Test Info

Issuerhttps://ofis.theoptimalcloud.com/odn/
Test IDOP-scope-All
Test descriptionScope requesting all claims
Profile[]
Timestamp2017-10-12T20:05:28Z

Conditions


check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
verify-scopes: status=OK [Verifies that the claims corresponding to the requested scopes are returned]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Webfinger -->-->
0.0not expected to doWebFinger
0.0phase<--<-- 1 --- Discovery -->-->
0.0not expected to doDynamic discovery
0.0phase<--<-- 2 --- Registration -->-->
0.0not expected to doDynamic registration
0.001phase<--<-- 3 --- AsyncAuthn -->-->
0.001AuthorizationRequest
{
    "client_id": "https://op.certification.openid.net/",
    "nonce": "ropQ0y1xSp5pEoan",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "response_type": "code",
    "scope": "openid profile email address phone",
    "state": "siJYXAzLKycTQ5H3"
}
0.001redirect urlhttps://ofis.theoptimalcloud.com/odn/?client_id=https%3A%2F%2Fop.certification.openid.net%2F&scope=openid+profile+email+address+phone&nonce=ropQ0y1xSp5pEoan&state=siJYXAzLKycTQ5H3&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb
0.001redirecthttps://ofis.theoptimalcloud.com/odn/?client_id=https%3A%2F%2Fop.certification.openid.net%2F&scope=openid+profile+email+address+phone&nonce=ropQ0y1xSp5pEoan&state=siJYXAzLKycTQ5H3&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb
0.361response{'state': 'siJYXAzLKycTQ5H3', 'code': '3ubzsyil5CiOOsTmhtzuJIUx+41jMIDlhbWFscoF/KdUNkcweruxgxYJWryayXgEEb5TTsHrILurSfDOsl7E7MerF8Uydv5gsM53nIhhKmSr1cNZUEpWM686H/0XydE0HosH98hPRUP4/JGHGhv1rf3s6Y3Te3Zs7lMeVS/Lja8HcQAm12/xTj0llkE35iECoy9IeUDeGLC7OUey1VRiqPUhvgcd4nGaqnJqZ/J8WpRVx86uoVrZiKDM43bdgZFCYcVPPLfudVQ+Xwa9FHPL3TI7cqeXy4omZZ3vQUNPF08v8HOHh15aFYMWyHFzSHgD'}
0.361response{'state': 'siJYXAzLKycTQ5H3', 'code': '3ubzsyil5CiOOsTmhtzuJIUx+41jMIDlhbWFscoF/KdUNkcweruxgxYJWryayXgEEb5TTsHrILurSfDOsl7E7MerF8Uydv5gsM53nIhhKmSr1cNZUEpWM686H/0XydE0HosH98hPRUP4/JGHGhv1rf3s6Y3Te3Zs7lMeVS/Lja8HcQAm12/xTj0llkE35iECoy9IeUDeGLC7OUey1VRiqPUhvgcd4nGaqnJqZ/J8WpRVx86uoVrZiKDM43bdgZFCYcVPPLfudVQ+Xwa9FHPL3TI7cqeXy4omZZ3vQUNPF08v8HOHh15aFYMWyHFzSHgD'}
0.361AuthorizationResponse
{
    "code": "3ubzsyil5CiOOsTmhtzuJIUx+41jMIDlhbWFscoF/KdUNkcweruxgxYJWryayXgEEb5TTsHrILurSfDOsl7E7MerF8Uydv5gsM53nIhhKmSr1cNZUEpWM686H/0XydE0HosH98hPRUP4/JGHGhv1rf3s6Y3Te3Zs7lMeVS/Lja8HcQAm12/xTj0llkE35iECoy9IeUDeGLC7OUey1VRiqPUhvgcd4nGaqnJqZ/J8WpRVx86uoVrZiKDM43bdgZFCYcVPPLfudVQ+Xwa9FHPL3TI7cqeXy4omZZ3vQUNPF08v8HOHh15aFYMWyHFzSHgD",
    "state": "siJYXAzLKycTQ5H3"
}
0.362phase<--<-- 4 --- AccessToken -->-->
0.362requestop_args: {'state': 'siJYXAzLKycTQ5H3'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}
0.362do_access_token_request
kwargs:{'state': 'siJYXAzLKycTQ5H3', 'request_args': {'state': 'siJYXAzLKycTQ5H3', 'client_id': 'https://op.certification.openid.net/', 'grant_type': 'authorization_code', 'code': '3ubzsyil5CiOOsTmhtzuJIUx+41jMIDlhbWFscoF/KdUNkcweruxgxYJWryayXgEEb5TTsHrILurSfDOsl7E7MerF8Uydv5gsM53nIhhKmSr1cNZUEpWM686H/0XydE0HosH98hPRUP4/JGHGhv1rf3s6Y3Te3Zs7lMeVS/Lja8HcQAm12/xTj0llkE35iECoy9IeUDeGLC7OUey1VRiqPUhvgcd4nGaqnJqZ/J8WpRVx86uoVrZiKDM43bdgZFCYcVPPLfudVQ+Xwa9FHPL3TI7cqeXy4omZZ3vQUNPF08v8HOHh15aFYMWyHFzSHgD', 'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}}
