Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-08-10 19:16:04 INFO
TEST-RUNNER
Test instance XqBeZnS0IMmaXQ9 created
baseUrl
https://www.certification.openid.net/test/a/morph_oidc_client_basic
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "dynamic_client"
}
alias
morph_oidc_client_basic
description
Testing morph oidc basic client
planId
8XtXosP8NfqAM
config
{
  "alias": "morph_oidc_client_basic",
  "description": "Testing morph oidc basic client",
  "publish": "everything"
}
testName
oidcc-client-test-missing-sub
2020-08-10 19:16:04 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-08-10 19:16:04
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-08-10 19:16:04
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "zrG2wNXdBeuWEl5y-I-Xl5NBkJctqCmjqC6qMFIYO7ch3rkIILEuwdOr2-2vXJ0R6hAib66nosngcqMkW1BDcX55rVkfMAXXZrPhC_LbZ9xqEFOOa59Ho_jlEVmCjmg1WiBcPs4dFoynkHGlBr8A0C525L1A_Gd3el_JMsYytSM",
      "kty": "RSA",
      "q": "zPC21t0ybXXCAhZIVUnTG8yfqGB0rsP_Mw2aRZ89MjmfnY6JL2NwdLwbjmy_hfoz5Ckgy-xcf0A2lDnQhVWkgDvYQF8uFn718Ry5dsjNuBo10Igz2GgX3wRk_yW0UraTIRI1qJ2gbDMmquq5dFKkUKrYS3nBaZ01j_jTf0G88pk",
      "d": "Yig5nAAOXm-DZUNOPRSrbBcczqZJXcTy1j-aKXlN5SNimBvtFCV5lobT36qa30fBN9Ud7I0TIdUDergwLxw41fb57egNnq5bdlBMJfw5zu-x3xtlpHKRp8TaxYu2JyHVMVTY_6PUwwrZ8EBlzRau4UkX8EbkLaVgB_WvjWCCGgRbMlHcTT_FK3-odOs9sbiK6OCe2Mypd7-qkGB1YQvrsJDYb9eZQQ5GTXspNy4C0wF89XkjvfO1FgNmePxHXRmG04wcKYkMLeF51e3cn1mdEB9wMWRiExTFJFpR4PG7P3N4kQZWOqcDLgO21DVpixH5qCi80XDhniRLhlbqYIxpcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "a381b400-814e-4d30-b818-e60940feff3b",
      "qi": "ITeS-f9nSuRajuTyPIZde-LOwi600lF5kSfY-DRFbOV0GfNt7BuH2WQ_4td7Ib7NMAGwG-iCjv53XOMzvQqmlCUKBBTomPc3IIFH1N4yUw7zcpxfXXOHw4RK3MxunzjEWOCnjSKcvUGoA4EV7Uxd2ueu6r-2SPUVLTTSrPHH4VM",
      "dp": "ZOxhT8cdJMbjgBSeDsAORPSiDvfCU1oBjx05_F4Zdw70esveLBhXvEyencRw28fV93PpXJ7rO5FXBqKiHfQS-lfHEd1yXQB9LKioOi1a9Furbk1ePS6IzIe7Ub1jAiXf5yHl6MS7b0c-ikjzS1f4Da6iXw4JrTTYIeijVSdxmw",
      "dq": "c276bZf1-XWkq2xFndSRVk0xeLOrxWycZ_M3fBOvcoTGhQZt-wU1qGrz0osqbZp6c_8-e95MU1il5WOTMicFGz2aFtgFq6IjgYW-aUu9o_8PZL_zA-fN2k4tXRGtuhEgWjZZhvoSDB_bndXMU9rgtpckcY7JBGYKb2emKT2r4bE",
      "n": "pXf33NJInwYaYlR0SpYSj6i3hM3lVOabLHvTGShDJ8miMEigMnu2_KoJgwW2bt3z8myYmHkAYZ11n6__8VTinOqNaMjw1wJP7nuPwZPw4CisaQzaHcB4SA4U_sWVaOCL1K9bdeGX_bt1PNpeKQbk5y5zfpYf92xuUYuQKAlSHDgIhr7kuuCHmPp-1O9DRGO7QLeSR9q4kkj-pi26ZwAvw0ID_C8sK8VvH8Kc8nJFD6jKAlUQ6pqVlsCoAQbepGW6WysRwa_KMijj_wm-9azGjWHAjvupnC1Nsujfj1aRKU97_2Dmq4ycQltFrcXXgQFT72d3c4Cp7Z16aWFMTD1X6w"
    },
    {
      "kty": "EC",
      "d": "PjpG_hjDpBScWnInXeQe1hzCMT4i-EC3HOpaeiyHww4",
      "use": "sig",
      "crv": "P-256",
      "kid": "2bcfdaf8-490b-4f05-9985-be71483cda8a",
      "x": "6D_EzPipvmQiRGe3n9a9PeB_AsKo3Q9PYJ8AqYxoOp4",
      "y": "uGd8fJh7DKi5d3OT2u45faycky-BPLqv8Kvv2qAuwXs"
    },
    {
      "kty": "EC",
      "d": "x5BoDpViEPZwOOIsyG4BaEXNX-p8u0UKVsuBIogUm8g",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "3c8a86de-63d7-4022-b26e-0963d727a579",
      "x": "2C0X_7cdWFJf9ng2geLDsvPCtuAst1NtrSBMdFa8hmQ",
      "y": "KAP95bSxmS3J8dnZS6DvP5Zz4Ms-Pc2a4SoGIrX5yPI"
    },
    {
      "kty": "OKP",
