Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-08-10 19:12:02 INFO
TEST-RUNNER
Test instance HklvwA4pIdl9dIb created
baseUrl
https://www.certification.openid.net/test/a/morph_oidc_client_basic
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "dynamic_client"
}
alias
morph_oidc_client_basic
description
Testing morph oidc basic client
planId
8XtXosP8NfqAM
config
{
  "alias": "morph_oidc_client_basic",
  "description": "Testing morph oidc basic client",
  "publish": "everything"
}
testName
oidcc-client-test
2020-08-10 19:12:03 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-08-10 19:12:03
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-08-10 19:12:03
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "_d8h2e9B-x_19tIfjaiF9IGJTVW6fK3G4uSH7GYwmnt1x3bobhR48_aDyPby8w6wyhl-k_f6wMfIVu2Xuw7Siil4_SurUmCnTmoM0X0tTC3uZh3vSesaM2FlJdhPrpBbiBT9z4VJbbsjMhNxJ8jXsR7WadoZPRw-Eq8QYPZLdAs",
      "kty": "RSA",
      "q": "w2Msn7UTgDA_8VlPCZwnCMkAqB6DMW7GtXjoMEdb01ke1imxRVv-I1egoiko4PnkHlFv_6mEDqkR7i2eWK6Gnd7hSAt2Ak7jRBAUVYi7KY8lXB7jxNL3lsji9ODV2hY6PMo2Og9q9SMDm4uk3eoRsxQB_45_jvZCpLzPsRAEG98",
      "d": "bya2vs-WVMdn_4Xl-f4AVo6Hkt_Mz78ovOpW51F3mkse9Ap7hnMhywDhkSqPmQZZwtEU2vEIPAKgVEzwUXMZlUg5XLEPu_T19I6_PAJ6YeaaQELOr8DRn6xoaw0kHzcMnFCtcqb10w9Z0VwPvgYbIFotDutPAXQjEHEvfp5oWFmSv7VS63ZJv0bW4Ab9yuZoYyiEf62MksCWyDlx-fz_tUmNE60pnNfWvxLU6JJTAGiuleF-9BSt7KHBcee4a5UcelhvI6oApPJxLw8yuvPrubxNbjHYpltk8TKuuR2xbkYaBqIMao8dxU0dRE63IOz44uv1-X_HB0436nNwx4-FJQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "34fe6f04-4c74-4c65-ac06-e89c455a06aa",
      "qi": "ZwPL-RdgYZ6JKHPGD79eQeF4A1KStXbNUq_KDRWgRsEDEfvrJs-xi1TuTLmsgMyYDet3Prts-eYMxMvDhcJvoJk0ydbEt6ZjhosmlzwoB_0z8AxCPyOEr2yFTirKdA375-LmO1jcd_WoP1743N3-HFk48z8rpH_323Ur1mX2L_c",
      "dp": "9SvW6jwokVglVq9IL6sParjqm1fuWFgOmbIwHjn2OEqAzRflkeGNibWJQbxTli2ayCJk3ot-i0ylCmY7wTeoViuFH6JbupuDF7RNGsbzxv0YnV_NZqp4zCQD5c-H7EKXUs1K7G2BI0q1y7eA8PYCb5gjY2hwNVcgDzUn8SwKZE8",
      "dq": "bb-rNRo1FfAEOsD7kF5R3rFo2QYqkv2ySATeByBOB-0rUQiiNl9x5NA3vl54Q8aZyB3eVzEUqFd3Zt3g79c4bjzfNeSaKLm_FmAhy9m9p55sUc5YChqmT-AO-5W_CX0qwTKkOwCmB4PfZuONe8kaoAhBBxc3t0nELVyRHNfuNuk",
      "n": "wcNQU9OAXeZqXpGHBe5MOni33SGroNTWoiA8CwilvVO-buht_fYutqkN8G8-a0nvaBZxDNJE558QPyw7Ox9IXcOsRxRer1_bBYb30DyevmJlqCbxVFvF58kyzSatvOT1aDMcIAjGFgeXd3hrHNm37qiR5HOcGPGg_D_tJnO9SVm7thSq4R29wbNGrvY2en3udtAl3s8CJgorlxFMkI-J8suxWVWtRSBX1KcQVNeoAkKoKvp8N5mA1cXV3YhdQ1IBxE421aQIaAJL1THF1VPJqYxHnDZu4tA7DkIjiIKBqEAKX7DOg2mPTVQATMtKuTYJcuTIpDKvzpSfNi96ASM-lQ"
    },
    {
      "kty": "EC",
      "d": "tLRvifSyaGr0RwfwNHoXqLiXXpJv4TTcil6zmwjmCoA",
      "use": "sig",
      "crv": "P-256",
      "kid": "0394a452-cce4-48dd-96f2-271adb9bf6e5",
      "x": "Zfa1jTzMyQxjlLBuPTCqf17ufi7Y9ufwL2TEzf0Kn5U",
      "y": "dewSSOcu_DE0BO5osz6E16QpyPlidHTAnhOGLSJBl5U"
    },
    {
      "kty": "EC",
      "d": "QV0pjrsxycBCGA4fw6SxqujCSQhsEsUie0ocMmoP5Ro",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "bae62e7c-34e7-4624-b0eb-0ed470725046",
      "x": "c6UkvRKsPVzLCJ-yV0szzxTn-IMvGFAGjVUYho4b5jk",
      "y": "ep_dFMj-0fdzTKvZg6vA_JAfwLMtVGhAeaR6smt9az0"
    },
    {
      "kty": "OKP",
      "d": "BVbCkFtNjGH2RILk2Gb9ftdqJ0wRKNE6y1ZEWXvB39E",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "e10173d4-bd64-4858-a5f1-e9c5041dfc2d",
