[Openid-specs-ab] Issue #115: OP-Registration-Sub-Differ (Public and pairwise sub values differ) Test fails for certain response_type requests (openid/certification)

Edmund Jay issues-reply at bitbucket.org
Thu Mar 19 22:49:27 UTC 2015


New issue 115: OP-Registration-Sub-Differ (Public and pairwise sub values differ) Test fails for certain response_type requests
https://bitbucket.org/openid/certification/issue/115/op-registration-sub-differ-public-and

Edmund Jay:

The test reports a failure for the following response_type requests :

code id_token  
code id_token token  

The public and pairwise values are in the responses.


```
#!text

Test info

Profile: {'openid-configuration': 'config', 'extras': True, 'response_type': 'code+id_token+token', 'crypto': 'encrypt+sign', 'registration': 'dynamic'}
Test description: Public and pairwise sub values differ [Extra]
Test ID: OP-Registration-Sub-Differ
Issuer: https://connect.openid4.us
Test output


__RegistrationRequest:post__
[check]
	status: INFORMATION
	description: Registration Response
	info: {"client_id":"hmFfPJTyq1pNzZHTwO345A","client_secret":"q8Q-ITwPfQlnbg","registration_access_token":"llwczfzogewIsw","registration_client_uri":"https:\/\/connect.openid4.us\/abop\/op.php\/client\/GkiKIS-YCfSA_4WrukbIvg","client_id_issued_at":1426805000,"client_secret_expires_at":0,"contacts":["roland.hedberg at umu.se"],"application_type":"web","redirect_uris":["https:\/\/op.certification.openid.net:60103\/authz_cb","https:\/\/op.certification.openid.net:60103\/cb","https:\/\/op.certification.openid.net:60103\/cb","https:\/\/op.certification.openid.net:60103\/cb"],"post_logout_redirect_uris":["https:\/\/op.certification.openid.net:60103\/logout"],"jwks_uri":"https:\/\/op.certification.openid.net:60103\/export\/jwk_60103.json","subject_type":"public","default_max_age":3600,"require_auth_time":true,"response_types":["code id_token"],"grant_types":["authorization_code","implicit"]}
__AuthorizationRequest:pre__
[check-response-type]
	status: OK
	description: Checks that the asked for response type are among the supported
[check-endpoint]
	status: OK
	description: Checks that the necessary endpoint exists at a server
__RegistrationRequest:post__
[check]
	status: INFORMATION
	description: Registration Response
	info: {"client_id":"gBgV2E0WM6neCkZHHxpc2Q","client_secret":"fC8SwN8CZ9ShHQ","registration_access_token":"ixspWifdHwcqhA","registration_client_uri":"https:\/\/connect.openid4.us\/abop\/op.php\/client\/IBuxB0v3NIvsoGJ1WhoxYA","client_id_issued_at":1426805005,"client_secret_expires_at":0,"contacts":["roland.hedberg at umu.se"],"application_type":"web","redirect_uris":["https:\/\/op.certification.openid.net:60103\/authz_cb","https:\/\/op.certification.openid.net:60103\/cb","https:\/\/op.certification.openid.net:60103\/cb","https:\/\/op.certification.openid.net:60103\/cb"],"post_logout_redirect_uris":["https:\/\/op.certification.openid.net:60103\/logout"],"jwks_uri":"https:\/\/op.certification.openid.net:60103\/export\/jwk_60103.json","subject_type":"pairwise","default_max_age":3600,"require_auth_time":true,"response_types":["code id_token"],"grant_types":["authorization_code","implicit"]}
__AuthorizationRequest:pre__
[check-response-type]
	status: OK
	description: Checks that the asked for response type are among the supported
[check-endpoint]
	status: OK
	description: Checks that the necessary endpoint exists at a server
__After completing the test flow:__
[verify-response]
	status: OK
	description: Checks that the last response was one of a possible set of OpenID Connect Responses
[different_sub]
	status: ERROR
	description: Verifies that the sub value differs between public and pairwise subject types.
