Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-07-29 06:00:09 INFO
TEST-RUNNER
Test instance lc4eNBORBv3MGWj created
baseUrl
https://www.certification.openid.net/test/a/caos
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
caos
description
RP Certification
planId
uoprP0OO8Z4Qo
config
{
  "alias": "caos",
  "description": "RP Certification",
  "publish": "summary",
  "client": {
    "client_id": "93634749943374746@openid_certification",
    "client_secret": "myclQ`RB_F5|HA:@7!r7H(DLltKA)P~u#)Ag#LQ8Zw,km*\u003d@JhYacA4^qC]B{ZK}",
    "redirect_uri": "http://localhost:4200/auth/callback"
  }
}
testName
oidcc-client-test-idtoken-sig-none
2021-07-29 06:00:09 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/caos/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/caos/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/caos/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/caos/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/caos/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/caos/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-07-29 06:00:09
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/caos/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/caos/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/caos/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/caos/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/caos/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/caos/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-07-29 06:00:09
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "3ajTymCVYEcIkLEuqYWII3cN-A71gNytGmpF5-gb20S0I8TuU5pc4HFUZyZOJU4OQx0qfCNOljiew8T9wSF5AmKB--VUfA9xykOaZziH5qpgLvpX1S1j5QB-XFVJn4QRY0c8LiyzNauF0XA4S2jNihGVUp5Xk5GCTzC22TUqHsM",
      "kty": "RSA",
      "q": "1bzLXudfSeJFaYpy5mHjbIJUEfYjXBWOfFcBROmnQEVxKpPIQGrxfvjTvaDyPJD2BJwoACTOdnfCfkwOq1-9pkAkIHJdOPN4EA7zK2-z6aNrE9vryjOnoz9VHa8RmTANh3GWEvYSt0iyAWgZ0vcutvYSI6hqXPk1QehBJWM4tbE",
      "d": "lm3NU-I1lEuldm94v-J-zB8yJxLKsYHamuPqI63uzLbhOJhtq7TSESeLPsRZOphEWtWLzxRrT6QNn9MVUD2DeMwuXmU0h1Jc1Vr9JTzNz4G6JpYr3KG7EHDVZFhpt_BvyzER22ofQityqmcLt94Ks8vilM2ZYEL7xYYwhaPe2aZ4ZCUjaGvaXRrlp1PsZTd7xPApGHHGkV_26GXK-ZKEB8nS7RZ3aY2IQkajwLF62rOy_CPL9T5HqwCfX_DEKEnpvvAVWyCgKBvV5IoXQj6daIy3qKtyhkRNo8S7XC-BNF3WoNh8-RiIiriA9nOFp2NoPKSBajFdymH1516WRSAhoQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "7c13f59c-8ac7-4387-b428-ae533829575b",
      "qi": "qXinl4X5IRGou6YU9_M1bMFBHTxUPmwDjWmsJKeiJgJNWEpPp91bILDUKnBAEpEP5oGydG0WGwpopyOpxKUwr7DDHkOxQFXSUZXgnmmhpFWCxUFJEo650GjDpOtAc0D6xuOwVsTkQwaA4_bGqMkM7psmlshwvW8JNj4TmPfd9fk",
      "dp": "FGGTp8Ydtg6SAQvpqHi4vdoSlL57YG_qEsW2y84R0aWNksRmzZUh-Rkyk5F4GgIFWbJy15s_fJyULJgOZRW41LlODmVV0VpyMhDpP5h5FoKP-YHXVaioyMO02rSU4m_4UVKZe_1sNQEietGAu55VV96qBkC8-LqmarWl-m7jApU",
      "dq": "PRWp4cOqXglG4TTqRaFwR9CvijqYPHcEs9CB0locrKesAgkeUBrAThN7IFThJiIfzY17eR8LypvLgCDoiF3ia6MlMAi_T8l1ZNGA-ccA2iMUNSbDKpS8slElWEhydR9gnnb99wlQrAUgqno_9yUhurR01rAJRe0LJXzlMXQ7_uE",
      "n": "uRDwSfdATm79Ro5FazleMDDRF_rRhEb4SmJCtamKJnGCI2zh04CaHbJkJooB9xj6ttzjcXdtHxWgZX9-YTFY9VDBHwwK4egd6KdJMgfxpG56vx70g31EPFupWc027NJPzN9U5zUtaOBZc3aRzooY0L_LQcGQ-Gnlj9sfNi9qIThEzHRxJZ7vrxqUithISCC4O5qhV5IL3nXQqhboxNA4Xrd3reFWD9-Y-Hq-JD3FS6GRBfEhA3xQ0JQ1gyE2olCfpyaiL07D_nffiw11f5AnyAQOC1j1376Kfm947P2jiCZLIXbTo0rMlaYHf_tAuZ1-vTMR_I2RY7L1pt8PrYcj0w"
    },
    {
      "kty": "EC",
      "d": "Nof4LEUW1JPuGYbMcpUksHWaHGsxibMwLEnmr-aCfDY",
      "use": "sig",
