Test Info

Issuerhttps://ofis.theoptimalcloud.com/odn/
Test IDOP-Req-acr_values
Test descriptionProviding acr_values
Profile[]
Timestamp2017-10-12T20:13:23Z

Conditions


verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
used-acr-value: status=WARNING, message=No acr value present in the ID Token [The acr value in the ID Token]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Webfinger -->-->
0.0not expected to doWebFinger
0.0phase<--<-- 1 --- Discovery -->-->
0.0not expected to doDynamic discovery
0.001phase<--<-- 2 --- Registration -->-->
0.001not expected to doDynamic registration
0.001phase<--<-- 3 --- AsyncAuthn -->-->
0.001AuthorizationRequest
{
    "acr_values": "1 2",
    "client_id": "https://op.certification.openid.net/",
    "nonce": "ztJppKidtBEkDC8T",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "NSDfjQQRn7xLl5xx"
}
0.001redirect urlhttps://ofis.theoptimalcloud.com/odn/?client_id=https%3A%2F%2Fop.certification.openid.net%2F&scope=openid&nonce=ztJppKidtBEkDC8T&state=NSDfjQQRn7xLl5xx&acr_values=1+2&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb
0.001redirecthttps://ofis.theoptimalcloud.com/odn/?client_id=https%3A%2F%2Fop.certification.openid.net%2F&scope=openid&nonce=ztJppKidtBEkDC8T&state=NSDfjQQRn7xLl5xx&acr_values=1+2&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb
0.121response{'state': 'NSDfjQQRn7xLl5xx', 'code': 'QDIViNL+FiRe2mn3vfG8qGLQ6Is+wHkr3S1j7e5YcINX6YtiLJAwsAiL8gHnUuUD1iLhQQYXZkVFLQZipieKhK0sebDPVwE7e33YyL+xLTUGFfRqwO50bRLa3b8U4RGJviykTWC8v0dgGx4GUMVBLKhXPDMl19oQ3DrdpX6efvkVDhUblFkJqHTMug3eHz5pbhV+qLtr7and83jMUnrReb/ymMXmoi4bYahN51hiqfxMIwJmTD3iC19snL/z80lVG3lquafPt+5r0sVZGiw6eFyf5i0QQnpn7YqaeMsOrfSkTXaQ8fm/a4SJbgUOecvv'}
0.121response{'state': 'NSDfjQQRn7xLl5xx', 'code': 'QDIViNL+FiRe2mn3vfG8qGLQ6Is+wHkr3S1j7e5YcINX6YtiLJAwsAiL8gHnUuUD1iLhQQYXZkVFLQZipieKhK0sebDPVwE7e33YyL+xLTUGFfRqwO50bRLa3b8U4RGJviykTWC8v0dgGx4GUMVBLKhXPDMl19oQ3DrdpX6efvkVDhUblFkJqHTMug3eHz5pbhV+qLtr7and83jMUnrReb/ymMXmoi4bYahN51hiqfxMIwJmTD3iC19snL/z80lVG3lquafPt+5r0sVZGiw6eFyf5i0QQnpn7YqaeMsOrfSkTXaQ8fm/a4SJbgUOecvv'}
0.122AuthorizationResponse
{
    "code": "QDIViNL+FiRe2mn3vfG8qGLQ6Is+wHkr3S1j7e5YcINX6YtiLJAwsAiL8gHnUuUD1iLhQQYXZkVFLQZipieKhK0sebDPVwE7e33YyL+xLTUGFfRqwO50bRLa3b8U4RGJviykTWC8v0dgGx4GUMVBLKhXPDMl19oQ3DrdpX6efvkVDhUblFkJqHTMug3eHz5pbhV+qLtr7and83jMUnrReb/ymMXmoi4bYahN51hiqfxMIwJmTD3iC19snL/z80lVG3lquafPt+5r0sVZGiw6eFyf5i0QQnpn7YqaeMsOrfSkTXaQ8fm/a4SJbgUOecvv",