0.362AccessTokenRequest
{
    "client_id": "https://op.certification.openid.net/",
    "code": "3ubzsyil5CiOOsTmhtzuJIUx+41jMIDlhbWFscoF/KdUNkcweruxgxYJWryayXgEEb5TTsHrILurSfDOsl7E7MerF8Uydv5gsM53nIhhKmSr1cNZUEpWM686H/0XydE0HosH98hPRUP4/JGHGhv1rf3s6Y3Te3Zs7lMeVS/Lja8HcQAm12/xTj0llkE35iECoy9IeUDeGLC7OUey1VRiqPUhvgcd4nGaqnJqZ/J8WpRVx86uoVrZiKDM43bdgZFCYcVPPLfudVQ+Xwa9FHPL3TI7cqeXy4omZZ3vQUNPF08v8HOHh15aFYMWyHFzSHgD",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "state": "siJYXAzLKycTQ5H3"
}
0.362request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/access
0.362request_http_args{'headers': {'Authorization': 'Basic aHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvOjh1VzhRR0puMk5oOHl0NA==', 'Content-Type': 'application/x-www-form-urlencoded'}}
0.362requestclient_id=https%3A%2F%2Fop.certification.openid.net%2F&grant_type=authorization_code&code=3ubzsyil5CiOOsTmhtzuJIUx%2B41jMIDlhbWFscoF%2FKdUNkcweruxgxYJWryayXgEEb5TTsHrILurSfDOsl7E7MerF8Uydv5gsM53nIhhKmSr1cNZUEpWM686H%2F0XydE0HosH98hPRUP4%2FJGHGhv1rf3s6Y3Te3Zs7lMeVS%2FLja8HcQAm12%2FxTj0llkE35iECoy9IeUDeGLC7OUey1VRiqPUhvgcd4nGaqnJqZ%2FJ8WpRVx86uoVrZiKDM43bdgZFCYcVPPLfudVQ%2BXwa9FHPL3TI7cqeXy4omZZ3vQUNPF08v8HOHh15aFYMWyHFzSHgD&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&state=siJYXAzLKycTQ5H3
2.246http response
url:https://ofis.theoptimalcloud.com/odn.id/api/access status_code:200
2.247response{'access_token': '66q3vBNz_EMcS8jMHgcRgl8dpcAFyI6CRXr9b6bJOqTsFfEJSbSE2pOati1mDz3mwUCw-T-bhtP3d0z4o11uSjLzqpdMlxJjKGVRjMebGT1O_9I8Z90ahYmHNMu3fs2oSPwYyLLCEr3qkIRS7IB5UkPGxdTN1HB0lrTsbxPWUWC6bvR4QiOcVN366-hUL9QenUeLaQbrOM1OvNH1k1qA1i2bJkpiH8h_8_ccy9r77dg-Y8zApKYdeHNt6RyAHBeEemqpGw3yqUfqlv2QAAEVqWg-dhcjdAADY6iIwqpOUZU', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJyb3BRMHkxeFNwNXBFb2FuIiwiYXRfaGFzaCI6IlRoNXY2QW9NbGFmakllU3hraHlTeFEiLCJjX2hhc2giOiJpek9KSW5SellqSWk0cDRORVN3MXJnIiwiaWF0IjoxNTA3ODM4NzI4LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3ODM5MzI4LCJuYmYiOjE1MDc4Mzg3Mjd9.dUE61e1Dfn3MjrHOI3Rj9tg6q1DuEhOn2jVXpPumHXji5TjCJnEQbSneVEp33WeTNdK_lwByyGU3TEspn_lfmm1KM6B8Dmc3KRIKm2DjWCwEwbC4ZCMCtIkhD4rEtXN3D_ioulZep5hbZWg3ykAUCiCHcVwHpbNEzA38jT9g_l76BRrhL7UeVilqsWO6HC83UXTZWIuGMPibmdSKETAPFWxXwnuPBCXBOoJoMndCBhvSHUaqW8EmwlwzNTSKn46WskBLlpR5JMaDnENXirn5q-tT29EUtMV0PoYD05aPRNHEIeEFu_5eayEXfkquBh-plxe7_238GgScE9fUp4GY0A', 'token_type': 'Bearer', 'expires_in': 36000}
2.325AccessTokenResponse
{
    "access_token": "66q3vBNz_EMcS8jMHgcRgl8dpcAFyI6CRXr9b6bJOqTsFfEJSbSE2pOati1mDz3mwUCw-T-bhtP3d0z4o11uSjLzqpdMlxJjKGVRjMebGT1O_9I8Z90ahYmHNMu3fs2oSPwYyLLCEr3qkIRS7IB5UkPGxdTN1HB0lrTsbxPWUWC6bvR4QiOcVN366-hUL9QenUeLaQbrOM1OvNH1k1qA1i2bJkpiH8h_8_ccy9r77dg-Y8zApKYdeHNt6RyAHBeEemqpGw3yqUfqlv2QAAEVqWg-dhcjdAADY6iIwqpOUZU",
    "expires_in": 36000,
    "id_token": {
        "at_hash": "Th5v6AoMlafjIeSxkhySxQ",
        "aud": [
            "https://op.certification.openid.net/"
        ],
        "birthdate": "1972-01-01",
        "c_hash": "izOJInRzYjIi4p4NESw1rg",
        "email": "jeff.bohren@optimalidm.com",
        "exp": 1507839328,