      "crv": "P-256",
      "kid": "04a563b1-0e17-4f75-b359-e7701c5035e9",
      "x": "Af9Uuq3t1OhDr-mLj8cd5AS8FwVL7gWJIiIDkcSoxas",
      "y": "adThl3Wh8-7d0tv5PoStPMlwVbFUbv_RCySLmVOgT3o"
    },
    {
      "kty": "EC",
      "d": "0cUlJ_OweRr2Aclho0WyVYKeWrhIjY_wjzOpxNJeozA",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "1bc31203-881b-4641-b536-448816d32233",
      "x": "x2OXM61RbQiQrkbiZY7ZKimP7YKu71MY58-QbMMtXhI",
      "y": "CoVOgOoB9t_28ckjn-qNzouHAH7aK4BLal4uHInk2Ls"
    },
    {
      "kty": "OKP",
      "d": "OWV6mk1TcbGOH4B8X_VKHhcYprAn49Ik8Pker9nJu10",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "995095dc-c473-4e08-aadb-2db27edf1cee",
      "x": "HWUMEIRUL5z4Wm6vffyEBg7gb0xWOzrftS-jVAUh9Kg"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6Q9HlLAyLFDezHazVam2C_5RJGbEKTDlO_QfHuVSLTmmOl1v-atLSF-5qIveo65qBGDH9O0UCi_oPkI0ES_PIu9sHrXTOSCUrfj1oNkYehponmjPCkfFOLs260SfD-n-PW9xswzUFpqFY9mJZoRxCE1Z9Xk5uZnuyyAXDoxYlmE",
      "kty": "RSA",
      "q": "lLd9T9LEU6OwGStX8w6vVGQF3cg6MzYcc7fy1rPwdSM0jQZpk7JDB-8E6TKiGnL-_XL6PF422HVZRBAqieTVzw2kWOzSqAiK_TRQoGvN2-FsxyAkKSnZ_yGYviu77wtZvjhABRDC0oXq0UPzG5qHAVfkggzn63qjM00Khh8-XX0",
      "d": "OUcqPWIka39laknpRr3WUXQKWbJ-eoWR9L60Puj64-PT4ZFTup3T79KOyGDJUirtrbuNChpp5EMi5jQCV0_9X_NcrUglQKCcYhdgjSnCFmEyGs0ZeAvogaxYkDJmtHAPPPZdwRM0u3FVHQD4QW4GNNIEKJ9wKOQf7vkpizkfObXhBlAsT-Qi5z6nhcDCe1j50FGS9fBplUHSaHhWKqrDfYhYQjuSHu2EFUGwxdCiMS1ExoMGm11ABp03vUgVP9sjAgNIwL5fnATgLr0MrvoNiWf1tWdxqIaCVxEt45M9b9V1kmkhgt58q16GM0Wkq1SVsxV6XAfCBzt_KPKek3KbAQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "5c76b9ab-b772-4da8-b989-d9e75e1be3ef",
      "qi": "iFwQleLNiZnMIpzCaYfSgQHIHlCdBzqM_ekfTrRhRUr0hozhQwYqJ4KXhjmNZ9tXv5J6T3jW70Ty7BBQjHfvCaa_yBIqssPBDo5fNfxhivi585buk746x6J3MRo7ulbukaFMhLFI6vWsib1pC1DsXBXay6j-RB_7Er22-w-hZ1g",
      "dp": "zizXPUGWUUAFqcnEop6tTvTf4Z0MIgiAcsZnFZT3WszqMi3g1nVj9xXAD8wU3KZ6YX8gxZtKJCz3fsRgfWfXDefStWRTBPG-th1NZstHbRWZwbGkn0qYvbRZRE6DjLeLU9wYMLbDlW-DW67hb5Dw0dBkKdXhbEEyT_4Gh7c-02E",
      "alg": "RSA-OAEP",
      "dq": "HSlZ3jQzIT-AwX65UUT45nByogmoN_CNZbeVW7qPFTkhDeJLA5Y6BK0-5kdyeANCswo_vWSwFoP0TB9rZ_zCXEaNio5txFtgfcQrZzmcdVhfzzAjRxsYzymUXP4QbRBpuZ4oF5Ywzb1KzVwoqKoFfSLyAPps48T5iY662I_517U",
      "n": "h2PhY0Ky6vcNXeVBsOspRBIO79mEgYYgQ4Ty7BYHUhu8BP9BPcjYjXBa9K0VPsUJCUNV8IUkkdt3No7l8AeT3C6T_u_BJb59j0dcNTRh35D7_iVg52WgNfd9Oc8NyKBSjekp5Sif1TbCERULfWO72SYRflyr9lz3s0N_4i7RB3U-4a-NHE_r7DnK14s9dO7jYOAYugDGkBIGohrr5QSk1wbkqiZgM4EoDtR9PeptFGLpq8ue6hV-R36xC-GvctOeLhhqOp5ZNud1b54Ahq8WzhsnkwGiDrLpUiktbOTpmkaLlMXKnnK7DTnNKnLGo_BPTDpvol4fd2qp-8OG4GCqXQ"
    },
    {
      "kty": "EC",
      "d": "jnpd2BxlB9souzP9j0i4_Cah0dK8hO2e7YkuAjhWAxI",
      "use": "enc",
      "crv": "P-256",
      "kid": "ea72c467-5914-4217-8f86-1d77798b12ec",
      "x": "QYdY36M9Gpv5hACTs62m6EL0S4DEA5esEeW9Ij1w0Ek",
      "y": "CZTDhF4GIIoXGtwqYit0j1WWIRB7Xs2GDyDRq-_J75o",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "7c13f59c-8ac7-4387-b428-ae533829575b",
      "n": "uRDwSfdATm79Ro5FazleMDDRF_rRhEb4SmJCtamKJnGCI2zh04CaHbJkJooB9xj6ttzjcXdtHxWgZX9-YTFY9VDBHwwK4egd6KdJMgfxpG56vx70g31EPFupWc027NJPzN9U5zUtaOBZc3aRzooY0L_LQcGQ-Gnlj9sfNi9qIThEzHRxJZ7vrxqUithISCC4O5qhV5IL3nXQqhboxNA4Xrd3reFWD9-Y-Hq-JD3FS6GRBfEhA3xQ0JQ1gyE2olCfpyaiL07D_nffiw11f5AnyAQOC1j1376Kfm947P2jiCZLIXbTo0rMlaYHf_tAuZ1-vTMR_I2RY7L1pt8PrYcj0w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "931d6408-7555-4918-ba68-7a4aa9fb45be",
