Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-06-13 20:51:33 INFO
TEST-RUNNER
Test instance EC2gxkNeZUPOugm created
baseUrl
https://www.certification.openid.net/test/a/MSTR_M2021_UP1
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
MSTR_M2021_UP1
description
planId
iEllghTC7G18K
config
{
  "alias": "MSTR_M2021_UP1",
  "client": {
    "client_id": "87654321",
    "client_secret": "12345678",
    "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
  }
}
testName
oidcc-client-test-kid-absent-multiple-jwks
2021-06-13 20:51:34 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-06-13 20:51:34
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-06-13 20:51:35
OIDCCGenerateServerJWKsMultipleSigningsKeyWithNoKeyIds
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "31caz2oepYHSOtD_T8yliLTAeF_rxAklfLrCHVU5_1r9sGFCHV5vuH6E3Bju_TiYJE_uTGUYjK9-Ms4dGu2PGpQgdwQpRpF9-wVA_2VVM-vaMgEcxFA9H09JewDJ1I3-K2LOtDI_iAsLwmYVxSZRCT59bYtbHPyM6MupHHc-lFc",
      "kty": "RSA",
      "q": "ufyvhVM3eIjDRGYQkA7nMmiBn8NCtYCHZ4wPyhvtbGtWljOWPKOoEeOv4W7usVKj4VJS2mCAHtNazWT47tOj_ruqxg4JgTJHB9PaZXqtBtJ8Z42fYYOI0JTcxQvJDT7k2IyhB90AIyoBg2E1M99XKaWzGHliLJspdpwRSpzD8Y0",
      "d": "It6p63vPbyJq5VYxDOnCJ6lLoPRxNSbYv_ePVhf9oqYgpoqhSBsoM6lFPj14Q5xfVf-Xw055gnir0GDb3m7KE_7pGaEzb1DdylvsXTFxgjXUuF8M7TR4JhyeubFn5RowG3RaWvYPZzw-ChTwVNy4ui7bN-TwzCGWtVT2BuagooV6CnxrThv9dlwx9s7deoeD1GgaDsislK8G1tLF_mR5TBXN_XmOQtf7zxfNB9DINLtAYHuGqsPVs8uC_YU05ZS1dDpHFpM6ch0EXZgBb4A8VQI7VeppnJG4oB3x6A11M4ktiTnT82uZHSRw_WrR1kbEJvrevnwW6SXWRZe9reQMIQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "mVieeSSZrbGbsWGwmZGgRiQgkW-UQryeODx9SgMYGS40EfRTJ9aIBXqrAuO2IEdu2ceE1mx6WdUqQzkHGdIighSrkUG-XVVYDWVnJrlZsLjcaQ2Ni7OvPqDIF2Y-XcDQER2PdZN3hjL-UKwOo1rdjiCo0vStrwB6l_a8AedIF00",
      "dp": "m0n1WkJvDKU3h63J17JzZppHOWt4gtXZOuCgF8UqjmK2Ae2eCs2e4KkXt_GeOnMfViA9kOC6MRfUp36ovhBvcAuOhzJdgLOo5ODCUNIka_WRwTMEzXr9BMgcT2o8643PLFuHXcOSaQVFJ-XTPUFnFwZcL861i3IOh88TxrcizAE",
      "dq": "AyZqeqGcMOhwFjp8UVRPSiVG_MO734Mbx_8xTUUH0mxG_ShGhSRodlUa54CPfmVd7TUNvjEgOmVuBkiNhs4C2w-mptAaDRwi49kMu-dGAvWRsddOOcKWkKHU02mNsDG-goRvPcjadb4CZI1C72v69_Ocgu-bYBIIs7-U82SQVQk",
      "n": "okJlPyQK9aL48WfeUhBqLW6AS529bgGPuCvm8j8IHlB5Ns7GP3sZD_MTHOnxVTlGDz-5F06JuTkwXnVHv6FYY6BD6vT3yyXT2l5-0hUPssYIi_TBCmwjrFQjA5Ckb2ylSsAyTO5gEalIv7VyZnZ3zPPPjf-4xFnqwAMdXvd8IY_3_Zri2rJybHoqRpBHkAaOsGpF7B6c-HkdrQCGG-n6b22wI2ofocwmtEjh4Ic76b5CfAJRRi_ogVfHbzfRYpCVAK8pT3Wdw8KC7o_s09MKMrcpFUYi5oT1heVJiYt9Hqb6rCvZF5oNhSFOPwmF8ovQjRG6LH0c5oo6rZAlmWKa6w"
    },
    {
      "kty": "EC",
      "d": "nDQJB9JxoJb7bnRcF7Wn06C-hH2kne4t11N1kemOaYc",
      "use": "sig",
      "crv": "P-256",
      "x": "BF4lAdTowK_9jvgqMuSmnYBcIA77YB-NYvWs-pCarjA",
      "y": "TxkEl0R7ICmhxxBXrtPUglJyW6PKrj3Zfv9gAjexeG8"
    },
    {
      "kty": "EC",
      "d": "Jo4buyrGzipjR0kjJS1ZgL66dPCyVbmQe_wQeNuriY0",
      "use": "sig",
      "crv": "secp256k1",
      "x": "g3_f-Wb0QwrQ_OYJVNKSAJbWKk3ArruO0ND0f5dUkdI",
      "y": "MxdHXMxNt7BsXOA2s-6zDlu7nIqFLpwT7ij5nOUYey0"
    },
    {
      "kty": "OKP",
      "d": "ZMR9oB_wC8gRQ8xiKB9wUA7u2sDOlqjSDLubHgdg3Lg",
      "use": "sig",
