Test Info
Profile | [] |
---|---|
Test description | Does the OP sign the ID Token and with what |
Timestamp | 2017-10-13T13:52:44Z |
Issuer | https://ofis.theoptimalcloud.com/odn/ |
Test ID | OP-IDToken-C-Signature |
Conditions
is-idtoken-signed: status=OK [Checks if the id_token is signed]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK
Trace Output
0.0 | phase | <--<-- 0 --- Webfinger -->--> |
0.0 | not expected to do | WebFinger |
0.0 | phase | <--<-- 1 --- Discovery -->--> |
0.0 | not expected to do | Dynamic discovery |
0.0 | phase | <--<-- 2 --- Registration -->--> |
0.001 | not expected to do | Dynamic registration |
0.001 | phase | <--<-- 3 --- AsyncAuthn -->--> |
0.001 | AuthorizationRequest |
|
0.001 | redirect url | https://ofis.theoptimalcloud.com/odn/?nonce=owGedEgjQzL0GO6s&response_type=id_token&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=lb60e5JN3SNRV2iI&scope=openid |
0.001 | redirect | https://ofis.theoptimalcloud.com/odn/?nonce=owGedEgjQzL0GO6s&response_type=id_token&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=lb60e5JN3SNRV2iI&scope=openid |
0.178 | http args | {} |
0.262 | response | access_token=sp3BS0R3PLHY3EWVqT0fqsFLtiqOQcw08MwJvp-KhlNjU0Zzq_PJ4HacUlDiAqyVMpVFdsNgRyLmljDY6xxGijfuu6BvDvvLePWUfz-UYHjKyjYf7qS16MwywmJaMc0Lnl5UbEuGmDtiizam6Wj_uhGyuc1sV7jFs-4AP2t5o59AEDFoj2EHRYzlRG0u9sGTmW19gG9N2n8FqR4CY_sHQwKAYYSLA2laXeaWyhTOdDM0aq6QkeQ4oXPvo8dfizlm&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJvd0dlZEVnalF6TDBHTzZzIiwiYXRfaGFzaCI6InJRMFBxcDE0c0VVM043YUg1RkNCcVEiLCJjX2hhc2giOiJCcGhlTnVNNktnVFdEaWlqOHdPdXBBIiwiaWF0IjoxNTA3OTAyNzY1LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3OTAzMzY1LCJuYmYiOjE1MDc5MDI3NjR9.ediCUbw-Nkim6xwALOk1J6v1x8j5AW7vv16zT7An8YPr-dfwv2G3YudVPTh-LM--lJqgiHCc6aiJHF_BuYPCSyhe8BHMLswmL1fSCXzoiAAcTDdD7xnvsEbTlZ7qyFIjt8SxWVvl_mE0Upu-3H3R9cizix4YNGuF4Sr11SpExYy1H9Wc5mBOKFqPDfGxmhtzRLCYjniY9buvKC79iMw7X1xtbQ8SuQLXVVAyETNOkOPL8k_aoMiuvXvFAlzEqsxU2OrPGMp577T5Gq29O1yMqm-u9hWDNvp1bnzApDIsitkbmiX8PHWGgXARFHWyp3-CxAUfl5IgekNs7SCCwnL2TA&token_type=Bearer&state=lb60e5JN3SNRV2iI&expires_in=36000 |
0.262 | response | {'access_token': 'sp3BS0R3PLHY3EWVqT0fqsFLtiqOQcw08MwJvp-KhlNjU0Zzq_PJ4HacUlDiAqyVMpVFdsNgRyLmljDY6xxGijfuu6BvDvvLePWUfz-UYHjKyjYf7qS16MwywmJaMc0Lnl5UbEuGmDtiizam6Wj_uhGyuc1sV7jFs-4AP2t5o59AEDFoj2EHRYzlRG0u9sGTmW19gG9N2n8FqR4CY_sHQwKAYYSLA2laXeaWyhTOdDM0aq6QkeQ4oXPvo8dfizlm', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJvd0dlZEVnalF6TDBHTzZzIiwiYXRfaGFzaCI6InJRMFBxcDE0c0VVM043YUg1RkNCcVEiLCJjX2hhc2giOiJCcGhlTnVNNktnVFdEaWlqOHdPdXBBIiwiaWF0IjoxNTA3OTAyNzY1LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3OTAzMzY1LCJuYmYiOjE1MDc5MDI3NjR9.ediCUbw-Nkim6xwALOk1J6v1x8j5AW7vv16zT7An8YPr-dfwv2G3YudVPTh-LM--lJqgiHCc6aiJHF_BuYPCSyhe8BHMLswmL1fSCXzoiAAcTDdD7xnvsEbTlZ7qyFIjt8SxWVvl_mE0Upu-3H3R9cizix4YNGuF4Sr11SpExYy1H9Wc5mBOKFqPDfGxmhtzRLCYjniY9buvKC79iMw7X1xtbQ8SuQLXVVAyETNOkOPL8k_aoMiuvXvFAlzEqsxU2OrPGMp577T5Gq29O1yMqm-u9hWDNvp1bnzApDIsitkbmiX8PHWGgXARFHWyp3-CxAUfl5IgekNs7SCCwnL2TA', 'state': 'lb60e5JN3SNRV2iI', 'expires_in': 36000, 'token_type': 'Bearer'} |
0.342 | AuthorizationResponse |
|
0.342 | phase | <--<-- 4 --- AccessToken -->--> |
0.343 | phase | <--<-- 5 --- Done -->--> |
0.343 | end | |
0.343 | assertion | IsIDTokenSigned |
0.343 | condition | is-idtoken-signed: status=OK [Checks if the id_token is signed] |
0.344 | assertion | VerifyResponse |
0.344 | condition | verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses] |
0.344 | condition | Done: status=OK |
Result
PASSED