      "n": "olF8kruehXWSXjegDQzNLcD0Bx1xA8YlHgZ4178mqdeUbAdON-mkF5a6KusidRVS0YJZsSQFTgSwInxsaJJC_Rg-9WWaTwSivAK-HAhPy6847Z9h0ew8DALprf03_5L6LUFoaZOxTXmVV9ZZJelu49hnN7Vw4OxJTJI0GUo0DzgV57l_MJnCAEdgEyWucRcNFwLHZFTWU_WbWoCbZKhHCXZ5LdFFSm9fVONFSG8wpUGiHmnIT6FkdADWZ8QdnLKLOCC_bHmKxd5k7-0lOSIRU_MYpo9_K65PShHxGadXOijiqNDnTksVLG8aaUKB6w9VZMMhZnb4Y4AltYP65MJjfQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "04a563b1-0e17-4f75-b359-e7701c5035e9",
      "x": "Af9Uuq3t1OhDr-mLj8cd5AS8FwVL7gWJIiIDkcSoxas",
      "y": "adThl3Wh8-7d0tv5PoStPMlwVbFUbv_RCySLmVOgT3o"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "d78ff675-1abe-437a-8d56-d1027efcf01d",
      "x": "bjJYlto2HKrc7hgZonEpz3uUPl1hkF-5gi5SX7TOkto",
      "y": "HrFAKr0IkxLe0UNzeAzwc6usCecExLSTyJ2sBOvkmaw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "1bc31203-881b-4641-b536-448816d32233",
      "x": "x2OXM61RbQiQrkbiZY7ZKimP7YKu71MY58-QbMMtXhI",
      "y": "CoVOgOoB9t_28ckjn-qNzouHAH7aK4BLal4uHInk2Ls"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "995095dc-c473-4e08-aadb-2db27edf1cee",
      "x": "HWUMEIRUL5z4Wm6vffyEBg7gb0xWOzrftS-jVAUh9Kg"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "5c76b9ab-b772-4da8-b989-d9e75e1be3ef",
      "alg": "RSA-OAEP",
      "n": "h2PhY0Ky6vcNXeVBsOspRBIO79mEgYYgQ4Ty7BYHUhu8BP9BPcjYjXBa9K0VPsUJCUNV8IUkkdt3No7l8AeT3C6T_u_BJb59j0dcNTRh35D7_iVg52WgNfd9Oc8NyKBSjekp5Sif1TbCERULfWO72SYRflyr9lz3s0N_4i7RB3U-4a-NHE_r7DnK14s9dO7jYOAYugDGkBIGohrr5QSk1wbkqiZgM4EoDtR9PeptFGLpq8ue6hV-R36xC-GvctOeLhhqOp5ZNud1b54Ahq8WzhsnkwGiDrLpUiktbOTpmkaLlMXKnnK7DTnNKnLGo_BPTDpvol4fd2qp-8OG4GCqXQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "ea72c467-5914-4217-8f86-1d77798b12ec",
      "x": "QYdY36M9Gpv5hACTs62m6EL0S4DEA5esEeW9Ij1w0Ek",
      "y": "CZTDhF4GIIoXGtwqYit0j1WWIRB7Xs2GDyDRq-_J75o",
      "alg": "ECDH-ES"
    }
  ]
}
2021-07-29 06:00:09 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-07-29 06:00:09 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-07-29 06:00:09 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": 1580000000
}
2021-07-29 06:00:09 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
93634749943374746@openid_certification
client_secret
myclQ`RB_F5|HA:@7!r7H(DLltKA)P~u#)Ag#LQ8Zw,km*=@JhYacA4^qC]B{ZK}
redirect_uris
[
  "http://localhost:4200/auth/callback"
]
2021-07-29 06:00:09 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "93634749943374746@openid_certification",
  "client_secret": "myclQ`RB_F5|HA:@7!r7H(DLltKA)P~u#)Ag#LQ8Zw,km*\u003d@JhYacA4^qC]B{ZK}",
  "redirect_uris": [
    "http://localhost:4200/auth/callback"
  ]
}
2021-07-29 06:00:09 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2021-07-29 06:00:09 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2021-07-29 06:00:09 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "http://localhost:4200/auth/callback"
]
2021-07-29 06:00:09 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2021-07-29 06:00:09 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2021-07-29 06:00:09 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2021-07-29 06:00:09 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2021-07-29 06:00:09 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2021-07-29 06:00:09 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2021-07-29 06:00:09 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2021-07-29 06:00:09 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-07-29 06:00:09 