0.0 | phase | <--<-- 0 --- Webfinger -->--> |
0.0 | not expected to do | WebFinger |
0.0 | phase | <--<-- 1 --- Discovery -->--> |
0.0 | not expected to do | Dynamic discovery |
0.0 | phase | <--<-- 2 --- Registration -->--> |
0.001 | not expected to do | Dynamic registration |
0.001 | phase | <--<-- 3 --- AsyncAuthn -->--> |
0.001 | AuthorizationRequest | {
"claims": {
"userinfo": {
"name": {
"essential": true
}
}
},
"client_id": "https://op.certification.openid.net/",
"nonce": "DvDauGYcCuJz7DLu",
"redirect_uri": "https://op.certification.openid.net:60044/authz_cb",
"response_type": "id_token token",
"scope": "openid",
"state": "3Y04n07jeBQWpSSj"
}
|
0.002 | redirect url | https://ofis.theoptimalcloud.com/odn/?nonce=DvDauGYcCuJz7DLu&state=3Y04n07jeBQWpSSj&claims=%7B%22userinfo%22%3A+%7B%22name%22%3A+%7B%22essential%22%3A+true%7D%7D%7D&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&response_type=id_token+token&scope=openid |
0.002 | redirect | https://ofis.theoptimalcloud.com/odn/?nonce=DvDauGYcCuJz7DLu&state=3Y04n07jeBQWpSSj&claims=%7B%22userinfo%22%3A+%7B%22name%22%3A+%7B%22essential%22%3A+true%7D%7D%7D&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60044%2Fauthz_cb&client_id=https%3A%2F%2Fop.certification.openid.net%2F&response_type=id_token+token&scope=openid |
0.17 | http args | {} |
0.269 | response | access_token=XgKlS5lnXS4j9XuGT3puPJC0zajiArNgwTcDbBlMR-cXxGtKd50VYGw4wwpM8urVkFJGzNTbhiLTrKBKKmZ9ayzzmWDuORLoyfsNM_NzYxghPHbUErAn_3lO4f3F9X1SHHsulifgET1ygpjwi2ag95OH9UplhCzDnkMvI4zPXDWPLln-JGOuTME2_JNLkyvOLl-KgEW0soZ3VSd5nIhpyE5x5ASQQj5jbo2N5p9fT95uACSr_1ICIEX-rAOStbGL&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJEdkRhdUdZY0N1Sno3REx1IiwiYXRfaGFzaCI6ImZFTjJFd3hQNDllZVg0eEVyN0lPUmciLCJjX2hhc2giOiIzemtqZGVERFpXcE13V1VEeFNXZG93IiwiaWF0IjoxNTA3OTA1MTYxLCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3OTA1NzYxLCJuYmYiOjE1MDc5MDUxNjB9.1OqmWg6HlfNuQNd5OIRrR9M7vB-hg4bKlIXWj1sGGnHXhTmOEseeqp3FzsA_pG_dNB6d0Krna49fCdOrB4NXMfr7DjuXHTufzpsVSiI1VG40y2xNhaEGVqaaGfgTAGyWH54apBApmpeoIqzZI_oVit3JHxF3PsTatOYGIpbAY3wkgOg7KFqkMwGmPziOoCC70KL_dcXTfsR8k03WP1cua0Zd45AHcy_K2RDCxN7fmknOXDq_62Y4jUOTZVcZrCkFmTGxmYJrpC3e5FuzAjyygiJOF9uI2CrOXEjJPsaA-6XTQbKBcxgGgaqX9CM7tsMz-5oZ24HYBDG1sxCFzY0xtQ&token_type=Bearer&state=3Y04n07jeBQWpSSj&expires_in=36000 |
