Test Info

Profile[]
Test descriptionTrying to use authorization code twice should result in an error
Timestamp2017-10-12T20:25:46Z
Issuerhttps://ofis.theoptimalcloud.com/odn/
Test IDOP-OAuth-2nd

Conditions


verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Webfinger -->-->
0.0not expected to doWebFinger
0.0phase<--<-- 1 --- Discovery -->-->
0.0not expected to doDynamic discovery
0.0phase<--<-- 2 --- Registration -->-->
0.001not expected to doDynamic registration
0.001phase<--<-- 3 --- Note -->-->
4.296phase<--<-- 4 --- AsyncAuthn -->-->
4.297AuthorizationRequest
{
    "client_id": "https://op.certification.openid.net/",
    "nonce": "NmYpktNM9sxVlrLS",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "response_type": "code",
    "scope": "openid",
    "state": "UCRcXwQ7cUwPkygU"
}
4.297redirect urlhttps://ofis.theoptimalcloud.com/odn/?nonce=NmYpktNM9sxVlrLS&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=UCRcXwQ7cUwPkygU&scope=openid
4.297redirecthttps://ofis.theoptimalcloud.com/odn/?nonce=NmYpktNM9sxVlrLS&response_type=code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=UCRcXwQ7cUwPkygU&scope=openid
4.423response{'code': 'x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2/cJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm+NlhWOoUVy/nUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv/xWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV+hQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z/z7YahBc=', 'state': 'UCRcXwQ7cUwPkygU'}
4.424response{'code': 'x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2/cJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm+NlhWOoUVy/nUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv/xWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV+hQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z/z7YahBc=', 'state': 'UCRcXwQ7cUwPkygU'}
4.424AuthorizationResponse
{
    "code": "x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2/cJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm+NlhWOoUVy/nUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv/xWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV+hQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z/z7YahBc=",
    "state": "UCRcXwQ7cUwPkygU"
}
4.424phase<--<-- 5 --- AccessToken -->-->
4.425requestop_args: {'state': 'UCRcXwQ7cUwPkygU'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}
4.425do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb', 'code': 'x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2/cJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm+NlhWOoUVy/nUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv/xWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV+hQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z/z7YahBc=', 'client_id': 'https://op.certification.openid.net/', 'grant_type': 'authorization_code', 'state': 'UCRcXwQ7cUwPkygU'}, 'state': 'UCRcXwQ7cUwPkygU'}
4.425AccessTokenRequest
{
    "client_id": "https://op.certification.openid.net/",
    "code": "x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2/cJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm+NlhWOoUVy/nUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv/xWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV+hQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z/z7YahBc=",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "state": "UCRcXwQ7cUwPkygU"
}
4.425request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/access
4.425request_http_args{'headers': {'Authorization': 'Basic aHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvOjh1VzhRR0puMk5oOHl0NA==', 'Content-Type': 'application/x-www-form-urlencoded'}}
4.425requestcode=x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2%2FcJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm%2BNlhWOoUVy%2FnUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv%2FxWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV%2BhQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z%2Fz7YahBc%3D&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=UCRcXwQ7cUwPkygU
4.579http response
url:https://ofis.theoptimalcloud.com/odn.id/api/access status_code:200
