Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-06-13 20:46:06 INFO
TEST-RUNNER
Test instance iQRdRarZ75jiYDB created
baseUrl
https://www.certification.openid.net/test/a/MSTR_M2021_UP1
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
MSTR_M2021_UP1
description
planId
iEllghTC7G18K
config
{
  "alias": "MSTR_M2021_UP1",
  "client": {
    "client_id": "87654321",
    "client_secret": "12345678",
    "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
  }
}
testName
oidcc-client-test-kid-absent-single-jwks
2021-06-13 20:46:06 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-06-13 20:46:06
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-06-13 20:46:06
OIDCCGenerateServerJWKsSingleSigningKeyWithNoKeyId
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "260mFJN3Z6KgJth7WrCJFz2QKQSq3PEFG8jGtqx_Y8wfPZfeRwPmBUuIRBUo7acSTZzNt1qXJBEvw7mUxVigj64MiHRnCpvKepT7iQBjHsQQwIXCOvoYec8lKiDpzS_vLX8UrpTtK-HktOuY9cs36l2DB61TEsPm-YwBCbElBdM",
      "kty": "RSA",
      "q": "tBiMBBHk4y6TDrfXv0kU5LGoRW0Jb9XMSwjkG7DgySfvzyBKHGTkrMypl-evK_QhmxLnsOFw78vkgSS0lg2x0wgs7Fs0oKr6eDXLqOdPNrE4wUZZQJA9jqeCl3Vd1_8-3n-I4Vgndw3-PqLiReKGWkU_qJ-esyCo6pDt3Y1MhIU",
      "d": "Tx3HBfE_JMHMoE9gX4kQw4C83Kq3uMDDWhwnPsVn-PT-aK1-YYXBbZBoG21N_9mQwtdqlpMdb7ameoOpBQStL6B0Xp_A6d0YqFpvj8bwa0d0vQBNyG6jrSKV6Y5suC2uCnzmxVcIZCTvZI1Yswh8XBVitahq1bXYDvb4N0ZK_ehuMHDVa-J1eh4f0vQsRsjD6MGTCta_3L1DoRDaaeXc-JWXNf0_pQ68x5aHcmZb-D8N2YWHVUj0lIgDTuf7SnqFSrLBNomy8VtEjc9SJVHezB6qYyjyqwANW_W-FOLkyxIbBpe2yaKZ_IvzYdAGSJsrlAbldn9dFFd6rvjAMkkUOQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "vCZFSDi0OsKJoIjQXT5lGbu7OOk-QTfysYDcKShAgiuPREWhz2VQoDQmJ_2YdvIDJTiQdJOeM-CHqT2haBJkPOwDbtMhdfvHNV7OggJvlHucB4vY0GUdpDr7KMNE-G4b3aLiGGYlQY3rm0JgBjweoUBx5wLU8QLYNJLI0xKtXzY",
      "dp": "nkCCKliBsFrrXJCfbJm4aNGkxKfkHv5SW82ruXVS4CXwa4K4Uhhw4GelZsaHkYzGFrtbRzcvon_vFOTgU7qhEGCmDrcsc-v_VYd2HR_2R_eeydKSNcJtV3LupwbG51Ycy328_He00-QLynne21LmmSN8fU9ThTUzc5p0NPM0ZJk",
      "dq": "FaVhpteTwC6H5Fv6ZXZeOYKU7AtH-BYlYNtnt2BSFDtlmmqSHcmOpqpOtABX0JueMmpaSKtADMJf65nCzspElk3EQIBR2gHS6wHkQZ_TqIoyfSB8d8Mecvf1PUkRB3YZU1rW0-bpj2iyJ0sikS3B4jWyigztYTBKvS7AOEHUcZU",
      "n": "morPKDiAibdylUrCDry6HpvD4otYYFO4Fap54E8pPm4JnIwspO9V14c-CiiuAd-rAMG5zWT4XlcTt7Z42hVV5StodSt_AFfrOfmLUixVM0A9E03-dt237HQX7edfNM-9pjcdXtGVZnH53IZ71zPvGItZKqNtRdBLXJ2C1iMZ0H8Ib1KBH6_C8YS23YTh6nTPMfE_e8wkVTKwbgk_shSTJ8PgKd-vanVEWij0hpkMDVPVlbU3Hh2nmk3t1I17EYTEER-BYU477A5IBZFRZF29LM_HcbcZQ2lVH7utzJVo2DfOfEZcHq_2B-IJBLi_kjGy5LBXgt-InsnTweK6EODSnw"
    },
    {
      "kty": "EC",
      "d": "DHIcb93q1eEmK0j1ahelRTUDDDIFnMGGGtl8DLmz-xA",
      "use": "sig",
      "crv": "P-256",
      "x": "7iEzNYunfs1lHSMGLdjs_RI5ucR5ShBDxiySv-xFkeU",
      "y": "n8KSoFprE6IUUttTP3amd4d2zRQwOZ0B91P8vHxZmgQ"
    },
    {
      "kty": "EC",
      "d": "tHih8VLh0p8w1-xipEJoxarQnDspUC_n4aSgkPcWAKM",
      "use": "sig",
      "crv": "secp256k1",
      "x": "G5JMaTVZg6BOXuw0eWcLGFqqMJd_uWdff62Z2-FIUHw",
      "y": "S8RP04-ar5g8wuvw6Zt2Nn70s9NAc6TDqN3JEUERf5Q"
    },
    {
      "kty": "OKP",