0.269 | response | {'access_token': 'XgKlS5lnXS4j9XuGT3puPJC0zajiArNgwTcDbBlMR-cXxGtKd50VYGw4wwpM8urVkFJGzNTbhiLTrKBKKmZ9ayzzmWDuORLoyfsNM_NzYxghPHbUErAn_3lO4f3F9X1SHHsulifgET1ygpjwi2ag95OH9UplhCzDnkMvI4zPXDWPLln-JGOuTME2_JNLkyvOLl-KgEW0soZ3VSd5nIhpyE5x5ASQQj5jbo2N5p9fT95uACSr_1ICIEX-rAOStbGL', 'id_token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Il9zZnJweWVzUFVyQTl5TkhXYXBOZXYwOVlYQSJ9.eyJzdWIiOiJqQnJEYWJVVTdFR1V5QXhEQjZLekNnPT0iLCJlbWFpbCI6ImplZmYuYm9ocmVuQG9wdGltYWxpZG0uY29tIiwiZ2l2ZW5fbmFtZSI6IkplZmZyZXkiLCJmYW1pbHlfbmFtZSI6IkJvaHJlbiIsIm5hbWUiOiJKZWZmcmV5IEJvaHJlbiIsIm1pZGRsZV9uYW1lIjoiU2NvdHQiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJqZWZmLmJvaHJlbkBvcHRpbWFsaWRtLmNvbSIsInBob25lX251bWJlciI6IjU1NS0xMjEyIiwibmlja25hbWUiOiJKZWZmcmV5IiwicHJvZmlsZSI6Imh0dHBzOi8vb3B0aW1hbGlkbS5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9vcHRpbWFsaWRtLmNvbSIsIndlYnNpdGUiOiJodHRwOi8vb3B0aW1hbGlkbS5jb20iLCJnZW5kZXIiOiJtYWxlIiwiYmlydGhkYXRlIjoiMTk3Mi0wMS0wMSIsInpvbmVpbmZvIjoiRWFzdCBVUyIsImxvY2FsZSI6ImVuLVVTIiwibm9uY2UiOiJEdkRhdUdZY0N1Sno3REx1IiwiYXRfaGFzaCI6ImZFTjJFd3hQNDllZVg0eEVyN0lPUmciLCJjX2hhc2giOiIzemtqZGVERFpXcE13V1VEeFNXZG93IiwiaWF0IjoxNTA3OTA1MTYxLCJpc3MiOiJodHRwczovL29maXMudGhlb3B0aW1hbGNsb3VkLmNvbS9vZG4vIiwiYXVkIjoiaHR0cHM6Ly9vcC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvIiwiZXhwIjoxNTA3OTA1NzYxLCJuYmYiOjE1MDc5MDUxNjB9.1OqmWg6HlfNuQNd5OIRrR9M7vB-hg4bKlIXWj1sGGnHXhTmOEseeqp3FzsA_pG_dNB6d0Krna49fCdOrB4NXMfr7DjuXHTufzpsVSiI1VG40y2xNhaEGVqaaGfgTAGyWH54apBApmpeoIqzZI_oVit3JHxF3PsTatOYGIpbAY3wkgOg7KFqkMwGmPziOoCC70KL_dcXTfsR8k03WP1cua0Zd45AHcy_K2RDCxN7fmknOXDq_62Y4jUOTZVcZrCkFmTGxmYJrpC3e5FuzAjyygiJOF9uI2CrOXEjJPsaA-6XTQbKBcxgGgaqX9CM7tsMz-5oZ24HYBDG1sxCFzY0xtQ', 'state': '3Y04n07jeBQWpSSj', 'expires_in': 36000, 'token_type': 'Bearer'} |
0.386 | AuthorizationResponse | {
"access_token": "XgKlS5lnXS4j9XuGT3puPJC0zajiArNgwTcDbBlMR-cXxGtKd50VYGw4wwpM8urVkFJGzNTbhiLTrKBKKmZ9ayzzmWDuORLoyfsNM_NzYxghPHbUErAn_3lO4f3F9X1SHHsulifgET1ygpjwi2ag95OH9UplhCzDnkMvI4zPXDWPLln-JGOuTME2_JNLkyvOLl-KgEW0soZ3VSd5nIhpyE5x5ASQQj5jbo2N5p9fT95uACSr_1ICIEX-rAOStbGL",
"expires_in": 36000,
"id_token": {
"at_hash": "fEN2EwxP49eeX4xEr7IORg",
"aud": [
"https://op.certification.openid.net/"
],
"birthdate": "1972-01-01",
"c_hash": "3zkjdeDDZWpMwWUDxSWdow",
"email": "jeff.bohren@optimalidm.com",
"exp": 1507905761,
"family_name": "Bohren",
"gender": "male",
"given_name": "Jeffrey",
"iat": 1507905161,
"iss": "https://ofis.theoptimalcloud.com/odn/",
"locale": "en-US",
"middle_name": "Scott",
"name": "Jeffrey Bohren",
"nbf": 1507905160,
"nickname": "Jeffrey",
"nonce": "DvDauGYcCuJz7DLu",
"phone_number": "555-1212",
"picture": "https://optimalidm.com",
"preferred_username": "jeff.bohren@optimalidm.com",
"profile": "https://optimalidm.com",
"sub": "jBrDabUU7EGUyAxDB6KzCg==",
"website": "http://optimalidm.com",
"zoneinfo": "East US"
},
"state": "3Y04n07jeBQWpSSj",
"token_type": "Bearer"
}
|