      "crv": "Ed25519",
      "x": "KpzFqxqu5j0xZ3qbTpIf6Qr_9_bKU7A6rLeY_RSoWPM"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "4PxxDxraopLG_PODHSmHxUcWbsA1Jcx3K2CRJ5gZFSoI42gbklV-BykNjBsvwFrrl1aNY3Joc2OForn6x4qR3QAnI3HuihtNwzPpT5mKwADaHGeACGEJveFlIt7CtxXtVs0PpI8dEQ8pponflizkyHcfEqS62vbYu3GsN77Xju8",
      "kty": "RSA",
      "q": "m1Vf3mpQmXbS6U0lrK_pgK3WnKLuqpz0edyZn_05PTJcpenSCr_3mMMcr-_75cV6G4JZnj2nslA7ZgSB2W70ijg3zViKcjbrXEEux0xMJ13K1A0q44k13_aRSn9AI2Z4SQHtjJhfvV7eZGDeI9Ml5lifFMWSsXjo3IlnT4XOT78",
      "d": "excN2AW0FuMaNQH1ThmQt8Ahz3T_K5EydJxsT6u43Vl5YpPY3vk06VbbY7gt23o3oR77aul0_70oxBYdClr5Q1z71X-v8EfdW-8ewfVaeMmOQpjnbHjbxYfLdNtZp6FJgdOSUWdePvnfIaLC7a7JyfMHvxYP6eVzmfaukE8aeHctjCchCP1tUXs3DoiYGaFLsY4GgDZ-zCxGtJLfKpu9TK1RuHkR9jYSnDKfdMn9r8aTaUR_N9KT0HdiyX-rmCHsYtqDH1x-qQTs_rI-Vwz899e_2jcpx9hSeedSRrQusl0uuQUmYb1bevL8pWseRVfzCxObrecTY0dp1WdkS_HX0Q",
      "e": "AQAB",
      "use": "enc",
      "qi": "HmpRFlqoRV0Y2N40rWN4m5TRLpMiLpZzr488bQ0tSSeH0kwy4TS0n4CniYLqd5RJaoh6vjPz9SKvkQgnYgA5w2ROMx1YwzvUsKduuXs1ab5CJAkCLj-OoMl5ZIAashtr3Gx8eoTXOo6WxUvuk8LTV2j5d18vBpIb11aSP8WhLCQ",
      "dp": "35T_Jeuh6n3Ckg3M9mYXLs1-VYFdT7rpkonctmRISOgE_TiwbbPYEnWRqPI7egTgqvywdWt0sXbtjtETjsj-O4mzW14Vl9maZapo6VnEsRonpqKUcb89Vx1uzEBjcF6yBdiy-u3eDN3snjvVnf_vO-hlULmzl3ZH278TTjKxNLE",
      "alg": "RSA-OAEP",
      "dq": "dhOt7opuflne9c3ZJ64JF_INQ8BvIG5zQPc6KG37RtOzrcNSES3f7tXSRsNsfjthGOw7Z5iCk399x40Bj-FSLoeRk50MkMnCm7xI7OLIuNwJRKxFv_UbaQYrZ6_Xd5F7OjQm-UsS7AbjkvY3po_pLXKMauPNIO9CQ_KG_-I89E0",
      "n": "iIPghtWUTaooRdqCoCYeVM-2CdZwd5IyCVFuu239KabJCG1cQQbuWlWo82H3mA-_hCldz0HvpY1sZdHgFQmQXCXGBzlda4Zo_rhArRlWNAnxUrUPq9oevAi88J_EH8tBdvwnUtJ5tgpsfoJeKs9SH_mzGnyFbrP3nDriy-HBebbBN2joUnDEovbfEZM-ItGycrTmKDnVudt2zRct85p6mbe4cfJfTZr0aSnrzuglbrC_If7NIWtUlw3MSY_eXsRfppzUqCjiAVAKWWHCVpz0u-B_V1NXWZiKkPBupBmT5iMwnlQyqDSekZVtbv6Ne_P70SP9lv0hdUL55IT0F0FlUQ"
    },
    {
      "kty": "EC",
      "d": "HWSrzcvLu8ffacVoJPxr0HmP5lFgCJxjhRDIclf0LP8",
      "use": "enc",
      "crv": "P-256",
      "x": "thW_qXCoRI6vCAEGp_K0txCWeKFMrh0ZTmspl97K76o",
      "y": "BMaOy165Xn1PPQJgG58y6_AuhQ6mhf_2dLlhH9AB1oY",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "okJlPyQK9aL48WfeUhBqLW6AS529bgGPuCvm8j8IHlB5Ns7GP3sZD_MTHOnxVTlGDz-5F06JuTkwXnVHv6FYY6BD6vT3yyXT2l5-0hUPssYIi_TBCmwjrFQjA5Ckb2ylSsAyTO5gEalIv7VyZnZ3zPPPjf-4xFnqwAMdXvd8IY_3_Zri2rJybHoqRpBHkAaOsGpF7B6c-HkdrQCGG-n6b22wI2ofocwmtEjh4Ic76b5CfAJRRi_ogVfHbzfRYpCVAK8pT3Wdw8KC7o_s09MKMrcpFUYi5oT1heVJiYt9Hqb6rCvZF5oNhSFOPwmF8ovQjRG6LH0c5oo6rZAlmWKa6w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "5Db2Yj4DHPkWAEMDxrcK7wFTtnZNBhj5NaZZoNULGt_PHa3hgAIP4wkMIwfdB1WYEaq_XaFDM_WOAAuBJzD7bgd_M7KHqtgNo5PpTy7r41AMuLaTOqftn2nENGJZW1SYqCDgPVuPynC3dkZrWXjfqGf8LHuWbVKRJ2LqjWIIBptVje6YCPIQ9G_XcOfgistVmE1y7_qNzTj6wHfxpnPDi2rXtEMPoOdilqiSKkGDWtcTZ6ZrnASiljRrS5k7PyPGD3z3J1CU4V8tHbAVQsx1E3StL400ItC1vYkL2HkERM7ld6ETZRThsHcanPtuuLdFce2TVucnaXbCYuUpa00kpQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "kOZIJ1kTpye8R8jOJo_CezYcla_Kwo7hbO619xJYtDVGST7RFtAPG-88v9Ei_3R_FRC5GjxuKzPiyBoKVfJnJMKbJbYQVY0BvpBqEB8GBR5Aeh9CwX4abslI-bjsv324O-isc8JU0dHsbJzBLDrkztidi2opHF9UK55tDinyBzFKTiCz-1bxi-MZJrYp0ViBkMupJinGEqZoFFrnM_RdtFiU6TxVTYicQZ_iOOQ3Awe5-lUlslKgDhC1Vjev1alcQN7jCM9h_yUu6n7HuM3jBIe71Daz4Do5ktBUD7SN3_iw3bUO__fOxishUp5NiBOT8a9rRwYc4rRdSnR7WR4GjQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "xDnv2lW25wk6l368raY_JePwOilhgQdoi3OzM3zxLHs",