      "d": "8I18xaMzqrleRI696wZz4Db0cK46CMmA3ocqdxKbOnw",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "152fb223-69c2-4c3e-b07d-0fe930530745",
      "x": "W2cutkdnkVlbdjuhy_Tz-qsx8-kidMQfdnB8A8QLJYU"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "9seKd-ZxHnNVqXhZKTDl1mwTiwXLudc79-gFRFvLFqJewtHIQKlN-0GZOxcWCKH7f_Q-oZTl-Xv57lv1RW-8aug4pPoUD0pfWvYrIrM_JElWXGW-2I8W3IswgKYIfg27PRRvFBCRVZ-oicnZQWsuJJmujDHH10nU6XXFIl0RxNs",
      "kty": "RSA",
      "q": "9Vhh9QB0D_zyAJF98I1UEt4lk17Fu5_kl4gXkh3iitxMNyosiHU339no0S069yJafs8Z8PV6UYUEUjnB6PpE0aF58x8IbQM4uLbM_9nNiUF_sKWFoW5zEPkjUgPIKPJxmKCPT-KcV3qPW8Oj4Ie1QefydLgL97KM4jQAlZv-vGM",
      "d": "Gz8Lo4ooK5HcXhbflqD4cUPkk_0O3p_iuadPA0vcz3WBABdrIKCwgndYkKrWy1OyYRdxfAQFG8d0gbhL07o6nobaabvbJGBbPLNLhoAZUQ6JTomVD57z7RDrXRJP2z-k2OYwKHu65JjC7KXwagZlnFWUefE2BHBaqC5ZPLHMxEhk9Oc_nMinaeVTBlrV4tvYFxyRZ48rgQQE7BpEMCut6p_ky0tAHAdJRk3dXCpPtQ6V-y0sGuS1V-s2WQUQsTpjTgnnGgxfPNCaUADBtJDYOTtmOGEyGPL9K-9dJzmUXMjEoCaIh4ijCl0io8wYz0vc6AGuGsf1MP_chyS2GGH3GQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "ace80f74-40e5-4b3f-add4-2d1daedca4a4",
      "qi": "WqVv51gj5tAIK1z-zA9vStbWRp0zB3Km7AWrkg8sEKlpbtrq1-h8fs0_B-gJ6bEW7kFYBmxN1k1plMh9_8_KhHK-s4JV-CjclGvooOuTXNoczjDeDpMUjGstPhRaffOtJUJxFZDBpdMOo-MeBGxx09Ch14o8-rNGgn1F1Q6r0jg",
      "dp": "dsGbvwtkUFUMWhuSPKJNWJx14ycM3QfY0foT3suVtfS5SWOOzJ8s6catqKP5dHoO_4pYQYXYDfE9WxlhtOKKd5_88lduI9WUgb-JDo_XyOyJ5LkJ2EkzpTpOQvqjh5WwDzqwIaW_ascEYhqCtFqRwAc82jZyhwX-scJ89YZ4MJU",
      "alg": "RSA-OAEP",
      "dq": "V_PVOgVtlgWxo66EnWWszA7DHa-N5xMM2Z26BXGdMvaChAwkZs7OtvrhUYuLZej01BzeSdlWfj7XK7r03tZJMXVXyGZJmPrcrKsrllS4MApBAkx0OUjlCyKlHNOqP7OaMYLtnU-5iEqxdc4Ow4Ei43uJGXqZH7TseHL3-qovic0",
      "n": "7IIqiiGgTeuEk2cz7dg6qudyIL36SvXw_1KwRUSzJKFqDFtAfkO3rlirKhe3gwjOUZMtWX-Y6kApitf5Wt-YrRzaYgBNC5RMH6_8iNZJr5EisI0tIzI8OFCUCfUuXsmvDD3h-x0SQNGqmffl9T63U9vzPBK3J8B-sh16x50KT4aKuBs8JPRg6UlBUmWnqylC1msMOQz8OBx9RIxVtdNFWFihQVT-iFxlxjxkFnZtrEWNKmU6uQ9l8pFIhul9bZFcSiDmOARRwXvWHt2-xdQ3EqfrIRV_SOroH4FdBmgi16kNEyjdizC_T4bMj4xX-fa8BB_AtWipHCepliXr9Ln0sQ"
    },
    {
      "kty": "EC",
      "d": "e0_x4O8ODWNlhSfLIbHrTGlYGk8lbQeDIbaIp8T-LOk",
      "use": "enc",
      "crv": "P-256",
      "kid": "6a2fbf90-ab4a-40bd-948e-72b6d8bc8058",
      "x": "zwSo7X4Q9Zs2qF0c67v-5gTBK2GKjPgJT3jmdglGqI0",
      "y": "H52Wv2_1pmvCEQqtpPglRTZpKOp7IiM1HwExPCxJgS8",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a381b400-814e-4d30-b818-e60940feff3b",
      "n": "pXf33NJInwYaYlR0SpYSj6i3hM3lVOabLHvTGShDJ8miMEigMnu2_KoJgwW2bt3z8myYmHkAYZ11n6__8VTinOqNaMjw1wJP7nuPwZPw4CisaQzaHcB4SA4U_sWVaOCL1K9bdeGX_bt1PNpeKQbk5y5zfpYf92xuUYuQKAlSHDgIhr7kuuCHmPp-1O9DRGO7QLeSR9q4kkj-pi26ZwAvw0ID_C8sK8VvH8Kc8nJFD6jKAlUQ6pqVlsCoAQbepGW6WysRwa_KMijj_wm-9azGjWHAjvupnC1Nsujfj1aRKU97_2Dmq4ycQltFrcXXgQFT72d3c4Cp7Z16aWFMTD1X6w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "572a4f13-80e5-4e95-a6e3-5741f5e58866",
      "n": "o9kdcOAAkaTui0tqmWI3c_5dcooNLISeBdZyOXhEHNRnLsjtSzjiwBL4z0YYb0GcH4dP_ADQlVqaJ3g_37B_c7DlUrDw3dqlBJtqWybOTqYNpDQnjq3SAJngbCN-4cGuOM4Leh2NAZ-xb9Ma2vbG-akL1HmWWb5G31izCCS5MTJtGJK3Tm44dO82Hm8sQS0M3MlL3Sv9CQp0xSfqTZfQYl37Y16OS7r4fRlJ-pmVsaVbQvZP5pmPD_LlGm8uXaeJ39tbx74Sl1ZWZfjoSjbomeudrPuK8aX9RV4vCxpdlAgr2Rn-xPWOCb0o4YCzqBvnplWmW4hsVdlsFq_8AB7Lyw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "2bcfdaf8-490b-4f05-9985-be71483cda8a",
