internal/certification/CIT.F.T.T.s/OP-Discovery-Config.txt
Test tool version: 2.1.3
Issuer: https://oidc-certification.ory.sh:8443/
Profile: []
Test ID: OP-Discovery-Config
Test description: Publishes openid-configuration discovery information
Timestamp: 2018-06-23T10:59:19Z
============================================================
Trace output
0.0 phase <--<-- 0 --- Webfinger -->-->
0.0 not expected to do WebFinger
0.0 phase <--<-- 1 --- Discovery -->-->
0.0 provider_config kwargs:{'issuer': 'https://oidc-certification.ory.sh:8443/'}
0.075 http response url:https://oidc-certification.ory.sh:8443/.well-known/openid-configuration status_code:200
0.076 ProviderConfigurationResponse {
"authorization_endpoint": "https://oidc-certification.ory.sh:8443/oauth2/auth",
"claims_parameter_supported": false,
"claims_supported": [
"sub"
],
"grant_types_supported": [
"authorization_code",
"implicit",
"client_credentials",
"refresh_token"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"issuer": "https://oidc-certification.ory.sh:8443/",
"jwks_uri": "https://oidc-certification.ory.sh:8443/.well-known/jwks.json",
"registration_endpoint": "https://oidc-certification.ory.sh:8443/clients",
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": true,
"response_modes_supported": [
"query",
"fragment"
],
"response_types_supported": [
"code",
"code id_token",
"id_token",
"token id_token",
"token",
"token id_token code"
],
"scopes_supported": [
"offline",
"openid"
],
"subject_types_supported": [
"pairwise",
"public"
],
"token_endpoint": "https://oidc-certification.ory.sh:8443/oauth2/token",
"token_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic",
"private_key_jwt",
"none"
],
"userinfo_endpoint": "https://oidc-certification.ory.sh:8443/userinfo",
"userinfo_signing_alg_values_supported": [
"none",
"RS256"
],
"version": "3.0"
}
0.076 phase <--<-- 2 --- Done -->-->
0.076 end
0.077 assertion CheckHTTPResponse
0.077 condition check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
0.077 assertion VerifyIdTokenSigningAlgorithmIsSupported
0.077 condition verify-id_token_signing-algorithm-is-supported: status=OK [Verify that required algorithms in id_token_signing_alg_values_supported]
0.078 assertion VerifyHTTPSUsage
0.078 condition verify-https-usage: status=OK [Verify that specific endpoints uses https]
0.078 assertion VerifyOPEndpointsUseHTTPS
0.078 condition verify-op-endpoints-use-https: status=OK [Verify that all OP endpoints uses https]
0.078 condition Done: status=OK
============================================================
Conditions
check-http-response: status=OK [Checks that the HTTP response status is within the 200 or 300 range. Also does some extra JSON checks]
verify-id_token_signing-algorithm-is-supported: status=OK [Verify that required algorithms in id_token_signing_alg_values_supported]
verify-https-usage: status=OK [Verify that specific endpoints uses https]
verify-op-endpoints-use-https: status=OK [Verify that all OP endpoints uses https]
Done: status=OK
============================================================
RESULT: PASSED