        "family_name": "Bohren",
        "gender": "male",
        "given_name": "Jeffrey",
        "iat": 1507838728,
        "iss": "https://ofis.theoptimalcloud.com/odn/",
        "locale": "en-US",
        "middle_name": "Scott",
        "name": "Jeffrey Bohren",
        "nbf": 1507838727,
        "nickname": "Jeffrey",
        "nonce": "ropQ0y1xSp5pEoan",
        "phone_number": "555-1212",
        "picture": "https://optimalidm.com",
        "preferred_username": "jeff.bohren@optimalidm.com",
        "profile": "https://optimalidm.com",
        "sub": "jBrDabUU7EGUyAxDB6KzCg==",
        "website": "http://optimalidm.com",
        "zoneinfo": "East US"
    },
    "token_type": "Bearer"
}
2.325phase<--<-- 5 --- UserInfo -->-->
2.325do_user_info_request
kwargs:{'state': 'siJYXAzLKycTQ5H3', 'method': 'GET', 'authn_method': 'bearer_header'}
2.325request{'body': None}
2.325request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/userprofile
2.325request_http_args{'headers': {'Authorization': 'Bearer 66q3vBNz_EMcS8jMHgcRgl8dpcAFyI6CRXr9b6bJOqTsFfEJSbSE2pOati1mDz3mwUCw-T-bhtP3d0z4o11uSjLzqpdMlxJjKGVRjMebGT1O_9I8Z90ahYmHNMu3fs2oSPwYyLLCEr3qkIRS7IB5UkPGxdTN1HB0lrTsbxPWUWC6bvR4QiOcVN366-hUL9QenUeLaQbrOM1OvNH1k1qA1i2bJkpiH8h_8_ccy9r77dg-Y8zApKYdeHNt6RyAHBeEemqpGw3yqUfqlv2QAAEVqWg-dhcjdAADY6iIwqpOUZU'}}
2.46http response
url:https://ofis.theoptimalcloud.com/odn.id/api/userprofile status_code:200
2.461OpenIDSchema
{
    "address": {},
    "birthdate": "1972-01-01",
    "email": "jeff.bohren@optimalidm.com",
    "email_verified": false,
    "family_name": "Bohren",
    "gender": "male",
    "given_name": "Jeffrey",
    "locale": "en-US",
    "middle_name": "Scott",
    "name": "Jeffrey Bohren",
    "nickname": "Jeffrey",
    "phone_number": "555-1212",
    "phone_number_verified": false,
    "picture": "https://optimalidm.com",
    "preferred_username": "jeff.bohren@optimalidm.com",
    "profile": "https://optimalidm.com",
    "sub": "jBrDabUU7EGUyAxDB6KzCg==",
    "updated_at": 0,
    "website": "http://optimalidm.com",
    "zoneinfo": "East US"
}
2.461OpenIDSchema
{
    "address": {},
    "birthdate": "1972-01-01",
    "email": "jeff.bohren@optimalidm.com",
    "email_verified": false,
    "family_name": "Bohren",
    "gender": "male",
    "given_name": "Jeffrey",
    "locale": "en-US",
    "middle_name": "Scott",
    "name": "Jeffrey Bohren",
    "nickname": "Jeffrey",
    "phone_number": "555-1212",
    "phone_number_verified": false,
    "picture": "https://optimalidm.com",
    "preferred_username": "jeff.bohren@optimalidm.com",
    "profile": "https://optimalidm.com",
    "sub": "jBrDabUU7EGUyAxDB6KzCg==",
    "updated_at": 0,
    "website": "http://optimalidm.com",
    "zoneinfo": "East US"
}
2.461phase<--<-- 6 --- Done -->-->
2.461end
2.462assertionCheckHTTPResponse
2.462conditioncheck-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
2.462assertionVerifyResponse
2.462conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
2.463assertionVerifyScopes
2.463conditionverify-scopes: status=OK [Verifies that the claims corresponding to the requested scopes are returned]
2.463conditionDone: status=OK

Result

PASSED