Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-09-11 11:21:47 INFO
TEST-RUNNER
Test instance V5wni5KzyfHgEqA created
baseUrl
https://www.certification.openid.net/test/a/idpy
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token",
  "server_metadata": "discovery",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias
idpy
description
oidcop
planId
Okm8cBmJjyOxE
config
{
  "alias": "idpy",
  "description": "oidcop",
  "server": {
    "discoveryUrl": "https://89.45.234.133:4000/.well-known/openid-configuration",
    "login_hint": "roland@89.45.234.133:4000"
  },
  "client2": {
    "client_name": "Anything"
  }
}
testName
oidcc-refresh-token
2021-09-11 11:21:47 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
2021-09-11 11:21:47
GetDynamicServerConfiguration
HTTP request
request_uri
https://89.45.234.133:4000/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-09-11 11:21:47 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "3598",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:47 GMT"
}
response_body
{"version": "3.0", "token_endpoint_auth_methods_supported": ["client_secret_post", "client_secret_basic", "client_secret_jwt", "private_key_jwt"], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": true, "grant_types_supported": ["authorization_code", "implicit", "urn:ietf:params:oauth:grant-type:jwt-bearer", "refresh_token"], "subject_types_supported": ["public", "pairwise"], "registration_endpoint": "https://89.45.234.133:4000/registration", "introspection_endpoint": "https://89.45.234.133:4000/introspection", "response_types_supported": ["code", "token", "id_token", "code token", "code id_token", "id_token token", "code id_token token", "none"], "response_modes_supported": ["query", "fragment", "form_post"], "request_object_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "request_object_encryption_alg_values_supported": ["RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "request_object_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "claim_types_supported": ["normal", "aggregated", "distributed"], "authorization_endpoint": "https://89.45.234.133:4000/authorization", "token_endpoint_auth_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "token_endpoint": "https://89.45.234.133:4000/token", "userinfo_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "userinfo_encryption_alg_values_supported": ["RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "userinfo_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "client_authn_method": ["bearer_header", "bearer_body"], "userinfo_endpoint": "https://89.45.234.133:4000/userinfo", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true, "backchannel_logout_supported": true, "backchannel_logout_session_supported": true, "check_session_iframe": "https://89.45.234.133:4000/check_session_iframe", "end_session_endpoint": "https://89.45.234.133:4000/session", "issuer": "https://89.45.234.133:4000", "acr_values_supported": ["urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"], "jwks_uri": "https://89.45.234.133:4000/static/jwks.json", "scopes_supported": ["offline_access", "phone", "address", "research_and_scholarship", "profile", "email", "openid"], "claims_supported": ["iss", "updated_at", "given_name", "preferred_username", "picture", "zoneinfo", "website", "profile", "email_verified", "family_name", "sub", "birthdate", "address", "middle_name", "eduperson_scoped_affiliation", "gender", "locale", "nickname", "phone_number", "phone_number_verified", "name", "email"], "id_token_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "id_token_encryption_alg_values_supported": ["RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "id_token_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"]}
2021-09-11 11:21:47
GetDynamicServerConfiguration
Downloaded server configuration
server_config_string
{"version": "3.0", "token_endpoint_auth_methods_supported": ["client_secret_post", "client_secret_basic", "client_secret_jwt", "private_key_jwt"], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": true, "grant_types_supported": ["authorization_code", "implicit", "urn:ietf:params:oauth:grant-type:jwt-bearer", "refresh_token"], "subject_types_supported": ["public", "pairwise"], "registration_endpoint": "https://89.45.234.133:4000/registration", "introspection_endpoint": "https://89.45.234.133:4000/introspection", "response_types_supported": ["code", "token", "id_token", "code token", "code id_token", "id_token token", "code id_token token", "none"], "response_modes_supported": ["query", "fragment", "form_post"], "request_object_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "request_object_encryption_alg_values_supported": ["RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "request_object_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "claim_types_supported": ["normal", "aggregated", "distributed"], "authorization_endpoint": "https://89.45.234.133:4000/authorization", "token_endpoint_auth_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "token_endpoint": "https://89.45.234.133:4000/token", "userinfo_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "userinfo_encryption_alg_values_supported": ["RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "userinfo_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "client_authn_method": ["bearer_header", "bearer_body"], "userinfo_endpoint": "https://89.45.234.133:4000/userinfo", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true, "backchannel_logout_supported": true, "backchannel_logout_session_supported": true, "check_session_iframe": "https://89.45.234.133:4000/check_session_iframe", "end_session_endpoint": "https://89.45.234.133:4000/session", "issuer": "https://89.45.234.133:4000", "acr_values_supported": ["urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"], "jwks_uri": "https://89.45.234.133:4000/static/jwks.json", "scopes_supported": ["offline_access", "phone", "address", "research_and_scholarship", "profile", "email", "openid"], "claims_supported": ["iss", "updated_at", "given_name", "preferred_username", "picture", "zoneinfo", "website", "profile", "email_verified", "family_name", "sub", "birthdate", "address", "middle_name", "eduperson_scoped_affiliation", "gender", "locale", "nickname", "phone_number", "phone_number_verified", "name", "email"], "id_token_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "id_token_encryption_alg_values_supported": ["RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "id_token_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"]}
2021-09-11 11:21:47 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
version
3.0
token_endpoint_auth_methods_supported
[
  "client_secret_post",
  "client_secret_basic",
  "client_secret_jwt",
  "private_key_jwt"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
grant_types_supported
[
  "authorization_code",
  "implicit",
  "urn:ietf:params:oauth:grant-type:jwt-bearer",
  "refresh_token"
]
subject_types_supported
[
  "public",
  "pairwise"
]
registration_endpoint
https://89.45.234.133:4000/registration
introspection_endpoint
https://89.45.234.133:4000/introspection
response_types_supported
[
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "id_token token",
  "code id_token token",
  "none"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "HS256",
  "HS384",
  "HS512",
  "PS256",
  "PS384",
  "PS512"
]
request_object_encryption_alg_values_supported
[
  "RSA-OAEP",
  "RSA-OAEP-256",
  "A128KW",
  "A192KW",
  "A256KW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A192KW",
  "ECDH-ES+A256KW"
]
request_object_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A192CBC-HS384",
  "A256CBC-HS512",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
claim_types_supported
[
  "normal",
  "aggregated",
  "distributed"
]
authorization_endpoint
https://89.45.234.133:4000/authorization
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "HS256",
  "HS384",
  "HS512",
  "PS256",
  "PS384",
  "PS512"
]
token_endpoint
https://89.45.234.133:4000/token
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "HS256",
  "HS384",
  "HS512",
  "PS256",
  "PS384",
  "PS512"
]
userinfo_encryption_alg_values_supported
[
  "RSA-OAEP",
  "RSA-OAEP-256",
  "A128KW",
  "A192KW",
  "A256KW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A192KW",
  "ECDH-ES+A256KW"
]
userinfo_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A192CBC-HS384",
  "A256CBC-HS512",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
client_authn_method
[
  "bearer_header",
  "bearer_body"
]
userinfo_endpoint
https://89.45.234.133:4000/userinfo
frontchannel_logout_supported
true
frontchannel_logout_session_supported
true
backchannel_logout_supported
true
backchannel_logout_session_supported
true
check_session_iframe
https://89.45.234.133:4000/check_session_iframe
end_session_endpoint
https://89.45.234.133:4000/session
issuer
https://89.45.234.133:4000
acr_values_supported
[
  "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"
]
jwks_uri
https://89.45.234.133:4000/static/jwks.json
scopes_supported
[
  "offline_access",
  "phone",
  "address",
  "research_and_scholarship",
  "profile",
  "email",
  "openid"
]
claims_supported
[
  "iss",
  "updated_at",
  "given_name",
  "preferred_username",
  "picture",
  "zoneinfo",
  "website",
  "profile",
  "email_verified",
  "family_name",
  "sub",
  "birthdate",
  "address",
  "middle_name",
  "eduperson_scoped_affiliation",
  "gender",
  "locale",
  "nickname",
  "phone_number",
  "phone_number_verified",
  "name",
  "email"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "HS256",
  "HS384",
  "HS512",
  "PS256",
  "PS384",
  "PS512"
]
id_token_encryption_alg_values_supported
[
  "RSA-OAEP",
  "RSA-OAEP-256",
  "A128KW",
  "A192KW",
  "A256KW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A192KW",
  "ECDH-ES+A256KW"
]
id_token_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A192CBC-HS384",
  "A256CBC-HS512",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
2021-09-11 11:21:47 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-09-11 11:21:47 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "89.45.234.133",
  "testPort": 4000
}
authorization_endpoint
{
  "testHost": "89.45.234.133",
  "testPort": 4000
}
token_endpoint
{
  "testHost": "89.45.234.133",
  "testPort": 4000
}
userinfo_endpoint
{
  "testHost": "89.45.234.133",
  "testPort": 4000
}
2021-09-11 11:21:47
FetchServerKeys
Fetching server key
jwks_uri
https://89.45.234.133:4000/static/jwks.json
2021-09-11 11:21:47
FetchServerKeys
HTTP request
request_uri
https://89.45.234.133:4000/static/jwks.json
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-09-11 11:21:48 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "691",
  "content-type": "application/json",
  "last-modified": "Sat, 11 Sep 2021 11:09:56 GMT",
  "cache-control": "public, max-age\u003d43200",
  "expires": "Sat, 11 Sep 2021 23:21:48 GMT",
  "etag": "\"1631358596.6152847-691-3956740992\"",
  "date": "Sat, 11 Sep 2021 11:21:48 GMT",
  "server": "Werkzeug/1.0.1 Python/3.8.10"
}
response_body
{"keys": [{"kty": "RSA", "use": "sig", "kid": "T3k1MXJDY0NJZWlEbGs3S1lCaWdWRmpXeEdNWWl4TE1WWThrdzZtUXZXQQ", "n": "4DuoJU7Kdqz37-ZyqVZT_gwfVgV4h6TENLkQNRpQIIGrq7BhaNr9Li4ocZIu7x6N_KAKk-59pB4Xk1rjwMFGU7eKV3V1HBe2Nr-br8sU1Jw5ON8Z6_eV5L6c1i9asCklacYaMbxVVD3Unu0B964nrXm6Ct2vsLM-5sVNlOvMHHpS9HbJxByVSCyr43-riM4drq_5z806LLMU9_3KoOTI5a4NTtZpWmymWOJ_3uOdINJ6nun68rnNoHmrM_Cg302VkDb9vSQBw4WEgjXRYoeHRq9hx1IxOjK-8YFtQxrWcFJH4ntUqWPBxlhdpCM1clbhh7S8NfOcN-36Wblff7uFQw", "e": "AQAB"}, {"kty": "EC", "use": "sig", "kid": "azRaTWlLTWZTM0ZLSUFZLVNjYm5Cd3FISmlMTVVkbVVJa2FnR0d5WkRmNA", "crv": "P-256", "x": "5hTpuQ1G3UMbypveGTh64PASzqrfhFllfqMFdNUlY9w", "y": "cg80sEOIDMcg5Stg4ubxpAnW_MXD71moNznzBF1toAU"}]}
2021-09-11 11:21:48
FetchServerKeys
Found JWK set string
jwk_string
{"keys": [{"kty": "RSA", "use": "sig", "kid": "T3k1MXJDY0NJZWlEbGs3S1lCaWdWRmpXeEdNWWl4TE1WWThrdzZtUXZXQQ", "n": "4DuoJU7Kdqz37-ZyqVZT_gwfVgV4h6TENLkQNRpQIIGrq7BhaNr9Li4ocZIu7x6N_KAKk-59pB4Xk1rjwMFGU7eKV3V1HBe2Nr-br8sU1Jw5ON8Z6_eV5L6c1i9asCklacYaMbxVVD3Unu0B964nrXm6Ct2vsLM-5sVNlOvMHHpS9HbJxByVSCyr43-riM4drq_5z806LLMU9_3KoOTI5a4NTtZpWmymWOJ_3uOdINJ6nun68rnNoHmrM_Cg302VkDb9vSQBw4WEgjXRYoeHRq9hx1IxOjK-8YFtQxrWcFJH4ntUqWPBxlhdpCM1clbhh7S8NfOcN-36Wblff7uFQw", "e": "AQAB"}, {"kty": "EC", "use": "sig", "kid": "azRaTWlLTWZTM0ZLSUFZLVNjYm5Cd3FISmlMTVVkbVVJa2FnR0d5WkRmNA", "crv": "P-256", "x": "5hTpuQ1G3UMbypveGTh64PASzqrfhFllfqMFdNUlY9w", "y": "cg80sEOIDMcg5Stg4ubxpAnW_MXD71moNznzBF1toAU"}]}
2021-09-11 11:21:48 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "T3k1MXJDY0NJZWlEbGs3S1lCaWdWRmpXeEdNWWl4TE1WWThrdzZtUXZXQQ",
      "n": "4DuoJU7Kdqz37-ZyqVZT_gwfVgV4h6TENLkQNRpQIIGrq7BhaNr9Li4ocZIu7x6N_KAKk-59pB4Xk1rjwMFGU7eKV3V1HBe2Nr-br8sU1Jw5ON8Z6_eV5L6c1i9asCklacYaMbxVVD3Unu0B964nrXm6Ct2vsLM-5sVNlOvMHHpS9HbJxByVSCyr43-riM4drq_5z806LLMU9_3KoOTI5a4NTtZpWmymWOJ_3uOdINJ6nun68rnNoHmrM_Cg302VkDb9vSQBw4WEgjXRYoeHRq9hx1IxOjK-8YFtQxrWcFJH4ntUqWPBxlhdpCM1clbhh7S8NfOcN-36Wblff7uFQw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "use": "sig",
      "kid": "azRaTWlLTWZTM0ZLSUFZLVNjYm5Cd3FISmlMTVVkbVVJa2FnR0d5WkRmNA",
      "crv": "P-256",
      "x": "5hTpuQ1G3UMbypveGTh64PASzqrfhFllfqMFdNUlY9w",
      "y": "cg80sEOIDMcg5Stg4ubxpAnW_MXD71moNznzBF1toAU"
    }
  ]
}
2021-09-11 11:21:48 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "T3k1MXJDY0NJZWlEbGs3S1lCaWdWRmpXeEdNWWl4TE1WWThrdzZtUXZXQQ",
      "n": "4DuoJU7Kdqz37-ZyqVZT_gwfVgV4h6TENLkQNRpQIIGrq7BhaNr9Li4ocZIu7x6N_KAKk-59pB4Xk1rjwMFGU7eKV3V1HBe2Nr-br8sU1Jw5ON8Z6_eV5L6c1i9asCklacYaMbxVVD3Unu0B964nrXm6Ct2vsLM-5sVNlOvMHHpS9HbJxByVSCyr43-riM4drq_5z806LLMU9_3KoOTI5a4NTtZpWmymWOJ_3uOdINJ6nun68rnNoHmrM_Cg302VkDb9vSQBw4WEgjXRYoeHRq9hx1IxOjK-8YFtQxrWcFJH4ntUqWPBxlhdpCM1clbhh7S8NfOcN-36Wblff7uFQw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "use": "sig",
      "kid": "azRaTWlLTWZTM0ZLSUFZLVNjYm5Cd3FISmlMTVVkbVVJa2FnR0d5WkRmNA",
      "crv": "P-256",
      "x": "5hTpuQ1G3UMbypveGTh64PASzqrfhFllfqMFdNUlY9w",
      "y": "cg80sEOIDMcg5Stg4ubxpAnW_MXD71moNznzBF1toAU"
    }
  ]
}
2021-09-11 11:21:48 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-09-11 11:21:48 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2021-09-11 11:21:48 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-09-11 11:21:48 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-09-11 11:21:48
StoreOriginalClientConfiguration
No client details on configuration, created an empty original_client_config object.
