Test Info

Issuerhttps://ofis.theoptimalcloud.com/odn/
Test IDOP-IDToken-C-Signature
Test descriptionDoes the OP sign the ID Token and with what
Profile[]
Timestamp2017-10-12T19:43:12Z

Conditions


is-idtoken-signed: status=OK [Checks if the id_token is signed]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Webfinger -->-->
0.001not expected to doWebFinger
0.001phase<--<-- 1 --- Discovery -->-->
0.001not expected to doDynamic discovery
0.001phase<--<-- 2 --- Registration -->-->
0.001not expected to doDynamic registration
0.001phase<--<-- 3 --- AsyncAuthn -->-->
0.002AuthorizationRequest
{
    "client_id": "https://op.certification.openid.net/",
    "nonce": "PUvrDj4iVDFPCWxA",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "xTWTlod1xalTGIoy"
}
0.002redirect urlhttps://ofis.theoptimalcloud.com/odn/?client_id=https%3A%2F%2Fop.certification.openid.net%2F&scope=openid&nonce=PUvrDj4iVDFPCWxA&state=xTWTlod1xalTGIoy&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb
0.002redirecthttps://ofis.theoptimalcloud.com/odn/?client_id=https%3A%2F%2Fop.certification.openid.net%2F&scope=openid&nonce=PUvrDj4iVDFPCWxA&state=xTWTlod1xalTGIoy&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb
0.516response{'state': 'xTWTlod1xalTGIoy', 'code': '1/yb+mpV1nSsWTGkfu8NBXGYBau4Zxg3RUmd1GG1Yr3yaQZLM+1NhEcaq+8GHhUT5H3PzBGYyAcR1BP92Vw2kKg3cfdR3SWiOJLrVNyWdClYZYpOe8vPz/a0CfinT6TTKEUQDWvzq2bphXGskLT4AaP3WjnnXpcBQuLenHp4npI6Bej9rUbaKgEmEPNkbbP1sFOR94lGiysd0KSUcf939buIvHaNcPhzfVtIJhyKMsHDZBP2muYUmFmXkZ06QgKScD2lfx5ObEfePIPszlSy7lk0BK1gH2QLebvh98uG5AI='}
0.516response{'state': 'xTWTlod1xalTGIoy', 'code': '1/yb+mpV1nSsWTGkfu8NBXGYBau4Zxg3RUmd1GG1Yr3yaQZLM+1NhEcaq+8GHhUT5H3PzBGYyAcR1BP92Vw2kKg3cfdR3SWiOJLrVNyWdClYZYpOe8vPz/a0CfinT6TTKEUQDWvzq2bphXGskLT4AaP3WjnnXpcBQuLenHp4npI6Bej9rUbaKgEmEPNkbbP1sFOR94lGiysd0KSUcf939buIvHaNcPhzfVtIJhyKMsHDZBP2muYUmFmXkZ06QgKScD2lfx5ObEfePIPszlSy7lk0BK1gH2QLebvh98uG5AI='}
0.517AuthorizationResponse
{
    "code": "1/yb+mpV1nSsWTGkfu8NBXGYBau4Zxg3RUmd1GG1Yr3yaQZLM+1NhEcaq+8GHhUT5H3PzBGYyAcR1BP92Vw2kKg3cfdR3SWiOJLrVNyWdClYZYpOe8vPz/a0CfinT6TTKEUQDWvzq2bphXGskLT4AaP3WjnnXpcBQuLenHp4npI6Bej9rUbaKgEmEPNkbbP1sFOR94lGiysd0KSUcf939buIvHaNcPhzfVtIJhyKMsHDZBP2muYUmFmXkZ06QgKScD2lfx5ObEfePIPszlSy7lk0BK1gH2QLebvh98uG5AI=",
    "state": "xTWTlod1xalTGIoy"
}
0.517phase<--<-- 4 --- AccessToken -->-->
0.517requestop_args: {'state': 'xTWTlod1xalTGIoy'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}
0.517do_access_token_request
kwargs:{'state': 'xTWTlod1xalTGIoy', 'request_args': {'state': 'xTWTlod1xalTGIoy', 'client_id': 'https://op.certification.openid.net/', 'grant_type': 'authorization_code', 'code': '1/yb+mpV1nSsWTGkfu8NBXGYBau4Zxg3RUmd1GG1Yr3yaQZLM+1NhEcaq+8GHhUT5H3PzBGYyAcR1BP92Vw2kKg3cfdR3SWiOJLrVNyWdClYZYpOe8vPz/a0CfinT6TTKEUQDWvzq2bphXGskLT4AaP3WjnnXpcBQuLenHp4npI6Bej9rUbaKgEmEPNkbbP1sFOR94lGiysd0KSUcf939buIvHaNcPhzfVtIJhyKMsHDZBP2muYUmFmXkZ06QgKScD2lfx5ObEfePIPszlSy7lk0BK1gH2QLebvh98uG5AI=', 'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}}
0.517AccessTokenRequest
{
    "client_id": "https://op.certification.openid.net/",
    "code": "1/yb+mpV1nSsWTGkfu8NBXGYBau4Zxg3RUmd1GG1Yr3yaQZLM+1NhEcaq+8GHhUT5H3PzBGYyAcR1BP92Vw2kKg3cfdR3SWiOJLrVNyWdClYZYpOe8vPz/a0CfinT6TTKEUQDWvzq2bphXGskLT4AaP3WjnnXpcBQuLenHp4npI6Bej9rUbaKgEmEPNkbbP1sFOR94lGiysd0KSUcf939buIvHaNcPhzfVtIJhyKMsHDZBP2muYUmFmXkZ06QgKScD2lfx5ObEfePIPszlSy7lk0BK1gH2QLebvh98uG5AI=",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "state": "xTWTlod1xalTGIoy"
