Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-07-29 06:00:53 INFO
TEST-RUNNER
Test instance ScgMZRxVFgO4w0t created
baseUrl
https://www.certification.openid.net/test/a/caos
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
caos
description
RP Certification
planId
uoprP0OO8Z4Qo
config
{
  "alias": "caos",
  "description": "RP Certification",
  "publish": "summary",
  "client": {
    "client_id": "93634749943374746@openid_certification",
    "client_secret": "myclQ`RB_F5|HA:@7!r7H(DLltKA)P~u#)Ag#LQ8Zw,km*\u003d@JhYacA4^qC]B{ZK}",
    "redirect_uri": "http://localhost:4200/auth/callback"
  }
}
testName
oidcc-client-test-userinfo-invalid-sub
2021-07-29 06:00:53 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/caos/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/caos/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/caos/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/caos/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/caos/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/caos/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-07-29 06:00:53
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/caos/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/caos/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/caos/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/caos/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/caos/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/caos/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-07-29 06:00:54
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "7OVhPNb8X0fyJyNxnVevOPBACVRwpQcDeWjnGlygkLIZ36xtKp4drNgOfBgtYL3C62PDhC1iVUCHYzQixzpThauiR1GOGDozjLae69d_GtUE8wwNLDr7x6QzeMfjAkmDdarVAEJn32otZ2H87wbGPhwa-vLTx_qBSngF17CYyWE",
      "kty": "RSA",
      "q": "4qTvHcbOZFS53r8J08vZlxz0cnSIedo3EIBFFnMvfrl82JqwCD0KqWiLC0-UtRIZRkSqX1iZ5QxWZMo4YOpgJzwQMPbn72BnuqNPOjXfTeZS-7RAspPtoL6dmcypzP3VkwO2TC5gTDnUtbr29YG-um3lnpoyirJYqu0ttU_vdfU",
      "d": "m_sEpEmFeY9tAK6GC6dgsW-AWa40z_DAkqsrIs47qFpCXvY1NF-e1l9bHQ49uBvAbwB8-Ny5OaQIruK4tTImVl1C_T0jpojUXlxblA_hLMgYtiorS3wSpKtzFV9h3icoqUJD9DfLg2vWC8oMR_wOAY-bZ0QoKt5wpvTKJcA5sCIige3quWFvFNn2BirLBCaFcaAQTbe-H39D9m7yRRkrAuMaIW_gUo0WaJL541aF7Zsu4M-YBUm6x7P9o5KBv2xzF3c-YKvt0AmtUWtiPouQXZ7qUyqCYj91vhJNBrbaNm1r32JARpfGg088Mmj1kh5MikobsoR7zc9us_m4ZzndgQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "a24c756f-ab8d-4a22-9af4-2460a919ee77",
      "qi": "HjlpUzkP8CdAdAOz9xLjhRH78VmkSvPbsH-Ww_737w6DSLbA-YtGcgFrGdLNJJwOK8rJjH0HblvzRDTjCgIcBV_U_Q0pdZ6pUMOhCZ9EXCaAFhnG4feYxRVKGjYQhkx3d9o246sxyqwiIg2AhAXelkSV_LgK50YIkfOdZrxxe-8",
      "dp": "JsdFq5flqBM26IE8z-zSmhd55A0Wg20qfG1Xp1ESV51P7vViyV8orGqRtG6gvv1RMwcZskFbn2j4wJyANOyvT2pRHiuTfxPH7HjYevLDs7i7Hq4SWfMt0_hlFJhj6LPv-QsF4wz7w-61j_7SUK5jNTeUkw-86zdugqozCqO13wE",
      "dq": "m5SVAF_EtmLi5OFHIbjBuVYLB7avKNZ_Dji_NFYFuHwkE5y8Uit08i3tpOoQLuwppW7ldWYg3nbFp5KZeQ3qy4QTqUkUleIb0qbgcBkjHRqKxHZMI0ogyUOQdE9mEG3--liF_22mdS0Ns2KQvJ9ACkH-ag13vHYJH-yIf_pLazE",
