Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-08-10 19:42:34 INFO
TEST-RUNNER
Test instance 8b0zTB3IK2tYprN created
baseUrl
https://www.certification.openid.net/test/a/morph_oidc_client
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias
morph_oidc_client
description
Testing morph oidc client with Form Post
planId
rlvHwXvRR0jje
config
{
  "alias": "morph_oidc_client",
  "description": "Testing morph oidc client with Form Post",
  "publish": "everything"
}
testName
oidcc-client-test-idtoken-sig-none
2020-08-10 19:42:34 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-08-10 19:42:34
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-08-10 19:42:34
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "94UAdObSjNnP7bdud0FmLv9BuBOmOKYlxSRxD3BomrdNvg5GwuvteUCHjAu2iAc57XfYNBRggbsLlAVg2fJIo3KWxzkrDYiCAMWV5fu2g6d9J6pxSIeizBnoVe-q2T3-PYFUY5Fi8CriPCFZVF8mnIJY2IllPfZibt5RPsMFt30",
      "kty": "RSA",
      "q": "sKp42XIDz1rqxBFxRTQouDf8dDxjYCrLxeH4qbax0Y6hcvWdMY9ufehcpLyf0k94FYG8D3_p8vE5qx9_lzwebFyo36IbaGdnXeSLDu-827wmytpwLKPd--3T-Hkz2WM5ZNYgO-Q8A6Sir1Kj3s_R-dTYkjpFicuIKRL5DW7GhcM",
      "d": "MOM8fRmzOBu9yu8OSc4T_cM9lA48SuPayJgtVcnOMhKSvs9nlIEFdBOtvtjo14-bcxySvv8MgwG9CsbN_wAOoZV401CZtcYOE_zK81ny9_4j6YRLp3KMh32ePT7UyQKz0EAQypCwIEfIbkw_oCihvmVHSlG7DILk_07imF4rxvuFh6bNrfkGvZo3BrSYWDUVQ_g-B9sQ8nK3zy7UQQljddMw1Fs3iYysTNXChmjU3sfEnqSSFryAFvfchhKqizeEjUEIxW1E9ZPIs0uyQhRwaXdjsL_lVkMXbcnEjUvpstMIbJUoJNBuZCQiwkTQWI8WTrnLdNmWyUL9pn3iD00N2Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "584dec6c-8541-4a23-9371-249f9fa17d87",
      "qi": "47oK_xC_IEZnZkDuRF_Tg_PP6JuL9rfUUKXPCLUfDbMRv1CL0mNrNxGZyysERfUoCPeOus9iSBqFw5PUfwEnwu3c5Rt316lsmveDxZRm0tU10vJ1kpCOzHZTjKsaS6AEhj9izJlhfIlaASEYifm--vXxyT2XXAm_bNNC90BBHQ0",
      "dp": "ZGndjI9TnXaDhwGiW9j5NlmxdJbsGRE2Q2sMPuIwXYu9izvJcyw5M7Z9BtB9pWOhGXhECqS1nguen9cqumAzHbPP_VRw5dWaP-voatuZ6IEbIetgd7cm0Tw1aB-JpQYkTRlZfecuRxZun0w8LCFJzbaHipj6rI920Vl5hkeh2xU",
      "dq": "UHXThHVA9vdZZOLsy6_tu7kD6Yx3Vh0noYBBWEo0wlRLg6gJZ8EDeaSSTRT7VTWMY38qv4RqcJMcyKsX2TEwSfoJj5CtGue9VC36h1r4kLsoj8rcu_gF6e9vUwMgcimWwi4jkCNqkd4xmdfxelD8OOSPnkmb0h44bTyO4WdKUzE",
      "n": "qtBDe0KDITElXUwbCQbHx94yrhEsmqnxgv7IytsN0vGqt6cZx8ALNOAFDplR79G_C1CQSIYgz6XQKAO5DcWUnFsKEcoae5FkhRULc-1AbrrJ2k5wUk04roIlWnYjupr5LNwwBeqN7XbmRjBCVgPD_TPRbT2j9adjkRDFubjXDrIwtgzOnC_4eSW0il-e73Ta62EV1dicWC3pqRvTOBOlhE1Rkt657YCYZK9j875bNPO0v7MXeOunGI4RFJHWMLXBHFeF3ISNQojW7xXF0Q0EfZw8_FoKgtgOwPVfzGK0FibZpxZZzGd9HqUuzIvxDJjX0oGaWdNdfYIkca-9Jly1Nw"
    },
    {
      "kty": "EC",
      "d": "o-2qY8LdKK0LwXKq8NIkxEIwYQDTgs05Iu6-U3pHm_Q",
      "use": "sig",
      "crv": "P-256",
      "kid": "69728d52-970b-49d0-a7ac-68c68f16eb2b",
      "x": "qPfMvhTf8Ubu0yyFcPmn6ZxQrHGyC43EvR1MY2dA-VM",
      "y": "8vKP110TPP1gd10BVi36WfUim1qCD1FcVQZEIwG1jVc"
    },
    {
      "kty": "EC",
      "d": "PyZBRNXX0VHPZFKRwRD3RhPx6fu28PpeMZdZFoXCZBA",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "3d3b1d20-5543-4752-be2e-829b50d9c14b",
      "x": "RrnD2n8D2tE_RTZ6tatCzdTWoaRoNpAZkVvMW0tUpH0",
      "y": "RDFXYBjexz3fdFHYODg1JejV3EuI4Ijn74fnp_mI6Z4"
    },
    {
      "kty": "OKP",
      "d": "-8CMb1pi98x0PBezHub6QJXDiH6lTNLJDrn86QAwZ_k",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "7ffeddc3-afb0-4922-a316-b2f9435efc34",