      "y": "H3GR69l-u-cldlUM-RG77d3LkFRGt66aPBi0wK9Pn5M"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "BF4lAdTowK_9jvgqMuSmnYBcIA77YB-NYvWs-pCarjA",
      "y": "TxkEl0R7ICmhxxBXrtPUglJyW6PKrj3Zfv9gAjexeG8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "dBpiSsx92s2GotnYmZtnShC1NF3rjJqbFVPnyW5aAfk",
      "y": "LMGXkYKNb02p7fYKuJsnYQgfT-KjjfOQSDu-hfPKfR4"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "0Kze0axrE9yJP-SvEHanKDvd3pL8E2oOnS6xN9Xx0iU",
      "y": "WjGbzupMQXx8AbHDLV4p20ALoL9N5luvmXNJo5ghMFY"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "g3_f-Wb0QwrQ_OYJVNKSAJbWKk3ArruO0ND0f5dUkdI",
      "y": "MxdHXMxNt7BsXOA2s-6zDlu7nIqFLpwT7ij5nOUYey0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "XnhCvAs3WR0958HIC4XGuT3uFwZclyL3lI4MrWJxxYc",
      "y": "8A97RpjVdb0PcwFRFBBtl8M4BnT7-6-T90dgJp164zo"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "GD1hXQ42Dm8VmxoHo4UBcwh-gNXXEOSbyEil3fnu_Xo"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "KpzFqxqu5j0xZ3qbTpIf6Qr_9_bKU7A6rLeY_RSoWPM"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "_rvStc_abvqc9cs4GDrsy-f59fSbbe9L_uqb5_T2NmE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "iIPghtWUTaooRdqCoCYeVM-2CdZwd5IyCVFuu239KabJCG1cQQbuWlWo82H3mA-_hCldz0HvpY1sZdHgFQmQXCXGBzlda4Zo_rhArRlWNAnxUrUPq9oevAi88J_EH8tBdvwnUtJ5tgpsfoJeKs9SH_mzGnyFbrP3nDriy-HBebbBN2joUnDEovbfEZM-ItGycrTmKDnVudt2zRct85p6mbe4cfJfTZr0aSnrzuglbrC_If7NIWtUlw3MSY_eXsRfppzUqCjiAVAKWWHCVpz0u-B_V1NXWZiKkPBupBmT5iMwnlQyqDSekZVtbv6Ne_P70SP9lv0hdUL55IT0F0FlUQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "x": "thW_qXCoRI6vCAEGp_K0txCWeKFMrh0ZTmspl97K76o",
      "y": "BMaOy165Xn1PPQJgG58y6_AuhQ6mhf_2dLlhH9AB1oY",
      "alg": "ECDH-ES"
    }
  ]
}
2021-06-13 20:51:35 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-06-13 20:51:35 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": 1580000000
}
2021-06-13 20:51:35 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
87654321
client_secret
12345678
redirect_uris
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 20:51:35 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "87654321",
  "client_secret": "12345678",
  "redirect_uris": [
    "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
  ]
}
2021-06-13 20:51:35 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2021-06-13 20:51:35 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2021-06-13 20:51:35 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 20:51:35 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2021-06-13 20:51:35 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2021-06-13 20:51:35 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2021-06-13 20:51:35 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2021-06-13 20:51:35 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2021-06-13 