      "x": "d2u4zC3NI1R_fUeIsuodVed73MfIj0q1PjsaOuuuXrU"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "z1YrwrHlI6tMObFX5Baa9xkZa-1jzkIq9s6DWO7CSQJMvZNgg0lzjCCQK5iFkNDYjLHwIRrvSEMmfOXLSms4MbulmUstKDsNpKPPH309ksRWkGz_OdQIDH-NkYsXE4CORwsuCH7-gmdrOf0ypxeW3ptdsw1AD4j6O8v7MY3_2qk",
      "kty": "RSA",
      "q": "vqsPYiwddFjsP0UW_zFwTe3r0W4CKX-KALZ4Nk8x3dufDv8Vmsopf6alWwGusTaK45-mZRzc8DyRsJ5WzQ4yKBIZgwXs_47bK7HWfXz72oYyYQ89YQ_HooxXpN062sMaScdW5e1ubYpJ6W4UqYsVmA35ogfRBS-YqqRD1OuQBmc",
      "d": "Psflfcaps1Sp6ezqRtK3VZrEZnCv7X6_XYYZw_x3kxghJobMrvw36cBNElskQX7urQFVdyXA91fCR2Ek8PFP9ncteM1GdNJ2BmMnA_zRGraB_Qz-9Xn7vjSO5w_ph_d0FyWee4lBc9B90RgTe6dFJx_YbktXIInBxzIs3PyBYBlr3JYCU19l-PBPErxrWpcwfQFhZQ6vH9bAmHxvhQtreU0iZsWSdzxSypQthusA_44MmbLTWzejLlaOJztKTIz8YhHgypUqrgUmE4J4DomnSSLNRYEicqHQmz4VZyri0tM3ROqKLITLjyooVyqQ3Vhj_koT3M3SsTV5lnPxAqWqwQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "1012d38f-b5d1-49fe-bb68-d63d0726a7cb",
      "qi": "DL005LaLbyxKscRvChoclJ3gl9sIaj9WRuBJtvA5clkfKMgyembTaT9GWVDMOKckR8kozGBINNKk7VLi6xcnBo6EJE1OVppHhnXwZdAsXsC3ZcPXNLcJ0U6FzBPmsgjsMoMOUswnNcEz0V57xwdHNsmYxPz_uLV9IdFPbmNCR1Q",
      "dp": "tAwBflXbRMlJLURqrYBP28opAEcqh3-ALckR2JWlk57yoyGrCvcq5wGUELenLSWfFzah7y2jot3lO0qV6a8IIm_wExlsQmZdp540jATHBn-HKG3uiPoubyQI_N2LEX1ukBUOSYR2YSmLvNS6Os3KTs8eZBFakuMBYhH1tYe5Kdk",
      "alg": "RSA-OAEP",
      "dq": "jYSj52b8-bVirFdYiVMlmwHjzU9MlYaPZJYKxaykQ5pWBah5Xal9gbyr8M9f3TKxhd-iflwc9MbQD_qGTK6jtbAxdVl5nflnXZgiroOM35ZJYFcSZK90qoZmKvz1SRgUs_wb2I8RLoa882B8P5b3ESQWTBhnIOVB-C3yFuA8xzM",
      "n": "mmx_f0pct__5OOhT0bK7jfO4ht7kz4YPuLizWM0IuFH6rvHtEeE-R6P7GyyHtj1qw-4JiTJ2k0fsUG8cpwL3z8wTrWVqq7nZa_f7JjNRby6WTlDmnqi7Kz1ZZAdigHORTOuRyUT1LBnXqTLj8Qmngzf9-88DEs1UXm250FtM3wTvuE3F_YDH-9NlC5rMSgdNXoLcVoSjiVgeIxDtm8H2t7mQk-vs7dKQUmb9WcH1V4LqpcAA1nn_cgQCmqFRi2UiB2D6Ypub2Pkv4m5XxRaf216JaZ65Ilf_Q_6VlCyrj8ZVLRWBnJJfF0-r3iSv_G0P_sIoTCgslBB8jkbcQyDv_w"
    },
    {
      "kty": "EC",
      "d": "9D2Hyf1Ik9hrKouoac8ZCBLtLYNhON9wyqI72nWILf8",
      "use": "enc",
      "crv": "P-256",
      "kid": "4c4f9102-c5bb-4fd8-a75c-67a6e7a73127",
      "x": "AD8Q5ughLhhidSsaI42byPOsRgdnvdNdBi21cpWv5fw",
      "y": "kNJTobANkUsBCsXDRyrh1T1yr5zZQh3vqHR88VTAziI",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "34fe6f04-4c74-4c65-ac06-e89c455a06aa",
      "n": "wcNQU9OAXeZqXpGHBe5MOni33SGroNTWoiA8CwilvVO-buht_fYutqkN8G8-a0nvaBZxDNJE558QPyw7Ox9IXcOsRxRer1_bBYb30DyevmJlqCbxVFvF58kyzSatvOT1aDMcIAjGFgeXd3hrHNm37qiR5HOcGPGg_D_tJnO9SVm7thSq4R29wbNGrvY2en3udtAl3s8CJgorlxFMkI-J8suxWVWtRSBX1KcQVNeoAkKoKvp8N5mA1cXV3YhdQ1IBxE421aQIaAJL1THF1VPJqYxHnDZu4tA7DkIjiIKBqEAKX7DOg2mPTVQATMtKuTYJcuTIpDKvzpSfNi96ASM-lQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "2cc31793-0f90-49ca-bf49-d0fbd83ecd24",
      "n": "kY1ZLcJjXi9SiqusNy2J1Fv7ID_v0KqhbnOZq9FrQMIbTbGZgLvaVukKLHw9rTMps9YLZ14lkGhwBmZCPhqNV_uD_5yXIKO8YRzqS2TRczdsWp5vniJdheHaNNuBTUEnvP9bejVyMh4JyNJGAZgocJsPZ5P_wCxk8YX7KMxBeA_cii1wwy9vVJr-g9ElGBVwA-eFqzkskqoa_DTPxw0rbkd0SRaH683U4LTa1iFbsrUfTbOZ_ettonXcIdehAeMRpGVD378p685Eso45g1syECr8LD4TzW4Dwj4If4-yWd00VxWDnARmEK7kuhtQvljgWcOP3ZZUXOQ2QRKJPINfMw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "0394a452-cce4-48dd-96f2-271adb9bf6e5",
      "x": "Zfa1jTzMyQxjlLBuPTCqf17ufi7Y9ufwL2TEzf0Kn5U",
      "y": "dewSSOcu_DE0BO5osz6E16QpyPlidHTAnhOGLSJBl5U"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "1b930d85-10ab-4512-8309-c91feb33e75d",
      "x": "jaL6PcBz9aVGPBdjxLhooY8h1cSgGtwjTsw0yjcIQjs",
      "y": "9WNrtnc3zerUHhbaMDDNYMrY8eGxkLWrQ3MrzCmQaRw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "bae62e7c-34e7-4624-b0eb-0ed470725046",
