Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-07-28 20:06:56 INFO
TEST-RUNNER
Test instance 6KUWLY0Gro created
baseUrl
https://www.certification.openid.net/test/6KUWLY0Gro
variant
{
  "client_auth_type": "private_key_jwt",
  "response_type": "code id_token",
  "server_metadata": "discovery",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias

                                
description
node oidc-provider
planId
MA73anEprfY6v
config
{
  "description": "node oidc-provider",
  "server": {
    "discoveryUrl": "https://op.panva.cz/.well-known/openid-configuration",
    "login_hint": "bob@example.com"
  },
  "client": {
    "client_name": "first-openid-client"
  },
  "client2": {
    "client_name": "second-openid-client"
  },
  "browser": [
    {
      "match": "https://op.panva.cz/auth*",
      "tasks": [
        {
          "task": "Login",
          "optional": true,
          "match": "https://op.panva.cz/interaction*",
          "commands": [
            [
              "text",
              "name",
              "login",
              "foo",
              "optional"
            ],
            [
              "text",
              "name",
              "password",
              "bar",
              "optional"
            ],
            [
              "click",
              "class",
              "login-submit"
            ]
          ]
        },
        {
          "task": "Consent",
          "optional": true,
          "match": "https://op.panva.cz/interaction*",
          "commands": [
            [
              "click",
              "class",
              "login-submit"
            ]
          ]
        },
        {
          "task": "Verify Complete",
          "match": "*/test/*/callback*",
          "commands": [
            [
              "wait",
              "id",
              "submission_complete",
              10
            ]
          ]
        }
      ]
    },
    {
      "match": "https://op.panva.cz/session/end*",
      "tasks": [
        {
          "task": "Choose logout option",
          "match": "https://op.panva.cz/session/end*",
          "commands": [
            [
              "click",
              "css",
              "button[autofocus] "
            ]
          ]
        },
        {
          "task": "process user choice, wait for redirect back",
          "optional": true,
          "match": "https://op.panva.cz/session/end/confirm",
          "commands": [
            [
              "wait",
              "contains",
              "/test/*/post",
              10
            ]
          ]
        },
        {
          "task": "Verify Complete",
          "match": "*/test/*/post*"
        }
      ]
    }
  ]
}
testName
oidcc-refresh-token
2020-07-28 20:06:56 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
2020-07-28 20:06:56
GetDynamicServerConfiguration
HTTP request
request_uri
https://op.panva.cz/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-07-28 20:06:56 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "5937",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:06:56 GMT",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"acr_values_supported":["urn:mace:incommon:iap:bronze"],"authorization_endpoint":"https://op.panva.cz/auth","device_authorization_endpoint":"https://op.panva.cz/device/auth","claims_parameter_supported":true,"claims_supported":["sub","address","email","email_verified","phone_number","phone_number_verified","birthdate","family_name","gender","given_name","locale","middle_name","name","nickname","picture","preferred_username","profile","updated_at","website","zoneinfo","acr","sid","auth_time","iss","amr"],"code_challenge_methods_supported":["S256"],"end_session_endpoint":"https://op.panva.cz/session/end","check_session_iframe":"https://op.panva.cz/session/check","grant_types_supported":["implicit","authorization_code","refresh_token","urn:ietf:params:oauth:grant-type:device_code"],"id_token_signing_alg_values_supported":["HS256","HS384","HS512","none","PS256","PS384","PS512","RS256","RS384","RS512","ES256","ES256K","ES384","ES512","EdDSA"],"issuer":"https://op.panva.cz","jwks_uri":"https://op.panva.cz/jwks","registration_endpoint":"https://op.panva.cz/reg","response_modes_supported":["form_post","fragment","query","jwt","query.jwt","fragment.jwt","form_post.jwt"],"response_types_supported":["code id_token token","code id_token","code token","code","id_token token","id_token","none"],"scopes_supported":["openid","offline_access","address","email","phone","profile"],"subject_types_supported":["public","pairwise"],"token_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","self_signed_tls_client_auth"],"token_endpoint_auth_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA"],"token_endpoint":"https://op.panva.cz/token","pushed_authorization_request_endpoint":"https://op.panva.cz/request","request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA","none"],"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"userinfo_endpoint":"https://op.panva.cz/me","userinfo_signing_alg_values_supported":["HS256","HS384","HS512","none","PS256","PS384","PS512","RS256","RS384","RS512","ES256","ES256K","ES384","ES512","EdDSA"],"authorization_signing_alg_values_supported":["HS256","HS384","HS512","PS256","PS384","PS512","RS256","RS384","RS512","ES256","ES256K","ES384","ES512","EdDSA"],"introspection_endpoint":"https://op.panva.cz/token/introspection","introspection_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","self_signed_tls_client_auth"],"introspection_endpoint_auth_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA"],"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA"],"revocation_endpoint":"https://op.panva.cz/token/revocation","revocation_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","self_signed_tls_client_auth"],"revocation_endpoint_auth_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA"],"id_token_encryption_alg_values_supported":["RSA-OAEP","RSA-OAEP-256","RSA-OAEP-384","RSA-OAEP-512","RSA1_5","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW","A128GCMKW","A192GCMKW","A256GCMKW","A128KW","A192KW","A256KW","PBES2-HS256+A128KW","PBES2-HS384+A192KW","PBES2-HS512+A256KW","dir"],"id_token_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A192CBC-HS384","A192GCM","A256CBC-HS512","A256GCM"],"userinfo_encryption_alg_values_supported":["RSA-OAEP","RSA-OAEP-256","RSA-OAEP-384","RSA-OAEP-512","RSA1_5","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW","A128GCMKW","A192GCMKW","A256GCMKW","A128KW","A192KW","A256KW","PBES2-HS256+A128KW","PBES2-HS384+A192KW","PBES2-HS512+A256KW","dir"],"userinfo_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A192CBC-HS384","A192GCM","A256CBC-HS512","A256GCM"],"authorization_encryption_alg_values_supported":["RSA-OAEP","RSA-OAEP-256","RSA-OAEP-384","RSA-OAEP-512","RSA1_5","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW","A128GCMKW","A192GCMKW","A256GCMKW","A128KW","A192KW","A256KW","PBES2-HS256+A128KW","PBES2-HS384+A192KW","PBES2-HS512+A256KW","dir"],"authorization_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A192CBC-HS384","A192GCM","A256CBC-HS512","A256GCM"],"request_object_encryption_alg_values_supported":["A128GCMKW","A192GCMKW","A256GCMKW","A128KW","A192KW","A256KW","PBES2-HS256+A128KW","PBES2-HS384+A192KW","PBES2-HS512+A256KW","dir","RSA-OAEP","RSA-OAEP-256","RSA-OAEP-384","RSA-OAEP-512","RSA1_5","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW"],"request_object_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A192CBC-HS384","A192GCM","A256CBC-HS512","A256GCM"],"backchannel_logout_supported":true,"backchannel_logout_session_supported":true,"frontchannel_logout_supported":true,"frontchannel_logout_session_supported":true,"tls_client_certificate_bound_access_tokens":true,"claim_types_supported":["normal"],"service_documentation":"https://github.com/panva/node-oidc-provider","version":"6.28.0-a4eb4b2","mtls_endpoint_aliases":{"token_endpoint":"https://mtls.op.panva.cz/token","introspection_endpoint":"https://mtls.op.panva.cz/token/introspection","revocation_endpoint":"https://mtls.op.panva.cz/token/revocation","userinfo_endpoint":"https://mtls.op.panva.cz/me","device_authorization_endpoint":"https://mtls.op.panva.cz/device/auth","pushed_authorization_request_endpoint":"https://mtls.op.panva.cz/request"}}
2020-07-28 20:06:56
GetDynamicServerConfiguration
Downloaded server configuration
server_config_string
{"acr_values_supported":["urn:mace:incommon:iap:bronze"],"authorization_endpoint":"https://op.panva.cz/auth","device_authorization_endpoint":"https://op.panva.cz/device/auth","claims_parameter_supported":true,"claims_supported":["sub","address","email","email_verified","phone_number","phone_number_verified","birthdate","family_name","gender","given_name","locale","middle_name","name","nickname","picture","preferred_username","profile","updated_at","website","zoneinfo","acr","sid","auth_time","iss","amr"],"code_challenge_methods_supported":["S256"],"end_session_endpoint":"https://op.panva.cz/session/end","check_session_iframe":"https://op.panva.cz/session/check","grant_types_supported":["implicit","authorization_code","refresh_token","urn:ietf:params:oauth:grant-type:device_code"],"id_token_signing_alg_values_supported":["HS256","HS384","HS512","none","PS256","PS384","PS512","RS256","RS384","RS512","ES256","ES256K","ES384","ES512","EdDSA"],"issuer":"https://op.panva.cz","jwks_uri":"https://op.panva.cz/jwks","registration_endpoint":"https://op.panva.cz/reg","response_modes_supported":["form_post","fragment","query","jwt","query.jwt","fragment.jwt","form_post.jwt"],"response_types_supported":["code id_token token","code id_token","code token","code","id_token token","id_token","none"],"scopes_supported":["openid","offline_access","address","email","phone","profile"],"subject_types_supported":["public","pairwise"],"token_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","self_signed_tls_client_auth"],"token_endpoint_auth_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA"],"token_endpoint":"https://op.panva.cz/token","pushed_authorization_request_endpoint":"https://op.panva.cz/request","request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA","none"],"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"userinfo_endpoint":"https://op.panva.cz/me","userinfo_signing_alg_values_supported":["HS256","HS384","HS512","none","PS256","PS384","PS512","RS256","RS384","RS512","ES256","ES256K","ES384","ES512","EdDSA"],"authorization_signing_alg_values_supported":["HS256","HS384","HS512","PS256","PS384","PS512","RS256","RS384","RS512","ES256","ES256K","ES384","ES512","EdDSA"],"introspection_endpoint":"https://op.panva.cz/token/introspection","introspection_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","self_signed_tls_client_auth"],"introspection_endpoint_auth_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA"],"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA"],"revocation_endpoint":"https://op.panva.cz/token/revocation","revocation_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","self_signed_tls_client_auth"],"revocation_endpoint_auth_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES256K","ES384","ES512","EdDSA"],"id_token_encryption_alg_values_supported":["RSA-OAEP","RSA-OAEP-256","RSA-OAEP-384","RSA-OAEP-512","RSA1_5","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW","A128GCMKW","A192GCMKW","A256GCMKW","A128KW","A192KW","A256KW","PBES2-HS256+A128KW","PBES2-HS384+A192KW","PBES2-HS512+A256KW","dir"],"id_token_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A192CBC-HS384","A192GCM","A256CBC-HS512","A256GCM"],"userinfo_encryption_alg_values_supported":["RSA-OAEP","RSA-OAEP-256","RSA-OAEP-384","RSA-OAEP-512","RSA1_5","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW","A128GCMKW","A192GCMKW","A256GCMKW","A128KW","A192KW","A256KW","PBES2-HS256+A128KW","PBES2-HS384+A192KW","PBES2-HS512+A256KW","dir"],"userinfo_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A192CBC-HS384","A192GCM","A256CBC-HS512","A256GCM"],"authorization_encryption_alg_values_supported":["RSA-OAEP","RSA-OAEP-256","RSA-OAEP-384","RSA-OAEP-512","RSA1_5","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW","A128GCMKW","A192GCMKW","A256GCMKW","A128KW","A192KW","A256KW","PBES2-HS256+A128KW","PBES2-HS384+A192KW","PBES2-HS512+A256KW","dir"],"authorization_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A192CBC-HS384","A192GCM","A256CBC-HS512","A256GCM"],"request_object_encryption_alg_values_supported":["A128GCMKW","A192GCMKW","A256GCMKW","A128KW","A192KW","A256KW","PBES2-HS256+A128KW","PBES2-HS384+A192KW","PBES2-HS512+A256KW","dir","RSA-OAEP","RSA-OAEP-256","RSA-OAEP-384","RSA-OAEP-512","RSA1_5","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A192KW","ECDH-ES+A256KW"],"request_object_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A192CBC-HS384","A192GCM","A256CBC-HS512","A256GCM"],"backchannel_logout_supported":true,"backchannel_logout_session_supported":true,"frontchannel_logout_supported":true,"frontchannel_logout_session_supported":true,"tls_client_certificate_bound_access_tokens":true,"claim_types_supported":["normal"],"service_documentation":"https://github.com/panva/node-oidc-provider","version":"6.28.0-a4eb4b2","mtls_endpoint_aliases":{"token_endpoint":"https://mtls.op.panva.cz/token","introspection_endpoint":"https://mtls.op.panva.cz/token/introspection","revocation_endpoint":"https://mtls.op.panva.cz/token/revocation","userinfo_endpoint":"https://mtls.op.panva.cz/me","device_authorization_endpoint":"https://mtls.op.panva.cz/device/auth","pushed_authorization_request_endpoint":"https://mtls.op.panva.cz/request"}}
2020-07-28 20:06:56 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
acr_values_supported
[
  "urn:mace:incommon:iap:bronze"
]
authorization_endpoint
https://op.panva.cz/auth
device_authorization_endpoint
https://op.panva.cz/device/auth
claims_parameter_supported
true
claims_supported
[
  "sub",
  "address",
  "email",
  "email_verified",
  "phone_number",
  "phone_number_verified",
  "birthdate",
  "family_name",
  "gender",
  "given_name",
  "locale",
  "middle_name",
  "name",
  "nickname",
  "picture",
  "preferred_username",
  "profile",
  "updated_at",
  "website",
  "zoneinfo",
  "acr",
  "sid",
  "auth_time",
  "iss",
  "amr"
]
code_challenge_methods_supported
[
  "S256"
]
end_session_endpoint
https://op.panva.cz/session/end
check_session_iframe
https://op.panva.cz/session/check
grant_types_supported
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "urn:ietf:params:oauth:grant-type:device_code"
]
id_token_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "none",
  "PS256",
  "PS384",
  "PS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES256K",
  "ES384",
  "ES512",
  "EdDSA"
]
issuer
https://op.panva.cz
jwks_uri
https://op.panva.cz/jwks
registration_endpoint
https://op.panva.cz/reg
response_modes_supported
[
  "form_post",
  "fragment",
  "query",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
response_types_supported
[
  "code id_token token",
  "code id_token",
  "code token",
  "code",
  "id_token token",
  "id_token",
  "none"
]
scopes_supported
[
  "openid",
  "offline_access",
  "address",
  "email",
  "phone",
  "profile"
]
subject_types_supported
[
  "public",
  "pairwise"
]
token_endpoint_auth_methods_supported
[
  "none",
  "client_secret_basic",
  "client_secret_jwt",
  "client_secret_post",
  "private_key_jwt",
  "self_signed_tls_client_auth"
]
token_endpoint_auth_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES256K",
  "ES384",
  "ES512",
  "EdDSA"
]
token_endpoint
https://op.panva.cz/token
pushed_authorization_request_endpoint
https://op.panva.cz/request
request_object_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES256K",
  "ES384",
  "ES512",
  "EdDSA",
  "none"
]
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
userinfo_endpoint
https://op.panva.cz/me
userinfo_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "none",
  "PS256",
  "PS384",
  "PS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES256K",
  "ES384",
  "ES512",
  "EdDSA"
]
authorization_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "PS256",
  "PS384",
  "PS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES256K",
  "ES384",
  "ES512",
  "EdDSA"
]
introspection_endpoint
https://op.panva.cz/token/introspection
introspection_endpoint_auth_methods_supported
[
  "none",
  "client_secret_basic",
  "client_secret_jwt",
  "client_secret_post",
  "private_key_jwt",
  "self_signed_tls_client_auth"
]
introspection_endpoint_auth_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES256K",
  "ES384",
  "ES512",
  "EdDSA"
]
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES256K",
  "ES384",
  "ES512",
  "EdDSA"
]
revocation_endpoint
https://op.panva.cz/token/revocation
revocation_endpoint_auth_methods_supported
[
  "none",
  "client_secret_basic",
  "client_secret_jwt",
  "client_secret_post",
  "private_key_jwt",
  "self_signed_tls_client_auth"
]
revocation_endpoint_auth_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES256K",
  "ES384",
  "ES512",
  "EdDSA"
]
id_token_encryption_alg_values_supported
[
  "RSA-OAEP",
  "RSA-OAEP-256",
  "RSA-OAEP-384",
  "RSA-OAEP-512",
  "RSA1_5",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A192KW",