Trace output


0.000293 ------------ DiscoveryRequest ------------
0.000305 Provider info discover from 'https://connect.openid4.us'
0.000312 --> URL: https://connect.openid4.us/.well-known/openid-configuration
0.390272 ProviderConfigurationResponse: {
  "authorization_endpoint": "https://connect.openid4.us/abop/op.php/auth",
  "check_session_iframe": "https://connect.openid4.us/abop/opframe.php/1",
  "claim_types_supported": [
    "normal"
  ],
  "claims_locales_supported": [
    "en-US"
  ],
  "claims_parameter_supported": true,
  "claims_supported": [
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "profile",
    "picture",
    "website",
    "email",
    "email_verified",
    "gender",
    "birthdate",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "address",
    "updated_at"
  ],
  "display_values_supported": [
    "page"
  ],
  "end_session_endpoint": "https://connect.openid4.us/abop/op.php/endsession",
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A256CBC-HS512",
    "A128GCM",
    "A256GCM"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512"
  ],
  "issuer": "https://connect.openid4.us",
  "jwks_uri": "https://connect.openid4.us/connect4us.jwk",
  "op_policy_uri": "https://connect.openid4.us/abop/op.php/op_policy",
  "op_tos_uri": "https://connect.openid4.us/abop/op.php/op_tos",
  "registration_endpoint": "https://connect.openid4.us/abop/op.php/registration",
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A256CBC-HS512",
    "A128GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512"
  ],
  "request_parameter_supported": true,
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false,
  "response_types_supported": [
    "code",
    "code token",
    "code id_token",
    "token",
    "token id_token",
    "code token id_token",
    "id_token"
  ],
  "scopes_supported": [
    "openid",
    "profile",
    "email",
    "address",
    "phone",
    "offline_access"
  ],
  "service_documentation": "https://connect.openid4.us/abop/op.php/servicedocs",
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "token_endpoint": "https://connect.openid4.us/abop/op.php/token",
  "token_endpoint_auth_methods_supported": [
    "client_secret_post",
    "client_secret_basic",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "none",
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512"
  ],
  "ui_locales_supported": [
    "en-US"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A256CBC-HS512",
    "A128GCM",
    "A256GCM"
  ],
  "userinfo_endpoint": "https://connect.openid4.us/abop/op.php/userinfo",
  "userinfo_signing_alg_values_supported": [
    "none",
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512"
  ],
  "version": "3.0"
}
0.727300 JWKS: {
  "keys": [
    {
      "e": "AQAB",
      "kid": "ABOP-00",
      "kty": "RSA",
