Test Info

Issuerhttps://ofis.theoptimalcloud.com/odn/
Test IDOP-claims-essential
Test descriptionClaims request with essential name claim
Profile[]
Timestamp2017-10-12T19:48:37Z

Conditions


check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
verify-claims: status=WARNING, message=Unexpected claims in response: ['picture', 'profile', 'updated_at', 'locale', 'email', 'phone_number', 'middle_name', 'given_name', 'birthdate', 'family_name', 'email_verified', 'gender', 'zoneinfo', 'website', 'phone_number_verified', 'address', 'nickname', 'preferred_username'] [Verifies that the claims returned as UserInfo or in the ID Token is consistent with what was asked for]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Webfinger -->-->
0.0not expected to doWebFinger
0.0phase<--<-- 1 --- Discovery -->-->
0.0not expected to doDynamic discovery
0.001phase<--<-- 2 --- Registration -->-->
0.001not expected to doDynamic registration
0.001phase<--<-- 3 --- AsyncAuthn -->-->
0.002AuthorizationRequest
{
    "claims": {
        "userinfo": {
            "name": {
                "essential": true
            }
        }
    },
    "client_id": "https://op.certification.openid.net/",
    "nonce": "GeSi6L4NXDUHOfx5",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "GN7HNjzdIplZmcRE"
}
0.002redirect urlhttps://ofis.theoptimalcloud.com/odn/?client_id=https%3A%2F%2Fop.certification.openid.net%2F&scope=openid&nonce=GeSi6L4NXDUHOfx5&state=GN7HNjzdIplZmcRE&claims=%7B%22userinfo%22%3A+%7B%22name%22%3A+%7B%22essential%22%3A+true%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb
0.002redirecthttps://ofis.theoptimalcloud.com/odn/?client_id=https%3A%2F%2Fop.certification.openid.net%2F&scope=openid&nonce=GeSi6L4NXDUHOfx5&state=GN7HNjzdIplZmcRE&claims=%7B%22userinfo%22%3A+%7B%22name%22%3A+%7B%22essential%22%3A+true%7D%7D%7D&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb
0.123response{'state': 'GN7HNjzdIplZmcRE', 'code': '1OMT8CrKMWxps8//KS4d9M3kuvS9kyFipGBe9er49mu3rVrl0l8PNfbI/v9UT5SQpSPbN9JftwHRJO2GMwCEpsZHuL+pVaemkeON7Kx4wM1p9ukJPyfW+IrB8dXv4GNajEyqNnx03I8WvnnFNAfM8p562VOWpYbqwQuUkzVbQUHr4ybfspD+DFWwsWBW1miBaPUBHa8aVAMWbbxJRHemFP0/1L6qsg9EEYMRf1KMmcLSFooPX6TK3nUDSFEevc8+X2NxELS8QUxDf3gj/1mlJAXgj44/oZ8RlBS6yop1GYo='}
0.123response{'state': 'GN7HNjzdIplZmcRE', 'code': '1OMT8CrKMWxps8//KS4d9M3kuvS9kyFipGBe9er49mu3rVrl0l8PNfbI/v9UT5SQpSPbN9JftwHRJO2GMwCEpsZHuL+pVaemkeON7Kx4wM1p9ukJPyfW+IrB8dXv4GNajEyqNnx03I8WvnnFNAfM8p562VOWpYbqwQuUkzVbQUHr4ybfspD+DFWwsWBW1miBaPUBHa8aVAMWbbxJRHemFP0/1L6qsg9EEYMRf1KMmcLSFooPX6TK3nUDSFEevc8+X2NxELS8QUxDf3gj/1mlJAXgj44/oZ8RlBS6yop1GYo='}
0.124AuthorizationResponse
{
    "code": "1OMT8CrKMWxps8//KS4d9M3kuvS9kyFipGBe9er49mu3rVrl0l8PNfbI/v9UT5SQpSPbN9JftwHRJO2GMwCEpsZHuL+pVaemkeON7Kx4wM1p9ukJPyfW+IrB8dXv4GNajEyqNnx03I8WvnnFNAfM8p562VOWpYbqwQuUkzVbQUHr4ybfspD+DFWwsWBW1miBaPUBHa8aVAMWbbxJRHemFP0/1L6qsg9EEYMRf1KMmcLSFooPX6TK3nUDSFEevc8+X2NxELS8QUxDf3gj/1mlJAXgj44/oZ8RlBS6yop1GYo=",
    "state": "GN7HNjzdIplZmcRE"
}
0.124phase<--<-- 4 --- AccessToken -->-->
0.124requestop_args: {'state': 'GN7HNjzdIplZmcRE'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}
0.124do_access_token_request