      "d": "JoQ9hubXtfqDQWqTl6vTy8N32zOqq_ydNwIX5etVXQ8",
      "use": "sig",
      "crv": "Ed25519",
      "x": "5ty9ryKQE1RQ0_xVEHxQRbcOFAo4JCiFnHijLQRCFXY"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "-_FTQERKfOhK_Nb1RETn0c7n2numsLFbR2qxEvxgLd9tcgKcmKnnxjsLsErjbxJtswCKlqWQ_aXi9hbjoBz3cDgMUr7CVOW8BSTqxrncFwqiefOdq35HUTS6SCBHjJMgyM7wJSQ1sLhM2gk9mFSJwrtpLP83LBBybhNxPfxpjk8",
      "kty": "RSA",
      "q": "3D4QpyBUGnTNyp2Fyr3yaEbdPW6o7oZakE68i_hd-DYbBtMt5ZqM8Kyz2pmbJQY3l00-DJUhHn8jM3GdGRypcT7C8ekWfd9GispTLd2Jp9miAFrw2Qe5tmU_H71E9ey1gCSX4TFPX_yyqCnMlyAI_Vu81l6YtzTnX-5JpF6_FQ8",
      "d": "pcNMTJkS_zcwzj06RtnaE_4VBRMJDm3lOZWZowUpM_VngfvbV501BHnbylGNPVdbqvdH8z692YKoORFlaR1zxggNIG2eALiUSpPKZDAbYacwBgk72lX1wSo7ZW__gblKN4ok-CBPUolKB18CPuSgVtK1-io2MrughzRSNFJwvhODOJuN3CyVswhaXIG10II2PbeHvNPSAN6Yrce8pcZM2JmnZoGUGTiJsJjosMV9n1zIu5U0YQpVsT_zqFbUrQrryo0j5k7554RRpfi6l9NmLwvmUZkTcku3Ms9gMEs8Rw3QB0Dv43-U58totOOgmkHfzsYR4qIIdksOdcu1TmDxIQ",
      "e": "AQAB",
      "use": "enc",
      "qi": "h5S9m9ASwNAjxLNXXelKbr8XdaYsiPY8XTHBJGE6vIfj4LxU-aJpDupT2DiLPzlJA2TWBB9rJJfwj-PfFNicoNA9bwrIqSD6WpkdTOowyDJvIkXlWQzTS2pqB1T9Bz8Jy50T63Iacfb7U2a3IzwGsjREP93z_NIRrRKgrB3JNHc",
      "dp": "K3qUMW0XpcK43jWCkkuJ7i1U2eGo_Kk-5W5GLM6dEo2SZ7CHsdjwhMc_1ya1ZT-66r9XK3RbN0rfhjShB8q38QfbKJR_GQOklQav9aexkdBmBcHDHgtm517AHx5i-qGRcNY1n1NGaL8FlEMv_A_qzk5lcjyBGvujo9d7HYVn-gU",
      "alg": "RSA-OAEP",
      "dq": "2qtww06w0le4X3yI8yQmwuvhC_aMGc8hqffS8jIVsrSdnugbwMTzPJ5sMBWk2VzT4xBZFAsZB_t5SsF6Fg3EGmETEza3EyCVHIYHkhlMbHADjdC9Iu6tr-_UfcHg7z8nceRjO75GrenqxFZEAKRY6Jyl4D2p6PTI6RFg4qcDl3c",
      "n": "2MB4YPOy0DPlDxFo6dVDXsztgXNs548oc14fGV5-jhxVxB0UfVOLokHKAHoNZaWo0ACWQyElBa6xkGoR3pbtlszQ7fP6hBlxFMIemwCHbOkA2AsfxJiUM6Y_6AgIwNTes6a9XaRDHB263W-knzuyAx7_c-0fpwMU0CzqGe4g2wyEHMA-d-s3ilyjMcYiRLjWGHSVGP5XcnkMS412-vgFzC2izRenY4jf0Fj8VXfo6Nl4rxs4KXx-G-ZbGag4xmVO65kJV3x5-AmYsNEvEVG2kX3qirPPPH03e-712-QZqMqYAQ_DgbBXEW3riv8uQnLEGSPPWlFlIby3AX70oczRoQ"
    },
    {
      "kty": "EC",
      "d": "fnUHgbU36UYBSBqiv14dFq_2iYz-FD0zVN67v9ax8zo",
      "use": "enc",
      "crv": "P-256",
      "x": "U4-PyG0jCXR5u3MEpSoKn2BFV8BLdBh2hECkQiYSMeo",
      "y": "fa_scD_YDgy363vAZBcoaA76On_otm8hLltIocBorcY",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "morPKDiAibdylUrCDry6HpvD4otYYFO4Fap54E8pPm4JnIwspO9V14c-CiiuAd-rAMG5zWT4XlcTt7Z42hVV5StodSt_AFfrOfmLUixVM0A9E03-dt237HQX7edfNM-9pjcdXtGVZnH53IZ71zPvGItZKqNtRdBLXJ2C1iMZ0H8Ib1KBH6_C8YS23YTh6nTPMfE_e8wkVTKwbgk_shSTJ8PgKd-vanVEWij0hpkMDVPVlbU3Hh2nmk3t1I17EYTEER-BYU477A5IBZFRZF29LM_HcbcZQ2lVH7utzJVo2DfOfEZcHq_2B-IJBLi_kjGy5LBXgt-InsnTweK6EODSnw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "7iEzNYunfs1lHSMGLdjs_RI5ucR5ShBDxiySv-xFkeU",
      "y": "n8KSoFprE6IUUttTP3amd4d2zRQwOZ0B91P8vHxZmgQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "G5JMaTVZg6BOXuw0eWcLGFqqMJd_uWdff62Z2-FIUHw",