}
0.517request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/access
0.517request_http_args{'headers': {'Authorization': 'Basic aHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvOjh1VzhRR0puMk5oOHl0NA==', 'Content-Type': 'application/x-www-form-urlencoded'}}
0.517requestclient_id=https%3A%2F%2Fop.certification.openid.net%2F&grant_type=authorization_code&code=1%2Fyb%2BmpV1nSsWTGkfu8NBXGYBau4Zxg3RUmd1GG1Yr3yaQZLM%2B1NhEcaq%2B8GHhUT5H3PzBGYyAcR1BP92Vw2kKg3cfdR3SWiOJLrVNyWdClYZYpOe8vPz%2Fa0CfinT6TTKEUQDWvzq2bphXGskLT4AaP3WjnnXpcBQuLenHp4npI6Bej9rUbaKgEmEPNkbbP1sFOR94lGiysd0KSUcf939buIvHaNcPhzfVtIJhyKMsHDZBP2muYUmFmXkZ06QgKScD2lfx5ObEfePIPszlSy7lk0BK1gH2QLebvh98uG5AI%3D&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&state=xTWTlod1xalTGIoy
7.992http response
url:https://ofis.theoptimalcloud.com/odn.id/api/access status_code:200
7.993response{'access_token': 'BKfeChWJnD9pxHKa1LPi4IhNcmZimsz2zrCouPsw2_KOmXjljTNEqSwPX0Oz1YOyzjlVhjM5XoruiROjo0NbyLPdlO2gyAnmCiU4ZWcxsYtbSVo_N-y5QQkAMInBpJX1ZudvrpvVg_w-i14ulJAfxKTnydc93CAzvMdVLHXoMy0stRwULfIW2MtVW3PHrxlLjjXnLRPhbivwpHaNQu8UCw5eJW8B83Wc_2LAf7-B7a461c5y5_tQjAU-alYdo7LE', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJQVXZyRGo0aVZERlBDV3hBIiwiYXRfaGFzaCI6Ii1CdWVsckJucm9yZExvdDJ5T2VUbFEiLCJjX2hhc2giOiJoQlRoRGxVbkJTa0x6eklaQTZHU3hBIiwiaWF0IjoxNTA3ODM3MzkyLCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3ODM3OTkyLCJuYmYiOjE1MDc4MzczOTB9.YT0mpvi-OkBMKJa6m5yQgTSCTLQ3YlKZagix58nJBtsZhg5lmkuULM6e4DW5gIYgG929ngPq7y4jLD8Cvpej-VXG2BVHSySnEzDI298BUVODbu4b27VbhwyQb3NlEiiIva4CxtyAHyy9BOPyaJRp7mOfIAcrNRscN-RM85hglAGzf-1L1ByN0MBiMe5UCXDIceL5X_oHS4I7KWiHSAzGn5nf2X1QhbfQuIkTO8ahr6IcmRUYfxn41V39BHYbe0u8jVNtp3FAM89dMlH-JKJYmJZSkaj_jkRfNZoMjaauQ2ES1F1bn44knm6xramncfy3G948AzTfohh7IfOVq-p9sg', 'token_type': 'Bearer', 'expires_in': 36000}
8.198AccessTokenResponse
{
    "access_token": "BKfeChWJnD9pxHKa1LPi4IhNcmZimsz2zrCouPsw2_KOmXjljTNEqSwPX0Oz1YOyzjlVhjM5XoruiROjo0NbyLPdlO2gyAnmCiU4ZWcxsYtbSVo_N-y5QQkAMInBpJX1ZudvrpvVg_w-i14ulJAfxKTnydc93CAzvMdVLHXoMy0stRwULfIW2MtVW3PHrxlLjjXnLRPhbivwpHaNQu8UCw5eJW8B83Wc_2LAf7-B7a461c5y5_tQjAU-alYdo7LE",
    "expires_in": 36000,
    "id_token": {
        "at_hash": "-BuelrBnrordLot2yOeTlQ",
        "aud": [
            "https://op.certification.openid.net/"
        ],
        "birthdate": "1972-01-01",
        "c_hash": "hBThDlUnBSkLzzIZA6GSxA",
        "email": "jeff.bohren@optimalidm.com",
        "exp": 1507837992,
        "family_name": "Bohren",
        "gender": "male",
        "given_name": "Jeffrey",
        "iat": 1507837392,
        "iss": "https://ofis.theoptimalcloud.com/odn/",
        "locale": "en-US",
        "middle_name": "Scott",
        "name": "Jeffrey Bohren",
        "nbf": 1507837390,
        "nickname": "Jeffrey",
        "nonce": "PUvrDj4iVDFPCWxA",
        "phone_number": "555-1212",
        "picture": "https://optimalidm.com",
        "preferred_username": "jeff.bohren@optimalidm.com",
        "profile": "https://optimalidm.com",
        "sub": "jBrDabUU7EGUyAxDB6KzCg==",
        "website": "http://optimalidm.com",
        "zoneinfo": "East US"
    },
    "token_type": "Bearer"
}
8.198phase<--<-- 5 --- Done -->-->
8.198end
8.199assertionIsIDTokenSigned
8.199conditionis-idtoken-signed: status=OK [Checks if the id_token is signed]
8.199assertionVerifyResponse
8.199conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
8.199conditionDone: status=OK

Result

PASSED