      "x": "c6UkvRKsPVzLCJ-yV0szzxTn-IMvGFAGjVUYho4b5jk",
      "y": "ep_dFMj-0fdzTKvZg6vA_JAfwLMtVGhAeaR6smt9az0"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "e10173d4-bd64-4858-a5f1-e9c5041dfc2d",
      "x": "d2u4zC3NI1R_fUeIsuodVed73MfIj0q1PjsaOuuuXrU"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "1012d38f-b5d1-49fe-bb68-d63d0726a7cb",
      "alg": "RSA-OAEP",
      "n": "mmx_f0pct__5OOhT0bK7jfO4ht7kz4YPuLizWM0IuFH6rvHtEeE-R6P7GyyHtj1qw-4JiTJ2k0fsUG8cpwL3z8wTrWVqq7nZa_f7JjNRby6WTlDmnqi7Kz1ZZAdigHORTOuRyUT1LBnXqTLj8Qmngzf9-88DEs1UXm250FtM3wTvuE3F_YDH-9NlC5rMSgdNXoLcVoSjiVgeIxDtm8H2t7mQk-vs7dKQUmb9WcH1V4LqpcAA1nn_cgQCmqFRi2UiB2D6Ypub2Pkv4m5XxRaf216JaZ65Ilf_Q_6VlCyrj8ZVLRWBnJJfF0-r3iSv_G0P_sIoTCgslBB8jkbcQyDv_w"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "4c4f9102-c5bb-4fd8-a75c-67a6e7a73127",
      "x": "AD8Q5ughLhhidSsaI42byPOsRgdnvdNdBi21cpWv5fw",
      "y": "kNJTobANkUsBCsXDRyrh1T1yr5zZQh3vqHR88VTAziI",
      "alg": "ECDH-ES"
    }
  ]
}
2020-08-10 19:12:03 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-08-10 19:12:03 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-08-10 19:12:03 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-08-10 19:12:03 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-08-10 19:12:03
oidcc-client-test
Setup Done
2020-08-10 19:12:08 INCOMING
oidcc-client-test
Incoming HTTP request to test instance HklvwA4pIdl9dIb
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-08-10 19:12:08 OUTGOING
oidcc-client-test
Response to HTTP request to test instance HklvwA4pIdl9dIb
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-08-10 19:12:08 INCOMING
oidcc-client-test
Incoming HTTP request to test instance HklvwA4pIdl9dIb
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "339",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
{"redirect_uris":["https://morph-oidc-client.strid.ninja/auth/cb","https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"],"response_types":["code"],"grant_types":["authorization_code"],"contacts":["ulrik.strid@outlook.com"],"client_name":"basic_morph_oidc_client","token_endpoint_auth_method":"client_secret_basic"}
Registration endpoint
2020-08-10 19:12:08 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic"
}
2020-08-10 19:12:08 SUCCESS
EnsureRegistrationRequestContainsAtLeastOneContact
Registration request contains valid contacts
contacts
[
  "ulrik.strid@outlook.com"
]
2020-08-10 19:12:08 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-08-10 19:12:08 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://morph-oidc-client.strid.ninja/auth/cb",
  "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
]
2020-08-10 19:12:08 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-08-10 19:12:08 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-08-10 19:12:08 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-08-10 19:12:08 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-08-10 19:12:08 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-08-10 19:12:08 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-08-10 19:12:08 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-08-10 19:12:08 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-08-10 19:12:08 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-08-10 19:12:08 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-08-10 