      "y": "S8RP04-ar5g8wuvw6Zt2Nn70s9NAc6TDqN3JEUERf5Q"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "5ty9ryKQE1RQ0_xVEHxQRbcOFAo4JCiFnHijLQRCFXY"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "2MB4YPOy0DPlDxFo6dVDXsztgXNs548oc14fGV5-jhxVxB0UfVOLokHKAHoNZaWo0ACWQyElBa6xkGoR3pbtlszQ7fP6hBlxFMIemwCHbOkA2AsfxJiUM6Y_6AgIwNTes6a9XaRDHB263W-knzuyAx7_c-0fpwMU0CzqGe4g2wyEHMA-d-s3ilyjMcYiRLjWGHSVGP5XcnkMS412-vgFzC2izRenY4jf0Fj8VXfo6Nl4rxs4KXx-G-ZbGag4xmVO65kJV3x5-AmYsNEvEVG2kX3qirPPPH03e-712-QZqMqYAQ_DgbBXEW3riv8uQnLEGSPPWlFlIby3AX70oczRoQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "x": "U4-PyG0jCXR5u3MEpSoKn2BFV8BLdBh2hECkQiYSMeo",
      "y": "fa_scD_YDgy363vAZBcoaA76On_otm8hLltIocBorcY",
      "alg": "ECDH-ES"
    }
  ]
}
2021-06-13 20:46:06 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-06-13 20:46:06 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": 1580000000
}
2021-06-13 20:46:06 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
87654321
client_secret
12345678
redirect_uris
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 20:46:06 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "87654321",
  "client_secret": "12345678",
  "redirect_uris": [
    "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
  ]
}
2021-06-13 20:46:06 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2021-06-13 20:46:06 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2021-06-13 20:46:06 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 20:46:06 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2021-06-13 20:46:06 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2021-06-13 20:46:06 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2021-06-13 20:46:06 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2021-06-13 20:46:06 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2021-06-13 20:46:06 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2021-06-13 20:46:06 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2021-06-13 20:46:06 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 20:46:06 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2021-06-13 20:46:06 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2021-06-13 20:46:06 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2021-06-13 20:46:06 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2021-06-13 20:46:06 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2021-06-13 20:46:06 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2021-06-13 20:46:06 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2021-06-13 20:46:06 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2021-06-13 20:46:06 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2021-06-13 20:46:06
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2021-06-13 20:46:06
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2021-06-13 20:46:06
oidcc-client-test-kid-absent-single-jwks
Setup Done
2021-06-13 20:47:10 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance iQRdRarZ75jiYDB
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/xml, text/xml, application/json, application/*+xml, application/*+json",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2021-06-13 20:47:10 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance iQRdRarZ75jiYDB
