Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-08-10 19:25:43 INFO
TEST-RUNNER
Test instance Gc0mAOFm60koIWu created
baseUrl
https://www.certification.openid.net/test/a/morph_oidc_client_basic
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "dynamic_client"
}
alias
morph_oidc_client_basic
description
Testing morph oidc basic client
planId
8XtXosP8NfqAM
config
{
  "alias": "morph_oidc_client_basic",
  "description": "Testing morph oidc basic client",
  "publish": "everything"
}
testName
oidcc-client-test-invalid-sig-rs256
2020-08-10 19:25:43 SUCCESS
OIDCCGenerateServerConfigurationIdTokenSigningAlgRS256Only
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-08-10 19:25:43
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-08-10 19:25:44
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "5QUceMR1vAokcJta7j0r1KOUbPI0O-_IcE_nymI5PmZhBM-Qq9do5Vue749SW9ZCDmL_IduYazn2U-cSGzJcANnXjILb8c04x9XQaKHwZ-dqHEwNHkgechVu5Vgadn27bJWlK0ZNVWpAKTrkMMWNHnvdshHB1YMkC6p9qxvO3P0",
      "kty": "RSA",
      "q": "1JjyvV5giXV8SK8tO9wyhyzTIWzCoQGfAeG3Z9AL1wkE0lzn6RWXzXKWXBZBSN4l3bvnSGp9JyDWJVEwtabG91R3BZQxB5xblK-Iod6hIHokRLu13tUnUOCfcYwcMO8W1X_9mhPxbk5yseDSyNiIX9YNwtSWw-CCPyoHiiM_y38",
      "d": "YvW8MuXmNMzD4wRtVtPu3TMHwJ-w9Qvy84EG6Niiot__p2wk0qr5-afNOBoWQXPTUT-g9kPyChIKcOsfImarEs5soGys5bL4FFM-seI2RfXzIqVWtArueHKdDkCnygaTZ2m5E4YafPMVUI2vfZOAc4TEtOencLxh-8tLI8TA49Qdn1-lWpXtwYTJW-P_ujy4F5ndTGOw0K_E_UN9A_XixZt8xdESMnMmuSRwFeZOR6nACpkczo2mHqcV_VWQR6yJoy4OQtqzbp_rCpPOKOSZDJcusss--hwSG8QrJt7JJYf-DnEFLh_ruMpa6q9U_t93njTz6Oe8RBY7vHyypLoJoQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "ccb0f88a-9f94-4e83-b0e4-f705bd40699e",
      "qi": "DPHMB_Twhw0EiaOBdzMRF0yo6DdWIlNRohMHfF32ToQvfQjS1rLXRFNT24V060Fq4PkbjESojR-CjaaSGKW1pajq9y4utAfBxxMO0ZJR3Mi79XoXkaaMe7ekZBjR1nvbdoMiN_5EUgUUOwivvBOj1NCZj0oeiGm3KQZ9eRXIGBE",
      "dp": "yaFFXuIAkcwQJv_v_53lj_FwxLY83KQQQSlodhsiMNjsA9NGmLQuyvduJ5V0OhyZzZbE7qcqOwUt5NKkc0NUEv-3sSKox-sZWX7aXLRuNtxb5IvkZMuz2lcaalq1-apar4_UehQME-5WjLYnnvTeeH8vQQ43LGan_olc2J_D8XU",
      "dq": "FTmb6noUq0SWfu82VeabCNHZ1ll0aPyvclGlrPChbfuRhqsN4EBuom1RQ6pZJDxBjYyn_5vaGOD3YExlz4zyCllddKoh5v-eSQ7pVjfS4FoxasdO1gtz3GhAouZ5Hg2QuwoHOK3LCdc9LjMi-DheDStivlPZJX8xobrBe_Ie-WM",
      "n": "vjEPxSiEkdg_D1jrZPAoP2-n-0BN_d_tvPHBEpWxOrokB-VtBw4tvUnGCuzrRrwUVoGu567c8N2meYpYcqKuD6Bh4w--y0wq78dyilJm0ltq4Pu3R4MYzLAiHqw7x0rYBA_6sbUXiS-NrPYe5QauhejwbWZIUERd_jzkN0DO6A0G6LjK41mAj-SNNpKU7iE01qKhbSz0dXKKGtz7x3KCMpNK8lFscVJydHG5RXiHOw7DV-81kd3fUnWp3tSPbG_DqFBSvCi9EDzHQ4t-7mBb-gRMgU4RXUICcSIe4SpAhFfD8xhc53OKOH0w-EwJyjNUzVCFbgvDTxF3NDJwzh9Agw"
    },
    {
      "kty": "EC",
      "d": "SsBjkpwGIR7soo0p7jvDmj7DP9XyEtrA5vxpzlQFcVw",
      "use": "sig",
      "crv": "P-256",
      "kid": "08999573-364d-4b8a-a5f3-42045be36b00",
      "x": "81pxR5b7t5pEDdAwb62FKOAyrNu_hyr94V1qFNz3XR8",
      "y": "w1lKofYc7-eqpBmz06SSD91AuzHYUhXjCBstiw7vaB0"
    },
    {
      "kty": "EC",
      "d": "E5-BPCg9ApnUKHFAk3LBH39cM720PHIU_tppg9Q_oiE",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "53f63ab8-7cc4-4ac6-96c1-613224dc33da",
      "x": "WQpixtHJF1EGAFcXhiGNlThSIZ1FARhvEgktGYX_2Sg",
      "y": "7-FJoqgo1WSvmD7t0GrEQ8KS14DQCwEYmXrAofAvu9w"
    },
    {
      "kty": "OKP",
      "d": "kwNDTje8aDAAU2Fn6eLOlrH_krFi-atz8vqD4cYQlmc",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f15ffebe-0e04-4943-873b-e6a8d6e892f2",