19:12:08 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-08-10 19:12:08 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-08-10 19:12:08 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-08-10 19:12:08 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-08-10 19:12:08 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-08-10 19:12:08 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-08-10 19:12:08 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-08-10 19:12:08 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-08-10 19:12:08 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_OrNUSpXtxdngjCC82558~\",\u003d!"
}
2020-08-10 19:12:08
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_FxQuOiChMRffSncebeYvAACXuAqwnGPnCAnYImHzWprxEySfOA0625710816$<{`>
2020-08-10 19:12:08 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-08-10 19:12:08 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_OrNUSpXtxdngjCC82558~\",\u003d!",
  "client_secret": "secret_FxQuOiChMRffSncebeYvAACXuAqwnGPnCAnYImHzWprxEySfOA0625710816$\u003c{`\u003e"
}
2020-08-10 19:12:08 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-08-10 19:12:08 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-08-10 19:12:08
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-08-10 19:12:08 OUTGOING
oidcc-client-test
Response to HTTP request to test instance HklvwA4pIdl9dIb
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_OrNUSpXtxdngjCC82558~\",\u003d!",
  "client_secret": "secret_FxQuOiChMRffSncebeYvAACXuAqwnGPnCAnYImHzWprxEySfOA0625710816$\u003c{`\u003e",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-08-10 19:12:08 INCOMING
oidcc-client-test
Incoming HTTP request to test instance HklvwA4pIdl9dIb
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,*/*;q\u003d0.8",
  "accept-language": "en-US,en;q\u003d0.5",
  "accept-encoding": "gzip, deflate, br",
  "referer": "https://morph-oidc-client.strid.ninja/",
  "dnt": "1",
  "cookie": "expected_tab\u003dmicrosoftonline; welcome_info_name\u003dUlrik%20Strid; JSESSIONID\u003dCB87DB255579AE321C16855066F1AF5F",
  "upgrade-insecure-requests": "1",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "response_type": "code",
  "client_id": "client_OrNUSpXtxdngjCC82558~\",\u003d!",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "scope": "openid profile email",
  "state": "9ebce4f1-a201-4717-a918-54c14055d098",
  "nonce": "f2ae3f61-00ef-4241-87b9-8a3c76997a4d"
}
incoming_body
Authorization endpoint
2020-08-10 19:12:08 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-08-10 19:12:08 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile",
  "email"
]
expected
openid
2020-08-10 19:12:08 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "response_type": "code",
  "client_id": "client_OrNUSpXtxdngjCC82558~\",\u003d!",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "scope": "openid profile email",
  "state": "9ebce4f1-a201-4717-a918-54c14055d098",
  "nonce": "f2ae3f61-00ef-4241-87b9-8a3c76997a4d"
}
2020-08-10 19:12:08 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile email
2020-08-10 19:12:08 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
f2ae3f61-00ef-4241-87b9-8a3c76997a4d
2020-08-10 19:12:08 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-08-10 19:12:08 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_OrNUSpXtxdngjCC82558~",=!