20:51:35 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2021-06-13 20:51:35 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2021-06-13 20:51:35 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 20:51:35 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2021-06-13 20:51:35 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2021-06-13 20:51:35 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2021-06-13 20:51:35 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2021-06-13 20:51:35 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2021-06-13 20:51:35 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2021-06-13 20:51:35 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2021-06-13 20:51:35 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2021-06-13 20:51:35 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2021-06-13 20:51:35
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2021-06-13 20:51:35
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2021-06-13 20:51:35
oidcc-client-test-kid-absent-multiple-jwks
Setup Done
2021-06-13 20:53:37 INCOMING
oidcc-client-test-kid-absent-multiple-jwks
Incoming HTTP request to test instance EC2gxkNeZUPOugm
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/xml, text/xml, application/json, application/*+xml, application/*+json",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2021-06-13 20:53:37 OUTGOING
oidcc-client-test-kid-absent-multiple-jwks
Response to HTTP request to test instance EC2gxkNeZUPOugm
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-06-13 20:54:11 INCOMING
oidcc-client-test-kid-absent-multiple-jwks
Incoming HTTP request to test instance EC2gxkNeZUPOugm
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"90\", \"Google Chrome\";v\u003d\"90\"",
  "sec-ch-ua-mobile": "?0",
  "referer": "https://env-239211.customer.cloud.microstrategy.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-GB,en-GB-oxendict;q\u003d0.9,en;q\u003d0.8,tr;q\u003d0.7,eu;q\u003d0.6",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1623336640.30.8.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utma\u003d201319536.763838286.1615572732.1623353581.1623411213.32; JSESSIONID\u003d32A224047A3267CDD9D4EE876688B2EF",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "response_type": "code",
  "client_id": "87654321",
  "scope": "openid profile email offline_access",
  "state": "dcKUCOJSTXHcakA1UdaeuyBZDyhQNw_f6_7M1rcMaEc\u003d",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "nonce": "zJ0W-hEh2EfvczFoxMGIjIBkwm-KAepoVIRPo9v5gw0"
}
incoming_body
Authorization endpoint
2021-06-13 20:54:11 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2021-06-13 20:54:11 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile",
  "email",
  "offline_access"
]
expected
openid
2021-06-13 20:54:11 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "response_type": "code",
  "client_id": "87654321",
  "scope": "openid profile email offline_access",
  "state": "dcKUCOJSTXHcakA1UdaeuyBZDyhQNw_f6_7M1rcMaEc\u003d",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "nonce": "zJ0W-hEh2EfvczFoxMGIjIBkwm-KAepoVIRPo9v5gw0"