kwargs:{'state': 'GN7HNjzdIplZmcRE', 'request_args': {'state': 'GN7HNjzdIplZmcRE', 'client_id': 'https://op.certification.openid.net/', 'grant_type': 'authorization_code', 'code': '1OMT8CrKMWxps8//KS4d9M3kuvS9kyFipGBe9er49mu3rVrl0l8PNfbI/v9UT5SQpSPbN9JftwHRJO2GMwCEpsZHuL+pVaemkeON7Kx4wM1p9ukJPyfW+IrB8dXv4GNajEyqNnx03I8WvnnFNAfM8p562VOWpYbqwQuUkzVbQUHr4ybfspD+DFWwsWBW1miBaPUBHa8aVAMWbbxJRHemFP0/1L6qsg9EEYMRf1KMmcLSFooPX6TK3nUDSFEevc8+X2NxELS8QUxDf3gj/1mlJAXgj44/oZ8RlBS6yop1GYo=', 'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}}
0.124AccessTokenRequest
{
    "client_id": "https://op.certification.openid.net/",
    "code": "1OMT8CrKMWxps8//KS4d9M3kuvS9kyFipGBe9er49mu3rVrl0l8PNfbI/v9UT5SQpSPbN9JftwHRJO2GMwCEpsZHuL+pVaemkeON7Kx4wM1p9ukJPyfW+IrB8dXv4GNajEyqNnx03I8WvnnFNAfM8p562VOWpYbqwQuUkzVbQUHr4ybfspD+DFWwsWBW1miBaPUBHa8aVAMWbbxJRHemFP0/1L6qsg9EEYMRf1KMmcLSFooPX6TK3nUDSFEevc8+X2NxELS8QUxDf3gj/1mlJAXgj44/oZ8RlBS6yop1GYo=",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "state": "GN7HNjzdIplZmcRE"
}
0.124request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/access
0.124request_http_args{'headers': {'Authorization': 'Basic aHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvOjh1VzhRR0puMk5oOHl0NA==', 'Content-Type': 'application/x-www-form-urlencoded'}}
0.124requestclient_id=https%3A%2F%2Fop.certification.openid.net%2F&grant_type=authorization_code&code=1OMT8CrKMWxps8%2F%2FKS4d9M3kuvS9kyFipGBe9er49mu3rVrl0l8PNfbI%2Fv9UT5SQpSPbN9JftwHRJO2GMwCEpsZHuL%2BpVaemkeON7Kx4wM1p9ukJPyfW%2BIrB8dXv4GNajEyqNnx03I8WvnnFNAfM8p562VOWpYbqwQuUkzVbQUHr4ybfspD%2BDFWwsWBW1miBaPUBHa8aVAMWbbxJRHemFP0%2F1L6qsg9EEYMRf1KMmcLSFooPX6TK3nUDSFEevc8%2BX2NxELS8QUxDf3gj%2F1mlJAXgj44%2FoZ8RlBS6yop1GYo%3D&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&state=GN7HNjzdIplZmcRE
0.278http response
url:https://ofis.theoptimalcloud.com/odn.id/api/access status_code:200
0.279response{'access_token': '7orV6ht1nTNtxmXv5__5nHxSUQ8CfeiGUkH-XD0an_QlXjGDSQ9oIQOEDRw_B3WiN8_hBOds0aO9_LrD6XoPelM5rI2qx8A1fMIK4d2Y4pDc16QS7apNXhqQtGv8uagcdC1GUfNc0OLDI1AUy1_sqpHssEAMMgIt3Cu2gWnKkqLfxGb5UdwCs7W4jo7WSjfj5kEcm6Gi7hXp-1_j_q3k3ahxuyAmIQKIyq0eQNyJnu5OZIXTF2m7OWfdjExBivUT', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJHZVNpNkw0TlhEVUhPZng1IiwiYXRfaGFzaCI6IjdrbFl4NU0tTnEzRmlSR3BlMFd5M2ciLCJjX2hhc2giOiJNaG9QX2pETUhJX2NhenRaeGZJdG5nIiwiaWF0IjoxNTA3ODM3NzE4LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3ODM4MzE4LCJuYmYiOjE1MDc4Mzc3MTd9.Z7X0ZcvWFe_NY58sF0yc8uqZpa-Ru26k8Mui3tSF3_safzo7CyLGd3AIovhzjXdmo-UAUigY700IKkpL0yIFhi59sUkaYgdX8pcYJMD8NSMHui-Y1pdTQsN2e_6x4YL1PHtsYDVq5Cyfz9ha2agtT-PKpVU0mltcxEdFVaMX7CXCckdi5Dd0KxMRW6CfQCL7_rQewnCQc8fHFBBDUchok5nueOkmFaXcJb_On48Rx1yb8FxBppHuNFjQSdD8CC9Br0In2iY9O-rmWdNDo4VmJK5qKAB1nkQarzgil_HzEKqXaWwdlkZqjAnqiL6v31xts1MVDEN4OM5KMPG2d-2Dig', 'token_type': 'Bearer', 'expires_in': 36000}
0.358AccessTokenResponse
{
    "access_token": "7orV6ht1nTNtxmXv5__5nHxSUQ8CfeiGUkH-XD0an_QlXjGDSQ9oIQOEDRw_B3WiN8_hBOds0aO9_LrD6XoPelM5rI2qx8A1fMIK4d2Y4pDc16QS7apNXhqQtGv8uagcdC1GUfNc0OLDI1AUy1_sqpHssEAMMgIt3Cu2gWnKkqLfxGb5UdwCs7W4jo7WSjfj5kEcm6Gi7hXp-1_j_q3k3ahxuyAmIQKIyq0eQNyJnu5OZIXTF2m7OWfdjExBivUT",
    "expires_in": 36000,
    "id_token": {
        "at_hash": "7klYx5M-Nq3FiRGpe0Wy3g",
        "aud": [
            "https://op.certification.openid.net/"
        ],
        "birthdate": "1972-01-01",
        "c_hash": "MhoP_jDMHI_caztZxfItng",
        "email": "jeff.bohren@optimalidm.com",
        "exp": 1507838318,
        "family_name": "Bohren",
        "gender": "male",
        "given_name": "Jeffrey",
        "iat": 1507837718,
        "iss": "https://ofis.theoptimalcloud.com/odn/",
        "locale": "en-US",
        "middle_name": "Scott",
