Test Info
Profile | [] |
---|---|
Test description | ID Token has at_hash when ID Token and Access Token are returned from the Authorization Endpoint |
Timestamp | 2017-10-13T14:30:52Z |
Issuer | https://ofis.theoptimalcloud.com/odn/ |
Test ID | OP-IDToken-at_hash |
Conditions
verify-authn-response: status=OK [Checks that the last response was a JSON encoded authentication message]
Done: status=OK
Trace Output
0.0 | phase | <--<-- 0 --- Webfinger -->--> |
0.0 | not expected to do | WebFinger |
0.0 | phase | <--<-- 1 --- Discovery -->--> |
0.0 | not expected to do | Dynamic discovery |
0.0 | phase | <--<-- 2 --- Registration -->--> |
0.001 | not expected to do | Dynamic registration |
0.001 | phase | <--<-- 3 --- AsyncAuthn -->--> |
0.001 | AuthorizationRequest |
|
0.001 | redirect url | https://ofis.theoptimalcloud.com/odn/?nonce=nNBMTc4A887ITX54&response_type=id_token+token&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=UAhNphish5hVh02b&scope=openid |
0.001 | redirect | https://ofis.theoptimalcloud.com/odn/?nonce=nNBMTc4A887ITX54&response_type=id_token+token&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=UAhNphish5hVh02b&scope=openid |
0.237 | http args | {} |
0.326 | response | access_token=Mrv1WLzbUKhcy5A9--BCAQ_He6GMCnK0zSnxJEs3FBp1Zr0IssD_MreWyAQp_MRDrfs-STYu2IX6Ie_onaTHYcw0uQqmqrrj__SDiYigXqufVjelUWbP_y7bh-IwLGZYMaaRCj7gyAya0-XMu_SdZcLA6dWK7atmt8PYDR09h4AuhMF9iIAAEe8KHTNKJJVhTwNvU86Jw6CelN3srcHmWrsm5mtPmHRlRMXR9cLT-mp_fCNhqXDKiGUUpcGKE9tg&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJuTkJNVGM0QTg4N0lUWDU0IiwiYXRfaGFzaCI6Ikl0bWxEVmxJRlNJXzExQnZUNEJkMHciLCJjX2hhc2giOiJqcjRZWU82RGxyVWpCM0ktQTRqd25nIiwiaWF0IjoxNTA3OTA1MDUyLCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3OTA1NjUyLCJuYmYiOjE1MDc5MDUwNTB9.ebMa604gmnANNDnJJsLk4_EC-FkM-RwLJ1pJ6a2N4qvC_80PXjAMzE1eNjr4BxgCy_Btkm3YiTdMtLkhqou0RqJSmmoV1m_4MEG-FY6ejJQTL7hFdWnxLZPh8oAEzF5jaPNWPJD125yrUTgtLGkPZBeAS5ykrhvMVX_F8VKXzXvLkRdFXRH512xoVHoesFUHLHNqAsLjvgrGiaoz9dI9WlKKCOPcFd1tDkiiTltv_4bOOdPG6jMj2f1zXSIG-6F9sSW_0A1P0Y9q7bkKB73hmB6MdZQjGl0MQ9cNInL01Sp_LyqeqqfU3pcumfAeCs2XjxGrlXp2jw8j6fskxutSaw&token_type=Bearer&state=UAhNphish5hVh02b&expires_in=36000 |
0.327 | response | {'access_token': 'Mrv1WLzbUKhcy5A9--BCAQ_He6GMCnK0zSnxJEs3FBp1Zr0IssD_MreWyAQp_MRDrfs-STYu2IX6Ie_onaTHYcw0uQqmqrrj__SDiYigXqufVjelUWbP_y7bh-IwLGZYMaaRCj7gyAya0-XMu_SdZcLA6dWK7atmt8PYDR09h4AuhMF9iIAAEe8KHTNKJJVhTwNvU86Jw6CelN3srcHmWrsm5mtPmHRlRMXR9cLT-mp_fCNhqXDKiGUUpcGKE9tg', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJuTkJNVGM0QTg4N0lUWDU0IiwiYXRfaGFzaCI6Ikl0bWxEVmxJRlNJXzExQnZUNEJkMHciLCJjX2hhc2giOiJqcjRZWU82RGxyVWpCM0ktQTRqd25nIiwiaWF0IjoxNTA3OTA1MDUyLCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3OTA1NjUyLCJuYmYiOjE1MDc5MDUwNTB9.ebMa604gmnANNDnJJsLk4_EC-FkM-RwLJ1pJ6a2N4qvC_80PXjAMzE1eNjr4BxgCy_Btkm3YiTdMtLkhqou0RqJSmmoV1m_4MEG-FY6ejJQTL7hFdWnxLZPh8oAEzF5jaPNWPJD125yrUTgtLGkPZBeAS5ykrhvMVX_F8VKXzXvLkRdFXRH512xoVHoesFUHLHNqAsLjvgrGiaoz9dI9WlKKCOPcFd1tDkiiTltv_4bOOdPG6jMj2f1zXSIG-6F9sSW_0A1P0Y9q7bkKB73hmB6MdZQjGl0MQ9cNInL01Sp_LyqeqqfU3pcumfAeCs2XjxGrlXp2jw8j6fskxutSaw', 'state': 'UAhNphish5hVh02b', 'expires_in': 36000, 'token_type': 'Bearer'} |
0.478 | AuthorizationResponse |
|
0.478 | phase | <--<-- 4 --- Done -->--> |
0.478 | end | |
0.479 | assertion | VerifyAuthnResponse |
0.479 | condition | verify-authn-response: status=OK [Checks that the last response was a JSON encoded authentication message] |
0.479 | condition | Done: status=OK |
Result
PASSED