}
2021-06-13 20:54:11 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile email offline_access
2021-06-13 20:54:11 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
zJ0W-hEh2EfvczFoxMGIjIBkwm-KAepoVIRPo9v5gw0
2021-06-13 20:54:11 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2021-06-13 20:54:11 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
87654321
2021-06-13 20:54:11 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login
expected
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 20:54:11 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile",
  "email",
  "offline_access"
]
expected
openid
2021-06-13 20:54:11 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2021-06-13 20:54:11 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
sumNdLqVcU
2021-06-13 20:54:11 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
vT8dxsI2FMRZW2kG6MeXrQ
2021-06-13 20:54:11 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "state": "dcKUCOJSTXHcakA1UdaeuyBZDyhQNw_f6_7M1rcMaEc\u003d"
}
2021-06-13 20:54:11 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "state": "dcKUCOJSTXHcakA1UdaeuyBZDyhQNw_f6_7M1rcMaEc\u003d",
  "code": "sumNdLqVcU"
}
2021-06-13 20:54:11
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login?state=dcKUCOJSTXHcakA1UdaeuyBZDyhQNw_f6_7M1rcMaEc%3D&code=sumNdLqVcU
2021-06-13 20:54:11 OUTGOING
oidcc-client-test-kid-absent-multiple-jwks
Response to HTTP request to test instance EC2gxkNeZUPOugm
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login?state=dcKUCOJSTXHcakA1UdaeuyBZDyhQNw_f6_7M1rcMaEc%3D&code=sumNdLqVcU]
outgoing_path
authorize
2021-06-13 20:54:12 INCOMING
oidcc-client-test-kid-absent-multiple-jwks
Incoming HTTP request to test instance EC2gxkNeZUPOugm
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "authorization": "Basic ODc2NTQzMjE6MTIzNDU2Nzg\u003d",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "161",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "sumNdLqVcU",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=sumNdLqVcU&redirect_uri=https%3A%2F%2Fenv-239211.customer.cloud.microstrategy.com%2FMicroStrategyLibrary%2Fauth%2Foidc%2Flogin
Token endpoint
2021-06-13 20:54:12 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
87654321
client_secret
12345678
method
client_secret_basic
2021-06-13 20:54:12 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2021-06-13 20:54:12 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
sumNdLqVcU
2021-06-13 20:54:12 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login
2021-06-13 20:54:12 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
a9nBKpKc37TGPaoRzNOwhUQwxn5q3eGQcVZtAZ5zlrWncvIinb
2021-06-13 20:54:12 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
WVTtL4fPLD0l-zrHgOJKNg
2021-06-13 20:54:12 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/MSTR_M2021_UP1/
sub
user-subject-1234531
aud
87654321
nonce
zJ0W-hEh2EfvczFoxMGIjIBkwm-KAepoVIRPo9v5gw0
iat
1623617652
exp
1623617952
2021-06-13 20:54:12 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