2020-08-10 19:12:08 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://morph-oidc-client.strid.ninja/auth/cb
expected
[
  "https://morph-oidc-client.strid.ninja/auth/cb",
  "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
]
2020-08-10 19:12:08 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile",
  "email"
]
expected
openid
2020-08-10 19:12:08 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-08-10 19:12:08 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
YrdcKEgMZC
2020-08-10 19:12:08 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
v302h3eFyoAUG8C244tCdQ
2020-08-10 19:12:08 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "state": "9ebce4f1-a201-4717-a918-54c14055d098"
}
2020-08-10 19:12:08 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "state": "9ebce4f1-a201-4717-a918-54c14055d098",
  "code": "YrdcKEgMZC"
}
2020-08-10 19:12:08
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://morph-oidc-client.strid.ninja/auth/cb?state=9ebce4f1-a201-4717-a918-54c14055d098&code=YrdcKEgMZC
2020-08-10 19:12:08 OUTGOING
oidcc-client-test
Response to HTTP request to test instance HklvwA4pIdl9dIb
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://morph-oidc-client.strid.ninja/auth/cb?state=9ebce4f1-a201-4717-a918-54c14055d098&code=YrdcKEgMZC]
outgoing_path
authorize
2020-08-10 19:12:09 INCOMING
oidcc-client-test
Incoming HTTP request to test instance HklvwA4pIdl9dIb
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-08-10 19:12:09 OUTGOING
oidcc-client-test
Response to HTTP request to test instance HklvwA4pIdl9dIb
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "34fe6f04-4c74-4c65-ac06-e89c455a06aa",
      "n": "wcNQU9OAXeZqXpGHBe5MOni33SGroNTWoiA8CwilvVO-buht_fYutqkN8G8-a0nvaBZxDNJE558QPyw7Ox9IXcOsRxRer1_bBYb30DyevmJlqCbxVFvF58kyzSatvOT1aDMcIAjGFgeXd3hrHNm37qiR5HOcGPGg_D_tJnO9SVm7thSq4R29wbNGrvY2en3udtAl3s8CJgorlxFMkI-J8suxWVWtRSBX1KcQVNeoAkKoKvp8N5mA1cXV3YhdQ1IBxE421aQIaAJL1THF1VPJqYxHnDZu4tA7DkIjiIKBqEAKX7DOg2mPTVQATMtKuTYJcuTIpDKvzpSfNi96ASM-lQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "2cc31793-0f90-49ca-bf49-d0fbd83ecd24",
      "n": "kY1ZLcJjXi9SiqusNy2J1Fv7ID_v0KqhbnOZq9FrQMIbTbGZgLvaVukKLHw9rTMps9YLZ14lkGhwBmZCPhqNV_uD_5yXIKO8YRzqS2TRczdsWp5vniJdheHaNNuBTUEnvP9bejVyMh4JyNJGAZgocJsPZ5P_wCxk8YX7KMxBeA_cii1wwy9vVJr-g9ElGBVwA-eFqzkskqoa_DTPxw0rbkd0SRaH683U4LTa1iFbsrUfTbOZ_ettonXcIdehAeMRpGVD378p685Eso45g1syECr8LD4TzW4Dwj4If4-yWd00VxWDnARmEK7kuhtQvljgWcOP3ZZUXOQ2QRKJPINfMw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "0394a452-cce4-48dd-96f2-271adb9bf6e5",
      "x": "Zfa1jTzMyQxjlLBuPTCqf17ufi7Y9ufwL2TEzf0Kn5U",
      "y": "dewSSOcu_DE0BO5osz6E16QpyPlidHTAnhOGLSJBl5U"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "1b930d85-10ab-4512-8309-c91feb33e75d",
      "x": "jaL6PcBz9aVGPBdjxLhooY8h1cSgGtwjTsw0yjcIQjs",
      "y": "9WNrtnc3zerUHhbaMDDNYMrY8eGxkLWrQ3MrzCmQaRw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "bae62e7c-34e7-4624-b0eb-0ed470725046",