      "n": "tf_sB4M0sHearRLzz1q1JRgRdRnwk0lz-IcVDFlpp2dtDVyA-ZM8Tu1swp7upaTNykf7cp3Ne_6uW3JiKvRMDdNdvHWCzDHmbmZWGdnFF9Ve-D1cUxj4ETVpUM7AIXWbGs34fUNYl3Xzc4baSyvYbc3h6iz8AIdb_1bQLxJsHBi-ydg3NMJItgQJqBiwCmQYCOnJlekR-Ga2a5XlIx46Wsj3Pz0t0dzM8gVSU9fU3QrKKzDFCoFHTgig1YZNNW5W2H6QwANL5h-nbgre5sWmDmdnfiU6Pj5GOQDmp__rweinph8OAFNF6jVqrRZ3QJEmMnO42naWOsxV2FAUXafksQ"
    }
  ]
}
0.728256 ------------ RegistrationRequest ------------
0.728633 --> URL: https://connect.openid4.us/abop/op.php/registration
0.728639 --> BODY: {"subject_type": "public", "jwks_uri": "https://op.certification.openid.net:60103/export/jwk_60103.json", "contacts": ["roland.hedberg at umu.se"], "application_type": "web", "grant_types": ["authorization_code", "implicit"], "post_logout_redirect_uris": ["https://op.certification.openid.net:60103/logout"], "redirect_uris": ["https://op.certification.openid.net:60103/authz_cb", "https://op.certification.openid.net:60103/cb", "https://op.certification.openid.net:60103/cb", "https://op.certification.openid.net:60103/cb"], "response_types": ["code id_token"], "require_auth_time": true, "default_max_age": 3600}
0.728648 --> HEADERS: {'Content-type': 'application/json'}
1.124847 <-- STATUS: 200
1.124936 <-- BODY: {"client_id":"hmFfPJTyq1pNzZHTwO345A","client_secret":"q8Q-ITwPfQlnbg","registration_access_token":"llwczfzogewIsw","registration_client_uri":"https:\/\/connect.openid4.us\/abop\/op.php\/client\/GkiKIS-YCfSA_4WrukbIvg","client_id_issued_at":1426805000,"client_secret_expires_at":0,"contacts":["roland.hedberg at umu.se"],"application_type":"web","redirect_uris":["https:\/\/op.certification.openid.net:60103\/authz_cb","https:\/\/op.certification.openid.net:60103\/cb","https:\/\/op.certification.openid.net:60103\/cb","https:\/\/op.certification.openid.net:60103\/cb"],"post_logout_redirect_uris":["https:\/\/op.certification.openid.net:60103\/logout"],"jwks_uri":"https:\/\/op.certification.openid.net:60103\/export\/jwk_60103.json","subject_type":"public","default_max_age":3600,"require_auth_time":true,"response_types":["code id_token"],"grant_types":["authorization_code","implicit"]}
1.125640 RegistrationResponse: {
  "application_type": "web",
  "client_id": "hmFfPJTyq1pNzZHTwO345A",
  "client_id_issued_at": 1426805000,
  "client_secret": "q8Q-ITwPfQlnbg",
  "client_secret_expires_at": 0,
  "contacts": [
    "roland.hedberg at umu.se"
  ],
  "default_max_age": 3600,
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks_uri": "https://op.certification.openid.net:60103/export/jwk_60103.json",
  "post_logout_redirect_uris": [
    "https://op.certification.openid.net:60103/logout"
  ],
  "redirect_uris": [
    "https://op.certification.openid.net:60103/authz_cb",
    "https://op.certification.openid.net:60103/cb",
    "https://op.certification.openid.net:60103/cb",
    "https://op.certification.openid.net:60103/cb"
  ],
  "registration_access_token": "llwczfzogewIsw",
