Test Info

Profile[]
Test descriptionProviding acr_values
Timestamp2017-10-13T14:20:57Z
Issuerhttps://ofis.theoptimalcloud.com/odn/
Test IDOP-Req-acr_values

Conditions


used-acr-value: status=WARNING, message=No acr value present in the ID Token [The acr value in the ID Token]
verify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
Done: status=OK

Trace Output

0.0phase<--<-- 0 --- Webfinger -->-->
0.0not expected to doWebFinger
0.0phase<--<-- 1 --- Discovery -->-->
0.0not expected to doDynamic discovery
0.0phase<--<-- 2 --- Registration -->-->
0.001not expected to doDynamic registration
0.001phase<--<-- 3 --- AsyncAuthn -->-->
0.001AuthorizationRequest
{
    "acr_values": "1 2",
    "client_id": "https://op.certification.openid.net/",
    "nonce": "W4EyKrqrxLu6o18B",
    "redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
    "response_type": "id_token",
    "scope": "openid",
    "state": "Vvug7qqq3bNl626x"
}
0.001redirect urlhttps://ofis.theoptimalcloud.com/odn/?nonce=W4EyKrqrxLu6o18B&response_type=id_token&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&acr_values=1+2&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=Vvug7qqq3bNl626x&scope=openid
0.001redirecthttps://ofis.theoptimalcloud.com/odn/?nonce=W4EyKrqrxLu6o18B&response_type=id_token&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&acr_values=1+2&client_id=https%3A%2F%2Fop.certification.openid.net%2F&state=Vvug7qqq3bNl626x&scope=openid
0.835http args{}
0.922responseaccess_token=LD5Rk2zJEzeg19Q5XR9iz5KYbvAU-Rk5IC20bYlemixZ4F20txxXbuExToVofVLNBfCrvhfIfWo5atANff4IxKZO7xk6zR3qx-GdIRoYu_4CAn8LhvcAQbSxkJzlgq9_ApaXv32luDhj8o9IEL-fUQmAT3ua22zwmPuKhzoOuSsSk8ocby3RFdZ58scBqjPCdK4WfdWWFoBmnI9nmLBVPDwfd-9Ps18XzZC3iNt1j9xcu6Q3eDwuNkiTHcjUAODI&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJXNEV5S3JxcnhMdTZvMThCIiwiYXRfaGFzaCI6IlBtdC03NVhGQmVYTXRyQVFtVUlBdUEiLCJjX2hhc2giOiJJeDZ1bFdOTkJvaDdobGp0NndsWnJRIiwiaWF0IjoxNTA3OTA0NDU3LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3OTA1MDU3LCJuYmYiOjE1MDc5MDQ0NTV9.DFLUZMBosf_y_OPJrhIwunYwvvs7AHgwmEO6bVctx_xpGsILQuuAXf48EEGEw5-dz0t4gO0PzKiRn5pnl5mM1o05HNgY6ny1ghVbyoKwZ5qoW9DVolWFuy9wZVOp7mSy8mTZ2fTMP9U4Ds7Z6Ju45RSNiWJBGmFv3qwBsQHui-Yd1jdw8pf5WyI2-M0fD1tIJXgBmzrE0BacDut8-FVRePE5jMtK95f6mw_IbISnSHtg0deyr0uVWBM5rr8nJ7H5r655Nk54WXCavh5h4SBb4R1lAFN7vrAaNIvLRJWFstKXA4vTNoYYnPSicWdl1k7IliErZsg6PMgw1SIPuA0T0A&token_type=Bearer&state=Vvug7qqq3bNl626x&expires_in=36000