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-06-13 20:50:02 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance iQRdRarZ75jiYDB
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"90\", \"Google Chrome\";v\u003d\"90\"",
  "sec-ch-ua-mobile": "?0",
  "referer": "https://env-239211.customer.cloud.microstrategy.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-GB,en-GB-oxendict;q\u003d0.9,en;q\u003d0.8,tr;q\u003d0.7,eu;q\u003d0.6",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1623336640.30.8.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utma\u003d201319536.763838286.1615572732.1623353581.1623411213.32; JSESSIONID\u003d32A224047A3267CDD9D4EE876688B2EF",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "response_type": "code",
  "client_id": "87654321",
  "scope": "openid profile email offline_access",
  "state": "uRb59ENmw2R5s-9lgkKns-djxokY6kY9N55tkcnUx-o\u003d",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "nonce": "FmEUXOh0HPgsrvPYACwOsWn5zyF4rD5bctgDRZyEw9c"
}
incoming_body
Authorization endpoint
2021-06-13 20:50:02 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2021-06-13 20:50:02 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile",
  "email",
  "offline_access"
]
expected
openid
2021-06-13 20:50:02 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "response_type": "code",
  "client_id": "87654321",
  "scope": "openid profile email offline_access",
  "state": "uRb59ENmw2R5s-9lgkKns-djxokY6kY9N55tkcnUx-o\u003d",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "nonce": "FmEUXOh0HPgsrvPYACwOsWn5zyF4rD5bctgDRZyEw9c"
}
2021-06-13 20:50:02 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile email offline_access
2021-06-13 20:50:02 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
FmEUXOh0HPgsrvPYACwOsWn5zyF4rD5bctgDRZyEw9c
2021-06-13 20:50:02 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2021-06-13 20:50:02 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
87654321
2021-06-13 20:50:02 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login
expected
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 20:50:02 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile",
  "email",
  "offline_access"
]
expected
openid
2021-06-13 20:50:02 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2021-06-13 20:50:02 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
xEdVBJMoJT
2021-06-13 20:50:02 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
MhwzQPEoFuapTcx8WCakTA
2021-06-13 20:50:02 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "state": "uRb59ENmw2R5s-9lgkKns-djxokY6kY9N55tkcnUx-o\u003d"
}
2021-06-13 20:50:02 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "state": "uRb59ENmw2R5s-9lgkKns-djxokY6kY9N55tkcnUx-o\u003d",
  "code": "xEdVBJMoJT"
}
2021-06-13 20:50:02
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login?state=uRb59ENmw2R5s-9lgkKns-djxokY6kY9N55tkcnUx-o%3D&code=xEdVBJMoJT