      "n": "0bsgD7SAvQXT5GRE8SYbXlYy5ojls-cw6UL7HtqJwlaPl6wcphn-l6Te6GCSbJJfYoV1pvu1mThVBIzygawOWhLyXM7WnaTDO4Gu2tvFbiwzRhs-75gJoEMvfWvEV60M2r154YvO6zlTVeP8H78SVWZK7DZjrA_L14tSX7gP7T6-1U1xQVEE85YhhdDVglBqyffmAAxpS4KQtKZN0J-2vdWYOeOQftdEqSiHdviIDJJNdpvfEEfvHdYiwAykgCUENno5AOPmGtp1vVvsl5tnLZjhtdSP3Zn6V_c8Z268Ir4wSGN0BqUJ6UCrswlf0zYEaDEWqa07Dq-zn55_xtEO1Q"
    },
    {
      "kty": "EC",
      "d": "jSW_Cq3j5zFVlqcQJo7g4mcm0kGPaLtH1qsv0hUi2C0",
      "use": "sig",
      "crv": "P-256",
      "kid": "e06af2c7-c547-4c8a-a368-7ffbccf9e131",
      "x": "YWL_irFAnynzfSzCKimoKBU31Inbs8WoWLgX708-z0g",
      "y": "kbbEjFdeDK3yJv4-TfN5t7LoCE6HV7CIpa6kmHrbvhg"
    },
    {
      "kty": "EC",
      "d": "97MDKcFJzG861OPQIFjdP1kz5CPkzEdlInUguWN80GI",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "dfdf48ea-6713-40e7-a491-5b16eb0bacee",
      "x": "5ZknyIFHtPBB84vr6h-PnTO4si4NlpYMsBbD_dzyaVc",
      "y": "j7Cr0ij_QG2xGxrFXZHcZcpAfmXmvXX-K4JnqUQXbPs"
    },
    {
      "kty": "OKP",
      "d": "Yc9AWIaQI_1eeQEGnmSVwEMPHz3j3h3HlJx5O_2mn7E",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4848cf93-3526-4556-aa7b-adeb5a0d28d0",
      "x": "E2A-sCLQi23uAM0ZffU0i-uhSFjXSWpJlshz9ZraUIY"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "zUj1xBhmcCwUzYoqssm-qJu1fsuBxwoXzfbeLePddOtYYqmoIW9_NU9NU7CdI8ikC85mAkYggPYVD3CvZ4DUiKSkWL1F6zfRfrBOiI53Qen5mx9jxx07H_4eU1x0os1TSkiNYuUQWssOcHto1QWQHE_foUW-OBFf_R6xsWCzPx0",
      "kty": "RSA",
      "q": "p53s-WoH6kE5K6xTDiAgl6vn4xrmdCuF6wR37aarNLLazGPlQz4_bNyGEMcfnbuxNznq2M7-dLBzGAvJXyGfKrUzZpItc5vCnz7JEYZp3YeYKHw6VIuitTdhHqzqqqiixhbecmlPeYyowb9wkhu75bUpzjc_JsniGYCQI0sWj2U",
      "d": "VGuALXzvwk7tjGlI7b6RWosd1XORjU63Rk3_uMG_UYGZO3EUUpIg9Q-ee5gIv3JPQ1cK7Z0IURyoy59WBqfpGBRJ-8ncWowrWAPdsPDPO7L4jGK3y8kkkbBE4ZJfxdG2BAwFTaMyzehF6y4BrLRf5UDfdtPxAgCzISUXis4tozKKEErHhwvCfDzQc4-w60hAC4eyfmIz5Xr7tklRM-FPiHcsPqTJfz5Xg3fNEf2duQdMHCfZPyRoC3Y1NGVfS1d0pE8I6Ibx1YvvMLRKdeVa6fMAvMJnexLuRYdyGU-OrTBDd04Z1rc_xi3McytUM2HF345IlvCXQ7wBLhsgcjIhYQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "23d09bb8-55fe-4add-9565-43eda544013d",
      "qi": "iHvHGMiTe3lrymJskI3VO_CDGQvG-5yOj-eNPPuj5Ss9NXNVSZZyjAvyDALb7d0M23abstQtwS3ajnKgIANjrEax_ys40BKlHuQ0-6obXu-kqtiRFSarjKdxuSbOpIOZaRH5cZXAB5TjTRkArjAohswiQ75AQdaz6A7Oq8IS6T8",
      "dp": "xBHSgtgXRz4jJGm5_IfKbXpDMHapXnUaZWNLtCL2isyZ36pRZpX6tu0mWy_N9raVUJ1zOurF8saXOOcU8VPQKy6ttgAZft8SXeGBMNZ5u2ABQpMJls0pgpYRWudsk25vBf0j5XgJVd6pzO9iIkws5422d2-Ijj6yIq2lZFiK-1U",
      "alg": "RSA-OAEP",
      "dq": "SqvkQkimNgnQelBOv-A4JNmEeHwnZmFtS4G2G71AUD3Nk3h9TjOQ9eJYJ2lOAGr5S-0VXnj4iuuAmpnFoAfObKxEtdExRmuBjIff81q6FuKtOnv9UGTUm36MWaoW8Ogne6_8cWPQ8AlltMqgT7bjQjYu5ZtfGtydSVco31A4QLE",
      "n": "hmk8GOi8KtSgIZO-BPKMVv-3XJ1RZD6raTn9OxruHvpbgVbO0-uSomC4XGKXRpVhV76DG4bI7CqaESQrX6DEoVaGEHfCoVUnhM1469PeZNdqCRm8mRnP-sGPvXkyvQ1Lv_p8Un8NGtMO3FzfUM1ENhaLFlLdhQrEOAZsMNhJP1T9dWm_kr8D12oW0bbQC4aiSFWpSTY0anxhyEHXglcHV4Pz0aRIAf2dd9vnYh-KvbgLV1nO0vuBHKaiEqwSLdG_ycOHlRsx7Q0v3K4Echfx7R8-4sx36fXo9uRuvrz6YAzUrUwFspZAayeSKa64zoR5id7IxKGcoP2ucvPbMncZcQ"
    },
    {
      "kty": "EC",
      "d": "_7sy017GjGC80omuh-AV6kQFd5ssi7xUJZPEbCC78Fc",
      "use": "enc",
      "crv": "P-256",
      "kid": "12784087-68c2-4f9e-8713-8014e9d26eac",