0.386 | phase | <--<-- 4 --- AccessToken -->--> |
0.386 | phase | <--<-- 5 --- UserInfo -->--> |
0.386 | do_user_info_request | kwargs:{'authn_method': 'bearer_header', 'state': '3Y04n07jeBQWpSSj', 'method': 'GET'}
|
0.387 | request | {'body': None} |
0.387 | request_url | https://ofis.theoptimalcloud.com/odn.id/api/userprofile |
0.387 | request_http_args | {'headers': {'Authorization': 'Bearer XgKlS5lnXS4j9XuGT3puPJC0zajiArNgwTcDbBlMR-cXxGtKd50VYGw4wwpM8urVkFJGzNTbhiLTrKBKKmZ9ayzzmWDuORLoyfsNM_NzYxghPHbUErAn_3lO4f3F9X1SHHsulifgET1ygpjwi2ag95OH9UplhCzDnkMvI4zPXDWPLln-JGOuTME2_JNLkyvOLl-KgEW0soZ3VSd5nIhpyE5x5ASQQj5jbo2N5p9fT95uACSr_1ICIEX-rAOStbGL'}} |
0.478 | http response | url:https://ofis.theoptimalcloud.com/odn.id/api/userprofile status_code:200
|
0.479 | OpenIDSchema | {
"address": {},
"birthdate": "1972-01-01",
"email": "jeff.bohren@optimalidm.com",
"email_verified": false,
"family_name": "Bohren",
"gender": "male",
"given_name": "Jeffrey",
"locale": "en-US",
"middle_name": "Scott",
"name": "Jeffrey Bohren",
"nickname": "Jeffrey",
"phone_number": "555-1212",
"phone_number_verified": false,
"picture": "https://optimalidm.com",
"preferred_username": "jeff.bohren@optimalidm.com",
"profile": "https://optimalidm.com",
"sub": "jBrDabUU7EGUyAxDB6KzCg==",
"updated_at": 0,
"website": "http://optimalidm.com",
"zoneinfo": "East US"
}
|
0.479 | OpenIDSchema | {
"address": {},
"birthdate": "1972-01-01",
"email": "jeff.bohren@optimalidm.com",
"email_verified": false,
"family_name": "Bohren",
"gender": "male",
"given_name": "Jeffrey",
"locale": "en-US",
"middle_name": "Scott",
"name": "Jeffrey Bohren",
"nickname": "Jeffrey",
"phone_number": "555-1212",
"phone_number_verified": false,
"picture": "https://optimalidm.com",
"preferred_username": "jeff.bohren@optimalidm.com",
"profile": "https://optimalidm.com",
"sub": "jBrDabUU7EGUyAxDB6KzCg==",
"updated_at": 0,
"website": "http://optimalidm.com",
"zoneinfo": "East US"
}
|
0.479 | phase | <--<-- 6 --- Done -->--> |
0.479 | end | |
0.479 | assertion | VerifyClaims |
0.48 | condition | verify-claims: status=WARNING, message=Unexpected claims in response: ['updated_at', 'email', 'zoneinfo', 'website', 'family_name', 'nickname', 'birthdate', 'given_name', 'locale', 'address', 'middle_name', 'email_verified', 'phone_number', 'picture', 'gender', 'profile', 'preferred_username', 'phone_number_verified'] [Verifies that the claims returned as UserInfo or in the ID Token is consistent with what was asked for] |
0.48 | assertion | CheckHTTPResponse |
0.48 | condition | check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks] |
0.481 | condition | Done: status=OK |