[Openid-specs-ab] Issue #27: O-E-01 Implicit(id_token) (openid/certification)
John Bradley
issues-reply at bitbucket.org
Mon Jan 26 19:56:19 UTC 2015
New issue 27: O-E-01 Implicit(id_token)
https://bitbucket.org/openid/certification/issue/27/o-e-01-implicit-id_token
John Bradley:
test info for OP-E-01
Test output
This shows fail on the button.
It is a bit strange that it is trying to access the user_info endpoint in this test.
The claims are returned in the id_token for this flow.
In the full server log it seems to show as passed.
__AuthorizationRequest:pre__
[check-response-type]
status: OK
description: Checks that the asked for response type are among the supported
[check-endpoint]
status: OK
description: Checks that the necessary endpoint exists at a server
Trace output
0.000111 ------------ DiscoveryRequest ------------
0.000119 Provider info discover from 'https://gold.pinglabs.net/'
0.768825 ProviderConfigurationResponse: {'authorization_endpoint': u'https://gold.pinglabs.net/as/authorization.oauth2', 'userinfo_endpoint': u'https://gold.pinglabs.net/idp/userinfo.openid', u'revocation_endpoint': u'https://gold.pinglabs.net/as/revoke_token.oauth2', 'jwks_uri': u'https://gold.pinglabs.net/pf/JWKS', 'token_endpoint': u'https://gold.pinglabs.net/as/token.oauth2', 'require_request_uri_registration': True, 'scopes_supported': [u'product', u'phone', u'pingone-native-application', u'address', u'email', u'admin', u'edit', u'openid', u'profile'], u'ping_revoked_sris_endpoint': u'https://gold.pinglabs.net/pf-ws/rest/sessionMgmt/revokedSris', 'subject_types_supported': [u'public'], 'token_endpoint_auth_methods_supported': [u'client_secret_basic', u'client_secret_post'], 'request_uri_parameter_supported': False, 'id_token_signing_alg_values_supported': [u'none', u'HS256', u'HS384', u'HS512', u'RS256', u'RS384', u'RS512', u'ES256', u'ES384', u'ES512'], 'version': u'3.0
', u'ping_end_session_endpoint': u'https://gold.pinglabs.net/idp/startSLO.ping', 'grant_types_supported': ['authorization_code', 'implicit'], 'response_types_supported': [u'code', u'token', u'id_token', u'code token', u'code id_token', u'token id_token', u'code token id_token'], 'claims_parameter_supported': False, 'request_parameter_supported': False, 'claim_types_supported': [u'normal'], 'issuer': u'https://gold.pinglabs.net'}