      "x": "gX-I05UvBcOPq31zCFk8U_4g67dNzvGl59iVWJENNRA",
      "y": "WEkis8YK7-VXTCxzEVVX-4B7cWk1h4eKokwyTBuR81A",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a24c756f-ab8d-4a22-9af4-2460a919ee77",
      "n": "0bsgD7SAvQXT5GRE8SYbXlYy5ojls-cw6UL7HtqJwlaPl6wcphn-l6Te6GCSbJJfYoV1pvu1mThVBIzygawOWhLyXM7WnaTDO4Gu2tvFbiwzRhs-75gJoEMvfWvEV60M2r154YvO6zlTVeP8H78SVWZK7DZjrA_L14tSX7gP7T6-1U1xQVEE85YhhdDVglBqyffmAAxpS4KQtKZN0J-2vdWYOeOQftdEqSiHdviIDJJNdpvfEEfvHdYiwAykgCUENno5AOPmGtp1vVvsl5tnLZjhtdSP3Zn6V_c8Z268Ir4wSGN0BqUJ6UCrswlf0zYEaDEWqa07Dq-zn55_xtEO1Q"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "7cdc1a08-4246-4115-b7d6-b5ee3c3b9e03",
      "n": "x7BPwg4SFB4U4il1vif3zhmccQsEeSkDG-3Z4rX6fHpjxHga9EDvOxI2nkCOhKfWmdAbsyLfjo9n-nbc5qk1e2J4BEOMLXKjUXRFeIYIwbppxoBlYiexxO8REEVmsZRpq6CAeMNQu2Ci8p4T4cCRA5VKMdbXkOeg90yXgGUPOC9_IzqEKnec2wnimvWq_GkCuo4RxodfW11ae813a4EDHFiUFmmg09JgzqHiHDn-uSNAjDw0C1BGHibVahyLWqdJiE20URYzxfQyTeW3IE6OnxPVziYuG2MikcTF-Y2gtWf2-IR7yjbNYEi242L4FCu0hs6sp2XSowaWcSgIqmwL8w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e06af2c7-c547-4c8a-a368-7ffbccf9e131",
      "x": "YWL_irFAnynzfSzCKimoKBU31Inbs8WoWLgX708-z0g",
      "y": "kbbEjFdeDK3yJv4-TfN5t7LoCE6HV7CIpa6kmHrbvhg"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "ec4382f8-6056-44a3-bf09-7643af70bd0e",
      "x": "Vulm5d3L0NuA27I0paVnNikXF_elM0P6yylbqpDITps",
      "y": "fDVFGc0F3HqU_xTjC8bba7ykmksYB4p-zjdgv5ScPow"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "dfdf48ea-6713-40e7-a491-5b16eb0bacee",
      "x": "5ZknyIFHtPBB84vr6h-PnTO4si4NlpYMsBbD_dzyaVc",
      "y": "j7Cr0ij_QG2xGxrFXZHcZcpAfmXmvXX-K4JnqUQXbPs"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4848cf93-3526-4556-aa7b-adeb5a0d28d0",
      "x": "E2A-sCLQi23uAM0ZffU0i-uhSFjXSWpJlshz9ZraUIY"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "23d09bb8-55fe-4add-9565-43eda544013d",
      "alg": "RSA-OAEP",
      "n": "hmk8GOi8KtSgIZO-BPKMVv-3XJ1RZD6raTn9OxruHvpbgVbO0-uSomC4XGKXRpVhV76DG4bI7CqaESQrX6DEoVaGEHfCoVUnhM1469PeZNdqCRm8mRnP-sGPvXkyvQ1Lv_p8Un8NGtMO3FzfUM1ENhaLFlLdhQrEOAZsMNhJP1T9dWm_kr8D12oW0bbQC4aiSFWpSTY0anxhyEHXglcHV4Pz0aRIAf2dd9vnYh-KvbgLV1nO0vuBHKaiEqwSLdG_ycOHlRsx7Q0v3K4Echfx7R8-4sx36fXo9uRuvrz6YAzUrUwFspZAayeSKa64zoR5id7IxKGcoP2ucvPbMncZcQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "12784087-68c2-4f9e-8713-8014e9d26eac",
      "x": "gX-I05UvBcOPq31zCFk8U_4g67dNzvGl59iVWJENNRA",
      "y": "WEkis8YK7-VXTCxzEVVX-4B7cWk1h4eKokwyTBuR81A",
      "alg": "ECDH-ES"
    }
  ]
}
2021-07-29 06:00:54 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-07-29 06:00:54 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-07-29 06:00:54 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": 1580000000
}
2021-07-29 06:00:54 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
93634749943374746@openid_certification
client_secret
myclQ`RB_F5|HA:@7!r7H(DLltKA)P~u#)Ag#LQ8Zw,km*=@JhYacA4^qC]B{ZK}
redirect_uris
[
  "http://localhost:4200/auth/callback"
]
2021-07-29 06:00:54 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "93634749943374746@openid_certification",