      "x": "c6UkvRKsPVzLCJ-yV0szzxTn-IMvGFAGjVUYho4b5jk",
      "y": "ep_dFMj-0fdzTKvZg6vA_JAfwLMtVGhAeaR6smt9az0"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "e10173d4-bd64-4858-a5f1-e9c5041dfc2d",
      "x": "d2u4zC3NI1R_fUeIsuodVed73MfIj0q1PjsaOuuuXrU"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "1012d38f-b5d1-49fe-bb68-d63d0726a7cb",
      "alg": "RSA-OAEP",
      "n": "mmx_f0pct__5OOhT0bK7jfO4ht7kz4YPuLizWM0IuFH6rvHtEeE-R6P7GyyHtj1qw-4JiTJ2k0fsUG8cpwL3z8wTrWVqq7nZa_f7JjNRby6WTlDmnqi7Kz1ZZAdigHORTOuRyUT1LBnXqTLj8Qmngzf9-88DEs1UXm250FtM3wTvuE3F_YDH-9NlC5rMSgdNXoLcVoSjiVgeIxDtm8H2t7mQk-vs7dKQUmb9WcH1V4LqpcAA1nn_cgQCmqFRi2UiB2D6Ypub2Pkv4m5XxRaf216JaZ65Ilf_Q_6VlCyrj8ZVLRWBnJJfF0-r3iSv_G0P_sIoTCgslBB8jkbcQyDv_w"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "4c4f9102-c5bb-4fd8-a75c-67a6e7a73127",
      "x": "AD8Q5ughLhhidSsaI42byPOsRgdnvdNdBi21cpWv5fw",
      "y": "kNJTobANkUsBCsXDRyrh1T1yr5zZQh3vqHR88VTAziI",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-08-10 19:12:09 INCOMING
oidcc-client-test
Incoming HTTP request to test instance HklvwA4pIdl9dIb
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Basic Y2xpZW50X09yTlVTcFh0eGRuZ2pDQzgyNTU4fiUyMiUyQyUzRCUyMTpzZWNyZXRfRnhRdU9pQ2hNUmZmU25jZWJlWXZBQUNYdUFxd25HUG5DQW5ZSW1IeldwcnhFeVNmT0EwNjI1NzEwODE2JTI0JTNDJTdCJTYwJTNF",
  "content-type": "application/x-www-form-urlencoded",
  "accept": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "259",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "scope": "openid",
  "code": "YrdcKEgMZC",
  "client_id": "client_OrNUSpXtxdngjCC82558~\",\u003d!",
  "client_secret": "secret_FxQuOiChMRffSncebeYvAACXuAqwnGPnCAnYImHzWprxEySfOA0625710816$\u003c{`\u003e",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&scope=openid&code=YrdcKEgMZC&client_id=client_OrNUSpXtxdngjCC82558%7E%22%2C%3D%21&client_secret=secret_FxQuOiChMRffSncebeYvAACXuAqwnGPnCAnYImHzWprxEySfOA0625710816%24%3C%7B%60%3E&redirect_uri=https%3A%2F%2Fmorph-oidc-client.strid.ninja%2Fauth%2Fcb
Token endpoint
2020-08-10 19:12:09 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_OrNUSpXtxdngjCC82558~",=!
client_secret
secret_FxQuOiChMRffSncebeYvAACXuAqwnGPnCAnYImHzWprxEySfOA0625710816$<{`>
method
client_secret_basic
2020-08-10 19:12:09 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-08-10 19:12:09 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
YrdcKEgMZC
2020-08-10 19:12:09 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://morph-oidc-client.strid.ninja/auth/cb
2020-08-10 19:12:09 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
3I5jbRR9FWwCs8pk8q6JiklYrSbqvUW1hKWKmYjKHSuCWF42Bo
2020-08-10 19:12:09 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
RH_svOt8O0ZmQ2VgEBSFGA
2020-08-10 19:12:09 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/morph_oidc_client_basic/
sub
user-subject-1234531
aud
client_OrNUSpXtxdngjCC82558~",=!