1.539513 JWKS: {"keys":[{"kty":"EC","kid":"omtz5","use":"sig","x":"xlJt8YC7vZsPRn1ntCi8ruys9URO5xmYTgf74zoT4u10Kxs67Y6Dlt8JKuzSKq_r6Bl4l2NTm-NzsgCUqTGMorY","y":"AdB9IC6K8o9NKtRqLH-MMJ3KLZB5fuvFgDElv-U5Ne-R5caawOwT4EbE1sDHGSy0Dn-xh2uwYfAc_f3pU8YnZ7Lt","crv":"P-521"},{"kty":"EC","kid":"omtz4","use":"sig","x":"mAGJKQdNSdbPlF9tN_LVl4g3p3K0K2itxRpOf9VWrYnlwQmRoklHHOEhgUOUqAmH","y":"yHonrVu8ogLhtLJF_vq7DZNewdKF69pgtqmuq2p9dY0B9hljaveustK5KfFORzgi","crv":"P-384"},{"kty":"EC","kid":"omtz3","use":"sig","x":"DipHxUzAZvIKlktKraRwKz0rq9mt_tQWpi5GKJ0LznM","y":"qtROkky5JVaa41SoFQ-U6G63DGeRLuFV4Aeqip7Kp6o","crv":"P-256"},{"kty":"RSA","kid":"omtz2","use":"sig","n":"jrSA2v_BHzIFw9xuCbIeryBZushF6oDOE50G0Erns66Z2IZsud_6uzHaDx5CVajWOhRiRJcfMntZHt49uQcCT1LgGCnycKBqP8XQX6NBaRxMwzxh7RoF7xBmlcag8inYfTMCILwcTXuXFJFjWqu28RtYQwgoEuwdkKUugXHepEFyfGY8sXRAQ7x3xGcFjsc4MZNvZlQglmv1WSf47b3VZRkfLpjplZnrxLXRc3hwZzeRH3aFjSAxgm08ffPC6Qu4FjXdOQ7I5WpsfreQZG6KrUFzQO894DC7Lddp4qHDvOznj8-L9udvnL3bj6hPOSEXe-blTsKpL5ev
-P1oGAZKsw","e":"AQAB"},{"kty":"EC","kid":"omtz1","use":"sig","x":"MfyquBGmMiaJjPobXeGv23X5xxhzsbe1j2bZTclDb9Eg1mBatNQWo-8wiefHAL1Ip4e29CKbkF7NS8azLEWCQiU","y":"AYMViNhimlhQM0eSKVGA0jrc8he1HmWzBx0QiTz6klMmEH4Y60bMf9rdk-a8Gnv4puCPl0PIR3Hiu7id27Z3qJR3","crv":"P-521"},{"kty":"EC","kid":"omtz0","use":"sig","x":"uIJ2DaZ2KkuOw56ZNylsZblWvx222DsZeBYIKTN0Dj_E0fJtlUBjmgBJrDVwLre1","y":"woLKDlgn-ql_BZp6msXAgT0-5b6-ZLv3gdEeYRm3v3oNYMhd71m9OhIwo2C9myL_","crv":"P-384"},{"kty":"EC","kid":"omtyz","use":"sig","x":"khzqOQ62hbFldLE62MP1onxb2-LqCdhQJIVz8FdtoZk","y":"vOqI3_uVNvC3lnTPAC4COwkv-mKPbAf_ru14ssexR0E","crv":"P-256"},{"kty":"RSA","kid":"omtyy","use":"sig","n":"kayq6tT7O-zDs5fKB07Kc3_4g15kZmyNcu6FWo6O-SRHKL8KJP0artj5paaUh_MGAmbTV0GDv59ueDBLJDehrS8L89KGFE9hA0ewa_UvpI1-L4GzVL6fNuw_Pcki0aZABNJxr41sBsLQLRjMgrcO44zCDihG6RLKWtaWPLTYFaojktJXF-g4sugn0rtMp-y4MWWTyD1z0ALHEmM6a0FY8HxmlBjJDihIyE1q67ZdPvBzp30-kY6NjgWjDsL_V2JU3Rxmae2-7mTb0j1gh3cg4z6y-AxsbIz5A5U2lQNhwd68AnEU0zdIrNsXL3FWUgaNay9zxCrXnZz
NWt84eZV6uQ","e":"AQAB"},{"kty":"EC","kid":"omtyx","use":"sig","x":"W5a7xlmwOYNrB7oTj4CLNXs8YcUymtb0kBmm9hb06ogwiMf-YBFI9ONpGAg0u-l84NIOXe-GgHpgL4rmVAdaaO8","y":"AfzRDUxyNnDyKs7m1gJaw7rZEGY4iUDgqlAQjTdoYpKm7VcBKgxRNgtyG28RCfL6_9Sk1PQ-zA8D8l-pr-YI-V7v","crv":"P-521"},{"kty":"EC","kid":"omtyw","use":"sig","x":"-m-8FO-SZpveBTBlaHWWixBigQX2NRwfj4xogvmUHOsQYfDwyOk8O87vA43OwSE6","y":"FFvYDZFWVGITfFCn0Lv9oJWfAdhNz0aMCEypkSLur0eswgISUiOS5wBWgBapIasa","crv":"P-384"},{"kty":"EC","kid":"omtyv","use":"sig","x":"GGVfBAPtdXyukzh50aiD_fQ-7k8Sh9uA6nurbrjJInc","y":"4T-YmEbU3L-_CPt6_HomDx_JzXD8Wz8Yqpu5D9ww96Q","crv":"P-256"},{"kty":"RSA","kid":"omtyu","use":"sig","n":"hVF3cL1DbRVYNMI8OvLlfKAvJSjplzq3BXQDrM495_diuEWzT2X7QjBM14OT8wV6lZ0i_Kr_9yztg02xqI-HiuZT7kjRyjxNv5_NP8E4FA1VQht1XMOtHHjnvUNiy8v6jTKvTdN78v4ygNHbwrEaWJZdPDJ3L74ZT98xLxRBrj0Phwsx1aFAgPnPDFMmQa2dAY7OaDQwZPSWtN0HpB13hGHuCb64gT8WR3Y2ARU1Tq9jakoCWXWStwWBzHaOoqqM_6eR_mAc2SwjDYjnwXnGWZ_ic_4fbTYfWDd5jGgfglnfTXqjZZebNzyCPAGdswXLW3NB7mg5xL