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2021-07-29 06:00:09 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2021-07-29 06:00:09 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2021-07-29 06:00:09 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2021-07-29 06:00:09 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2021-07-29 06:00:09 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2021-07-29 06:00:09 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2021-07-29 06:00:09 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2021-07-29 06:00:09 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2021-07-29 06:00:09
SetServerSigningAlgToNone
Successfully set signing algorithm to none
signing_algorithm
none
2021-07-29 06:00:09
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
none
2021-07-29 06:00:09
oidcc-client-test-idtoken-sig-none
Setup Done
2021-07-29 06:00:15 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to test instance lc4eNBORBv3MGWj
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,*/*;q\u003d0.8",
  "upgrade-insecure-requests": "1",
  "cookie": "JSESSIONID\u003d0340D2A012AC78B6C2939CF389A64905",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.1 Safari/605.1.15",
  "accept-language": "en-gb",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "93634749943374746@openid_certification",
  "redirect_uri": "http://localhost:4200/auth/callback",
  "response_type": "code",
  "scope": "openid profile",
  "state": "5a2e550b-e01e-4921-bea2-ee023659bd41"
}
incoming_body
Authorization endpoint
2021-07-29 06:00:15 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2021-07-29 06:00:15 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile"
]
expected
openid
2021-07-29 06:00:15 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "93634749943374746@openid_certification",
  "redirect_uri": "http://localhost:4200/auth/callback",
  "response_type": "code",
  "scope": "openid profile",
  "state": "5a2e550b-e01e-4921-bea2-ee023659bd41"
}
2021-07-29 06:00:15 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile
2021-07-29 06:00:15 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2021-07-29 06:00:15 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2021-07-29 06:00:15 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
93634749943374746@openid_certification
2021-07-29 06:00:15 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
http://localhost:4200/auth/callback
expected
[
  "http://localhost:4200/auth/callback"
]
2021-07-29 06:00:15 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile"
]
expected
openid
2021-07-29 06:00:15 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2021-07-29 06:00:15 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
8Q1FTuNAJy
2021-07-29 06:00:15 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "http://localhost:4200/auth/callback",
  "state": "5a2e550b-e01e-4921-bea2-ee023659bd41"
}
2021-07-29 06:00:15 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "http://localhost:4200/auth/callback",
  "state": "5a2e550b-e01e-4921-bea2-ee023659bd41",
  "code": "8Q1FTuNAJy"
}
2021-07-29 06:00:15
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
http://localhost:4200/auth/callback?state=5a2e550b-e01e-4921-bea2-ee023659bd41&code=8Q1FTuNAJy
2021-07-29 06:00:15 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance lc4eNBORBv3MGWj