nonce
f2ae3f61-00ef-4241-87b9-8a3c76997a4d
iat
1597086729
exp
1597087029
2020-08-10 19:12:09 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
RH_svOt8O0ZmQ2VgEBSFGA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "sub": "user-subject-1234531",
  "aud": "client_OrNUSpXtxdngjCC82558~\",\u003d!",
  "nonce": "f2ae3f61-00ef-4241-87b9-8a3c76997a4d",
  "iat": 1597086729,
  "exp": 1597087029,
  "at_hash": "RH_svOt8O0ZmQ2VgEBSFGA"
}
2020-08-10 19:12:09 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIzNGZlNmYwNC00Yzc0LTRjNjUtYWMwNi1lODljNDU1YTA2YWEiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiUkhfc3ZPdDhPMFptUTJWZ0VCU0ZHQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X09yTlVTcFh0eGRuZ2pDQzgyNTU4flwiLD0hIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL21vcnBoX29pZGNfY2xpZW50X2Jhc2ljXC8iLCJleHAiOjE1OTcwODcwMjksIm5vbmNlIjoiZjJhZTNmNjEtMDBlZi00MjQxLTg3YjktOGEzYzc2OTk3YTRkIiwiaWF0IjoxNTk3MDg2NzI5fQ.kp3CwiH-kwjd9SzroD79LkI_ayZEiuJmZhOr90p1GRXwFhyL6w2QG9hfCXEaomJHizmQHu2oN96xrPU-FSnAjetQP1Bl8uaqAgRQvRbeH9FuWfpa3WSzdPCTI9rK6kqv07FJZwKQOVABJ6eKZsQ9pRLtuJJJe6Agl0M1FMMBVNMjULSzr42hOo2wBerWDreRjsp44VaLcpqnOzbLVL8rrzuBWNLMdmn2TC4qb8yKCX3ALf8Pp2UZxf3xCGFqG_4kNhNBCxM5W4JHgWCYJ5IpmrswMN7_tne1_bLSSaMxweHZ1jyfVDozVBsJrNPmjb-UF-5TsywhcdGd6B0SQBLYiw
key
{"p":"_d8h2e9B-x_19tIfjaiF9IGJTVW6fK3G4uSH7GYwmnt1x3bobhR48_aDyPby8w6wyhl-k_f6wMfIVu2Xuw7Siil4_SurUmCnTmoM0X0tTC3uZh3vSesaM2FlJdhPrpBbiBT9z4VJbbsjMhNxJ8jXsR7WadoZPRw-Eq8QYPZLdAs","kty":"RSA","q":"w2Msn7UTgDA_8VlPCZwnCMkAqB6DMW7GtXjoMEdb01ke1imxRVv-I1egoiko4PnkHlFv_6mEDqkR7i2eWK6Gnd7hSAt2Ak7jRBAUVYi7KY8lXB7jxNL3lsji9ODV2hY6PMo2Og9q9SMDm4uk3eoRsxQB_45_jvZCpLzPsRAEG98","d":"bya2vs-WVMdn_4Xl-f4AVo6Hkt_Mz78ovOpW51F3mkse9Ap7hnMhywDhkSqPmQZZwtEU2vEIPAKgVEzwUXMZlUg5XLEPu_T19I6_PAJ6YeaaQELOr8DRn6xoaw0kHzcMnFCtcqb10w9Z0VwPvgYbIFotDutPAXQjEHEvfp5oWFmSv7VS63ZJv0bW4Ab9yuZoYyiEf62MksCWyDlx-fz_tUmNE60pnNfWvxLU6JJTAGiuleF-9BSt7KHBcee4a5UcelhvI6oApPJxLw8yuvPrubxNbjHYpltk8TKuuR2xbkYaBqIMao8dxU0dRE63IOz44uv1-X_HB0436nNwx4-FJQ","e":"AQAB","use":"sig","kid":"34fe6f04-4c74-4c65-ac06-e89c455a06aa","qi":"ZwPL-RdgYZ6JKHPGD79eQeF4A1KStXbNUq_KDRWgRsEDEfvrJs-xi1TuTLmsgMyYDet3Prts-eYMxMvDhcJvoJk0ydbEt6ZjhosmlzwoB_0z8AxCPyOEr2yFTirKdA375-LmO1jcd_WoP1743N3-HFk48z8rpH_323Ur1mX2L_c","dp":"9SvW6jwokVglVq9IL6sParjqm1fuWFgOmbIwHjn2OEqAzRflkeGNibWJQbxTli2ayCJk3ot-i0ylCmY7wTeoViuFH6JbupuDF7RNGsbzxv0YnV_NZqp4zCQD5c-H7EKXUs1K7G2BI0q1y7eA8PYCb5gjY2hwNVcgDzUn8SwKZE8","dq":"bb-rNRo1FfAEOsD7kF5R3rFo2QYqkv2ySATeByBOB-0rUQiiNl9x5NA3vl54Q8aZyB3eVzEUqFd3Zt3g79c4bjzfNeSaKLm_FmAhy9m9p55sUc5YChqmT-AO-5W_CX0qwTKkOwCmB4PfZuONe8kaoAhBBxc3t0nELVyRHNfuNuk","n":"wcNQU9OAXeZqXpGHBe5MOni33SGroNTWoiA8CwilvVO-buht_fYutqkN8G8-a0nvaBZxDNJE558QPyw7Ox9IXcOsRxRer1_bBYb30DyevmJlqCbxVFvF58kyzSatvOT1aDMcIAjGFgeXd3hrHNm37qiR5HOcGPGg_D_tJnO9SVm7thSq4R29wbNGrvY2en3udtAl3s8CJgorlxFMkI-J8suxWVWtRSBX1KcQVNeoAkKoKvp8N5mA1cXV3YhdQ1IBxE421aQIaAJL1THF1VPJqYxHnDZu4tA7DkIjiIKBqEAKX7DOg2mPTVQATMtKuTYJcuTIpDKvzpSfNi96ASM-lQ"}
algorithm
RS256
2020-08-10 19:12:09 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-08-10 19:12:09 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
3I5jbRR9FWwCs8pk8q6JiklYrSbqvUW1hKWKmYjKHSuCWF42Bo
token_type
Bearer
id_token