  "ECDH-ES+A256KW",
  "A128GCMKW",
  "A192GCMKW",
  "A256GCMKW",
  "A128KW",
  "A192KW",
  "A256KW",
  "PBES2-HS256+A128KW",
  "PBES2-HS384+A192KW",
  "PBES2-HS512+A256KW",
  "dir"
]
id_token_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A192CBC-HS384",
  "A192GCM",
  "A256CBC-HS512",
  "A256GCM"
]
userinfo_encryption_alg_values_supported
[
  "RSA-OAEP",
  "RSA-OAEP-256",
  "RSA-OAEP-384",
  "RSA-OAEP-512",
  "RSA1_5",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A192KW",
  "ECDH-ES+A256KW",
  "A128GCMKW",
  "A192GCMKW",
  "A256GCMKW",
  "A128KW",
  "A192KW",
  "A256KW",
  "PBES2-HS256+A128KW",
  "PBES2-HS384+A192KW",
  "PBES2-HS512+A256KW",
  "dir"
]
userinfo_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A192CBC-HS384",
  "A192GCM",
  "A256CBC-HS512",
  "A256GCM"
]
authorization_encryption_alg_values_supported
[
  "RSA-OAEP",
  "RSA-OAEP-256",
  "RSA-OAEP-384",
  "RSA-OAEP-512",
  "RSA1_5",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A192KW",
  "ECDH-ES+A256KW",
  "A128GCMKW",
  "A192GCMKW",
  "A256GCMKW",
  "A128KW",
  "A192KW",
  "A256KW",
  "PBES2-HS256+A128KW",
  "PBES2-HS384+A192KW",
  "PBES2-HS512+A256KW",
  "dir"
]
authorization_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A192CBC-HS384",
  "A192GCM",
  "A256CBC-HS512",
  "A256GCM"
]
request_object_encryption_alg_values_supported
[
  "A128GCMKW",
  "A192GCMKW",
  "A256GCMKW",
  "A128KW",
  "A192KW",
  "A256KW",
  "PBES2-HS256+A128KW",
  "PBES2-HS384+A192KW",
  "PBES2-HS512+A256KW",
  "dir",
  "RSA-OAEP",
  "RSA-OAEP-256",
  "RSA-OAEP-384",
  "RSA-OAEP-512",
  "RSA1_5",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A192KW",
  "ECDH-ES+A256KW"
]
request_object_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A192CBC-HS384",
  "A192GCM",
  "A256CBC-HS512",
  "A256GCM"
]
backchannel_logout_supported
true
backchannel_logout_session_supported
true
frontchannel_logout_supported
true
frontchannel_logout_session_supported
true
tls_client_certificate_bound_access_tokens
true
claim_types_supported
[
  "normal"
]
service_documentation
https://github.com/panva/node-oidc-provider
version
6.28.0-a4eb4b2
mtls_endpoint_aliases
{
  "token_endpoint": "https://mtls.op.panva.cz/token",
  "introspection_endpoint": "https://mtls.op.panva.cz/token/introspection",
  "revocation_endpoint": "https://mtls.op.panva.cz/token/revocation",
  "userinfo_endpoint": "https://mtls.op.panva.cz/me",
  "device_authorization_endpoint": "https://mtls.op.panva.cz/device/auth",
  "pushed_authorization_request_endpoint": "https://mtls.op.panva.cz/request"
}
2020-07-28 20:06:56 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2020-07-28 20:06:56 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "op.panva.cz",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "op.panva.cz",
  "testPort": 443
}
token_endpoint
{
  "testHost": "op.panva.cz",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "op.panva.cz",
  "testPort": 443
}
2020-07-28 20:06:56
FetchServerKeys
Fetching server key
jwks_uri
https://op.panva.cz/jwks
2020-07-28 20:06:56
FetchServerKeys
HTTP request
request_uri
https://op.panva.cz/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-07-28 20:06:57 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "2810",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:06:57 GMT",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"keys":[{"e":"AQAB","n":"xwQ72P9z9OYshiQ-ntDYaPnnfwG6u9JAdLMZ5o0dmjlcyrvwQRdoFIKPnO65Q8mh6F_LDSxjxa2Yzo_wdjhbPZLjfUJXgCzm54cClXzT5twzo7lzoAfaJlkTsoZc2HFWqmcri0BuzmTFLZx2Q7wYBm0pXHmQKF0V-C1O6NWfd4mfBhbM-I1tHYSpAMgarSm22WDMDx-WWI7TEzy2QhaBVaENW9BKaKkJklocAZCxk18WhR0fckIGiWiSM5FcU1PY2jfGsTmX505Ub7P5Dz75Ygqrutd5tFrcqyPAtPTFDk8X1InxkkUwpP3nFU5o50DGhwQolGYKPGtQ-ZtmbOfcWQ","kty":"RSA","kid":"r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc","use":"sig"},{"e":"AQAB","n":"mXauIvyeUFA74P2vcmgAWSCMw6CP6-MJ6EvFuRARfLLJEi49AzQvJl_4pwDvLkZcCqS7OqPE1ufNyDH6oQPEc7JuukHMY02EgwqHjJ6GG6FQqJuiWlKB_l-7c9y9r4bh4r58xdZc6T5dFVSNT2VcIVoSjq9VmzwpaTKCUyVeZYHZhnLfWMm9rKU5WSz75siG-_jbudItsfhEwA59kvi4So2IV9TxHwW50i4IcTB1gXwG1olNgiX3-Mq1Iw5VGPzMo2hQXI3q1y-ZjhSwhvG5dje9J8htBEWdVYk4f6cv19IE9gEx7T-2vIVw5FCpAmmfFuRebec49c7zjfr0EyTI4w","kty":"RSA","kid":"w5kPRdJWODnYjihMgqs0tHkKk-e5OxU4DnSCZDkF_h0","use":"enc"},{"crv":"P-256","x":"FWZ9rSkLt6Dx9E3pxLybhdM6xgR5obGsj5_pqmnz5J4","y":"_n8G69C-A2Xl4xUW2lF0i8ZGZnk_KPYrhv4GbTGu5G4","kty":"EC","kid":"MFZeG102dQiqbANoaMlW_Jmf7fOZmtRsHt77JFhTpF0","use":"sig"},{"crv":"P-256","x":"Eb3RtGgBGOEz33yu46aha_RU6pyBaYNlu6SawlWGGHQ","y":"tUncttzF6Ud4Abfn1N2A1Rz2MBbJSdI0zuKS28BNb-U","kty":"EC","kid":"mlSUkq-ELqZiWl9zs9ZKkbcjIvgajGgnXfPWUZn9lEc","use":"enc"},{"crv":"secp256k1","x":"KDAUHh_SpgROXXAq8IFs9B9lGNB9VP4RwebeAO2tBao","y":"wr3L1dZyUCrS4H18fDYy5hcvGTCp05tiiBy0ZUG8Qs4","kty":"EC","kid":"vl5k1biVlGOHeu2XiLg_0qrIVdoFdM0POWeeCl-QMsY","use":"sig"},{"crv":"P-384","x":"P1npwyTJ2p20D9_r2u31DU7tfDEufaVcSJJcDOuO6QyqrXvjyMvf8e5xv3XxE39l","y":"tmq2S12MVdKUQTmd0AxVEOji1ihR_vZAhTLKojD2XW_2EJH7ydiaz2oxrnkC0mvI","kty":"EC","kid":"rqHXKVLLF2RxqFgXWfEZE578gM-IhelOjugVfb_BMZ4","use":"sig"},{"crv":"P-384","x":"UhkqvxbxMCGtkg_-6W0gqkr21fgY3LSaNbquU7CYEDwBwGCd6iK6Bu5PVUxraulY","y":"CXrg3mxUkN5D4bPfiLfnD1jMYGSDxn2Zeh-8_OOstX21WNZJ9_i-iFZR3pIXyH0z","kty":"EC","kid":"rV1Hjt_79O_m1oJ7Jz0QgKHDa2iwb8p4kvMU0L99wjg","use":"enc"},{"crv":"P-521","x":"AIjEl5H8w2Rf_iqIP8WT7v5-FlBlBGYy5sMJs1XOxWz4RRARIEOemEY45g10sEPzZ4qe7oyjCUDK5FY1WwjRvgHK","y":"AaKN94cn1ApvvfpOWO9VpJm-lLzOUR8XxOrKYfPqcLs0zEqSPiGdWA5CoNL5ck1q-CXD09ysQSmNkzFGaig2Mnop","kty":"EC","kid":"RG_hu6lggazoCOu2wsrn3icSvhAXuGyL55f2GAaH2NA","use":"sig"},{"crv":"P-521","x":"AXFcu6lqcxoyFUU14xTw0I5cfCR2q0jqOXwU_EKjA5mIxUpue58IIrfrIh4IauV3co2SziD6Uf1SWe8l11Y4-BoJ","y":"AREzsMJu3VveUPMaJ2QWmjucwzZH4FqufXzS2IW-MGqViyDNTg2BgX-2VCJvdTo0zbhvRvBC1ghJNrVnH5M92JQ6","kty":"EC","kid":"MPcTmIIPYRnLt9s_TdBrpV27HcNVDi9aZpB0eJvAxzE","use":"enc"},{"crv":"Ed25519","x":"lDkysGJKRmJeUp8ncTyGraHPHHiIfdxSajxGm7Srla8","kty":"OKP","kid":"CLjPrbijCB2z9dScRNpM1mSGOQVOIByTmd18Ft2eiAQ","use":"sig"},{"crv":"Ed448","x":"BG1zKFg6A_Rzix4pA08oYN5xHqhKIiREXZ59NZoA8p3xhgjh-tm8nc-6udtiL5ZNhWDbnRSq4jQA","kty":"OKP","kid":"kU2PiegZOPUKcsJATItJArz18oWWfEH-Ma52K_8nGaE","use":"sig"}]}
2020-07-28 20:06:57
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"e":"AQAB","n":"xwQ72P9z9OYshiQ-ntDYaPnnfwG6u9JAdLMZ5o0dmjlcyrvwQRdoFIKPnO65Q8mh6F_LDSxjxa2Yzo_wdjhbPZLjfUJXgCzm54cClXzT5twzo7lzoAfaJlkTsoZc2HFWqmcri0BuzmTFLZx2Q7wYBm0pXHmQKF0V-C1O6NWfd4mfBhbM-I1tHYSpAMgarSm22WDMDx-WWI7TEzy2QhaBVaENW9BKaKkJklocAZCxk18WhR0fckIGiWiSM5FcU1PY2jfGsTmX505Ub7P5Dz75Ygqrutd5tFrcqyPAtPTFDk8X1InxkkUwpP3nFU5o50DGhwQolGYKPGtQ-ZtmbOfcWQ","kty":"RSA","kid":"r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc","use":"sig"},{"e":"AQAB","n":"mXauIvyeUFA74P2vcmgAWSCMw6CP6-MJ6EvFuRARfLLJEi49AzQvJl_4pwDvLkZcCqS7OqPE1ufNyDH6oQPEc7JuukHMY02EgwqHjJ6GG6FQqJuiWlKB_l-7c9y9r4bh4r58xdZc6T5dFVSNT2VcIVoSjq9VmzwpaTKCUyVeZYHZhnLfWMm9rKU5WSz75siG-_jbudItsfhEwA59kvi4So2IV9TxHwW50i4IcTB1gXwG1olNgiX3-Mq1Iw5VGPzMo2hQXI3q1y-ZjhSwhvG5dje9J8htBEWdVYk4f6cv19IE9gEx7T-2vIVw5FCpAmmfFuRebec49c7zjfr0EyTI4w","kty":"RSA","kid":"w5kPRdJWODnYjihMgqs0tHkKk-e5OxU4DnSCZDkF_h0","use":"enc"},{"crv":"P-256","x":"FWZ9rSkLt6Dx9E3pxLybhdM6xgR5obGsj5_pqmnz5J4","y":"_n8G69C-A2Xl4xUW2lF0i8ZGZnk_KPYrhv4GbTGu5G4","kty":"EC","kid":"MFZeG102dQiqbANoaMlW_Jmf7fOZmtRsHt77JFhTpF0","use":"sig"},{"crv":"P-256","x":"Eb3RtGgBGOEz33yu46aha_RU6pyBaYNlu6SawlWGGHQ","y":"tUncttzF6Ud4Abfn1N2A1Rz2MBbJSdI0zuKS28BNb-U","kty":"EC","kid":"mlSUkq-ELqZiWl9zs9ZKkbcjIvgajGgnXfPWUZn9lEc","use":"enc"},{"crv":"secp256k1","x":"KDAUHh_SpgROXXAq8IFs9B9lGNB9VP4RwebeAO2tBao","y":"wr3L1dZyUCrS4H18fDYy5hcvGTCp05tiiBy0ZUG8Qs4","kty":"EC","kid":"vl5k1biVlGOHeu2XiLg_0qrIVdoFdM0POWeeCl-QMsY","use":"sig"},{"crv":"P-384","x":"P1npwyTJ2p20D9_r2u31DU7tfDEufaVcSJJcDOuO6QyqrXvjyMvf8e5xv3XxE39l","y":"tmq2S12MVdKUQTmd0AxVEOji1ihR_vZAhTLKojD2XW_2EJH7ydiaz2oxrnkC0mvI","kty":"EC","kid":"rqHXKVLLF2RxqFgXWfEZE578gM-IhelOjugVfb_BMZ4","use":"sig"},{"crv":"P-384","x":"UhkqvxbxMCGtkg_-6W0gqkr21fgY3LSaNbquU7CYEDwBwGCd6iK6Bu5PVUxraulY","y":"CXrg3mxUkN5D4bPfiLfnD1jMYGSDxn2Zeh-8_OOstX21WNZJ9_i-iFZR3pIXyH0z","kty":"EC","kid":"rV1Hjt_79O_m1oJ7Jz0QgKHDa2iwb8p4kvMU0L99wjg","use":"enc"},{"crv":"P-521","x":"AIjEl5H8w2Rf_iqIP8WT7v5-FlBlBGYy5sMJs1XOxWz4RRARIEOemEY45g10sEPzZ4qe7oyjCUDK5FY1WwjRvgHK","y":"AaKN94cn1ApvvfpOWO9VpJm-lLzOUR8XxOrKYfPqcLs0zEqSPiGdWA5CoNL5ck1q-CXD09ysQSmNkzFGaig2Mnop","kty":"EC","kid":"RG_hu6lggazoCOu2wsrn3icSvhAXuGyL55f2GAaH2NA","use":"sig"},{"crv":"P-521","x":"AXFcu6lqcxoyFUU14xTw0I5cfCR2q0jqOXwU_EKjA5mIxUpue58IIrfrIh4IauV3co2SziD6Uf1SWe8l11Y4-BoJ","y":"AREzsMJu3VveUPMaJ2QWmjucwzZH4FqufXzS2IW-MGqViyDNTg2BgX-2VCJvdTo0zbhvRvBC1ghJNrVnH5M92JQ6","kty":"EC","kid":"MPcTmIIPYRnLt9s_TdBrpV27HcNVDi9aZpB0eJvAxzE","use":"enc"},{"crv":"Ed25519","x":"lDkysGJKRmJeUp8ncTyGraHPHHiIfdxSajxGm7Srla8","kty":"OKP","kid":"CLjPrbijCB2z9dScRNpM1mSGOQVOIByTmd18Ft2eiAQ","use":"sig"},{"crv":"Ed448","x":"BG1zKFg6A_Rzix4pA08oYN5xHqhKIiREXZ59NZoA8p3xhgjh-tm8nc-6udtiL5ZNhWDbnRSq4jQA","kty":"OKP","kid":"kU2PiegZOPUKcsJATItJArz18oWWfEH-Ma52K_8nGaE","use":"sig"}]}
2020-07-28 20:06:57 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "xwQ72P9z9OYshiQ-ntDYaPnnfwG6u9JAdLMZ5o0dmjlcyrvwQRdoFIKPnO65Q8mh6F_LDSxjxa2Yzo_wdjhbPZLjfUJXgCzm54cClXzT5twzo7lzoAfaJlkTsoZc2HFWqmcri0BuzmTFLZx2Q7wYBm0pXHmQKF0V-C1O6NWfd4mfBhbM-I1tHYSpAMgarSm22WDMDx-WWI7TEzy2QhaBVaENW9BKaKkJklocAZCxk18WhR0fckIGiWiSM5FcU1PY2jfGsTmX505Ub7P5Dz75Ygqrutd5tFrcqyPAtPTFDk8X1InxkkUwpP3nFU5o50DGhwQolGYKPGtQ-ZtmbOfcWQ",
      "kty": "RSA",
      "kid": "r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc",
      "use": "sig"
    },
    {
      "e": "AQAB",
      "n": "mXauIvyeUFA74P2vcmgAWSCMw6CP6-MJ6EvFuRARfLLJEi49AzQvJl_4pwDvLkZcCqS7OqPE1ufNyDH6oQPEc7JuukHMY02EgwqHjJ6GG6FQqJuiWlKB_l-7c9y9r4bh4r58xdZc6T5dFVSNT2VcIVoSjq9VmzwpaTKCUyVeZYHZhnLfWMm9rKU5WSz75siG-_jbudItsfhEwA59kvi4So2IV9TxHwW50i4IcTB1gXwG1olNgiX3-Mq1Iw5VGPzMo2hQXI3q1y-ZjhSwhvG5dje9J8htBEWdVYk4f6cv19IE9gEx7T-2vIVw5FCpAmmfFuRebec49c7zjfr0EyTI4w",
      "kty": "RSA",
      "kid": "w5kPRdJWODnYjihMgqs0tHkKk-e5OxU4DnSCZDkF_h0",
      "use": "enc"
    },
    {
      "crv": "P-256",
      "x": "FWZ9rSkLt6Dx9E3pxLybhdM6xgR5obGsj5_pqmnz5J4",
      "y": "_n8G69C-A2Xl4xUW2lF0i8ZGZnk_KPYrhv4GbTGu5G4",
      "kty": "EC",
      "kid": "MFZeG102dQiqbANoaMlW_Jmf7fOZmtRsHt77JFhTpF0",
      "use": "sig"
    },
    {
      "crv": "P-256",
      "x": "Eb3RtGgBGOEz33yu46aha_RU6pyBaYNlu6SawlWGGHQ",
      "y": "tUncttzF6Ud4Abfn1N2A1Rz2MBbJSdI0zuKS28BNb-U",
      "kty": "EC",
      "kid": "mlSUkq-ELqZiWl9zs9ZKkbcjIvgajGgnXfPWUZn9lEc",
      "use": "enc"
    },
    {
      "crv": "secp256k1",
      "x": "KDAUHh_SpgROXXAq8IFs9B9lGNB9VP4RwebeAO2tBao",
      "y": "wr3L1dZyUCrS4H18fDYy5hcvGTCp05tiiBy0ZUG8Qs4",
      "kty": "EC",
      "kid": "vl5k1biVlGOHeu2XiLg_0qrIVdoFdM0POWeeCl-QMsY",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "P1npwyTJ2p20D9_r2u31DU7tfDEufaVcSJJcDOuO6QyqrXvjyMvf8e5xv3XxE39l",
      "y": "tmq2S12MVdKUQTmd0AxVEOji1ihR_vZAhTLKojD2XW_2EJH7ydiaz2oxrnkC0mvI",
      "kty": "EC",
      "kid": "rqHXKVLLF2RxqFgXWfEZE578gM-IhelOjugVfb_BMZ4",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "UhkqvxbxMCGtkg_-6W0gqkr21fgY3LSaNbquU7CYEDwBwGCd6iK6Bu5PVUxraulY",
      "y": "CXrg3mxUkN5D4bPfiLfnD1jMYGSDxn2Zeh-8_OOstX21WNZJ9_i-iFZR3pIXyH0z",
      "kty": "EC",
      "kid": "rV1Hjt_79O_m1oJ7Jz0QgKHDa2iwb8p4kvMU0L99wjg",
      "use": "enc"
    },
    {
      "crv": "P-521",
      "x": "AIjEl5H8w2Rf_iqIP8WT7v5-FlBlBGYy5sMJs1XOxWz4RRARIEOemEY45g10sEPzZ4qe7oyjCUDK5FY1WwjRvgHK",
      "y": "AaKN94cn1ApvvfpOWO9VpJm-lLzOUR8XxOrKYfPqcLs0zEqSPiGdWA5CoNL5ck1q-CXD09ysQSmNkzFGaig2Mnop",
      "kty": "EC",
      "kid": "RG_hu6lggazoCOu2wsrn3icSvhAXuGyL55f2GAaH2NA",
      "use": "sig"
    },
    {
      "crv": "P-521",
      "x": "AXFcu6lqcxoyFUU14xTw0I5cfCR2q0jqOXwU_EKjA5mIxUpue58IIrfrIh4IauV3co2SziD6Uf1SWe8l11Y4-BoJ",
      "y": "AREzsMJu3VveUPMaJ2QWmjucwzZH4FqufXzS2IW-MGqViyDNTg2BgX-2VCJvdTo0zbhvRvBC1ghJNrVnH5M92JQ6",
      "kty": "EC",
      "kid": "MPcTmIIPYRnLt9s_TdBrpV27HcNVDi9aZpB0eJvAxzE",
      "use": "enc"
    },
    {
      "crv": "Ed25519",
      "x": "lDkysGJKRmJeUp8ncTyGraHPHHiIfdxSajxGm7Srla8",
      "kty": "OKP",
      "kid": "CLjPrbijCB2z9dScRNpM1mSGOQVOIByTmd18Ft2eiAQ",
      "use": "sig"
    },
    {
      "crv": "Ed448",
      "x": "BG1zKFg6A_Rzix4pA08oYN5xHqhKIiREXZ59NZoA8p3xhgjh-tm8nc-6udtiL5ZNhWDbnRSq4jQA",
      "kty": "OKP",
      "kid": "kU2PiegZOPUKcsJATItJArz18oWWfEH-Ma52K_8nGaE",
      "use": "sig"
    }
  ]
}
2020-07-28 20:06:57 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "xwQ72P9z9OYshiQ-ntDYaPnnfwG6u9JAdLMZ5o0dmjlcyrvwQRdoFIKPnO65Q8mh6F_LDSxjxa2Yzo_wdjhbPZLjfUJXgCzm54cClXzT5twzo7lzoAfaJlkTsoZc2HFWqmcri0BuzmTFLZx2Q7wYBm0pXHmQKF0V-C1O6NWfd4mfBhbM-I1tHYSpAMgarSm22WDMDx-WWI7TEzy2QhaBVaENW9BKaKkJklocAZCxk18WhR0fckIGiWiSM5FcU1PY2jfGsTmX505Ub7P5Dz75Ygqrutd5tFrcqyPAtPTFDk8X1InxkkUwpP3nFU5o50DGhwQolGYKPGtQ-ZtmbOfcWQ",
      "kty": "RSA",
      "kid": "r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc",
      "use": "sig"
    },
    {
      "e": "AQAB",
      "n": "mXauIvyeUFA74P2vcmgAWSCMw6CP6-MJ6EvFuRARfLLJEi49AzQvJl_4pwDvLkZcCqS7OqPE1ufNyDH6oQPEc7JuukHMY02EgwqHjJ6GG6FQqJuiWlKB_l-7c9y9r4bh4r58xdZc6T5dFVSNT2VcIVoSjq9VmzwpaTKCUyVeZYHZhnLfWMm9rKU5WSz75siG-_jbudItsfhEwA59kvi4So2IV9TxHwW50i4IcTB1gXwG1olNgiX3-Mq1Iw5VGPzMo2hQXI3q1y-ZjhSwhvG5dje9J8htBEWdVYk4f6cv19IE9gEx7T-2vIVw5FCpAmmfFuRebec49c7zjfr0EyTI4w",
      "kty": "RSA",
      "kid": "w5kPRdJWODnYjihMgqs0tHkKk-e5OxU4DnSCZDkF_h0",
      "use": "enc"
    },
    {
      "crv": "P-256",
      "x": "FWZ9rSkLt6Dx9E3pxLybhdM6xgR5obGsj5_pqmnz5J4",
      "y": "_n8G69C-A2Xl4xUW2lF0i8ZGZnk_KPYrhv4GbTGu5G4",
      "kty": "EC",
      "kid": "MFZeG102dQiqbANoaMlW_Jmf7fOZmtRsHt77JFhTpF0",
      "use": "sig"
    },
    {
      "crv": "P-256",
      "x": "Eb3RtGgBGOEz33yu46aha_RU6pyBaYNlu6SawlWGGHQ",
      "y": "tUncttzF6Ud4Abfn1N2A1Rz2MBbJSdI0zuKS28BNb-U",
      "kty": "EC",
      "kid": "mlSUkq-ELqZiWl9zs9ZKkbcjIvgajGgnXfPWUZn9lEc",
      "use": "enc"
    },
    {
      "crv": "secp256k1",
      "x": "KDAUHh_SpgROXXAq8IFs9B9lGNB9VP4RwebeAO2tBao",
      "y": "wr3L1dZyUCrS4H18fDYy5hcvGTCp05tiiBy0ZUG8Qs4",
      "kty": "EC",
      "kid": "vl5k1biVlGOHeu2XiLg_0qrIVdoFdM0POWeeCl-QMsY",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "P1npwyTJ2p20D9_r2u31DU7tfDEufaVcSJJcDOuO6QyqrXvjyMvf8e5xv3XxE39l",
      "y": "tmq2S12MVdKUQTmd0AxVEOji1ihR_vZAhTLKojD2XW_2EJH7ydiaz2oxrnkC0mvI",
      "kty": "EC",
      "kid": "rqHXKVLLF2RxqFgXWfEZE578gM-IhelOjugVfb_BMZ4",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "UhkqvxbxMCGtkg_-6W0gqkr21fgY3LSaNbquU7CYEDwBwGCd6iK6Bu5PVUxraulY",
      "y": "CXrg3mxUkN5D4bPfiLfnD1jMYGSDxn2Zeh-8_OOstX21WNZJ9_i-iFZR3pIXyH0z",
      "kty": "EC",
      "kid": "rV1Hjt_79O_m1oJ7Jz0QgKHDa2iwb8p4kvMU0L99wjg",
      "use": "enc"
    },
    {
      "crv": "P-521",
      "x": "AIjEl5H8w2Rf_iqIP8WT7v5-FlBlBGYy5sMJs1XOxWz4RRARIEOemEY45g10sEPzZ4qe7oyjCUDK5FY1WwjRvgHK",
      "y": "AaKN94cn1ApvvfpOWO9VpJm-lLzOUR8XxOrKYfPqcLs0zEqSPiGdWA5CoNL5ck1q-CXD09ysQSmNkzFGaig2Mnop",
      "kty": "EC",
      "kid": "RG_hu6lggazoCOu2wsrn3icSvhAXuGyL55f2GAaH2NA",
      "use": "sig"
    },
    {
      "crv": "P-521",
      "x": "AXFcu6lqcxoyFUU14xTw0I5cfCR2q0jqOXwU_EKjA5mIxUpue58IIrfrIh4IauV3co2SziD6Uf1SWe8l11Y4-BoJ",
      "y": "AREzsMJu3VveUPMaJ2QWmjucwzZH4FqufXzS2IW-MGqViyDNTg2BgX-2VCJvdTo0zbhvRvBC1ghJNrVnH5M92JQ6",
      "kty": "EC",
      "kid": "MPcTmIIPYRnLt9s_TdBrpV27HcNVDi9aZpB0eJvAxzE",
      "use": "enc"
    },
    {
      "crv": "Ed25519",
      "x": "lDkysGJKRmJeUp8ncTyGraHPHHiIfdxSajxGm7Srla8",
      "kty": "OKP",
      "kid": "CLjPrbijCB2z9dScRNpM1mSGOQVOIByTmd18Ft2eiAQ",
      "use": "sig"
    },
    {
      "crv": "Ed448",
      "x": "BG1zKFg6A_Rzix4pA08oYN5xHqhKIiREXZ59NZoA8p3xhgjh-tm8nc-6udtiL5ZNhWDbnRSq4jQA",
      "kty": "OKP",
      "kid": "kU2PiegZOPUKcsJATItJArz18oWWfEH-Ma52K_8nGaE",
      "use": "sig"
    }
  ]
}
2020-07-28 20:06:57 SUCCESS
ValidateServerJWKs
Valid server JWKs
2020-07-28 20:06:57 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2020-07-28 20:06:57 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-07-28 20:06:57 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2020-07-28 20:06:57 SUCCESS
GetDynamicClientConfiguration
Created dynamic_client_registration_template object from the client configuration.
client_name
first-openid-client
2020-07-28 20:06:57 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "4pl6tyRzPlaEw0UJuDR3RY9pD2gMmBcqwYa9GXRUXypsUeY6jAjc-sEw25oSObZsAuIBn2YQ110J6o4rcSclVTADaJvLbdH4QGAUZUAMr7iLQUGUjBdIegt0gyLRZ_o1WDANOBteYPG3ZUCG2e1J9QIuMVwDB1ePcZ_VJ2xVdoU",
      "kty": "RSA",
      "q": "vTAG5iVG1pBiYbxzsv9DsE2TfIyInHxzhK0IsSHoBof8ypRRjAq1TV0M-lwpZUF-e0JI1uERWXMyrb7dOfWWZ379i3TxhYkvYmUUr64qj8GYqa79VctaAouVVs61or5vP5tvL_-NKng63ALlOx1-OCv_OnGNa9ijzdkjO3dc3sk",
      "d": "TzYUUgqMSqsE0cqgGfd6bkLjc-Zd8z9ZwF2I8OAz-qxvCjhCIUIIk4Cui5wlaeoqWNIGMXvHzqAAKSzir36bJJmLicHxC5XAlMf37-nMmN-lWjXzi-UOr9SYLELX-0Q5sAriweq1dBOsNNfHh1V4zBCp957qBYhjzN5zdG8xVqIgJQpbi-O4ha6JLJXaGmtBsN212WI6Ea6bps8RpG2tJRhGOkfbd4M-WSRVdThm8HRgVNclpNITP18q0ZUK283TkkagdaKQlv6M22t-AHqdIzXeFKw94r0l4TIuU18ndLQoigk1herBetxxRyQAeF9uN0N-QKn-Hs0zV0U65q6LAQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "liVuPcDzBDUHO3_fWam_LFTf78hLpAr2ZEoZYjbnCj6Iwbh-gROCHjobx-3MUvH-5B3nHTdAhwr3qykUEeCXCN24Gyu-OBCeWg6IFxvvh7fTuZ4VEmWcOzivQmjXhsxSVpGNwZGX9D-dAlM3G7PBIAUVHjsB9wHMSc41AuBYzdg",