  "registration_client_uri": "https://connect.openid4.us/abop/op.php/client/GkiKIS-YCfSA_4WrukbIvg",
  "require_auth_time": true,
  "response_types": [
    "code id_token"
  ],
  "subject_type": "public"
}
1.127178 ------------ AuthorizationRequest ------------
1.127596 --> URL: https://connect.openid4.us/abop/op.php/auth?nonce=fGsGdBPIb6hf&state=J1jIm6gFD9Gff21G&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60103%2Fauthz_cb&response_type=code+id_token+token&client_id=hmFfPJTyq1pNzZHTwO345A&scope=openid
1.127604 --> BODY: None
3.956152 QUERY_STRING:
5.033588 <-- state=J1jIm6gFD9Gff21G&access_token=ogKW2xMbc_4ij-3EpgRVFjM-ivJCzRdpFmXWRVLV5Qg&token_type=Bearer&expires_in=3600&id_token=eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOlwvXC9jb25uZWN0Lm9wZW5pZDQudXNcL2Nvbm5lY3Q0dXMuandrIiwia2lkIjoiQUJPUC0wMCJ9.eyJpc3MiOiJodHRwczpcL1wvY29ubmVjdC5vcGVuaWQ0LnVzIiwic3ViIjoiYWxpY2UiLCJhdWQiOlsiaG1GZlBKVHlxMXBOelpIVHdPMzQ1QSJdLCJleHAiOjE0MjY4MDUzMDMsImlhdCI6MTQyNjgwNTAwMywibm9uY2UiOiJmR3NHZEJQSWI2aGYiLCJhdXRoX3RpbWUiOjE0MjY4MDQ2NTYsImNfaGFzaCI6IkNMM3hyUWFEMUE4dVhkMnJBS0VneVEiLCJhdF9oYXNoIjoidV9WcFA1Q28yc2owbFNjUW0zbmRwZyJ9.PowitJxX054N_C-A-J5i3cvlUKtq3OBNcBp4S-pN_JifDEGUFCZbhBWSG5qxMEje5VA4xIMo0ie_6ZIGzkquvOMIDRO5kw7aDvHd3I6PygPR64B4wB2BXFMZZY42KfQLyyT0OGvHOUxLBDMllMVVvEL4X9GPq6fCerzu-2XMplU8BJitKEl0EhQZ_vUJ1z3Tm_csRHPN_kcVW29HUg0_xOWvLsq983beuWNIXmJs25dK1QMAMDhUsZwIk54iIL7ntPLAP-xZNShkaxUCBstbweZ1aDOyf5ZECZFcn2HnDHfpWpduIbj8jGxN8gpnLtoky4Hk4ACWtSwaXLKSbJ4WmA&session_state=583a061b0b89edd9e85884bee7b6a93b4549f0e14c9fd9887afb41367046a64b.569c9d
 2e3faa8dffe426f9c0ad3c771e&code=nwLaKzPY3fJm6OQJONK3cesVveiF_fj2eAON1KDDJm0
5.364180 AuthorizationResponse: {
  "access_token": "ogKW2xMbc_4ij-3EpgRVFjM-ivJCzRdpFmXWRVLV5Qg",
  "code": "nwLaKzPY3fJm6OQJONK3cesVveiF_fj2eAON1KDDJm0",
  "expires_in": 3600,
  "id_token": {
    "claims": {
      "at_hash": "u_VpP5Co2sj0lScQm3ndpg",
      "aud": [
        "hmFfPJTyq1pNzZHTwO345A"
      ],
      "auth_time": 1426804656,
      "c_hash": "CL3xrQaD1A8uXd2rAKEgyQ",
      "exp": 1426805303,
      "iat": 1426805003,
      "iss": "https://connect.openid4.us",
      "nonce": "fGsGdBPIb6hf",
      "sub": "alice"
    },
    "jws header parameters": {
      "alg": "RS256",
      "jku": "https://connect.openid4.us/connect4us.jwk",
      "kid": "ABOP-00"
    }
  },
  "session_state": "583a061b0b89edd9e85884bee7b6a93b4549f0e14c9fd9887afb41367046a64b.569c9d2e3faa8dffe426f9c0ad3c771e",
  "state": "J1jIm6gFD9Gff21G",
  "token_type": "Bearer"
}
5.364717 ------------ AccessTokenRequest ------------
5.365074 --> URL: https://connect.openid4.us/abop/op.php/token
5.365080 --> BODY: code=nwLaKzPY3fJm6OQJONK3cesVveiF_fj2eAON1KDDJm0&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60103%2Fauthz_cb
5.365091 --> HEADERS: {'Content-type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic aG1GZlBKVHlxMXBOelpIVHdPMzQ1QTpxOFEtSVR3UGZRbG5iZw=='}