  "client_secret": "myclQ`RB_F5|HA:@7!r7H(DLltKA)P~u#)Ag#LQ8Zw,km*\u003d@JhYacA4^qC]B{ZK}",
  "redirect_uris": [
    "http://localhost:4200/auth/callback"
  ]
}
2021-07-29 06:00:54 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2021-07-29 06:00:54 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2021-07-29 06:00:54 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "http://localhost:4200/auth/callback"
]
2021-07-29 06:00:54 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2021-07-29 06:00:54 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2021-07-29 06:00:54 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2021-07-29 06:00:54 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2021-07-29 06:00:54 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2021-07-29 06:00:54 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2021-07-29 06:00:54 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2021-07-29 06:00:54 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-07-29 06:00:54 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2021-07-29 06:00:54 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2021-07-29 06:00:54 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2021-07-29 06:00:54 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2021-07-29 06:00:54 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2021-07-29 06:00:54 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2021-07-29 06:00:54 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2021-07-29 06:00:54 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2021-07-29 06:00:54 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2021-07-29 06:00:54 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2021-07-29 06:00:54
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2021-07-29 06:00:54
oidcc-client-test-userinfo-invalid-sub
Setup Done
2021-07-29 06:00:57 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance ScgMZRxVFgO4w0t
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,*/*;q\u003d0.8",
  "upgrade-insecure-requests": "1",
  "cookie": "JSESSIONID\u003d0340D2A012AC78B6C2939CF389A64905",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15",
  "accept-language": "en-gb",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "93634749943374746@openid_certification",
  "redirect_uri": "http://localhost:4200/auth/callback",
  "response_type": "code",
  "scope": "openid profile",
  "state": "6c6074e8-c023-415d-bbf7-a2dd63e9878a"
}
incoming_body
Authorization endpoint
2021-07-29 06:00:57 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2021-07-29 06:00:57 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile"
]
expected
openid
2021-07-29 06:00:57 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "93634749943374746@openid_certification",
  "redirect_uri": "http://localhost:4200/auth/callback",
  "response_type": "code",
  "scope": "openid profile",
  "state": "6c6074e8-c023-415d-bbf7-a2dd63e9878a"
}
2021-07-29 06:00:57 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile
2021-07-29 06:00:57 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2021-07-29 06:00:57 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2021-07-29 06:00:57 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
93634749943374746@openid_certification
2021-07-29 06:00:57 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
http://localhost:4200/auth/callback
expected
[
  "http://localhost:4200/auth/callback"
]
2021-07-29 06:00:57 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile"
]
expected
openid
2021-07-29 06:00:57 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2021-07-29 06:00:57 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
SlFd4dTVgr
2021-07-29 06:00:57 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
bieFoTveswsuuof2-ijTqw
2021-07-29 06:00:57 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "http://localhost:4200/auth/callback",
  "state": "6c6074e8-c023-415d-bbf7-a2dd63e9878a"
}
2021-07-29 06:00:57 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "http://localhost:4200/auth/callback",
  "state": "6c6074e8-c023-415d-bbf7-a2dd63e9878a",
  "code": "SlFd4dTVgr"
}
2021-07-29 06:00:57
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
http://localhost:4200/auth/callback?state=6c6074e8-c023-415d-bbf7-a2dd63e9878a&code=SlFd4dTVgr
2021-07-29 06:00:57 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance ScgMZRxVFgO4w0t
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [http://localhost:4200/auth/callback?state=6c6074e8-c023-415d-bbf7-a2dd63e9878a&code=SlFd4dTVgr]
outgoing_path
authorize
2021-07-29 06:00:58 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance ScgMZRxVFgO4w0t
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Go-http-client/1.1",
  "authorization": "Basic OTM2MzQ3NDk5NDMzNzQ3NDYlNDBvcGVuaWRfY2VydGlmaWNhdGlvbjpteWNsUSU2MFJCX0Y1JTdDSEElM0ElNDA3JTIxcjdIJTI4RExsdEtBJTI5UH51JTIzJTI5QWclMjNMUThadyUyQ2ttJTJBJTNEJTQwSmhZYWNBNCU1RXFDJTVEQiU3QlpLJTdE",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "106",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "code": "SlFd4dTVgr",
  "grant_type": "authorization_code",
  "redirect_uri": "http://localhost:4200/auth/callback"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
code=SlFd4dTVgr&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2Fauth%2Fcallback
Token endpoint
2021-07-29 06:00:58 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
93634749943374746@openid_certification
client_secret
myclQ`RB_F5|HA:@7!r7H(DLltKA)P~u#)Ag#LQ8Zw,km*=@JhYacA4^qC]B{ZK}
method
client_secret_basic
2021-07-29 06:00:58 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2021-07-29 06:00:58 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
SlFd4dTVgr
2021-07-29 06:00:58 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
http://localhost:4200/auth/callback
2021-07-29 06:00:58 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
bHjoLmvhVfHqrAgdLuEZxT4vT5SFNc2up7trQLJzOV0eXw3kRF
2021-07-29 06:00:58 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
4VcbqBCUh9UIhyzNOrt2Sg
2021-07-29 06:00:58 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/caos/