        "name": "Jeffrey Bohren",
        "nbf": 1507837717,
        "nickname": "Jeffrey",
        "nonce": "GeSi6L4NXDUHOfx5",
        "phone_number": "555-1212",
        "picture": "https://optimalidm.com",
        "preferred_username": "jeff.bohren@optimalidm.com",
        "profile": "https://optimalidm.com",
        "sub": "jBrDabUU7EGUyAxDB6KzCg==",
        "website": "http://optimalidm.com",
        "zoneinfo": "East US"
    },
    "token_type": "Bearer"
}
0.358phase<--<-- 5 --- UserInfo -->-->
0.359do_user_info_request
kwargs:{'state': 'GN7HNjzdIplZmcRE', 'method': 'GET', 'authn_method': 'bearer_header'}
0.359request{'body': None}
0.359request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/userprofile
0.359request_http_args{'headers': {'Authorization': 'Bearer 7orV6ht1nTNtxmXv5__5nHxSUQ8CfeiGUkH-XD0an_QlXjGDSQ9oIQOEDRw_B3WiN8_hBOds0aO9_LrD6XoPelM5rI2qx8A1fMIK4d2Y4pDc16QS7apNXhqQtGv8uagcdC1GUfNc0OLDI1AUy1_sqpHssEAMMgIt3Cu2gWnKkqLfxGb5UdwCs7W4jo7WSjfj5kEcm6Gi7hXp-1_j_q3k3ahxuyAmIQKIyq0eQNyJnu5OZIXTF2m7OWfdjExBivUT'}}
0.455http response
url:https://ofis.theoptimalcloud.com/odn.id/api/userprofile status_code:200
0.456OpenIDSchema
{
    "address": {},
    "birthdate": "1972-01-01",
    "email": "jeff.bohren@optimalidm.com",
    "email_verified": false,
    "family_name": "Bohren",
    "gender": "male",
    "given_name": "Jeffrey",
    "locale": "en-US",
    "middle_name": "Scott",
    "name": "Jeffrey Bohren",
    "nickname": "Jeffrey",
    "phone_number": "555-1212",
    "phone_number_verified": false,
    "picture": "https://optimalidm.com",
    "preferred_username": "jeff.bohren@optimalidm.com",
    "profile": "https://optimalidm.com",
    "sub": "jBrDabUU7EGUyAxDB6KzCg==",
    "updated_at": 0,
    "website": "http://optimalidm.com",
    "zoneinfo": "East US"
}
0.456OpenIDSchema
{
    "address": {},
    "birthdate": "1972-01-01",
    "email": "jeff.bohren@optimalidm.com",
    "email_verified": false,
    "family_name": "Bohren",
    "gender": "male",
    "given_name": "Jeffrey",
    "locale": "en-US",
    "middle_name": "Scott",
    "name": "Jeffrey Bohren",
    "nickname": "Jeffrey",
    "phone_number": "555-1212",
    "phone_number_verified": false,
    "picture": "https://optimalidm.com",
    "preferred_username": "jeff.bohren@optimalidm.com",
    "profile": "https://optimalidm.com",
    "sub": "jBrDabUU7EGUyAxDB6KzCg==",
    "updated_at": 0,
    "website": "http://optimalidm.com",
    "zoneinfo": "East US"
}
0.456phase<--<-- 6 --- Done -->-->
0.456end
0.457assertionCheckHTTPResponse
0.457conditioncheck-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
0.457assertionVerifyClaims
0.458conditionverify-claims: status=WARNING, message=Unexpected claims in response: ['picture', 'profile', 'updated_at', 'locale', 'email', 'phone_number', 'middle_name', 'given_name', 'birthdate', 'family_name', 'email_verified', 'gender', 'zoneinfo', 'website', 'phone_number_verified', 'address', 'nickname', 'preferred_username'] [Verifies that the claims returned as UserInfo or in the ID Token is consistent with what was asked for]
0.458conditionDone: status=OK

Result

WARNING
Warnings:
Unexpected claims in response: ['picture', 'profile', 'updated_at', 'locale', 'email', 'phone_number', 'middle_name', 'given_name', 'birthdate', 'family_name', 'email_verified', 'gender', 'zoneinfo', 'website', 'phone_number_verified', 'address', 'nickname', 'preferred_username']