caa-aws/gist:3937651

## gistfile1.txt
nov@tov:op_config (master)$ oic_flow_tests.py nov_local
+ (oic-verify)Special flow used to find necessary user interactions - OK
+ (oic-discovery)Provider configuration discovery - OK
+ (mj-00)Client registration Request - OK
+ (mj-01)Request with response_type=code - OK
+ (mj-02)Request with response_type=token - OK
X (mj-51)Login no nonce - CRITICAL ([u"Didn't get a response of the type I expected:", u" 'ErrorResponse' instead of 'AuthorizationErrorResponse', content:'state=STATE0&error_description=nonce+required&error=invalid_request'"])
+ (oic-token-userinfo)Implicit flow and Userinfo request - OK
+ (oic-token-userinfo_bb)Implicit flow, UserInfo request using POST and bearer body
    authentication - OK
+ (mj-03)Request with response_type=id_token - OK
+ (mj-04)Request with response_type=code token - OK
+ (oic-code+token-token)Flow with response_type='code token' - OK
+ (oic-code+token-userinfo)Flow with response_type='code token' and Userinfo request - OK
+ (mj-05)Request with response_type=code id_token - OK
+ (oic-code+idtoken-token)Flow with response_type='code idtoken' - OK
+ (oic-code+idtoken-token-userinfo)Flow with response_type='code idtoken' and Userinfo request - OK
+ (mj-06)Request with response_type=id_token token - OK
+ (oic-idtoken+token-userinfo)Flow with response_type='token idtoken' and Userinfo request - OK
+ (mj-07)Request with response_type=code id_token token - OK
+ (oic-code+idtoken+token-token)Flow with response_type='code token idtoken' - OK
+ (oic-code+idtoken+token-token-userinfo)Flow with response_type='code idtoken token'
    grab a second token using the code and then do a Userinfo
    request - OK
+ (oic-code+idtoken+token-userinfo)Flow with response_type='code idtoken token' and Userinfo
    request - OK
+ (mj-12)UserInfo Endpoint Access with POST and bearer_header - OK
X (mj-64)Can Provide Encrypted UserInfo Response - CRITICAL (Userinfo alg algorithm not supported)
+ (mj-13)UserInfo Endpoint Access with POST and bearer_body - OK
+ (mj-14)Scope Requesting profile Claims - OK
+ (mj-15)Scope Requesting email Claims - OK
+ (mj-16)Scope Requesting address Claims - OK
+ (mj-17)Scope Requesting phone Claims - OK
+ (mj-18)Scope Requesting all Claims - OK
X (mj-19)OpenID Request Object with Required name Claim - CRITICAL (OP error)
X (mj-20)OpenID Request Object with Optional email and picture Claim - CRITICAL (OP error)
X (mj-21)OpenID Request Object with Required name and Optional email and picture Claim - CRITICAL (OP error)
X (mj-22)Requesting ID Token with auth_time essential Claim - CRITICAL (OP error)
X (mj-23)Requesting ID Token with Required specific acr Claim - CRITICAL (OP error)
X (mj-24)Requesting ID Token with Optional acr Claim - CRITICAL (OP error)
X (mj-25)Requesting ID Token with max_age=1 seconds Restriction - CRITICAL (OP error)
+ (mj-26)Request with display=page - OK
+ (mj-27)Request with display=popup - OK
X (mj-28)Request with prompt=none - CRITICAL ([u'Traceback (most recent call last):\n', u'  File "/Library/Python/2.7/site-packages/oictest-0.1.1-py2.7.egg/oictest/base.py", line 191, in run_sequence\n    stat = chk(environ, test_output)\n', u'  File "/Library/Python/2.7/site-packages/oictest-0.1.1-py2.7.egg/oictest/check.py", line 50, in __call__\n    _stat =  self.response(**self._func(environ))\n', u'TypeError: response() argument after ** must be a mapping, not NoneType\n'])
+ (mj-29)Request with prompt=login - OK
+ (mj-30)Access token request with client_secret_basic authentication - OK
+ (mj-31)Request with response_type=code and extra query component - OK
X (mj-32)Request with redirect_uri with query component - CRITICAL (OP error)
+ (mj-33)Registration where a redirect_uri has a query component - OK
X (mj-34)Registration where a redirect_uri has a fragment - CRITICAL (Expected error message)
X (mj-35)Authorization request missing the 'response_type' parameter - CRITICAL (Expected redirect)
X (mj-36)The sent redirect_uri does not match the registered - CRITICAL (Expected error message)
X (mj-37)Access token request with client_secret_jwt authentication - CRITICAL (Auth type not supported)