      "dp": "j5msBvv2fH7fy8-ohS_alh53-ed6c7faxKHanJL4FQcRdiVs3OmRAOgFSmWtPx23_Wu0k4tfCNxROG-4YBDqu72dq2Fv3by-ki1RP4kDgSh2N3iT5uOqbo1r3N7nzfjmbWimN_RALzd_fY8S5nBV-grTszwYP0LiCKO9tSoWTvE",
      "alg": "RS256",
      "dq": "Xavm7pLsZRZuL9hALRNor2VprhRjG6AfDkUidZnFKV6xkpgnXEB9DkYRQ_DX6jOobV0fdY1Qqsp4AEDthmILy0i8Pw1y_Fw1YvGLcYS5vB3t-a4T7yPVeEcmdSm6E09ZA9RxFAHjInEPK5ofZ8qtkSBvqb9Jd2l3iVeGs03hZMk",
      "n": "p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"
    }
  ]
}
2020-07-28 20:06:57 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-07-28 20:06:57 SUCCESS
CreateDynamicRegistrationRequest
Created dynamic registration request
client_name
first-openid-client 6KUWLY0Gro
2020-07-28 20:06:57
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2020-07-28 20:06:57
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2020-07-28 20:06:57
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "first-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"
      }
    ]
  }
}
2020-07-28 20:06:57
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "first-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2020-07-28 20:06:57
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "first-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ]
}
2020-07-28 20:06:57
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "first-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/6KUWLY0Gro/callback"
  ]
}
2020-07-28 20:06:57
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "first-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/6KUWLY0Gro/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2020-07-28 20:06:57
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2020-07-28 20:06:57
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://op.panva.cz/reg
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "732"
}
request_body
{"client_name":"first-openid-client 6KUWLY0Gro","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/6KUWLY0Gro/callback"],"contacts":["certification@oidf.org"]}
2020-07-28 20:06:58 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "1487",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:06:58 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"application_type":"web","grant_types":["authorization_code","implicit","refresh_token"],"id_token_signed_response_alg":"RS256","post_logout_redirect_uris":[],"require_auth_time":false,"response_types":["code id_token"],"subject_type":"public","token_endpoint_auth_method":"private_key_jwt","introspection_endpoint_auth_method":"private_key_jwt","revocation_endpoint_auth_method":"private_key_jwt","backchannel_logout_session_required":false,"frontchannel_logout_session_required":false,"require_signed_request_object":false,"request_uris":[],"require_pushed_authorization_requests":false,"authorization_signed_response_alg":"RS256","tls_client_certificate_bound_access_tokens":false,"client_id_issued_at":1595966818,"client_id":"1iwUYl7tvH3o-6kF4q5L2","client_name":"first-openid-client 6KUWLY0Gro","contacts":["certification@oidf.org"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"}]},"redirect_uris":["https://www.certification.openid.net/test/6KUWLY0Gro/callback"],"registration_client_uri":"https://op.panva.cz/reg/1iwUYl7tvH3o-6kF4q5L2","registration_access_token":"kyD2KPOb8x0cXchgCbyBh9XbM7jqdRe9Qm7z0dT8wrL"}
2020-07-28 20:06:58
CallDynamicRegistrationEndpoint
Registration endpoint response
dynamic_registration_response
{"application_type":"web","grant_types":["authorization_code","implicit","refresh_token"],"id_token_signed_response_alg":"RS256","post_logout_redirect_uris":[],"require_auth_time":false,"response_types":["code id_token"],"subject_type":"public","token_endpoint_auth_method":"private_key_jwt","introspection_endpoint_auth_method":"private_key_jwt","revocation_endpoint_auth_method":"private_key_jwt","backchannel_logout_session_required":false,"frontchannel_logout_session_required":false,"require_signed_request_object":false,"request_uris":[],"require_pushed_authorization_requests":false,"authorization_signed_response_alg":"RS256","tls_client_certificate_bound_access_tokens":false,"client_id_issued_at":1595966818,"client_id":"1iwUYl7tvH3o-6kF4q5L2","client_name":"first-openid-client 6KUWLY0Gro","contacts":["certification@oidf.org"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"}]},"redirect_uris":["https://www.certification.openid.net/test/6KUWLY0Gro/callback"],"registration_client_uri":"https://op.panva.cz/reg/1iwUYl7tvH3o-6kF4q5L2","registration_access_token":"kyD2KPOb8x0cXchgCbyBh9XbM7jqdRe9Qm7z0dT8wrL"}
2020-07-28 20:06:58
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
application_type
web
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
id_token_signed_response_alg
RS256
post_logout_redirect_uris
[]
require_auth_time
false
response_types
[
  "code id_token"
]
subject_type
public
token_endpoint_auth_method
private_key_jwt
introspection_endpoint_auth_method
private_key_jwt
revocation_endpoint_auth_method
private_key_jwt
backchannel_logout_session_required
false
frontchannel_logout_session_required
false
require_signed_request_object
false
request_uris
[]
require_pushed_authorization_requests
false
authorization_signed_response_alg
RS256
tls_client_certificate_bound_access_tokens
false
client_id_issued_at
1595966818
client_id
1iwUYl7tvH3o-6kF4q5L2
client_name
first-openid-client 6KUWLY0Gro
contacts
[
  "certification@oidf.org"
]
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "p3XSe4gDWKcjlRpgGIGnpy_pMp7VmZPkx3Fgo6a4ir0oJ_aWtKee7k4a7HeV0Xyy7WfpTYKN3EHsH9GWqcvlmcVV-ipe2STl_dMMjSDOJLNqpLnjFDiBqLCXKaVDLAihGbyjJyfEAN4-TZe4YPU7iW0fUSJu5JpnXkrrek6qGSO0D-K77W2_XCjeim8BgEb8LGQgEIdcP2Q_YFKUHM3AjvqL810JmmYANchcjFBVYS8j6F21Emlopl8qLXQxKgSZ3lL2R9xh9gDBcLuf5aHsJtuWdtUGaRne0HL0vtXQawwG927tBQ4XYoepNmKQ0SxAqJvtMQ83vJ1dgLRblq1kbQ"
    }
  ]
}
redirect_uris
[
  "https://www.certification.openid.net/test/6KUWLY0Gro/callback"
]
registration_client_uri
https://op.panva.cz/reg/1iwUYl7tvH3o-6kF4q5L2
registration_access_token
kyD2KPOb8x0cXchgCbyBh9XbM7jqdRe9Qm7z0dT8wrL
2020-07-28 20:06:58 SUCCESS
CallDynamicRegistrationEndpoint
Extracted dynamic registration management credentials
registration_client_uri
https://op.panva.cz/reg/1iwUYl7tvH3o-6kF4q5L2
registration_access_token
kyD2KPOb8x0cXchgCbyBh9XbM7jqdRe9Qm7z0dT8wrL
2020-07-28 20:06:58
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2020-07-28 20:06:58
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
Set scope in client configuration to "openid offline_access"as 'scope_supported' contains 'offline_access'
scope
openid offline_access
2020-07-28 20:06:58 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2020-07-28 20:06:58 SUCCESS
GetDynamicClient2Configuration
Found a dynamic_client_registration_template object
client_name
second-openid-client
2020-07-28 20:06:58 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "0y4EUshU4z_TEIFAX0j1BZl0qEFU2yz-8WinwukYvjgjYSofcn9vuf2FUBtPOkN_EnMAWzyueU8EEeO28XdQ7zQYslbPPImcLM0m9HII5LDca38XygCKsxskVJZI7YONN_6OEy7OjiiiPOnSte6LeaJ99KJDDu57LyjbY2wu9Jk",
      "kty": "RSA",
      "q": "xPAg5O434YGAHgpNgA8YlY3B04RufQ8NBqvbrM1l_Cm-GZlwlKVvQt5eT5x0IoHfP5ycHJQzPGooF2ZXao7XzaXhjxRYGD2sAJxsWdQqumQXJSA6MIZ_yttm_DhskM5gHXtKkxjuHid6ZIVkmgEG_SJpe5UgT_2mEA-2E7qGKws",
      "d": "oe9rabCIyemGi8WlHvUo1pOkMO1DRwGYppBbtxONqTnUt51ada6GqGuwXWnkDE3OhUNDy7ILtbM9069euQ0vnL6DmyzNW5JOlz-IKbq6E38-82MDJTnG5o5SwGySU-woPakw5nQgwQbQr7_x4jX2x1VxYJhZ7YckMOqu5iN4gnA7q59FbfU7Jsnjx_X-0ZZVlpzkryCbD_GV4TZvcViH1IRkmuaa6MIE5SRrgfxqeZEQrKBdMjiPulWToR2SaXV0-iW35bT6At9u_7rzTR_uIHg2mO0UPIGz0GKFx3YHptvRVXcu9kl2vA5qKTdyeRv_hyBIozrwMaCdmDTqR9cBIQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "vJwWl9vf1mJwQCR2UUZTaWe2wePz0TgdBa4nTUeGL51Y6IfhKwsn65PddYrRUjZKS2i-RiMY2I_FXASj-nbvCDIXY7ecop2FoQ2IXE9bghFOt7vBxZlqe2YJQ1SnPUrWccaeiarERGxjkzY6uFpVeIPr9TfovVagMG59jK9sG08",
      "dp": "xYBH8tQA7_eFAe6fsX2eCfqWq7VOEx1l4YirPRKbXWtLS1gFySN97kg4Ic8orajqcuqy7qE126YWfFSnh_S68LucTU36yvc35H6JbBwqTRdLTg2yxezzysYbmDBlTBy4OiIL5czkyPcfpDBaLGRIdR2PBveqF5DaDCT96WIIGCE",
      "alg": "RS256",
      "dq": "U-DWkcroYBKxB5ppwdYsKV50JGuuR3OGn8XIzYO6ITmCLxMMQTNo_PkLACtpx1y7QjOoxf9VBzFLnBPJvafTQFKbjD4k-0YhIS1-dJAKFtMUjIp6Xjqa6UKjTV-W1eIgS848SASBPrSfy3qJC5LOcDgc5zbvyUIGXabjbOmvxVs",
      "n": "onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"
    }
  ]
}
2020-07-28 20:06:58 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-07-28 20:06:58 SUCCESS
CreateDynamicRegistrationRequest
Created dynamic registration request
client_name
second-openid-client 6KUWLY0Gro
2020-07-28 20:06:58
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2020-07-28 20:06:58
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2020-07-28 20:06:58
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "second-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"
      }
    ]
  }
}
2020-07-28 20:06:58
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "second-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2020-07-28 20:06:58
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "second-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ]
}
2020-07-28 20:06:58
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "second-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/6KUWLY0Gro/callback"
  ]
}
2020-07-28 20:06:58
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "second-openid-client 6KUWLY0Gro",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/6KUWLY0Gro/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2020-07-28 20:06:58
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
2020-07-28 20:06:58
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://op.panva.cz/reg
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "733"
}
request_body
{"client_name":"second-openid-client 6KUWLY0Gro","grant_types":["authorization_code","implicit","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/6KUWLY0Gro/callback"],"contacts":["certification@oidf.org"]}
2020-07-28 20:06:59 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "1488",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:06:59 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"application_type":"web","grant_types":["authorization_code","implicit","refresh_token"],"id_token_signed_response_alg":"RS256","post_logout_redirect_uris":[],"require_auth_time":false,"response_types":["code id_token"],"subject_type":"public","token_endpoint_auth_method":"private_key_jwt","introspection_endpoint_auth_method":"private_key_jwt","revocation_endpoint_auth_method":"private_key_jwt","backchannel_logout_session_required":false,"frontchannel_logout_session_required":false,"require_signed_request_object":false,"request_uris":[],"require_pushed_authorization_requests":false,"authorization_signed_response_alg":"RS256","tls_client_certificate_bound_access_tokens":false,"client_id_issued_at":1595966819,"client_id":"8KlJXKAOy0Q0TaRIrgKQt","client_name":"second-openid-client 6KUWLY0Gro","contacts":["certification@oidf.org"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"}]},"redirect_uris":["https://www.certification.openid.net/test/6KUWLY0Gro/callback"],"registration_client_uri":"https://op.panva.cz/reg/8KlJXKAOy0Q0TaRIrgKQt","registration_access_token":"ZX6URrvFlXYgSkoPoBiJnx0CB0vKbeYg5o8rJjh9OJd"}
2020-07-28 20:06:59
CallDynamicRegistrationEndpoint
Registration endpoint response
dynamic_registration_response
{"application_type":"web","grant_types":["authorization_code","implicit","refresh_token"],"id_token_signed_response_alg":"RS256","post_logout_redirect_uris":[],"require_auth_time":false,"response_types":["code id_token"],"subject_type":"public","token_endpoint_auth_method":"private_key_jwt","introspection_endpoint_auth_method":"private_key_jwt","revocation_endpoint_auth_method":"private_key_jwt","backchannel_logout_session_required":false,"frontchannel_logout_session_required":false,"require_signed_request_object":false,"request_uris":[],"require_pushed_authorization_requests":false,"authorization_signed_response_alg":"RS256","tls_client_certificate_bound_access_tokens":false,"client_id_issued_at":1595966819,"client_id":"8KlJXKAOy0Q0TaRIrgKQt","client_name":"second-openid-client 6KUWLY0Gro","contacts":["certification@oidf.org"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"}]},"redirect_uris":["https://www.certification.openid.net/test/6KUWLY0Gro/callback"],"registration_client_uri":"https://op.panva.cz/reg/8KlJXKAOy0Q0TaRIrgKQt","registration_access_token":"ZX6URrvFlXYgSkoPoBiJnx0CB0vKbeYg5o8rJjh9OJd"}
2020-07-28 20:06:59
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
application_type
web
grant_types
[
  "authorization_code",
  "implicit",
  "refresh_token"
]
id_token_signed_response_alg
RS256
post_logout_redirect_uris
[]
require_auth_time
false
response_types
[
  "code id_token"
]
subject_type
public
token_endpoint_auth_method
private_key_jwt
introspection_endpoint_auth_method
private_key_jwt
revocation_endpoint_auth_method
private_key_jwt
backchannel_logout_session_required
false
frontchannel_logout_session_required
false
require_signed_request_object
false
request_uris
[]
require_pushed_authorization_requests
false
authorization_signed_response_alg
RS256
tls_client_certificate_bound_access_tokens
false
client_id_issued_at
1595966819
client_id
8KlJXKAOy0Q0TaRIrgKQt
client_name
second-openid-client 6KUWLY0Gro
contacts
[
  "certification@oidf.org"
]
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "onVRlgkF4UUbJZEB2B2QC-Y9oyFFf0dIIVRZeNRi9fVBIN8JCHHpyLkAi4y654PE6po7k9UcOOWf5BZMs1cGDOSz9U-j3MrIggjKn3m1pTrcu7PwIznRjjvmccipW2t6VCp5Zzu2MJtxOXHA8m630BTp3eG9s35PVSK2SltdmLGWmMC8VpKyuo6r6j9TsRPJZhiMg4RKs36Z8BXefSWofkD6OWnpsBIacVGEg9q0YTe0oCgUKbhXvPiU8Q6NtfLPDIJnJYcXDH5lwvaUvhUxX1rwfRmVbbGjZVaJrVfurv0koxD66qK6DOalXhLbuMwAmxj0mX9tXIpEl8wXuzA1kw"
    }
  ]
}
redirect_uris
[
  "https://www.certification.openid.net/test/6KUWLY0Gro/callback"
]
registration_client_uri
https://op.panva.cz/reg/8KlJXKAOy0Q0TaRIrgKQt
registration_access_token
ZX6URrvFlXYgSkoPoBiJnx0CB0vKbeYg5o8rJjh9OJd
2020-07-28 20:06:59 SUCCESS
CallDynamicRegistrationEndpoint
Extracted dynamic registration management credentials
registration_client_uri
https://op.panva.cz/reg/8KlJXKAOy0Q0TaRIrgKQt
registration_access_token
ZX6URrvFlXYgSkoPoBiJnx0CB0vKbeYg5o8rJjh9OJd
2020-07-28 20:06:59
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2020-07-28 20:06:59
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
Set scope in client configuration to "openid offline_access"as 'scope_supported' contains 'offline_access'
scope
openid offline_access
2020-07-28 20:06:59 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2020-07-28 20:06:59 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://op.panva.cz/me
2020-07-28 20:06:59
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2020-07-28 20:06:59 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
1iwUYl7tvH3o-6kF4q5L2
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
2020-07-28 20:06:59
CreateRandomStateValue
Created state value
requested_state_length
10
state
1uW16UpHhZ
2020-07-28 20:06:59 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
1iwUYl7tvH3o-6kF4q5L2
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
state
1uW16UpHhZ
2020-07-28 20:06:59
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
dZi5DQhMxe
2020-07-28 20:06:59 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
1iwUYl7tvH3o-6kF4q5L2
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
state
1uW16UpHhZ
nonce
dZi5DQhMxe
2020-07-28 20:06:59 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
1iwUYl7tvH3o-6kF4q5L2
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
state
1uW16UpHhZ
nonce
dZi5DQhMxe
response_type
code id_token
2020-07-28 20:06:59 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Added prompt=consent to authorization endpoint request
client_id
1iwUYl7tvH3o-6kF4q5L2
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
state
1uW16UpHhZ
nonce
dZi5DQhMxe
response_type
code id_token
prompt
consent
2020-07-28 20:06:59 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://op.panva.cz/auth?client_id=1iwUYl7tvH3o-6kF4q5L2&redirect_uri=https://www.certification.openid.net/test/6KUWLY0Gro/callback&scope=openid%20offline_access&state=1uW16UpHhZ&nonce=dZi5DQhMxe&response_type=code%20id_token&prompt=consent
2020-07-28 20:06:59 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://op.panva.cz/auth?client_id=1iwUYl7tvH3o-6kF4q5L2&redirect_uri=https://www.certification.openid.net/test/6KUWLY0Gro/callback&scope=openid%20offline_access&state=1uW16UpHhZ&nonce=dZi5DQhMxe&response_type=code%20id_token&prompt=consent
2020-07-28 20:06:59
WebRunner
Scripted browser HTTP request
browser
goToUrl
request_method
GET
request_uri
https://op.panva.cz/auth?client_id=1iwUYl7tvH3o-6kF4q5L2&redirect_uri=https://www.certification.openid.net/test/6KUWLY0Gro/callback&scope=openid%20offline_access&state=1uW16UpHhZ&nonce=dZi5DQhMxe&response_type=code%20id_token&prompt=consent
2020-07-28 20:07:00 RESPONSE
WebRunner
Scripted browser HTTP response
response_content
<!DOCTYPE html>
<html >
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta http-equiv="x-ua-compatible" content="ie=edge">
    <title>Sign-in</title>
    <style>
      @import url(https://fonts.googleapis.com/css?family=Roboto:400,100);