      "x": "6D_EzPipvmQiRGe3n9a9PeB_AsKo3Q9PYJ8AqYxoOp4",
      "y": "uGd8fJh7DKi5d3OT2u45faycky-BPLqv8Kvv2qAuwXs"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "746927ef-c23f-4a2e-96a2-7103b952d19f",
      "x": "5c-NSO5I0dO0-rgiFSvJW_pTGQu-bnh9YYv92rBDcJU",
      "y": "WbBzj5MgV3Q2eLNhVhS-xyXWIyWIkMlWA4nxkmUY1MU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "3c8a86de-63d7-4022-b26e-0963d727a579",
      "x": "2C0X_7cdWFJf9ng2geLDsvPCtuAst1NtrSBMdFa8hmQ",
      "y": "KAP95bSxmS3J8dnZS6DvP5Zz4Ms-Pc2a4SoGIrX5yPI"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "152fb223-69c2-4c3e-b07d-0fe930530745",
      "x": "W2cutkdnkVlbdjuhy_Tz-qsx8-kidMQfdnB8A8QLJYU"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "ace80f74-40e5-4b3f-add4-2d1daedca4a4",
      "alg": "RSA-OAEP",
      "n": "7IIqiiGgTeuEk2cz7dg6qudyIL36SvXw_1KwRUSzJKFqDFtAfkO3rlirKhe3gwjOUZMtWX-Y6kApitf5Wt-YrRzaYgBNC5RMH6_8iNZJr5EisI0tIzI8OFCUCfUuXsmvDD3h-x0SQNGqmffl9T63U9vzPBK3J8B-sh16x50KT4aKuBs8JPRg6UlBUmWnqylC1msMOQz8OBx9RIxVtdNFWFihQVT-iFxlxjxkFnZtrEWNKmU6uQ9l8pFIhul9bZFcSiDmOARRwXvWHt2-xdQ3EqfrIRV_SOroH4FdBmgi16kNEyjdizC_T4bMj4xX-fa8BB_AtWipHCepliXr9Ln0sQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "6a2fbf90-ab4a-40bd-948e-72b6d8bc8058",
      "x": "zwSo7X4Q9Zs2qF0c67v-5gTBK2GKjPgJT3jmdglGqI0",
      "y": "H52Wv2_1pmvCEQqtpPglRTZpKOp7IiM1HwExPCxJgS8",
      "alg": "ECDH-ES"
    }
  ]
}
2020-08-10 19:16:04 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-08-10 19:16:04 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-08-10 19:16:04 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-08-10 19:16:04 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-08-10 19:16:04
oidcc-client-test-missing-sub
Setup Done
2020-08-10 19:16:35 INCOMING
oidcc-client-test-missing-sub
Incoming HTTP request to test instance XqBeZnS0IMmaXQ9
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-08-10 19:16:35 OUTGOING
oidcc-client-test-missing-sub
Response to HTTP request to test instance XqBeZnS0IMmaXQ9
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-08-10 19:16:36 INCOMING
oidcc-client-test-missing-sub
Incoming HTTP request to test instance XqBeZnS0IMmaXQ9
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "339",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
{"redirect_uris":["https://morph-oidc-client.strid.ninja/auth/cb","https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"],"response_types":["code"],"grant_types":["authorization_code"],"contacts":["ulrik.strid@outlook.com"],"client_name":"basic_morph_oidc_client","token_endpoint_auth_method":"client_secret_basic"}
Registration endpoint
2020-08-10 19:16:36 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic"
}
2020-08-10 19:16:36 SUCCESS
EnsureRegistrationRequestContainsAtLeastOneContact
Registration request contains valid contacts
contacts
[
  "ulrik.strid@outlook.com"
]