WVTtL4fPLD0l-zrHgOJKNg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "sub": "user-subject-1234531",
  "aud": "87654321",
  "nonce": "zJ0W-hEh2EfvczFoxMGIjIBkwm-KAepoVIRPo9v5gw0",
  "iat": 1623617652,
  "exp": 1623617952,
  "at_hash": "WVTtL4fPLD0l-zrHgOJKNg"
}
2021-06-13 20:54:12 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiV1ZUdEw0ZlBMRDBsLXpySGdPSktOZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYxNzk1Miwibm9uY2UiOiJ6SjBXLWhFaDJFZnZjekZveE1HSWpJQmt3bS1LQWVwb1ZJUlBvOXY1Z3cwIiwiaWF0IjoxNjIzNjE3NjUyfQ.HkZQygfHuAsDJmWTvsjAD87dPEsVgoG63I-5qpe4MwGRpBdM4Jp9mIBPZGYc6nJsHJi9wvKTayvQWv233jAoAhOmo4fEmzadntqQbcSAWfIY2YwgFLn4sFDAVYQc8kkZwYG8FNFWNvIW9u3ejgNcEq4kQPbYDBl1Dd-kAjp2P8qkFjPSnyODAOS11ZVURmmEwvmTk0SHz69FSYn_2qIATBWf3KjVAAJGLmM3v77pczmljErla4pgYXz0rUiO7qeg0S-Lm0jvFJJ-BmWAOuWDHKF-Hfnt6vvpkgqb3L2-2OXQA0fIe5yUByvC2yYdOOh8NnukXo7qc0Uodd4-Skz5VQ
key
{"p":"31caz2oepYHSOtD_T8yliLTAeF_rxAklfLrCHVU5_1r9sGFCHV5vuH6E3Bju_TiYJE_uTGUYjK9-Ms4dGu2PGpQgdwQpRpF9-wVA_2VVM-vaMgEcxFA9H09JewDJ1I3-K2LOtDI_iAsLwmYVxSZRCT59bYtbHPyM6MupHHc-lFc","kty":"RSA","q":"ufyvhVM3eIjDRGYQkA7nMmiBn8NCtYCHZ4wPyhvtbGtWljOWPKOoEeOv4W7usVKj4VJS2mCAHtNazWT47tOj_ruqxg4JgTJHB9PaZXqtBtJ8Z42fYYOI0JTcxQvJDT7k2IyhB90AIyoBg2E1M99XKaWzGHliLJspdpwRSpzD8Y0","d":"It6p63vPbyJq5VYxDOnCJ6lLoPRxNSbYv_ePVhf9oqYgpoqhSBsoM6lFPj14Q5xfVf-Xw055gnir0GDb3m7KE_7pGaEzb1DdylvsXTFxgjXUuF8M7TR4JhyeubFn5RowG3RaWvYPZzw-ChTwVNy4ui7bN-TwzCGWtVT2BuagooV6CnxrThv9dlwx9s7deoeD1GgaDsislK8G1tLF_mR5TBXN_XmOQtf7zxfNB9DINLtAYHuGqsPVs8uC_YU05ZS1dDpHFpM6ch0EXZgBb4A8VQI7VeppnJG4oB3x6A11M4ktiTnT82uZHSRw_WrR1kbEJvrevnwW6SXWRZe9reQMIQ","e":"AQAB","use":"sig","qi":"mVieeSSZrbGbsWGwmZGgRiQgkW-UQryeODx9SgMYGS40EfRTJ9aIBXqrAuO2IEdu2ceE1mx6WdUqQzkHGdIighSrkUG-XVVYDWVnJrlZsLjcaQ2Ni7OvPqDIF2Y-XcDQER2PdZN3hjL-UKwOo1rdjiCo0vStrwB6l_a8AedIF00","dp":"m0n1WkJvDKU3h63J17JzZppHOWt4gtXZOuCgF8UqjmK2Ae2eCs2e4KkXt_GeOnMfViA9kOC6MRfUp36ovhBvcAuOhzJdgLOo5ODCUNIka_WRwTMEzXr9BMgcT2o8643PLFuHXcOSaQVFJ-XTPUFnFwZcL861i3IOh88TxrcizAE","dq":"AyZqeqGcMOhwFjp8UVRPSiVG_MO734Mbx_8xTUUH0mxG_ShGhSRodlUa54CPfmVd7TUNvjEgOmVuBkiNhs4C2w-mptAaDRwi49kMu-dGAvWRsddOOcKWkKHU02mNsDG-goRvPcjadb4CZI1C72v69_Ocgu-bYBIIs7-U82SQVQk","n":"okJlPyQK9aL48WfeUhBqLW6AS529bgGPuCvm8j8IHlB5Ns7GP3sZD_MTHOnxVTlGDz-5F06JuTkwXnVHv6FYY6BD6vT3yyXT2l5-0hUPssYIi_TBCmwjrFQjA5Ckb2ylSsAyTO5gEalIv7VyZnZ3zPPPjf-4xFnqwAMdXvd8IY_3_Zri2rJybHoqRpBHkAaOsGpF7B6c-HkdrQCGG-n6b22wI2ofocwmtEjh4Ic76b5CfAJRRi_ogVfHbzfRYpCVAK8pT3Wdw8KC7o_s09MKMrcpFUYi5oT1heVJiYt9Hqb6rCvZF5oNhSFOPwmF8ovQjRG6LH0c5oo6rZAlmWKa6w"}
algorithm
RS256
2021-06-13 20:54:12 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2021-06-13 20:54:12 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
a9nBKpKc37TGPaoRzNOwhUQwxn5q3eGQcVZtAZ5zlrWncvIinb
token_type
Bearer
id_token
eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiV1ZUdEw0ZlBMRDBsLXpySGdPSktOZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYxNzk1Miwibm9uY2UiOiJ6SjBXLWhFaDJFZnZjekZveE1HSWpJQmt3bS1LQWVwb1ZJUlBvOXY1Z3cwIiwiaWF0IjoxNjIzNjE3NjUyfQ.HkZQygfHuAsDJmWTvsjAD87dPEsVgoG63I-5qpe4MwGRpBdM4Jp9mIBPZGYc6nJsHJi9wvKTayvQWv233jAoAhOmo4fEmzadntqQbcSAWfIY2YwgFLn4sFDAVYQc8kkZwYG8FNFWNvIW9u3ejgNcEq4kQPbYDBl1Dd-kAjp2P8qkFjPSnyODAOS11ZVURmmEwvmTk0SHz69FSYn_2qIATBWf3KjVAAJGLmM3v77pczmljErla4pgYXz0rUiO7qeg0S-Lm0jvFJJ-BmWAOuWDHKF-Hfnt6vvpkgqb3L2-2OXQA0fIe5yUByvC2yYdOOh8NnukXo7qc0Uodd4-Skz5VQ