eyJraWQiOiIzNGZlNmYwNC00Yzc0LTRjNjUtYWMwNi1lODljNDU1YTA2YWEiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiUkhfc3ZPdDhPMFptUTJWZ0VCU0ZHQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X09yTlVTcFh0eGRuZ2pDQzgyNTU4flwiLD0hIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL21vcnBoX29pZGNfY2xpZW50X2Jhc2ljXC8iLCJleHAiOjE1OTcwODcwMjksIm5vbmNlIjoiZjJhZTNmNjEtMDBlZi00MjQxLTg3YjktOGEzYzc2OTk3YTRkIiwiaWF0IjoxNTk3MDg2NzI5fQ.kp3CwiH-kwjd9SzroD79LkI_ayZEiuJmZhOr90p1GRXwFhyL6w2QG9hfCXEaomJHizmQHu2oN96xrPU-FSnAjetQP1Bl8uaqAgRQvRbeH9FuWfpa3WSzdPCTI9rK6kqv07FJZwKQOVABJ6eKZsQ9pRLtuJJJe6Agl0M1FMMBVNMjULSzr42hOo2wBerWDreRjsp44VaLcpqnOzbLVL8rrzuBWNLMdmn2TC4qb8yKCX3ALf8Pp2UZxf3xCGFqG_4kNhNBCxM5W4JHgWCYJ5IpmrswMN7_tne1_bLSSaMxweHZ1jyfVDozVBsJrNPmjb-UF-5TsywhcdGd6B0SQBLYiw
scope
openid profile email
2020-08-10 19:12:09 OUTGOING
oidcc-client-test
Response to HTTP request to test instance HklvwA4pIdl9dIb
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "3I5jbRR9FWwCs8pk8q6JiklYrSbqvUW1hKWKmYjKHSuCWF42Bo",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiIzNGZlNmYwNC00Yzc0LTRjNjUtYWMwNi1lODljNDU1YTA2YWEiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiUkhfc3ZPdDhPMFptUTJWZ0VCU0ZHQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X09yTlVTcFh0eGRuZ2pDQzgyNTU4flwiLD0hIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL21vcnBoX29pZGNfY2xpZW50X2Jhc2ljXC8iLCJleHAiOjE1OTcwODcwMjksIm5vbmNlIjoiZjJhZTNmNjEtMDBlZi00MjQxLTg3YjktOGEzYzc2OTk3YTRkIiwiaWF0IjoxNTk3MDg2NzI5fQ.kp3CwiH-kwjd9SzroD79LkI_ayZEiuJmZhOr90p1GRXwFhyL6w2QG9hfCXEaomJHizmQHu2oN96xrPU-FSnAjetQP1Bl8uaqAgRQvRbeH9FuWfpa3WSzdPCTI9rK6kqv07FJZwKQOVABJ6eKZsQ9pRLtuJJJe6Agl0M1FMMBVNMjULSzr42hOo2wBerWDreRjsp44VaLcpqnOzbLVL8rrzuBWNLMdmn2TC4qb8yKCX3ALf8Pp2UZxf3xCGFqG_4kNhNBCxM5W4JHgWCYJ5IpmrswMN7_tne1_bLSSaMxweHZ1jyfVDozVBsJrNPmjb-UF-5TsywhcdGd6B0SQBLYiw",
  "scope": "openid profile email"
}
outgoing_path
token
2020-08-10 19:12:09 INCOMING
oidcc-client-test
Incoming HTTP request to test instance HklvwA4pIdl9dIb
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Bearer 3I5jbRR9FWwCs8pk8q6JiklYrSbqvUW1hKWKmYjKHSuCWF42Bo",
  "accept": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-08-10 19:12:09 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
3I5jbRR9FWwCs8pk8q6JiklYrSbqvUW1hKWKmYjKHSuCWF42Bo
2020-08-10 19:12:09 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
3I5jbRR9FWwCs8pk8q6JiklYrSbqvUW1hKWKmYjKHSuCWF42Bo
2020-08-10 19:12:09 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
email
user@example.com
email_verified
false
2020-08-10 19:12:09
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-08-10 19:12:09 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-08-10 19:12:09 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-08-10 19:12:09 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-08-10 19:12:09 OUTGOING
oidcc-client-test
Response to HTTP request to test instance HklvwA4pIdl9dIb
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": "1580000000",
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User",
  "email": "user@example.com",
  "email_verified": false
}
outgoing_path
userinfo
2020-08-10 19:12:09 FINISHED
oidcc-client-test
Test has run to completion
testmodule_result
PASSED
2020-08-10 19:14:33
TEST-RUNNER
Alias has now been claimed by another test
alias
morph_oidc_client_basic
new_test_id
PWRBgMRurUbtgqM
Test Results