      "x": "KyEhBdxw58SNbL__qoRRvUmquTVbhmujbHdgUJtBJ9I"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "9iXMvHCJRvUj9wyCx5n7qC-xclOvQ0d5hYT_pX0YhFeSfR2FK45I4ChHvJdrVvsP0mf0OoA7mbP9t0d4cDt9ncZJTHrvSBilG5w9HshhuMTuSUFcctoiufyippGY-D_rZ9-hHJKCLyoNCjqCZV3zDevBCWMee1n5Lp-4qCccN1E",
      "kty": "RSA",
      "q": "or2nloiD-HtLKkwKum_L4QgDlZH9kTirrcgFqSeU0xDAnIKIt1C2frgijAm0MipapIdIjJ320MzoXLhZ0XlP1Yo7aPApQFXpjuSSSklwHe9u5Qdh24Se-BwMpW-XAe1DVZdULiGnmsGEwnG56zF-QnLiESdCAbjGNpEoyVzhfk0",
      "d": "fhrM69Paorp5vmebIFiJYT22TD6hLqjdVG24RGIdn3rMWkDDvZGQKXyHClEUGB7CMnWGYEuvBF8RojijbnvbM_SXIvkKO4SSdBHQoXY4qlrxKvxZp68vULI_FkPf5XmuFtuWs_f1wvB7GMSCrdmSCanLDRy1OJZnf2ObdFOH7ZlbqoUYSRQTL5dyuMprN_81GEpwiGX_gF4GXbhNWkg3yDtT_lDJ_6iDvLNAn5ou7aBXRZlcRFhK9IqfDaVpJLO52uzrLLjOOAlDvMtJrlQhEfEcarcf3ji71d4CKT6tMV7hKwKrwjhOPOwAVydRQxF2yJiHvot8DNU-d_eF_wMsAQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "499d0ee8-e1fb-41d6-b18a-024246db85de",
      "qi": "KN99YLQknklWoNebX_G1AorsBKRAR9SXP6_vtL7h-H9LB6kPFV6BFx8YPSg-WNdFJbQAzePQ-BQJnHINkeVosS2hoisP131KP9SXngIr_og0qbfZ6uqmfaKL-N27Kdc3qf--YT68P4J2WprUATQVmQMsggbtUvaRwiQ1w1ZhjVk",
      "dp": "vvSQIlhDhzLCFfQ0uNhybQWi6YiWXOFkGvsUwLONg43UbQ-rsiCN1KgrDtmBQlc-7QIMbB3zHsiNudPOUXM1fmLHlneAjjPgUs0gdXMKrKbKHTaBm_AyJIsjO4mUXHJqE4lfmaTnLeO3fgnqAu2hk1kjxj6I9TTVpR_vxzOgJiE",
      "alg": "RSA-OAEP",
      "dq": "3JY1ktV4DFcSi0KHSC5BK8SxFwvLqAwoqGV3RtFf6LfMXFiS9-dvdlQgf7Cnj1fZhSnaLL_wzRTx4LwBAu5sSAYWgScGwy2wZv9rS0Y_slPY_JgFDIe28pcSjSu0g-gWXO3CLMVxaVLloKqGV0W-3lLaGmYcEjlicpRPtKExBQ",
      "n": "nHpGmsxN0RsMc481KW4_t8Fzrb2uK1KmuWdImV8C4I36XPifcHn6jB7yJrzo20EJ7r5HTHn8gqqRB2rRHYtA1TCt1M3jQA1oHfSzPTjRPSDwIWm56Y19Pw6733FBk7S2yxQm2f4vl6UZZ4fFnVXZjLy1HjSXfDeu1LO9uzTLgKvyZxBzTaTETdHdkP84EKeSBHFe2NVF6a6T_OcdkLIVBmQkrzM6qZODCo9XORm2UcWwlarpOtX4aKbj9PxSqWMeixpqAbi7O5Bt4vyTxRwhfo2km9Gq_lLEZFiOCWl5hHzFHNxuKznESMJpV_kx-j7MMRxRysLMcxLlcugaYOeBXQ"
    },
    {
      "kty": "EC",
      "d": "11s9JpdiE8d1k8G_0eNlM2ZfP2GujLnx1tc5QrN5ku8",
      "use": "enc",
      "crv": "P-256",
      "kid": "11a9a7d6-d76b-48b1-8acb-cf870bee1924",
      "x": "ntsgpY_BijCdjdBVj_aZJzkhyHZICCdHLURrxZ50Llo",
      "y": "9wP_pYwaYHpaedoOUx_d5fLTmWZqxVms8_CuBXBO2Ng",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "ccb0f88a-9f94-4e83-b0e4-f705bd40699e",
      "n": "vjEPxSiEkdg_D1jrZPAoP2-n-0BN_d_tvPHBEpWxOrokB-VtBw4tvUnGCuzrRrwUVoGu567c8N2meYpYcqKuD6Bh4w--y0wq78dyilJm0ltq4Pu3R4MYzLAiHqw7x0rYBA_6sbUXiS-NrPYe5QauhejwbWZIUERd_jzkN0DO6A0G6LjK41mAj-SNNpKU7iE01qKhbSz0dXKKGtz7x3KCMpNK8lFscVJydHG5RXiHOw7DV-81kd3fUnWp3tSPbG_DqFBSvCi9EDzHQ4t-7mBb-gRMgU4RXUICcSIe4SpAhFfD8xhc53OKOH0w-EwJyjNUzVCFbgvDTxF3NDJwzh9Agw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "424ac338-c241-472e-8876-0dd2510cc602",
      "n": "upVgh2YKVMmpAJHZKSK07lhVDwCx1lg790_JmLEqYaABG6DW71FphtXiCZJcolfgXKoIRgVcNLBmmTri8ehZg-BMCWJTzDc8vX8FoSr-7wDMFOang74CAUJvclFwa24HM5QFuXj06frbUJb_hQOHcQEcz4KgUlmvGhBQBA0PPBqT0oZsfBQkGSv2l9ErMeXJz12GEQvp_cqdo1IKWOs3UBTjAbTBdmKOrPwh2O565wBxq0NuFE_B_QQNBc9Sn6HIcc2pxUgcPqsF45vu1ADQLJcXILcHm5BFw4vGcKKWnPzmIRvuyO8k-TJ4HbyTttIjJGcfBZmtJ_inr_p9L9RqTw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "08999573-364d-4b8a-a5f3-42045be36b00",