2021-09-11 11:21:48
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
2021-09-11 11:21:48 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "-G0w_qPcIk6i8W1hQqjfTYka1RJJyR1l6SvZg-nbypKax1KixfnC7UUYUAxAmeJWfpowlDSIDlTNwDmp1wlwx9ci4I7gMxiuHOk0JBqPQEvvf_gG2naKnddD6S-c4jkYdGcbFr5x5KK9CDxPdCSR5eaFAao_lNkJIvtQgiH_cFk",
      "kty": "RSA",
      "q": "zhrW4P6621vuHeQ67Adjpo8CYD46ABnytL-6yHMcoy_4kglDseFdBTxP2LRgypldp6S5bsZf8nE16F-ta17Wsu7wl4oNkUbA_AUkF6ok2Jox8RdGCu33HFdiq3egnaorBMf4OiPf0psiGS9aqJSEi5h2R8S_Yr9H89PIQLIOsQU",
      "d": "uwTWRFRIJQvlPwdOxKT5ABgipJjjIRA4UolpsIvoIqRNbU7ujnlLoiGPyFdZiQ_Hk9ojS-3Qb6XbmXlvQizW7s_gNMaD-3gCEoL27wJCvZziTJDbK7WmXtHeBFr4_efBPmtnK3BOygt0-4hMMhkt_hzV9J9W1Q7GOKGkDXarKLOZJtHoCfwHASiKfIvp2uDReMekSK-GTcSDpjCSSq5C86w688gTKEzgrnGmrz39gTF11PLUpO6pg0Ahuu28HF-uaUte1WJ7ZCSSYiBEUkH7JyIILtpDxoT30dVNXl7Ci6VOPhrClNYiYMW57a8E60SFzkrMUi09A6iY_kiSv0O9YQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "Shde4jljSiTNtuYmtL_fHLniKo4BSYZohKHXdBx2O9ZFzd0P5VNlDLPBKZEVhNvo4r3gQxT0W2dGLCPCKkXG6Wqey_L_nFGgAaJ6myUlfGrEWHWeJL8xQNgRH2M7x9N7NfGPkt1hxo-b4eKJH0CpyAiws5nBtUirQi8tumkEF8U",
      "dp": "h0a2QkMqMQhPFFZyeuEIT-lT0ijWQwyeHP2CwaFLzSBN5jIqbtHVgmx4k8ZIO0OTw_bkcx-z4tHtBDqiMHV0k22kEVHb5hcPYLDgcrR_wwxWi4GdAcNBMjgxQ75omItstJ4ckyL7U_wGIYDt5xmu1NjVHpX9b2lL31-odGRc-2k",
      "alg": "RS256",
      "dq": "KP_j0Pw7VZmzA5U8N2m85Aw8z8JxLUX8JwKg-HEVuEy5qOtY4RDQvVLjG1u-iW7613eIP8YMniDxNVmbGOnT0eKAT9Txn_2wNDIdnOuGyuPZnXkgwNnXt3aWtT9l3xdT2W6iLYanZrDflpz57uEkgNSCawJzhARDHvj5NA13qLU",
      "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"
    }
  ]
}
2021-09-11 11:21:48 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-09-11 11:21:48
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2021-09-11 11:21:48
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
OIDF Conformance Test V5wni5KzyfHgEqA
2021-09-11 11:21:48
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2021-09-11 11:21:48
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2021-09-11 11:21:48
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"
      }
    ]
  }
}
2021-09-11 11:21:48
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2021-09-11 11:21:48
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ]
}
2021-09-11 11:21:48
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/idpy/callback"
  ]
}
2021-09-11 11:21:48
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/idpy/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2021-09-11 11:21:48
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2021-09-11 11:21:48
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://89.45.234.133:4000/registration
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "739"
}
request_body
{"client_name":"OIDF Conformance Test V5wni5KzyfHgEqA","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/a/idpy/callback"],"contacts":["certification@oidf.org"]}
2021-09-11 11:21:48 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
CREATED
response_headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "1151",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "set-cookie": "oidc_op_rp\u003d1631359308|8Roipa7tUMXNp1xm|r+Gnd+mGGwMNOxJ+pu6dcJi/sIHheU6I2+silVSiiQS/3I9G6ampI82FFCafjYQO6ipZY5Qi2nOizE/WM8TACQNhAEyD0LjamHDZgJB5/HJU+entgRQMrSiKy9+Usm8VOHGaDKcFlg4\u003d|XS54FXpkoowCJ+oHhJL7iw\u003d\u003d; Secure; HttpOnly; Path\u003d/; SameSite\u003dLax",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:48 GMT"
}
response_body
{"client_id": "_qNPPJzOM96ZBpUgQ5KNdg", "registration_access_token": "UskPZp5NIUGhuw0hoA25PUUnmz6BHr1zHfG8QDWZde4", "registration_client_uri": "https://89.45.234.133:4000/registration_api?client_id=_qNPPJzOM96ZBpUgQ5KNdg", "client_id_issued_at": 1631359308, "client_secret": "db27dc735eea14956e3f75306e10a2a15fb284cd26aec0362779e27e", "client_secret_expires_at": 1633951308, "application_type": "web", "response_types": ["code id_token"], "client_name": "OIDF Conformance Test V5wni5KzyfHgEqA", "grant_types": ["authorization_code", "implicit", "refresh_token"], "jwks": {"keys": [{"kty": "RSA", "e": "AQAB", "alg": "RS256", "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"}]}, "token_endpoint_auth_method": "client_secret_basic", "contacts": ["certification@oidf.org"], "redirect_uris": ["https://www.certification.openid.net/test/a/idpy/callback"]}
2021-09-11 11:21:48
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "1151",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "set-cookie": "oidc_op_rp\u003d1631359308|8Roipa7tUMXNp1xm|r+Gnd+mGGwMNOxJ+pu6dcJi/sIHheU6I2+silVSiiQS/3I9G6ampI82FFCafjYQO6ipZY5Qi2nOizE/WM8TACQNhAEyD0LjamHDZgJB5/HJU+entgRQMrSiKy9+Usm8VOHGaDKcFlg4\u003d|XS54FXpkoowCJ+oHhJL7iw\u003d\u003d; Secure; HttpOnly; Path\u003d/; SameSite\u003dLax",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:48 GMT"
}
body
{"client_id": "_qNPPJzOM96ZBpUgQ5KNdg", "registration_access_token": "UskPZp5NIUGhuw0hoA25PUUnmz6BHr1zHfG8QDWZde4", "registration_client_uri": "https://89.45.234.133:4000/registration_api?client_id=_qNPPJzOM96ZBpUgQ5KNdg", "client_id_issued_at": 1631359308, "client_secret": "db27dc735eea14956e3f75306e10a2a15fb284cd26aec0362779e27e", "client_secret_expires_at": 1633951308, "application_type": "web", "response_types": ["code id_token"], "client_name": "OIDF Conformance Test V5wni5KzyfHgEqA", "grant_types": ["authorization_code", "implicit", "refresh_token"], "jwks": {"keys": [{"kty": "RSA", "e": "AQAB", "alg": "RS256", "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"}]}, "token_endpoint_auth_method": "client_secret_basic", "contacts": ["certification@oidf.org"], "redirect_uris": ["https://www.certification.openid.net/test/a/idpy/callback"]}
body_json
{
  "client_id": "_qNPPJzOM96ZBpUgQ5KNdg",
  "registration_access_token": "UskPZp5NIUGhuw0hoA25PUUnmz6BHr1zHfG8QDWZde4",
  "registration_client_uri": "https://89.45.234.133:4000/registration_api?client_id\u003d_qNPPJzOM96ZBpUgQ5KNdg",
  "client_id_issued_at": 1631359308,
  "client_secret": "db27dc735eea14956e3f75306e10a2a15fb284cd26aec0362779e27e",
  "client_secret_expires_at": 1633951308,
  "application_type": "web",
  "response_types": [
    "code id_token"
  ],
  "client_name": "OIDF Conformance Test V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "alg": "RS256",
        "n": "yAHpCX9pLpEGytGf_jYBRBwzeDabWhFgMIhnaLtat1nv7GaZKRoBV76a--gYkLabyxY907LEsKqwR0Wndf5GcG16rsWfd38oBKqY9mA7OCokW8RtlgENlTunWLRbDlPjd_Nbc-Kd1-Fqs3pnM7oi4QTkYWQJKJ_TyHjutsrvpH-PCh0McktVIYKTNeG0pIRspFkq-PIZwUgSVkGbbVpFp-_C-30GM22vlnvPgjFHzjva2BAt9yGP6hXX01wPOsGh3uKbD9TgcaGDbRvXb5fEb1yN5Gl-V3jRcQxMhgnGEA3Jw9TNiLx2uW3mFdvgd9_6Sno2tcPIDgt4UKJiTYi6vQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "contacts": [
    "certification@oidf.org"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/idpy/callback"
  ]
}
2021-09-11 11:21:48 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2021-09-11 11:21:48 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
http_status
201
2021-09-11 11:21:48 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2021-09-11 11:21:48 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
_qNPPJzOM96ZBpUgQ5KNdg
2021-09-11 11:21:48 SUCCESS
ExtractClientManagementCredentials
Extracted dynamic registration management credentials
registration_client_uri
https://89.45.234.133:4000/registration_api?client_id=_qNPPJzOM96ZBpUgQ5KNdg
registration_access_token
UskPZp5NIUGhuw0hoA25PUUnmz6BHr1zHfG8QDWZde4
2021-09-11 11:21:48
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2021-09-11 11:21:48
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
Set scope in client configuration to "openid offline_access"as 'scope_supported' contains 'offline_access'
scope
openid offline_access
2021-09-11 11:21:48 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_post",
  "client_secret_basic",
  "client_secret_jwt",
  "private_key_jwt"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2021-09-11 11:21:48
StoreOriginalClient2Configuration
Found a original_client_config object
client_name
Anything
2021-09-11 11:21:48
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Anything
2021-09-11 11:21:48 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "9ogWEl5QaIO-lNSeg-eNrUhO2GNO6rmBRU3hBgtdqGpe3PuQD1F2XzqNmcmK9MDvIEDAT28uXTrCIWEuusNuflf0IJK-mbSr6r15FKw5M5N-2zpRUY08Q1K-exf5v4UhFGdxXbtrBMfGUEf_IAx0JplgGXEn9bPFqCvyfJZEVqk",
      "kty": "RSA",
      "q": "oRL3bnAWQXvHSG2aX-yHqHzA7uGhS_CjG_CIlDGF1jd4SQbAmNqUShfVkoLL5_pCsxw2NpckQVVWr8eRixAK_9ZTp3B75Sl1DPM_CHPaTxduWPM2RurfT9ZHVredOxxxlQ-FZUTb7CBXbn8ysG09LxH75tTneEAtoNPmqXteh-U",
      "d": "HDq_gDyTAMym4JuRvhConxuqyo2Kt5XOkCcMDD0uUKr4WGCwsPfVTO_4bC_zfZO2aN5gmB0IgxNGDLlcp5KGV0BjIBySdo_OmiIfGsG-1z7egD-GrltWWt6FkAQujMxCEByrfazBfirjTtjrLSaX6KvzZEJQ9Ulohi2QECt9R-0gBiFIcwZ4OTY8JErT4r_o0DMQW-232BzuqpVRokcMvbiVsb-pt-8jOWeTHqcx9F4X8CcfqQV5W0TYSJqJ5Mah0WJLhoQdgYuwDlSoJV82f4mMCXTVBelcaJhiCuMJCfJ0XJuaRGbj3PqDm7rPv514ekLbn5pgmeZmT6pzob9RYQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "2d07ehSKIrpuqZDcxkI6xLyDnKV5wBjbTJjP_WZu-o2zVB9SPzteS_BJVEkU7qmDQHcnREwilgZ21wgTAGYmo2969H3JU-rbDJz6UGbVwSBRz5WWbNaqaHxhX-0tGI9ItKzciVNiRkLEIWxtbmE_N9zyANzo9FayFV60OGFLbDI",
      "dp": "1UgioD2MHv9rT-MqSD95aKKX48j2q0dVuRmJRetrWZq8-z2AAmCdogFMI_IjD2AjAKpENfSgDfQZozsqbFVLMG7zO4L49o1B9lF5gRMGYcKHCy7Gz2D689uQA3pYjQKl_bsIbukHyxjyTt4asCVWD1a9twUYZw7iP33VyUdPVBE",
      "alg": "RS256",
      "dq": "P0rMn0C7_g89R2CKAJdY1wPua--NCeIMtbXWdSTgikRRp6BXnbiF_HdRHLj4lrbn7qlvRBQv0txNq9SnhBVRvSXiyTCR_oJD1ErgwdmENv_mBF3NPiCcjyqL7a9IwSl0GDZ5HEnqgOZUdL7WlCzYld5jNVkDe2T8iO26_W3Uv2E",
      "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"
    }
  ]
}
2021-09-11 11:21:48 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-09-11 11:21:48
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2021-09-11 11:21:48
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Anything V5wni5KzyfHgEqA
2021-09-11 11:21:48
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2021-09-11 11:21:48
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2021-09-11 11:21:48
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Anything V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"
      }
    ]
  }
}
2021-09-11 11:21:48
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Anything V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2021-09-11 11:21:48
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Anything V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ]
}
2021-09-11 11:21:48
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Anything V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/idpy/callback"
  ]
}
2021-09-11 11:21:48
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Anything V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/idpy/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2021-09-11 11:21:48
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2021-09-11 11:21:48
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://89.45.234.133:4000/registration
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "726"
}
request_body
{"client_name":"Anything V5wni5KzyfHgEqA","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/a/idpy/callback"],"contacts":["certification@oidf.org"]}
2021-09-11 11:21:49 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
CREATED
response_headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "1138",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "set-cookie": "oidc_op_rp\u003d1631359309|S7xV9d472mOsz0ZB|bhvT7afAearWDs8P3t1Gwbmgf8ijhgh2sffj+vSGMOV8GG3OYY5xEigfzewRcr430FMlB7erg0yHorDNa7BqcwCXHvCKOU4EyPepgiYx80BsYQuOhQtVVRQonTWRentNLklZOvg7Dnc\u003d|WkurGFTu2xZJgu0bmJeojg\u003d\u003d; Secure; HttpOnly; Path\u003d/; SameSite\u003dLax",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:49 GMT"
}
response_body
{"client_id": "DwgXe5kboooQhDmyomiHjw", "registration_access_token": "8TzxmdsOjJk7HUuCT0vBcCC-3Ge3IQLAzS8bMSGxoY4", "registration_client_uri": "https://89.45.234.133:4000/registration_api?client_id=DwgXe5kboooQhDmyomiHjw", "client_id_issued_at": 1631359309, "client_secret": "920725f7495d421eefe005c03e7a8b748778d7a180e7264c8fd366a2", "client_secret_expires_at": 1633951309, "application_type": "web", "response_types": ["code id_token"], "client_name": "Anything V5wni5KzyfHgEqA", "grant_types": ["authorization_code", "implicit", "refresh_token"], "jwks": {"keys": [{"kty": "RSA", "e": "AQAB", "alg": "RS256", "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"}]}, "token_endpoint_auth_method": "client_secret_basic", "contacts": ["certification@oidf.org"], "redirect_uris": ["https://www.certification.openid.net/test/a/idpy/callback"]}
2021-09-11 11:21:49
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "1138",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "set-cookie": "oidc_op_rp\u003d1631359309|S7xV9d472mOsz0ZB|bhvT7afAearWDs8P3t1Gwbmgf8ijhgh2sffj+vSGMOV8GG3OYY5xEigfzewRcr430FMlB7erg0yHorDNa7BqcwCXHvCKOU4EyPepgiYx80BsYQuOhQtVVRQonTWRentNLklZOvg7Dnc\u003d|WkurGFTu2xZJgu0bmJeojg\u003d\u003d; Secure; HttpOnly; Path\u003d/; SameSite\u003dLax",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:49 GMT"
}
body
{"client_id": "DwgXe5kboooQhDmyomiHjw", "registration_access_token": "8TzxmdsOjJk7HUuCT0vBcCC-3Ge3IQLAzS8bMSGxoY4", "registration_client_uri": "https://89.45.234.133:4000/registration_api?client_id=DwgXe5kboooQhDmyomiHjw", "client_id_issued_at": 1631359309, "client_secret": "920725f7495d421eefe005c03e7a8b748778d7a180e7264c8fd366a2", "client_secret_expires_at": 1633951309, "application_type": "web", "response_types": ["code id_token"], "client_name": "Anything V5wni5KzyfHgEqA", "grant_types": ["authorization_code", "implicit", "refresh_token"], "jwks": {"keys": [{"kty": "RSA", "e": "AQAB", "alg": "RS256", "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"}]}, "token_endpoint_auth_method": "client_secret_basic", "contacts": ["certification@oidf.org"], "redirect_uris": ["https://www.certification.openid.net/test/a/idpy/callback"]}
body_json
{
  "client_id": "DwgXe5kboooQhDmyomiHjw",
  "registration_access_token": "8TzxmdsOjJk7HUuCT0vBcCC-3Ge3IQLAzS8bMSGxoY4",
  "registration_client_uri": "https://89.45.234.133:4000/registration_api?client_id\u003dDwgXe5kboooQhDmyomiHjw",
  "client_id_issued_at": 1631359309,
  "client_secret": "920725f7495d421eefe005c03e7a8b748778d7a180e7264c8fd366a2",
  "client_secret_expires_at": 1633951309,
  "application_type": "web",
  "response_types": [
    "code id_token"
  ],
  "client_name": "Anything V5wni5KzyfHgEqA",
  "grant_types": [
    "authorization_code",
    "implicit",
    "refresh_token"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "alg": "RS256",
        "n": "mx3ZusJRYK__QRwPky_FnPjDtm3LLhgg7L0O8eyxwsUEeNIyj8bIck0VqRRGxyAAnQv8noY_qg3N0T0uJV9cvaC1Vni5r-cKfpwRtIIbBdp5xGqyD-I5LyzN766T_kHepy03RuaMIt2VBKmbuN0Z2SW2pBBWtKXpdDqaBO1WCUmPQv4wuyVrS5RRLNJyUXiYodYz5eBYyeHmwqa8gc1uHxxbZZ1hArL2moB2CBdBmimnigRdHhuNFfM-3u7RMq2kNxVA2bApQynd06KChXq6QPtRY-qY75WEplMU9K5aBDBMrXXCztlfnV2R7HyE3f-NFVr35CRW-JYoZar8eeKkLQ"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "contacts": [
    "certification@oidf.org"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/idpy/callback"
  ]
}
2021-09-11 11:21:49 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2021-09-11 11:21:49 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
http_status
201
2021-09-11 11:21:49 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2021-09-11 11:21:49 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
DwgXe5kboooQhDmyomiHjw
2021-09-11 11:21:49 SUCCESS
ExtractClientManagementCredentials
Extracted dynamic registration management credentials
registration_client_uri
https://89.45.234.133:4000/registration_api?client_id=DwgXe5kboooQhDmyomiHjw
registration_access_token
8TzxmdsOjJk7HUuCT0vBcCC-3Ge3IQLAzS8bMSGxoY4
2021-09-11 11:21:49
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2021-09-11 11:21:49
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
Set scope in client configuration to "openid offline_access"as 'scope_supported' contains 'offline_access'
scope
openid offline_access
2021-09-11 11:21:49 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_post",
  "client_secret_basic",
  "client_secret_jwt",
  "private_key_jwt"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2021-09-11 11:21:49 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://89.45.234.133:4000/userinfo
2021-09-11 11:21:49
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2021-09-11 11:21:49 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
_qNPPJzOM96ZBpUgQ5KNdg
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
2021-09-11 11:21:49
CreateRandomStateValue
Created state value
requested_state_length
10
state
6AFGhuUWnS
2021-09-11 11:21:49 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
_qNPPJzOM96ZBpUgQ5KNdg
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
6AFGhuUWnS
2021-09-11 11:21:49
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
JNUeyuipQs
2021-09-11 11:21:49 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
_qNPPJzOM96ZBpUgQ5KNdg
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
6AFGhuUWnS
nonce
JNUeyuipQs
2021-09-11 11:21:49 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
_qNPPJzOM96ZBpUgQ5KNdg
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
6AFGhuUWnS
nonce
JNUeyuipQs
response_type
code id_token
2021-09-11 11:21:49
SetAuthorizationEndpointRequestResponseModeToFormPost
Added response_mode parameter to request
client_id
_qNPPJzOM96ZBpUgQ5KNdg
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
6AFGhuUWnS
nonce
JNUeyuipQs
response_type
code id_token
response_mode
form_post
2021-09-11 11:21:49 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Added prompt=consent to authorization endpoint request
client_id
_qNPPJzOM96ZBpUgQ5KNdg
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
6AFGhuUWnS
nonce
JNUeyuipQs
response_type
code id_token
response_mode
form_post
prompt
consent
2021-09-11 11:21:49 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://89.45.234.133:4000/authorization?client_id=_qNPPJzOM96ZBpUgQ5KNdg&redirect_uri=https://www.certification.openid.net/test/a/idpy/callback&scope=openid%20offline_access&state=6AFGhuUWnS&nonce=JNUeyuipQs&response_type=code%20id_token&response_mode=form_post&prompt=consent
2021-09-11 11:21:49 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://89.45.234.133:4000/authorization?client_id=_qNPPJzOM96ZBpUgQ5KNdg&redirect_uri=https://www.certification.openid.net/test/a/idpy/callback&scope=openid%20offline_access&state=6AFGhuUWnS&nonce=JNUeyuipQs&response_type=code%20id_token&response_mode=form_post&prompt=consent
2021-09-11 11:21:56 INCOMING
oidcc-refresh-token
Incoming HTTP request to test instance V5wni5KzyfHgEqA
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "origin": "https://89.45.234.133:4000",
  "accept-encoding": "gzip, deflate, br",
  "cookie": "JSESSIONID\u003d957CBD0728A302FA7FF79E11B3D34B21; __utma\u003d201319536.1870777121.1629795278.1631344149.1631352103.13; __utmc\u003d201319536; __utmz\u003d201319536.1631260756.11.4.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/plan-detail.html; expected_tab\u003dgoogleplus; welcome_info_name\u003dRoland%20Hedberg",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,*/*;q\u003d0.8",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15",
  "referer": "https://89.45.234.133:4000/verify/user",
  "accept-language": "en-us",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "2030",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
callback
incoming_body_form_params
{
  "state": "6AFGhuUWnS",
  "scope": "[\u0027openid\u0027, \u0027offline_access\u0027]",
  "code": "Z0FBQUFBQmhQSkZVa1dQVU9wdWExUkdpNTBzWTVXNXJxWGNkLVg4VnR5ZzFxcFU3d2xWWmVpU3M4WlU2cWdfX3A2MlROWGY2MklBcTRmaFhtSWVYVjlmUTQ1MGdoR3FXZVU1RE1idjhIVHdockZVVTFubzJaYnRDYVdPLVhQc3l0UTltVGdpa0lOZmF0VWstazRwS3JzQ3VBZ2ZwUFFSQUd0Y1owNVRVOHlVYmstWGRjUlN1S2tNT2dKaGZpeFpXVGFpUVNVWmZHVEFJTUtyYl8wNEZYVjQzSU9XcTdON1ZqcG5QT3NNMjh6bW1sMGVSUExlY0w0U3ZqcXZ5dVNNTzBMYmVGNTEwclBodk1STk8xRkU3N0ZjS0VRNUhIaGxHZjRIZTRDYkZnbXJGTlo2R1FROU1DSjZ3RTNGYjZRTnQtR0FhMUladDNvX0dVQS14ak9UQmRrbU1vMTNuTzNuNS1McDVCRDJidEFRZHZxTXQ1WVpZWHhCSTVvSHVmQ2NtcHdBSnBGNzV4NEUxbGM2eFk4aDc3RVN6THQ5TDJPeEtDOGhnclUtYkc0UjlLb2JSWEFYZXRBSDY1RXNmaF9wRE9hejBxdmhLM2QzcTRSQ2pUY2ptaWlnSVRENWdnbHFPT2tleWpxeWtOR2lIVjIza3RYUUdvOFg2eWRkeXlMdkZ6VmxmcXFrR1MtT1IteTk5ZFpWNzBWX1VGblcyNkhDbWNjazdZU0pHUGZMYzlHV0tyUElpX0lFazJ1SVlQNU9PR0JXaUNKY1hBdmx5UTdNM1FIYXNrZmRYZEdJdkwwa0F4RUNWdDg4azZEdHh2UVdaQnB5TzFFT1JfVUYyTHhFQXdtQ01TUDhPSy1PVQ\u003d\u003d",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzhkYTZiMjAxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAiY19oYXNoIjogImNudm5DWGE1SnpNV21xZDRiREcxZ2ciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.TqbVuKaOjhBY-cFSquGDbVLfj2mRoBEAlylqqgqdOQIlpCgO6wmckJI7xBxoKc5NDk6qlSnImHC8MvqNS-RYMQStXWS1Xmz-cNfg0FxvSd414Dv8bSxUANEwhkTlMeoawPrpwudmP1YkORIhlfMivhLoyZUYdlVup7sgDOCyXS0miHMOWbC8thCMdCWgVvkB58GVKejpOO1vlczueWzw4iNXE9X3avoEcwIeLd2xqE3SKU3TPsQ8cigAYQkBxtN0kR8ngPhNbEDb975I4zGEZZ4Gtgp6DgHs-a7x42oMc4XvsjofGEaoEaDoVA48Mrtclm_7z83IhaRFz13Kg8ejNA"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
state=6AFGhuUWnS&scope=%5B%27openid%27%2C+%27offline_access%27%5D&code=Z0FBQUFBQmhQSkZVa1dQVU9wdWExUkdpNTBzWTVXNXJxWGNkLVg4VnR5ZzFxcFU3d2xWWmVpU3M4WlU2cWdfX3A2MlROWGY2MklBcTRmaFhtSWVYVjlmUTQ1MGdoR3FXZVU1RE1idjhIVHdockZVVTFubzJaYnRDYVdPLVhQc3l0UTltVGdpa0lOZmF0VWstazRwS3JzQ3VBZ2ZwUFFSQUd0Y1owNVRVOHlVYmstWGRjUlN1S2tNT2dKaGZpeFpXVGFpUVNVWmZHVEFJTUtyYl8wNEZYVjQzSU9XcTdON1ZqcG5QT3NNMjh6bW1sMGVSUExlY0w0U3ZqcXZ5dVNNTzBMYmVGNTEwclBodk1STk8xRkU3N0ZjS0VRNUhIaGxHZjRIZTRDYkZnbXJGTlo2R1FROU1DSjZ3RTNGYjZRTnQtR0FhMUladDNvX0dVQS14ak9UQmRrbU1vMTNuTzNuNS1McDVCRDJidEFRZHZxTXQ1WVpZWHhCSTVvSHVmQ2NtcHdBSnBGNzV4NEUxbGM2eFk4aDc3RVN6THQ5TDJPeEtDOGhnclUtYkc0UjlLb2JSWEFYZXRBSDY1RXNmaF9wRE9hejBxdmhLM2QzcTRSQ2pUY2ptaWlnSVRENWdnbHFPT2tleWpxeWtOR2lIVjIza3RYUUdvOFg2eWRkeXlMdkZ6VmxmcXFrR1MtT1IteTk5ZFpWNzBWX1VGblcyNkhDbWNjazdZU0pHUGZMYzlHV0tyUElpX0lFazJ1SVlQNU9PR0JXaUNKY1hBdmx5UTdNM1FIYXNrZmRYZEdJdkwwa0F4RUNWdDg4azZEdHh2UVdaQnB5TzFFT1JfVUYyTHhFQXdtQ01TUDhPSy1PVQ%3D%3D&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzhkYTZiMjAxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAiY19oYXNoIjogImNudm5DWGE1SnpNV21xZDRiREcxZ2ciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.TqbVuKaOjhBY-cFSquGDbVLfj2mRoBEAlylqqgqdOQIlpCgO6wmckJI7xBxoKc5NDk6qlSnImHC8MvqNS-RYMQStXWS1Xmz-cNfg0FxvSd414Dv8bSxUANEwhkTlMeoawPrpwudmP1YkORIhlfMivhLoyZUYdlVup7sgDOCyXS0miHMOWbC8thCMdCWgVvkB58GVKejpOO1vlczueWzw4iNXE9X3avoEcwIeLd2xqE3SKU3TPsQ8cigAYQkBxtN0kR8ngPhNbEDb975I4zGEZZ4Gtgp6DgHs-a7x42oMc4XvsjofGEaoEaDoVA48Mrtclm_7z83IhaRFz13Kg8ejNA
2021-09-11 11:21:56 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/zZZ8oaKRg5EeAvK8aJ0z",
  "fullUrl": "https://www.certification.openid.net/test/a/idpy/implicit/zZZ8oaKRg5EeAvK8aJ0z"
}
2021-09-11 11:21:56 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance V5wni5KzyfHgEqA
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/idpy/implicit/zZZ8oaKRg5EeAvK8aJ0z, returnUrl=/log-detail.html?log=V5wni5KzyfHgEqA}]
outgoing_path
callback
2021-09-11 11:21:56 INCOMING
oidcc-refresh-token
Incoming HTTP request to test instance V5wni5KzyfHgEqA
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "*/*",
  "x-requested-with": "XMLHttpRequest",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-us",
  "content-type": "text/plain",
  "origin": "https://www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15",
  "referer": "https://www.certification.openid.net/test/a/idpy/callback",
  "cookie": "JSESSIONID\u003d957CBD0728A302FA7FF79E11B3D34B21; __utma\u003d201319536.1870777121.1629795278.1631344149.1631352103.13; __utmc\u003d201319536; __utmz\u003d201319536.1631260756.11.4.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/plan-detail.html; expected_tab\u003dgoogleplus; welcome_info_name\u003dRoland%20Hedberg",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/zZZ8oaKRg5EeAvK8aJ0z
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-09-11 11:21:56 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance V5wni5KzyfHgEqA
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/zZZ8oaKRg5EeAvK8aJ0z
2021-09-11 11:21:56 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2021-09-11 11:21:56 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "origin": "https://89.45.234.133:4000",
  "accept-encoding": "gzip, deflate, br",
  "cookie": "JSESSIONID\u003d957CBD0728A302FA7FF79E11B3D34B21; __utma\u003d201319536.1870777121.1629795278.1631344149.1631352103.13; __utmc\u003d201319536; __utmz\u003d201319536.1631260756.11.4.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/plan-detail.html; expected_tab\u003dgoogleplus; welcome_info_name\u003dRoland%20Hedberg",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,*/*;q\u003d0.8",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15",
  "referer": "https://89.45.234.133:4000/verify/user",
  "accept-language": "en-us",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "2030",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
http_method
POST
url_fragment
{}
post_body
{
  "state": "6AFGhuUWnS",
  "scope": "[\u0027openid\u0027, \u0027offline_access\u0027]",
  "code": "Z0FBQUFBQmhQSkZVa1dQVU9wdWExUkdpNTBzWTVXNXJxWGNkLVg4VnR5ZzFxcFU3d2xWWmVpU3M4WlU2cWdfX3A2MlROWGY2MklBcTRmaFhtSWVYVjlmUTQ1MGdoR3FXZVU1RE1idjhIVHdockZVVTFubzJaYnRDYVdPLVhQc3l0UTltVGdpa0lOZmF0VWstazRwS3JzQ3VBZ2ZwUFFSQUd0Y1owNVRVOHlVYmstWGRjUlN1S2tNT2dKaGZpeFpXVGFpUVNVWmZHVEFJTUtyYl8wNEZYVjQzSU9XcTdON1ZqcG5QT3NNMjh6bW1sMGVSUExlY0w0U3ZqcXZ5dVNNTzBMYmVGNTEwclBodk1STk8xRkU3N0ZjS0VRNUhIaGxHZjRIZTRDYkZnbXJGTlo2R1FROU1DSjZ3RTNGYjZRTnQtR0FhMUladDNvX0dVQS14ak9UQmRrbU1vMTNuTzNuNS1McDVCRDJidEFRZHZxTXQ1WVpZWHhCSTVvSHVmQ2NtcHdBSnBGNzV4NEUxbGM2eFk4aDc3RVN6THQ5TDJPeEtDOGhnclUtYkc0UjlLb2JSWEFYZXRBSDY1RXNmaF9wRE9hejBxdmhLM2QzcTRSQ2pUY2ptaWlnSVRENWdnbHFPT2tleWpxeWtOR2lIVjIza3RYUUdvOFg2eWRkeXlMdkZ6VmxmcXFrR1MtT1IteTk5ZFpWNzBWX1VGblcyNkhDbWNjazdZU0pHUGZMYzlHV0tyUElpX0lFazJ1SVlQNU9PR0JXaUNKY1hBdmx5UTdNM1FIYXNrZmRYZEdJdkwwa0F4RUNWdDg4azZEdHh2UVdaQnB5TzFFT1JfVUYyTHhFQXdtQ01TUDhPSy1PVQ\u003d\u003d",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzhkYTZiMjAxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAiY19oYXNoIjogImNudm5DWGE1SnpNV21xZDRiREcxZ2ciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.TqbVuKaOjhBY-cFSquGDbVLfj2mRoBEAlylqqgqdOQIlpCgO6wmckJI7xBxoKc5NDk6qlSnImHC8MvqNS-RYMQStXWS1Xmz-cNfg0FxvSd414Dv8bSxUANEwhkTlMeoawPrpwudmP1YkORIhlfMivhLoyZUYdlVup7sgDOCyXS0miHMOWbC8thCMdCWgVvkB58GVKejpOO1vlczueWzw4iNXE9X3avoEcwIeLd2xqE3SKU3TPsQ8cigAYQkBxtN0kR8ngPhNbEDb975I4zGEZZ4Gtgp6DgHs-a7x42oMc4XvsjofGEaoEaDoVA48Mrtclm_7z83IhaRFz13Kg8ejNA"
}
Verify authorization endpoint response
2021-09-11 11:21:56 SUCCESS
CheckCallbackHttpMethodIsPost
HTTP method used at redirect_uri is 'POST'
2021-09-11 11:21:56 SUCCESS
CheckCallbackContentTypeIsFormUrlEncoded
content-type header to redirect_uri has the expected value
content_type
application/x-www-form-urlencoded
expected
application/x-www-form-urlencoded
2021-09-11 11:21:56 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2021-09-11 11:21:56 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2021-09-11 11:21:56 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2021-09-11 11:21:56
ValidateIssInAuthorizationResponse
No 'iss' value in authorization response.