5.786548 <-- STATUS: 200
5.786666 <-- BODY: {"access_token":"pA_XQneeefdod8FRcIfXpFgibyawLbaFJ5_0OZjwurc","token_type":"Bearer","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOlwvXC9jb25uZWN0Lm9wZW5pZDQudXNcL2Nvbm5lY3Q0dXMuandrIiwia2lkIjoiQUJPUC0wMCJ9.eyJpc3MiOiJodHRwczpcL1wvY29ubmVjdC5vcGVuaWQ0LnVzIiwic3ViIjoiYWxpY2UiLCJhdWQiOlsiaG1GZlBKVHlxMXBOelpIVHdPMzQ1QSJdLCJleHAiOjE0MjY4MDUzMDUsImlhdCI6MTQyNjgwNTAwNSwibm9uY2UiOiJmR3NHZEJQSWI2aGYiLCJhdXRoX3RpbWUiOjE0MjY4MDQ2NTZ9.MMR867hEqRYXPMqfQ72UX3dXvx4viBZ8pYNYopVnav2uxIXSGko7igbjsqIie3Ci_aTuaXpol_8YtBI-xf1vbf-2JbwsPm0QzTq_rVxVLQWHgHwvV3UVFSirmt71BtwpbupGvEx4kwWJ48v0tm80LRuHNzXqyCJ1GJXuLlXPTN2eG6OagYyaDLcdT1UMgmYOt23q4EXp9g5K9gZaHwafikP3K2A_xUOuPsYBFY0URldzaa-woMBExLsKdXfUrHMUdl0ftDpylcDC5gm81v6V0ZXE7E1FgyxuTS0UTxxe-FfAqK1Lc_thfu8lc0DuiIylTyEO18X6gvseDQGYeeW2dg"}
5.789652 AccessTokenResponse: {
  "access_token": "pA_XQneeefdod8FRcIfXpFgibyawLbaFJ5_0OZjwurc",
  "expires_in": 3600,
  "id_token": {
    "claims": {
      "aud": [
        "hmFfPJTyq1pNzZHTwO345A"
      ],
      "auth_time": 1426804656,
      "exp": 1426805305,
      "iat": 1426805005,
      "iss": "https://connect.openid4.us",
      "nonce": "fGsGdBPIb6hf",
      "sub": "alice"
    },
    "jws header parameters": {
      "alg": "RS256",
      "jku": "https://connect.openid4.us/connect4us.jwk",
      "kid": "ABOP-00"
    }
  },
  "token_type": "Bearer"
}
5.791118 ------------ RegistrationRequest ------------
5.791488 --> URL: https://connect.openid4.us/abop/op.php/registration
5.791495 --> BODY: {"subject_type": "pairwise", "jwks_uri": "https://op.certification.openid.net:60103/export/jwk_60103.json", "contacts": ["roland.hedberg at umu.se"], "application_type": "web", "grant_types": ["authorization_code", "implicit"], "post_logout_redirect_uris": ["https://op.certification.openid.net:60103/logout"], "redirect_uris": ["https://op.certification.openid.net:60103/authz_cb", "https://op.certification.openid.net:60103/cb", "https://op.certification.openid.net:60103/cb", "https://op.certification.openid.net:60103/cb"], "response_types": ["code id_token"], "require_auth_time": true, "default_max_age": 3600}
5.791503 --> HEADERS: {'Content-type': 'application/json'}
6.202846 <-- STATUS: 200
6.202974 <-- BODY: {"client_id":"gBgV2E0WM6neCkZHHxpc2Q","client_secret":"fC8SwN8CZ9ShHQ","registration_access_token":"ixspWifdHwcqhA","registration_client_uri":"https:\/\/connect.openid4.us\/abop\/op.php\/client\/IBuxB0v3NIvsoGJ1WhoxYA","client_id_issued_at":1426805005,"client_secret_expires_at":0,"contacts":["roland.hedberg at umu.se"],"application_type":"web","redirect_uris":["https:\/\/op.certification.openid.net:60103\/authz_cb","https:\/\/op.certification.openid.net:60103\/cb","https:\/\/op.certification.openid.net:60103\/cb","https:\/\/op.certification.openid.net:60103\/cb"],"post_logout_redirect_uris":["https:\/\/op.certification.openid.net:60103\/logout"],"jwks_uri":"https:\/\/op.certification.openid.net:60103\/export\/jwk_60103.json","subject_type":"pairwise","default_max_age":3600,"require_auth_time":true,"response_types":["code id_token"],"grant_types":["authorization_code","implicit"]}