      "x": "81pxR5b7t5pEDdAwb62FKOAyrNu_hyr94V1qFNz3XR8",
      "y": "w1lKofYc7-eqpBmz06SSD91AuzHYUhXjCBstiw7vaB0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "80b045df-436c-47e0-8e56-5f7f4b6d3421",
      "x": "KLfUkrT3j7zSEEEuh9l0YKjz8xYl6FaaFG0_-W3ZW_c",
      "y": "KHcfB1cV1_a9GiZZvApD5EHchmErWN37kNAnpI8fHVY"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "53f63ab8-7cc4-4ac6-96c1-613224dc33da",
      "x": "WQpixtHJF1EGAFcXhiGNlThSIZ1FARhvEgktGYX_2Sg",
      "y": "7-FJoqgo1WSvmD7t0GrEQ8KS14DQCwEYmXrAofAvu9w"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f15ffebe-0e04-4943-873b-e6a8d6e892f2",
      "x": "KyEhBdxw58SNbL__qoRRvUmquTVbhmujbHdgUJtBJ9I"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "499d0ee8-e1fb-41d6-b18a-024246db85de",
      "alg": "RSA-OAEP",
      "n": "nHpGmsxN0RsMc481KW4_t8Fzrb2uK1KmuWdImV8C4I36XPifcHn6jB7yJrzo20EJ7r5HTHn8gqqRB2rRHYtA1TCt1M3jQA1oHfSzPTjRPSDwIWm56Y19Pw6733FBk7S2yxQm2f4vl6UZZ4fFnVXZjLy1HjSXfDeu1LO9uzTLgKvyZxBzTaTETdHdkP84EKeSBHFe2NVF6a6T_OcdkLIVBmQkrzM6qZODCo9XORm2UcWwlarpOtX4aKbj9PxSqWMeixpqAbi7O5Bt4vyTxRwhfo2km9Gq_lLEZFiOCWl5hHzFHNxuKznESMJpV_kx-j7MMRxRysLMcxLlcugaYOeBXQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "11a9a7d6-d76b-48b1-8acb-cf870bee1924",
      "x": "ntsgpY_BijCdjdBVj_aZJzkhyHZICCdHLURrxZ50Llo",
      "y": "9wP_pYwaYHpaedoOUx_d5fLTmWZqxVms8_CuBXBO2Ng",
      "alg": "ECDH-ES"
    }
  ]
}
2020-08-10 19:25:44 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-08-10 19:25:44 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-08-10 19:25:44 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-08-10 19:25:44 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-08-10 19:25:44
oidcc-client-test-invalid-sig-rs256
Setup Done
2020-08-10 19:26:15 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance Gc0mAOFm60koIWu
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-08-10 19:26:15 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance Gc0mAOFm60koIWu
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-08-10 19:26:15 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance Gc0mAOFm60koIWu
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "339",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
{"redirect_uris":["https://morph-oidc-client.strid.ninja/auth/cb","https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"],"response_types":["code"],"grant_types":["authorization_code"],"contacts":["ulrik.strid@outlook.com"],"client_name":"basic_morph_oidc_client","token_endpoint_auth_method":"client_secret_basic"}
Registration endpoint
2020-08-10 19:26:15 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic"
}
2020-08-10 19:26:15 SUCCESS
EnsureRegistrationRequestContainsAtLeastOneContact
Registration request contains valid contacts
contacts
[
  "ulrik.strid@outlook.com"
]
2020-08-10 19:26:15 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-08-10 19:26:15 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://morph-oidc-client.strid.ninja/auth/cb",
  "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
]