2021-06-13 20:50:02 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance iQRdRarZ75jiYDB
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login?state=uRb59ENmw2R5s-9lgkKns-djxokY6kY9N55tkcnUx-o%3D&code=xEdVBJMoJT]
outgoing_path
authorize
2021-06-13 20:50:02 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance iQRdRarZ75jiYDB
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "authorization": "Basic ODc2NTQzMjE6MTIzNDU2Nzg\u003d",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "161",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "xEdVBJMoJT",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=xEdVBJMoJT&redirect_uri=https%3A%2F%2Fenv-239211.customer.cloud.microstrategy.com%2FMicroStrategyLibrary%2Fauth%2Foidc%2Flogin
Token endpoint
2021-06-13 20:50:02 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
87654321
client_secret
12345678
method
client_secret_basic
2021-06-13 20:50:02 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2021-06-13 20:50:02 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
xEdVBJMoJT
2021-06-13 20:50:02 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login
2021-06-13 20:50:02 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
YopDS9jW3wm7XOEAcrw1HvvBuRgTFNCs2m2QdnZsSXJIla747w
2021-06-13 20:50:02 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
phVgdoSN5JZ-5_PTm8MHew
2021-06-13 20:50:02 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/MSTR_M2021_UP1/
sub
user-subject-1234531
aud
87654321
nonce
FmEUXOh0HPgsrvPYACwOsWn5zyF4rD5bctgDRZyEw9c
iat
1623617402
exp
1623617702
2021-06-13 20:50:02 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
phVgdoSN5JZ-5_PTm8MHew
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "sub": "user-subject-1234531",
  "aud": "87654321",
  "nonce": "FmEUXOh0HPgsrvPYACwOsWn5zyF4rD5bctgDRZyEw9c",
  "iat": 1623617402,
  "exp": 1623617702,
  "at_hash": "phVgdoSN5JZ-5_PTm8MHew"
}
2021-06-13 20:50:02 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoicGhWZ2RvU041SlotNV9QVG04TUhldyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYxNzcwMiwibm9uY2UiOiJGbUVVWE9oMEhQZ3NydlBZQUN3T3NXbjV6eUY0ckQ1YmN0Z0RSWnlFdzljIiwiaWF0IjoxNjIzNjE3NDAyfQ.lJmlMLqTMaDc-5likBAoO2AS6o5ViddyhofpjJhx4IuLnzKC3qxp5YHG7DjE3jca3ytdG_xcx7MurTGxqMsBtvwIiKGSmFvh2boRIKj4wm8B8V12Gw-svqV5u4YWVegHl1cXonWnwrv3bbiWifIxPE9aNZMjirf32U9X5tFBWSmISx34QKQO2wz8oWH5reh0wOclAzWn6G50_3aH_tBwwxN8FP1rQ81RwFTcO3ZTui69PVox-AkPi9rh24lHp3vaTGUp2Kblo2Tr-Wj9WBy9Ov8r1eJf1d3XsLtZeF3KsbFEAPeMsbb85zaiX5m2-gsJDgxKAp2zxBpmNVFz5DB5AA
key
{"p":"260mFJN3Z6KgJth7WrCJFz2QKQSq3PEFG8jGtqx_Y8wfPZfeRwPmBUuIRBUo7acSTZzNt1qXJBEvw7mUxVigj64MiHRnCpvKepT7iQBjHsQQwIXCOvoYec8lKiDpzS_vLX8UrpTtK-HktOuY9cs36l2DB61TEsPm-YwBCbElBdM","kty":"RSA","q":"tBiMBBHk4y6TDrfXv0kU5LGoRW0Jb9XMSwjkG7DgySfvzyBKHGTkrMypl-evK_QhmxLnsOFw78vkgSS0lg2x0wgs7Fs0oKr6eDXLqOdPNrE4wUZZQJA9jqeCl3Vd1_8-3n-I4Vgndw3-PqLiReKGWkU_qJ-esyCo6pDt3Y1MhIU","d":"Tx3HBfE_JMHMoE9gX4kQw4C83Kq3uMDDWhwnPsVn-PT-aK1-YYXBbZBoG21N_9mQwtdqlpMdb7ameoOpBQStL6B0Xp_A6d0YqFpvj8bwa0d0vQBNyG6jrSKV6Y5suC2uCnzmxVcIZCTvZI1Yswh8XBVitahq1bXYDvb4N0ZK_ehuMHDVa-J1eh4f0vQsRsjD6MGTCta_3L1DoRDaaeXc-JWXNf0_pQ68x5aHcmZb-D8N2YWHVUj0lIgDTuf7SnqFSrLBNomy8VtEjc9SJVHezB6qYyjyqwANW_W-FOLkyxIbBpe2yaKZ_IvzYdAGSJsrlAbldn9dFFd6rvjAMkkUOQ","e":"AQAB","use":"sig","qi":"vCZFSDi0OsKJoIjQXT5lGbu7OOk-QTfysYDcKShAgiuPREWhz2VQoDQmJ_2YdvIDJTiQdJOeM-CHqT2haBJkPOwDbtMhdfvHNV7OggJvlHucB4vY0GUdpDr7KMNE-G4b3aLiGGYlQY3rm0JgBjweoUBx5wLU8QLYNJLI0xKtXzY","dp":"nkCCKliBsFrrXJCfbJm4aNGkxKfkHv5SW82ruXVS4CXwa4K4Uhhw4GelZsaHkYzGFrtbRzcvon_vFOTgU7qhEGCmDrcsc-v_VYd2HR_2R_eeydKSNcJtV3LupwbG51Ycy328_He00-QLynne21LmmSN8fU9ThTUzc5p0NPM0ZJk","dq":"FaVhpteTwC6H5Fv6ZXZeOYKU7AtH-BYlYNtnt2BSFDtlmmqSHcmOpqpOtABX0JueMmpaSKtADMJf65nCzspElk3EQIBR2gHS6wHkQZ_TqIoyfSB8d8Mecvf1PUkRB3YZU1rW0-bpj2iyJ0sikS3B4jWyigztYTBKvS7AOEHUcZU","n":"morPKDiAibdylUrCDry6HpvD4otYYFO4Fap54E8pPm4JnIwspO9V14c-CiiuAd-rAMG5zWT4XlcTt7Z42hVV5StodSt_AFfrOfmLUixVM0A9E03-dt237HQX7edfNM-9pjcdXtGVZnH53IZ71zPvGItZKqNtRdBLXJ2C1iMZ0H8Ib1KBH6_C8YS23YTh6nTPMfE_e8wkVTKwbgk_shSTJ8PgKd-vanVEWij0hpkMDVPVlbU3Hh2nmk3t1I17EYTEER-BYU477A5IBZFRZF29LM_HcbcZQ2lVH7utzJVo2DfOfEZcHq_2B-IJBLi_kjGy5LBXgt-InsnTweK6EODSnw"}
algorithm
RS256
2021-06-13 20:50:02 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2021-06-13 20:50:02 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
YopDS9jW3wm7XOEAcrw1HvvBuRgTFNCs2m2QdnZsSXJIla747w
token_type
Bearer
id_token
eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoicGhWZ2RvU041SlotNV9QVG04TUhldyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYxNzcwMiwibm9uY2UiOiJGbUVVWE9oMEhQZ3NydlBZQUN3T3NXbjV6eUY0ckQ1YmN0Z0RSWnlFdzljIiwiaWF0IjoxNjIzNjE3NDAyfQ.lJmlMLqTMaDc-5likBAoO2AS6o5ViddyhofpjJhx4IuLnzKC3qxp5YHG7DjE3jca3ytdG_xcx7MurTGxqMsBtvwIiKGSmFvh2boRIKj4wm8B8V12Gw-svqV5u4YWVegHl1cXonWnwrv3bbiWifIxPE9aNZMjirf32U9X5tFBWSmISx34QKQO2wz8oWH5reh0wOclAzWn6G50_3aH_tBwwxN8FP1rQ81RwFTcO3ZTui69PVox-AkPi9rh24lHp3vaTGUp2Kblo2Tr-Wj9WBy9Ov8r1eJf1d3XsLtZeF3KsbFEAPeMsbb85zaiX5m2-gsJDgxKAp2zxBpmNVFz5DB5AA
scope
openid profile email offline_access
2021-06-13 20:50:02 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance iQRdRarZ75jiYDB
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "YopDS9jW3wm7XOEAcrw1HvvBuRgTFNCs2m2QdnZsSXJIla747w",
  "token_type": "Bearer",
  "id_token": "eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoicGhWZ2RvU041SlotNV9QVG04TUhldyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYxNzcwMiwibm9uY2UiOiJGbUVVWE9oMEhQZ3NydlBZQUN3T3NXbjV6eUY0ckQ1YmN0Z0RSWnlFdzljIiwiaWF0IjoxNjIzNjE3NDAyfQ.lJmlMLqTMaDc-5likBAoO2AS6o5ViddyhofpjJhx4IuLnzKC3qxp5YHG7DjE3jca3ytdG_xcx7MurTGxqMsBtvwIiKGSmFvh2boRIKj4wm8B8V12Gw-svqV5u4YWVegHl1cXonWnwrv3bbiWifIxPE9aNZMjirf32U9X5tFBWSmISx34QKQO2wz8oWH5reh0wOclAzWn6G50_3aH_tBwwxN8FP1rQ81RwFTcO3ZTui69PVox-AkPi9rh24lHp3vaTGUp2Kblo2Tr-Wj9WBy9Ov8r1eJf1d3XsLtZeF3KsbFEAPeMsbb85zaiX5m2-gsJDgxKAp2zxBpmNVFz5DB5AA",
  "scope": "openid profile email offline_access"
}
outgoing_path
token
2021-06-13 20:50:03 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance iQRdRarZ75jiYDB