X (mj-38)Access token request with public_key_jwt authentication - CRITICAL (Auth type not supported)
+ (mj-41)Registration and later registration update - OK
X (mj-42)Registration and later secret rotate - CRITICAL (OP error)
{u'status': 3, u'id': u'policy_url_on_page', u'name': u''}
{u'status': 3, u'id': u'logo_url_on_page', u'name': u''}
! (mj-45)Registration with policy_url and logo_url - ERROR
+ (mj-46)Registration of wish for public user_id - OK
+ (mj-47)Registration of sector-identifier-uri - OK
X (mj-48)Incorrect registration of sector-identifier-uri - CRITICAL (Expected error message)
+ (mj-49)Registration of wish for pairwise user_id - OK
+ (mj-50)Verify change in user_id - OK
X (mj-52)Requesting ID Token with Email claims - CRITICAL (OP error)
X (mj-53)using prompt=none with user hint through IdToken - CRITICAL (Not an response I expected)
X (mj-54)using prompt=none with user hint through user_id in request - CRITICAL (Not an response I expected)
X (mj-55)Rejects redirect_uri when Query Parameter Does Not Match - CRITICAL (Expected error message)
X (mj-58)Requesting ID Token with Required acr Claim - CRITICAL (OP error)
X (mj-60)RP wants signed UserInfo returned - CRITICAL (Signed UserInfo not supported)
X (mj-61)RP wants symmetric IdToken signature - CRITICAL (Signed Id Token algorithm not supported)
X (mj-68)User hint through user_id in request - CRITICAL (OP error)
+ (mj-69)Registration of sector-identifier-uri - OK
+ (oic-code-token)Simple authorization grant flow - OK
+ (mj-39)Trying to use access code twice should result in an error - OK
X (mj-40)Trying to use access code twice should result in revoking previous issued tokens - CRITICAL (Expected error message)
+ (mj-43)No redirect_uri in request, one registered - OK
X (mj-44)No redirect_uri in request, multi registered - CRITICAL (OP error)
+ (oic-code-token-userinfo_bb)Authorization grant flow response_type='code token',
    UserInfo request using POST and bearer body authentication - OK
X (mj-57)Support Request File - CRITICAL (OP error)
	nov@tov:op_config (master)$ oic_flow_tests.py nov_local
	+ (oic-verify)Special flow used to find necessary user interactions - OK
	+ (oic-discovery)Provider configuration discovery - OK
	+ (mj-00)Client registration Request - OK
	+ (mj-01)Request with response_type=code - OK
	+ (mj-02)Request with response_type=token - OK
	X (mj-51)Login no nonce - CRITICAL ([u"Didn't get a response of the type I expected:", u" 'ErrorResponse' instead of 'AuthorizationErrorResponse', content:'state=STATE0&error_description=nonce+required&error=invalid_request'"])
	+ (oic-token-userinfo)Implicit flow and Userinfo request - OK
	+ (oic-token-userinfo_bb)Implicit flow, UserInfo request using POST and bearer body
	authentication - OK
	+ (mj-03)Request with response_type=id_token - OK
	+ (mj-04)Request with response_type=code token - OK
	+ (oic-code+token-token)Flow with response_type='code token' - OK
	+ (oic-code+token-userinfo)Flow with response_type='code token' and Userinfo request - OK
	+ (mj-05)Request with response_type=code id_token - OK
	+ (oic-code+idtoken-token)Flow with response_type='code idtoken' - OK
	+ (oic-code+idtoken-token-userinfo)Flow with response_type='code idtoken' and Userinfo request - OK
	+ (mj-06)Request with response_type=id_token token - OK
	+ (oic-idtoken+token-userinfo)Flow with response_type='token idtoken' and Userinfo request - OK
	+ (mj-07)Request with response_type=code id_token token - OK
	+ (oic-code+idtoken+token-token)Flow with response_type='code token idtoken' - OK
	+ (oic-code+idtoken+token-token-userinfo)Flow with response_type='code idtoken token'
	grab a second token using the code and then do a Userinfo
	request - OK
	+ (oic-code+idtoken+token-userinfo)Flow with response_type='code idtoken token' and Userinfo
	request - OK
	+ (mj-12)UserInfo Endpoint Access with POST and bearer_header - OK
	X (mj-64)Can Provide Encrypted UserInfo Response - CRITICAL (Userinfo alg algorithm not supported)
	+ (mj-13)UserInfo Endpoint Access with POST and bearer_body - OK
	+ (mj-14)Scope Requesting profile Claims - OK