2020-08-10 19:26:15 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-08-10 19:26:15 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-08-10 19:26:15 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-08-10 19:26:15 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-08-10 19:26:15 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-08-10 19:26:15 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-08-10 19:26:15 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-08-10 19:26:15 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-08-10 19:26:15 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-08-10 19:26:15 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-08-10 19:26:15 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-08-10 19:26:15 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-08-10 19:26:15 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-08-10 19:26:15 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-08-10 19:26:15 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-08-10 19:26:15 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-08-10 19:26:15 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-08-10 19:26:15 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-08-10 19:26:15 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_fjsGvKWDvUxHMzl19525@;\u003c$\u003e"
}
2020-08-10 19:26:15
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_gFTNGgEbnAGOneYjiBQVHtjGUBZpcAcswxuYjuNqLaOFNqiJgR1088730274[ [?-
2020-08-10 19:26:15 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-08-10 19:26:15
SetClientIdTokenSignedResponseAlgToRS256
Set id_token_signed_response_alg to RS256 for the registered client
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_fjsGvKWDvUxHMzl19525@;\u003c$\u003e",
  "client_secret": "secret_gFTNGgEbnAGOneYjiBQVHtjGUBZpcAcswxuYjuNqLaOFNqiJgR1088730274[ [?-",
  "id_token_signed_response_alg": "RS256"
}
2020-08-10 19:26:15 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_fjsGvKWDvUxHMzl19525@;\u003c$\u003e",
  "client_secret": "secret_gFTNGgEbnAGOneYjiBQVHtjGUBZpcAcswxuYjuNqLaOFNqiJgR1088730274[ [?-",
  "id_token_signed_response_alg": "RS256"
}
2020-08-10 19:26:15 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-08-10 19:26:15
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2020-08-10 19:26:15
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-08-10 19:26:15 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance Gc0mAOFm60koIWu
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "basic_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_fjsGvKWDvUxHMzl19525@;\u003c$\u003e",
  "client_secret": "secret_gFTNGgEbnAGOneYjiBQVHtjGUBZpcAcswxuYjuNqLaOFNqiJgR1088730274[ [?-",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-08-10 19:26:15 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance Gc0mAOFm60koIWu
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,*/*;q\u003d0.8",
  "accept-language": "en-US,en;q\u003d0.5",
  "accept-encoding": "gzip, deflate, br",
  "referer": "https://morph-oidc-client.strid.ninja/",
  "dnt": "1",
  "cookie": "expected_tab\u003dmicrosoftonline; welcome_info_name\u003dUlrik%20Strid; JSESSIONID\u003dCB87DB255579AE321C16855066F1AF5F",
  "upgrade-insecure-requests": "1",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "response_type": "code",
  "client_id": "client_fjsGvKWDvUxHMzl19525@;\u003c$\u003e",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "scope": "openid profile email",