mdMjIIfzktDw","e":"AQAB"}]}
1.540433 ------------ AuthorizationRequest ------------
1.540744 --> URL: https://gold.pinglabs.net/as/authorization.oauth2?nonce=OEiJvHilkVyj&state=HyFdu8fJycTeGNiH&redirect_uri=https%3A%2F%2Foictest.umdc.umu.se%3A8094%2Fauthz_cb&response_type=id_token&client_id=oictest&scope=openid+profile
1.540750 --> BODY: None
7.777409 <-- state=HyFdu8fJycTeGNiH&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6Im9tdHl5In0.eyJzdWIiOiJqYnJhZGxleSIsInpvbmVpbmZvIjoiQW1lcmljYVwvTG9zX0FuZ2VsZXMiLCJwaWN0dXJlIjoiTnVsbCIsIm5pY2tuYW1lIjoiSm9obiBCcmFkbGV5IiwibG9jYWxlIjoiRGVudmVyIiwibmFtZSI6IkpvaG4gQnJhZGxleSIsImJpcnRoZGF0ZSI6IjIwMDItMDEtMjUiLCJnZW5kZXIiOiJ1bnNwZWNpZmllZCIsImZhbWlseV9uYW1lIjoiQnJhZGxleSIsInByZWZlcnJlZF91c2VybmFtZSI6ImpicmFkbGV5IiwiZ2l2ZW5fbmFtZSI6IkpvaG4iLCJwcm9maWxlIjoiTnVsbCIsImF1ZCI6Im9pY3Rlc3QiLCJqdGkiOiJxc1d3MnkzVmRnUFhFWXJBUVVyZFdtIiwiaXNzIjoiaHR0cHM6XC9cL2dvbGQucGluZ2xhYnMubmV0IiwiaWF0IjoxNDIyMzAxNjA1LCJleHAiOjE0MjIzMDE5MDUsIm5vbmNlIjoiT0VpSnZIaWxrVnlqIn0.O3XtsgsjLKuE3btYUvadnMEDuXkG6uPl6jRYS-N1UqgRsqPr4SeiUhbb2KiZ3rGEQwrp3JhV_PvgT2PDuodVch6ypEoaTP1Bn1F-C7pQOtgExLZHd2pv19jk0-diIz17I6upOwKjEjOSvIwTPxkx-gOJ27LQbDlv0RInAbzs98fdHaScv-9KdES1bQ0ufSB-GWh_Hj9D5DCht2HiQeBnp5JkWA4TRRrfjmumtYI5pTg_12OUJLsTwUTbnrRz2S8TnOSisNx2F227CHTUA9JzJVTomZqQes9yXZ5v5Iagv3skAXTGViXVuzx62RFQnBr2tFzRVJpgl8hRQ3JRjfuaJg
8.542308 AuthorizationResponse: {'id_token': {'profile': u'Null', 'picture': u'Null', 'sub': u'jbradley', 'family_name': u'Bradley', 'locale': u'Denver', 'gender': u'unspecified', 'zoneinfo': u'America/Los_Angeles', 'preferred_username': u'jbradley', 'birthdate': u'2002-01-25', 'iss': u'https://gold.pinglabs.net', u'jti': u'qsWw2y3VdgPXEYrAQUrdWm', 'given_name': u'John', 'exp': 1422301905, 'nonce': u'OEiJvHilkVyj', 'iat': 1422301605, 'nickname': u'John Bradley', 'aud': [u'oictest'], 'name': u'John Bradley'}, 'state': 'HyFdu8fJycTeGNiH'}
8.542472 ------------ UserInfoRequest ------------
8.542644 --> URL: https://gold.pinglabs.net/idp/userinfo.openid
8.542648 --> BODY: None
8.542653 --> HEADERS: {'Authorization': 'Bearer None'}
9.306130 <-- STATUS: 401
9.306753 [ERROR] ValueError:No JSON object could be decoded
Responsible: Rohe
More information about the Openid-specs-ab
mailing list