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/jwk-set+json",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2021-06-13 20:50:03 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance iQRdRarZ75jiYDB
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "morPKDiAibdylUrCDry6HpvD4otYYFO4Fap54E8pPm4JnIwspO9V14c-CiiuAd-rAMG5zWT4XlcTt7Z42hVV5StodSt_AFfrOfmLUixVM0A9E03-dt237HQX7edfNM-9pjcdXtGVZnH53IZ71zPvGItZKqNtRdBLXJ2C1iMZ0H8Ib1KBH6_C8YS23YTh6nTPMfE_e8wkVTKwbgk_shSTJ8PgKd-vanVEWij0hpkMDVPVlbU3Hh2nmk3t1I17EYTEER-BYU477A5IBZFRZF29LM_HcbcZQ2lVH7utzJVo2DfOfEZcHq_2B-IJBLi_kjGy5LBXgt-InsnTweK6EODSnw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "7iEzNYunfs1lHSMGLdjs_RI5ucR5ShBDxiySv-xFkeU",
      "y": "n8KSoFprE6IUUttTP3amd4d2zRQwOZ0B91P8vHxZmgQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "G5JMaTVZg6BOXuw0eWcLGFqqMJd_uWdff62Z2-FIUHw",
      "y": "S8RP04-ar5g8wuvw6Zt2Nn70s9NAc6TDqN3JEUERf5Q"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "5ty9ryKQE1RQ0_xVEHxQRbcOFAo4JCiFnHijLQRCFXY"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "2MB4YPOy0DPlDxFo6dVDXsztgXNs548oc14fGV5-jhxVxB0UfVOLokHKAHoNZaWo0ACWQyElBa6xkGoR3pbtlszQ7fP6hBlxFMIemwCHbOkA2AsfxJiUM6Y_6AgIwNTes6a9XaRDHB263W-knzuyAx7_c-0fpwMU0CzqGe4g2wyEHMA-d-s3ilyjMcYiRLjWGHSVGP5XcnkMS412-vgFzC2izRenY4jf0Fj8VXfo6Nl4rxs4KXx-G-ZbGag4xmVO65kJV3x5-AmYsNEvEVG2kX3qirPPPH03e-712-QZqMqYAQ_DgbBXEW3riv8uQnLEGSPPWlFlIby3AX70oczRoQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "x": "U4-PyG0jCXR5u3MEpSoKn2BFV8BLdBh2hECkQiYSMeo",
      "y": "fa_scD_YDgy363vAZBcoaA76On_otm8hLltIocBorcY",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2021-06-13 20:50:03 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance iQRdRarZ75jiYDB
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "authorization": "Bearer YopDS9jW3wm7XOEAcrw1HvvBuRgTFNCs2m2QdnZsSXJIla747w",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2021-06-13 20:50:03 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
YopDS9jW3wm7XOEAcrw1HvvBuRgTFNCs2m2QdnZsSXJIla747w
2021-06-13 20:50:03 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
YopDS9jW3wm7XOEAcrw1HvvBuRgTFNCs2m2QdnZsSXJIla747w
2021-06-13 20:50:03 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
email
user@example.com
email_verified
false
2021-06-13 20:50:03
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-06-13 20:50:03 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 20:50:03 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 20:50:03 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2021-06-13 20:50:03 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance iQRdRarZ75jiYDB
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": 1580000000,
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User",
  "email": "user@example.com",
  "email_verified": false
}
outgoing_path
userinfo
2021-06-13 20:50:03 FINISHED
oidcc-client-test-kid-absent-single-jwks
Test has run to completion
testmodule_result
PASSED
2021-06-13 20:51:33
TEST-RUNNER
Alias has now been claimed by another test
alias
MSTR_M2021_UP1
new_test_id
EC2gxkNeZUPOugm
Test Results