      "x": "9di3xCUnpCh_pOcOhwiZ802hdw13Ipi3W3Yfi9jeMsw"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6lQy-culWFhFeIFbze3O26rCYr8xKYlD2mnxPCsabyK1soqcio8fm9xnUWyCD7-KS1OYL8gcrZVZauUe3HqLPhyrFdXAXC_TNagKI6mxnpovIlNcIIG20wlhfBevXf-BpvJMzYUN9dmQzaw0S4CW5KVUXwUk5sgGOCFTZH_XdIE",
      "kty": "RSA",
      "q": "4IB9c_rM5LeLU_TcnuVzubdVHQNfmjlBk84QH_e5wx6loOUeqUt_wfnQjhuuWDU8Q8VPWQ7InAD6RBj2Pt0SvUyZVDX6xNNEJPlBLPM3YwhdKRwxj954oA0LrPXnrgfvl9WHSM1ZOCdr3Z32bt1EU394Bk1YUQHvUxR5_81zO1c",
      "d": "xO5HtZGX1UUr238F60lYfL_i_Lv1rLGrKkuPHc2yvIViQB_EloC8ZP4z4qO-8D31uvPi6aonUPMmjq66qKo2AjEky-6DZnQF9b6jontCh-c692uBRvqOonTgOGcp2MWi6ARZn-TDKZ_BlijUQQr36sb1FrkpQL7hIYxs47HlGLVJUX4xxGTuhtaOSQ6Y-YQRv-bTgJlqrlZyOIeziLfe_MjYg85aKj5qVQkjW9gkKC5LACgDbYxRhUPPmS-9oc2GUbJVzf3fI4KQd2EFfslF224LOVtUuoN3x0YECZvz2n7os4qqejKlrtkl446WKnzybOiNNZQpdJquIw4tl_YfAQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "2bce3b9a-c520-4def-9495-34add595bd9f",
      "qi": "EXFhU7CQzJ1UmUL9KRr17jhR3xkq3PikfN525th5RucwAU8H8_CVrF0hTkxwe1vIgbSzS2EDj1cBVq-8fxgMYjKzk61lccxJbFJ47-iMPzUn8QvZSG9Ouj_rKvFFsHb3B-Xkgh5FN-qOOM3j5zcCy-uSYCXXVreU0pn3VFkyHa0",
      "dp": "yF5dBFnNNaCtLqC2Rn0NP6pg8xz3RcQY4B9s5n0Y6mTspxF9T8GYTqcFNYuqHxsyfrypSlo7o3YscooefHrQq7jJ1i7jgDBo0t2wZdRJjAvdN-W9xhIEqanA0OJT0vWTAJT5dVdLm6iA-E1CnjkDTdnNLj7w0eHB56cfbrUeH4E",
      "alg": "RSA-OAEP",
      "dq": "wPgw3Vwaeg36SLQUXtBDZMLc-g9IQbwtTeq1mYTJu5nALEhEzqgCrK0aQswwU8mOf4I97gLzFIUSmS4Lm4VS8jvBH802O7CMxmspRoXYedtamFePkmZbsNcFzimgdsqDezMjEcTQh5_664c3p5uxe0P52xDodNkA6ZyUMPhbsAk",
      "n": "zX9JiVVfJNsvYzIY2WZ8E78Gl_YQab91VKSyZHJguAModiZwy5D2Wcp7-WUr3wDkfnrm-6vjsRzm1FA9VbY90eVQTLWlHWgiT83zdVOHFTkrxJBpRYRxg_6gAj9cLDtYydiKs-vHVeQ0tChUqQZf94RhFV0ozCHOhqPk2oX8I2nkZCVVKXY7l-vaMVA1lhYGS5szJKT8xoQtaJaP4ksj2VNbvPHHB0VADfPq-1EVkSx1Vo492Xd2CAoY1jk7jL_0-dZWPtPncVMFHwgrLE-RZvR1TZf2Cz-KBdcCkJ_pC7BOuV0lfAVHfFI5vYfnEt1SfboOz7mZ_l7M0nwxvQVS1w"
    },
    {
      "kty": "EC",
      "d": "vZCYp2jnmWyHN4hAPJkPw9frRQoqxy9IojUVODfir78",
      "use": "enc",
      "crv": "P-256",
      "kid": "c33d5676-dab4-47f0-8247-d271c749715e",
      "x": "M9LKeNnoneCV7WgKhtrMGWmVbmd4xJSjvS8LgYVzaYs",
      "y": "-4CZ6WEUeVAP1BlWuwVY_Xi4EicggMtMD7Eje5sknxM",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "584dec6c-8541-4a23-9371-249f9fa17d87",
      "n": "qtBDe0KDITElXUwbCQbHx94yrhEsmqnxgv7IytsN0vGqt6cZx8ALNOAFDplR79G_C1CQSIYgz6XQKAO5DcWUnFsKEcoae5FkhRULc-1AbrrJ2k5wUk04roIlWnYjupr5LNwwBeqN7XbmRjBCVgPD_TPRbT2j9adjkRDFubjXDrIwtgzOnC_4eSW0il-e73Ta62EV1dicWC3pqRvTOBOlhE1Rkt657YCYZK9j875bNPO0v7MXeOunGI4RFJHWMLXBHFeF3ISNQojW7xXF0Q0EfZw8_FoKgtgOwPVfzGK0FibZpxZZzGd9HqUuzIvxDJjX0oGaWdNdfYIkca-9Jly1Nw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a893f0ef-bcc9-4e2a-b4ab-afd7dde87253",
      "n": "gUkYjirvClOjwU-FHugWD_Q99xbsNQrL1EKT2R7rzeoXJcaGGszD0mviWdBc6hp3HpMxd_cyXpXq6YLtNYJ-tqpsxl3yQceSvv3srdx0DW2pmiEQ0V17EeDEGkQxP5sswHhsrRkuH4tgyYBKNnEjl62vzhW9UOTOuUYlEFP1wp1LB410PNAiPwwP5QsxVSiPM_Lr_iGzo0e_y7sIqIojrq8KxEPcbirx7BTFpaiY5bHx81IFTa1Or6Wb4n_Oi3DJqoMXPuR-G2YxRmUwLKH2gDlKVxK6uCsaozlAW4Y2OY-wtiy8wlfSzw7eEViIrgVx3NIAFYcRbgvyTsFII8S4XQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "69728d52-970b-49d0-a7ac-68c68f16eb2b",