  "state": "6b3209cc-9b94-4eea-b139-6d0960fae905",
  "nonce": "6ea3f567-94e3-4dbb-9f28-9a6628b0e228"
}
incoming_body
Authorization endpoint
2020-08-10 19:26:15 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-08-10 19:26:15 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile",
  "email"
]
expected
openid
2020-08-10 19:26:15 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "response_type": "code",
  "client_id": "client_fjsGvKWDvUxHMzl19525@;\u003c$\u003e",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "scope": "openid profile email",
  "state": "6b3209cc-9b94-4eea-b139-6d0960fae905",
  "nonce": "6ea3f567-94e3-4dbb-9f28-9a6628b0e228"
}
2020-08-10 19:26:15 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile email
2020-08-10 19:26:15 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
6ea3f567-94e3-4dbb-9f28-9a6628b0e228
2020-08-10 19:26:15 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-08-10 19:26:15 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_fjsGvKWDvUxHMzl19525@;<$>
2020-08-10 19:26:15 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://morph-oidc-client.strid.ninja/auth/cb
expected
[
  "https://morph-oidc-client.strid.ninja/auth/cb",
  "https://www.certification.openid.net/test/a/morph_oidc_client_basic/callback"
]
2020-08-10 19:26:15 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile",
  "email"
]
expected
openid
2020-08-10 19:26:15 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-08-10 19:26:15 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
qXVx6qYUFK
2020-08-10 19:26:15 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
wDtYwLX00uH0lS89tm7kEg
2020-08-10 19:26:15 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "state": "6b3209cc-9b94-4eea-b139-6d0960fae905"
}
2020-08-10 19:26:15 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "state": "6b3209cc-9b94-4eea-b139-6d0960fae905",
  "code": "qXVx6qYUFK"
}
2020-08-10 19:26:15
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://morph-oidc-client.strid.ninja/auth/cb?state=6b3209cc-9b94-4eea-b139-6d0960fae905&code=qXVx6qYUFK
2020-08-10 19:26:15 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance Gc0mAOFm60koIWu
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://morph-oidc-client.strid.ninja/auth/cb?state=6b3209cc-9b94-4eea-b139-6d0960fae905&code=qXVx6qYUFK]
outgoing_path
authorize
2020-08-10 19:26:16 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance Gc0mAOFm60koIWu
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-08-10 19:26:16 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance Gc0mAOFm60koIWu
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "ccb0f88a-9f94-4e83-b0e4-f705bd40699e",
      "n": "vjEPxSiEkdg_D1jrZPAoP2-n-0BN_d_tvPHBEpWxOrokB-VtBw4tvUnGCuzrRrwUVoGu567c8N2meYpYcqKuD6Bh4w--y0wq78dyilJm0ltq4Pu3R4MYzLAiHqw7x0rYBA_6sbUXiS-NrPYe5QauhejwbWZIUERd_jzkN0DO6A0G6LjK41mAj-SNNpKU7iE01qKhbSz0dXKKGtz7x3KCMpNK8lFscVJydHG5RXiHOw7DV-81kd3fUnWp3tSPbG_DqFBSvCi9EDzHQ4t-7mBb-gRMgU4RXUICcSIe4SpAhFfD8xhc53OKOH0w-EwJyjNUzVCFbgvDTxF3NDJwzh9Agw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "424ac338-c241-472e-8876-0dd2510cc602",