	+ (mj-15)Scope Requesting email Claims - OK
	+ (mj-16)Scope Requesting address Claims - OK
	+ (mj-17)Scope Requesting phone Claims - OK
	+ (mj-18)Scope Requesting all Claims - OK
	X (mj-19)OpenID Request Object with Required name Claim - CRITICAL (OP error)
	X (mj-20)OpenID Request Object with Optional email and picture Claim - CRITICAL (OP error)
	X (mj-21)OpenID Request Object with Required name and Optional email and picture Claim - CRITICAL (OP error)
	X (mj-22)Requesting ID Token with auth_time essential Claim - CRITICAL (OP error)
	X (mj-23)Requesting ID Token with Required specific acr Claim - CRITICAL (OP error)
	X (mj-24)Requesting ID Token with Optional acr Claim - CRITICAL (OP error)
	X (mj-25)Requesting ID Token with max_age=1 seconds Restriction - CRITICAL (OP error)
	+ (mj-26)Request with display=page - OK
	+ (mj-27)Request with display=popup - OK
	X (mj-28)Request with prompt=none - CRITICAL ([u'Traceback (most recent call last):\n', u' File "/Library/Python/2.7/site-packages/oictest-0.1.1-py2.7.egg/oictest/base.py", line 191, in run_sequence\n stat = chk(environ, test_output)\n', u' File "/Library/Python/2.7/site-packages/oictest-0.1.1-py2.7.egg/oictest/check.py", line 50, in __call__\n _stat = self.response(self._func(environ))\n', u'TypeError: response() argument after must be a mapping, not NoneType\n'])
	+ (mj-29)Request with prompt=login - OK
	+ (mj-30)Access token request with client_secret_basic authentication - OK
	+ (mj-31)Request with response_type=code and extra query component - OK
	X (mj-32)Request with redirect_uri with query component - CRITICAL (OP error)
	+ (mj-33)Registration where a redirect_uri has a query component - OK
	X (mj-34)Registration where a redirect_uri has a fragment - CRITICAL (Expected error message)
	X (mj-35)Authorization request missing the 'response_type' parameter - CRITICAL (Expected redirect)
	X (mj-36)The sent redirect_uri does not match the registered - CRITICAL (Expected error message)
	X (mj-37)Access token request with client_secret_jwt authentication - CRITICAL (Auth type not supported)
	X (mj-38)Access token request with public_key_jwt authentication - CRITICAL (Auth type not supported)
	+ (mj-41)Registration and later registration update - OK
	X (mj-42)Registration and later secret rotate - CRITICAL (OP error)
	{u'status': 3, u'id': u'policy_url_on_page', u'name': u''}
	{u'status': 3, u'id': u'logo_url_on_page', u'name': u''}
	! (mj-45)Registration with policy_url and logo_url - ERROR
	+ (mj-46)Registration of wish for public user_id - OK
	+ (mj-47)Registration of sector-identifier-uri - OK
	X (mj-48)Incorrect registration of sector-identifier-uri - CRITICAL (Expected error message)
	+ (mj-49)Registration of wish for pairwise user_id - OK
	+ (mj-50)Verify change in user_id - OK
	X (mj-52)Requesting ID Token with Email claims - CRITICAL (OP error)
	X (mj-53)using prompt=none with user hint through IdToken - CRITICAL (Not an response I expected)
	X (mj-54)using prompt=none with user hint through user_id in request - CRITICAL (Not an response I expected)
	X (mj-55)Rejects redirect_uri when Query Parameter Does Not Match - CRITICAL (Expected error message)
	X (mj-58)Requesting ID Token with Required acr Claim - CRITICAL (OP error)
	X (mj-60)RP wants signed UserInfo returned - CRITICAL (Signed UserInfo not supported)
	X (mj-61)RP wants symmetric IdToken signature - CRITICAL (Signed Id Token algorithm not supported)
	X (mj-68)User hint through user_id in request - CRITICAL (OP error)
	+ (mj-69)Registration of sector-identifier-uri - OK
	+ (oic-code-token)Simple authorization grant flow - OK
	+ (mj-39)Trying to use access code twice should result in an error - OK
	X (mj-40)Trying to use access code twice should result in revoking previous issued tokens - CRITICAL (Expected error message)
	+ (mj-43)No redirect_uri in request, one registered - OK
	X (mj-44)No redirect_uri in request, multi registered - CRITICAL (OP error)
	+ (oic-code-token-userinfo_bb)Authorization grant flow response_type='code token',
	UserInfo request using POST and bearer body authentication - OK
	X (mj-57)Support Request File - CRITICAL (OP error)