2021-09-11 11:21:56 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2021-09-11 11:21:56 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
6AFGhuUWnS
2021-09-11 11:21:56 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
Z0FBQUFBQmhQSkZVa1dQVU9wdWExUkdpNTBzWTVXNXJxWGNkLVg4VnR5ZzFxcFU3d2xWWmVpU3M4WlU2cWdfX3A2MlROWGY2MklBcTRmaFhtSWVYVjlmUTQ1MGdoR3FXZVU1RE1idjhIVHdockZVVTFubzJaYnRDYVdPLVhQc3l0UTltVGdpa0lOZmF0VWstazRwS3JzQ3VBZ2ZwUFFSQUd0Y1owNVRVOHlVYmstWGRjUlN1S2tNT2dKaGZpeFpXVGFpUVNVWmZHVEFJTUtyYl8wNEZYVjQzSU9XcTdON1ZqcG5QT3NNMjh6bW1sMGVSUExlY0w0U3ZqcXZ5dVNNTzBMYmVGNTEwclBodk1STk8xRkU3N0ZjS0VRNUhIaGxHZjRIZTRDYkZnbXJGTlo2R1FROU1DSjZ3RTNGYjZRTnQtR0FhMUladDNvX0dVQS14ak9UQmRrbU1vMTNuTzNuNS1McDVCRDJidEFRZHZxTXQ1WVpZWHhCSTVvSHVmQ2NtcHdBSnBGNzV4NEUxbGM2eFk4aDc3RVN6THQ5TDJPeEtDOGhnclUtYkc0UjlLb2JSWEFYZXRBSDY1RXNmaF9wRE9hejBxdmhLM2QzcTRSQ2pUY2ptaWlnSVRENWdnbHFPT2tleWpxeWtOR2lIVjIza3RYUUdvOFg2eWRkeXlMdkZ6VmxmcXFrR1MtT1IteTk5ZFpWNzBWX1VGblcyNkhDbWNjazdZU0pHUGZMYzlHV0tyUElpX0lFazJ1SVlQNU9PR0JXaUNKY1hBdmx5UTdNM1FIYXNrZmRYZEdJdkwwa0F4RUNWdDg4azZEdHh2UVdaQnB5TzFFT1JfVUYyTHhFQXdtQ01TUDhPSy1PVQ==
2021-09-11 11:21:56 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzhkYTZiMjAxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAiY19oYXNoIjogImNudm5DWGE1SnpNV21xZDRiREcxZ2ciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.TqbVuKaOjhBY-cFSquGDbVLfj2mRoBEAlylqqgqdOQIlpCgO6wmckJI7xBxoKc5NDk6qlSnImHC8MvqNS-RYMQStXWS1Xmz-cNfg0FxvSd414Dv8bSxUANEwhkTlMeoawPrpwudmP1YkORIhlfMivhLoyZUYdlVup7sgDOCyXS0miHMOWbC8thCMdCWgVvkB58GVKejpOO1vlczueWzw4iNXE9X3avoEcwIeLd2xqE3SKU3TPsQ8cigAYQkBxtN0kR8ngPhNbEDb975I4zGEZZ4Gtgp6DgHs-a7x42oMc4XvsjofGEaoEaDoVA48Mrtclm_7z83IhaRFz13Kg8ejNA
header
{
  "kid": "T3k1MXJDY0NJZWlEbGs3S1lCaWdWRmpXeEdNWWl4TE1WWThrdzZtUXZXQQ",
  "alg": "RS256"
}
claims
{
  "sub": "46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956",
  "acr": "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword",
  "c_hash": "cnvnCXa5JzMWmqd4bDG1gg",
  "aud": "_qNPPJzOM96ZBpUgQ5KNdg",
  "auth_time": 1631359316,
  "scope": [
    "openid",
    "offline_access"
  ],
  "iss": "https://89.45.234.133:4000",
  "exp": 1631359616,
  "nonce": "JNUeyuipQs",
  "iat": 1631359316,
  "jti": "78da6b2012f211ec8c99b12594190b0f",
  "client_id": "_qNPPJzOM96ZBpUgQ5KNdg"
}
2021-09-11 11:21:56 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2021-09-11 11:21:56 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
JNUeyuipQs
2021-09-11 11:21:56 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2021-09-11 11:21:56 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzhkYTZiMjAxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAiY19oYXNoIjogImNudm5DWGE1SnpNV21xZDRiREcxZ2ciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.TqbVuKaOjhBY-cFSquGDbVLfj2mRoBEAlylqqgqdOQIlpCgO6wmckJI7xBxoKc5NDk6qlSnImHC8MvqNS-RYMQStXWS1Xmz-cNfg0FxvSd414Dv8bSxUANEwhkTlMeoawPrpwudmP1YkORIhlfMivhLoyZUYdlVup7sgDOCyXS0miHMOWbC8thCMdCWgVvkB58GVKejpOO1vlczueWzw4iNXE9X3avoEcwIeLd2xqE3SKU3TPsQ8cigAYQkBxtN0kR8ngPhNbEDb975I4zGEZZ4Gtgp6DgHs-a7x42oMc4XvsjofGEaoEaDoVA48Mrtclm_7z83IhaRFz13Kg8ejNA
2021-09-11 11:21:56 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzhkYTZiMjAxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAiY19oYXNoIjogImNudm5DWGE1SnpNV21xZDRiREcxZ2ciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.TqbVuKaOjhBY-cFSquGDbVLfj2mRoBEAlylqqgqdOQIlpCgO6wmckJI7xBxoKc5NDk6qlSnImHC8MvqNS-RYMQStXWS1Xmz-cNfg0FxvSd414Dv8bSxUANEwhkTlMeoawPrpwudmP1YkORIhlfMivhLoyZUYdlVup7sgDOCyXS0miHMOWbC8thCMdCWgVvkB58GVKejpOO1vlczueWzw4iNXE9X3avoEcwIeLd2xqE3SKU3TPsQ8cigAYQkBxtN0kR8ngPhNbEDb975I4zGEZZ4Gtgp6DgHs-a7x42oMc4XvsjofGEaoEaDoVA48Mrtclm_7z83IhaRFz13Kg8ejNA
2021-09-11 11:21:56 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956
2021-09-11 11:21:56 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
grant_type
authorization_code
code
Z0FBQUFBQmhQSkZVa1dQVU9wdWExUkdpNTBzWTVXNXJxWGNkLVg4VnR5ZzFxcFU3d2xWWmVpU3M4WlU2cWdfX3A2MlROWGY2MklBcTRmaFhtSWVYVjlmUTQ1MGdoR3FXZVU1RE1idjhIVHdockZVVTFubzJaYnRDYVdPLVhQc3l0UTltVGdpa0lOZmF0VWstazRwS3JzQ3VBZ2ZwUFFSQUd0Y1owNVRVOHlVYmstWGRjUlN1S2tNT2dKaGZpeFpXVGFpUVNVWmZHVEFJTUtyYl8wNEZYVjQzSU9XcTdON1ZqcG5QT3NNMjh6bW1sMGVSUExlY0w0U3ZqcXZ5dVNNTzBMYmVGNTEwclBodk1STk8xRkU3N0ZjS0VRNUhIaGxHZjRIZTRDYkZnbXJGTlo2R1FROU1DSjZ3RTNGYjZRTnQtR0FhMUladDNvX0dVQS14ak9UQmRrbU1vMTNuTzNuNS1McDVCRDJidEFRZHZxTXQ1WVpZWHhCSTVvSHVmQ2NtcHdBSnBGNzV4NEUxbGM2eFk4aDc3RVN6THQ5TDJPeEtDOGhnclUtYkc0UjlLb2JSWEFYZXRBSDY1RXNmaF9wRE9hejBxdmhLM2QzcTRSQ2pUY2ptaWlnSVRENWdnbHFPT2tleWpxeWtOR2lIVjIza3RYUUdvOFg2eWRkeXlMdkZ6VmxmcXFrR1MtT1IteTk5ZFpWNzBWX1VGblcyNkhDbWNjazdZU0pHUGZMYzlHV0tyUElpX0lFazJ1SVlQNU9PR0JXaUNKY1hBdmx5UTdNM1FIYXNrZmRYZEdJdkwwa0F4RUNWdDg4azZEdHh2UVdaQnB5TzFFT1JfVUYyTHhFQXdtQ01TUDhPSy1PVQ==
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
2021-09-11 11:21:56 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic X3FOUFBKek9NOTZaQnBVZ1E1S05kZzpkYjI3ZGM3MzVlZWExNDk1NmUzZjc1MzA2ZTEwYTJhMTVmYjI4NGNkMjZhZWMwMzYyNzc5ZTI3ZQ==
2021-09-11 11:21:56
CallTokenEndpoint
HTTP request
request_uri
https://89.45.234.133:4000/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Basic X3FOUFBKek9NOTZaQnBVZ1E1S05kZzpkYjI3ZGM3MzVlZWExNDk1NmUzZjc1MzA2ZTEwYTJhMTVmYjI4NGNkMjZhZWMwMzYyNzc5ZTI3ZQ\u003d\u003d",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "996"
}
request_body
grant_type=authorization_code&code=Z0FBQUFBQmhQSkZVa1dQVU9wdWExUkdpNTBzWTVXNXJxWGNkLVg4VnR5ZzFxcFU3d2xWWmVpU3M4WlU2cWdfX3A2MlROWGY2MklBcTRmaFhtSWVYVjlmUTQ1MGdoR3FXZVU1RE1idjhIVHdockZVVTFubzJaYnRDYVdPLVhQc3l0UTltVGdpa0lOZmF0VWstazRwS3JzQ3VBZ2ZwUFFSQUd0Y1owNVRVOHlVYmstWGRjUlN1S2tNT2dKaGZpeFpXVGFpUVNVWmZHVEFJTUtyYl8wNEZYVjQzSU9XcTdON1ZqcG5QT3NNMjh6bW1sMGVSUExlY0w0U3ZqcXZ5dVNNTzBMYmVGNTEwclBodk1STk8xRkU3N0ZjS0VRNUhIaGxHZjRIZTRDYkZnbXJGTlo2R1FROU1DSjZ3RTNGYjZRTnQtR0FhMUladDNvX0dVQS14ak9UQmRrbU1vMTNuTzNuNS1McDVCRDJidEFRZHZxTXQ1WVpZWHhCSTVvSHVmQ2NtcHdBSnBGNzV4NEUxbGM2eFk4aDc3RVN6THQ5TDJPeEtDOGhnclUtYkc0UjlLb2JSWEFYZXRBSDY1RXNmaF9wRE9hejBxdmhLM2QzcTRSQ2pUY2ptaWlnSVRENWdnbHFPT2tleWpxeWtOR2lIVjIza3RYUUdvOFg2eWRkeXlMdkZ6VmxmcXFrR1MtT1IteTk5ZFpWNzBWX1VGblcyNkhDbWNjazdZU0pHUGZMYzlHV0tyUElpX0lFazJ1SVlQNU9PR0JXaUNKY1hBdmx5UTdNM1FIYXNrZmRYZEdJdkwwa0F4RUNWdDg4azZEdHh2UVdaQnB5TzFFT1JfVUYyTHhFQXdtQ01TUDhPSy1PVQ%3D%3D&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fidpy%2Fcallback
2021-09-11 11:21:56 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "3081",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "set-cookie": "oidc_op\u003d1631359316|0QyOmrhMaDksHmTF|ZFOUl+x857DKS/er1DgU5+d4LG85HT+rXmKnB7Q6Lg9A/LxlWpZ7Pe6o/BUa/MYh1iJLrLvitS9smc7kVFAycENGuZFZYUaHKDySloVqfwnpWoiZ/fSunCkdWjjlrJcQqKTE8KpJOclPz/JhI6j5VXcD+Sei9E9gAab9RxGVrkT6MLSEKKI2217YNVhKrg8rFLImvN+qG0KbcPDf8iMxztD4q3bucicPtT6S/qO8klJTZpF7IrCz+xJhXPRyKcu/TLnYqIi0|vdy3yQfLtrxYrVY6ogtxng\u003d\u003d; Secure; HttpOnly; Path\u003d/; SameSite\u003dLax",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:56 GMT"
}
response_body
{"token_type": "Bearer", "scope": "openid offline_access", "access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3OTVmZDMwNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE2LCAiZXhwIjogMTYzMTM2MjkxNn0.IeIgXt-P7kyxGWRfNmIn8ExlXRQ2gN_bfHGXgtsf_hcm40Jfrn4ifikjLNS2rakQANW-GHMyn309Q8t_xxmsDQ", "expires_in": 1800, "refresh_token": "Z0FBQUFBQmhQSkZVcDM3UUN2UGVXemVqUG1MTTlFV2xWQks5N3VhbnBteVVhbzFJWDhBUHZXT1VnZHU1YW9zZkJkMktQdzdtakRfVnFldGFTNzAyV1QxMG5hRzh4X0ZlUjM3b2VUOHdwU2ZNT0FKWVQxME4zU1FhdjNKTFU5YzJSOHJyUVBsLXc2WHVXWmU2eGNVVW5FcjhxeGI2WnlNWlloc2ZOcVlONlQzeV83TDJXLWpKRGtHVXp2LTI3X0dQYkFrZjFDWW82SnJCWWp2WFlIN0ppTFQyY1Nfb1lFOFgtUzBxVmhOalFsZ1F2V0FZUm9jU2V3bVdaVnh4OUhpdlN3V1hNdm5kdmJtLUtZNVV4Ylo0cEhxUVRZMnlZY3pGVGo1VkxUamRqUGlFOXo1REpHWllua1FzcjkyVzl1NUFRNXBIai1xOW12R0FXd1ZqbWRvMy16NjNrY2NLS2V3MFBsYU9ORU5HTlFram0yaEVQTkhfR1h3d0J2ampBNXVqcEFDMG1oYk5YbE9KaXFBOHJIdjczWGtxQVVpZlU5SFRLR2gyWExZNFB6QmNjelJubVJhdGdWa3diOC1aZ05zeGdMcGdrNjdFT3A2bWRuWVNfcWRKclloUzFqcGhHVjVudEJPRVpPaC1MdDltYXk5WVBwbmNhemZKVW9mUjBlV3RxcVFzNGJLOTZXVjBfN3hlODAtcHhXZDBFYjRjbW12VV9QT2w4b3lqYzFSUkt3Nm1Qb3k2clpnRmdIMzR3UWZfSWpfaldVand3YmwxejVSNm8wdk1CVWNLQ1pYenF4ejNJNHJOMnR1NWZfclljLW5YSTRjc21ZU3VDUmdONVI0VGdwM3d5RUk0VlhrMA==", "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzk1ZmQzMGIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.lyvBkXHMHuuZYIpp0te9v15laIc5p9QH1DnzcDsgq-gb9luX4icadwYgjXRfAq5W1mgEvv_NYw6OxUnX_bGdNAhUi4-YZFyD9eQwOsRhbUl0C6ZgqKSrMs6-wMaDasGtWln2_WwP_HwpJU61GkkiuDOYV5U9cesJSuvhV1ljVowL7Goowy1p3m8mz3xZolJpRS6Nw90MdwokKrwfuCY5ngHWXCvtqIe5gI7RN4cVSUCcYLKopndA7ZuoTSZB9xe69S4qNbNBg1mkdb2jQ5TiiRXlSgMRmGLwt5De3DGRXvaZCHP7SYGqMTGVXUASB2OM7EjJrTKxMV1U6tSPCyQZTw"}
2021-09-11 11:21:56
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"token_type": "Bearer", "scope": "openid offline_access", "access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3OTVmZDMwNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE2LCAiZXhwIjogMTYzMTM2MjkxNn0.IeIgXt-P7kyxGWRfNmIn8ExlXRQ2gN_bfHGXgtsf_hcm40Jfrn4ifikjLNS2rakQANW-GHMyn309Q8t_xxmsDQ", "expires_in": 1800, "refresh_token": "Z0FBQUFBQmhQSkZVcDM3UUN2UGVXemVqUG1MTTlFV2xWQks5N3VhbnBteVVhbzFJWDhBUHZXT1VnZHU1YW9zZkJkMktQdzdtakRfVnFldGFTNzAyV1QxMG5hRzh4X0ZlUjM3b2VUOHdwU2ZNT0FKWVQxME4zU1FhdjNKTFU5YzJSOHJyUVBsLXc2WHVXWmU2eGNVVW5FcjhxeGI2WnlNWlloc2ZOcVlONlQzeV83TDJXLWpKRGtHVXp2LTI3X0dQYkFrZjFDWW82SnJCWWp2WFlIN0ppTFQyY1Nfb1lFOFgtUzBxVmhOalFsZ1F2V0FZUm9jU2V3bVdaVnh4OUhpdlN3V1hNdm5kdmJtLUtZNVV4Ylo0cEhxUVRZMnlZY3pGVGo1VkxUamRqUGlFOXo1REpHWllua1FzcjkyVzl1NUFRNXBIai1xOW12R0FXd1ZqbWRvMy16NjNrY2NLS2V3MFBsYU9ORU5HTlFram0yaEVQTkhfR1h3d0J2ampBNXVqcEFDMG1oYk5YbE9KaXFBOHJIdjczWGtxQVVpZlU5SFRLR2gyWExZNFB6QmNjelJubVJhdGdWa3diOC1aZ05zeGdMcGdrNjdFT3A2bWRuWVNfcWRKclloUzFqcGhHVjVudEJPRVpPaC1MdDltYXk5WVBwbmNhemZKVW9mUjBlV3RxcVFzNGJLOTZXVjBfN3hlODAtcHhXZDBFYjRjbW12VV9QT2w4b3lqYzFSUkt3Nm1Qb3k2clpnRmdIMzR3UWZfSWpfaldVand3YmwxejVSNm8wdk1CVWNLQ1pYenF4ejNJNHJOMnR1NWZfclljLW5YSTRjc21ZU3VDUmdONVI0VGdwM3d5RUk0VlhrMA==", "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzk1ZmQzMGIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.lyvBkXHMHuuZYIpp0te9v15laIc5p9QH1DnzcDsgq-gb9luX4icadwYgjXRfAq5W1mgEvv_NYw6OxUnX_bGdNAhUi4-YZFyD9eQwOsRhbUl0C6ZgqKSrMs6-wMaDasGtWln2_WwP_HwpJU61GkkiuDOYV5U9cesJSuvhV1ljVowL7Goowy1p3m8mz3xZolJpRS6Nw90MdwokKrwfuCY5ngHWXCvtqIe5gI7RN4cVSUCcYLKopndA7ZuoTSZB9xe69S4qNbNBg1mkdb2jQ5TiiRXlSgMRmGLwt5De3DGRXvaZCHP7SYGqMTGVXUASB2OM7EjJrTKxMV1U6tSPCyQZTw"}
2021-09-11 11:21:56 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
token_type
Bearer
scope
openid offline_access
access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3OTVmZDMwNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE2LCAiZXhwIjogMTYzMTM2MjkxNn0.IeIgXt-P7kyxGWRfNmIn8ExlXRQ2gN_bfHGXgtsf_hcm40Jfrn4ifikjLNS2rakQANW-GHMyn309Q8t_xxmsDQ
expires_in
1800
refresh_token
Z0FBQUFBQmhQSkZVcDM3UUN2UGVXemVqUG1MTTlFV2xWQks5N3VhbnBteVVhbzFJWDhBUHZXT1VnZHU1YW9zZkJkMktQdzdtakRfVnFldGFTNzAyV1QxMG5hRzh4X0ZlUjM3b2VUOHdwU2ZNT0FKWVQxME4zU1FhdjNKTFU5YzJSOHJyUVBsLXc2WHVXWmU2eGNVVW5FcjhxeGI2WnlNWlloc2ZOcVlONlQzeV83TDJXLWpKRGtHVXp2LTI3X0dQYkFrZjFDWW82SnJCWWp2WFlIN0ppTFQyY1Nfb1lFOFgtUzBxVmhOalFsZ1F2V0FZUm9jU2V3bVdaVnh4OUhpdlN3V1hNdm5kdmJtLUtZNVV4Ylo0cEhxUVRZMnlZY3pGVGo1VkxUamRqUGlFOXo1REpHWllua1FzcjkyVzl1NUFRNXBIai1xOW12R0FXd1ZqbWRvMy16NjNrY2NLS2V3MFBsYU9ORU5HTlFram0yaEVQTkhfR1h3d0J2ampBNXVqcEFDMG1oYk5YbE9KaXFBOHJIdjczWGtxQVVpZlU5SFRLR2gyWExZNFB6QmNjelJubVJhdGdWa3diOC1aZ05zeGdMcGdrNjdFT3A2bWRuWVNfcWRKclloUzFqcGhHVjVudEJPRVpPaC1MdDltYXk5WVBwbmNhemZKVW9mUjBlV3RxcVFzNGJLOTZXVjBfN3hlODAtcHhXZDBFYjRjbW12VV9QT2w4b3lqYzFSUkt3Nm1Qb3k2clpnRmdIMzR3UWZfSWpfaldVand3YmwxejVSNm8wdk1CVWNLQ1pYenF4ejNJNHJOMnR1NWZfclljLW5YSTRjc21ZU3VDUmdONVI0VGdwM3d5RUk0VlhrMA==
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzk1ZmQzMGIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.lyvBkXHMHuuZYIpp0te9v15laIc5p9QH1DnzcDsgq-gb9luX4icadwYgjXRfAq5W1mgEvv_NYw6OxUnX_bGdNAhUi4-YZFyD9eQwOsRhbUl0C6ZgqKSrMs6-wMaDasGtWln2_WwP_HwpJU61GkkiuDOYV5U9cesJSuvhV1ljVowL7Goowy1p3m8mz3xZolJpRS6Nw90MdwokKrwfuCY5ngHWXCvtqIe5gI7RN4cVSUCcYLKopndA7ZuoTSZB9xe69S4qNbNBg1mkdb2jQ5TiiRXlSgMRmGLwt5De3DGRXvaZCHP7SYGqMTGVXUASB2OM7EjJrTKxMV1U6tSPCyQZTw
2021-09-11 11:21:56 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-09-11 11:21:56 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3OTVmZDMwNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE2LCAiZXhwIjogMTYzMTM2MjkxNn0.IeIgXt-P7kyxGWRfNmIn8ExlXRQ2gN_bfHGXgtsf_hcm40Jfrn4ifikjLNS2rakQANW-GHMyn309Q8t_xxmsDQ
2021-09-11 11:21:56 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3OTVmZDMwNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE2LCAiZXhwIjogMTYzMTM2MjkxNn0.IeIgXt-P7kyxGWRfNmIn8ExlXRQ2gN_bfHGXgtsf_hcm40Jfrn4ifikjLNS2rakQANW-GHMyn309Q8t_xxmsDQ
type
Bearer
2021-09-11 11:21:56 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
1800
2021-09-11 11:21:56 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
1800
2021-09-11 11:21:56 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
Z0FBQUFBQmhQSkZVcDM3UUN2UGVXemVqUG1MTTlFV2xWQks5N3VhbnBteVVhbzFJWDhBUHZXT1VnZHU1YW9zZkJkMktQdzdtakRfVnFldGFTNzAyV1QxMG5hRzh4X0ZlUjM3b2VUOHdwU2ZNT0FKWVQxME4zU1FhdjNKTFU5YzJSOHJyUVBsLXc2WHVXWmU2eGNVVW5FcjhxeGI2WnlNWlloc2ZOcVlONlQzeV83TDJXLWpKRGtHVXp2LTI3X0dQYkFrZjFDWW82SnJCWWp2WFlIN0ppTFQyY1Nfb1lFOFgtUzBxVmhOalFsZ1F2V0FZUm9jU2V3bVdaVnh4OUhpdlN3V1hNdm5kdmJtLUtZNVV4Ylo0cEhxUVRZMnlZY3pGVGo1VkxUamRqUGlFOXo1REpHWllua1FzcjkyVzl1NUFRNXBIai1xOW12R0FXd1ZqbWRvMy16NjNrY2NLS2V3MFBsYU9ORU5HTlFram0yaEVQTkhfR1h3d0J2ampBNXVqcEFDMG1oYk5YbE9KaXFBOHJIdjczWGtxQVVpZlU5SFRLR2gyWExZNFB6QmNjelJubVJhdGdWa3diOC1aZ05zeGdMcGdrNjdFT3A2bWRuWVNfcWRKclloUzFqcGhHVjVudEJPRVpPaC1MdDltYXk5WVBwbmNhemZKVW9mUjBlV3RxcVFzNGJLOTZXVjBfN3hlODAtcHhXZDBFYjRjbW12VV9QT2w4b3lqYzFSUkt3Nm1Qb3k2clpnRmdIMzR3UWZfSWpfaldVand3YmwxejVSNm8wdk1CVWNLQ1pYenF4ejNJNHJOMnR1NWZfclljLW5YSTRjc21ZU3VDUmdONVI0VGdwM3d5RUk0VlhrMA==