      body {
        font-family: 'Roboto', sans-serif;
        margin-top: 25px;
        margin-bottom: 25px;
      }

      .login-card {
        padding: 40px;
        padding-top: 0px;
        padding-bottom: 10px;
        width: 274px;
        background-color: #F7F7F7;
        margin: 0 auto 10px;
        border-radius: 2px;
        box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);
        overflow: hidden;
      }

      .login-card + .login-card {
        padding-top: 10px;
      }

      .login-card h1 {
        font-weight: 100;
        text-align: center;
        font-size: 2.3em;
      }

      .login-card [type=submit] {
        width: 100%;
        display: block;
        margin-bottom: 10px;
        position: relative;
      }

      .login-card input[type=text], input[type=email], input[type=password] {
        height: 44px;
        font-size: 16px;
        width: 100%;
        margin-bottom: 10px;
        -webkit-appearance: none;
        background: #fff;
        border: 1px solid #d9d9d9;
        border-top: 1px solid #c0c0c0;
        padding: 0 8px;
        box-sizing: border-box;
        -moz-box-sizing: border-box;
      }

      .login {
        text-align: center;
        font-size: 14px;
        font-family: 'Arial', sans-serif;
        font-weight: 700;
        height: 36px;
        padding: 0 8px;
      }

      .login-submit {
        border: 0px;
        color: #fff;
        text-shadow: 0 1px rgba(0,0,0,0.1);
        background-color: #4d90fe;
      }

      .google-button {
        height: 40px;
        border-width: 0;
        background: white;
        color: #737373;
        border-radius: 5px;
        white-space: nowrap;
        box-shadow: 1px 1px 0px 1px rgba(0,0,0,0.05);
        transition-property: background-color, box-shadow;
        transition-duration: 150ms;
        transition-timing-function: ease-in-out;
        padding: 0;

        &:focus,
        &:hover {
          box-shadow: 1px 4px 5px 1px rgba(0,0,0,0.1);
        }

        &:active {
          background-color: #e5e5e5;
          box-shadow: none;
          transition-duration: 10ms;
        }
      }

      .google-button__icon {
        display: inline-block;
        vertical-align: middle;
        margin: 8px 0 8px 8px;
        width: 18px;
        height: 18px;
        box-sizing: border-box;
      }

      .google-button__icon--plus {
        width: 27px;
      }

      .google-button__text {
        display: inline-block;
        vertical-align: middle;
        padding: 0 24px;
        font-size: 14px;
        font-weight: bold;
        font-family: 'Roboto',arial,sans-serif;
      }

      .login-card a {
        text-decoration: none;
        color: #666;
        font-weight: 400;
        text-align: center;
        display: inline-block;
        opacity: 0.6;
      }

      .login-help {
        color: #666;
        width: 100%;
        text-align: center;
        font-size: 12px;
      }

      .login-client-image img {
        margin-bottom: 20px;
        display: block;
        margin-left: auto;
        margin-right: auto;
        width: 20%;
      }

      .login-card input[type=checkbox] {
        margin-bottom: 10px;
      }

      .login-card label {
        color: #999;
      }

      .grant-debug {
        text-align: center;
        font-family: Fixed, monospace;
        width: 100%;
        font-size: 12px;
        color: #999;
      }

      .grant-debug div {
        padding-top: 10px;
      }

      .login-help + form {
        margin-top: 10px;
      }

      ul {
        font-weight: 100;
        padding-left: 1em;
        list-style-type: circle;
      }

      li + ul, ul + li, li + li {
        padding-top: 0.3em;
      }

      button {
        cursor: pointer;
      }
    </style>
  </head>
  <body>
    <div class="login-card">
      <h1>Sign-in</h1>
      
<form autocomplete="off" action="/interaction/tIdOvfU0oeHDSTheMhEfI/federated" method="post">
  <input type="hidden" name="provider" value="google">
  <button type="submit" class="google-button">
    <span class="google-button__icon">
      <svg viewBox="0 0 366 372" xmlns="http://www.w3.org/2000/svg"><path d="M125.9 10.2c40.2-13.9 85.3-13.6 125.3 1.1 22.2 8.2 42.5 21 59.9 37.1-5.8 6.3-12.1 12.2-18.1 18.3l-34.2 34.2c-11.3-10.8-25.1-19-40.1-23.6-17.6-5.3-36.6-6.1-54.6-2.2-21 4.5-40.5 15.5-55.6 30.9-12.2 12.3-21.4 27.5-27 43.9-20.3-15.8-40.6-31.5-61-47.3 21.5-43 60.1-76.9 105.4-92.4z" id="Shape" fill="#EA4335"/><path d="M20.6 102.4c20.3 15.8 40.6 31.5 61 47.3-8 23.3-8 49.2 0 72.4-20.3 15.8-40.6 31.6-60.9 47.3C1.9 232.7-3.8 189.6 4.4 149.2c3.3-16.2 8.7-32 16.2-46.8z" id="Shape" fill="#FBBC05"/><path d="M361.7 151.1c5.8 32.7 4.5 66.8-4.7 98.8-8.5 29.3-24.6 56.5-47.1 77.2l-59.1-45.9c19.5-13.1 33.3-34.3 37.2-57.5H186.6c.1-24.2.1-48.4.1-72.6h175z" id="Shape" fill="#4285F4"/><path d="M81.4 222.2c7.8 22.9 22.8 43.2 42.6 57.1 12.4 8.7 26.6 14.9 41.4 17.9 14.6 3 29.7 2.6 44.4.1 14.6-2.6 28.7-7.9 41-16.2l59.1 45.9c-21.3 19.7-48 33.1-76.2 39.6-31.2 7.1-64.2 7.3-95.2-1-24.6-6.5-47.7-18.2-67.6-34.1-20.9-16.6-38.3-38-50.4-62 20.3-15.7 40.6-31.5 60.9-47.3z" fill="#34A853"/></svg>
    </span>
    <span class="google-button__text">Sign in with Google</span>
  </button>
</form>
<div class="login-help">
  - or -
</div>

<form autocomplete="off" action="/interaction/tIdOvfU0oeHDSTheMhEfI/login" method="post">
  <input required type="text" name="login" placeholder="Enter any login" autofocus="on">
  <input required type="password" name="password" placeholder="and password" >

  <button type="submit" class="login login-submit">Sign-in</button>
</form>

      <div class="login-help">
        <a href="/interaction/tIdOvfU0oeHDSTheMhEfI/abort">[ Cancel ]</a>
        
        
      </div>
    </div>
    <div class="grant-debug">
      <details>
        <summary style="text-align: center;">(Click to expand) DEBUG information</summary>
        <div>
          <strong>uid</strong>: tIdOvfU0oeHDSTheMhEfI
        </div>

        

        <div>
          PARAMS <br>
         ======== <br>
          <strong>client_id</strong>: '1iwUYl7tvH3o-6kF4q5L2'<br/><strong>nonce</strong>: 'dZi5DQhMxe'<br/><strong>prompt</strong>: 'consent'<br/><strong>redirect_uri</strong>: 'https://www.certification.openid.net/test/6KUWLY0Gro/callback'<br/><strong>response_type</strong>: 'code id_token'<br/><strong>scope</strong>: 'openid offline_access'<br/><strong>state</strong>: '1uW16UpHhZ'
        </div>