6.203720 RegistrationResponse: {
  "application_type": "web",
  "client_id": "gBgV2E0WM6neCkZHHxpc2Q",
  "client_id_issued_at": 1426805005,
  "client_secret": "fC8SwN8CZ9ShHQ",
  "client_secret_expires_at": 0,
  "contacts": [
    "roland.hedberg at umu.se"
  ],
  "default_max_age": 3600,
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks_uri": "https://op.certification.openid.net:60103/export/jwk_60103.json",
  "post_logout_redirect_uris": [
    "https://op.certification.openid.net:60103/logout"
  ],
  "redirect_uris": [
    "https://op.certification.openid.net:60103/authz_cb",
    "https://op.certification.openid.net:60103/cb",
    "https://op.certification.openid.net:60103/cb",
    "https://op.certification.openid.net:60103/cb"
  ],
  "registration_access_token": "ixspWifdHwcqhA",
  "registration_client_uri": "https://connect.openid4.us/abop/op.php/client/IBuxB0v3NIvsoGJ1WhoxYA",
  "require_auth_time": true,
  "response_types": [
    "code id_token"
  ],
  "subject_type": "pairwise"
}
6.205298 ------------ AuthorizationRequest ------------
6.205695 --> URL: https://connect.openid4.us/abop/op.php/auth?nonce=eaMrIdhL4Suy&state=edmzFfTEG5N62c1U&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60103%2Fauthz_cb&response_type=code+id_token+token&client_id=gBgV2E0WM6neCkZHHxpc2Q&scope=openid
6.205701 --> BODY: None
8.446183 QUERY_STRING:
9.258471 <-- state=edmzFfTEG5N62c1U&access_token=7rH3-2cX8paI1wse0ID9UMUEZHvfMtUu71vNY_U1hIc&token_type=Bearer&expires_in=3600&id_token=eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOlwvXC9jb25uZWN0Lm9wZW5pZDQudXNcL2Nvbm5lY3Q0dXMuandrIiwia2lkIjoiQUJPUC0wMCJ9.eyJpc3MiOiJodHRwczpcL1wvY29ubmVjdC5vcGVuaWQ0LnVzIiwic3ViIjoiNzRmMDcwZjE5MDZlNzQxZWI4M2Y3MGZlZDI5ZmI2Mjk5MmM5ZWQyYmIyMzY5ZTYwMWU4OTAzMzE1ZDE3OTY3YiIsImF1ZCI6WyJnQmdWMkUwV002bmVDa1pISHhwYzJRIl0sImV4cCI6MTQyNjgwNTMwNywiaWF0IjoxNDI2ODA1MDA3LCJub25jZSI6ImVhTXJJZGhMNFN1eSIsImF1dGhfdGltZSI6MTQyNjgwNDY1NiwiY19oYXNoIjoiYTVzNTdzZFE0cHFmdG5mTUxsUWRkdyIsImF0X2hhc2giOiJIVC16UTloRUEzZ0dMLTZDekxCM09BIn0.XZUhW8qafmwWiig0K4yvKwJv_Dz2gfvE5tHYLSE1koprmGVoQL8xx9gRRYrVwdCyZFL3MEBicHrC74rFhv7pkO_e_JETBfY-G9kVm3mpBUNymjA7dLnd2fkMSNJWMdll4QOL8zogK6mXyJFIurmCsCyL_k6TP_HsSySTYom4SulpkU7CMgQHiHBitgOLQU4t1tJtkieyGbALYOdTejbTg5MJ5-lVeEg_K6ZPCHnPAGqxJzk9jv8xp9F9Px9XiQlwtCkePRN7swwANsy4bO95MDcRE-4RHv9VxxBVi13ff_p8xKi_u9y1qK69HcJC7KaULJtI1EJZxYq5BWLUyX50_Q&sessio
 n_state=535b4ccf3defd440053a4c7ff7775ac111be1819522f71d732b5310da8c433f1.96028fade60d056296895f1c7c3b9b82&code=jTs32Hpwkx6whb7nUzfoX09do2dOEAceFMDEENAr-zk
9.261265 AuthorizationResponse: {
  "access_token": "7rH3-2cX8paI1wse0ID9UMUEZHvfMtUu71vNY_U1hIc",