0.922response{'access_token': 'LD5Rk2zJEzeg19Q5XR9iz5KYbvAU-Rk5IC20bYlemixZ4F20txxXbuExToVofVLNBfCrvhfIfWo5atANff4IxKZO7xk6zR3qx-GdIRoYu_4CAn8LhvcAQbSxkJzlgq9_ApaXv32luDhj8o9IEL-fUQmAT3ua22zwmPuKhzoOuSsSk8ocby3RFdZ58scBqjPCdK4WfdWWFoBmnI9nmLBVPDwfd-9Ps18XzZC3iNt1j9xcu6Q3eDwuNkiTHcjUAODI', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJXNEV5S3JxcnhMdTZvMThCIiwiYXRfaGFzaCI6IlBtdC03NVhGQmVYTXRyQVFtVUlBdUEiLCJjX2hhc2giOiJJeDZ1bFdOTkJvaDdobGp0NndsWnJRIiwiaWF0IjoxNTA3OTA0NDU3LCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3OTA1MDU3LCJuYmYiOjE1MDc5MDQ0NTV9.DFLUZMBosf_y_OPJrhIwunYwvvs7AHgwmEO6bVctx_xpGsILQuuAXf48EEGEw5-dz0t4gO0PzKiRn5pnl5mM1o05HNgY6ny1ghVbyoKwZ5qoW9DVolWFuy9wZVOp7mSy8mTZ2fTMP9U4Ds7Z6Ju45RSNiWJBGmFv3qwBsQHui-Yd1jdw8pf5WyI2-M0fD1tIJXgBmzrE0BacDut8-FVRePE5jMtK95f6mw_IbISnSHtg0deyr0uVWBM5rr8nJ7H5r655Nk54WXCavh5h4SBb4R1lAFN7vrAaNIvLRJWFstKXA4vTNoYYnPSicWdl1k7IliErZsg6PMgw1SIPuA0T0A', 'state': 'Vvug7qqq3bNl626x', 'expires_in': 36000, 'token_type': 'Bearer'}
0.999AuthorizationResponse
{
    "access_token": "LD5Rk2zJEzeg19Q5XR9iz5KYbvAU-Rk5IC20bYlemixZ4F20txxXbuExToVofVLNBfCrvhfIfWo5atANff4IxKZO7xk6zR3qx-GdIRoYu_4CAn8LhvcAQbSxkJzlgq9_ApaXv32luDhj8o9IEL-fUQmAT3ua22zwmPuKhzoOuSsSk8ocby3RFdZ58scBqjPCdK4WfdWWFoBmnI9nmLBVPDwfd-9Ps18XzZC3iNt1j9xcu6Q3eDwuNkiTHcjUAODI",
    "expires_in": 36000,
    "id_token": {
        "at_hash": "Pmt-75XFBeXMtrAQmUIAuA",
        "aud": [
            "https://op.certification.openid.net/"
        ],
        "birthdate": "1972-01-01",
        "c_hash": "Ix6ulWNNBoh7hljt6wlZrQ",
        "email": "jeff.bohren@optimalidm.com",
        "exp": 1507905057,
        "family_name": "Bohren",
        "gender": "male",
        "given_name": "Jeffrey",
        "iat": 1507904457,
        "iss": "https://ofis.theoptimalcloud.com/odn/",
        "locale": "en-US",
        "middle_name": "Scott",
        "name": "Jeffrey Bohren",
        "nbf": 1507904455,
        "nickname": "Jeffrey",
        "nonce": "W4EyKrqrxLu6o18B",
        "phone_number": "555-1212",
        "picture": "https://optimalidm.com",
        "preferred_username": "jeff.bohren@optimalidm.com",
        "profile": "https://optimalidm.com",
        "sub": "jBrDabUU7EGUyAxDB6KzCg==",
        "website": "http://optimalidm.com",
        "zoneinfo": "East US"
    },
    "state": "Vvug7qqq3bNl626x",
    "token_type": "Bearer"
}
1.0phase<--<-- 4 --- AccessToken -->-->
1.0phase<--<-- 5 --- Done -->-->
1.0end
1.0assertionUsedAcrValue
1.001conditionused-acr-value: status=WARNING, message=No acr value present in the ID Token [The acr value in the ID Token]
1.001assertionVerifyResponse
1.001conditionverify-response: status=OK [Checks that the last response was one of a possible set of OpenID Connect Responses]
1.001conditionDone: status=OK

Result

WARNING
Warnings:
No acr value present in the ID Token