        <div>
          PROMPT <br>
         ======== <br>
          <strong>name</strong>: 'login'<br/><strong>reasons</strong>: [ 'no_session' ]<br/><strong>details</strong>: { max_age: null, login_hint: null, id_token_hint: null }
        </div>
      </details>
    </div>
  </body>
</html>
response_content_type
text/html
response_status_text
200-OK
response_status_code
200
2020-07-28 20:07:00 INFO
WebRunner
Entering text
task
Login
browser
text
element_type
name
value
foo
url
https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI
target
login
2020-07-28 20:07:00 INFO
WebRunner
Entering text
task
Login
browser
text
element_type
name
value
bar
url
https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI
target
password
2020-07-28 20:07:00 INFO
WebRunner
Clicking an element
task
Login
browser
click
element_type
class
url
https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI
target
login-submit
2020-07-28 20:07:00 INFO
WebRunner
Completed processing of webpage
task
Login
browser
complete
response_status_text
200-OK
match
https://op.panva.cz/interaction*
url
https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI
response_status_code
200
2020-07-28 20:07:00 INFO
WebRunner
Clicking an element
task
Consent
browser
click
element_type
class
url
https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI
target
login-submit
2020-07-28 20:07:01 INCOMING
oidcc-refresh-token
Incoming HTTP request to test instance 6KUWLY0Gro
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,image/apng,*/*;q\u003d0.8",
  "referer": "https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI",
  "accept-encoding": "gzip, deflate",
  "accept-language": "en-US",
  "origin": "https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI",
  "cache-control": "max-age\u003d0",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
callback
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-07-28 20:07:01 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/x1KNokP6QDFXJRACxB3z",
  "fullUrl": "https://www.certification.openid.net/test/6KUWLY0Gro/implicit/x1KNokP6QDFXJRACxB3z"
}
2020-07-28 20:07:01 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance 6KUWLY0Gro
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/6KUWLY0Gro/implicit/x1KNokP6QDFXJRACxB3z, returnUrl=/log-detail.html?log=6KUWLY0Gro}]
outgoing_path
callback
2020-07-28 20:07:01 INFO
WebRunner
Completed processing of webpage
task
Consent
browser
complete
response_status_text
200-
match
https://op.panva.cz/interaction*
url
https://www.certification.openid.net/test/6KUWLY0Gro/callback#code=rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA&state=1uW16UpHhZ&session_state=DMpOdrLMaQFEKUL_N-A7x4urLZN1R8469ygqgWUbRLc
response_status_code
200
2020-07-28 20:07:01 INFO
WebRunner
Waiting
regexp
seconds
10
task
Verify Complete
browser
wait
action
element_type
id
url
https://www.certification.openid.net/test/6KUWLY0Gro/callback#code=rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA&state=1uW16UpHhZ&session_state=DMpOdrLMaQFEKUL_N-A7x4urLZN1R8469ygqgWUbRLc
target
submission_complete
2020-07-28 20:07:01 INCOMING
oidcc-refresh-token
Incoming HTTP request to test instance 6KUWLY0Gro
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36",
  "accept": "*/*",
  "referer": "https://www.certification.openid.net/test/6KUWLY0Gro/callback#code\u003drweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG\u0026id_token\u003deyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA\u0026state\u003d1uW16UpHhZ\u0026session_state\u003dDMpOdrLMaQFEKUL_N-A7x4urLZN1R8469ygqgWUbRLc",
  "accept-encoding": "gzip, deflate",
  "accept-language": "en-US",
  "cookie": "JSESSIONID\u003d1FF4B3C3ED6724FBC11F9A9D545170A9",
  "x-requested-with": "XMLHttpRequest",
  "content-type": "text/plain",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "843",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/x1KNokP6QDFXJRACxB3z
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
#code=rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA&state=1uW16UpHhZ&session_state=DMpOdrLMaQFEKUL_N-A7x4urLZN1R8469ygqgWUbRLc
2020-07-28 20:07:01 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance 6KUWLY0Gro
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [/log-detail.html?log=6KUWLY0Gro]
outgoing_path
implicit/x1KNokP6QDFXJRACxB3z
2020-07-28 20:07:01
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "value": "rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG",
    "name": "code"
  },
  {
    "value": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA",
    "name": "id_token"
  },
  {
    "value": "1uW16UpHhZ",
    "name": "state"
  },
  {
    "value": "DMpOdrLMaQFEKUL_N-A7x4urLZN1R8469ygqgWUbRLc",
    "name": "session_state"
  }
]
2020-07-28 20:07:01 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA
state
1uW16UpHhZ
session_state
DMpOdrLMaQFEKUL_N-A7x4urLZN1R8469ygqgWUbRLc
2020-07-28 20:07:01 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,image/apng,*/*;q\u003d0.8",
  "referer": "https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI",
  "accept-encoding": "gzip, deflate",
  "accept-language": "en-US",
  "origin": "https://op.panva.cz/interaction/tIdOvfU0oeHDSTheMhEfI",
  "cache-control": "max-age\u003d0",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG",
  "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA",
  "state": "1uW16UpHhZ",
  "session_state": "DMpOdrLMaQFEKUL_N-A7x4urLZN1R8469ygqgWUbRLc"
}
post_body
Verify authorization endpoint response
2020-07-28 20:07:01 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2020-07-28 20:07:01 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2020-07-28 20:07:01 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2020-07-28 20:07:01 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2020-07-28 20:07:01 SUCCESS
CheckMatchingStateParameter
State parameter correctly returned
state
1uW16UpHhZ
2020-07-28 20:07:01 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG
2020-07-28 20:07:01 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA
header
{
  "kid": "r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc",
  "typ": "JWT",
  "alg": "RS256"
}
claims
{
  "sub": "foo",
  "c_hash": "NvGQe2MjkwwIKf2jHErj5g",
  "aud": "1iwUYl7tvH3o-6kF4q5L2",
  "s_hash": "zbNxk-6g4HEtlEazuunYkA",
  "iss": "https://op.panva.cz",
  "exp": 1595970421,
  "nonce": "dZi5DQhMxe",
  "iat": 1595966821
}
2020-07-28 20:07:01 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-07-28 20:07:01 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
dZi5DQhMxe
2020-07-28 20:07:01 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2020-07-28 20:07:01 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA
2020-07-28 20:07:01 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA
2020-07-28 20:07:01 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
foo
2020-07-28 20:07:01 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
grant_type
authorization_code
code
rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
2020-07-28 20:07:01 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
1iwUYl7tvH3o-6kF4q5L2
sub
1iwUYl7tvH3o-6kF4q5L2
aud
https://op.panva.cz/token
jti
WuevRaI2e0dVkXub8A2i
iat
1595966821
exp
1595966881
2020-07-28 20:07:01 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODgxLCJpYXQiOjE1OTU5NjY4MjEsImp0aSI6Ild1ZXZSYUkyZTBkVmtYdWI4QTJpIn0.bhQt2RIF3Yn_QweCTUtfGLSVxhcTru-X9POG1p1_wcpxWytRIqfg08ST4JVIs9y-rEqyJZcmuEGF1HAmgOqh4Nxkpwz_rqdAEsHR2aGmPMYk8acbX1HQKmlXGMhAR18DMoU2rF4A-gFA9f9hRT2K1CA38IcNaEnpRkHmQUoFlAVQaRhT0bJFoCplYpZO1WjptrZZbLAbRvqp_2uG_UwI2bDY6Jn25AcC-cRoc3ecsAWjs5X97EBDOUsaAj6WsKIasH2T7uMlJ5kX2Yrnsv6YPTYYXCBGW_UvsmdR-nd9Sko3pb9guBQTHcD_EViT7-DjpOwxi4IKjQnjpN1nhwWtAg
2020-07-28 20:07:01
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODgxLCJpYXQiOjE1OTU5NjY4MjEsImp0aSI6Ild1ZXZSYUkyZTBkVmtYdWI4QTJpIn0.bhQt2RIF3Yn_QweCTUtfGLSVxhcTru-X9POG1p1_wcpxWytRIqfg08ST4JVIs9y-rEqyJZcmuEGF1HAmgOqh4Nxkpwz_rqdAEsHR2aGmPMYk8acbX1HQKmlXGMhAR18DMoU2rF4A-gFA9f9hRT2K1CA38IcNaEnpRkHmQUoFlAVQaRhT0bJFoCplYpZO1WjptrZZbLAbRvqp_2uG_UwI2bDY6Jn25AcC-cRoc3ecsAWjs5X97EBDOUsaAj6WsKIasH2T7uMlJ5kX2Yrnsv6YPTYYXCBGW_UvsmdR-nd9Sko3pb9guBQTHcD_EViT7-DjpOwxi4IKjQnjpN1nhwWtAg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2020-07-28 20:07:01
CallTokenEndpoint
HTTP request
request_uri
https://op.panva.cz/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "849"
}
request_body
grant_type=authorization_code&code=rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2F6KUWLY0Gro%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODgxLCJpYXQiOjE1OTU5NjY4MjEsImp0aSI6Ild1ZXZSYUkyZTBkVmtYdWI4QTJpIn0.bhQt2RIF3Yn_QweCTUtfGLSVxhcTru-X9POG1p1_wcpxWytRIqfg08ST4JVIs9y-rEqyJZcmuEGF1HAmgOqh4Nxkpwz_rqdAEsHR2aGmPMYk8acbX1HQKmlXGMhAR18DMoU2rF4A-gFA9f9hRT2K1CA38IcNaEnpRkHmQUoFlAVQaRhT0bJFoCplYpZO1WjptrZZbLAbRvqp_2uG_UwI2bDY6Jn25AcC-cRoc3ecsAWjs5X97EBDOUsaAj6WsKIasH2T7uMlJ5kX2Yrnsv6YPTYYXCBGW_UvsmdR-nd9Sko3pb9guBQTHcD_EViT7-DjpOwxi4IKjQnjpN1nhwWtAg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2020-07-28 20:07:01 INFO
WebRunner
Completed processing of webpage
task
Verify Complete
browser
complete
response_status_text
200-
match
*/test/*/callback*
url
https://www.certification.openid.net/test/6KUWLY0Gro/callback#code=rweQC8jFs-JyIKeVg2NIL3rK88RgUi6rYEKNjf68eSG&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJjX2hhc2giOiJOdkdRZTJNamt3d0lLZjJqSEVyajVnIiwic19oYXNoIjoiemJOeGstNmc0SEV0bEVhenV1bllrQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMSwiaWF0IjoxNTk1OTY2ODIxLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.P0KXoHwzruCZt12dArf93LuoNwsnUnYT1_hFOYEo32Hep1pbkHGRSNq3HMI-khPx54ljg68V7YrfCGQjPubdYLclUyVocLFJoNNSl8HY67tviT9WzAAa5Aluf2E3bmYkDQjjb1v7_Psgc3m1XslCceNzf_cTCkRMfTB5067hLzn9YFWwDMzDw1nN65K-fUfOQ7Su_sJEswGrWXUhMgMRe6flBFBfmwkYqvvze_g-wT5o0ZDKp7j54R8s4bgC40qb55Cn8MRboFOFWLrKC8ZXYi2DaMLWp-27kYeK0ztQ3ej1Uekt62HK2Bc9bS5SQ_CoHR-dd0OjnFEM17XS4OnsLA&state=1uW16UpHhZ&session_state=DMpOdrLMaQFEKUL_N-A7x4urLZN1R8469ygqgWUbRLc
response_status_code
200
2020-07-28 20:07:02 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "875",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:02 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"access_token":"9aAXY-2tjwj3tWzEMrObbU4I-iffnGKeNx95QXG76Ta","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiSXRIWm9YdlQ2MHJSZnpXQURZcGFqQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMiwiaWF0IjoxNTk1OTY2ODIyLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.JPacDJg-eex3beEN1G4IqRjWKoxVuZ62x9cs_VF1_5mjIiSB-Sx60sbvwE95C0zC6oQbkVo_kIgo-RXnwuiOrfHNl7XUe7SKLmn7rqvXA4LH-zkAVVyVV0e0UCCm4neBmyW-VgtyXjnuiKVrxQ4Cypg0Med6ElKukkZZm41hGBgm7X-3JUXP96Mm_k9Ni-aJxK2bgrNe87F2aZazjm2cRTzjLsnbSBxenztZTrRSlx_2DKNsaWIPzS1PrHT8N8wZ-Lycn7krkjIwQqOGzZ3-iLPjJC5BIhyBcHyY6C1dnC1HxTlJh9ZF5Sw5Wa6H7uGZQVGFvZ_tKyPucjO8ZtPcoA","refresh_token":"RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ","scope":"openid offline_access","token_type":"Bearer"}
2020-07-28 20:07:02
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"access_token":"9aAXY-2tjwj3tWzEMrObbU4I-iffnGKeNx95QXG76Ta","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiSXRIWm9YdlQ2MHJSZnpXQURZcGFqQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMiwiaWF0IjoxNTk1OTY2ODIyLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.JPacDJg-eex3beEN1G4IqRjWKoxVuZ62x9cs_VF1_5mjIiSB-Sx60sbvwE95C0zC6oQbkVo_kIgo-RXnwuiOrfHNl7XUe7SKLmn7rqvXA4LH-zkAVVyVV0e0UCCm4neBmyW-VgtyXjnuiKVrxQ4Cypg0Med6ElKukkZZm41hGBgm7X-3JUXP96Mm_k9Ni-aJxK2bgrNe87F2aZazjm2cRTzjLsnbSBxenztZTrRSlx_2DKNsaWIPzS1PrHT8N8wZ-Lycn7krkjIwQqOGzZ3-iLPjJC5BIhyBcHyY6C1dnC1HxTlJh9ZF5Sw5Wa6H7uGZQVGFvZ_tKyPucjO8ZtPcoA","refresh_token":"RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ","scope":"openid offline_access","token_type":"Bearer"}
2020-07-28 20:07:02 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
9aAXY-2tjwj3tWzEMrObbU4I-iffnGKeNx95QXG76Ta
expires_in
3600
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiSXRIWm9YdlQ2MHJSZnpXQURZcGFqQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMiwiaWF0IjoxNTk1OTY2ODIyLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.JPacDJg-eex3beEN1G4IqRjWKoxVuZ62x9cs_VF1_5mjIiSB-Sx60sbvwE95C0zC6oQbkVo_kIgo-RXnwuiOrfHNl7XUe7SKLmn7rqvXA4LH-zkAVVyVV0e0UCCm4neBmyW-VgtyXjnuiKVrxQ4Cypg0Med6ElKukkZZm41hGBgm7X-3JUXP96Mm_k9Ni-aJxK2bgrNe87F2aZazjm2cRTzjLsnbSBxenztZTrRSlx_2DKNsaWIPzS1PrHT8N8wZ-Lycn7krkjIwQqOGzZ3-iLPjJC5BIhyBcHyY6C1dnC1HxTlJh9ZF5Sw5Wa6H7uGZQVGFvZ_tKyPucjO8ZtPcoA
refresh_token
RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ
scope
openid offline_access
token_type
Bearer
2020-07-28 20:07:02 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2020-07-28 20:07:02 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
9aAXY-2tjwj3tWzEMrObbU4I-iffnGKeNx95QXG76Ta
2020-07-28 20:07:02 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
9aAXY-2tjwj3tWzEMrObbU4I-iffnGKeNx95QXG76Ta
type
Bearer
2020-07-28 20:07:02 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3600
2020-07-28 20:07:02 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3600
2020-07-28 20:07:02 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ
2020-07-28 20:07:02 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiSXRIWm9YdlQ2MHJSZnpXQURZcGFqQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMiwiaWF0IjoxNTk1OTY2ODIyLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.JPacDJg-eex3beEN1G4IqRjWKoxVuZ62x9cs_VF1_5mjIiSB-Sx60sbvwE95C0zC6oQbkVo_kIgo-RXnwuiOrfHNl7XUe7SKLmn7rqvXA4LH-zkAVVyVV0e0UCCm4neBmyW-VgtyXjnuiKVrxQ4Cypg0Med6ElKukkZZm41hGBgm7X-3JUXP96Mm_k9Ni-aJxK2bgrNe87F2aZazjm2cRTzjLsnbSBxenztZTrRSlx_2DKNsaWIPzS1PrHT8N8wZ-Lycn7krkjIwQqOGzZ3-iLPjJC5BIhyBcHyY6C1dnC1HxTlJh9ZF5Sw5Wa6H7uGZQVGFvZ_tKyPucjO8ZtPcoA
header
{
  "kid": "r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc",
  "typ": "JWT",
  "alg": "RS256"
}
claims
{
  "at_hash": "ItHZoXvT60rRfzWADYpajA",
  "sub": "foo",
  "aud": "1iwUYl7tvH3o-6kF4q5L2",
  "iss": "https://op.panva.cz",
  "exp": 1595970422,
  "nonce": "dZi5DQhMxe",
  "iat": 1595966822
}
2020-07-28 20:07:02 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-07-28 20:07:02 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
dZi5DQhMxe
2020-07-28 20:07:02 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2020-07-28 20:07:02 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiSXRIWm9YdlQ2MHJSZnpXQURZcGFqQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMiwiaWF0IjoxNTk1OTY2ODIyLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.JPacDJg-eex3beEN1G4IqRjWKoxVuZ62x9cs_VF1_5mjIiSB-Sx60sbvwE95C0zC6oQbkVo_kIgo-RXnwuiOrfHNl7XUe7SKLmn7rqvXA4LH-zkAVVyVV0e0UCCm4neBmyW-VgtyXjnuiKVrxQ4Cypg0Med6ElKukkZZm41hGBgm7X-3JUXP96Mm_k9Ni-aJxK2bgrNe87F2aZazjm2cRTzjLsnbSBxenztZTrRSlx_2DKNsaWIPzS1PrHT8N8wZ-Lycn7krkjIwQqOGzZ3-iLPjJC5BIhyBcHyY6C1dnC1HxTlJh9ZF5Sw5Wa6H7uGZQVGFvZ_tKyPucjO8ZtPcoA
2020-07-28 20:07:02 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiSXRIWm9YdlQ2MHJSZnpXQURZcGFqQSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyMiwiaWF0IjoxNTk1OTY2ODIyLCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.JPacDJg-eex3beEN1G4IqRjWKoxVuZ62x9cs_VF1_5mjIiSB-Sx60sbvwE95C0zC6oQbkVo_kIgo-RXnwuiOrfHNl7XUe7SKLmn7rqvXA4LH-zkAVVyVV0e0UCCm4neBmyW-VgtyXjnuiKVrxQ4Cypg0Med6ElKukkZZm41hGBgm7X-3JUXP96Mm_k9Ni-aJxK2bgrNe87F2aZazjm2cRTzjLsnbSBxenztZTrRSlx_2DKNsaWIPzS1PrHT8N8wZ-Lycn7krkjIwQqOGzZ3-iLPjJC5BIhyBcHyY6C1dnC1HxTlJh9ZF5Sw5Wa6H7uGZQVGFvZ_tKyPucjO8ZtPcoA
2020-07-28 20:07:02 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
foo
2020-07-28 20:07:02 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
foo
sub_token_endpoint
foo
2020-07-28 20:07:02 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ
2020-07-28 20:07:02 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "urn:ietf:params:oauth:grant-type:device_code"
]
2020-07-28 20:07:02 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2020-07-28 20:07:02 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ
2020-07-28 20:07:02 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid offline_access' to token endpoint request
grant_type
refresh_token
refresh_token
RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ
scope
openid offline_access
2020-07-28 20:07:02 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
1iwUYl7tvH3o-6kF4q5L2
sub
1iwUYl7tvH3o-6kF4q5L2
aud
https://op.panva.cz/token
jti
AoA6VAsbIGiaY9ljB4E4
iat
1595966822
exp
1595966882
2020-07-28 20:07:02 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODgyLCJpYXQiOjE1OTU5NjY4MjIsImp0aSI6IkFvQTZWQXNiSUdpYVk5bGpCNEU0In0.Un9ljbHs_r6kcI3Cca1pNqt4s34q3IYfrBLE-z9oCTPyhsEQCZphwshXtAQJQiDNKi5Q_f0doNWP9I8GLRg3HSagI2gpPRPFLXkx9whMtbQxERxvW_9YprZVtbBTHsXIFNm2IbSJ7O8k64RPTELcuA5nFIIVmqofpQ4ouHttaVZYk-jbXMJXL_Atw8uqu5VDo62nBJaoCrNvdJDwu3tfm4RAxwY6rgcf6dCTi2-sNpkqmgl67b_4Bk5jbW6q3BoptTq95kLgRcqs-j1Q0Pnb7xhWWIzDsTEvdqNPLMT78dTbptP16TYGSQeeeNsdNZTAgybNYduS17hHRKuiLaS_mg
2020-07-28 20:07:02
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ
scope
openid offline_access
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODgyLCJpYXQiOjE1OTU5NjY4MjIsImp0aSI6IkFvQTZWQXNiSUdpYVk5bGpCNEU0In0.Un9ljbHs_r6kcI3Cca1pNqt4s34q3IYfrBLE-z9oCTPyhsEQCZphwshXtAQJQiDNKi5Q_f0doNWP9I8GLRg3HSagI2gpPRPFLXkx9whMtbQxERxvW_9YprZVtbBTHsXIFNm2IbSJ7O8k64RPTELcuA5nFIIVmqofpQ4ouHttaVZYk-jbXMJXL_Atw8uqu5VDo62nBJaoCrNvdJDwu3tfm4RAxwY6rgcf6dCTi2-sNpkqmgl67b_4Bk5jbW6q3BoptTq95kLgRcqs-j1Q0Pnb7xhWWIzDsTEvdqNPLMT78dTbptP16TYGSQeeeNsdNZTAgybNYduS17hHRKuiLaS_mg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2020-07-28 20:07:02 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2020-07-28 20:07:03 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2020-07-28 20:07:03
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://op.panva.cz/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "794"
}
request_body
grant_type=refresh_token&refresh_token=RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ&scope=openid+offline_access&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODgyLCJpYXQiOjE1OTU5NjY4MjIsImp0aSI6IkFvQTZWQXNiSUdpYVk5bGpCNEU0In0.Un9ljbHs_r6kcI3Cca1pNqt4s34q3IYfrBLE-z9oCTPyhsEQCZphwshXtAQJQiDNKi5Q_f0doNWP9I8GLRg3HSagI2gpPRPFLXkx9whMtbQxERxvW_9YprZVtbBTHsXIFNm2IbSJ7O8k64RPTELcuA5nFIIVmqofpQ4ouHttaVZYk-jbXMJXL_Atw8uqu5VDo62nBJaoCrNvdJDwu3tfm4RAxwY6rgcf6dCTi2-sNpkqmgl67b_4Bk5jbW6q3BoptTq95kLgRcqs-j1Q0Pnb7xhWWIzDsTEvdqNPLMT78dTbptP16TYGSQeeeNsdNZTAgybNYduS17hHRKuiLaS_mg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2020-07-28 20:07:04 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "875",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:04 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"access_token":"sCU9gI_Y-NS5GaJ2Oc7H6Al86m1CktE-I2Hcvtjl8CM","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiMDMxUm42N1VuTjRmU3pEYzBEcnRpUSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyNCwiaWF0IjoxNTk1OTY2ODI0LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.tfa_UFX_NJCgy5eelnWYNfzD-s_nJKnz28S-tJaOmZgIXhdmCqEwuO71mEfCXxqHrIZqMMOFecWkFs3OlGdeAt1bWc_8ScVgkcBkh8_cP41eL4-883t3DslvqpO3fcP4s54mBGnFWUy2PelmP1ArJdTwmcO3EYQiUHqB3FlSFfGKWqWmF0NITidFCa5t5aZy-iEA-xdp2adA5mPs-kwrvxUlh2eSQY1sfrAik9Rcl94LOUUnEU9jJVuGKH9waZz99nlikcG55o7ybFRshvZLEokAachC9QTCL7i-A6dKhmAhTZSPZxKWaAe-pueL6kqDsXtU5Byny9_eVANqLlvDtA","refresh_token":"RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ","scope":"openid offline_access","token_type":"Bearer"}
2020-07-28 20:07:04 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
sCU9gI_Y-NS5GaJ2Oc7H6Al86m1CktE-I2Hcvtjl8CM
expires_in
3600
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiMDMxUm42N1VuTjRmU3pEYzBEcnRpUSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyNCwiaWF0IjoxNTk1OTY2ODI0LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.tfa_UFX_NJCgy5eelnWYNfzD-s_nJKnz28S-tJaOmZgIXhdmCqEwuO71mEfCXxqHrIZqMMOFecWkFs3OlGdeAt1bWc_8ScVgkcBkh8_cP41eL4-883t3DslvqpO3fcP4s54mBGnFWUy2PelmP1ArJdTwmcO3EYQiUHqB3FlSFfGKWqWmF0NITidFCa5t5aZy-iEA-xdp2adA5mPs-kwrvxUlh2eSQY1sfrAik9Rcl94LOUUnEU9jJVuGKH9waZz99nlikcG55o7ybFRshvZLEokAachC9QTCL7i-A6dKhmAhTZSPZxKWaAe-pueL6kqDsXtU5Byny9_eVANqLlvDtA
refresh_token
RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ
scope
openid offline_access
token_type
Bearer
2020-07-28 20:07:04 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2020-07-28 20:07:04 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2020-07-28 20:07:04 SUCCESS
CheckTokenEndpointCacheHeaders
Checked 'pragma' and 'cache-control' in the headers of token_endpoint_response.
2020-07-28 20:07:04 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2020-07-28 20:07:04 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
sCU9gI_Y-NS5GaJ2Oc7H6Al86m1CktE-I2Hcvtjl8CM
type
Bearer
2020-07-28 20:07:04 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2020-07-28 20:07:04 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
210.5744969500267
expected
96.0
2020-07-28 20:07:04 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2020-07-28 20:07:04 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3600
2020-07-28 20:07:04 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3600
2020-07-28 20:07:04 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
9aAXY-2tjwj3tWzEMrObbU4I-iffnGKeNx95QXG76Ta
second_access_token
sCU9gI_Y-NS5GaJ2Oc7H6Al86m1CktE-I2Hcvtjl8CM
2020-07-28 20:07:04 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6ImRaaTVEUWhNeGUiLCJhdF9oYXNoIjoiMDMxUm42N1VuTjRmU3pEYzBEcnRpUSIsImF1ZCI6IjFpd1VZbDd0dkgzby02a0Y0cTVMMiIsImV4cCI6MTU5NTk3MDQyNCwiaWF0IjoxNTk1OTY2ODI0LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.tfa_UFX_NJCgy5eelnWYNfzD-s_nJKnz28S-tJaOmZgIXhdmCqEwuO71mEfCXxqHrIZqMMOFecWkFs3OlGdeAt1bWc_8ScVgkcBkh8_cP41eL4-883t3DslvqpO3fcP4s54mBGnFWUy2PelmP1ArJdTwmcO3EYQiUHqB3FlSFfGKWqWmF0NITidFCa5t5aZy-iEA-xdp2adA5mPs-kwrvxUlh2eSQY1sfrAik9Rcl94LOUUnEU9jJVuGKH9waZz99nlikcG55o7ybFRshvZLEokAachC9QTCL7i-A6dKhmAhTZSPZxKWaAe-pueL6kqDsXtU5Byny9_eVANqLlvDtA
header
{
  "kid": "r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc",
  "typ": "JWT",
  "alg": "RS256"
}
claims
{
  "at_hash": "031Rn67UnN4fSzDc0DrtiQ",
  "sub": "foo",
  "aud": "1iwUYl7tvH3o-6kF4q5L2",
  "iss": "https://op.panva.cz",
  "exp": 1595970424,
  "nonce": "dZi5DQhMxe",
  "iat": 1595966824
}
2020-07-28 20:07:04 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
RIfpPp7sE0sSSEO_j9_ZApL34ZrheWcdRCnAzqDw2MJ
2020-07-28 20:07:04 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
344
required
128
2020-07-28 20:07:04 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
214.5744969500267
expected
96.0
2020-07-28 20:07:04 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://op.panva.cz",
  "second": "https://op.panva.cz",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "foo",
  "second": "foo",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1595966822,
  "second": 1595966824,
  "note": "Values are expected to be different"
}
aud
{
  "first": "1iwUYl7tvH3o-6kF4q5L2",
  "second": "1iwUYl7tvH3o-6kF4q5L2",
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Userinfo endpoint tests
2020-07-28 20:07:04
CallProtectedResourceWithBearerToken
HTTP request
request_uri
https://op.panva.cz/me
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer sCU9gI_Y-NS5GaJ2Oc7H6Al86m1CktE-I2Hcvtjl8CM",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
2020-07-28 20:07:04 RESPONSE
CallProtectedResourceWithBearerToken
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "13",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:04 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"sub":"foo"}
2020-07-28 20:07:04 SUCCESS
CallProtectedResourceWithBearerToken
Got a response from the resource endpoint
headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "13",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:04 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
status_code
{
  "code": 200
}
body
{"sub":"foo"}
Second client: Make request to authorization endpoint
2020-07-28 20:07:04 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
8KlJXKAOy0Q0TaRIrgKQt
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
2020-07-28 20:07:04
CreateRandomStateValue
Created state value
requested_state_length
10
state
tW1mD9OjiN
2020-07-28 20:07:04 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
8KlJXKAOy0Q0TaRIrgKQt
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
state
tW1mD9OjiN
2020-07-28 20:07:04
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
zTohMnpxXS
2020-07-28 20:07:04 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
8KlJXKAOy0Q0TaRIrgKQt
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
state
tW1mD9OjiN
nonce
zTohMnpxXS
2020-07-28 20:07:04 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
8KlJXKAOy0Q0TaRIrgKQt
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
state
tW1mD9OjiN
nonce
zTohMnpxXS
response_type
code id_token
2020-07-28 20:07:04 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Added prompt=consent to authorization endpoint request
client_id
8KlJXKAOy0Q0TaRIrgKQt
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
scope
openid offline_access
state
tW1mD9OjiN
nonce
zTohMnpxXS
response_type
code id_token
prompt
consent
2020-07-28 20:07:04 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://op.panva.cz/auth?client_id=8KlJXKAOy0Q0TaRIrgKQt&redirect_uri=https://www.certification.openid.net/test/6KUWLY0Gro/callback&scope=openid%20offline_access&state=tW1mD9OjiN&nonce=zTohMnpxXS&response_type=code%20id_token&prompt=consent
2020-07-28 20:07:04 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://op.panva.cz/auth?client_id=8KlJXKAOy0Q0TaRIrgKQt&redirect_uri=https://www.certification.openid.net/test/6KUWLY0Gro/callback&scope=openid%20offline_access&state=tW1mD9OjiN&nonce=zTohMnpxXS&response_type=code%20id_token&prompt=consent
2020-07-28 20:07:04
WebRunner
Scripted browser HTTP request
browser
goToUrl
request_method
GET
request_uri
https://op.panva.cz/auth?client_id=8KlJXKAOy0Q0TaRIrgKQt&redirect_uri=https://www.certification.openid.net/test/6KUWLY0Gro/callback&scope=openid%20offline_access&state=tW1mD9OjiN&nonce=zTohMnpxXS&response_type=code%20id_token&prompt=consent
2020-07-28 20:07:05 RESPONSE
WebRunner
Scripted browser HTTP response
response_content
<!DOCTYPE html>
<html >
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    <meta http-equiv="x-ua-compatible" content="ie=edge">
    <title>Sign-in</title>
    <style>
      @import url(https://fonts.googleapis.com/css?family=Roboto:400,100);