    "state": "NSDfjQQRn7xLl5xx"
}
0.122phase<--<-- 4 --- AccessToken -->-->
0.122requestop_args: {'state': 'NSDfjQQRn7xLl5xx'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}
0.122do_access_token_request
kwargs:{'state': 'NSDfjQQRn7xLl5xx', 'request_args': {'state': 'NSDfjQQRn7xLl5xx', 'client_id': 'https://op.certification.openid.net/', 'grant_type': 'authorization_code', 'code': 'QDIViNL+FiRe2mn3vfG8qGLQ6Is+wHkr3S1j7e5YcINX6YtiLJAwsAiL8gHnUuUD1iLhQQYXZkVFLQZipieKhK0sebDPVwE7e33YyL+xLTUGFfRqwO50bRLa3b8U4RGJviykTWC8v0dgGx4GUMVBLKhXPDMl19oQ3DrdpX6efvkVDhUblFkJqHTMug3eHz5pbhV+qLtr7and83jMUnrReb/ymMXmoi4bYahN51hiqfxMIwJmTD3iC19snL/z80lVG3lquafPt+5r0sVZGiw6eFyf5i0QQnpn7YqaeMsOrfSkTXaQ8fm/a4SJbgUOecvv', 'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}}
0.122AccessTokenRequest
{
    "client_id": "https://op.certification.openid.net/",
    "code": "QDIViNL+FiRe2mn3vfG8qGLQ6Is+wHkr3S1j7e5YcINX6YtiLJAwsAiL8gHnUuUD1iLhQQYXZkVFLQZipieKhK0sebDPVwE7e33YyL+xLTUGFfRqwO50bRLa3b8U4RGJviykTWC8v0dgGx4GUMVBLKhXPDMl19oQ3DrdpX6efvkVDhUblFkJqHTMug3eHz5pbhV+qLtr7and83jMUnrReb/ymMXmoi4bYahN51hiqfxMIwJmTD3iC19snL/z80lVG3lquafPt+5r0sVZGiw6eFyf5i0QQnpn7YqaeMsOrfSkTXaQ8fm/a4SJbgUOecvv",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "state": "NSDfjQQRn7xLl5xx"
}
0.122request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/access
0.122request_http_args{'headers': {'Authorization': 'Basic aHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvOjh1VzhRR0puMk5oOHl0NA==', 'Content-Type': 'application/x-www-form-urlencoded'}}
0.122requestclient_id=https%3A%2F%2Fop.certification.openid.net%2F&grant_type=authorization_code&code=QDIViNL%2BFiRe2mn3vfG8qGLQ6Is%2BwHkr3S1j7e5YcINX6YtiLJAwsAiL8gHnUuUD1iLhQQYXZkVFLQZipieKhK0sebDPVwE7e33YyL%2BxLTUGFfRqwO50bRLa3b8U4RGJviykTWC8v0dgGx4GUMVBLKhXPDMl19oQ3DrdpX6efvkVDhUblFkJqHTMug3eHz5pbhV%2BqLtr7and83jMUnrReb%2FymMXmoi4bYahN51hiqfxMIwJmTD3iC19snL%2Fz80lVG3lquafPt%2B5r0sVZGiw6eFyf5i0QQnpn7YqaeMsOrfSkTXaQ8fm%2Fa4SJbgUOecvv&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&state=NSDfjQQRn7xLl5xx
0.282http response
url:https://ofis.theoptimalcloud.com/odn.id/api/access status_code:200