scope
openid profile email offline_access
2021-06-13 20:54:12 OUTGOING
oidcc-client-test-kid-absent-multiple-jwks
Response to HTTP request to test instance EC2gxkNeZUPOugm
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "a9nBKpKc37TGPaoRzNOwhUQwxn5q3eGQcVZtAZ5zlrWncvIinb",
  "token_type": "Bearer",
  "id_token": "eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiV1ZUdEw0ZlBMRDBsLXpySGdPSktOZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYxNzk1Miwibm9uY2UiOiJ6SjBXLWhFaDJFZnZjekZveE1HSWpJQmt3bS1LQWVwb1ZJUlBvOXY1Z3cwIiwiaWF0IjoxNjIzNjE3NjUyfQ.HkZQygfHuAsDJmWTvsjAD87dPEsVgoG63I-5qpe4MwGRpBdM4Jp9mIBPZGYc6nJsHJi9wvKTayvQWv233jAoAhOmo4fEmzadntqQbcSAWfIY2YwgFLn4sFDAVYQc8kkZwYG8FNFWNvIW9u3ejgNcEq4kQPbYDBl1Dd-kAjp2P8qkFjPSnyODAOS11ZVURmmEwvmTk0SHz69FSYn_2qIATBWf3KjVAAJGLmM3v77pczmljErla4pgYXz0rUiO7qeg0S-Lm0jvFJJ-BmWAOuWDHKF-Hfnt6vvpkgqb3L2-2OXQA0fIe5yUByvC2yYdOOh8NnukXo7qc0Uodd4-Skz5VQ",
  "scope": "openid profile email offline_access"
}
outgoing_path
token
2021-06-13 20:54:12 INCOMING
oidcc-client-test-kid-absent-multiple-jwks
Incoming HTTP request to test instance EC2gxkNeZUPOugm
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/jwk-set+json",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2021-06-13 20:54:12 OUTGOING
oidcc-client-test-kid-absent-multiple-jwks
Response to HTTP request to test instance EC2gxkNeZUPOugm
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "okJlPyQK9aL48WfeUhBqLW6AS529bgGPuCvm8j8IHlB5Ns7GP3sZD_MTHOnxVTlGDz-5F06JuTkwXnVHv6FYY6BD6vT3yyXT2l5-0hUPssYIi_TBCmwjrFQjA5Ckb2ylSsAyTO5gEalIv7VyZnZ3zPPPjf-4xFnqwAMdXvd8IY_3_Zri2rJybHoqRpBHkAaOsGpF7B6c-HkdrQCGG-n6b22wI2ofocwmtEjh4Ic76b5CfAJRRi_ogVfHbzfRYpCVAK8pT3Wdw8KC7o_s09MKMrcpFUYi5oT1heVJiYt9Hqb6rCvZF5oNhSFOPwmF8ovQjRG6LH0c5oo6rZAlmWKa6w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "5Db2Yj4DHPkWAEMDxrcK7wFTtnZNBhj5NaZZoNULGt_PHa3hgAIP4wkMIwfdB1WYEaq_XaFDM_WOAAuBJzD7bgd_M7KHqtgNo5PpTy7r41AMuLaTOqftn2nENGJZW1SYqCDgPVuPynC3dkZrWXjfqGf8LHuWbVKRJ2LqjWIIBptVje6YCPIQ9G_XcOfgistVmE1y7_qNzTj6wHfxpnPDi2rXtEMPoOdilqiSKkGDWtcTZ6ZrnASiljRrS5k7PyPGD3z3J1CU4V8tHbAVQsx1E3StL400ItC1vYkL2HkERM7ld6ETZRThsHcanPtuuLdFce2TVucnaXbCYuUpa00kpQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "kOZIJ1kTpye8R8jOJo_CezYcla_Kwo7hbO619xJYtDVGST7RFtAPG-88v9Ei_3R_FRC5GjxuKzPiyBoKVfJnJMKbJbYQVY0BvpBqEB8GBR5Aeh9CwX4abslI-bjsv324O-isc8JU0dHsbJzBLDrkztidi2opHF9UK55tDinyBzFKTiCz-1bxi-MZJrYp0ViBkMupJinGEqZoFFrnM_RdtFiU6TxVTYicQZ_iOOQ3Awe5-lUlslKgDhC1Vjev1alcQN7jCM9h_yUu6n7HuM3jBIe71Daz4Do5ktBUD7SN3_iw3bUO__fOxishUp5NiBOT8a9rRwYc4rRdSnR7WR4GjQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "xDnv2lW25wk6l368raY_JePwOilhgQdoi3OzM3zxLHs",
      "y": "H3GR69l-u-cldlUM-RG77d3LkFRGt66aPBi0wK9Pn5M"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "BF4lAdTowK_9jvgqMuSmnYBcIA77YB-NYvWs-pCarjA",