      body {
        font-family: 'Roboto', sans-serif;
        margin-top: 25px;
        margin-bottom: 25px;
      }

      .login-card {
        padding: 40px;
        padding-top: 0px;
        padding-bottom: 10px;
        width: 274px;
        background-color: #F7F7F7;
        margin: 0 auto 10px;
        border-radius: 2px;
        box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);
        overflow: hidden;
      }

      .login-card + .login-card {
        padding-top: 10px;
      }

      .login-card h1 {
        font-weight: 100;
        text-align: center;
        font-size: 2.3em;
      }

      .login-card [type=submit] {
        width: 100%;
        display: block;
        margin-bottom: 10px;
        position: relative;
      }

      .login-card input[type=text], input[type=email], input[type=password] {
        height: 44px;
        font-size: 16px;
        width: 100%;
        margin-bottom: 10px;
        -webkit-appearance: none;
        background: #fff;
        border: 1px solid #d9d9d9;
        border-top: 1px solid #c0c0c0;
        padding: 0 8px;
        box-sizing: border-box;
        -moz-box-sizing: border-box;
      }

      .login {
        text-align: center;
        font-size: 14px;
        font-family: 'Arial', sans-serif;
        font-weight: 700;
        height: 36px;
        padding: 0 8px;
      }

      .login-submit {
        border: 0px;
        color: #fff;
        text-shadow: 0 1px rgba(0,0,0,0.1);
        background-color: #4d90fe;
      }

      .google-button {
        height: 40px;
        border-width: 0;
        background: white;
        color: #737373;
        border-radius: 5px;
        white-space: nowrap;
        box-shadow: 1px 1px 0px 1px rgba(0,0,0,0.05);
        transition-property: background-color, box-shadow;
        transition-duration: 150ms;
        transition-timing-function: ease-in-out;
        padding: 0;

        &:focus,
        &:hover {
          box-shadow: 1px 4px 5px 1px rgba(0,0,0,0.1);
        }

        &:active {
          background-color: #e5e5e5;
          box-shadow: none;
          transition-duration: 10ms;
        }
      }

      .google-button__icon {
        display: inline-block;
        vertical-align: middle;
        margin: 8px 0 8px 8px;
        width: 18px;
        height: 18px;
        box-sizing: border-box;
      }

      .google-button__icon--plus {
        width: 27px;
      }

      .google-button__text {
        display: inline-block;
        vertical-align: middle;
        padding: 0 24px;
        font-size: 14px;
        font-weight: bold;
        font-family: 'Roboto',arial,sans-serif;
      }

      .login-card a {
        text-decoration: none;
        color: #666;
        font-weight: 400;
        text-align: center;
        display: inline-block;
        opacity: 0.6;
      }

      .login-help {
        color: #666;
        width: 100%;
        text-align: center;
        font-size: 12px;
      }

      .login-client-image img {
        margin-bottom: 20px;
        display: block;
        margin-left: auto;
        margin-right: auto;
        width: 20%;
      }

      .login-card input[type=checkbox] {
        margin-bottom: 10px;
      }

      .login-card label {
        color: #999;
      }

      .grant-debug {
        text-align: center;
        font-family: Fixed, monospace;
        width: 100%;
        font-size: 12px;
        color: #999;
      }

      .grant-debug div {
        padding-top: 10px;
      }

      .login-help + form {
        margin-top: 10px;
      }

      ul {
        font-weight: 100;
        padding-left: 1em;
        list-style-type: circle;
      }

      li + ul, ul + li, li + li {
        padding-top: 0.3em;
      }

      button {
        cursor: pointer;
      }
    </style>
  </head>
  <body>
    <div class="login-card">
      <h1>Authorize</h1>
      <div class="login-client-image">
  
</div>

<ul>

  <li>this is a new authorization</li>











  <li>
  the client is asking to have offline access to this authorization
    
  </li>


</ul>

<form autocomplete="off" action="/interaction/0U9Cv0GIrMALIg8dRkm8Q/confirm" method="post">
  <button autofocus type="submit" class="login login-submit">Continue</button>
</form>

      <div class="login-help">
        <a href="/interaction/0U9Cv0GIrMALIg8dRkm8Q/abort">[ Cancel ]</a>
        
        
      </div>
    </div>
    <div class="grant-debug">
      <details>
        <summary style="text-align: center;">(Click to expand) DEBUG information</summary>
        <div>
          <strong>uid</strong>: 0U9Cv0GIrMALIg8dRkm8Q
        </div>

        
        <div>
          SESSION <br>
         ========= <br>
          <strong>accountId</strong>: 'foo'<br/><strong>uid</strong>: '_CUPJuidn1zrK4UMIbC17'<br/><strong>cookie</strong>: 'F2qxCfGAi-7zlb3CoDtOe'<br/><strong>acr</strong>: 'urn:mace:incommon:iap:bronze'<br/><strong>amr</strong>: [ 'pwd' ]
        </div>
        