sub
user-subject-1234531
aud
93634749943374746@openid_certification
iat
1627538458
exp
1627538758
2021-07-29 06:00:58 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
4VcbqBCUh9UIhyzNOrt2Sg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/caos/",
  "sub": "user-subject-1234531",
  "aud": "93634749943374746@openid_certification",
  "iat": 1627538458,
  "exp": 1627538758,
  "at_hash": "4VcbqBCUh9UIhyzNOrt2Sg"
}
2021-07-29 06:00:58 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJhMjRjNzU2Zi1hYjhkLTRhMjItOWFmNC0yNDYwYTkxOWVlNzciLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiNFZjYnFCQ1VoOVVJaHl6Tk9ydDJTZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiOTM2MzQ3NDk5NDMzNzQ3NDZAb3BlbmlkX2NlcnRpZmljYXRpb24iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvY2Fvc1wvIiwiZXhwIjoxNjI3NTM4NzU4LCJpYXQiOjE2Mjc1Mzg0NTh9.ErbXPXcceH8eIqlOZsymeYzdcC8lA_Zhx938XP6Ic6HsSqAoRGtrH4oixtBK_OsOyynbjjFuJmldXupkZ0vTG7TX4B9AGOBoKKNp1ZO46oy5QXoODCGxCwzbj3-oO_RCIZ4UqgxtkzYUe9HEEivnNs6JM0AVb4-YVFPi-7GVRMO3JefN1YCRrL_P3qXUA7WBcmR5iszjVm9lJi4-MtJ6jOfEHjcqwpEFF6kp1eI0o-19tIQgkSSUHEN1HIopvdxe6cguhEEs_FmCxbIu6unOR8JM9P4GueOKCkGIQmzYoVE1k5ocELvnRSvdwXTXM5E4OLXEK_1pzEpCtu6AofcvXQ
key
{"p":"7OVhPNb8X0fyJyNxnVevOPBACVRwpQcDeWjnGlygkLIZ36xtKp4drNgOfBgtYL3C62PDhC1iVUCHYzQixzpThauiR1GOGDozjLae69d_GtUE8wwNLDr7x6QzeMfjAkmDdarVAEJn32otZ2H87wbGPhwa-vLTx_qBSngF17CYyWE","kty":"RSA","q":"4qTvHcbOZFS53r8J08vZlxz0cnSIedo3EIBFFnMvfrl82JqwCD0KqWiLC0-UtRIZRkSqX1iZ5QxWZMo4YOpgJzwQMPbn72BnuqNPOjXfTeZS-7RAspPtoL6dmcypzP3VkwO2TC5gTDnUtbr29YG-um3lnpoyirJYqu0ttU_vdfU","d":"m_sEpEmFeY9tAK6GC6dgsW-AWa40z_DAkqsrIs47qFpCXvY1NF-e1l9bHQ49uBvAbwB8-Ny5OaQIruK4tTImVl1C_T0jpojUXlxblA_hLMgYtiorS3wSpKtzFV9h3icoqUJD9DfLg2vWC8oMR_wOAY-bZ0QoKt5wpvTKJcA5sCIige3quWFvFNn2BirLBCaFcaAQTbe-H39D9m7yRRkrAuMaIW_gUo0WaJL541aF7Zsu4M-YBUm6x7P9o5KBv2xzF3c-YKvt0AmtUWtiPouQXZ7qUyqCYj91vhJNBrbaNm1r32JARpfGg088Mmj1kh5MikobsoR7zc9us_m4ZzndgQ","e":"AQAB","use":"sig","kid":"a24c756f-ab8d-4a22-9af4-2460a919ee77","qi":"HjlpUzkP8CdAdAOz9xLjhRH78VmkSvPbsH-Ww_737w6DSLbA-YtGcgFrGdLNJJwOK8rJjH0HblvzRDTjCgIcBV_U_Q0pdZ6pUMOhCZ9EXCaAFhnG4feYxRVKGjYQhkx3d9o246sxyqwiIg2AhAXelkSV_LgK50YIkfOdZrxxe-8","dp":"JsdFq5flqBM26IE8z-zSmhd55A0Wg20qfG1Xp1ESV51P7vViyV8orGqRtG6gvv1RMwcZskFbn2j4wJyANOyvT2pRHiuTfxPH7HjYevLDs7i7Hq4SWfMt0_hlFJhj6LPv-QsF4wz7w-61j_7SUK5jNTeUkw-86zdugqozCqO13wE","dq":"m5SVAF_EtmLi5OFHIbjBuVYLB7avKNZ_Dji_NFYFuHwkE5y8Uit08i3tpOoQLuwppW7ldWYg3nbFp5KZeQ3qy4QTqUkUleIb0qbgcBkjHRqKxHZMI0ogyUOQdE9mEG3--liF_22mdS0Ns2KQvJ9ACkH-ag13vHYJH-yIf_pLazE","n":"0bsgD7SAvQXT5GRE8SYbXlYy5ojls-cw6UL7HtqJwlaPl6wcphn-l6Te6GCSbJJfYoV1pvu1mThVBIzygawOWhLyXM7WnaTDO4Gu2tvFbiwzRhs-75gJoEMvfWvEV60M2r154YvO6zlTVeP8H78SVWZK7DZjrA_L14tSX7gP7T6-1U1xQVEE85YhhdDVglBqyffmAAxpS4KQtKZN0J-2vdWYOeOQftdEqSiHdviIDJJNdpvfEEfvHdYiwAykgCUENno5AOPmGtp1vVvsl5tnLZjhtdSP3Zn6V_c8Z268Ir4wSGN0BqUJ6UCrswlf0zYEaDEWqa07Dq-zn55_xtEO1Q"}
algorithm
RS256
2021-07-29 06:00:58 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2021-07-29 06:00:58 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
bHjoLmvhVfHqrAgdLuEZxT4vT5SFNc2up7trQLJzOV0eXw3kRF