2021-09-11 11:21:56 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzk1ZmQzMGIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.lyvBkXHMHuuZYIpp0te9v15laIc5p9QH1DnzcDsgq-gb9luX4icadwYgjXRfAq5W1mgEvv_NYw6OxUnX_bGdNAhUi4-YZFyD9eQwOsRhbUl0C6ZgqKSrMs6-wMaDasGtWln2_WwP_HwpJU61GkkiuDOYV5U9cesJSuvhV1ljVowL7Goowy1p3m8mz3xZolJpRS6Nw90MdwokKrwfuCY5ngHWXCvtqIe5gI7RN4cVSUCcYLKopndA7ZuoTSZB9xe69S4qNbNBg1mkdb2jQ5TiiRXlSgMRmGLwt5De3DGRXvaZCHP7SYGqMTGVXUASB2OM7EjJrTKxMV1U6tSPCyQZTw
header
{
  "kid": "T3k1MXJDY0NJZWlEbGs3S1lCaWdWRmpXeEdNWWl4TE1WWThrdzZtUXZXQQ",
  "alg": "RS256"
}
claims
{
  "sub": "46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956",
  "acr": "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword",
  "aud": "_qNPPJzOM96ZBpUgQ5KNdg",
  "auth_time": 1631359316,
  "scope": [
    "openid",
    "offline_access"
  ],
  "iss": "https://89.45.234.133:4000",
  "exp": 1631359616,
  "nonce": "JNUeyuipQs",
  "iat": 1631359316,
  "jti": "795fd30b12f211ec8c99b12594190b0f",
  "client_id": "_qNPPJzOM96ZBpUgQ5KNdg"
}
2021-09-11 11:21:57 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2021-09-11 11:21:57 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
JNUeyuipQs
2021-09-11 11:21:57 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2021-09-11 11:21:57 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzk1ZmQzMGIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.lyvBkXHMHuuZYIpp0te9v15laIc5p9QH1DnzcDsgq-gb9luX4icadwYgjXRfAq5W1mgEvv_NYw6OxUnX_bGdNAhUi4-YZFyD9eQwOsRhbUl0C6ZgqKSrMs6-wMaDasGtWln2_WwP_HwpJU61GkkiuDOYV5U9cesJSuvhV1ljVowL7Goowy1p3m8mz3xZolJpRS6Nw90MdwokKrwfuCY5ngHWXCvtqIe5gI7RN4cVSUCcYLKopndA7ZuoTSZB9xe69S4qNbNBg1mkdb2jQ5TiiRXlSgMRmGLwt5De3DGRXvaZCHP7SYGqMTGVXUASB2OM7EjJrTKxMV1U6tSPCyQZTw
2021-09-11 11:21:57 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzE2LCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiNzk1ZmQzMGIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciLCAibm9uY2UiOiAiSk5VZXl1aXBRcyIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMxNiwgImV4cCI6IDE2MzEzNTk2MTYsICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXX0.lyvBkXHMHuuZYIpp0te9v15laIc5p9QH1DnzcDsgq-gb9luX4icadwYgjXRfAq5W1mgEvv_NYw6OxUnX_bGdNAhUi4-YZFyD9eQwOsRhbUl0C6ZgqKSrMs6-wMaDasGtWln2_WwP_HwpJU61GkkiuDOYV5U9cesJSuvhV1ljVowL7Goowy1p3m8mz3xZolJpRS6Nw90MdwokKrwfuCY5ngHWXCvtqIe5gI7RN4cVSUCcYLKopndA7ZuoTSZB9xe69S4qNbNBg1mkdb2jQ5TiiRXlSgMRmGLwt5De3DGRXvaZCHP7SYGqMTGVXUASB2OM7EjJrTKxMV1U6tSPCyQZTw
2021-09-11 11:21:57 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956
2021-09-11 11:21:57 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956
sub_token_endpoint
46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956
2021-09-11 11:21:57 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Z0FBQUFBQmhQSkZVcDM3UUN2UGVXemVqUG1MTTlFV2xWQks5N3VhbnBteVVhbzFJWDhBUHZXT1VnZHU1YW9zZkJkMktQdzdtakRfVnFldGFTNzAyV1QxMG5hRzh4X0ZlUjM3b2VUOHdwU2ZNT0FKWVQxME4zU1FhdjNKTFU5YzJSOHJyUVBsLXc2WHVXWmU2eGNVVW5FcjhxeGI2WnlNWlloc2ZOcVlONlQzeV83TDJXLWpKRGtHVXp2LTI3X0dQYkFrZjFDWW82SnJCWWp2WFlIN0ppTFQyY1Nfb1lFOFgtUzBxVmhOalFsZ1F2V0FZUm9jU2V3bVdaVnh4OUhpdlN3V1hNdm5kdmJtLUtZNVV4Ylo0cEhxUVRZMnlZY3pGVGo1VkxUamRqUGlFOXo1REpHWllua1FzcjkyVzl1NUFRNXBIai1xOW12R0FXd1ZqbWRvMy16NjNrY2NLS2V3MFBsYU9ORU5HTlFram0yaEVQTkhfR1h3d0J2ampBNXVqcEFDMG1oYk5YbE9KaXFBOHJIdjczWGtxQVVpZlU5SFRLR2gyWExZNFB6QmNjelJubVJhdGdWa3diOC1aZ05zeGdMcGdrNjdFT3A2bWRuWVNfcWRKclloUzFqcGhHVjVudEJPRVpPaC1MdDltYXk5WVBwbmNhemZKVW9mUjBlV3RxcVFzNGJLOTZXVjBfN3hlODAtcHhXZDBFYjRjbW12VV9QT2w4b3lqYzFSUkt3Nm1Qb3k2clpnRmdIMzR3UWZfSWpfaldVand3YmwxejVSNm8wdk1CVWNLQ1pYenF4ejNJNHJOMnR1NWZfclljLW5YSTRjc21ZU3VDUmdONVI0VGdwM3d5RUk0VlhrMA==
2021-09-11 11:21:57 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "urn:ietf:params:oauth:grant-type:jwt-bearer",
  "refresh_token"
]
2021-09-11 11:21:57 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2021-09-11 11:21:57 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
Z0FBQUFBQmhQSkZVcDM3UUN2UGVXemVqUG1MTTlFV2xWQks5N3VhbnBteVVhbzFJWDhBUHZXT1VnZHU1YW9zZkJkMktQdzdtakRfVnFldGFTNzAyV1QxMG5hRzh4X0ZlUjM3b2VUOHdwU2ZNT0FKWVQxME4zU1FhdjNKTFU5YzJSOHJyUVBsLXc2WHVXWmU2eGNVVW5FcjhxeGI2WnlNWlloc2ZOcVlONlQzeV83TDJXLWpKRGtHVXp2LTI3X0dQYkFrZjFDWW82SnJCWWp2WFlIN0ppTFQyY1Nfb1lFOFgtUzBxVmhOalFsZ1F2V0FZUm9jU2V3bVdaVnh4OUhpdlN3V1hNdm5kdmJtLUtZNVV4Ylo0cEhxUVRZMnlZY3pGVGo1VkxUamRqUGlFOXo1REpHWllua1FzcjkyVzl1NUFRNXBIai1xOW12R0FXd1ZqbWRvMy16NjNrY2NLS2V3MFBsYU9ORU5HTlFram0yaEVQTkhfR1h3d0J2ampBNXVqcEFDMG1oYk5YbE9KaXFBOHJIdjczWGtxQVVpZlU5SFRLR2gyWExZNFB6QmNjelJubVJhdGdWa3diOC1aZ05zeGdMcGdrNjdFT3A2bWRuWVNfcWRKclloUzFqcGhHVjVudEJPRVpPaC1MdDltYXk5WVBwbmNhemZKVW9mUjBlV3RxcVFzNGJLOTZXVjBfN3hlODAtcHhXZDBFYjRjbW12VV9QT2w4b3lqYzFSUkt3Nm1Qb3k2clpnRmdIMzR3UWZfSWpfaldVand3YmwxejVSNm8wdk1CVWNLQ1pYenF4ejNJNHJOMnR1NWZfclljLW5YSTRjc21ZU3VDUmdONVI0VGdwM3d5RUk0VlhrMA==
2021-09-11 11:21:57 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid offline_access' to token endpoint request
grant_type
refresh_token
refresh_token
Z0FBQUFBQmhQSkZVcDM3UUN2UGVXemVqUG1MTTlFV2xWQks5N3VhbnBteVVhbzFJWDhBUHZXT1VnZHU1YW9zZkJkMktQdzdtakRfVnFldGFTNzAyV1QxMG5hRzh4X0ZlUjM3b2VUOHdwU2ZNT0FKWVQxME4zU1FhdjNKTFU5YzJSOHJyUVBsLXc2WHVXWmU2eGNVVW5FcjhxeGI2WnlNWlloc2ZOcVlONlQzeV83TDJXLWpKRGtHVXp2LTI3X0dQYkFrZjFDWW82SnJCWWp2WFlIN0ppTFQyY1Nfb1lFOFgtUzBxVmhOalFsZ1F2V0FZUm9jU2V3bVdaVnh4OUhpdlN3V1hNdm5kdmJtLUtZNVV4Ylo0cEhxUVRZMnlZY3pGVGo1VkxUamRqUGlFOXo1REpHWllua1FzcjkyVzl1NUFRNXBIai1xOW12R0FXd1ZqbWRvMy16NjNrY2NLS2V3MFBsYU9ORU5HTlFram0yaEVQTkhfR1h3d0J2ampBNXVqcEFDMG1oYk5YbE9KaXFBOHJIdjczWGtxQVVpZlU5SFRLR2gyWExZNFB6QmNjelJubVJhdGdWa3diOC1aZ05zeGdMcGdrNjdFT3A2bWRuWVNfcWRKclloUzFqcGhHVjVudEJPRVpPaC1MdDltYXk5WVBwbmNhemZKVW9mUjBlV3RxcVFzNGJLOTZXVjBfN3hlODAtcHhXZDBFYjRjbW12VV9QT2w4b3lqYzFSUkt3Nm1Qb3k2clpnRmdIMzR3UWZfSWpfaldVand3YmwxejVSNm8wdk1CVWNLQ1pYenF4ejNJNHJOMnR1NWZfclljLW5YSTRjc21ZU3VDUmdONVI0VGdwM3d5RUk0VlhrMA==
scope
openid offline_access
2021-09-11 11:21:57 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic X3FOUFBKek9NOTZaQnBVZ1E1S05kZzpkYjI3ZGM3MzVlZWExNDk1NmUzZjc1MzA2ZTEwYTJhMTVmYjI4NGNkMjZhZWMwMzYyNzc5ZTI3ZQ==
2021-09-11 11:21:57 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2021-09-11 11:21:58 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2021-09-11 11:21:58
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://89.45.234.133:4000/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Basic X3FOUFBKek9NOTZaQnBVZ1E1S05kZzpkYjI3ZGM3MzVlZWExNDk1NmUzZjc1MzA2ZTEwYTJhMTVmYjI4NGNkMjZhZWMwMzYyNzc5ZTI3ZQ\u003d\u003d",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "943"
}
request_body
grant_type=refresh_token&refresh_token=Z0FBQUFBQmhQSkZVcDM3UUN2UGVXemVqUG1MTTlFV2xWQks5N3VhbnBteVVhbzFJWDhBUHZXT1VnZHU1YW9zZkJkMktQdzdtakRfVnFldGFTNzAyV1QxMG5hRzh4X0ZlUjM3b2VUOHdwU2ZNT0FKWVQxME4zU1FhdjNKTFU5YzJSOHJyUVBsLXc2WHVXWmU2eGNVVW5FcjhxeGI2WnlNWlloc2ZOcVlONlQzeV83TDJXLWpKRGtHVXp2LTI3X0dQYkFrZjFDWW82SnJCWWp2WFlIN0ppTFQyY1Nfb1lFOFgtUzBxVmhOalFsZ1F2V0FZUm9jU2V3bVdaVnh4OUhpdlN3V1hNdm5kdmJtLUtZNVV4Ylo0cEhxUVRZMnlZY3pGVGo1VkxUamRqUGlFOXo1REpHWllua1FzcjkyVzl1NUFRNXBIai1xOW12R0FXd1ZqbWRvMy16NjNrY2NLS2V3MFBsYU9ORU5HTlFram0yaEVQTkhfR1h3d0J2ampBNXVqcEFDMG1oYk5YbE9KaXFBOHJIdjczWGtxQVVpZlU5SFRLR2gyWExZNFB6QmNjelJubVJhdGdWa3diOC1aZ05zeGdMcGdrNjdFT3A2bWRuWVNfcWRKclloUzFqcGhHVjVudEJPRVpPaC1MdDltYXk5WVBwbmNhemZKVW9mUjBlV3RxcVFzNGJLOTZXVjBfN3hlODAtcHhXZDBFYjRjbW12VV9QT2w4b3lqYzFSUkt3Nm1Qb3k2clpnRmdIMzR3UWZfSWpfaldVand3YmwxejVSNm8wdk1CVWNLQ1pYenF4ejNJNHJOMnR1NWZfclljLW5YSTRjc21ZU3VDUmdONVI0VGdwM3d5RUk0VlhrMA%3D%3D&scope=openid+offline_access
2021-09-11 11:21:58 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "2040",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "set-cookie": "oidc_op\u003d1631359318|qwvNUSCeUxYuCgPA|gH5jW65Zj0WznGupdKkGnLbXHCIsFnTJc2k9n7TL8bzI5Bc1QywpnNNNRTWHO/7WC3jPs1egwYGcRaGMyMS0GdqhnvKewmtbeGr0u78BvKDGUoXkwBIGclxmJgi5t0Y34dNBmK/bzms15FFHZOOHDLPoNUmJXmR/kHR/Ibhks0KNCH+DJXa7632DF9/IB44Lofsbz/J+xvV7jA+ZLF5AdjZ9GKr16FTCr43esKKgXEvcCTszUGTCc29YKgqJacdaLoJ5Mmb/|xJCMFbVTWruT5opE6hN0nw\u003d\u003d; Secure; HttpOnly; Path\u003d/; SameSite\u003dLax",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:58 GMT"
}
response_body
{"access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3YTQ0NzZiNTEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE4LCAiZXhwIjogMTYzMTM2MjkxOH0.zz39lzRjqWB8bZpJuzjrc7L3jFIwNCgtO0GYt0wcXF7q1BYLH-x_YmWtkJWUrhg72t8ry6Hq3wp7ny6sUoK6sQ", "token_type": "Bearer", "scope": "openid offline_access", "expires_in": 1800, "refresh_token": "Z0FBQUFBQmhQSkZXVm5CYnpDdXFIRTU4RjBZZkwxbm9WdU1Ra2FaOHcybml4RHpqdXptcVhtY2NlcjBXekdnS09VaUFlX0NCQ2lZU1JhSFNkei1yb2VETnRDajRPYnJEYTA2UUlYTnp1SjVCdEZGMjczeTVMN19uY2M3Z1haZFF3anFsY2pza1pwcTZxVVl5N2lhRlVvNFYxWExnV2FYcUgxTS1Oa21pWUhoS294NjYxWUpmOURwNzg2R1pndzVJcFVHQUx6LWs1WWl1NmtScjVfakRVcV9TaE5WY2hTMGNLQ1dDTE10ampzeDdCN0RjWWRYaGdwU0JJdExTdVFkaVczN3RkazFZVmJpYlVDd09BdTBVMG1nNV84cFROZU9FcnRXQzctcGc2SU42dVJIUmpuWV9mS3ExOXVTYnpkVEhkT1k4LTMtMmhZSEF4NjRUMHFHdDUtZGRDQ0pGb2dOeFpsSFlKdExTYVoxcHlXeGV0NjdjOGdYZ01ZeHVpbTE5SER3MFprM3c3VXpzbFNuVVoweElwNjVFMFUxWjBucFdvenhiSngzTHp6MGVGTWx3OXNmbzBkRWFldktfSEVmZmliblI4NDRucGxKV3NaOHlEbmNwMEVzZDRwWFRVNnNLN284S1g2NjZnQlRJbHlHbjBuNGR3TXQ3eHB6MzF2Y3p6WHpzV0RTM1pHYVR5QUJZZlpKRWZEa2J0VWg1cGx3dzB5QUVJSEsxSjRmejdWcHVGek91LVRlUDg1aE1Ec1NxdmxmUHI2T1R4VUp6T3ZzN1R5X3dzYVdYMXRwLXFnWmQ3NnYxbTN4NTBac1loQmZMZHZHNngwYnNGdXNGaXNwUW9yaDN5RUV2WTlUbQ=="}
2021-09-11 11:21:58 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3YTQ0NzZiNTEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE4LCAiZXhwIjogMTYzMTM2MjkxOH0.zz39lzRjqWB8bZpJuzjrc7L3jFIwNCgtO0GYt0wcXF7q1BYLH-x_YmWtkJWUrhg72t8ry6Hq3wp7ny6sUoK6sQ
token_type
Bearer
scope
openid offline_access
expires_in
1800
refresh_token
Z0FBQUFBQmhQSkZXVm5CYnpDdXFIRTU4RjBZZkwxbm9WdU1Ra2FaOHcybml4RHpqdXptcVhtY2NlcjBXekdnS09VaUFlX0NCQ2lZU1JhSFNkei1yb2VETnRDajRPYnJEYTA2UUlYTnp1SjVCdEZGMjczeTVMN19uY2M3Z1haZFF3anFsY2pza1pwcTZxVVl5N2lhRlVvNFYxWExnV2FYcUgxTS1Oa21pWUhoS294NjYxWUpmOURwNzg2R1pndzVJcFVHQUx6LWs1WWl1NmtScjVfakRVcV9TaE5WY2hTMGNLQ1dDTE10ampzeDdCN0RjWWRYaGdwU0JJdExTdVFkaVczN3RkazFZVmJpYlVDd09BdTBVMG1nNV84cFROZU9FcnRXQzctcGc2SU42dVJIUmpuWV9mS3ExOXVTYnpkVEhkT1k4LTMtMmhZSEF4NjRUMHFHdDUtZGRDQ0pGb2dOeFpsSFlKdExTYVoxcHlXeGV0NjdjOGdYZ01ZeHVpbTE5SER3MFprM3c3VXpzbFNuVVoweElwNjVFMFUxWjBucFdvenhiSngzTHp6MGVGTWx3OXNmbzBkRWFldktfSEVmZmliblI4NDRucGxKV3NaOHlEbmNwMEVzZDRwWFRVNnNLN284S1g2NjZnQlRJbHlHbjBuNGR3TXQ3eHB6MzF2Y3p6WHpzV0RTM1pHYVR5QUJZZlpKRWZEa2J0VWg1cGx3dzB5QUVJSEsxSjRmejdWcHVGek91LVRlUDg1aE1Ec1NxdmxmUHI2T1R4VUp6T3ZzN1R5X3dzYVdYMXRwLXFnWmQ3NnYxbTN4NTBac1loQmZMZHZHNngwYnNGdXNGaXNwUW9yaDN5RUV2WTlUbQ==
2021-09-11 11:21:58 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2021-09-11 11:21:58 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2021-09-11 11:21:58 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-store
pragma_header
no-cache
2021-09-11 11:21:58 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-09-11 11:21:58 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3YTQ0NzZiNTEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE4LCAiZXhwIjogMTYzMTM2MjkxOH0.zz39lzRjqWB8bZpJuzjrc7L3jFIwNCgtO0GYt0wcXF7q1BYLH-x_YmWtkJWUrhg72t8ry6Hq3wp7ny6sUoK6sQ
type
Bearer
2021-09-11 11:21:58 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2021-09-11 11:21:58 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
5967.642890361058
expected
96.0
2021-09-11 11:21:58 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2021-09-11 11:21:58 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
1800
2021-09-11 11:21:58 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
1800
2021-09-11 11:21:58 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3OTVmZDMwNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE2LCAiZXhwIjogMTYzMTM2MjkxNn0.IeIgXt-P7kyxGWRfNmIn8ExlXRQ2gN_bfHGXgtsf_hcm40Jfrn4ifikjLNS2rakQANW-GHMyn309Q8t_xxmsDQ
second_access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3YTQ0NzZiNTEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE4LCAiZXhwIjogMTYzMTM2MjkxOH0.zz39lzRjqWB8bZpJuzjrc7L3jFIwNCgtO0GYt0wcXF7q1BYLH-x_YmWtkJWUrhg72t8ry6Hq3wp7ny6sUoK6sQ
2021-09-11 11:21:58 INFO
ExtractIdTokenFromTokenResponse
Couldn't find id_token in token_endpoint_response
2021-09-11 11:21:58 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Z0FBQUFBQmhQSkZXVm5CYnpDdXFIRTU4RjBZZkwxbm9WdU1Ra2FaOHcybml4RHpqdXptcVhtY2NlcjBXekdnS09VaUFlX0NCQ2lZU1JhSFNkei1yb2VETnRDajRPYnJEYTA2UUlYTnp1SjVCdEZGMjczeTVMN19uY2M3Z1haZFF3anFsY2pza1pwcTZxVVl5N2lhRlVvNFYxWExnV2FYcUgxTS1Oa21pWUhoS294NjYxWUpmOURwNzg2R1pndzVJcFVHQUx6LWs1WWl1NmtScjVfakRVcV9TaE5WY2hTMGNLQ1dDTE10ampzeDdCN0RjWWRYaGdwU0JJdExTdVFkaVczN3RkazFZVmJpYlVDd09BdTBVMG1nNV84cFROZU9FcnRXQzctcGc2SU42dVJIUmpuWV9mS3ExOXVTYnpkVEhkT1k4LTMtMmhZSEF4NjRUMHFHdDUtZGRDQ0pGb2dOeFpsSFlKdExTYVoxcHlXeGV0NjdjOGdYZ01ZeHVpbTE5SER3MFprM3c3VXpzbFNuVVoweElwNjVFMFUxWjBucFdvenhiSngzTHp6MGVGTWx3OXNmbzBkRWFldktfSEVmZmliblI4NDRucGxKV3NaOHlEbmNwMEVzZDRwWFRVNnNLN284S1g2NjZnQlRJbHlHbjBuNGR3TXQ3eHB6MzF2Y3p6WHpzV0RTM1pHYVR5QUJZZlpKRWZEa2J0VWg1cGx3dzB5QUVJSEsxSjRmejdWcHVGek91LVRlUDg1aE1Ec1NxdmxmUHI2T1R4VUp6T3ZzN1R5X3dzYVdYMXRwLXFnWmQ3NnYxbTN4NTBac1loQmZMZHZHNngwYnNGdXNGaXNwUW9yaDN5RUV2WTlUbQ==