        <div>
          PARAMS <br>
         ======== <br>
          <strong>client_id</strong>: '8KlJXKAOy0Q0TaRIrgKQt'<br/><strong>nonce</strong>: 'zTohMnpxXS'<br/><strong>prompt</strong>: 'consent'<br/><strong>redirect_uri</strong>: 'https://www.certification.openid.net/test/6KUWLY0Gro/callback'<br/><strong>response_type</strong>: 'code id_token'<br/><strong>scope</strong>: 'openid offline_access'<br/><strong>state</strong>: 'tW1mD9OjiN'
        </div>

        <div>
          PROMPT <br>
         ======== <br>
          <strong>name</strong>: 'consent'<br/><strong>reasons</strong>: [ 'consent_prompt', 'client_not_authorized', 'scopes_missing' ]<br/><strong>details</strong>: {
  scopes: { new: [ 'openid', 'offline_access' ], accepted: [], rejected: [] },
  claims: { new: [], accepted: [], rejected: [] }
}
        </div>
      </details>
    </div>
  </body>
</html>
response_content_type
text/html
response_status_text
200-OK
response_status_code
200
2020-07-28 20:07:05 INFO
WebRunner
Entering text
task
Login
browser
text
element_type
name
value
foo
url
https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q
target
login
2020-07-28 20:07:05 INFO
WebRunner
Element not found, skipping as 'text' command is marked 'optional'
task
Login
browser
text
element_type
name
value
foo
url
https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q
target
login
2020-07-28 20:07:05 INFO
WebRunner
Entering text
task
Login
browser
text
element_type
name
value
bar
url
https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q
target
password
2020-07-28 20:07:05 INFO
WebRunner
Element not found, skipping as 'text' command is marked 'optional'
task
Login
browser
text
element_type
name
value
bar
url
https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q
target
password
2020-07-28 20:07:05 INFO
WebRunner
Clicking an element
task
Login
browser
click
element_type
class
url
https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q
target
login-submit
2020-07-28 20:07:06 INCOMING
oidcc-refresh-token
Incoming HTTP request to test instance 6KUWLY0Gro
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,image/apng,*/*;q\u003d0.8",
  "referer": "https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q",
  "accept-encoding": "gzip, deflate",
  "accept-language": "en-US",
  "cookie": "JSESSIONID\u003d1FF4B3C3ED6724FBC11F9A9D545170A9",
  "origin": "https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q",
  "cache-control": "max-age\u003d0",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
callback
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-07-28 20:07:06 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/VOd9zxPXieLNYLyMxyYh",
  "fullUrl": "https://www.certification.openid.net/test/6KUWLY0Gro/implicit/VOd9zxPXieLNYLyMxyYh"
}
2020-07-28 20:07:06 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance 6KUWLY0Gro
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/6KUWLY0Gro/implicit/VOd9zxPXieLNYLyMxyYh, returnUrl=/log-detail.html?log=6KUWLY0Gro}]
outgoing_path
callback
2020-07-28 20:07:06 INFO
WebRunner
Completed processing of webpage
task
Login
browser
complete
response_status_text
200-
match
https://op.panva.cz/interaction*
url
https://www.certification.openid.net/test/6KUWLY0Gro/callback#code=VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA&state=tW1mD9OjiN&session_state=zm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y
response_status_code
200
2020-07-28 20:07:06
WebRunner
Skipping optional task due to URL mismatch
task
Consent
browser
skip
match
https://op.panva.cz/interaction*
url
https://www.certification.openid.net/test/6KUWLY0Gro/callback#code=VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA&state=tW1mD9OjiN&session_state=zm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y
commands
[
  [
    "click",
    "class",
    "login-submit"
  ]
]
2020-07-28 20:07:06 INFO
WebRunner
Waiting
regexp
seconds
10
task
Verify Complete
browser
wait
action
element_type
id
url
https://www.certification.openid.net/test/6KUWLY0Gro/callback#code=VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA&state=tW1mD9OjiN&session_state=zm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y
target
submission_complete
2020-07-28 20:07:06 INCOMING
oidcc-refresh-token
Incoming HTTP request to test instance 6KUWLY0Gro
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36",
  "accept": "*/*",
  "referer": "https://www.certification.openid.net/test/6KUWLY0Gro/callback#code\u003dVInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj\u0026id_token\u003deyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA\u0026state\u003dtW1mD9OjiN\u0026session_state\u003dzm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y",
  "accept-encoding": "gzip, deflate",
  "accept-language": "en-US",
  "cookie": "JSESSIONID\u003d1FF4B3C3ED6724FBC11F9A9D545170A9",
  "x-requested-with": "XMLHttpRequest",
  "content-type": "text/plain",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "843",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/VOd9zxPXieLNYLyMxyYh
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
#code=VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA&state=tW1mD9OjiN&session_state=zm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y
2020-07-28 20:07:06 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance 6KUWLY0Gro
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [/log-detail.html?log=6KUWLY0Gro]
outgoing_path
implicit/VOd9zxPXieLNYLyMxyYh
2020-07-28 20:07:06
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "value": "VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj",
    "name": "code"
  },
  {
    "value": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA",
    "name": "id_token"
  },
  {
    "value": "tW1mD9OjiN",
    "name": "state"
  },
  {
    "value": "zm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y",
    "name": "session_state"
  }
]
2020-07-28 20:07:06 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA
state
tW1mD9OjiN
session_state
zm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y
2020-07-28 20:07:06 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,image/apng,*/*;q\u003d0.8",
  "referer": "https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q",
  "accept-encoding": "gzip, deflate",
  "accept-language": "en-US",
  "cookie": "JSESSIONID\u003d1FF4B3C3ED6724FBC11F9A9D545170A9",
  "origin": "https://op.panva.cz/interaction/0U9Cv0GIrMALIg8dRkm8Q",
  "cache-control": "max-age\u003d0",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj",
  "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA",
  "state": "tW1mD9OjiN",
  "session_state": "zm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y"
}
post_body
Second client: Verify authorization endpoint response
2020-07-28 20:07:06 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2020-07-28 20:07:06 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2020-07-28 20:07:06 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2020-07-28 20:07:06 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2020-07-28 20:07:06 SUCCESS
CheckMatchingStateParameter
State parameter correctly returned
state
tW1mD9OjiN
2020-07-28 20:07:06 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj
2020-07-28 20:07:06 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA
header
{
  "kid": "r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc",
  "typ": "JWT",
  "alg": "RS256"
}
claims
{
  "sub": "foo",
  "c_hash": "FayOKUD89ALPrFXBDZ3O_A",
  "aud": "8KlJXKAOy0Q0TaRIrgKQt",
  "s_hash": "hQ8A8t4QnUC5ksfHxEQOJw",
  "iss": "https://op.panva.cz",
  "exp": 1595970426,
  "nonce": "zTohMnpxXS",
  "iat": 1595966826
}
2020-07-28 20:07:06 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-07-28 20:07:06 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
zTohMnpxXS
2020-07-28 20:07:06 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2020-07-28 20:07:06 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA
2020-07-28 20:07:06 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA
2020-07-28 20:07:06 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
foo
2020-07-28 20:07:06 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
grant_type
authorization_code
code
VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
2020-07-28 20:07:06 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
8KlJXKAOy0Q0TaRIrgKQt
sub
8KlJXKAOy0Q0TaRIrgKQt
aud
https://op.panva.cz/token
jti
QPYN23KaY2hwQUrhoMys
iat
1595966826
exp
1595966886
2020-07-28 20:07:06 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4S2xKWEtBT3kwUTBUYVJJcmdLUXQiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiOEtsSlhLQU95MFEwVGFSSXJnS1F0IiwiZXhwIjoxNTk1OTY2ODg2LCJpYXQiOjE1OTU5NjY4MjYsImp0aSI6IlFQWU4yM0thWTJod1FVcmhvTXlzIn0.HTUEg4n1-yopoPx5y-t7Rzao7Hatq_gAANh0VVUaO-piGR94aGP4K3XQtbgbkfnoOevvTzaiZ0PLYybsW7GV0Q95hVcl9Rl5iFVjULt0KycbjQhAs3SswEpRRaEQS4XNIFf3drGCrnrb2Sequaa7RLvGTDORHYCx9VADTjsYhFsJkpZubgtShFd-xQl8yKLjtd7f4OoOQammUp-XhRvECl0epvZPK7SPBikqgbDofkldaSwm4_Kiq8rlAue8wXgT6Mv8uXhig1DJOahiLQCWQWNKgHOWdq6xJkoZV7XaLI-S485UAL_21_AoVtF4L7b5e7TmxCVHGHx_zLRwe-tlIw
2020-07-28 20:07:06
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj
redirect_uri
https://www.certification.openid.net/test/6KUWLY0Gro/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4S2xKWEtBT3kwUTBUYVJJcmdLUXQiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiOEtsSlhLQU95MFEwVGFSSXJnS1F0IiwiZXhwIjoxNTk1OTY2ODg2LCJpYXQiOjE1OTU5NjY4MjYsImp0aSI6IlFQWU4yM0thWTJod1FVcmhvTXlzIn0.HTUEg4n1-yopoPx5y-t7Rzao7Hatq_gAANh0VVUaO-piGR94aGP4K3XQtbgbkfnoOevvTzaiZ0PLYybsW7GV0Q95hVcl9Rl5iFVjULt0KycbjQhAs3SswEpRRaEQS4XNIFf3drGCrnrb2Sequaa7RLvGTDORHYCx9VADTjsYhFsJkpZubgtShFd-xQl8yKLjtd7f4OoOQammUp-XhRvECl0epvZPK7SPBikqgbDofkldaSwm4_Kiq8rlAue8wXgT6Mv8uXhig1DJOahiLQCWQWNKgHOWdq6xJkoZV7XaLI-S485UAL_21_AoVtF4L7b5e7TmxCVHGHx_zLRwe-tlIw
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2020-07-28 20:07:06
CallTokenEndpoint
HTTP request
request_uri
https://op.panva.cz/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "849"
}
request_body
grant_type=authorization_code&code=VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2F6KUWLY0Gro%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4S2xKWEtBT3kwUTBUYVJJcmdLUXQiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiOEtsSlhLQU95MFEwVGFSSXJnS1F0IiwiZXhwIjoxNTk1OTY2ODg2LCJpYXQiOjE1OTU5NjY4MjYsImp0aSI6IlFQWU4yM0thWTJod1FVcmhvTXlzIn0.HTUEg4n1-yopoPx5y-t7Rzao7Hatq_gAANh0VVUaO-piGR94aGP4K3XQtbgbkfnoOevvTzaiZ0PLYybsW7GV0Q95hVcl9Rl5iFVjULt0KycbjQhAs3SswEpRRaEQS4XNIFf3drGCrnrb2Sequaa7RLvGTDORHYCx9VADTjsYhFsJkpZubgtShFd-xQl8yKLjtd7f4OoOQammUp-XhRvECl0epvZPK7SPBikqgbDofkldaSwm4_Kiq8rlAue8wXgT6Mv8uXhig1DJOahiLQCWQWNKgHOWdq6xJkoZV7XaLI-S485UAL_21_AoVtF4L7b5e7TmxCVHGHx_zLRwe-tlIw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2020-07-28 20:07:06 INFO
WebRunner
Completed processing of webpage
task
Verify Complete
browser
complete
response_status_text
200-
match
*/test/*/callback*
url
https://www.certification.openid.net/test/6KUWLY0Gro/callback#code=VInR9_RB3NWPK1xGyxGDP7YGux_kl7LlEV6KupK59sj&id_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJjX2hhc2giOiJGYXlPS1VEODlBTFByRlhCRFozT19BIiwic19oYXNoIjoiaFE4QTh0NFFuVUM1a3NmSHhFUU9KdyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNiwiaWF0IjoxNTk1OTY2ODI2LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.NxkZiAJI-A3tJCLvAXSL_ITVDQn710ygsLK-XxR-TWjJ0dtMwZAlsP3eog54vKxT9P_1cCAGITBvoOBdh_ZdLkS4Kvciua2I-5CIOfO5Petg4MU4KrwKr0jskC1-dGlll7lcLuxB2rpBHjfikW9FFJbQNY0excOJY6ho0d7C7l7_LU1-nXXoOXsiFTSDR4DMPJPakSznT8ev1-0MVE1qqP6YFcVjkV_1eEB9V0x9toLPjv9vujo4XwPzTwLuaOn2lUXkqPrUoGd5KukJ03WJ4U19ucOqQX2mHgRoMb6J2U9M9yPuImTo7iJLJvkwgCU4BlCaWaEzuf_gqaFALuC3TA&state=tW1mD9OjiN&session_state=zm-RCW84mIDNOp6gxC-LRStJ7Mk5adhDp7tm5n5ju_Y
response_status_code
200
2020-07-28 20:07:07 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "875",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:07 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"access_token":"LA-QsFHIyHmTN78cSeNUYHZM83KjqVrUrJqLhKh2_9C","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoienR5OFRkcmxkaS1FOFFpSnk4ZVNaUSIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNywiaWF0IjoxNTk1OTY2ODI3LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.TrPHaIqpgscgeJu9CklwQNUcki47ARKjVXnKClqA9cdLGWHb0wXgp99W12uAeTCnhFzeplwCsWNejmFZghOpLBEmyubnESqe0zpC2ikFyrnpESZBq0dnvBCg-WkR0bn2t9iMlT2xWWxwzWaImRU4WKYQVOvR7egBz7F7InXzYX5uATfJXUUhJCDXdRoGf0reW3ac6MjKA1UHCuSpXLsdBs6E6GenU2zj60hGQ0r7aqcSsAivbjKFr7MY5d0WFfCf4kOZVtzHBu02gT6iVEMrzESKrZgwPuBCDGRP7xstiqxpL2tHOYS64206uYPtWtOcuuQQLDgaTaXH_wG3AMmfpQ","refresh_token":"ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly","scope":"openid offline_access","token_type":"Bearer"}
2020-07-28 20:07:07
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"access_token":"LA-QsFHIyHmTN78cSeNUYHZM83KjqVrUrJqLhKh2_9C","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoienR5OFRkcmxkaS1FOFFpSnk4ZVNaUSIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNywiaWF0IjoxNTk1OTY2ODI3LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.TrPHaIqpgscgeJu9CklwQNUcki47ARKjVXnKClqA9cdLGWHb0wXgp99W12uAeTCnhFzeplwCsWNejmFZghOpLBEmyubnESqe0zpC2ikFyrnpESZBq0dnvBCg-WkR0bn2t9iMlT2xWWxwzWaImRU4WKYQVOvR7egBz7F7InXzYX5uATfJXUUhJCDXdRoGf0reW3ac6MjKA1UHCuSpXLsdBs6E6GenU2zj60hGQ0r7aqcSsAivbjKFr7MY5d0WFfCf4kOZVtzHBu02gT6iVEMrzESKrZgwPuBCDGRP7xstiqxpL2tHOYS64206uYPtWtOcuuQQLDgaTaXH_wG3AMmfpQ","refresh_token":"ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly","scope":"openid offline_access","token_type":"Bearer"}
2020-07-28 20:07:07 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
LA-QsFHIyHmTN78cSeNUYHZM83KjqVrUrJqLhKh2_9C
expires_in
3600
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoienR5OFRkcmxkaS1FOFFpSnk4ZVNaUSIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNywiaWF0IjoxNTk1OTY2ODI3LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.TrPHaIqpgscgeJu9CklwQNUcki47ARKjVXnKClqA9cdLGWHb0wXgp99W12uAeTCnhFzeplwCsWNejmFZghOpLBEmyubnESqe0zpC2ikFyrnpESZBq0dnvBCg-WkR0bn2t9iMlT2xWWxwzWaImRU4WKYQVOvR7egBz7F7InXzYX5uATfJXUUhJCDXdRoGf0reW3ac6MjKA1UHCuSpXLsdBs6E6GenU2zj60hGQ0r7aqcSsAivbjKFr7MY5d0WFfCf4kOZVtzHBu02gT6iVEMrzESKrZgwPuBCDGRP7xstiqxpL2tHOYS64206uYPtWtOcuuQQLDgaTaXH_wG3AMmfpQ
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
scope
openid offline_access
token_type
Bearer
2020-07-28 20:07:07 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2020-07-28 20:07:07 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
LA-QsFHIyHmTN78cSeNUYHZM83KjqVrUrJqLhKh2_9C
2020-07-28 20:07:07 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
LA-QsFHIyHmTN78cSeNUYHZM83KjqVrUrJqLhKh2_9C
type
Bearer
2020-07-28 20:07:07 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3600
2020-07-28 20:07:07 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3600
2020-07-28 20:07:07 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
2020-07-28 20:07:07 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoienR5OFRkcmxkaS1FOFFpSnk4ZVNaUSIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNywiaWF0IjoxNTk1OTY2ODI3LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.TrPHaIqpgscgeJu9CklwQNUcki47ARKjVXnKClqA9cdLGWHb0wXgp99W12uAeTCnhFzeplwCsWNejmFZghOpLBEmyubnESqe0zpC2ikFyrnpESZBq0dnvBCg-WkR0bn2t9iMlT2xWWxwzWaImRU4WKYQVOvR7egBz7F7InXzYX5uATfJXUUhJCDXdRoGf0reW3ac6MjKA1UHCuSpXLsdBs6E6GenU2zj60hGQ0r7aqcSsAivbjKFr7MY5d0WFfCf4kOZVtzHBu02gT6iVEMrzESKrZgwPuBCDGRP7xstiqxpL2tHOYS64206uYPtWtOcuuQQLDgaTaXH_wG3AMmfpQ