      "n": "upVgh2YKVMmpAJHZKSK07lhVDwCx1lg790_JmLEqYaABG6DW71FphtXiCZJcolfgXKoIRgVcNLBmmTri8ehZg-BMCWJTzDc8vX8FoSr-7wDMFOang74CAUJvclFwa24HM5QFuXj06frbUJb_hQOHcQEcz4KgUlmvGhBQBA0PPBqT0oZsfBQkGSv2l9ErMeXJz12GEQvp_cqdo1IKWOs3UBTjAbTBdmKOrPwh2O565wBxq0NuFE_B_QQNBc9Sn6HIcc2pxUgcPqsF45vu1ADQLJcXILcHm5BFw4vGcKKWnPzmIRvuyO8k-TJ4HbyTttIjJGcfBZmtJ_inr_p9L9RqTw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "08999573-364d-4b8a-a5f3-42045be36b00",
      "x": "81pxR5b7t5pEDdAwb62FKOAyrNu_hyr94V1qFNz3XR8",
      "y": "w1lKofYc7-eqpBmz06SSD91AuzHYUhXjCBstiw7vaB0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "80b045df-436c-47e0-8e56-5f7f4b6d3421",
      "x": "KLfUkrT3j7zSEEEuh9l0YKjz8xYl6FaaFG0_-W3ZW_c",
      "y": "KHcfB1cV1_a9GiZZvApD5EHchmErWN37kNAnpI8fHVY"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "53f63ab8-7cc4-4ac6-96c1-613224dc33da",
      "x": "WQpixtHJF1EGAFcXhiGNlThSIZ1FARhvEgktGYX_2Sg",
      "y": "7-FJoqgo1WSvmD7t0GrEQ8KS14DQCwEYmXrAofAvu9w"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f15ffebe-0e04-4943-873b-e6a8d6e892f2",
      "x": "KyEhBdxw58SNbL__qoRRvUmquTVbhmujbHdgUJtBJ9I"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "499d0ee8-e1fb-41d6-b18a-024246db85de",
      "alg": "RSA-OAEP",
      "n": "nHpGmsxN0RsMc481KW4_t8Fzrb2uK1KmuWdImV8C4I36XPifcHn6jB7yJrzo20EJ7r5HTHn8gqqRB2rRHYtA1TCt1M3jQA1oHfSzPTjRPSDwIWm56Y19Pw6733FBk7S2yxQm2f4vl6UZZ4fFnVXZjLy1HjSXfDeu1LO9uzTLgKvyZxBzTaTETdHdkP84EKeSBHFe2NVF6a6T_OcdkLIVBmQkrzM6qZODCo9XORm2UcWwlarpOtX4aKbj9PxSqWMeixpqAbi7O5Bt4vyTxRwhfo2km9Gq_lLEZFiOCWl5hHzFHNxuKznESMJpV_kx-j7MMRxRysLMcxLlcugaYOeBXQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "11a9a7d6-d76b-48b1-8acb-cf870bee1924",
      "x": "ntsgpY_BijCdjdBVj_aZJzkhyHZICCdHLURrxZ50Llo",
      "y": "9wP_pYwaYHpaedoOUx_d5fLTmWZqxVms8_CuBXBO2Ng",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-08-10 19:26:16 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance Gc0mAOFm60koIWu
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Basic Y2xpZW50X2Zqc0d2S1dEdlV4SE16bDE5NTI1JTQwJTNCJTNDJTI0JTNFOnNlY3JldF9nRlROR2dFYm5BR09uZVlqaUJRVkh0akdVQlpwY0Fjc3d4dVlqdU5xTGFPRk5xaUpnUjEwODg3MzAyNzQlNUIlMjAlNUIlM0Yt",
  "content-type": "application/x-www-form-urlencoded",
  "accept": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "259",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "scope": "openid",
  "code": "qXVx6qYUFK",
  "client_id": "client_fjsGvKWDvUxHMzl19525@;\u003c$\u003e",
  "client_secret": "secret_gFTNGgEbnAGOneYjiBQVHtjGUBZpcAcswxuYjuNqLaOFNqiJgR1088730274[ [?-",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&scope=openid&code=qXVx6qYUFK&client_id=client_fjsGvKWDvUxHMzl19525%40%3B%3C%24%3E&client_secret=secret_gFTNGgEbnAGOneYjiBQVHtjGUBZpcAcswxuYjuNqLaOFNqiJgR1088730274%5B+%5B%3F-&redirect_uri=https%3A%2F%2Fmorph-oidc-client.strid.ninja%2Fauth%2Fcb
Token endpoint
2020-08-10 19:26:16 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_fjsGvKWDvUxHMzl19525@;<$>
client_secret
secret_gFTNGgEbnAGOneYjiBQVHtjGUBZpcAcswxuYjuNqLaOFNqiJgR1088730274[ [?-
method
client_secret_basic
2020-08-10 19:26:16 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-08-10 19:26:16 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
qXVx6qYUFK
2020-08-10 19:26:16 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://morph-oidc-client.strid.ninja/auth/cb
2020-08-10 19:26:16 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