2021-09-11 11:21:58 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
6976
required
128
2021-09-11 11:21:58 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
4866.126796082275
expected
96.0
2021-09-11 11:21:58 INFO
CompareIdTokenClaims
Skipped evaluation due to missing required object: second_id_token
expected
second_id_token
mapped
second_id_token
Userinfo endpoint tests
2021-09-11 11:21:58
CallProtectedResourceWithBearerToken
HTTP request
request_uri
https://89.45.234.133:4000/userinfo
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIl9xTlBQSnpPTTk2WkJwVWdRNUtOZGciXSwgImp0aSI6ICI3YTQ0NzZiNTEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzdWIiOiAiX3FOUFBKek9NOTZaQnBVZ1E1S05kZyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2taVmFqQnFVbFZhUlZKVWFXSTBhSFozYzB0dFREQTRaa1pKZUhSRVN6WmtWMk15Wld4eWRpMXZkSGx0YzFNNE5qaG1SMFYwVERkTk1FTk5iVTE1TTFsWk9YSktZMkpwUzBseVFVaHpkV0Z1WjI5bE1VMXFPR1pDYld4dFJYQldlRlE0TWpod2RVaEhiRzVJVFdOU01WY3hSRVU0WjJob1h6WmFSWFJ1UzBwSU1HUndSRUZ1UTNKaFNrVXRNemh0U1dFd2JHUXRSSFJQVFU5WmRTMUVTRGxpWDBOcFJWSjZWbVZYVnpoUE9ITnlTbVpLUzFOcU9IWk9kSEEzVEZKUlRtYzNiRUphTlZneVlrRkRTM0JST1VGTFUxZHZlWGwwWWtOUlNtTXdZV3B2YzJOSU4xSlJNWFZxVkRsMFRUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzE4LCAiZXhwIjogMTYzMTM2MjkxOH0.zz39lzRjqWB8bZpJuzjrc7L3jFIwNCgtO0GYt0wcXF7q1BYLH-x_YmWtkJWUrhg72t8ry6Hq3wp7ny6sUoK6sQ",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
2021-09-11 11:21:58 RESPONSE
CallProtectedResourceWithBearerToken
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json",
  "content-length": "149",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:58 GMT"
}
response_body
{"sub": "46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956", "acr": "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"}
2021-09-11 11:21:58 SUCCESS
CallProtectedResourceWithBearerToken
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "content-type": "application/json",
  "content-length": "149",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:21:58 GMT"
}
body
{"sub": "46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956", "acr": "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"}
Second client: Make request to authorization endpoint
2021-09-11 11:21:58 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
DwgXe5kboooQhDmyomiHjw
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
2021-09-11 11:21:58
CreateRandomStateValue
Created state value
requested_state_length
10
state
P4Z5aPJ0tx
2021-09-11 11:21:58 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
DwgXe5kboooQhDmyomiHjw
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
P4Z5aPJ0tx
2021-09-11 11:21:58
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
umR93VGIsH
2021-09-11 11:21:58 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
DwgXe5kboooQhDmyomiHjw
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
P4Z5aPJ0tx
nonce
umR93VGIsH
2021-09-11 11:21:58 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
DwgXe5kboooQhDmyomiHjw
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
P4Z5aPJ0tx
nonce
umR93VGIsH
response_type
code id_token
2021-09-11 11:21:58
SetAuthorizationEndpointRequestResponseModeToFormPost
Added response_mode parameter to request
client_id
DwgXe5kboooQhDmyomiHjw
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
P4Z5aPJ0tx
nonce
umR93VGIsH
response_type
code id_token
response_mode
form_post
2021-09-11 11:21:58 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Added prompt=consent to authorization endpoint request
client_id
DwgXe5kboooQhDmyomiHjw
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
scope
openid offline_access
state
P4Z5aPJ0tx
nonce
umR93VGIsH
response_type
code id_token
response_mode
form_post
prompt
consent
2021-09-11 11:21:58 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://89.45.234.133:4000/authorization?client_id=DwgXe5kboooQhDmyomiHjw&redirect_uri=https://www.certification.openid.net/test/a/idpy/callback&scope=openid%20offline_access&state=P4Z5aPJ0tx&nonce=umR93VGIsH&response_type=code%20id_token&response_mode=form_post&prompt=consent
2021-09-11 11:21:58 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://89.45.234.133:4000/authorization?client_id=DwgXe5kboooQhDmyomiHjw&redirect_uri=https://www.certification.openid.net/test/a/idpy/callback&scope=openid%20offline_access&state=P4Z5aPJ0tx&nonce=umR93VGIsH&response_type=code%20id_token&response_mode=form_post&prompt=consent
2021-09-11 11:22:10 INCOMING
oidcc-refresh-token
Incoming HTTP request to test instance V5wni5KzyfHgEqA
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "origin": "https://89.45.234.133:4000",
  "accept-encoding": "gzip, deflate, br",
  "cookie": "JSESSIONID\u003d957CBD0728A302FA7FF79E11B3D34B21; __utma\u003d201319536.1870777121.1629795278.1631344149.1631352103.13; __utmc\u003d201319536; __utmz\u003d201319536.1631260756.11.4.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/plan-detail.html; expected_tab\u003dgoogleplus; welcome_info_name\u003dRoland%20Hedberg",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,*/*;q\u003d0.8",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15",
  "referer": "https://89.45.234.133:4000/verify/user",
  "accept-language": "en-us",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "2030",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
callback
incoming_body_form_params
{
  "state": "P4Z5aPJ0tx",
  "scope": "[\u0027openid\u0027, \u0027offline_access\u0027]",
  "code": "Z0FBQUFBQmhQSkZpd1h2R05uVGpkZWR4ZXg5dlkxZUNKQ3pORzhMSlRJLUNqa19VN3BfcmV5M29QRzNLY3NmQ1czdmtzZWRoVENFb2M0czFzSVp1cXJqNnpoNE5CNTY2NTVNWjA2aDY3U3ZYVmxrc1Vtbm5vMkJfeUhzbmczODZORjZOQUE2RktKRXgtRzduUWpkejhEUGt3Y0lBb1lrUlZRV3dsRVo3UGlHSHVaR0Y0cVRaY3JINGFtUWRpck5zTGhMRU1RdVFpVmE5c0JXOUtxVWtpQVZKZ3pUQXQ2cXJwNGhXbG5wVi1UeGNfZUVKdkdSV0VEOUxkUmczM1hleGRsQXZOeXRILW53WWNzZkw0Y3BudjNzcm9xRHBWb0xrcEItZkpkTEYwUlcxZXJCNENIM29BY1RiZzEwNENySTNsWFlwRHpJNFJieU1zMjlRSnkwWWlCbVJfa1lHZWg1dE4tZHdEQjduLWtLUXdRTmJoTU0zcUNHV3lSZ1lxbkItTXVEamRIcnBERHI2cmYyUGJfdHVCc1BEb0gyNm00MGctMlVhWXM2cWVVRy1yNUZya0x2UVpDM0d2MTdwTWdfN2lfMXppbG5MNlJaZUN1MzhGeG4zbmRxZEtNNjYxd1JBbzBhODU0YmlPYzM2Skdud1FHanBRRllEYTdudnU4X1FyajNNSERyMDhWNEp4OExHa25kMUM3ekxYRnFqUE01NjFhYVpzakVvSm9zRU5GWl9EOWNHLTJvWTY1NFhValVqeUgwRjN0MUliZnhLOXR2VG12REdSaGJORU5iQ0F0ZnVqekhlcDBXR3RyNEk4UlYwRVVmQng3elRQY3VXUThCNjA4TGM1ZW0yYkw3bA\u003d\u003d",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODE4MmI4MjIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAiY19oYXNoIjogIkJYTlFieFhGVDI5TjZtUWpwTXF4NEEiLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMCwgImV4cCI6IDE2MzEzNTk2MzAsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.UfLMUxzQn4H2VX9IGsGp9hCo-KPtD5jMIlsuUV8RxImu1UEMQfIYy2t3AdyPjLxUviqPB0mN6kOugQa9LF_UwIBajDOdKMmqb_XikR7xdDRU1FtFErcFMx08IAdZSM0IMZ146kh1X026ZRSIeBmHRs5Kw7cUidSInCAO04bmhHUdYZ2LXt75h6KGSqIioqURQ16gGy9DjG_DWMoXJVxDW1hlUbUuqMoo0hWKS7UuYbrEnVV-fTOs-WKWLkXvQ_OdJaw8OC0hGyjAmIPNbluEaru9JnjK0-LJDOCu_ZfvlDU3MNpNKBK_Sf0jL9ZPgCq2_ONl2B_Dy6J85HRcjrSSQA"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
state=P4Z5aPJ0tx&scope=%5B%27openid%27%2C+%27offline_access%27%5D&code=Z0FBQUFBQmhQSkZpd1h2R05uVGpkZWR4ZXg5dlkxZUNKQ3pORzhMSlRJLUNqa19VN3BfcmV5M29QRzNLY3NmQ1czdmtzZWRoVENFb2M0czFzSVp1cXJqNnpoNE5CNTY2NTVNWjA2aDY3U3ZYVmxrc1Vtbm5vMkJfeUhzbmczODZORjZOQUE2RktKRXgtRzduUWpkejhEUGt3Y0lBb1lrUlZRV3dsRVo3UGlHSHVaR0Y0cVRaY3JINGFtUWRpck5zTGhMRU1RdVFpVmE5c0JXOUtxVWtpQVZKZ3pUQXQ2cXJwNGhXbG5wVi1UeGNfZUVKdkdSV0VEOUxkUmczM1hleGRsQXZOeXRILW53WWNzZkw0Y3BudjNzcm9xRHBWb0xrcEItZkpkTEYwUlcxZXJCNENIM29BY1RiZzEwNENySTNsWFlwRHpJNFJieU1zMjlRSnkwWWlCbVJfa1lHZWg1dE4tZHdEQjduLWtLUXdRTmJoTU0zcUNHV3lSZ1lxbkItTXVEamRIcnBERHI2cmYyUGJfdHVCc1BEb0gyNm00MGctMlVhWXM2cWVVRy1yNUZya0x2UVpDM0d2MTdwTWdfN2lfMXppbG5MNlJaZUN1MzhGeG4zbmRxZEtNNjYxd1JBbzBhODU0YmlPYzM2Skdud1FHanBRRllEYTdudnU4X1FyajNNSERyMDhWNEp4OExHa25kMUM3ekxYRnFqUE01NjFhYVpzakVvSm9zRU5GWl9EOWNHLTJvWTY1NFhValVqeUgwRjN0MUliZnhLOXR2VG12REdSaGJORU5iQ0F0ZnVqekhlcDBXR3RyNEk4UlYwRVVmQng3elRQY3VXUThCNjA4TGM1ZW0yYkw3bA%3D%3D&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODE4MmI4MjIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAiY19oYXNoIjogIkJYTlFieFhGVDI5TjZtUWpwTXF4NEEiLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMCwgImV4cCI6IDE2MzEzNTk2MzAsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.UfLMUxzQn4H2VX9IGsGp9hCo-KPtD5jMIlsuUV8RxImu1UEMQfIYy2t3AdyPjLxUviqPB0mN6kOugQa9LF_UwIBajDOdKMmqb_XikR7xdDRU1FtFErcFMx08IAdZSM0IMZ146kh1X026ZRSIeBmHRs5Kw7cUidSInCAO04bmhHUdYZ2LXt75h6KGSqIioqURQ16gGy9DjG_DWMoXJVxDW1hlUbUuqMoo0hWKS7UuYbrEnVV-fTOs-WKWLkXvQ_OdJaw8OC0hGyjAmIPNbluEaru9JnjK0-LJDOCu_ZfvlDU3MNpNKBK_Sf0jL9ZPgCq2_ONl2B_Dy6J85HRcjrSSQA
2021-09-11 11:22:10 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/CjVFlWwODvDYcScGaboM",
  "fullUrl": "https://www.certification.openid.net/test/a/idpy/implicit/CjVFlWwODvDYcScGaboM"
}
2021-09-11 11:22:10 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance V5wni5KzyfHgEqA
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/idpy/implicit/CjVFlWwODvDYcScGaboM, returnUrl=/log-detail.html?log=V5wni5KzyfHgEqA}]
outgoing_path
callback
2021-09-11 11:22:11 INCOMING
oidcc-refresh-token
Incoming HTTP request to test instance V5wni5KzyfHgEqA
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "*/*",
  "x-requested-with": "XMLHttpRequest",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-us",
  "content-type": "text/plain",
  "origin": "https://www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15",
  "referer": "https://www.certification.openid.net/test/a/idpy/callback",
  "cookie": "JSESSIONID\u003d957CBD0728A302FA7FF79E11B3D34B21; __utma\u003d201319536.1870777121.1629795278.1631344149.1631352103.13; __utmc\u003d201319536; __utmz\u003d201319536.1631260756.11.4.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/plan-detail.html; expected_tab\u003dgoogleplus; welcome_info_name\u003dRoland%20Hedberg",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/CjVFlWwODvDYcScGaboM
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-09-11 11:22:11 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance V5wni5KzyfHgEqA
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/CjVFlWwODvDYcScGaboM
2021-09-11 11:22:11 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2021-09-11 11:22:11 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "origin": "https://89.45.234.133:4000",
  "accept-encoding": "gzip, deflate, br",
  "cookie": "JSESSIONID\u003d957CBD0728A302FA7FF79E11B3D34B21; __utma\u003d201319536.1870777121.1629795278.1631344149.1631352103.13; __utmc\u003d201319536; __utmz\u003d201319536.1631260756.11.4.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/plan-detail.html; expected_tab\u003dgoogleplus; welcome_info_name\u003dRoland%20Hedberg",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,*/*;q\u003d0.8",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15",
  "referer": "https://89.45.234.133:4000/verify/user",
  "accept-language": "en-us",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "2030",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
http_method
POST
url_fragment
{}
post_body
{
  "state": "P4Z5aPJ0tx",
  "scope": "[\u0027openid\u0027, \u0027offline_access\u0027]",
  "code": "Z0FBQUFBQmhQSkZpd1h2R05uVGpkZWR4ZXg5dlkxZUNKQ3pORzhMSlRJLUNqa19VN3BfcmV5M29QRzNLY3NmQ1czdmtzZWRoVENFb2M0czFzSVp1cXJqNnpoNE5CNTY2NTVNWjA2aDY3U3ZYVmxrc1Vtbm5vMkJfeUhzbmczODZORjZOQUE2RktKRXgtRzduUWpkejhEUGt3Y0lBb1lrUlZRV3dsRVo3UGlHSHVaR0Y0cVRaY3JINGFtUWRpck5zTGhMRU1RdVFpVmE5c0JXOUtxVWtpQVZKZ3pUQXQ2cXJwNGhXbG5wVi1UeGNfZUVKdkdSV0VEOUxkUmczM1hleGRsQXZOeXRILW53WWNzZkw0Y3BudjNzcm9xRHBWb0xrcEItZkpkTEYwUlcxZXJCNENIM29BY1RiZzEwNENySTNsWFlwRHpJNFJieU1zMjlRSnkwWWlCbVJfa1lHZWg1dE4tZHdEQjduLWtLUXdRTmJoTU0zcUNHV3lSZ1lxbkItTXVEamRIcnBERHI2cmYyUGJfdHVCc1BEb0gyNm00MGctMlVhWXM2cWVVRy1yNUZya0x2UVpDM0d2MTdwTWdfN2lfMXppbG5MNlJaZUN1MzhGeG4zbmRxZEtNNjYxd1JBbzBhODU0YmlPYzM2Skdud1FHanBRRllEYTdudnU4X1FyajNNSERyMDhWNEp4OExHa25kMUM3ekxYRnFqUE01NjFhYVpzakVvSm9zRU5GWl9EOWNHLTJvWTY1NFhValVqeUgwRjN0MUliZnhLOXR2VG12REdSaGJORU5iQ0F0ZnVqekhlcDBXR3RyNEk4UlYwRVVmQng3elRQY3VXUThCNjA4TGM1ZW0yYkw3bA\u003d\u003d",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODE4MmI4MjIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAiY19oYXNoIjogIkJYTlFieFhGVDI5TjZtUWpwTXF4NEEiLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMCwgImV4cCI6IDE2MzEzNTk2MzAsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.UfLMUxzQn4H2VX9IGsGp9hCo-KPtD5jMIlsuUV8RxImu1UEMQfIYy2t3AdyPjLxUviqPB0mN6kOugQa9LF_UwIBajDOdKMmqb_XikR7xdDRU1FtFErcFMx08IAdZSM0IMZ146kh1X026ZRSIeBmHRs5Kw7cUidSInCAO04bmhHUdYZ2LXt75h6KGSqIioqURQ16gGy9DjG_DWMoXJVxDW1hlUbUuqMoo0hWKS7UuYbrEnVV-fTOs-WKWLkXvQ_OdJaw8OC0hGyjAmIPNbluEaru9JnjK0-LJDOCu_ZfvlDU3MNpNKBK_Sf0jL9ZPgCq2_ONl2B_Dy6J85HRcjrSSQA"
}
Second client: Verify authorization endpoint response
2021-09-11 11:22:11 SUCCESS
CheckCallbackHttpMethodIsPost
HTTP method used at redirect_uri is 'POST'
2021-09-11 11:22:11 SUCCESS
CheckCallbackContentTypeIsFormUrlEncoded
content-type header to redirect_uri has the expected value
content_type
application/x-www-form-urlencoded
expected
application/x-www-form-urlencoded
2021-09-11 11:22:11 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2021-09-11 11:22:11 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2021-09-11 11:22:11 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2021-09-11 11:22:11
ValidateIssInAuthorizationResponse
No 'iss' value in authorization response.