2020-08-10 19:16:36 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-08-10 19:16:36 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://morph-oidc-client.strid.ninja/auth/cb",
  "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
]
2020-08-10 19:16:36 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-08-10 19:16:36 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-08-10 19:16:36 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-08-10 19:16:36 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-08-10 19:16:36 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-08-10 19:16:36 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-08-10 19:16:36 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-08-10 19:16:36 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-08-10 19:16:36 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-08-10 19:16:36 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-08-10 19:16:36 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-08-10 19:16:36 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-08-10 19:16:36 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-08-10 19:16:36 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-08-10 19:16:36 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-08-10 19:16:36 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-08-10 19:16:36 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-08-10 19:16:36 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-08-10 19:16:36 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_pGAYYdIOHpLaRCX09775 )#!("
}
2020-08-10 19:16:36
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_qWvejjJInmomcrAFYVHojysnOUHiYgwHNChZaztuIUbdrfJHUq4076264920 &`?~
2020-08-10 19:16:36 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-08-10 19:16:36 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_pGAYYdIOHpLaRCX09775 )#!(",
  "client_secret": "secret_qWvejjJInmomcrAFYVHojysnOUHiYgwHNChZaztuIUbdrfJHUq4076264920 \u0026`?~"
}
2020-08-10 19:16:36 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-08-10 19:16:36 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-08-10 19:16:36
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-08-10 19:16:36 OUTGOING
oidcc-client-test-missing-sub
Response to HTTP request to test instance XqBeZnS0IMmaXQ9
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_pGAYYdIOHpLaRCX09775 )#!(",
  "client_secret": "secret_qWvejjJInmomcrAFYVHojysnOUHiYgwHNChZaztuIUbdrfJHUq4076264920 \u0026`?~",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-08-10 19:16:36 INCOMING
oidcc-client-test-missing-sub
Incoming HTTP request to test instance XqBeZnS0IMmaXQ9
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,*/*;q\u003d0.8",
  "accept-language": "en-US,en;q\u003d0.5",
  "accept-encoding": "gzip, deflate, br",
  "referer": "https://morph-oidc-client.strid.ninja/",
  "dnt": "1",
  "cookie": "expected_tab\u003dmicrosoftonline; welcome_info_name\u003dUlrik%20Strid; JSESSIONID\u003dCB87DB255579AE321C16855066F1AF5F",
  "upgrade-insecure-requests": "1",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "response_type": "code",