      "x": "qPfMvhTf8Ubu0yyFcPmn6ZxQrHGyC43EvR1MY2dA-VM",
      "y": "8vKP110TPP1gd10BVi36WfUim1qCD1FcVQZEIwG1jVc"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "4019be37-f554-4f45-ba0f-057726f3f091",
      "x": "RV_UHHs73ZFxLSet1SjSclDQy9ZLIIuJC9CITLnAHkM",
      "y": "d8GHSvl-nvEJg4KL7ZXLIwKTRFKxl8vVjlaPntk7yL8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "3d3b1d20-5543-4752-be2e-829b50d9c14b",
      "x": "RrnD2n8D2tE_RTZ6tatCzdTWoaRoNpAZkVvMW0tUpH0",
      "y": "RDFXYBjexz3fdFHYODg1JejV3EuI4Ijn74fnp_mI6Z4"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "7ffeddc3-afb0-4922-a316-b2f9435efc34",
      "x": "9di3xCUnpCh_pOcOhwiZ802hdw13Ipi3W3Yfi9jeMsw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "2bce3b9a-c520-4def-9495-34add595bd9f",
      "alg": "RSA-OAEP",
      "n": "zX9JiVVfJNsvYzIY2WZ8E78Gl_YQab91VKSyZHJguAModiZwy5D2Wcp7-WUr3wDkfnrm-6vjsRzm1FA9VbY90eVQTLWlHWgiT83zdVOHFTkrxJBpRYRxg_6gAj9cLDtYydiKs-vHVeQ0tChUqQZf94RhFV0ozCHOhqPk2oX8I2nkZCVVKXY7l-vaMVA1lhYGS5szJKT8xoQtaJaP4ksj2VNbvPHHB0VADfPq-1EVkSx1Vo492Xd2CAoY1jk7jL_0-dZWPtPncVMFHwgrLE-RZvR1TZf2Cz-KBdcCkJ_pC7BOuV0lfAVHfFI5vYfnEt1SfboOz7mZ_l7M0nwxvQVS1w"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "c33d5676-dab4-47f0-8247-d271c749715e",
      "x": "M9LKeNnoneCV7WgKhtrMGWmVbmd4xJSjvS8LgYVzaYs",
      "y": "-4CZ6WEUeVAP1BlWuwVY_Xi4EicggMtMD7Eje5sknxM",
      "alg": "ECDH-ES"
    }
  ]
}
2020-08-10 19:42:35 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-08-10 19:42:35 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-08-10 19:42:35 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-08-10 19:42:35 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-08-10 19:42:35
oidcc-client-test-idtoken-sig-none
Setup Done
2020-08-10 19:43:05 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to test instance 8b0zTB3IK2tYprN
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-08-10 19:43:05 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance 8b0zTB3IK2tYprN
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/morph_oidc_client/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/morph_oidc_client/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/morph_oidc_client/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-08-10 19:43:06 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to test instance 8b0zTB3IK2tYprN
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "337",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
{"redirect_uris":["https://morph-oidc-client.strid.ninja/auth/cb","https://www.certification.openid.net/test/a/morph_oidc_client/callback"],"response_types":["code"],"grant_types":["authorization_code"],"contacts":["ulrik.strid@outlook.com"],"client_name":"form_post_morph_oidc_client","token_endpoint_auth_method":"client_secret_basic"}
Registration endpoint
2020-08-10 19:43:06 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "form_post_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic"
}
2020-08-10 19:43:06 SUCCESS
EnsureRegistrationRequestContainsAtLeastOneContact
Registration request contains valid contacts
contacts
[
  "ulrik.strid@outlook.com"
]