4.58response{'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJObVlwa3ROTTlzeFZsckxTIiwiYXRfaGFzaCI6ImpDSWJLOFlIdV91UDQtaEtoY0dRZlEiLCJjX2hhc2giOiJ6azdBdUptZUYtOWlqSW1ITzRjUVRnIiwiaWF0IjoxNTA3ODM5OTQ3LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3ODQwNTQ3LCJuYmYiOjE1MDc4Mzk5NDV9.xfQ5j_JrKLbq2hWVMc5fNB1Tq35TXYEtgwFZEKIS_PJZtMxCiFk5nh2GpyHXwBVk74kF63AvMD2lfEDZ-z824K39j2-9c9ifTo-LUI4s1B8vzIQDblNPf1BFLUoNP11xbfrY9__AEZSBPmRraz5f4sYJRF33kOiMfZcOdEZCX8D2kbFt16mMcUFpyEOHV7TNWPdSl1t5K3UDDT9_ebZoLOQ1x3QyX2oCWcXo0tfwwiFefBPxoCgT5Cnd7cIDwG6awRS2_8odOLKGzTr0Fdip7yALGzeIZ_wwGduHYRWEA5CFYVO5zwy1sROOWUxR-6w1WMd5zefduTsQ2IqYxk2jAw', 'token_type': 'Bearer', 'expires_in': 36000, 'access_token': 'kkJK1ylW-nawxzDZkDSZbCzduWOW7s0NFQvIQXTWrYPOiZjpjiMAglx2W5Scy-8N5LSJSLAClyg2S1KYVxqTcL5LclpiTHEOJVfCo5Di0gp3KPHUwegRAWh0esU3DNLqmKFTWqHstZnzCYNZlBtWRObTaWGgEr9Ed8LxKx92znohgKDtkmQ5Zn_NQwfat3g3ssiKvj9obaGd3VaB2qXNqQIF8dhanrLllks6WpE2JiFd1CZMXDJ-o-bDTIp0aGwW'}
4.65AccessTokenResponse
{
    "access_token": "kkJK1ylW-nawxzDZkDSZbCzduWOW7s0NFQvIQXTWrYPOiZjpjiMAglx2W5Scy-8N5LSJSLAClyg2S1KYVxqTcL5LclpiTHEOJVfCo5Di0gp3KPHUwegRAWh0esU3DNLqmKFTWqHstZnzCYNZlBtWRObTaWGgEr9Ed8LxKx92znohgKDtkmQ5Zn_NQwfat3g3ssiKvj9obaGd3VaB2qXNqQIF8dhanrLllks6WpE2JiFd1CZMXDJ-o-bDTIp0aGwW",
    "expires_in": 36000,
    "id_token": {
        "at_hash": "jCIbK8YHu_uP4-hKhcGQfQ",
        "aud": [
            "https://op.certification.openid.net/"
        ],
        "birthdate": "1972-01-01",
        "c_hash": "zk7AuJmeF-9ijImHO4cQTg",
        "email": "jeff.bohren@optimalidm.com",
        "exp": 1507840547,
        "family_name": "Bohren",
        "gender": "male",
        "given_name": "Jeffrey",
        "iat": 1507839947,
        "iss": "https://ofis.theoptimalcloud.com/odn/",
        "locale": "en-US",
        "middle_name": "Scott",
        "name": "Jeffrey Bohren",
        "nbf": 1507839945,
        "nickname": "Jeffrey",
        "nonce": "NmYpktNM9sxVlrLS",
        "phone_number": "555-1212",
        "picture": "https://optimalidm.com",
        "preferred_username": "jeff.bohren@optimalidm.com",
        "profile": "https://optimalidm.com",
        "sub": "jBrDabUU7EGUyAxDB6KzCg==",
        "website": "http://optimalidm.com",
        "zoneinfo": "East US"
    },
    "token_type": "Bearer"
}
4.65phase<--<-- 6 --- AccessToken -->-->
4.65requestop_args: {'state': 'UCRcXwQ7cUwPkygU'}, req_args: {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb'}
4.65do_access_token_request
kwargs:{'request_args': {'redirect_uri': 'https://op.certification.openid.net:60044/authz_cb', 'code': 'x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2/cJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm+NlhWOoUVy/nUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv/xWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV+hQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z/z7YahBc=', 'client_id': 'https://op.certification.openid.net/', 'grant_type': 'authorization_code', 'state': 'UCRcXwQ7cUwPkygU'}, 'state': 'UCRcXwQ7cUwPkygU'}
4.65AccessTokenRequest
{
    "client_id": "https://op.certification.openid.net/",
    "code": "x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2/cJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm+NlhWOoUVy/nUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv/xWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV+hQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z/z7YahBc=",
    "grant_type": "authorization_code",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "state": "UCRcXwQ7cUwPkygU"
}
4.65request_urlhttps://ofis.theoptimalcloud.com/odn.id/api/access
4.65request_http_args{'headers': {'Authorization': 'Basic aHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvOjh1VzhRR0puMk5oOHl0NA==', 'Content-Type': 'application/x-www-form-urlencoded'}}
4.65requestcode=x0Tbrlc6iYjoqyLwgK72WfHNMqRe6Vr8MN87eZKycaAi7QYsAEyxMdSc6XbhuVYFlidZXRXm2%2FcJ5gk6s2Zpqj8ByQfU7M6Yu02U8if3fKnj4t0URQfTkCvsGKRyQIgfuRy6wSP8tfHkSpKNUIxSH6DpmdcTdTFmm%2BNlhWOoUVy%2FnUQwKsthJ9tXRavONljKpTBoJsOmX1fBGMmv%2FxWoBAVpz4V5znTM9qoeYH05OwNKbJmelSqfGbsY1roDV%2BhQ0dJDJbbY3Zv48IgM3VU8jPfQP1YHlFqAC3z%2Fz7YahBc%3D&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=UCRcXwQ7cUwPkygU
4.771http response
url:https://ofis.theoptimalcloud.com/odn.id/api/access status_code:400 message:{"error":"invalid_grant"}
4.772response{'error': 'invalid_grant'}
4.772eventGot expected error
4.772TokenErrorResponse
{
    "error": "invalid_grant"
}
4.772phase<--<-- 7 --- Done -->-->
4.772end
4.773assertionVerifyResponse
4.773conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
4.773conditionDone: status=OK

Result

PASSED