri": "https://op.certification.openid.net:61909/authz_post", "response_mode": "form_post", "response_type": "code id_token token", "scope": "openid", "state": "qeinpBoCOZvoDvoi" }`
1	redirect url	https://cloud-api.loginradius.com/sso/oidc/v2/oidctest/authorize?state=qeinpBoCOZvoDvoi&nonce=WPeH7PpM8vIz4lE2&response_type=code+id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61909%2Fauthz_post&response_mode=form_post&client_id=112563f6-1480-40b8-8e28-e072ca212c82
1	redirect	https://cloud-api.loginradius.com/sso/oidc/v2/oidctest/authorize?state=qeinpBoCOZvoDvoi&nonce=WPeH7PpM8vIz4lE2&response_type=code+id_token+token&scope=openid&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A61909%2Fauthz_post&response_mode=form_post&client_id=112563f6-1480-40b8-8e28-e072ca212c82
16	response	Form post
16	response	{'state': 'qeinpBoCOZvoDvoi', 'code': '7f3f1efbc17e4caf6f430d1eff9a42c8:23349ebd3e34b2708b442b910dc05fefc9fd716d626acc083f38ab8eae96707fd319b0f4834d2a6d6ad35edcc49194ef27fddb9979e373f7f4789bad44feb98a96fcf7256fb0c603d4bc94c3f2f95ef7a92082e291ba8730dceaa06225693d604b9032f6d9e3ba9b4a761ed279b9ad408a01', 'access_token': '2643e6cc-d827-4239-8d99-43958cabd6d3', 'expires_in': '893', 'token_type': 'Bearer', 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMSIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjp7ImNvdW50cnkiOm51bGwsImxvY2FsaXR5IjpudWxsLCJwb3N0YWxfY29kZSI6bnVsbCwicmVnaW9uIjpudWxsLCJzdHJlZXRfYWRkcmVzcyI6bnVsbH0sImFzZGZnaCI6IiIsImF0X2hhc2giOiJZVmdwNVVWWnZCdGZtYU9BYksxblh3IiwiYXVkIjoiMTEyNTYzZjYtMTQ4MC00MGI4LThlMjgtZTA3MmNhMjEyYzgyIiwiYXV0aF90aW1lIjoxNTk0Mjg2NTQ4LCJiaXJ0aGRhdGUiOiIxOTg3LTA3LTA4IiwiY19oYXNoIjoiMEw5anRQYTdKZWlvcVlJQlluODl6dyIsImNvdW50cnkiOm51bGwsImVtYWlsIjpbeyJUeXBlIjoiUHJpbWFyeSIsIlZhbHVlIjoiY2xvdWRzc290ZXN0QG1haWxhenkuY29tIn1dLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNTk0Mjg3MTU1LCJmYW1pbHlfbmFtZSI6InRlc3J0IiwiZmF2aWNvbjEiOm51bGwsImZuYW1lIjoiY2xvdWRzc290IiwiZ2VuZGVyIjpudWxsLCJnaXZlbl9uYW1lIjoiY2xvdWRzc290IiwiaWF0IjoxNTk0Mjg2NTU1LCJpc3MiOiJodHRwczovL2Nsb3VkLWFwaS5sb2dpbnJhZGl1cy5jb20vc3NvL29pZGMvdjIvaW50ZXJuYWwtbWF5YW5rL29pZGN0ZXN0IiwianRpIjoiODI1ZGY1N2MtNDU2Ni00Zjg1LWFiY2UtNTNjZmUzYjI4YWEzIiwibG5hbWUiOiJ0ZXNydCIsImxvY2FsZSI6bnVsbCwibWlkZGxlX25hbWUiOm51bGwsIm5hbWUiOiJjbG91ZHNzb3QgdGVzcnQiLCJuYmYiOjE1OTQyODY1NTUsIm5pY2tuYW1lIjpudWxsLCJub25jZSI6IldQZUg3UHBNOHZJejRsRTIiLCJwaG9uZV9udW1iZXIiOiIrMTkwMjkwOTU3MTQiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOm51bGwsInByZWZlcnJlZF91c2VybmFtZSI6ImNsb3Vkc3NvdGVzdCIsInByb2ZpbGUiOm51bGwsInN1YiI6IjBiN2Y5NDViOGM1ZjRhMzZhMzViZjQ5ZjcyMzliZmE0IiwidWlkIjoiMGI3Zjk0NWI4YzVmNGEzNmEzNWJmNDlmNzIzOWJmYTQiLCJ1cGRhdGVkX2F0IjoxNTYzODg1MTA5LCJ1c2VybmFtZSI6ImNsb3Vkc3NvdGVzdCIsIndlYnNpdGUiOm51bGwsInpvbmVpbmZvIjpudWxsfQ.CVfrZEK_dso8xLKCFMeqIkZ6jmOeSlv5_k6Au3sviBIK_LzkaYJsDy_SbMlinR8yxhGw3AdinommBjueRL4FuijC_KI_FkrgrQwKmJFNSmaQVLHMHTsykXan-cuqPz-DFe22FU0CEG_adeZwWfPewcJzmmmUlz2uk9CqTnmjnOoeafwrhwG5d4X-a8oEUk0lozilM-a59PiWWTX20aXEm5LOu98bmYfDA6wPQMRk-AQ0xHEOfHunvRDkMb-IdKaNQHgC0nwfQ5coXPqL7TFuksAWN4tdK446CgiI0icrarKKD37_XoPLU_6pekH-goFN8BTgYbh0L6ChI6jSsLKj-w'}
16	response	{'state': 'qeinpBoCOZvoDvoi', 'code': '7f3f1efbc17e4caf6f430d1eff9a42c8:23349ebd3e34b2708b442b910dc05fefc9fd716d626acc083f38ab8eae96707fd319b0f4834d2a6d6ad35edcc49194ef27fddb9979e373f7f4789bad44feb98a96fcf7256fb0c603d4bc94c3f2f95ef7a92082e291ba8730dceaa06225693d604b9032f6d9e3ba9b4a761ed279b9ad408a01', 'access_token': '2643e6cc-d827-4239-8d99-43958cabd6d3', 'expires_in': 893, 'token_type': 'Bearer', 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMSIsInR5cCI6IkpXVCJ9.eyJhZGRyZXNzIjp7ImNvdW50cnkiOm51bGwsImxvY2FsaXR5IjpudWxsLCJwb3N0YWxfY29kZSI6bnVsbCwicmVnaW9uIjpudWxsLCJzdHJlZXRfYWRkcmVzcyI6bnVsbH0sImFzZGZnaCI6IiIsImF0X2hhc2giOiJZVmdwNVVWWnZCdGZtYU9BYksxblh3IiwiYXVkIjoiMTEyNTYzZjYtMTQ4MC00MGI4LThlMjgtZTA3MmNhMjEyYzgyIiwiYXV0aF90aW1lIjoxNTk0Mjg2NTQ4LCJiaXJ0aGRhdGUiOiIxOTg3LTA3LTA4IiwiY19oYXNoIjoiMEw5anRQYTdKZWlvcVlJQlluODl6dyIsImNvdW50cnkiOm51bGwsImVtYWlsIjpbeyJUeXBlIjoiUHJpbWFyeSIsIlZhbHVlIjoiY2xvdWRzc290ZXN0QG1haWxhenkuY29tIn1dLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZXhwIjoxNTk0Mjg3MTU1LCJmYW1pbHlfbmFtZSI6InRlc3J0IiwiZmF2aWNvbjEiOm51bGwsImZuYW1lIjoiY2xvdWRzc290IiwiZ2VuZGVyIjpudWxsLCJnaXZlbl9uYW1lIjoiY2xvdWRzc290IiwiaWF0IjoxNTk0Mjg2NTU1LCJpc3MiOiJodHRwczovL2Nsb3VkLWFwaS5sb2dpbnJhZGl1cy5jb20vc3NvL29pZGMvdjIvaW50ZXJuYWwtbWF5YW5rL29pZGN0ZXN0IiwianRpIjoiODI1ZGY1N2MtNDU2Ni00Zjg1LWFiY2UtNTNjZmUzYjI4YWEzIiwibG5hbWUiOiJ0ZXNydCIsImxvY2FsZSI6bnVsbCwibWlkZGxlX25hbWUiOm51bGwsIm5hbWUiOiJjbG91ZHNzb3QgdGVzcnQiLCJuYmYiOjE1OTQyODY1NTUsIm5pY2tuYW1lIjpudWxsLCJub25jZSI6IldQZUg3UHBNOHZJejRsRTIiLCJwaG9uZV9udW1iZXIiOiIrMTkwMjkwOTU3MTQiLCJwaG9uZV9udW1iZXJfdmVyaWZpZWQiOnRydWUsInBpY3R1cmUiOm51bGwsInByZWZlcnJlZF91c2VybmFtZSI6ImNsb3Vkc3NvdGVzdCIsInByb2ZpbGUiOm51bGwsInN1YiI6IjBiN2Y5NDViOGM1ZjRhMzZhMzViZjQ5ZjcyMzliZmE0IiwidWlkIjoiMGI3Zjk0NWI4YzVmNGEzNmEzNWJmNDlmNzIzOWJmYTQiLCJ1cGRhdGVkX2F0IjoxNTYzODg1MTA5LCJ1c2VybmFtZSI6ImNsb3Vkc3NvdGVzdCIsIndlYnNpdGUiOm51bGwsInpvbmVpbmZvIjpudWxsfQ.CVfrZEK_dso8xLKCFMeqIkZ6jmOeSlv5_k6Au3sviBIK_LzkaYJsDy_SbMlinR8yxhGw3AdinommBjueRL4FuijC_KI_FkrgrQwKmJFNSmaQVLHMHTsykXan-cuqPz-DFe22FU0CEG_adeZwWfPewcJzmmmUlz2uk9CqTnmjnOoeafwrhwG5d4X-a8oEUk0lozilM-a59PiWWTX20aXEm5LOu98bmYfDA6wPQMRk-AQ0xHEOfHunvRDkMb-IdKaNQHgC0nwfQ5coXPqL7TFuksAWN4tdK446CgiI0icrarKKD37_XoPLU_6pekH-goFN8BTgYbh0L6ChI6jSsLKj-w'}
16	AuthorizationResponse	{ "access_token": "2643e6cc-d827-4239-8d99-43958cabd6d3", "code": "7f3f1efbc17e4caf6f430d1eff9a42c8:23349ebd3e34b2708b442b910dc05fefc9fd716d626acc083f38ab8eae96707fd319b0f4834d2a6d6ad35edcc49194ef27fddb9979e373f7f4789bad44feb98a96fcf7256fb0c603d4bc94c3f2f95ef7a92082e291ba8730dceaa06225693d604b9032f6d9e3ba9b4a761ed279b9ad408a01", "expires_in": 893, "id_token": { "address": { "country": null, "locality": null, "postal_code": null, "region": null, "street_address": null }, "at_hash": "YVgp5UVZvBtfmaOAbK1nXw", "aud": [ "112563f6-1480-40b8-8e28-e072ca212c82" ], "auth_time": 1594286548, "birthdate": "1987-07-08", "c_hash": "0L9jtPa7JeioqYIBYn89zw", "country": null, "email": { "Type": "Primary", "Value": "cloudssotest@mailazy.com" }, "email_verified": true, "exp": 1594287155, "family_name": "tesrt", "favicon1": null, "fname": "cloudssot", "gender": null, "given_name": "cloudssot", "iat": 1594286555, "iss": "https://cloud-api.loginradius.com/sso/oidc/v2/internal-mayank/oidctest", "jti": "825df57c-4566-4f85-abce-53cfe3b28aa3", "lname": "tesrt", "locale": null, "middle_name": null, "name": "cloudssot tesrt", "nbf": 1594286555, "nickname": null, "nonce": "WPeH7PpM8vIz4lE2", "phone_number": "+19029095714", "phone_number_verified": true, "picture": null, "preferred_username": "cloudssotest", "profile": null, "sub": "0b7f945b8c5f4a36a35bf49f7239bfa4", "uid": "0b7f945b8c5f4a36a35bf49f7239bfa4", "updated_at": 1563885109, "username": "cloudssotest", "website": null, "zoneinfo": null }, "state": "qeinpBoCOZvoDvoi", "token_type": "Bearer" }
16	phase	<--<-- 4 --- Done -->-->
16	end
16	assertion	VerifyAuthnResponse
16	condition	verify-authn-response: status=OK [Checks that the last response was a JSON encoded authentication message]
16	condition	Done: status=OK

Result

PASSED

(C) 2017-2020 - OpenID Foundation
E-mail: certification@oidf.org
Issues: Github

Version: 2.3.6