  "client_id": "client_pGAYYdIOHpLaRCX09775 )#!(",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "scope": "openid profile email",
  "state": "d9b31c20-0b7b-46e1-a107-c942ebc08f91",
  "nonce": "4f18352e-7d20-4e07-92a2-fb12551c11ec"
}
incoming_body
Authorization endpoint
2020-08-10 19:16:36 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-08-10 19:16:36 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile",
  "email"
]
expected
openid
2020-08-10 19:16:36 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "response_type": "code",
  "client_id": "client_pGAYYdIOHpLaRCX09775 )#!(",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "scope": "openid profile email",
  "state": "d9b31c20-0b7b-46e1-a107-c942ebc08f91",
  "nonce": "4f18352e-7d20-4e07-92a2-fb12551c11ec"
}
2020-08-10 19:16:36 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile email
2020-08-10 19:16:36 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
4f18352e-7d20-4e07-92a2-fb12551c11ec
2020-08-10 19:16:36 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-08-10 19:16:36 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_pGAYYdIOHpLaRCX09775 )#!(
2020-08-10 19:16:36 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://morph-oidc-client.strid.ninja/auth/cb
expected
[
  "https://morph-oidc-client.strid.ninja/auth/cb",
  "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
]
2020-08-10 19:16:36 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile",
  "email"
]
expected
openid
2020-08-10 19:16:36 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-08-10 19:16:36 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
fnbWP1h2MV
2020-08-10 19:16:36 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
acrMRgwS6Y3xZ8PgQPdghg
2020-08-10 19:16:36 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "state": "d9b31c20-0b7b-46e1-a107-c942ebc08f91"
}
2020-08-10 19:16:36 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "state": "d9b31c20-0b7b-46e1-a107-c942ebc08f91",
  "code": "fnbWP1h2MV"
}
2020-08-10 19:16:36
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://morph-oidc-client.strid.ninja/auth/cb?state=d9b31c20-0b7b-46e1-a107-c942ebc08f91&code=fnbWP1h2MV
2020-08-10 19:16:36 OUTGOING
oidcc-client-test-missing-sub
Response to HTTP request to test instance XqBeZnS0IMmaXQ9
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://morph-oidc-client.strid.ninja/auth/cb?state=d9b31c20-0b7b-46e1-a107-c942ebc08f91&code=fnbWP1h2MV]
outgoing_path
authorize
2020-08-10 19:16:36 INCOMING
oidcc-client-test-missing-sub
Incoming HTTP request to test instance XqBeZnS0IMmaXQ9
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-08-10 19:16:36 OUTGOING
oidcc-client-test-missing-sub
Response to HTTP request to test instance XqBeZnS0IMmaXQ9
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a381b400-814e-4d30-b818-e60940feff3b",
      "n": "pXf33NJInwYaYlR0SpYSj6i3hM3lVOabLHvTGShDJ8miMEigMnu2_KoJgwW2bt3z8myYmHkAYZ11n6__8VTinOqNaMjw1wJP7nuPwZPw4CisaQzaHcB4SA4U_sWVaOCL1K9bdeGX_bt1PNpeKQbk5y5zfpYf92xuUYuQKAlSHDgIhr7kuuCHmPp-1O9DRGO7QLeSR9q4kkj-pi26ZwAvw0ID_C8sK8VvH8Kc8nJFD6jKAlUQ6pqVlsCoAQbepGW6WysRwa_KMijj_wm-9azGjWHAjvupnC1Nsujfj1aRKU97_2Dmq4ycQltFrcXXgQFT72d3c4Cp7Z16aWFMTD1X6w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "572a4f13-80e5-4e95-a6e3-5741f5e58866",