token_type
Bearer
id_token
eyJraWQiOiJhMjRjNzU2Zi1hYjhkLTRhMjItOWFmNC0yNDYwYTkxOWVlNzciLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiNFZjYnFCQ1VoOVVJaHl6Tk9ydDJTZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiOTM2MzQ3NDk5NDMzNzQ3NDZAb3BlbmlkX2NlcnRpZmljYXRpb24iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvY2Fvc1wvIiwiZXhwIjoxNjI3NTM4NzU4LCJpYXQiOjE2Mjc1Mzg0NTh9.ErbXPXcceH8eIqlOZsymeYzdcC8lA_Zhx938XP6Ic6HsSqAoRGtrH4oixtBK_OsOyynbjjFuJmldXupkZ0vTG7TX4B9AGOBoKKNp1ZO46oy5QXoODCGxCwzbj3-oO_RCIZ4UqgxtkzYUe9HEEivnNs6JM0AVb4-YVFPi-7GVRMO3JefN1YCRrL_P3qXUA7WBcmR5iszjVm9lJi4-MtJ6jOfEHjcqwpEFF6kp1eI0o-19tIQgkSSUHEN1HIopvdxe6cguhEEs_FmCxbIu6unOR8JM9P4GueOKCkGIQmzYoVE1k5ocELvnRSvdwXTXM5E4OLXEK_1pzEpCtu6AofcvXQ
scope
openid profile
2021-07-29 06:00:58 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance ScgMZRxVFgO4w0t
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "bHjoLmvhVfHqrAgdLuEZxT4vT5SFNc2up7trQLJzOV0eXw3kRF",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJhMjRjNzU2Zi1hYjhkLTRhMjItOWFmNC0yNDYwYTkxOWVlNzciLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiNFZjYnFCQ1VoOVVJaHl6Tk9ydDJTZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiOTM2MzQ3NDk5NDMzNzQ3NDZAb3BlbmlkX2NlcnRpZmljYXRpb24iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvY2Fvc1wvIiwiZXhwIjoxNjI3NTM4NzU4LCJpYXQiOjE2Mjc1Mzg0NTh9.ErbXPXcceH8eIqlOZsymeYzdcC8lA_Zhx938XP6Ic6HsSqAoRGtrH4oixtBK_OsOyynbjjFuJmldXupkZ0vTG7TX4B9AGOBoKKNp1ZO46oy5QXoODCGxCwzbj3-oO_RCIZ4UqgxtkzYUe9HEEivnNs6JM0AVb4-YVFPi-7GVRMO3JefN1YCRrL_P3qXUA7WBcmR5iszjVm9lJi4-MtJ6jOfEHjcqwpEFF6kp1eI0o-19tIQgkSSUHEN1HIopvdxe6cguhEEs_FmCxbIu6unOR8JM9P4GueOKCkGIQmzYoVE1k5ocELvnRSvdwXTXM5E4OLXEK_1pzEpCtu6AofcvXQ",
  "scope": "openid profile"
}
outgoing_path
token
2021-07-29 06:00:58 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance ScgMZRxVFgO4w0t
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Go-http-client/1.1",
  "accept-encoding": "gzip",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2021-07-29 06:00:58 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance ScgMZRxVFgO4w0t
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a24c756f-ab8d-4a22-9af4-2460a919ee77",
      "n": "0bsgD7SAvQXT5GRE8SYbXlYy5ojls-cw6UL7HtqJwlaPl6wcphn-l6Te6GCSbJJfYoV1pvu1mThVBIzygawOWhLyXM7WnaTDO4Gu2tvFbiwzRhs-75gJoEMvfWvEV60M2r154YvO6zlTVeP8H78SVWZK7DZjrA_L14tSX7gP7T6-1U1xQVEE85YhhdDVglBqyffmAAxpS4KQtKZN0J-2vdWYOeOQftdEqSiHdviIDJJNdpvfEEfvHdYiwAykgCUENno5AOPmGtp1vVvsl5tnLZjhtdSP3Zn6V_c8Z268Ir4wSGN0BqUJ6UCrswlf0zYEaDEWqa07Dq-zn55_xtEO1Q"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "7cdc1a08-4246-4115-b7d6-b5ee3c3b9e03",
      "n": "x7BPwg4SFB4U4il1vif3zhmccQsEeSkDG-3Z4rX6fHpjxHga9EDvOxI2nkCOhKfWmdAbsyLfjo9n-nbc5qk1e2J4BEOMLXKjUXRFeIYIwbppxoBlYiexxO8REEVmsZRpq6CAeMNQu2Ci8p4T4cCRA5VKMdbXkOeg90yXgGUPOC9_IzqEKnec2wnimvWq_GkCuo4RxodfW11ae813a4EDHFiUFmmg09JgzqHiHDn-uSNAjDw0C1BGHibVahyLWqdJiE20URYzxfQyTeW3IE6OnxPVziYuG2MikcTF-Y2gtWf2-IR7yjbNYEi242L4FCu0hs6sp2XSowaWcSgIqmwL8w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e06af2c7-c547-4c8a-a368-7ffbccf9e131",