2020-08-10 19:43:06 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-08-10 19:43:06 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://morph-oidc-client.strid.ninja/auth/cb",
  "https://www.certification.openid.net/test/a/morph_oidc_client/callback"
]
2020-08-10 19:43:06 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-08-10 19:43:06 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-08-10 19:43:06 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-08-10 19:43:06 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-08-10 19:43:06 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-08-10 19:43:06 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-08-10 19:43:06 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-08-10 19:43:06 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-08-10 19:43:06 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-08-10 19:43:06 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-08-10 19:43:06 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-08-10 19:43:06 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-08-10 19:43:06 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-08-10 19:43:06 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-08-10 19:43:06 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-08-10 19:43:06 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-08-10 19:43:06 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-08-10 19:43:06 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-08-10 19:43:06 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "form_post_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_chYsvnXHVwIpXHf11951!-%\\~"
}
2020-08-10 19:43:06
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_urgnUSaIfflNRtnYwHcPXfqysYtaRwXMIEqPCkjHPlJExIVFMa6759125990+`!,%
2020-08-10 19:43:06 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-08-10 19:43:06
SetClientIdTokenSignedResponseAlgToNone
Set id_token_signed_response_alg to none for the registered client
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "form_post_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_chYsvnXHVwIpXHf11951!-%\\~",
  "client_secret": "secret_urgnUSaIfflNRtnYwHcPXfqysYtaRwXMIEqPCkjHPlJExIVFMa6759125990+`!,%",
  "id_token_signed_response_alg": "none"
}
2020-08-10 19:43:06
SetClientGrantTypesToAuthorizationCodeOnly
Set grant_types to ['authorization_code'] for the registered client
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "form_post_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_chYsvnXHVwIpXHf11951!-%\\~",
  "client_secret": "secret_urgnUSaIfflNRtnYwHcPXfqysYtaRwXMIEqPCkjHPlJExIVFMa6759125990+`!,%",
  "id_token_signed_response_alg": "none"
}
2020-08-10 19:43:06 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "form_post_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_chYsvnXHVwIpXHf11951!-%\\~",
  "client_secret": "secret_urgnUSaIfflNRtnYwHcPXfqysYtaRwXMIEqPCkjHPlJExIVFMa6759125990+`!,%",
  "id_token_signed_response_alg": "none"
}
2020-08-10 19:43:06 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-08-10 19:43:06
SetServerSigningAlgToNone
Successfully set signing algorithm to none
signing_algorithm
none
2020-08-10 19:43:06