2021-09-11 11:22:11 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2021-09-11 11:22:11 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
P4Z5aPJ0tx
2021-09-11 11:22:11 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
Z0FBQUFBQmhQSkZpd1h2R05uVGpkZWR4ZXg5dlkxZUNKQ3pORzhMSlRJLUNqa19VN3BfcmV5M29QRzNLY3NmQ1czdmtzZWRoVENFb2M0czFzSVp1cXJqNnpoNE5CNTY2NTVNWjA2aDY3U3ZYVmxrc1Vtbm5vMkJfeUhzbmczODZORjZOQUE2RktKRXgtRzduUWpkejhEUGt3Y0lBb1lrUlZRV3dsRVo3UGlHSHVaR0Y0cVRaY3JINGFtUWRpck5zTGhMRU1RdVFpVmE5c0JXOUtxVWtpQVZKZ3pUQXQ2cXJwNGhXbG5wVi1UeGNfZUVKdkdSV0VEOUxkUmczM1hleGRsQXZOeXRILW53WWNzZkw0Y3BudjNzcm9xRHBWb0xrcEItZkpkTEYwUlcxZXJCNENIM29BY1RiZzEwNENySTNsWFlwRHpJNFJieU1zMjlRSnkwWWlCbVJfa1lHZWg1dE4tZHdEQjduLWtLUXdRTmJoTU0zcUNHV3lSZ1lxbkItTXVEamRIcnBERHI2cmYyUGJfdHVCc1BEb0gyNm00MGctMlVhWXM2cWVVRy1yNUZya0x2UVpDM0d2MTdwTWdfN2lfMXppbG5MNlJaZUN1MzhGeG4zbmRxZEtNNjYxd1JBbzBhODU0YmlPYzM2Skdud1FHanBRRllEYTdudnU4X1FyajNNSERyMDhWNEp4OExHa25kMUM3ekxYRnFqUE01NjFhYVpzakVvSm9zRU5GWl9EOWNHLTJvWTY1NFhValVqeUgwRjN0MUliZnhLOXR2VG12REdSaGJORU5iQ0F0ZnVqekhlcDBXR3RyNEk4UlYwRVVmQng3elRQY3VXUThCNjA4TGM1ZW0yYkw3bA==
2021-09-11 11:22:11 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODE4MmI4MjIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAiY19oYXNoIjogIkJYTlFieFhGVDI5TjZtUWpwTXF4NEEiLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMCwgImV4cCI6IDE2MzEzNTk2MzAsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.UfLMUxzQn4H2VX9IGsGp9hCo-KPtD5jMIlsuUV8RxImu1UEMQfIYy2t3AdyPjLxUviqPB0mN6kOugQa9LF_UwIBajDOdKMmqb_XikR7xdDRU1FtFErcFMx08IAdZSM0IMZ146kh1X026ZRSIeBmHRs5Kw7cUidSInCAO04bmhHUdYZ2LXt75h6KGSqIioqURQ16gGy9DjG_DWMoXJVxDW1hlUbUuqMoo0hWKS7UuYbrEnVV-fTOs-WKWLkXvQ_OdJaw8OC0hGyjAmIPNbluEaru9JnjK0-LJDOCu_ZfvlDU3MNpNKBK_Sf0jL9ZPgCq2_ONl2B_Dy6J85HRcjrSSQA
header
{
  "kid": "T3k1MXJDY0NJZWlEbGs3S1lCaWdWRmpXeEdNWWl4TE1WWThrdzZtUXZXQQ",
  "alg": "RS256"
}
claims
{
  "sub": "46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956",
  "acr": "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword",
  "c_hash": "BXNQbxXFT29N6mQjpMqx4A",
  "aud": "DwgXe5kboooQhDmyomiHjw",
  "auth_time": 1631359330,
  "scope": [
    "openid",
    "offline_access"
  ],
  "iss": "https://89.45.234.133:4000",
  "exp": 1631359630,
  "nonce": "umR93VGIsH",
  "iat": 1631359330,
  "jti": "8182b82212f211ec8c99b12594190b0f",
  "client_id": "DwgXe5kboooQhDmyomiHjw"
}
2021-09-11 11:22:11 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2021-09-11 11:22:11 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
umR93VGIsH
2021-09-11 11:22:11 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2021-09-11 11:22:11 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODE4MmI4MjIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAiY19oYXNoIjogIkJYTlFieFhGVDI5TjZtUWpwTXF4NEEiLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMCwgImV4cCI6IDE2MzEzNTk2MzAsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.UfLMUxzQn4H2VX9IGsGp9hCo-KPtD5jMIlsuUV8RxImu1UEMQfIYy2t3AdyPjLxUviqPB0mN6kOugQa9LF_UwIBajDOdKMmqb_XikR7xdDRU1FtFErcFMx08IAdZSM0IMZ146kh1X026ZRSIeBmHRs5Kw7cUidSInCAO04bmhHUdYZ2LXt75h6KGSqIioqURQ16gGy9DjG_DWMoXJVxDW1hlUbUuqMoo0hWKS7UuYbrEnVV-fTOs-WKWLkXvQ_OdJaw8OC0hGyjAmIPNbluEaru9JnjK0-LJDOCu_ZfvlDU3MNpNKBK_Sf0jL9ZPgCq2_ONl2B_Dy6J85HRcjrSSQA
2021-09-11 11:22:11 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODE4MmI4MjIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAiY19oYXNoIjogIkJYTlFieFhGVDI5TjZtUWpwTXF4NEEiLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMCwgImV4cCI6IDE2MzEzNTk2MzAsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.UfLMUxzQn4H2VX9IGsGp9hCo-KPtD5jMIlsuUV8RxImu1UEMQfIYy2t3AdyPjLxUviqPB0mN6kOugQa9LF_UwIBajDOdKMmqb_XikR7xdDRU1FtFErcFMx08IAdZSM0IMZ146kh1X026ZRSIeBmHRs5Kw7cUidSInCAO04bmhHUdYZ2LXt75h6KGSqIioqURQ16gGy9DjG_DWMoXJVxDW1hlUbUuqMoo0hWKS7UuYbrEnVV-fTOs-WKWLkXvQ_OdJaw8OC0hGyjAmIPNbluEaru9JnjK0-LJDOCu_ZfvlDU3MNpNKBK_Sf0jL9ZPgCq2_ONl2B_Dy6J85HRcjrSSQA
2021-09-11 11:22:11 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956
2021-09-11 11:22:11 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
grant_type
authorization_code
code
Z0FBQUFBQmhQSkZpd1h2R05uVGpkZWR4ZXg5dlkxZUNKQ3pORzhMSlRJLUNqa19VN3BfcmV5M29QRzNLY3NmQ1czdmtzZWRoVENFb2M0czFzSVp1cXJqNnpoNE5CNTY2NTVNWjA2aDY3U3ZYVmxrc1Vtbm5vMkJfeUhzbmczODZORjZOQUE2RktKRXgtRzduUWpkejhEUGt3Y0lBb1lrUlZRV3dsRVo3UGlHSHVaR0Y0cVRaY3JINGFtUWRpck5zTGhMRU1RdVFpVmE5c0JXOUtxVWtpQVZKZ3pUQXQ2cXJwNGhXbG5wVi1UeGNfZUVKdkdSV0VEOUxkUmczM1hleGRsQXZOeXRILW53WWNzZkw0Y3BudjNzcm9xRHBWb0xrcEItZkpkTEYwUlcxZXJCNENIM29BY1RiZzEwNENySTNsWFlwRHpJNFJieU1zMjlRSnkwWWlCbVJfa1lHZWg1dE4tZHdEQjduLWtLUXdRTmJoTU0zcUNHV3lSZ1lxbkItTXVEamRIcnBERHI2cmYyUGJfdHVCc1BEb0gyNm00MGctMlVhWXM2cWVVRy1yNUZya0x2UVpDM0d2MTdwTWdfN2lfMXppbG5MNlJaZUN1MzhGeG4zbmRxZEtNNjYxd1JBbzBhODU0YmlPYzM2Skdud1FHanBRRllEYTdudnU4X1FyajNNSERyMDhWNEp4OExHa25kMUM3ekxYRnFqUE01NjFhYVpzakVvSm9zRU5GWl9EOWNHLTJvWTY1NFhValVqeUgwRjN0MUliZnhLOXR2VG12REdSaGJORU5iQ0F0ZnVqekhlcDBXR3RyNEk4UlYwRVVmQng3elRQY3VXUThCNjA4TGM1ZW0yYkw3bA==
redirect_uri
https://www.certification.openid.net/test/a/idpy/callback
2021-09-11 11:22:11 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic RHdnWGU1a2Jvb29RaERteW9taUhqdzo5MjA3MjVmNzQ5NWQ0MjFlZWZlMDA1YzAzZTdhOGI3NDg3NzhkN2ExODBlNzI2NGM4ZmQzNjZhMg==
2021-09-11 11:22:11
CallTokenEndpoint
HTTP request
request_uri
https://89.45.234.133:4000/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Basic RHdnWGU1a2Jvb29RaERteW9taUhqdzo5MjA3MjVmNzQ5NWQ0MjFlZWZlMDA1YzAzZTdhOGI3NDg3NzhkN2ExODBlNzI2NGM4ZmQzNjZhMg\u003d\u003d",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "996"
}
request_body
grant_type=authorization_code&code=Z0FBQUFBQmhQSkZpd1h2R05uVGpkZWR4ZXg5dlkxZUNKQ3pORzhMSlRJLUNqa19VN3BfcmV5M29QRzNLY3NmQ1czdmtzZWRoVENFb2M0czFzSVp1cXJqNnpoNE5CNTY2NTVNWjA2aDY3U3ZYVmxrc1Vtbm5vMkJfeUhzbmczODZORjZOQUE2RktKRXgtRzduUWpkejhEUGt3Y0lBb1lrUlZRV3dsRVo3UGlHSHVaR0Y0cVRaY3JINGFtUWRpck5zTGhMRU1RdVFpVmE5c0JXOUtxVWtpQVZKZ3pUQXQ2cXJwNGhXbG5wVi1UeGNfZUVKdkdSV0VEOUxkUmczM1hleGRsQXZOeXRILW53WWNzZkw0Y3BudjNzcm9xRHBWb0xrcEItZkpkTEYwUlcxZXJCNENIM29BY1RiZzEwNENySTNsWFlwRHpJNFJieU1zMjlRSnkwWWlCbVJfa1lHZWg1dE4tZHdEQjduLWtLUXdRTmJoTU0zcUNHV3lSZ1lxbkItTXVEamRIcnBERHI2cmYyUGJfdHVCc1BEb0gyNm00MGctMlVhWXM2cWVVRy1yNUZya0x2UVpDM0d2MTdwTWdfN2lfMXppbG5MNlJaZUN1MzhGeG4zbmRxZEtNNjYxd1JBbzBhODU0YmlPYzM2Skdud1FHanBRRllEYTdudnU4X1FyajNNSERyMDhWNEp4OExHa25kMUM3ekxYRnFqUE01NjFhYVpzakVvSm9zRU5GWl9EOWNHLTJvWTY1NFhValVqeUgwRjN0MUliZnhLOXR2VG12REdSaGJORU5iQ0F0ZnVqekhlcDBXR3RyNEk4UlYwRVVmQng3elRQY3VXUThCNjA4TGM1ZW0yYkw3bA%3D%3D&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fidpy%2Fcallback
2021-09-11 11:22:11 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "3081",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "set-cookie": "oidc_op\u003d1631359331|tq09sr3lRvAxGsB9|Diu4LRktN0BxX/w3nwVVw7hbzZ98oj5dK4JqvLWW78T+u8IwP++nAph0Wp4FKzfP+KbUcMwBizWJI4HiSWAp84koo0aYu0lmO25xvw/BC3S/JxU0H60jjRGotPDZ04oa6dPyj2GHhe68OoU8Ff1Nohb8khcnPc2eDI5wc9F/rZqwvCDdh8VZjcZePvSW8OA56NGpStMgv5cg5vUrW/0kT79VZ0GCeJtds62MjkmiQ02Sf4r9SREtmUi/ZwnnOFMC8X8XqWAv|WfOBDuuYfCQBH/hAyOEVJQ\u003d\u003d; Secure; HttpOnly; Path\u003d/; SameSite\u003dLax",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:22:11 GMT"
}
response_body
{"token_type": "Bearer", "scope": "openid offline_access", "access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MjA2YmZmNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMxLCAiZXhwIjogMTYzMTM2MjkzMX0.eXMDSsjphybfOqeYBSoa_6XGRRp-6t9gMt16K_HQsFa2S_xfWuGtJEiO2Im6oxYaJSSTYK_XCiIrnXkpX2atPg", "expires_in": 1800, "refresh_token": "Z0FBQUFBQmhQSkZqUkFVenFCMmlDVENVc200TkgydW9YUWFhLWdBaUJsb2M0QjdVTVVQMnMzYmxDY01LNUllcHdVVk1pVzdyUDI1UXhYSUNVenV0XzJyVE1TaVY4UV9GOTJUaWpxRGxIMXRDYjF1THQ3dDFtZkRoS2ZlVWJpNWJkTHFxRHo1d09rRllob05uajRBSFZQZGY0NVIzUmxDTWNTQVdfUjJybGhMR3hpNVRZQlVrbjhkYlBIQ1dZZGpTb2poVE53TU9hYnp5RmFWSUdWQUxWUmU5OS0tYmFTRk1rckg1aEV1VXR0SmxnaE5KT0JaNjJlRGFZS24xLVFtY0RBMXRDejBHSkREcEJxWTRFaGxWZG0yOTJFdDRGS2hkaUtiMHJmdXhQU0x6ZkdoaVpRUlR5Sm1JZVMtalNwSFR2bFpuZmd5WTNVX1VxaTRUMV9JM1dLNkE2eEpTZ2RITS1lQXNXVDRaSEFJWW9BN0pMS1VsS29xNE1WVTNDYkJTVnRUX2xGX1NVcUhfbklnMEhxWkxZcjRXWUw5c3dKTy1ORDhpUlJkblkxekpzdVBtWjlIYklLRnNjeTNiRE1CZGZhOFM5ZGd5OTNLMVFSbWZCRXJFU2xEUnBKZ19LZngyNzA2dmZlUzFYZGNFbXVTMWJCZHJ6N2pYVXpMR0lEVkhXUVdQbFk2N0VpZzh1ak1HTThRS2dHNEhJNnBEYm5zVjhTTEFZajEtaG5VazJaN1dPbVZmakM1UW5vSXAtLWptWU1CMzFMdkxJTkVMWDNESUhIenJEZHBOY3FzbGh6ZVAyaDFOQnptT1JDQ1QyYW9yOEJxcUVYWlB2WU5Fc1Ftc2pTZlRfeWlMSkZ6MQ==", "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODIwNmJmZmIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMSwgImV4cCI6IDE2MzEzNTk2MzEsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.TKeuyuKmHtqWyYW2uA2DtNQRjQl3GdQZTSSy-TttmzNWEvXvNmtfvlXx5x_brV87-Ah7XONN5rGzGGWeCTx9_9FZ_VcyBC54u26Mg-NFpB_-WlhQCEI1iFLmO9KcqbmYYyp_9sul72FI8TBlxHJMeQZKLPIQvgFgay4CVq2SVXMBE6u2Jws3Sn7it_uYKKNwR9MxIM1TTDJzeO6eXZBMjWvyGeFEwDqigLU83hRELz0mGuTw3z_fuSOEpzBehqYUwNCeod73r6CY8Pbnd-OCp0A7-fpy48kP8YJdn6QhpyKrhyf29qUM47Sg2CTY8IUIjQXiJpho3_ADr00HQCCRyA"}
2021-09-11 11:22:11
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"token_type": "Bearer", "scope": "openid offline_access", "access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MjA2YmZmNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMxLCAiZXhwIjogMTYzMTM2MjkzMX0.eXMDSsjphybfOqeYBSoa_6XGRRp-6t9gMt16K_HQsFa2S_xfWuGtJEiO2Im6oxYaJSSTYK_XCiIrnXkpX2atPg", "expires_in": 1800, "refresh_token": "Z0FBQUFBQmhQSkZqUkFVenFCMmlDVENVc200TkgydW9YUWFhLWdBaUJsb2M0QjdVTVVQMnMzYmxDY01LNUllcHdVVk1pVzdyUDI1UXhYSUNVenV0XzJyVE1TaVY4UV9GOTJUaWpxRGxIMXRDYjF1THQ3dDFtZkRoS2ZlVWJpNWJkTHFxRHo1d09rRllob05uajRBSFZQZGY0NVIzUmxDTWNTQVdfUjJybGhMR3hpNVRZQlVrbjhkYlBIQ1dZZGpTb2poVE53TU9hYnp5RmFWSUdWQUxWUmU5OS0tYmFTRk1rckg1aEV1VXR0SmxnaE5KT0JaNjJlRGFZS24xLVFtY0RBMXRDejBHSkREcEJxWTRFaGxWZG0yOTJFdDRGS2hkaUtiMHJmdXhQU0x6ZkdoaVpRUlR5Sm1JZVMtalNwSFR2bFpuZmd5WTNVX1VxaTRUMV9JM1dLNkE2eEpTZ2RITS1lQXNXVDRaSEFJWW9BN0pMS1VsS29xNE1WVTNDYkJTVnRUX2xGX1NVcUhfbklnMEhxWkxZcjRXWUw5c3dKTy1ORDhpUlJkblkxekpzdVBtWjlIYklLRnNjeTNiRE1CZGZhOFM5ZGd5OTNLMVFSbWZCRXJFU2xEUnBKZ19LZngyNzA2dmZlUzFYZGNFbXVTMWJCZHJ6N2pYVXpMR0lEVkhXUVdQbFk2N0VpZzh1ak1HTThRS2dHNEhJNnBEYm5zVjhTTEFZajEtaG5VazJaN1dPbVZmakM1UW5vSXAtLWptWU1CMzFMdkxJTkVMWDNESUhIenJEZHBOY3FzbGh6ZVAyaDFOQnptT1JDQ1QyYW9yOEJxcUVYWlB2WU5Fc1Ftc2pTZlRfeWlMSkZ6MQ==", "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODIwNmJmZmIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMSwgImV4cCI6IDE2MzEzNTk2MzEsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.TKeuyuKmHtqWyYW2uA2DtNQRjQl3GdQZTSSy-TttmzNWEvXvNmtfvlXx5x_brV87-Ah7XONN5rGzGGWeCTx9_9FZ_VcyBC54u26Mg-NFpB_-WlhQCEI1iFLmO9KcqbmYYyp_9sul72FI8TBlxHJMeQZKLPIQvgFgay4CVq2SVXMBE6u2Jws3Sn7it_uYKKNwR9MxIM1TTDJzeO6eXZBMjWvyGeFEwDqigLU83hRELz0mGuTw3z_fuSOEpzBehqYUwNCeod73r6CY8Pbnd-OCp0A7-fpy48kP8YJdn6QhpyKrhyf29qUM47Sg2CTY8IUIjQXiJpho3_ADr00HQCCRyA"}
2021-09-11 11:22:11 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
token_type
Bearer
scope
openid offline_access
access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MjA2YmZmNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMxLCAiZXhwIjogMTYzMTM2MjkzMX0.eXMDSsjphybfOqeYBSoa_6XGRRp-6t9gMt16K_HQsFa2S_xfWuGtJEiO2Im6oxYaJSSTYK_XCiIrnXkpX2atPg
expires_in
1800
refresh_token
Z0FBQUFBQmhQSkZqUkFVenFCMmlDVENVc200TkgydW9YUWFhLWdBaUJsb2M0QjdVTVVQMnMzYmxDY01LNUllcHdVVk1pVzdyUDI1UXhYSUNVenV0XzJyVE1TaVY4UV9GOTJUaWpxRGxIMXRDYjF1THQ3dDFtZkRoS2ZlVWJpNWJkTHFxRHo1d09rRllob05uajRBSFZQZGY0NVIzUmxDTWNTQVdfUjJybGhMR3hpNVRZQlVrbjhkYlBIQ1dZZGpTb2poVE53TU9hYnp5RmFWSUdWQUxWUmU5OS0tYmFTRk1rckg1aEV1VXR0SmxnaE5KT0JaNjJlRGFZS24xLVFtY0RBMXRDejBHSkREcEJxWTRFaGxWZG0yOTJFdDRGS2hkaUtiMHJmdXhQU0x6ZkdoaVpRUlR5Sm1JZVMtalNwSFR2bFpuZmd5WTNVX1VxaTRUMV9JM1dLNkE2eEpTZ2RITS1lQXNXVDRaSEFJWW9BN0pMS1VsS29xNE1WVTNDYkJTVnRUX2xGX1NVcUhfbklnMEhxWkxZcjRXWUw5c3dKTy1ORDhpUlJkblkxekpzdVBtWjlIYklLRnNjeTNiRE1CZGZhOFM5ZGd5OTNLMVFSbWZCRXJFU2xEUnBKZ19LZngyNzA2dmZlUzFYZGNFbXVTMWJCZHJ6N2pYVXpMR0lEVkhXUVdQbFk2N0VpZzh1ak1HTThRS2dHNEhJNnBEYm5zVjhTTEFZajEtaG5VazJaN1dPbVZmakM1UW5vSXAtLWptWU1CMzFMdkxJTkVMWDNESUhIenJEZHBOY3FzbGh6ZVAyaDFOQnptT1JDQ1QyYW9yOEJxcUVYWlB2WU5Fc1Ftc2pTZlRfeWlMSkZ6MQ==
