diff --git a/oidc_provider/lib/utils/token.py b/oidc_provider/lib/utils/token.py
index 50a92ae..7c06c00 100644
--- a/oidc_provider/lib/utils/token.py
+++ b/oidc_provider/lib/utils/token.py
@@ -18,7 +18,7 @@ from oidc_provider.models import (
 from oidc_provider import settings
 
 
-def create_id_token(user, aud, nonce, at_hash=None, request=None, scope=[]):
+def create_id_token(user, aud, nonce='', at_hash='', request=None, scope=[]):
     """
     Creates the id_token dictionary.
     See: http://openid.net/specs/openid-connect-core-1_0.html#IDToken
diff --git a/oidc_provider/tests/app/utils.py b/oidc_provider/tests/app/utils.py
index 68ad7ba..1f2ccc5 100644
--- a/oidc_provider/tests/app/utils.py
+++ b/oidc_provider/tests/app/utils.py
@@ -1,7 +1,5 @@
 import random
 import string
-
-
 try:
     from urlparse import parse_qs, urlsplit
 except ImportError:
diff --git a/oidc_provider/tests/test_end_session_endpoint.py b/oidc_provider/tests/test_end_session_endpoint.py
index af3ebe6..46d9cc0 100644
--- a/oidc_provider/tests/test_end_session_endpoint.py
+++ b/oidc_provider/tests/test_end_session_endpoint.py
@@ -1,29 +1,46 @@
+from django.core.management import call_command
 from django.core.urlresolvers import reverse
 from django.test import TestCase
 
-from oidc_provider.tests.app.utils import create_fake_user
+from oidc_provider.lib.utils.token import (
+    create_id_token,
+    encode_id_token,
+)
+from oidc_provider import settings
+from oidc_provider.tests.app.utils import (
+    create_fake_client,
+    create_fake_user,
+)
 
 
 class EndSessionTestCase(TestCase):
+    """
+    See: http://openid.net/specs/openid-connect-session-1_0.html#RPLogout
+    """
 
     def setUp(self):
+        call_command('creatersakey')
         self.user = create_fake_user()
+
+        self.oidc_client = create_fake_client('id_token')
+        self.LOGOUT_URL = 'http://example.com/logged-out/'
+        self.oidc_client.post_logout_redirect_uris = [self.LOGOUT_URL]
+        self.oidc_client.save()
+
         self.url = reverse('oidc_provider:end-session')
 
-    def test_shows_logged_out_page(self):
-        response = self.client.get(self.url)
-
-        self.assertEqual(response.status_code, 200)
-        self.assertTemplateUsed(response, 'registration/logged_out.html')
-
     def test_redirects(self):
-        response = self.client.get(self.url, data={'post_logout_redirect_uri': 'http://example.com/logged_out.html'})
+        query_params = {
+            'post_logout_redirect_uri': self.LOGOUT_URL,
+        }
+        response = self.client.get(self.url, query_params)
+        # With no id_token the OP MUST NOT redirect to the requested redirect_uri.
+        self.assertRedirects(response, settings.get('LOGIN_URL'), fetch_redirect_response=False)
 
-        self.assertRedirects(response, 'http://example.com/logged_out.html',
-                             fetch_redirect_response=False)
+        id_token_dic = create_id_token(user=self.user, aud=self.oidc_client.client_id)
+        id_token = encode_id_token(id_token_dic, self.oidc_client)
 
-    def test_user_is_logged_out(self):
-        self.assertTrue(self.client.login(username=self.user.username, password='1234'))
-        self.assertGreater(len(self.client.session.keys()), 0)
-        self.client.get(self.url)
-        self.assertEqual(len(self.client.session.keys()), 0)
+        query_params['id_token_hint'] = id_token
+
+        response = self.client.get(self.url, query_params)
+        self.assertRedirects(response, self.LOGOUT_URL, fetch_redirect_response=False)