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
none
2020-08-10 19:43:06 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance 8b0zTB3IK2tYprN
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "redirect_uris": [
    "https://morph-oidc-client.strid.ninja/auth/cb",
    "https://www.certification.openid.net/test/a/morph_oidc_client/callback"
  ],
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "contacts": [
    "ulrik.strid@outlook.com"
  ],
  "client_name": "form_post_morph_oidc_client",
  "token_endpoint_auth_method": "client_secret_basic",
  "client_id": "client_chYsvnXHVwIpXHf11951!-%\\~",
  "client_secret": "secret_urgnUSaIfflNRtnYwHcPXfqysYtaRwXMIEqPCkjHPlJExIVFMa6759125990+`!,%",
  "id_token_signed_response_alg": "none"
}
outgoing_path
register
2020-08-10 19:43:06 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to test instance 8b0zTB3IK2tYprN
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/webp,*/*;q\u003d0.8",
  "accept-language": "en-US,en;q\u003d0.5",
  "accept-encoding": "gzip, deflate, br",
  "referer": "https://morph-oidc-client.strid.ninja/",
  "dnt": "1",
  "cookie": "expected_tab\u003dmicrosoftonline; welcome_info_name\u003dUlrik%20Strid; JSESSIONID\u003dCB87DB255579AE321C16855066F1AF5F",
  "upgrade-insecure-requests": "1",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "response_type": "code",
  "client_id": "client_chYsvnXHVwIpXHf11951!-%\\~",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "scope": "openid profile email",
  "state": "b1c1ba16-2b69-4f19-8572-8f9ffd4229b2",
  "nonce": "3ab6993b-9fd8-46d9-ad5e-e35aed28a020"
}
incoming_body
Authorization endpoint
2020-08-10 19:43:06 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-08-10 19:43:06 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile",
  "email"
]
expected
openid
2020-08-10 19:43:06 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "response_type": "code",
  "client_id": "client_chYsvnXHVwIpXHf11951!-%\\~",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "scope": "openid profile email",
  "state": "b1c1ba16-2b69-4f19-8572-8f9ffd4229b2",
  "nonce": "3ab6993b-9fd8-46d9-ad5e-e35aed28a020"
}
2020-08-10 19:43:06 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile email
2020-08-10 19:43:06 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
3ab6993b-9fd8-46d9-ad5e-e35aed28a020
2020-08-10 19:43:06 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-08-10 19:43:06 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_chYsvnXHVwIpXHf11951!-%\~
2020-08-10 19:43:06 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://morph-oidc-client.strid.ninja/auth/cb
expected
[
  "https://morph-oidc-client.strid.ninja/auth/cb",
  "https://www.certification.openid.net/test/a/morph_oidc_client/callback"
]
2020-08-10 19:43:06 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile",
  "email"
]
expected
openid
2020-08-10 19:43:06 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-08-10 19:43:06 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
9tyYEHtCxl
2020-08-10 19:43:06 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "state": "b1c1ba16-2b69-4f19-8572-8f9ffd4229b2"
}