CQblJX8yiEU1dujORXgnyv0ULabyKWKsCX6HvwBEAZOJAEWvg4
2020-08-10 19:26:16 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
zuK4moiILZfBlBv9ZCDbgg
2020-08-10 19:26:16 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/morph_oidc_client_basic/
sub
user-subject-1234531
aud
client_fjsGvKWDvUxHMzl19525@;<$>
nonce
6ea3f567-94e3-4dbb-9f28-9a6628b0e228
iat
1597087576
exp
1597087876
2020-08-10 19:26:16 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
zuK4moiILZfBlBv9ZCDbgg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/morph_oidc_client_basic/",
  "sub": "user-subject-1234531",
  "aud": "client_fjsGvKWDvUxHMzl19525@;\u003c$\u003e",
  "nonce": "6ea3f567-94e3-4dbb-9f28-9a6628b0e228",
  "iat": 1597087576,
  "exp": 1597087876,
  "at_hash": "zuK4moiILZfBlBv9ZCDbgg"
}
2020-08-10 19:26:16 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJjY2IwZjg4YS05Zjk0LTRlODMtYjBlNC1mNzA1YmQ0MDY5OWUiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoienVLNG1vaUlMWmZCbEJ2OVpDRGJnZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2Zqc0d2S1dEdlV4SE16bDE5NTI1QDs8JD4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbW9ycGhfb2lkY19jbGllbnRfYmFzaWNcLyIsImV4cCI6MTU5NzA4Nzg3Niwibm9uY2UiOiI2ZWEzZjU2Ny05NGUzLTRkYmItOWYyOC05YTY2MjhiMGUyMjgiLCJpYXQiOjE1OTcwODc1NzZ9.nFVOT4WmJV9DJoUqNRd-Er6u3xhuyZGZZNx76jXI_heufKogtM9xS5wXmwNasG4PzKX6cKP3Cq0H3xfM8DG5dbaoD11znAALx3GwW5vkFV09VYVZFCX5zvQ5qj1NxTIGfHHArPjljfSGs67mnkO1hFEHbIXbAwpplu4VZ7LIbaY-rTPQUEdfvCdsskz59xy7NKM2d8dJLFO59dv5QiqySj1uuPkaqSvqtUQHR9rRGoFTP6Ofxo_8gjzdwFa6SYbAcweMvbnP927PqFnOh1E9Olxvr6bOEuyvqqaSB_vZHGgAiJBOpD-PfRJiwLarLXstm0L7luCXipbHj78iYUsf-Q
key
{"p":"5QUceMR1vAokcJta7j0r1KOUbPI0O-_IcE_nymI5PmZhBM-Qq9do5Vue749SW9ZCDmL_IduYazn2U-cSGzJcANnXjILb8c04x9XQaKHwZ-dqHEwNHkgechVu5Vgadn27bJWlK0ZNVWpAKTrkMMWNHnvdshHB1YMkC6p9qxvO3P0","kty":"RSA","q":"1JjyvV5giXV8SK8tO9wyhyzTIWzCoQGfAeG3Z9AL1wkE0lzn6RWXzXKWXBZBSN4l3bvnSGp9JyDWJVEwtabG91R3BZQxB5xblK-Iod6hIHokRLu13tUnUOCfcYwcMO8W1X_9mhPxbk5yseDSyNiIX9YNwtSWw-CCPyoHiiM_y38","d":"YvW8MuXmNMzD4wRtVtPu3TMHwJ-w9Qvy84EG6Niiot__p2wk0qr5-afNOBoWQXPTUT-g9kPyChIKcOsfImarEs5soGys5bL4FFM-seI2RfXzIqVWtArueHKdDkCnygaTZ2m5E4YafPMVUI2vfZOAc4TEtOencLxh-8tLI8TA49Qdn1-lWpXtwYTJW-P_ujy4F5ndTGOw0K_E_UN9A_XixZt8xdESMnMmuSRwFeZOR6nACpkczo2mHqcV_VWQR6yJoy4OQtqzbp_rCpPOKOSZDJcusss--hwSG8QrJt7JJYf-DnEFLh_ruMpa6q9U_t93njTz6Oe8RBY7vHyypLoJoQ","e":"AQAB","use":"sig","kid":"ccb0f88a-9f94-4e83-b0e4-f705bd40699e","qi":"DPHMB_Twhw0EiaOBdzMRF0yo6DdWIlNRohMHfF32ToQvfQjS1rLXRFNT24V060Fq4PkbjESojR-CjaaSGKW1pajq9y4utAfBxxMO0ZJR3Mi79XoXkaaMe7ekZBjR1nvbdoMiN_5EUgUUOwivvBOj1NCZj0oeiGm3KQZ9eRXIGBE","dp":"yaFFXuIAkcwQJv_v_53lj_FwxLY83KQQQSlodhsiMNjsA9NGmLQuyvduJ5V0OhyZzZbE7qcqOwUt5NKkc0NUEv-3sSKox-sZWX7aXLRuNtxb5IvkZMuz2lcaalq1-apar4_UehQME-5WjLYnnvTeeH8vQQ43LGan_olc2J_D8XU","dq":"FTmb6noUq0SWfu82VeabCNHZ1ll0aPyvclGlrPChbfuRhqsN4EBuom1RQ6pZJDxBjYyn_5vaGOD3YExlz4zyCllddKoh5v-eSQ7pVjfS4FoxasdO1gtz3GhAouZ5Hg2QuwoHOK3LCdc9LjMi-DheDStivlPZJX8xobrBe_Ie-WM","n":"vjEPxSiEkdg_D1jrZPAoP2-n-0BN_d_tvPHBEpWxOrokB-VtBw4tvUnGCuzrRrwUVoGu567c8N2meYpYcqKuD6Bh4w--y0wq78dyilJm0ltq4Pu3R4MYzLAiHqw7x0rYBA_6sbUXiS-NrPYe5QauhejwbWZIUERd_jzkN0DO6A0G6LjK41mAj-SNNpKU7iE01qKhbSz0dXKKGtz7x3KCMpNK8lFscVJydHG5RXiHOw7DV-81kd3fUnWp3tSPbG_DqFBSvCi9EDzHQ4t-7mBb-gRMgU4RXUICcSIe4SpAhFfD8xhc53OKOH0w-EwJyjNUzVCFbgvDTxF3NDJwzh9Agw"}
