Test Info

Profile[]
Test descriptionTrying to use authorization code twice with 30 seconds in between uses must result in an error
Timestamp2017-10-12T20:26:57Z
Issuerhttps://ofis.theoptimalcloud.com/odn/
Test IDOP-OAuth-2nd-30s

Conditions


verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Note -->-->
3.886phase<--<-- 1 --- Webfinger -->-->
3.886not expected to doWebFinger
3.886phase<--<-- 2 --- Discovery -->-->
3.886not expected to doDynamic discovery
3.887phase<--<-- 3 --- Registration -->-->
3.887not expected to doDynamic registration
3.887phase<--<-- 4 --- AsyncAuthn -->-->
3.887AuthorizationRequest
{
    "client_id": "https://op.certification.openid.net/",
    "nonce": "eWrxTZEYeqUYTMVw",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "5q342evGN1K0WQm2"
}
3.888redirect urlhttps://ofis.theoptimalcloud.com/odn/?nonce=eWrxTZEYeqUYTMVw&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=5q342evGN1K0WQm2&scope=openid
3.888redirecthttps://ofis.theoptimalcloud.com/odn/?nonce=eWrxTZEYeqUYTMVw&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=5q342evGN1K0WQm2&scope=openid
4.149response{'code': 'oBQXNtvOQJY0NU+CX+TfFEKw7pJFYC+LWK6BhtX8vk+Qr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu+ZWcSCCQZSGE9+NKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo/4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq+vupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2/tU0pdnYcsZ1XkzPY=', 'state': '5q342evGN1K0WQm2'}
4.149response{'code': 'oBQXNtvOQJY0NU+CX+TfFEKw7pJFYC+LWK6BhtX8vk+Qr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu+ZWcSCCQZSGE9+NKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo/4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq+vupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2/tU0pdnYcsZ1XkzPY=', 'state': '5q342evGN1K0WQm2'}
4.15AuthorizationResponse
{
    "code": "oBQXNtvOQJY0NU+CX+TfFEKw7pJFYC+LWK6BhtX8vk+Qr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu+ZWcSCCQZSGE9+NKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo/4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq+vupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2/tU0pdnYcsZ1XkzPY=",
    "state": "5q342evGN1K0WQm2"
}
4.15phase<--<-- 5 --- AccessToken -->-->
4.15requestop_args: {'state': '5q342evGN1K0WQm2'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}
4.15do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb', 'code': 'oBQXNtvOQJY0NU+CX+TfFEKw7pJFYC+LWK6BhtX8vk+Qr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu+ZWcSCCQZSGE9+NKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo/4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq+vupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2/tU0pdnYcsZ1XkzPY=', 'client_id': 'https://op.certification.openid.net/', 'grant_type': 'authorization_code', 'state': '5q342evGN1K0WQm2'}, 'state': '5q342evGN1K0WQm2'}
4.15AccessTokenRequest
{
    "client_id": "https://op.certification.openid.net/",
    "code": "oBQXNtvOQJY0NU+CX+TfFEKw7pJFYC+LWK6BhtX8vk+Qr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu+ZWcSCCQZSGE9+NKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo/4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq+vupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2/tU0pdnYcsZ1XkzPY=",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "state": "5q342evGN1K0WQm2"
}
4.15request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/access
4.15request_http_args{'headers': {'Authorization': 'Basic aHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvOjh1VzhRR0puMk5oOHl0NA==', 'Content-Type': 'application/x-www-form-urlencoded'}}
4.15requestcode=oBQXNtvOQJY0NU%2BCX%2BTfFEKw7pJFYC%2BLWK6BhtX8vk%2BQr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu%2BZWcSCCQZSGE9%2BNKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo%2F4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq%2BvupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2%2FtU0pdnYcsZ1XkzPY%3D&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=5q342evGN1K0WQm2
4.286http response
url:https://ofis.theoptimalcloud.com/odn.id/api/access status_code:200