  "code": "jTs32Hpwkx6whb7nUzfoX09do2dOEAceFMDEENAr-zk",
  "expires_in": 3600,
  "id_token": {
    "claims": {
      "at_hash": "HT-zQ9hEA3gGL-6CzLB3OA",
      "aud": [
        "gBgV2E0WM6neCkZHHxpc2Q"
      ],
      "auth_time": 1426804656,
      "c_hash": "a5s57sdQ4pqftnfMLlQddw",
      "exp": 1426805307,
      "iat": 1426805007,
      "iss": "https://connect.openid4.us",
      "nonce": "eaMrIdhL4Suy",
      "sub": "74f070f1906e741eb83f70fed29fb62992c9ed2bb2369e601e8903315d17967b"
    },
    "jws header parameters": {
      "alg": "RS256",
      "jku": "https://connect.openid4.us/connect4us.jwk",
      "kid": "ABOP-00"
    }
  },
  "session_state": "535b4ccf3defd440053a4c7ff7775ac111be1819522f71d732b5310da8c433f1.96028fade60d056296895f1c7c3b9b82",
  "state": "edmzFfTEG5N62c1U",
  "token_type": "Bearer"
}
9.261768 ------------ AccessTokenRequest ------------
9.262097 --> URL: https://connect.openid4.us/abop/op.php/token
9.262103 --> BODY: code=jTs32Hpwkx6whb7nUzfoX09do2dOEAceFMDEENAr-zk&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fop.certification.openid.net%3A60103%2Fauthz_cb
9.262113 --> HEADERS: {'Content-type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic Z0JnVjJFMFdNNm5lQ2taSEh4cGMyUTpmQzhTd044Q1o5U2hIUQ=='}
9.707546 <-- STATUS: 200
9.707677 <-- BODY: {"access_token":"vmKCNjWuGb5n0_h-moON1r-pNvWuChi_LWy_JUgav3s","token_type":"Bearer","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOlwvXC9jb25uZWN0Lm9wZW5pZDQudXNcL2Nvbm5lY3Q0dXMuandrIiwia2lkIjoiQUJPUC0wMCJ9.eyJpc3MiOiJodHRwczpcL1wvY29ubmVjdC5vcGVuaWQ0LnVzIiwic3ViIjoiNzRmMDcwZjE5MDZlNzQxZWI4M2Y3MGZlZDI5ZmI2Mjk5MmM5ZWQyYmIyMzY5ZTYwMWU4OTAzMzE1ZDE3OTY3YiIsImF1ZCI6WyJnQmdWMkUwV002bmVDa1pISHhwYzJRIl0sImV4cCI6MTQyNjgwNTMwOSwiaWF0IjoxNDI2ODA1MDA5LCJub25jZSI6ImVhTXJJZGhMNFN1eSIsImF1dGhfdGltZSI6MTQyNjgwNDY1Nn0.FpTaKi7MrFvWdYtvsD42ZwZemn-LYigbgphKqYfNhTcRjUlM18zMlAt2HEt6hg-WY7dmvXnNnuObMfhTDReoLn31I0kwnyNzOSxprm5UTb8bXOWZttfbBWKBiXfVpQ8qFGEH98dM_6rYt3fxOmGMwrkaHTbwJ6qoK0guwrdV3i3xwrWCeIIqNwnGSQxVgRnBeIYLqIIkwnH--HJqHBjwNIyqmhhA8AZEiTjwShujUeJG_kqsQMhqgyVGw977RzjnuquvKK0OvwJ7gURj8OHnfiKHNta9ufe5I0uEXCMt6YNYRDtzqaR-8VgQRyGm7tIGu9-CjO1D0Fish9c7kaFABw"}
9.710575 AccessTokenResponse: {
  "access_token": "vmKCNjWuGb5n0_h-moON1r-pNvWuChi_LWy_JUgav3s",
  "expires_in": 3600,
  "id_token": {
    "claims": {
      "aud": [
        "gBgV2E0WM6neCkZHHxpc2Q"
      ],
      "auth_time": 1426804656,
      "exp": 1426805309,
      "iat": 1426805009,
      "iss": "https://connect.openid4.us",
      "nonce": "eaMrIdhL4Suy",
      "sub": "74f070f1906e741eb83f70fed29fb62992c9ed2bb2369e601e8903315d17967b"
    },
    "jws header parameters": {
      "alg": "RS256",
      "jku": "https://connect.openid4.us/connect4us.jwk",
      "kid": "ABOP-00"
    }
  },
  "token_type": "Bearer"
}
Result

FAILED
```
 




More information about the Openid-specs-ab mailing list