2020-08-10 19:43:06 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb",
  "state": "b1c1ba16-2b69-4f19-8572-8f9ffd4229b2",
  "code": "9tyYEHtCxl"
}
2020-08-10 19:43:06 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance 8b0zTB3IK2tYprN
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://morph-oidc-client.strid.ninja/auth/cb, formParameters={"state":"b1c1ba16-2b69-4f19-8572-8f9ffd4229b2","code":"9tyYEHtCxl"}}]
outgoing_path
authorize
2020-08-10 19:43:06 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to test instance 8b0zTB3IK2tYprN
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-08-10 19:43:06 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance 8b0zTB3IK2tYprN
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "584dec6c-8541-4a23-9371-249f9fa17d87",
      "n": "qtBDe0KDITElXUwbCQbHx94yrhEsmqnxgv7IytsN0vGqt6cZx8ALNOAFDplR79G_C1CQSIYgz6XQKAO5DcWUnFsKEcoae5FkhRULc-1AbrrJ2k5wUk04roIlWnYjupr5LNwwBeqN7XbmRjBCVgPD_TPRbT2j9adjkRDFubjXDrIwtgzOnC_4eSW0il-e73Ta62EV1dicWC3pqRvTOBOlhE1Rkt657YCYZK9j875bNPO0v7MXeOunGI4RFJHWMLXBHFeF3ISNQojW7xXF0Q0EfZw8_FoKgtgOwPVfzGK0FibZpxZZzGd9HqUuzIvxDJjX0oGaWdNdfYIkca-9Jly1Nw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a893f0ef-bcc9-4e2a-b4ab-afd7dde87253",
      "n": "gUkYjirvClOjwU-FHugWD_Q99xbsNQrL1EKT2R7rzeoXJcaGGszD0mviWdBc6hp3HpMxd_cyXpXq6YLtNYJ-tqpsxl3yQceSvv3srdx0DW2pmiEQ0V17EeDEGkQxP5sswHhsrRkuH4tgyYBKNnEjl62vzhW9UOTOuUYlEFP1wp1LB410PNAiPwwP5QsxVSiPM_Lr_iGzo0e_y7sIqIojrq8KxEPcbirx7BTFpaiY5bHx81IFTa1Or6Wb4n_Oi3DJqoMXPuR-G2YxRmUwLKH2gDlKVxK6uCsaozlAW4Y2OY-wtiy8wlfSzw7eEViIrgVx3NIAFYcRbgvyTsFII8S4XQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "69728d52-970b-49d0-a7ac-68c68f16eb2b",
      "x": "qPfMvhTf8Ubu0yyFcPmn6ZxQrHGyC43EvR1MY2dA-VM",
      "y": "8vKP110TPP1gd10BVi36WfUim1qCD1FcVQZEIwG1jVc"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "4019be37-f554-4f45-ba0f-057726f3f091",
      "x": "RV_UHHs73ZFxLSet1SjSclDQy9ZLIIuJC9CITLnAHkM",
      "y": "d8GHSvl-nvEJg4KL7ZXLIwKTRFKxl8vVjlaPntk7yL8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "3d3b1d20-5543-4752-be2e-829b50d9c14b",
      "x": "RrnD2n8D2tE_RTZ6tatCzdTWoaRoNpAZkVvMW0tUpH0",
      "y": "RDFXYBjexz3fdFHYODg1JejV3EuI4Ijn74fnp_mI6Z4"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "7ffeddc3-afb0-4922-a316-b2f9435efc34",
      "x": "9di3xCUnpCh_pOcOhwiZ802hdw13Ipi3W3Yfi9jeMsw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "2bce3b9a-c520-4def-9495-34add595bd9f",
      "alg": "RSA-OAEP",
      "n": "zX9JiVVfJNsvYzIY2WZ8E78Gl_YQab91VKSyZHJguAModiZwy5D2Wcp7-WUr3wDkfnrm-6vjsRzm1FA9VbY90eVQTLWlHWgiT83zdVOHFTkrxJBpRYRxg_6gAj9cLDtYydiKs-vHVeQ0tChUqQZf94RhFV0ozCHOhqPk2oX8I2nkZCVVKXY7l-vaMVA1lhYGS5szJKT8xoQtaJaP4ksj2VNbvPHHB0VADfPq-1EVkSx1Vo492Xd2CAoY1jk7jL_0-dZWPtPncVMFHwgrLE-RZvR1TZf2Cz-KBdcCkJ_pC7BOuV0lfAVHfFI5vYfnEt1SfboOz7mZ_l7M0nwxvQVS1w"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "c33d5676-dab4-47f0-8247-d271c749715e",
      "x": "M9LKeNnoneCV7WgKhtrMGWmVbmd4xJSjvS8LgYVzaYs",
      "y": "-4CZ6WEUeVAP1BlWuwVY_Xi4EicggMtMD7Eje5sknxM",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-08-10 19:43:06 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to test instance 8b0zTB3IK2tYprN