      "x": "YWL_irFAnynzfSzCKimoKBU31Inbs8WoWLgX708-z0g",
      "y": "kbbEjFdeDK3yJv4-TfN5t7LoCE6HV7CIpa6kmHrbvhg"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "ec4382f8-6056-44a3-bf09-7643af70bd0e",
      "x": "Vulm5d3L0NuA27I0paVnNikXF_elM0P6yylbqpDITps",
      "y": "fDVFGc0F3HqU_xTjC8bba7ykmksYB4p-zjdgv5ScPow"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "dfdf48ea-6713-40e7-a491-5b16eb0bacee",
      "x": "5ZknyIFHtPBB84vr6h-PnTO4si4NlpYMsBbD_dzyaVc",
      "y": "j7Cr0ij_QG2xGxrFXZHcZcpAfmXmvXX-K4JnqUQXbPs"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4848cf93-3526-4556-aa7b-adeb5a0d28d0",
      "x": "E2A-sCLQi23uAM0ZffU0i-uhSFjXSWpJlshz9ZraUIY"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "23d09bb8-55fe-4add-9565-43eda544013d",
      "alg": "RSA-OAEP",
      "n": "hmk8GOi8KtSgIZO-BPKMVv-3XJ1RZD6raTn9OxruHvpbgVbO0-uSomC4XGKXRpVhV76DG4bI7CqaESQrX6DEoVaGEHfCoVUnhM1469PeZNdqCRm8mRnP-sGPvXkyvQ1Lv_p8Un8NGtMO3FzfUM1ENhaLFlLdhQrEOAZsMNhJP1T9dWm_kr8D12oW0bbQC4aiSFWpSTY0anxhyEHXglcHV4Pz0aRIAf2dd9vnYh-KvbgLV1nO0vuBHKaiEqwSLdG_ycOHlRsx7Q0v3K4Echfx7R8-4sx36fXo9uRuvrz6YAzUrUwFspZAayeSKa64zoR5id7IxKGcoP2ucvPbMncZcQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "12784087-68c2-4f9e-8713-8014e9d26eac",
      "x": "gX-I05UvBcOPq31zCFk8U_4g67dNzvGl59iVWJENNRA",
      "y": "WEkis8YK7-VXTCxzEVVX-4B7cWk1h4eKokwyTBuR81A",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2021-07-29 06:00:58 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance ScgMZRxVFgO4w0t
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Go-http-client/1.1",
  "authorization": "Bearer bHjoLmvhVfHqrAgdLuEZxT4vT5SFNc2up7trQLJzOV0eXw3kRF",
  "accept-encoding": "gzip",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2021-07-29 06:00:58 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
bHjoLmvhVfHqrAgdLuEZxT4vT5SFNc2up7trQLJzOV0eXw3kRF
2021-07-29 06:00:58 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
bHjoLmvhVfHqrAgdLuEZxT4vT5SFNc2up7trQLJzOV0eXw3kRF
2021-07-29 06:00:58 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
2021-07-29 06:00:58
ChangeSubInUserInfoResponseToBeInvalid
Added invalid sub to userinfo endpoint output
sub
user-subject-1234531invalid
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
2021-07-29 06:00:58
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-07-29 06:00:58 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-07-29 06:00:58 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-07-29 06:00:58 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2021-07-29 06:00:58 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance ScgMZRxVFgO4w0t
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531invalid",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": 1580000000,
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User"
}
outgoing_path
userinfo
2021-07-29 06:00:58 FINISHED
oidcc-client-test-userinfo-invalid-sub
Test has run to completion
testmodule_result
PASSED
2021-07-29 06:01:06
TEST-RUNNER
Alias has now been claimed by another test
alias
caos
new_test_id
kk1CwSRh5U6EByW
Test Results