      "y": "TxkEl0R7ICmhxxBXrtPUglJyW6PKrj3Zfv9gAjexeG8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "dBpiSsx92s2GotnYmZtnShC1NF3rjJqbFVPnyW5aAfk",
      "y": "LMGXkYKNb02p7fYKuJsnYQgfT-KjjfOQSDu-hfPKfR4"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "0Kze0axrE9yJP-SvEHanKDvd3pL8E2oOnS6xN9Xx0iU",
      "y": "WjGbzupMQXx8AbHDLV4p20ALoL9N5luvmXNJo5ghMFY"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "g3_f-Wb0QwrQ_OYJVNKSAJbWKk3ArruO0ND0f5dUkdI",
      "y": "MxdHXMxNt7BsXOA2s-6zDlu7nIqFLpwT7ij5nOUYey0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "XnhCvAs3WR0958HIC4XGuT3uFwZclyL3lI4MrWJxxYc",
      "y": "8A97RpjVdb0PcwFRFBBtl8M4BnT7-6-T90dgJp164zo"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "GD1hXQ42Dm8VmxoHo4UBcwh-gNXXEOSbyEil3fnu_Xo"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "KpzFqxqu5j0xZ3qbTpIf6Qr_9_bKU7A6rLeY_RSoWPM"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "_rvStc_abvqc9cs4GDrsy-f59fSbbe9L_uqb5_T2NmE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "iIPghtWUTaooRdqCoCYeVM-2CdZwd5IyCVFuu239KabJCG1cQQbuWlWo82H3mA-_hCldz0HvpY1sZdHgFQmQXCXGBzlda4Zo_rhArRlWNAnxUrUPq9oevAi88J_EH8tBdvwnUtJ5tgpsfoJeKs9SH_mzGnyFbrP3nDriy-HBebbBN2joUnDEovbfEZM-ItGycrTmKDnVudt2zRct85p6mbe4cfJfTZr0aSnrzuglbrC_If7NIWtUlw3MSY_eXsRfppzUqCjiAVAKWWHCVpz0u-B_V1NXWZiKkPBupBmT5iMwnlQyqDSekZVtbv6Ne_P70SP9lv0hdUL55IT0F0FlUQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "x": "thW_qXCoRI6vCAEGp_K0txCWeKFMrh0ZTmspl97K76o",
      "y": "BMaOy165Xn1PPQJgG58y6_AuhQ6mhf_2dLlhH9AB1oY",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2021-06-13 20:54:12 INCOMING
oidcc-client-test-kid-absent-multiple-jwks
Incoming HTTP request to test instance EC2gxkNeZUPOugm
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "authorization": "Bearer a9nBKpKc37TGPaoRzNOwhUQwxn5q3eGQcVZtAZ5zlrWncvIinb",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2021-06-13 20:54:12 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
a9nBKpKc37TGPaoRzNOwhUQwxn5q3eGQcVZtAZ5zlrWncvIinb
2021-06-13 20:54:12 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
a9nBKpKc37TGPaoRzNOwhUQwxn5q3eGQcVZtAZ5zlrWncvIinb
2021-06-13 20:54:12 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
email
user@example.com
email_verified
false
2021-06-13 20:54:12
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-06-13 20:54:12 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 20:54:12 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 20:54:12 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2021-06-13 20:54:12 OUTGOING
oidcc-client-test-kid-absent-multiple-jwks
Response to HTTP request to test instance EC2gxkNeZUPOugm
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": 1580000000,
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User",
  "email": "user@example.com",
  "email_verified": false
}
outgoing_path
userinfo
2021-06-13 20:54:12 FINISHED
oidcc-client-test-kid-absent-multiple-jwks
Test has run to completion
testmodule_result
PASSED
2021-06-13 20:56:08
TEST-RUNNER
Alias has now been claimed by another test
alias
MSTR_M2021_UP1
new_test_id
yq0GcHK3arRRVc3
Test Results