4.287response{'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJlV3J4VFpFWWVxVVlUTVZ3IiwiYXRfaGFzaCI6IjhtSV8tQ2pkcF80WjV3NWY5dnRhYVEiLCJjX2hhc2giOiJHOU9iNXNGQ1puT3EyR0o4aUxCTmt3IiwiaWF0IjoxNTA3ODM5OTg4LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3ODQwNTg4LCJuYmYiOjE1MDc4Mzk5ODZ9.ZdIq_DlfASMg_aHcVOghxo14SXWQd3M-QKrBNwDwPckXTRia9nZ_Hc-b6C9HGh8KqEdQRSNqM9GYHWCshiMl5Z0mjqyibDzmUt_0dwsC98P3He6l8uupRq9FIqAkCg837OZPDBtnnymq3ZA25Sc8fXqrWa9kb5a4mpswTTl4ZBhzvLM_-NCGkxjxLvt9xj6IfCHKbqKoHB1Sq2rHM7--iknqW9MfbedmcgAXv7QZ9TeAgjOv57Q9L2lvXCX4VDanIPZQP0U43OJLm3o-8XfLjzHd2IHm-NdIjVa362JHFSnVDAM9abwIj-OyaHeQ0mvQCyDrMe51P8KwfTgQtaybMA', 'token_type': 'Bearer', 'expires_in': 36000, 'access_token': '7TANOkmMX7UoaKqEy0KI9VrLXQB5iKuIIYoYFeThQt2_A6DlnlKUxRlD7XpX80IXWaE7Bnt9VGpJY7o4Ae2QXsNhwsDevb2ljnG6Bo0ZrHOdtxlMrR9A57hp37tD41GaTAdyetm3IcLQC3e_AuOovEINPJdaS55a-qR1jbf0dfd0OL7iYNTwqWSUDf76Fk7XNBBsm_EaELGZap7qEDKdD9FndoNrfheL7_UHbRo1DHF42v9Wa9OLPndcM6PxDYHD'}
4.358AccessTokenResponse
{
    "access_token": "7TANOkmMX7UoaKqEy0KI9VrLXQB5iKuIIYoYFeThQt2_A6DlnlKUxRlD7XpX80IXWaE7Bnt9VGpJY7o4Ae2QXsNhwsDevb2ljnG6Bo0ZrHOdtxlMrR9A57hp37tD41GaTAdyetm3IcLQC3e_AuOovEINPJdaS55a-qR1jbf0dfd0OL7iYNTwqWSUDf76Fk7XNBBsm_EaELGZap7qEDKdD9FndoNrfheL7_UHbRo1DHF42v9Wa9OLPndcM6PxDYHD",
    "expires_in": 36000,
    "id_token": {
        "at_hash": "8mI_-Cjdp_4Z5w5f9vtaaQ",
        "aud": [
            "https://op.certification.openid.net/"
        ],
        "birthdate": "1972-01-01",
        "c_hash": "G9Ob5sFCZnOq2GJ8iLBNkw",
        "email": "jeff.bohren@optimalidm.com",
        "exp": 1507840588,
        "family_name": "Bohren",
        "gender": "male",
        "given_name": "Jeffrey",
        "iat": 1507839988,
        "iss": "https://ofis.theoptimalcloud.com/odn/",
        "locale": "en-US",
        "middle_name": "Scott",
        "name": "Jeffrey Bohren",
        "nbf": 1507839986,
        "nickname": "Jeffrey",
        "nonce": "eWrxTZEYeqUYTMVw",
        "phone_number": "555-1212",
        "picture": "https://optimalidm.com",
        "preferred_username": "jeff.bohren@optimalidm.com",
        "profile": "https://optimalidm.com",
        "sub": "jBrDabUU7EGUyAxDB6KzCg==",
        "website": "http://optimalidm.com",
        "zoneinfo": "East US"
    },
    "token_type": "Bearer"
}
4.358phase<--<-- 6 --- TimeDelay -->-->
34.388phase<--<-- 7 --- AccessToken -->-->
34.389requestop_args: {'state': '5q342evGN1K0WQm2'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}
34.389do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb', 'code': 'oBQXNtvOQJY0NU+CX+TfFEKw7pJFYC+LWK6BhtX8vk+Qr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu+ZWcSCCQZSGE9+NKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo/4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq+vupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2/tU0pdnYcsZ1XkzPY=', 'client_id': 'https://op.certification.openid.net/', 'grant_type': 'authorization_code', 'state': '5q342evGN1K0WQm2'}, 'state': '5q342evGN1K0WQm2'}
34.389AccessTokenRequest
{
    "client_id": "https://op.certification.openid.net/",
    "code": "oBQXNtvOQJY0NU+CX+TfFEKw7pJFYC+LWK6BhtX8vk+Qr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu+ZWcSCCQZSGE9+NKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo/4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq+vupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2/tU0pdnYcsZ1XkzPY=",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "state": "5q342evGN1K0WQm2"
}
34.389request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/access
34.389request_http_args{'headers': {'Authorization': 'Basic aHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvOjh1VzhRR0puMk5oOHl0NA==', 'Content-Type': 'application/x-www-form-urlencoded'}}
34.389requestcode=oBQXNtvOQJY0NU%2BCX%2BTfFEKw7pJFYC%2BLWK6BhtX8vk%2BQr4GswVwpasDjAi0SoXjCNTj9Xf8V188SnzqFvXIedaz3D4zu%2BZWcSCCQZSGE9%2BNKm7t1S25ZFVgZxxKtPZe0Z3nix60yLkEo576D5bPZa9w5FG51D4PaQJSo%2F4D8MekfasfJjP3ks05SNG7XkRKrM28g6BsdpBCuHDDjHdMH4j5vjq%2BvupKUdcYKTFY72HlE6NMLFQqx4pwIOopBYG1Y1yGMMPOx13DlJuXxCEgsIkATz2%2FtU0pdnYcsZ1XkzPY%3D&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=5q342evGN1K0WQm2
34.521http response
url:https://ofis.theoptimalcloud.com/odn.id/api/access status_code:400 message:{"error":"invalid_grant"}
34.521response{'error': 'invalid_grant'}
34.521eventGot expected error
34.521TokenErrorResponse
{
    "error": "invalid_grant"
}
34.521phase<--<-- 8 --- Done -->-->
34.521end
34.522assertionVerifyResponse
34.522conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
34.522conditionDone: status=OK

Result

PASSED