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [http://localhost:4200/auth/callback?state=5a2e550b-e01e-4921-bea2-ee023659bd41&code=8Q1FTuNAJy]
outgoing_path
authorize
2021-07-29 06:00:15 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to test instance lc4eNBORBv3MGWj
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Go-http-client/1.1",
  "authorization": "Basic OTM2MzQ3NDk5NDMzNzQ3NDYlNDBvcGVuaWRfY2VydGlmaWNhdGlvbjpteWNsUSU2MFJCX0Y1JTdDSEElM0ElNDA3JTIxcjdIJTI4RExsdEtBJTI5UH51JTIzJTI5QWclMjNMUThadyUyQ2ttJTJBJTNEJTQwSmhZYWNBNCU1RXFDJTVEQiU3QlpLJTdE",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "106",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "code": "8Q1FTuNAJy",
  "grant_type": "authorization_code",
  "redirect_uri": "http://localhost:4200/auth/callback"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
code=8Q1FTuNAJy&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2Fauth%2Fcallback
Token endpoint
2021-07-29 06:00:15 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
93634749943374746@openid_certification
client_secret
myclQ`RB_F5|HA:@7!r7H(DLltKA)P~u#)Ag#LQ8Zw,km*=@JhYacA4^qC]B{ZK}
method
client_secret_basic
2021-07-29 06:00:15 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2021-07-29 06:00:15 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
8Q1FTuNAJy
2021-07-29 06:00:15 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
http://localhost:4200/auth/callback
2021-07-29 06:00:15 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
5G1CZqA4I4Uu1CCo64I6X2YKOeQ1psnXof0B1Vt2P19BrsIe69
2021-07-29 06:00:15 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/caos/
sub
user-subject-1234531
aud
93634749943374746@openid_certification
iat
1627538415
exp
1627538715
2021-07-29 06:00:15 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2021-07-29 06:00:15 SUCCESS
SignIdTokenWithAlgNone
Created id_token with alg none
id_token
eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2Nhb3MvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOiI5MzYzNDc0OTk0MzM3NDc0NkBvcGVuaWRfY2VydGlmaWNhdGlvbiIsImlhdCI6MTYyNzUzODQxNSwiZXhwIjoxNjI3NTM4NzE1fQ.
2021-07-29 06:00:15 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2021-07-29 06:00:15 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
5G1CZqA4I4Uu1CCo64I6X2YKOeQ1psnXof0B1Vt2P19BrsIe69
token_type
Bearer
id_token
eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2Nhb3MvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOiI5MzYzNDc0OTk0MzM3NDc0NkBvcGVuaWRfY2VydGlmaWNhdGlvbiIsImlhdCI6MTYyNzUzODQxNSwiZXhwIjoxNjI3NTM4NzE1fQ.
scope
openid profile
2021-07-29 06:00:15 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance lc4eNBORBv3MGWj
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "5G1CZqA4I4Uu1CCo64I6X2YKOeQ1psnXof0B1Vt2P19BrsIe69",
  "token_type": "Bearer",
  "id_token": "eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2Nhb3MvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOiI5MzYzNDc0OTk0MzM3NDc0NkBvcGVuaWRfY2VydGlmaWNhdGlvbiIsImlhdCI6MTYyNzUzODQxNSwiZXhwIjoxNjI3NTM4NzE1fQ.",
  "scope": "openid profile"
}
outgoing_path
token
2021-07-29 06:00:20 WARNING
ClientDidNotContinueAfterReceivingUnsignedIdToken
Client did not send a userinfo request after receiving an unsigned id_token.
2021-07-29 06:00:20 FINISHED
oidcc-client-test-idtoken-sig-none
Test has run to completion
testmodule_result
WARNING
2021-07-29 06:00:39
TEST-RUNNER
Alias has now been claimed by another test
alias
caos
new_test_id
oH6pB1XaoTFSwgo
Test Results