header
{
  "kid": "r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc",
  "typ": "JWT",
  "alg": "RS256"
}
claims
{
  "at_hash": "zty8Tdrldi-E8QiJy8eSZQ",
  "sub": "foo",
  "aud": "8KlJXKAOy0Q0TaRIrgKQt",
  "iss": "https://op.panva.cz",
  "exp": 1595970427,
  "nonce": "zTohMnpxXS",
  "iat": 1595966827
}
2020-07-28 20:07:07 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-07-28 20:07:07 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
zTohMnpxXS
2020-07-28 20:07:07 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2020-07-28 20:07:07 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoienR5OFRkcmxkaS1FOFFpSnk4ZVNaUSIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNywiaWF0IjoxNTk1OTY2ODI3LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.TrPHaIqpgscgeJu9CklwQNUcki47ARKjVXnKClqA9cdLGWHb0wXgp99W12uAeTCnhFzeplwCsWNejmFZghOpLBEmyubnESqe0zpC2ikFyrnpESZBq0dnvBCg-WkR0bn2t9iMlT2xWWxwzWaImRU4WKYQVOvR7egBz7F7InXzYX5uATfJXUUhJCDXdRoGf0reW3ac6MjKA1UHCuSpXLsdBs6E6GenU2zj60hGQ0r7aqcSsAivbjKFr7MY5d0WFfCf4kOZVtzHBu02gT6iVEMrzESKrZgwPuBCDGRP7xstiqxpL2tHOYS64206uYPtWtOcuuQQLDgaTaXH_wG3AMmfpQ
2020-07-28 20:07:07 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoienR5OFRkcmxkaS1FOFFpSnk4ZVNaUSIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyNywiaWF0IjoxNTk1OTY2ODI3LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.TrPHaIqpgscgeJu9CklwQNUcki47ARKjVXnKClqA9cdLGWHb0wXgp99W12uAeTCnhFzeplwCsWNejmFZghOpLBEmyubnESqe0zpC2ikFyrnpESZBq0dnvBCg-WkR0bn2t9iMlT2xWWxwzWaImRU4WKYQVOvR7egBz7F7InXzYX5uATfJXUUhJCDXdRoGf0reW3ac6MjKA1UHCuSpXLsdBs6E6GenU2zj60hGQ0r7aqcSsAivbjKFr7MY5d0WFfCf4kOZVtzHBu02gT6iVEMrzESKrZgwPuBCDGRP7xstiqxpL2tHOYS64206uYPtWtOcuuQQLDgaTaXH_wG3AMmfpQ
2020-07-28 20:07:07 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
foo
2020-07-28 20:07:07 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
foo
sub_token_endpoint
foo
2020-07-28 20:07:07 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
2020-07-28 20:07:07 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "urn:ietf:params:oauth:grant-type:device_code"
]
2020-07-28 20:07:07 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2020-07-28 20:07:07 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
2020-07-28 20:07:07 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
8KlJXKAOy0Q0TaRIrgKQt
sub
8KlJXKAOy0Q0TaRIrgKQt
aud
https://op.panva.cz/token
jti
4r3bprQu4qGXJn46vRPd
iat
1595966827
exp
1595966887
2020-07-28 20:07:07 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4S2xKWEtBT3kwUTBUYVJJcmdLUXQiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiOEtsSlhLQU95MFEwVGFSSXJnS1F0IiwiZXhwIjoxNTk1OTY2ODg3LCJpYXQiOjE1OTU5NjY4MjcsImp0aSI6IjRyM2JwclF1NHFHWEpuNDZ2UlBkIn0.Reinjan91QyFjQP6us971Wn3ca6d1ERHwZBOXkvuzNeBPocR7Bwh-zjuapaUdUPN6ATw0E-H9DL_leMZxOLMYC9clxMZAO2_pXpVLnL7bWcbfqOuZjba1K4S7ghhQhtfX2VnRPqxjI_mDV8HOsFBAUGUxZKm9OwLgiQP78u1Zlk0Ecq38nBV2Fj13NLJ0jne7-UqZ-JHkVviPBLvCRig_cgxmnnMQ_lJdk6V5GUM0Oo-Lqfr5HyK9rIHDE_vz8Pi4nkWN-Hl8PZkmq_13vIRWnSJwgzHllrr7O6JxrGpLpgHQO9aZu0TqV5VxxQhYq_-rNvbv61lFN6EcAtKZM6PPg
2020-07-28 20:07:07
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4S2xKWEtBT3kwUTBUYVJJcmdLUXQiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiOEtsSlhLQU95MFEwVGFSSXJnS1F0IiwiZXhwIjoxNTk1OTY2ODg3LCJpYXQiOjE1OTU5NjY4MjcsImp0aSI6IjRyM2JwclF1NHFHWEpuNDZ2UlBkIn0.Reinjan91QyFjQP6us971Wn3ca6d1ERHwZBOXkvuzNeBPocR7Bwh-zjuapaUdUPN6ATw0E-H9DL_leMZxOLMYC9clxMZAO2_pXpVLnL7bWcbfqOuZjba1K4S7ghhQhtfX2VnRPqxjI_mDV8HOsFBAUGUxZKm9OwLgiQP78u1Zlk0Ecq38nBV2Fj13NLJ0jne7-UqZ-JHkVviPBLvCRig_cgxmnnMQ_lJdk6V5GUM0Oo-Lqfr5HyK9rIHDE_vz8Pi4nkWN-Hl8PZkmq_13vIRWnSJwgzHllrr7O6JxrGpLpgHQO9aZu0TqV5VxxQhYq_-rNvbv61lFN6EcAtKZM6PPg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2020-07-28 20:07:07 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2020-07-28 20:07:08 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2020-07-28 20:07:08
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://op.panva.cz/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "766"
}
request_body
grant_type=refresh_token&refresh_token=ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI4S2xKWEtBT3kwUTBUYVJJcmdLUXQiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiOEtsSlhLQU95MFEwVGFSSXJnS1F0IiwiZXhwIjoxNTk1OTY2ODg3LCJpYXQiOjE1OTU5NjY4MjcsImp0aSI6IjRyM2JwclF1NHFHWEpuNDZ2UlBkIn0.Reinjan91QyFjQP6us971Wn3ca6d1ERHwZBOXkvuzNeBPocR7Bwh-zjuapaUdUPN6ATw0E-H9DL_leMZxOLMYC9clxMZAO2_pXpVLnL7bWcbfqOuZjba1K4S7ghhQhtfX2VnRPqxjI_mDV8HOsFBAUGUxZKm9OwLgiQP78u1Zlk0Ecq38nBV2Fj13NLJ0jne7-UqZ-JHkVviPBLvCRig_cgxmnnMQ_lJdk6V5GUM0Oo-Lqfr5HyK9rIHDE_vz8Pi4nkWN-Hl8PZkmq_13vIRWnSJwgzHllrr7O6JxrGpLpgHQO9aZu0TqV5VxxQhYq_-rNvbv61lFN6EcAtKZM6PPg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2020-07-28 20:07:08 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "875",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:08 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"access_token":"gt683yY6o6p5TeUgpfcxjBfg3iKLKgUoYV_-2GJiMtf","expires_in":3600,"id_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoiNU1HZU5HWVZlVXI4LVc1YTQwNzU1dyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyOCwiaWF0IjoxNTk1OTY2ODI4LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.Cfeixzsnvsdy74oVNxtY38kbunfmTDPsy9JS3AZDZjewLTHeTkGSLLAqEYH8vyLtIjoMCY8VPJf_0dzpITlpRNSFvaRZ9EAEG5yJuodrCGnzxyAbyyLy5MCorJw8T7KNY9BGewQYGHVBkDQ5ysXoYLj42XpDkcYsmgKHUe0-jx6M9Q8feLp4Eh2cl98G03RAOM6FboNRgaxU2vvwiO14kOF__SdBLGrFI4UAaAEI3hhA1gOUiitqV5BR__R94yM7ZnBozT52GIFRS2c2OSstii3MomWcosOKcZBIxr4sQcmnfP08MyJsZPaSaRvNhp-y-g1a5yErGPNpWHlKgZ7PcA","refresh_token":"ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly","scope":"openid offline_access","token_type":"Bearer"}
2020-07-28 20:07:08 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
gt683yY6o6p5TeUgpfcxjBfg3iKLKgUoYV_-2GJiMtf
expires_in
3600
id_token
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoiNU1HZU5HWVZlVXI4LVc1YTQwNzU1dyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyOCwiaWF0IjoxNTk1OTY2ODI4LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.Cfeixzsnvsdy74oVNxtY38kbunfmTDPsy9JS3AZDZjewLTHeTkGSLLAqEYH8vyLtIjoMCY8VPJf_0dzpITlpRNSFvaRZ9EAEG5yJuodrCGnzxyAbyyLy5MCorJw8T7KNY9BGewQYGHVBkDQ5ysXoYLj42XpDkcYsmgKHUe0-jx6M9Q8feLp4Eh2cl98G03RAOM6FboNRgaxU2vvwiO14kOF__SdBLGrFI4UAaAEI3hhA1gOUiitqV5BR__R94yM7ZnBozT52GIFRS2c2OSstii3MomWcosOKcZBIxr4sQcmnfP08MyJsZPaSaRvNhp-y-g1a5yErGPNpWHlKgZ7PcA
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
scope
openid offline_access
token_type
Bearer
2020-07-28 20:07:08 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2020-07-28 20:07:08 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2020-07-28 20:07:08 SUCCESS
CheckTokenEndpointCacheHeaders
Checked 'pragma' and 'cache-control' in the headers of token_endpoint_response.
2020-07-28 20:07:08 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2020-07-28 20:07:08 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
gt683yY6o6p5TeUgpfcxjBfg3iKLKgUoYV_-2GJiMtf
type
Bearer
2020-07-28 20:07:08 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2020-07-28 20:07:08 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
199.81960944786326
expected
96.0
2020-07-28 20:07:08 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2020-07-28 20:07:08 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3600
2020-07-28 20:07:08 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3600
2020-07-28 20:07:08 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
LA-QsFHIyHmTN78cSeNUYHZM83KjqVrUrJqLhKh2_9C
second_access_token
gt683yY6o6p5TeUgpfcxjBfg3iKLKgUoYV_-2GJiMtf
2020-07-28 20:07:08 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InIxTGtiQm8zOTI1UmIyWkZGckt5VTNNVmV4OVQyODE3S3gwdmJpNmlfS2MifQ.eyJzdWIiOiJmb28iLCJub25jZSI6InpUb2hNbnB4WFMiLCJhdF9oYXNoIjoiNU1HZU5HWVZlVXI4LVc1YTQwNzU1dyIsImF1ZCI6IjhLbEpYS0FPeTBRMFRhUklyZ0tRdCIsImV4cCI6MTU5NTk3MDQyOCwiaWF0IjoxNTk1OTY2ODI4LCJpc3MiOiJodHRwczovL29wLnBhbnZhLmN6In0.Cfeixzsnvsdy74oVNxtY38kbunfmTDPsy9JS3AZDZjewLTHeTkGSLLAqEYH8vyLtIjoMCY8VPJf_0dzpITlpRNSFvaRZ9EAEG5yJuodrCGnzxyAbyyLy5MCorJw8T7KNY9BGewQYGHVBkDQ5ysXoYLj42XpDkcYsmgKHUe0-jx6M9Q8feLp4Eh2cl98G03RAOM6FboNRgaxU2vvwiO14kOF__SdBLGrFI4UAaAEI3hhA1gOUiitqV5BR__R94yM7ZnBozT52GIFRS2c2OSstii3MomWcosOKcZBIxr4sQcmnfP08MyJsZPaSaRvNhp-y-g1a5yErGPNpWHlKgZ7PcA
header
{
  "kid": "r1LkbBo3925Rb2ZFFrKyU3MVex9T2817Kx0vbi6i_Kc",
  "typ": "JWT",
  "alg": "RS256"
}
claims
{
  "at_hash": "5MGeNGYVeUr8-W5a40755w",
  "sub": "foo",
  "aud": "8KlJXKAOy0Q0TaRIrgKQt",
  "iss": "https://op.panva.cz",
  "exp": 1595970428,
  "nonce": "zTohMnpxXS",
  "iat": 1595966828
}
2020-07-28 20:07:08 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
2020-07-28 20:07:08 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
344
required
128
2020-07-28 20:07:08 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
216.5744969500267
expected
96.0
2020-07-28 20:07:08 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://op.panva.cz",
  "second": "https://op.panva.cz",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "foo",
  "second": "foo",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1595966827,
  "second": 1595966828,
  "note": "Values are expected to be different"
}
aud
{
  "first": "8KlJXKAOy0Q0TaRIrgKQt",
  "second": "8KlJXKAOy0Q0TaRIrgKQt",
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Second client: Userinfo endpoint tests
2020-07-28 20:07:08
CallProtectedResourceWithBearerToken
HTTP request
request_uri
https://op.panva.cz/me
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer gt683yY6o6p5TeUgpfcxjBfg3iKLKgUoYV_-2GJiMtf",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
2020-07-28 20:07:09 RESPONSE
CallProtectedResourceWithBearerToken
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "13",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:09 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"sub":"foo"}
2020-07-28 20:07:09 SUCCESS
CallProtectedResourceWithBearerToken
Got a response from the resource endpoint
headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "13",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:09 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
status_code
{
  "code": 200
}
body
{"sub":"foo"}
Attempting to use refresh_token issued to client 2 with client 1
2020-07-28 20:07:09 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
2020-07-28 20:07:09 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid offline_access' to token endpoint request
grant_type
refresh_token
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
scope
openid offline_access
2020-07-28 20:07:09 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
1iwUYl7tvH3o-6kF4q5L2
sub
1iwUYl7tvH3o-6kF4q5L2
aud
https://op.panva.cz/token
jti
qzSBYvcCCPlvCPSu9O3E
iat
1595966829
exp
1595966889
2020-07-28 20:07:09 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODg5LCJpYXQiOjE1OTU5NjY4MjksImp0aSI6InF6U0JZdmNDQ1BsdkNQU3U5TzNFIn0.cXo098oaMEUCqmeAcFSK1yamFyoW0xlNumU3-G7eKBisjuXRLV07PG9im4yQE7BeNH6UfZY0xhLTcFT_C_gDtkRHuiHin2C_m40IVYz-Bxiy6lKlm7gYkKhfEva-h3HCEQI-BC9BaPwv-5MV6QMt6tPmd9qQCstvFQ--5nFnQ1SOZrZTorH1er4ITHgU7kEU-kG3fJ6S-JJyZ9ZyYkXI_43Efkqe3KErdHt5HRIkLXaMwV9IyMTqRq5j1kep2IHTxq6A53vXCmm07IJj93Myc-iuxtNLTlxuCdo29poJrDcYWCqmIwG54SMDlsOaXt2AhvJBzRKL-PQR90lPFNuwCg
2020-07-28 20:07:09
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly
scope
openid offline_access
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODg5LCJpYXQiOjE1OTU5NjY4MjksImp0aSI6InF6U0JZdmNDQ1BsdkNQU3U5TzNFIn0.cXo098oaMEUCqmeAcFSK1yamFyoW0xlNumU3-G7eKBisjuXRLV07PG9im4yQE7BeNH6UfZY0xhLTcFT_C_gDtkRHuiHin2C_m40IVYz-Bxiy6lKlm7gYkKhfEva-h3HCEQI-BC9BaPwv-5MV6QMt6tPmd9qQCstvFQ--5nFnQ1SOZrZTorH1er4ITHgU7kEU-kG3fJ6S-JJyZ9ZyYkXI_43Efkqe3KErdHt5HRIkLXaMwV9IyMTqRq5j1kep2IHTxq6A53vXCmm07IJj93Myc-iuxtNLTlxuCdo29poJrDcYWCqmIwG54SMDlsOaXt2AhvJBzRKL-PQR90lPFNuwCg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2020-07-28 20:07:09
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://op.panva.cz/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "794"
}
request_body
grant_type=refresh_token&refresh_token=ibm-4dZbMc9RlJr8WBmoCG6Q4D43djh_qWzqNIjg7Ly&scope=openid+offline_access&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxaXdVWWw3dHZIM28tNmtGNHE1TDIiLCJhdWQiOiJodHRwczpcL1wvb3AucGFudmEuY3pcL3Rva2VuIiwiaXNzIjoiMWl3VVlsN3R2SDNvLTZrRjRxNUwyIiwiZXhwIjoxNTk1OTY2ODg5LCJpYXQiOjE1OTU5NjY4MjksImp0aSI6InF6U0JZdmNDQ1BsdkNQU3U5TzNFIn0.cXo098oaMEUCqmeAcFSK1yamFyoW0xlNumU3-G7eKBisjuXRLV07PG9im4yQE7BeNH6UfZY0xhLTcFT_C_gDtkRHuiHin2C_m40IVYz-Bxiy6lKlm7gYkKhfEva-h3HCEQI-BC9BaPwv-5MV6QMt6tPmd9qQCstvFQ--5nFnQ1SOZrZTorH1er4ITHgU7kEU-kG3fJ6S-JJyZ9ZyYkXI_43Efkqe3KErdHt5HRIkLXaMwV9IyMTqRq5j1kep2IHTxq6A53vXCmm07IJj93Myc-iuxtNLTlxuCdo29poJrDcYWCqmIwG54SMDlsOaXt2AhvJBzRKL-PQR90lPFNuwCg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2020-07-28 20:07:10 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "cache-control": "no-cache, no-store",
  "content-length": "72",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Tue, 28 Jul 2020 20:07:09 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "vary": "Origin",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body
{"error":"invalid_grant","error_description":"grant request is invalid"}
2020-07-28 20:07:10 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
grant request is invalid
2020-07-28 20:07:10 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2020-07-28 20:07:10 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2020-07-28 20:07:10 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2020-07-28 20:07:10 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
error
invalid_grant
2020-07-28 20:07:10 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2020-07-28 20:07:10
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://op.panva.cz/reg/1iwUYl7tvH3o-6kF4q5L2
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "authorization": "Bearer kyD2KPOb8x0cXchgCbyBh9XbM7jqdRe9Qm7z0dT8wrL",
  "content-length": "0"
}
request_body

                                
2020-07-28 20:07:10 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "cache-control": "no-cache, no-store",
  "date": "Tue, 28 Jul 2020 20:07:10 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body

                                
2020-07-28 20:07:10 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Second client: Unregister dynamically registered client
2020-07-28 20:07:10
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://op.panva.cz/reg/8KlJXKAOy0Q0TaRIrgKQt
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "authorization": "Bearer ZX6URrvFlXYgSkoPoBiJnx0CB0vKbeYg5o8rJjh9OJd",
  "content-length": "0"
}
request_body

                                
2020-07-28 20:07:11 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "cache-control": "no-cache, no-store",
  "date": "Tue, 28 Jul 2020 20:07:11 GMT",
  "pragma": "no-cache",
  "server": [
    "Caddy",
    "Cowboy"
  ],
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "via": "1.1 vegur",
  "x-content-type-options": "nosniff",
  "x-dns-prefetch-control": "off",
  "x-download-options": "noopen",
  "x-frame-options": "SAMEORIGIN",
  "x-xss-protection": "1; mode\u003dblock"
}
response_body

                                
2020-07-28 20:07:11 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Test Results