      "n": "o9kdcOAAkaTui0tqmWI3c_5dcooNLISeBdZyOXhEHNRnLsjtSzjiwBL4z0YYb0GcH4dP_ADQlVqaJ3g_37B_c7DlUrDw3dqlBJtqWybOTqYNpDQnjq3SAJngbCN-4cGuOM4Leh2NAZ-xb9Ma2vbG-akL1HmWWb5G31izCCS5MTJtGJK3Tm44dO82Hm8sQS0M3MlL3Sv9CQp0xSfqTZfQYl37Y16OS7r4fRlJ-pmVsaVbQvZP5pmPD_LlGm8uXaeJ39tbx74Sl1ZWZfjoSjbomeudrPuK8aX9RV4vCxpdlAgr2Rn-xPWOCb0o4YCzqBvnplWmW4hsVdlsFq_8AB7Lyw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "2bcfdaf8-490b-4f05-9985-be71483cda8a",
      "x": "6D_EzPipvmQiRGe3n9a9PeB_AsKo3Q9PYJ8AqYxoOp4",
      "y": "uGd8fJh7DKi5d3OT2u45faycky-BPLqv8Kvv2qAuwXs"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "746927ef-c23f-4a2e-96a2-7103b952d19f",
      "x": "5c-NSO5I0dO0-rgiFSvJW_pTGQu-bnh9YYv92rBDcJU",
      "y": "WbBzj5MgV3Q2eLNhVhS-xyXWIyWIkMlWA4nxkmUY1MU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "3c8a86de-63d7-4022-b26e-0963d727a579",
      "x": "2C0X_7cdWFJf9ng2geLDsvPCtuAst1NtrSBMdFa8hmQ",
      "y": "KAP95bSxmS3J8dnZS6DvP5Zz4Ms-Pc2a4SoGIrX5yPI"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "152fb223-69c2-4c3e-b07d-0fe930530745",
      "x": "W2cutkdnkVlbdjuhy_Tz-qsx8-kidMQfdnB8A8QLJYU"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "ace80f74-40e5-4b3f-add4-2d1daedca4a4",
      "alg": "RSA-OAEP",
      "n": "7IIqiiGgTeuEk2cz7dg6qudyIL36SvXw_1KwRUSzJKFqDFtAfkO3rlirKhe3gwjOUZMtWX-Y6kApitf5Wt-YrRzaYgBNC5RMH6_8iNZJr5EisI0tIzI8OFCUCfUuXsmvDD3h-x0SQNGqmffl9T63U9vzPBK3J8B-sh16x50KT4aKuBs8JPRg6UlBUmWnqylC1msMOQz8OBx9RIxVtdNFWFihQVT-iFxlxjxkFnZtrEWNKmU6uQ9l8pFIhul9bZFcSiDmOARRwXvWHt2-xdQ3EqfrIRV_SOroH4FdBmgi16kNEyjdizC_T4bMj4xX-fa8BB_AtWipHCepliXr9Ln0sQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "6a2fbf90-ab4a-40bd-948e-72b6d8bc8058",
      "x": "zwSo7X4Q9Zs2qF0c67v-5gTBK2GKjPgJT3jmdglGqI0",
      "y": "H52Wv2_1pmvCEQqtpPglRTZpKOp7IiM1HwExPCxJgS8",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-08-10 19:16:36 INCOMING
oidcc-client-test-missing-sub
Incoming HTTP request to test instance XqBeZnS0IMmaXQ9
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Basic Y2xpZW50X3BHQVlZZElPSHBMYVJDWDA5Nzc1JTIwJTI5JTIzJTIxJTI4OnNlY3JldF9xV3ZlampKSW5tb21jckFGWVZIb2p5c25PVUhpWWd3SE5DaFphenR1SVViZHJmSkhVcTQwNzYyNjQ5MjAlMjAlMjYlNjAlM0Z+",
  "content-type": "application/x-www-form-urlencoded",
  "accept": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "257",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "scope": "openid",
  "code": "fnbWP1h2MV",
  "client_id": "client_pGAYYdIOHpLaRCX09775 )#!(",
  "client_secret": "secret_qWvejjJInmomcrAFYVHojysnOUHiYgwHNChZaztuIUbdrfJHUq4076264920 \u0026`?~",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&scope=openid&code=fnbWP1h2MV&client_id=client_pGAYYdIOHpLaRCX09775+%29%23%21%28&client_secret=secret_qWvejjJInmomcrAFYVHojysnOUHiYgwHNChZaztuIUbdrfJHUq4076264920+%26%60%3F%7E&redirect_uri=https%3A%2F%2Fmorph-oidc-client.strid.ninja%2Fauth%2Fcb
Token endpoint
2020-08-10 19:16:36 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_pGAYYdIOHpLaRCX09775 )#!(