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODIwNmJmZmIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMSwgImV4cCI6IDE2MzEzNTk2MzEsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.TKeuyuKmHtqWyYW2uA2DtNQRjQl3GdQZTSSy-TttmzNWEvXvNmtfvlXx5x_brV87-Ah7XONN5rGzGGWeCTx9_9FZ_VcyBC54u26Mg-NFpB_-WlhQCEI1iFLmO9KcqbmYYyp_9sul72FI8TBlxHJMeQZKLPIQvgFgay4CVq2SVXMBE6u2Jws3Sn7it_uYKKNwR9MxIM1TTDJzeO6eXZBMjWvyGeFEwDqigLU83hRELz0mGuTw3z_fuSOEpzBehqYUwNCeod73r6CY8Pbnd-OCp0A7-fpy48kP8YJdn6QhpyKrhyf29qUM47Sg2CTY8IUIjQXiJpho3_ADr00HQCCRyA
2021-09-11 11:22:11 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-09-11 11:22:11 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MjA2YmZmNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMxLCAiZXhwIjogMTYzMTM2MjkzMX0.eXMDSsjphybfOqeYBSoa_6XGRRp-6t9gMt16K_HQsFa2S_xfWuGtJEiO2Im6oxYaJSSTYK_XCiIrnXkpX2atPg
2021-09-11 11:22:11 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MjA2YmZmNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMxLCAiZXhwIjogMTYzMTM2MjkzMX0.eXMDSsjphybfOqeYBSoa_6XGRRp-6t9gMt16K_HQsFa2S_xfWuGtJEiO2Im6oxYaJSSTYK_XCiIrnXkpX2atPg
type
Bearer
2021-09-11 11:22:11 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
1800
2021-09-11 11:22:11 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
1800
2021-09-11 11:22:11 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
Z0FBQUFBQmhQSkZqUkFVenFCMmlDVENVc200TkgydW9YUWFhLWdBaUJsb2M0QjdVTVVQMnMzYmxDY01LNUllcHdVVk1pVzdyUDI1UXhYSUNVenV0XzJyVE1TaVY4UV9GOTJUaWpxRGxIMXRDYjF1THQ3dDFtZkRoS2ZlVWJpNWJkTHFxRHo1d09rRllob05uajRBSFZQZGY0NVIzUmxDTWNTQVdfUjJybGhMR3hpNVRZQlVrbjhkYlBIQ1dZZGpTb2poVE53TU9hYnp5RmFWSUdWQUxWUmU5OS0tYmFTRk1rckg1aEV1VXR0SmxnaE5KT0JaNjJlRGFZS24xLVFtY0RBMXRDejBHSkREcEJxWTRFaGxWZG0yOTJFdDRGS2hkaUtiMHJmdXhQU0x6ZkdoaVpRUlR5Sm1JZVMtalNwSFR2bFpuZmd5WTNVX1VxaTRUMV9JM1dLNkE2eEpTZ2RITS1lQXNXVDRaSEFJWW9BN0pMS1VsS29xNE1WVTNDYkJTVnRUX2xGX1NVcUhfbklnMEhxWkxZcjRXWUw5c3dKTy1ORDhpUlJkblkxekpzdVBtWjlIYklLRnNjeTNiRE1CZGZhOFM5ZGd5OTNLMVFSbWZCRXJFU2xEUnBKZ19LZngyNzA2dmZlUzFYZGNFbXVTMWJCZHJ6N2pYVXpMR0lEVkhXUVdQbFk2N0VpZzh1ak1HTThRS2dHNEhJNnBEYm5zVjhTTEFZajEtaG5VazJaN1dPbVZmakM1UW5vSXAtLWptWU1CMzFMdkxJTkVMWDNESUhIenJEZHBOY3FzbGh6ZVAyaDFOQnptT1JDQ1QyYW9yOEJxcUVYWlB2WU5Fc1Ftc2pTZlRfeWlMSkZ6MQ==
2021-09-11 11:22:11 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODIwNmJmZmIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMSwgImV4cCI6IDE2MzEzNTk2MzEsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.TKeuyuKmHtqWyYW2uA2DtNQRjQl3GdQZTSSy-TttmzNWEvXvNmtfvlXx5x_brV87-Ah7XONN5rGzGGWeCTx9_9FZ_VcyBC54u26Mg-NFpB_-WlhQCEI1iFLmO9KcqbmYYyp_9sul72FI8TBlxHJMeQZKLPIQvgFgay4CVq2SVXMBE6u2Jws3Sn7it_uYKKNwR9MxIM1TTDJzeO6eXZBMjWvyGeFEwDqigLU83hRELz0mGuTw3z_fuSOEpzBehqYUwNCeod73r6CY8Pbnd-OCp0A7-fpy48kP8YJdn6QhpyKrhyf29qUM47Sg2CTY8IUIjQXiJpho3_ADr00HQCCRyA
header
{
  "kid": "T3k1MXJDY0NJZWlEbGs3S1lCaWdWRmpXeEdNWWl4TE1WWThrdzZtUXZXQQ",
  "alg": "RS256"
}
claims
{
  "sub": "46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956",
  "acr": "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword",
  "aud": "DwgXe5kboooQhDmyomiHjw",
  "auth_time": 1631359330,
  "scope": [
    "openid",
    "offline_access"
  ],
  "iss": "https://89.45.234.133:4000",
  "exp": 1631359631,
  "nonce": "umR93VGIsH",
  "iat": 1631359331,
  "jti": "8206bffb12f211ec8c99b12594190b0f",
  "client_id": "DwgXe5kboooQhDmyomiHjw"
}
2021-09-11 11:22:11 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2021-09-11 11:22:11 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
umR93VGIsH
2021-09-11 11:22:11 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2021-09-11 11:22:11 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODIwNmJmZmIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMSwgImV4cCI6IDE2MzEzNTk2MzEsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.TKeuyuKmHtqWyYW2uA2DtNQRjQl3GdQZTSSy-TttmzNWEvXvNmtfvlXx5x_brV87-Ah7XONN5rGzGGWeCTx9_9FZ_VcyBC54u26Mg-NFpB_-WlhQCEI1iFLmO9KcqbmYYyp_9sul72FI8TBlxHJMeQZKLPIQvgFgay4CVq2SVXMBE6u2Jws3Sn7it_uYKKNwR9MxIM1TTDJzeO6eXZBMjWvyGeFEwDqigLU83hRELz0mGuTw3z_fuSOEpzBehqYUwNCeod73r6CY8Pbnd-OCp0A7-fpy48kP8YJdn6QhpyKrhyf29qUM47Sg2CTY8IUIjQXiJpho3_ADr00HQCCRyA
2021-09-11 11:22:11 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6IlQzazFNWEpEWTBOSlpXbEViR3MzUzFsQ2FXZFdSbXBYZUVkTldXbDRURTFXV1RocmR6WnRVWFpYUVEifQ.eyJzdWIiOiAiNDZkYzUzMDFjYTNhNTkzODI3YjNhYTE4ZjdlNTk1NjE3MmJiYjUzNzYxNDdlMjM3MjY0NTU0NDMyNmNmZjk1NiIsICJhdXRoX3RpbWUiOiAxNjMxMzU5MzMwLCAiYWNyIjogInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOkludGVybmV0UHJvdG9jb2xQYXNzd29yZCIsICJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJqdGkiOiAiODIwNmJmZmIxMmYyMTFlYzhjOTliMTI1OTQxOTBiMGYiLCAiY2xpZW50X2lkIjogIkR3Z1hlNWtib29vUWhEbXlvbWlIanciLCAibm9uY2UiOiAidW1SOTNWR0lzSCIsICJpc3MiOiAiaHR0cHM6Ly84OS40NS4yMzQuMTMzOjQwMDAiLCAiaWF0IjogMTYzMTM1OTMzMSwgImV4cCI6IDE2MzEzNTk2MzEsICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXX0.TKeuyuKmHtqWyYW2uA2DtNQRjQl3GdQZTSSy-TttmzNWEvXvNmtfvlXx5x_brV87-Ah7XONN5rGzGGWeCTx9_9FZ_VcyBC54u26Mg-NFpB_-WlhQCEI1iFLmO9KcqbmYYyp_9sul72FI8TBlxHJMeQZKLPIQvgFgay4CVq2SVXMBE6u2Jws3Sn7it_uYKKNwR9MxIM1TTDJzeO6eXZBMjWvyGeFEwDqigLU83hRELz0mGuTw3z_fuSOEpzBehqYUwNCeod73r6CY8Pbnd-OCp0A7-fpy48kP8YJdn6QhpyKrhyf29qUM47Sg2CTY8IUIjQXiJpho3_ADr00HQCCRyA
2021-09-11 11:22:11 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956
2021-09-11 11:22:11 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956
sub_token_endpoint
46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956
2021-09-11 11:22:11 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Z0FBQUFBQmhQSkZqUkFVenFCMmlDVENVc200TkgydW9YUWFhLWdBaUJsb2M0QjdVTVVQMnMzYmxDY01LNUllcHdVVk1pVzdyUDI1UXhYSUNVenV0XzJyVE1TaVY4UV9GOTJUaWpxRGxIMXRDYjF1THQ3dDFtZkRoS2ZlVWJpNWJkTHFxRHo1d09rRllob05uajRBSFZQZGY0NVIzUmxDTWNTQVdfUjJybGhMR3hpNVRZQlVrbjhkYlBIQ1dZZGpTb2poVE53TU9hYnp5RmFWSUdWQUxWUmU5OS0tYmFTRk1rckg1aEV1VXR0SmxnaE5KT0JaNjJlRGFZS24xLVFtY0RBMXRDejBHSkREcEJxWTRFaGxWZG0yOTJFdDRGS2hkaUtiMHJmdXhQU0x6ZkdoaVpRUlR5Sm1JZVMtalNwSFR2bFpuZmd5WTNVX1VxaTRUMV9JM1dLNkE2eEpTZ2RITS1lQXNXVDRaSEFJWW9BN0pMS1VsS29xNE1WVTNDYkJTVnRUX2xGX1NVcUhfbklnMEhxWkxZcjRXWUw5c3dKTy1ORDhpUlJkblkxekpzdVBtWjlIYklLRnNjeTNiRE1CZGZhOFM5ZGd5OTNLMVFSbWZCRXJFU2xEUnBKZ19LZngyNzA2dmZlUzFYZGNFbXVTMWJCZHJ6N2pYVXpMR0lEVkhXUVdQbFk2N0VpZzh1ak1HTThRS2dHNEhJNnBEYm5zVjhTTEFZajEtaG5VazJaN1dPbVZmakM1UW5vSXAtLWptWU1CMzFMdkxJTkVMWDNESUhIenJEZHBOY3FzbGh6ZVAyaDFOQnptT1JDQ1QyYW9yOEJxcUVYWlB2WU5Fc1Ftc2pTZlRfeWlMSkZ6MQ==
2021-09-11 11:22:11 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "urn:ietf:params:oauth:grant-type:jwt-bearer",
  "refresh_token"
]
2021-09-11 11:22:11 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2021-09-11 11:22:11 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
Z0FBQUFBQmhQSkZqUkFVenFCMmlDVENVc200TkgydW9YUWFhLWdBaUJsb2M0QjdVTVVQMnMzYmxDY01LNUllcHdVVk1pVzdyUDI1UXhYSUNVenV0XzJyVE1TaVY4UV9GOTJUaWpxRGxIMXRDYjF1THQ3dDFtZkRoS2ZlVWJpNWJkTHFxRHo1d09rRllob05uajRBSFZQZGY0NVIzUmxDTWNTQVdfUjJybGhMR3hpNVRZQlVrbjhkYlBIQ1dZZGpTb2poVE53TU9hYnp5RmFWSUdWQUxWUmU5OS0tYmFTRk1rckg1aEV1VXR0SmxnaE5KT0JaNjJlRGFZS24xLVFtY0RBMXRDejBHSkREcEJxWTRFaGxWZG0yOTJFdDRGS2hkaUtiMHJmdXhQU0x6ZkdoaVpRUlR5Sm1JZVMtalNwSFR2bFpuZmd5WTNVX1VxaTRUMV9JM1dLNkE2eEpTZ2RITS1lQXNXVDRaSEFJWW9BN0pMS1VsS29xNE1WVTNDYkJTVnRUX2xGX1NVcUhfbklnMEhxWkxZcjRXWUw5c3dKTy1ORDhpUlJkblkxekpzdVBtWjlIYklLRnNjeTNiRE1CZGZhOFM5ZGd5OTNLMVFSbWZCRXJFU2xEUnBKZ19LZngyNzA2dmZlUzFYZGNFbXVTMWJCZHJ6N2pYVXpMR0lEVkhXUVdQbFk2N0VpZzh1ak1HTThRS2dHNEhJNnBEYm5zVjhTTEFZajEtaG5VazJaN1dPbVZmakM1UW5vSXAtLWptWU1CMzFMdkxJTkVMWDNESUhIenJEZHBOY3FzbGh6ZVAyaDFOQnptT1JDQ1QyYW9yOEJxcUVYWlB2WU5Fc1Ftc2pTZlRfeWlMSkZ6MQ==
2021-09-11 11:22:11 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic RHdnWGU1a2Jvb29RaERteW9taUhqdzo5MjA3MjVmNzQ5NWQ0MjFlZWZlMDA1YzAzZTdhOGI3NDg3NzhkN2ExODBlNzI2NGM4ZmQzNjZhMg==
2021-09-11 11:22:11 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2021-09-11 11:22:12 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2021-09-11 11:22:12
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://89.45.234.133:4000/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Basic RHdnWGU1a2Jvb29RaERteW9taUhqdzo5MjA3MjVmNzQ5NWQ0MjFlZWZlMDA1YzAzZTdhOGI3NDg3NzhkN2ExODBlNzI2NGM4ZmQzNjZhMg\u003d\u003d",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "915"
}
request_body
grant_type=refresh_token&refresh_token=Z0FBQUFBQmhQSkZqUkFVenFCMmlDVENVc200TkgydW9YUWFhLWdBaUJsb2M0QjdVTVVQMnMzYmxDY01LNUllcHdVVk1pVzdyUDI1UXhYSUNVenV0XzJyVE1TaVY4UV9GOTJUaWpxRGxIMXRDYjF1THQ3dDFtZkRoS2ZlVWJpNWJkTHFxRHo1d09rRllob05uajRBSFZQZGY0NVIzUmxDTWNTQVdfUjJybGhMR3hpNVRZQlVrbjhkYlBIQ1dZZGpTb2poVE53TU9hYnp5RmFWSUdWQUxWUmU5OS0tYmFTRk1rckg1aEV1VXR0SmxnaE5KT0JaNjJlRGFZS24xLVFtY0RBMXRDejBHSkREcEJxWTRFaGxWZG0yOTJFdDRGS2hkaUtiMHJmdXhQU0x6ZkdoaVpRUlR5Sm1JZVMtalNwSFR2bFpuZmd5WTNVX1VxaTRUMV9JM1dLNkE2eEpTZ2RITS1lQXNXVDRaSEFJWW9BN0pMS1VsS29xNE1WVTNDYkJTVnRUX2xGX1NVcUhfbklnMEhxWkxZcjRXWUw5c3dKTy1ORDhpUlJkblkxekpzdVBtWjlIYklLRnNjeTNiRE1CZGZhOFM5ZGd5OTNLMVFSbWZCRXJFU2xEUnBKZ19LZngyNzA2dmZlUzFYZGNFbXVTMWJCZHJ6N2pYVXpMR0lEVkhXUVdQbFk2N0VpZzh1ak1HTThRS2dHNEhJNnBEYm5zVjhTTEFZajEtaG5VazJaN1dPbVZmakM1UW5vSXAtLWptWU1CMzFMdkxJTkVMWDNESUhIenJEZHBOY3FzbGh6ZVAyaDFOQnptT1JDQ1QyYW9yOEJxcUVYWlB2WU5Fc1Ftc2pTZlRfeWlMSkZ6MQ%3D%3D
2021-09-11 11:22:13 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "2040",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "set-cookie": "oidc_op\u003d1631359332|8IQkYxcijqIKJJDE|iAu6h++hTGpsfcTOO1YX9Zfhh4rCmRUL+Lb8XNe/ZfyWowU4pOsAi+osD+z+VgVstK1vRQGjEoRhdb3VfZDqXeNzF3U2jPAVhUY2K6NT/9uQHkStUV5OxSOygtVJdoVKBp3obg6AFiKVSEPpQMyY3QqHP3Udg1pJlc+44JQb1d085tDzNC085EkUNkDNIwLXqkGWJWnCBFmpTlxgug97eUThP5CxjCGq1NmgVIjMmOntS3Xt0g7n77OqXTTMjSRrOipAsgDo|NhM3CHZRWol3Ul4gyqqe9w\u003d\u003d; Secure; HttpOnly; Path\u003d/; SameSite\u003dLax",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:22:12 GMT"
}
response_body
{"access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MmVlODJkZDEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMyLCAiZXhwIjogMTYzMTM2MjkzMn0.UUn5Uexw3tC0xCORAWu_Na0KXzMvj022zs9UG9SNPFdr4ZnxnBPwRDlffGrTsHa1feEWCrRXGqIXaLH_CYsanQ", "token_type": "Bearer", "scope": "openid offline_access", "expires_in": 1800, "refresh_token": "Z0FBQUFBQmhQSkZraDkzRGt6WlJfYXo5YnRLTlZwakhVUkRXRTJvRWlQcExiNEVJTWtIdmZpb29MVmVCQ25xTVdiMW5ZZTJPLUxiREVCMFpvcUdfNWxDNHhpNWUyQXZSbldqVEhEenV4aVlURmtmaHB3Q0pzemxEdFJCT0lNNnBfMnFXMkNpYVN3c3NYejBkM0RXNEJSakpwWWd2LU1IcWFGVGtScV9xWG8wQnB3elZyS2t6Mjl5VzRZckRxRlFpWVFXNFRFWUE3X2xPWHlfTzVLcVBkVXAwWUVoalJuNnBabkVhYnA1bzl2aU9CbnV5YTByNUpHQ01ybDU2LVZ0ZXBSMnpZVmkyUUlEa1ZoWVBHaUU3WEZXN29Ock5lMUdPalJxNVNfRHdvNFF4aHhRU242R1FjUHYweGs5UnBVTTBtTmtJR1Y5X19QanZqWWRtT3NZNzlvdGtHajJWR3A4QS1NVU94NmJ2LWFNbTljejZHS3JFN0JtSWppTGJSMlQteFlQb25PSk9lQXlhTDhHdlA4OHdFZzI0Q2hCRWl4TXJKRDNpdkJfTDY2LW54WjJUTnROSlJuZ0E5aXVsb0Q2R3BJc1RnQ2ZmS0xwU2VGTHdodW5vNXJhS1FydzZJcmZBWHB4NFhqQnJ6RjFFaDdhODQweUJRNVFheWZLZjBuMHlZRXJ1Q09BRkR5STJwMEpaVGdmTExjWDdoYUJRck5FeTlPOTdoSjBTUXFocGIwbzBrMWM3ZzNlTTF1cUdyb1J0NVQ0VmVoU0ZjWWs2eS1QVHpXYnVXM2lWMWlsMFlWeTJ4MGhJeno4UTBXY2NBa2FuSU1wNlZlaHZPa0o0QkMxNl9XR25CN1JOZDVHMw=="}
2021-09-11 11:22:13 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MmVlODJkZDEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMyLCAiZXhwIjogMTYzMTM2MjkzMn0.UUn5Uexw3tC0xCORAWu_Na0KXzMvj022zs9UG9SNPFdr4ZnxnBPwRDlffGrTsHa1feEWCrRXGqIXaLH_CYsanQ
token_type
Bearer
scope
openid offline_access
expires_in
1800
refresh_token