algorithm
RS256
2020-08-10 19:26:16 SUCCESS
SignIdTokenInvalid
Made the id_token signature invalid
id_token
eyJraWQiOiJjY2IwZjg4YS05Zjk0LTRlODMtYjBlNC1mNzA1YmQ0MDY5OWUiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoienVLNG1vaUlMWmZCbEJ2OVpDRGJnZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2Zqc0d2S1dEdlV4SE16bDE5NTI1QDs8JD4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbW9ycGhfb2lkY19jbGllbnRfYmFzaWNcLyIsImV4cCI6MTU5NzA4Nzg3Niwibm9uY2UiOiI2ZWEzZjU2Ny05NGUzLTRkYmItOWYyOC05YTY2MjhiMGUyMjgiLCJpYXQiOjE1OTcwODc1NzZ9.xg8UFd_8fwUZfN9wb00kSOT0hUI0k8vDPoYhsG-SpE30JvB67pUrEcZNwVkA6jRVlv-gKvmtUPddhU2WqmvjL-zyVQcpxlpRnSvqAcG-TwdnD98DTn-jlK5j8GcXn2hcJiua9qK_167c6fS8xBnv3gtdNt-BWVAzzLRPPeiSN_xk92mKCh0F5n026BajrUbhbvlsLZ0Tdgnjr4GjGHDoEGc04qNA83Gw7x5dHYCLQNsJZfnFnNWm2GaHmgzgE9yaKV3W5-OVrTSV8gOU3QtnYAY19fyUSLb18PzIXaGDRjJa0soU_mXVJ0g4muzxdyF3wRihzLrN0Myd1eV4OxFFow
2020-08-10 19:26:16 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-08-10 19:26:16 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
CQblJX8yiEU1dujORXgnyv0ULabyKWKsCX6HvwBEAZOJAEWvg4
token_type
Bearer
id_token
eyJraWQiOiJjY2IwZjg4YS05Zjk0LTRlODMtYjBlNC1mNzA1YmQ0MDY5OWUiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoienVLNG1vaUlMWmZCbEJ2OVpDRGJnZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2Zqc0d2S1dEdlV4SE16bDE5NTI1QDs8JD4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbW9ycGhfb2lkY19jbGllbnRfYmFzaWNcLyIsImV4cCI6MTU5NzA4Nzg3Niwibm9uY2UiOiI2ZWEzZjU2Ny05NGUzLTRkYmItOWYyOC05YTY2MjhiMGUyMjgiLCJpYXQiOjE1OTcwODc1NzZ9.xg8UFd_8fwUZfN9wb00kSOT0hUI0k8vDPoYhsG-SpE30JvB67pUrEcZNwVkA6jRVlv-gKvmtUPddhU2WqmvjL-zyVQcpxlpRnSvqAcG-TwdnD98DTn-jlK5j8GcXn2hcJiua9qK_167c6fS8xBnv3gtdNt-BWVAzzLRPPeiSN_xk92mKCh0F5n026BajrUbhbvlsLZ0Tdgnjr4GjGHDoEGc04qNA83Gw7x5dHYCLQNsJZfnFnNWm2GaHmgzgE9yaKV3W5-OVrTSV8gOU3QtnYAY19fyUSLb18PzIXaGDRjJa0soU_mXVJ0g4muzxdyF3wRihzLrN0Myd1eV4OxFFow
scope
openid profile email
2020-08-10 19:26:16 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance Gc0mAOFm60koIWu
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "CQblJX8yiEU1dujORXgnyv0ULabyKWKsCX6HvwBEAZOJAEWvg4",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJjY2IwZjg4YS05Zjk0LTRlODMtYjBlNC1mNzA1YmQ0MDY5OWUiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoienVLNG1vaUlMWmZCbEJ2OVpDRGJnZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2Zqc0d2S1dEdlV4SE16bDE5NTI1QDs8JD4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbW9ycGhfb2lkY19jbGllbnRfYmFzaWNcLyIsImV4cCI6MTU5NzA4Nzg3Niwibm9uY2UiOiI2ZWEzZjU2Ny05NGUzLTRkYmItOWYyOC05YTY2MjhiMGUyMjgiLCJpYXQiOjE1OTcwODc1NzZ9.xg8UFd_8fwUZfN9wb00kSOT0hUI0k8vDPoYhsG-SpE30JvB67pUrEcZNwVkA6jRVlv-gKvmtUPddhU2WqmvjL-zyVQcpxlpRnSvqAcG-TwdnD98DTn-jlK5j8GcXn2hcJiua9qK_167c6fS8xBnv3gtdNt-BWVAzzLRPPeiSN_xk92mKCh0F5n026BajrUbhbvlsLZ0Tdgnjr4GjGHDoEGc04qNA83Gw7x5dHYCLQNsJZfnFnNWm2GaHmgzgE9yaKV3W5-OVrTSV8gOU3QtnYAY19fyUSLb18PzIXaGDRjJa0soU_mXVJ0g4muzxdyF3wRihzLrN0Myd1eV4OxFFow",
  "scope": "openid profile email"
}
outgoing_path
token
2020-08-10 19:26:21 FINISHED
oidcc-client-test-invalid-sig-rs256
Test has run to completion
testmodule_result
PASSED
2020-08-10 19:26:39
TEST-RUNNER
Alias has now been claimed by another test
alias
morph_oidc_client_basic
new_test_id
8SO1uqSnGAPOPtk
Test Results