client_secret
secret_qWvejjJInmomcrAFYVHojysnOUHiYgwHNChZaztuIUbdrfJHUq4076264920 &`?~
method
client_secret_basic
2020-08-10 19:16:36 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-08-10 19:16:36 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
fnbWP1h2MV
2020-08-10 19:16:36 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://morph-oidc-client.strid.ninja/auth/cb
2020-08-10 19:16:36 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
bHWUApyeGyZ10svQ6D5KHBRqER3GlHBYpABzDqxbzdCaTQhdpD
2020-08-10 19:16:36 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
xFqJPbSmB5IhmqGIwzFjig
2020-08-10 19:16:36 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/morph_oidc_client_basic/
sub
user-subject-1234531
aud
client_pGAYYdIOHpLaRCX09775 )#!(
nonce
4f18352e-7d20-4e07-92a2-fb12551c11ec
iat
1597086996
exp
1597087296
2020-08-10 19:16:36
RemoveSubFromIdToken
Removed sub value from ID token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "aud": "client_pGAYYdIOHpLaRCX09775 )#!(",
  "nonce": "4f18352e-7d20-4e07-92a2-fb12551c11ec",
  "iat": 1597086996,
  "exp": 1597087296
}
2020-08-10 19:16:36 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
xFqJPbSmB5IhmqGIwzFjig
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "aud": "client_pGAYYdIOHpLaRCX09775 )#!(",
  "nonce": "4f18352e-7d20-4e07-92a2-fb12551c11ec",
  "iat": 1597086996,
  "exp": 1597087296,
  "at_hash": "xFqJPbSmB5IhmqGIwzFjig"
}
2020-08-10 19:16:36 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJhMzgxYjQwMC04MTRlLTRkMzAtYjgxOC1lNjA5NDBmZWZmM2IiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoieEZxSlBiU21CNUlobXFHSXd6RmppZyIsImF1ZCI6ImNsaWVudF9wR0FZWWRJT0hwTGFSQ1gwOTc3NSApIyEoIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL21vcnBoX29pZGNfY2xpZW50X2Jhc2ljXC8iLCJleHAiOjE1OTcwODcyOTYsIm5vbmNlIjoiNGYxODM1MmUtN2QyMC00ZTA3LTkyYTItZmIxMjU1MWMxMWVjIiwiaWF0IjoxNTk3MDg2OTk2fQ.KfYIlspJRul-M72kv0NngjQnQ8o_Y3alnoGT3gFJdvLcXLUvLrihRScXclV8m0mzHYDHwPTysRup4V4Ktru9lrwi40p8sr4Pee3dUCrEA97Ci1CGAPazNkmLlm3TpqrpCjlGZwzNFHqEDmfrWFj7g4_5UL2GlFMY7VHfFBK1TLBEhw_WdMta5vmeL6NKcAwhxbYnAE9lDg4QHdvKGh3DRmmztQv95MeSgH-EspPMcsibUvnYQR_VURViCcEqxuR__4qQEt3NIay0-zt6uIXjzrWefz6_OJswqutDAwWqrRYJ5X66Q8i766Q5Gc1Gk7VUthzMnkzk6_oeso-eMmxO8g
key
{"p":"zrG2wNXdBeuWEl5y-I-Xl5NBkJctqCmjqC6qMFIYO7ch3rkIILEuwdOr2-2vXJ0R6hAib66nosngcqMkW1BDcX55rVkfMAXXZrPhC_LbZ9xqEFOOa59Ho_jlEVmCjmg1WiBcPs4dFoynkHGlBr8A0C525L1A_Gd3el_JMsYytSM","kty":"RSA","q":"zPC21t0ybXXCAhZIVUnTG8yfqGB0rsP_Mw2aRZ89MjmfnY6JL2NwdLwbjmy_hfoz5Ckgy-xcf0A2lDnQhVWkgDvYQF8uFn718Ry5dsjNuBo10Igz2GgX3wRk_yW0UraTIRI1qJ2gbDMmquq5dFKkUKrYS3nBaZ01j_jTf0G88pk","d":"Yig5nAAOXm-DZUNOPRSrbBcczqZJXcTy1j-aKXlN5SNimBvtFCV5lobT36qa30fBN9Ud7I0TIdUDergwLxw41fb57egNnq5bdlBMJfw5zu-x3xtlpHKRp8TaxYu2JyHVMVTY_6PUwwrZ8EBlzRau4UkX8EbkLaVgB_WvjWCCGgRbMlHcTT_FK3-odOs9sbiK6OCe2Mypd7-qkGB1YQvrsJDYb9eZQQ5GTXspNy4C0wF89XkjvfO1FgNmePxHXRmG04wcKYkMLeF51e3cn1mdEB9wMWRiExTFJFpR4PG7P3N4kQZWOqcDLgO21DVpixH5qCi80XDhniRLhlbqYIxpcQ","e":"AQAB","use":"sig","kid":"a381b400-814e-4d30-b818-e60940feff3b","qi":"ITeS-f9nSuRajuTyPIZde-LOwi600lF5kSfY-DRFbOV0GfNt7BuH2WQ_4td7Ib7NMAGwG-iCjv53XOMzvQqmlCUKBBTomPc3IIFH1N4yUw7zcpxfXXOHw4RK3MxunzjEWOCnjSKcvUGoA4EV7Uxd2ueu6r-2SPUVLTTSrPHH4VM","dp":"ZOxhT8cdJMbjgBSeDsAORPSiDvfCU1oBjx05_F4Zdw70esveLBhXvEyencRw28fV93PpXJ7rO5FXBqKiHfQS-lfHEd1yXQB9LKioOi1a9Furbk1ePS6IzIe7Ub1jAiXf5yHl6MS7b0c-ikjzS1f4Da6iXw4JrTTYIeijVSdxmw","dq":"c276bZf1-XWkq2xFndSRVk0xeLOrxWycZ_M3fBOvcoTGhQZt-wU1qGrz0osqbZp6c_8-e95MU1il5WOTMicFGz2aFtgFq6IjgYW-aUu9o_8PZL_zA-fN2k4tXRGtuhEgWjZZhvoSDB_bndXMU9rgtpckcY7JBGYKb2emKT2r4bE","n":"pXf33NJInwYaYlR0SpYSj6i3hM3lVOabLHvTGShDJ8miMEigMnu2_KoJgwW2bt3z8myYmHkAYZ11n6__8VTinOqNaMjw1wJP7nuPwZPw4CisaQzaHcB4SA4U_sWVaOCL1K9bdeGX_bt1PNpeKQbk5y5zfpYf92xuUYuQKAlSHDgIhr7kuuCHmPp-1O9DRGO7QLeSR9q4kkj-pi26ZwAvw0ID_C8sK8VvH8Kc8nJFD6jKAlUQ6pqVlsCoAQbepGW6WysRwa_KMijj_wm-9azGjWHAjvupnC1Nsujfj1aRKU97_2Dmq4ycQltFrcXXgQFT72d3c4Cp7Z16aWFMTD1X6w"}
algorithm
RS256
2020-08-10 19:16:36 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-08-10 19:16:36 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
bHWUApyeGyZ10svQ6D5KHBRqER3GlHBYpABzDqxbzdCaTQhdpD
token_type
Bearer
id_token
eyJraWQiOiJhMzgxYjQwMC04MTRlLTRkMzAtYjgxOC1lNjA5NDBmZWZmM2IiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoieEZxSlBiU21CNUlobXFHSXd6RmppZyIsImF1ZCI6ImNsaWVudF9wR0FZWWRJT0hwTGFSQ1gwOTc3NSApIyEoIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL21vcnBoX29pZGNfY2xpZW50X2Jhc2ljXC8iLCJleHAiOjE1OTcwODcyOTYsIm5vbmNlIjoiNGYxODM1MmUtN2QyMC00ZTA3LTkyYTItZmIxMjU1MWMxMWVjIiwiaWF0IjoxNTk3MDg2OTk2fQ.KfYIlspJRul-M72kv0NngjQnQ8o_Y3alnoGT3gFJdvLcXLUvLrihRScXclV8m0mzHYDHwPTysRup4V4Ktru9lrwi40p8sr4Pee3dUCrEA97Ci1CGAPazNkmLlm3TpqrpCjlGZwzNFHqEDmfrWFj7g4_5UL2GlFMY7VHfFBK1TLBEhw_WdMta5vmeL6NKcAwhxbYnAE9lDg4QHdvKGh3DRmmztQv95MeSgH-EspPMcsibUvnYQR_VURViCcEqxuR__4qQEt3NIay0-zt6uIXjzrWefz6_OJswqutDAwWqrRYJ5X66Q8i766Q5Gc1Gk7VUthzMnkzk6_oeso-eMmxO8g
scope
openid profile email
2020-08-10 19:16:36 OUTGOING
oidcc-client-test-missing-sub
Response to HTTP request to test instance XqBeZnS0IMmaXQ9
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "bHWUApyeGyZ10svQ6D5KHBRqER3GlHBYpABzDqxbzdCaTQhdpD",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJhMzgxYjQwMC04MTRlLTRkMzAtYjgxOC1lNjA5NDBmZWZmM2IiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoieEZxSlBiU21CNUlobXFHSXd6RmppZyIsImF1ZCI6ImNsaWVudF9wR0FZWWRJT0hwTGFSQ1gwOTc3NSApIyEoIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL21vcnBoX29pZGNfY2xpZW50X2Jhc2ljXC8iLCJleHAiOjE1OTcwODcyOTYsIm5vbmNlIjoiNGYxODM1MmUtN2QyMC00ZTA3LTkyYTItZmIxMjU1MWMxMWVjIiwiaWF0IjoxNTk3MDg2OTk2fQ.KfYIlspJRul-M72kv0NngjQnQ8o_Y3alnoGT3gFJdvLcXLUvLrihRScXclV8m0mzHYDHwPTysRup4V4Ktru9lrwi40p8sr4Pee3dUCrEA97Ci1CGAPazNkmLlm3TpqrpCjlGZwzNFHqEDmfrWFj7g4_5UL2GlFMY7VHfFBK1TLBEhw_WdMta5vmeL6NKcAwhxbYnAE9lDg4QHdvKGh3DRmmztQv95MeSgH-EspPMcsibUvnYQR_VURViCcEqxuR__4qQEt3NIay0-zt6uIXjzrWefz6_OJswqutDAwWqrRYJ5X66Q8i766Q5Gc1Gk7VUthzMnkzk6_oeso-eMmxO8g",
  "scope": "openid profile email"
}
outgoing_path
token
2020-08-10 19:16:41 FINISHED
oidcc-client-test-missing-sub
Test has run to completion
testmodule_result
PASSED
2020-08-10 19:17:03
TEST-RUNNER
Alias has now been claimed by another test
alias
morph_oidc_client_basic
new_test_id
N0N0AzlrFEdfPWT
Test Results