Z0FBQUFBQmhQSkZraDkzRGt6WlJfYXo5YnRLTlZwakhVUkRXRTJvRWlQcExiNEVJTWtIdmZpb29MVmVCQ25xTVdiMW5ZZTJPLUxiREVCMFpvcUdfNWxDNHhpNWUyQXZSbldqVEhEenV4aVlURmtmaHB3Q0pzemxEdFJCT0lNNnBfMnFXMkNpYVN3c3NYejBkM0RXNEJSakpwWWd2LU1IcWFGVGtScV9xWG8wQnB3elZyS2t6Mjl5VzRZckRxRlFpWVFXNFRFWUE3X2xPWHlfTzVLcVBkVXAwWUVoalJuNnBabkVhYnA1bzl2aU9CbnV5YTByNUpHQ01ybDU2LVZ0ZXBSMnpZVmkyUUlEa1ZoWVBHaUU3WEZXN29Ock5lMUdPalJxNVNfRHdvNFF4aHhRU242R1FjUHYweGs5UnBVTTBtTmtJR1Y5X19QanZqWWRtT3NZNzlvdGtHajJWR3A4QS1NVU94NmJ2LWFNbTljejZHS3JFN0JtSWppTGJSMlQteFlQb25PSk9lQXlhTDhHdlA4OHdFZzI0Q2hCRWl4TXJKRDNpdkJfTDY2LW54WjJUTnROSlJuZ0E5aXVsb0Q2R3BJc1RnQ2ZmS0xwU2VGTHdodW5vNXJhS1FydzZJcmZBWHB4NFhqQnJ6RjFFaDdhODQweUJRNVFheWZLZjBuMHlZRXJ1Q09BRkR5STJwMEpaVGdmTExjWDdoYUJRck5FeTlPOTdoSjBTUXFocGIwbzBrMWM3ZzNlTTF1cUdyb1J0NVQ0VmVoU0ZjWWs2eS1QVHpXYnVXM2lWMWlsMFlWeTJ4MGhJeno4UTBXY2NBa2FuSU1wNlZlaHZPa0o0QkMxNl9XR25CN1JOZDVHMw==
2021-09-11 11:22:13 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2021-09-11 11:22:13 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2021-09-11 11:22:13 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-store
pragma_header
no-cache
2021-09-11 11:22:13 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-09-11 11:22:13 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MmVlODJkZDEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMyLCAiZXhwIjogMTYzMTM2MjkzMn0.UUn5Uexw3tC0xCORAWu_Na0KXzMvj022zs9UG9SNPFdr4ZnxnBPwRDlffGrTsHa1feEWCrRXGqIXaLH_CYsanQ
type
Bearer
2021-09-11 11:22:13 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2021-09-11 11:22:13 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
5938.048232036141
expected
96.0
2021-09-11 11:22:13 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2021-09-11 11:22:13 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
1800
2021-09-11 11:22:13 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
1800
2021-09-11 11:22:13 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MjA2YmZmNzEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMxLCAiZXhwIjogMTYzMTM2MjkzMX0.eXMDSsjphybfOqeYBSoa_6XGRRp-6t9gMt16K_HQsFa2S_xfWuGtJEiO2Im6oxYaJSSTYK_XCiIrnXkpX2atPg
second_access_token
eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MmVlODJkZDEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMyLCAiZXhwIjogMTYzMTM2MjkzMn0.UUn5Uexw3tC0xCORAWu_Na0KXzMvj022zs9UG9SNPFdr4ZnxnBPwRDlffGrTsHa1feEWCrRXGqIXaLH_CYsanQ
2021-09-11 11:22:13 INFO
ExtractIdTokenFromTokenResponse
Couldn't find id_token in token_endpoint_response
2021-09-11 11:22:13 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
Z0FBQUFBQmhQSkZraDkzRGt6WlJfYXo5YnRLTlZwakhVUkRXRTJvRWlQcExiNEVJTWtIdmZpb29MVmVCQ25xTVdiMW5ZZTJPLUxiREVCMFpvcUdfNWxDNHhpNWUyQXZSbldqVEhEenV4aVlURmtmaHB3Q0pzemxEdFJCT0lNNnBfMnFXMkNpYVN3c3NYejBkM0RXNEJSakpwWWd2LU1IcWFGVGtScV9xWG8wQnB3elZyS2t6Mjl5VzRZckRxRlFpWVFXNFRFWUE3X2xPWHlfTzVLcVBkVXAwWUVoalJuNnBabkVhYnA1bzl2aU9CbnV5YTByNUpHQ01ybDU2LVZ0ZXBSMnpZVmkyUUlEa1ZoWVBHaUU3WEZXN29Ock5lMUdPalJxNVNfRHdvNFF4aHhRU242R1FjUHYweGs5UnBVTTBtTmtJR1Y5X19QanZqWWRtT3NZNzlvdGtHajJWR3A4QS1NVU94NmJ2LWFNbTljejZHS3JFN0JtSWppTGJSMlQteFlQb25PSk9lQXlhTDhHdlA4OHdFZzI0Q2hCRWl4TXJKRDNpdkJfTDY2LW54WjJUTnROSlJuZ0E5aXVsb0Q2R3BJc1RnQ2ZmS0xwU2VGTHdodW5vNXJhS1FydzZJcmZBWHB4NFhqQnJ6RjFFaDdhODQweUJRNVFheWZLZjBuMHlZRXJ1Q09BRkR5STJwMEpaVGdmTExjWDdoYUJRck5FeTlPOTdoSjBTUXFocGIwbzBrMWM3ZzNlTTF1cUdyb1J0NVQ0VmVoU0ZjWWs2eS1QVHpXYnVXM2lWMWlsMFlWeTJ4MGhJeno4UTBXY2NBa2FuSU1wNlZlaHZPa0o0QkMxNl9XR25CN1JOZDVHMw==
2021-09-11 11:22:13 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
6976
required
128
2021-09-11 11:22:13 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
4894.353252125615
expected
96.0
2021-09-11 11:22:13 INFO
CompareIdTokenClaims
Skipped evaluation due to missing required object: second_id_token
expected
second_id_token
mapped
second_id_token
Second client: Userinfo endpoint tests
2021-09-11 11:22:13
CallProtectedResourceWithBearerToken
HTTP request
request_uri
https://89.45.234.133:4000/userinfo
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6ImF6UmFUV2xMVFdaVE0wWkxTVUZaTFZOalltNUNkM0ZJU21sTVRWVmtiVlZKYTJGblIwZDVXa1JtTkEifQ.eyJzY29wZSI6IFsib3BlbmlkIiwgIm9mZmxpbmVfYWNjZXNzIl0sICJhdWQiOiBbIkR3Z1hlNWtib29vUWhEbXlvbWlIanciXSwgImp0aSI6ICI4MmVlODJkZDEyZjIxMWVjOGM5OWIxMjU5NDE5MGIwZiIsICJjbGllbnRfaWQiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzdWIiOiAiRHdnWGU1a2Jvb29RaERteW9taUhqdyIsICJzaWQiOiAiWjBGQlFVRkJRbWhRU2tacFNuZzBWRUpsT0ZGaFEzRXdiekZZTkZJNVUwcGxiWFZhVW10ZmNqVXRVVkJSZGxaNGExSXpOR0oxUkhoWGFHdGxZMWg0Y0daUVJXOTViM0Z2YXpORVFXSkVTbkZMYURGQ2RXOXBNMEZCYnpOV1dFVTRhRkJmTVhwQmJEZFVjRnBRVEV0Q1oxTXplbmhDV2pkQlQzQjZaM1ZrTlRWd2JsbGlXRkIzZEhSak4zaGZNR3hhVTNSaldVY3lXa3d5U0ZWSGNUTjNXa293VlhWcFJrWlhSVVZYUzFOWlQyRndTRWcyV210VmFtOURXa3hVYm5JNVIwUm9Ta0pPUkZaeldqTjZXVlZJVFdWNU1YSXpRMEozZVVFME5WUkhia3hoWkVSRE56WlRkVVZwUld0UlpGaHhRekJuZEd4VFJUMD0iLCAidG9rZW5fY2xhc3MiOiAiYWNjZXNzX3Rva2VuIiwgImlzcyI6ICJodHRwczovLzg5LjQ1LjIzNC4xMzM6NDAwMCIsICJpYXQiOiAxNjMxMzU5MzMyLCAiZXhwIjogMTYzMTM2MjkzMn0.UUn5Uexw3tC0xCORAWu_Na0KXzMvj022zs9UG9SNPFdr4ZnxnBPwRDlffGrTsHa1feEWCrRXGqIXaLH_CYsanQ",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
2021-09-11 11:22:13 RESPONSE
CallProtectedResourceWithBearerToken
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json",
  "content-length": "149",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:22:13 GMT"
}
response_body
{"sub": "46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956", "acr": "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"}
2021-09-11 11:22:13 SUCCESS
CallProtectedResourceWithBearerToken
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "content-type": "application/json",
  "content-length": "149",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:22:13 GMT"
}
body
{"sub": "46dc5301ca3a593827b3aa18f7e5956172bbb5376147e2372645544326cff956", "acr": "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword"}
Attempting to use refresh_token issued to client 2 with client 1
2021-09-11 11:22:13 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
Z0FBQUFBQmhQSkZraDkzRGt6WlJfYXo5YnRLTlZwakhVUkRXRTJvRWlQcExiNEVJTWtIdmZpb29MVmVCQ25xTVdiMW5ZZTJPLUxiREVCMFpvcUdfNWxDNHhpNWUyQXZSbldqVEhEenV4aVlURmtmaHB3Q0pzemxEdFJCT0lNNnBfMnFXMkNpYVN3c3NYejBkM0RXNEJSakpwWWd2LU1IcWFGVGtScV9xWG8wQnB3elZyS2t6Mjl5VzRZckRxRlFpWVFXNFRFWUE3X2xPWHlfTzVLcVBkVXAwWUVoalJuNnBabkVhYnA1bzl2aU9CbnV5YTByNUpHQ01ybDU2LVZ0ZXBSMnpZVmkyUUlEa1ZoWVBHaUU3WEZXN29Ock5lMUdPalJxNVNfRHdvNFF4aHhRU242R1FjUHYweGs5UnBVTTBtTmtJR1Y5X19QanZqWWRtT3NZNzlvdGtHajJWR3A4QS1NVU94NmJ2LWFNbTljejZHS3JFN0JtSWppTGJSMlQteFlQb25PSk9lQXlhTDhHdlA4OHdFZzI0Q2hCRWl4TXJKRDNpdkJfTDY2LW54WjJUTnROSlJuZ0E5aXVsb0Q2R3BJc1RnQ2ZmS0xwU2VGTHdodW5vNXJhS1FydzZJcmZBWHB4NFhqQnJ6RjFFaDdhODQweUJRNVFheWZLZjBuMHlZRXJ1Q09BRkR5STJwMEpaVGdmTExjWDdoYUJRck5FeTlPOTdoSjBTUXFocGIwbzBrMWM3ZzNlTTF1cUdyb1J0NVQ0VmVoU0ZjWWs2eS1QVHpXYnVXM2lWMWlsMFlWeTJ4MGhJeno4UTBXY2NBa2FuSU1wNlZlaHZPa0o0QkMxNl9XR25CN1JOZDVHMw==
2021-09-11 11:22:13 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid offline_access' to token endpoint request
grant_type
refresh_token
refresh_token
Z0FBQUFBQmhQSkZraDkzRGt6WlJfYXo5YnRLTlZwakhVUkRXRTJvRWlQcExiNEVJTWtIdmZpb29MVmVCQ25xTVdiMW5ZZTJPLUxiREVCMFpvcUdfNWxDNHhpNWUyQXZSbldqVEhEenV4aVlURmtmaHB3Q0pzemxEdFJCT0lNNnBfMnFXMkNpYVN3c3NYejBkM0RXNEJSakpwWWd2LU1IcWFGVGtScV9xWG8wQnB3elZyS2t6Mjl5VzRZckRxRlFpWVFXNFRFWUE3X2xPWHlfTzVLcVBkVXAwWUVoalJuNnBabkVhYnA1bzl2aU9CbnV5YTByNUpHQ01ybDU2LVZ0ZXBSMnpZVmkyUUlEa1ZoWVBHaUU3WEZXN29Ock5lMUdPalJxNVNfRHdvNFF4aHhRU242R1FjUHYweGs5UnBVTTBtTmtJR1Y5X19QanZqWWRtT3NZNzlvdGtHajJWR3A4QS1NVU94NmJ2LWFNbTljejZHS3JFN0JtSWppTGJSMlQteFlQb25PSk9lQXlhTDhHdlA4OHdFZzI0Q2hCRWl4TXJKRDNpdkJfTDY2LW54WjJUTnROSlJuZ0E5aXVsb0Q2R3BJc1RnQ2ZmS0xwU2VGTHdodW5vNXJhS1FydzZJcmZBWHB4NFhqQnJ6RjFFaDdhODQweUJRNVFheWZLZjBuMHlZRXJ1Q09BRkR5STJwMEpaVGdmTExjWDdoYUJRck5FeTlPOTdoSjBTUXFocGIwbzBrMWM3ZzNlTTF1cUdyb1J0NVQ0VmVoU0ZjWWs2eS1QVHpXYnVXM2lWMWlsMFlWeTJ4MGhJeno4UTBXY2NBa2FuSU1wNlZlaHZPa0o0QkMxNl9XR25CN1JOZDVHMw==
scope
openid offline_access
2021-09-11 11:22:13 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic X3FOUFBKek9NOTZaQnBVZ1E1S05kZzpkYjI3ZGM3MzVlZWExNDk1NmUzZjc1MzA2ZTEwYTJhMTVmYjI4NGNkMjZhZWMwMzYyNzc5ZTI3ZQ==
2021-09-11 11:22:13
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://89.45.234.133:4000/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Basic X3FOUFBKek9NOTZaQnBVZ1E1S05kZzpkYjI3ZGM3MzVlZWExNDk1NmUzZjc1MzA2ZTEwYTJhMTVmYjI4NGNkMjZhZWMwMzYyNzc5ZTI3ZQ\u003d\u003d",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "943"
}
request_body
grant_type=refresh_token&refresh_token=Z0FBQUFBQmhQSkZraDkzRGt6WlJfYXo5YnRLTlZwakhVUkRXRTJvRWlQcExiNEVJTWtIdmZpb29MVmVCQ25xTVdiMW5ZZTJPLUxiREVCMFpvcUdfNWxDNHhpNWUyQXZSbldqVEhEenV4aVlURmtmaHB3Q0pzemxEdFJCT0lNNnBfMnFXMkNpYVN3c3NYejBkM0RXNEJSakpwWWd2LU1IcWFGVGtScV9xWG8wQnB3elZyS2t6Mjl5VzRZckRxRlFpWVFXNFRFWUE3X2xPWHlfTzVLcVBkVXAwWUVoalJuNnBabkVhYnA1bzl2aU9CbnV5YTByNUpHQ01ybDU2LVZ0ZXBSMnpZVmkyUUlEa1ZoWVBHaUU3WEZXN29Ock5lMUdPalJxNVNfRHdvNFF4aHhRU242R1FjUHYweGs5UnBVTTBtTmtJR1Y5X19QanZqWWRtT3NZNzlvdGtHajJWR3A4QS1NVU94NmJ2LWFNbTljejZHS3JFN0JtSWppTGJSMlQteFlQb25PSk9lQXlhTDhHdlA4OHdFZzI0Q2hCRWl4TXJKRDNpdkJfTDY2LW54WjJUTnROSlJuZ0E5aXVsb0Q2R3BJc1RnQ2ZmS0xwU2VGTHdodW5vNXJhS1FydzZJcmZBWHB4NFhqQnJ6RjFFaDdhODQweUJRNVFheWZLZjBuMHlZRXJ1Q09BRkR5STJwMEpaVGdmTExjWDdoYUJRck5FeTlPOTdoSjBTUXFocGIwbzBrMWM3ZzNlTTF1cUdyb1J0NVQ0VmVoU0ZjWWs2eS1QVHpXYnVXM2lWMWlsMFlWeTJ4MGhJeno4UTBXY2NBa2FuSU1wNlZlaHZPa0o0QkMxNl9XR25CN1JOZDVHMw%3D%3D&scope=openid+offline_access
2021-09-11 11:22:13 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
BAD REQUEST
response_headers
{
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "63",
  "pragma": "no-cache",
  "cache-control": "no-store",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:22:13 GMT"
}
response_body
{"error": "invalid_grant", "error_description": "Wrong client"}
2021-09-11 11:22:13 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
Wrong client
2021-09-11 11:22:13 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2021-09-11 11:22:13 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2021-09-11 11:22:13 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2021-09-11 11:22:13 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2021-09-11 11:22:13 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2021-09-11 11:22:13
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://89.45.234.133:4000/registration_api?client_id=_qNPPJzOM96ZBpUgQ5KNdg
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "authorization": "Bearer UskPZp5NIUGhuw0hoA25PUUnmz6BHr1zHfG8QDWZde4",
  "content-length": "0"
}
request_body

                                
2021-09-11 11:22:14 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
405 METHOD_NOT_ALLOWED
response_status_text
METHOD NOT ALLOWED
response_headers
{
  "content-type": "text/html; charset\u003dutf-8",
  "allow": "HEAD, OPTIONS, GET",
  "content-length": "178",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:22:14 GMT"
}
response_body
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
2021-09-11 11:22:14 INFO
UnregisterDynamicallyRegisteredClient
Error when calling registration_client_uri
code
405
body
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
status
METHOD NOT ALLOWED
Second client: Unregister dynamically registered client
2021-09-11 11:22:14
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://89.45.234.133:4000/registration_api?client_id=DwgXe5kboooQhDmyomiHjw
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "authorization": "Bearer 8TzxmdsOjJk7HUuCT0vBcCC-3Ge3IQLAzS8bMSGxoY4",
  "content-length": "0"
}
request_body

                                
2021-09-11 11:22:14 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
405 METHOD_NOT_ALLOWED
response_status_text
METHOD NOT ALLOWED
response_headers
{
  "content-type": "text/html; charset\u003dutf-8",
  "allow": "HEAD, OPTIONS, GET",
  "content-length": "178",
  "server": "Werkzeug/1.0.1 Python/3.8.10",
  "date": "Sat, 11 Sep 2021 11:22:14 GMT"
}
response_body
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
2021-09-11 11:22:14 INFO
UnregisterDynamicallyRegisteredClient
Error when calling registration_client_uri
code
405
body
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
status
METHOD NOT ALLOWED
2021-09-11 11:22:20
TEST-RUNNER
Alias has now been claimed by another test
alias
idpy
new_test_id
KEzcniZ8lKiWU2h
Test Results