0.283response{'access_token': 'OCHxhSmPvk-jip10pHG-W7XJZ5bZh5MlXzkZtTTen8ZWW9kt5ksrcUVdb0dWweZXAlgWW-p09cwh8aArl4C-5kUzUOLpjAhKihlD4ZAxpwixfFCfbPQC5M3ELU-Uck3nXRS5vXMU6SoRy572U3UkwT_lAJxJi-VrmXuNNGg83qfgQq61Vw08x26fXqPfFPVo4P8jHmE_u7UTMTYwn-CJaY8FwuDYR095iiy91YDO_GPLYys3D7oTini2HWHAqDaZ', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJ6dEpwcEtpZHRCRWtEQzhUIiwiYXRfaGFzaCI6IjNJcE5laU1qZERXazhkS2pxOFkwLXciLCJjX2hhc2giOiJjdmhrVEh3N0dXMHRfTDg5dUNGQnl3IiwiaWF0IjoxNTA3ODM5MjA0LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3ODM5ODA0LCJuYmYiOjE1MDc4MzkyMDN9.Do7iqlTfQpLDLFrEI6-ZPNAVvyuTEMlpgmaWEkAD2rQA3c5CIJOXfmL0fDl9bNzm0fhb1GMg76h5AqwiKwnm59UwrSdnrxA_cGblNWSsto0ECgH-v5DAeh0Dwf3mZmhGWByabr4p-CZKsYLqs8ieC9tPyK5GkAiUV1yMoigOLg9ki7af8xpBAF7cikdiY2EkDurILTYaTQlG4dxmuWUX1bCY19BNVj3LghUyvkYgm2AAykfGRWYgVPr39jDdHwwr8UC7ceza0hFVhW-nbXXSjra1tCdeEHsJ8GQ5sJVEN6cmi-qIx5INFeoo1eHL_ivUF3jvjlup_-qIygHgH92Zgg', 'token_type': 'Bearer', 'expires_in': 36000}
0.355AccessTokenResponse
{
    "access_token": "OCHxhSmPvk-jip10pHG-W7XJZ5bZh5MlXzkZtTTen8ZWW9kt5ksrcUVdb0dWweZXAlgWW-p09cwh8aArl4C-5kUzUOLpjAhKihlD4ZAxpwixfFCfbPQC5M3ELU-Uck3nXRS5vXMU6SoRy572U3UkwT_lAJxJi-VrmXuNNGg83qfgQq61Vw08x26fXqPfFPVo4P8jHmE_u7UTMTYwn-CJaY8FwuDYR095iiy91YDO_GPLYys3D7oTini2HWHAqDaZ",
    "expires_in": 36000,
    "id_token": {
        "at_hash": "3IpNeiMjdDWk8dKjq8Y0-w",
        "aud": [
            "https://op.certification.openid.net/"
        ],
        "birthdate": "1972-01-01",
        "c_hash": "cvhkTHw7GW0t_L89uCFByw",
        "email": "jeff.bohren@optimalidm.com",
        "exp": 1507839804,
        "family_name": "Bohren",
        "gender": "male",
        "given_name": "Jeffrey",
        "iat": 1507839204,
        "iss": "https://ofis.theoptimalcloud.com/odn/",
        "locale": "en-US",
        "middle_name": "Scott",
        "name": "Jeffrey Bohren",
        "nbf": 1507839203,
        "nickname": "Jeffrey",
        "nonce": "ztJppKidtBEkDC8T",
        "phone_number": "555-1212",
        "picture": "https://optimalidm.com",
        "preferred_username": "jeff.bohren@optimalidm.com",
        "profile": "https://optimalidm.com",
        "sub": "jBrDabUU7EGUyAxDB6KzCg==",
        "website": "http://optimalidm.com",
        "zoneinfo": "East US"
    },
    "token_type": "Bearer"
}
0.356phase<--<-- 5 --- Done -->-->
0.356end
0.356assertionVerifyResponse
0.356conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
0.357assertionUsedAcrValue
0.357conditionused-acr-value: status=WARNING, message=No acr value present in the ID Token [The acr value in the ID Token]
0.357conditionDone: status=OK

Result

WARNING
Warnings:
No acr value present in the ID Token