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Basic Y2xpZW50X2NoWXN2blhIVndJcFhIZjExOTUxJTIxLSUyNSU1Q346c2VjcmV0X3VyZ25VU2FJZmZsTlJ0bll3SGNQWGZxeXNZdGFSd1hNSUVxUENrakhQbEpFeElWRk1hNjc1OTEyNTk5MCUyQiU2MCUyMSUyQyUyNQ\u003d\u003d",
  "content-type": "application/x-www-form-urlencoded",
  "accept": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "259",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "scope": "openid",
  "code": "9tyYEHtCxl",
  "client_id": "client_chYsvnXHVwIpXHf11951!-%\\~",
  "client_secret": "secret_urgnUSaIfflNRtnYwHcPXfqysYtaRwXMIEqPCkjHPlJExIVFMa6759125990+`!,%",
  "redirect_uri": "https://morph-oidc-client.strid.ninja/auth/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&scope=openid&code=9tyYEHtCxl&client_id=client_chYsvnXHVwIpXHf11951%21-%25%5C%7E&client_secret=secret_urgnUSaIfflNRtnYwHcPXfqysYtaRwXMIEqPCkjHPlJExIVFMa6759125990%2B%60%21%2C%25&redirect_uri=https%3A%2F%2Fmorph-oidc-client.strid.ninja%2Fauth%2Fcb
Token endpoint
2020-08-10 19:43:06 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_chYsvnXHVwIpXHf11951!-%\~
client_secret
secret_urgnUSaIfflNRtnYwHcPXfqysYtaRwXMIEqPCkjHPlJExIVFMa6759125990+`!,%
method
client_secret_basic
2020-08-10 19:43:06 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-08-10 19:43:06 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
9tyYEHtCxl
2020-08-10 19:43:06 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://morph-oidc-client.strid.ninja/auth/cb
2020-08-10 19:43:06 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
mX3Fpj6CE3e8H8wFLW63HlojvwFFA0niLBOHJ5Ve3ag7g97asu
2020-08-10 19:43:06 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/morph_oidc_client/
sub
user-subject-1234531
aud
client_chYsvnXHVwIpXHf11951!-%\~
nonce
3ab6993b-9fd8-46d9-ad5e-e35aed28a020
iat
1597088586
exp
1597088886
2020-08-10 19:43:06 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-08-10 19:43:06 SUCCESS
SignIdTokenWithAlgNone
Created id_token with alg none
id_token
eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL21vcnBoX29pZGNfY2xpZW50LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2NoWXN2blhIVndJcFhIZjExOTUxIS0lXFx-Iiwibm9uY2UiOiIzYWI2OTkzYi05ZmQ4LTQ2ZDktYWQ1ZS1lMzVhZWQyOGEwMjAiLCJpYXQiOjE1OTcwODg1ODYsImV4cCI6MTU5NzA4ODg4Nn0.
2020-08-10 19:43:06 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-08-10 19:43:06 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
mX3Fpj6CE3e8H8wFLW63HlojvwFFA0niLBOHJ5Ve3ag7g97asu
token_type
Bearer
id_token
eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL21vcnBoX29pZGNfY2xpZW50LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2NoWXN2blhIVndJcFhIZjExOTUxIS0lXFx-Iiwibm9uY2UiOiIzYWI2OTkzYi05ZmQ4LTQ2ZDktYWQ1ZS1lMzVhZWQyOGEwMjAiLCJpYXQiOjE1OTcwODg1ODYsImV4cCI6MTU5NzA4ODg4Nn0.
scope
openid profile email
2020-08-10 19:43:06 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance 8b0zTB3IK2tYprN
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "mX3Fpj6CE3e8H8wFLW63HlojvwFFA0niLBOHJ5Ve3ag7g97asu",
  "token_type": "Bearer",
  "id_token": "eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL21vcnBoX29pZGNfY2xpZW50LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2NoWXN2blhIVndJcFhIZjExOTUxIS0lXFx-Iiwibm9uY2UiOiIzYWI2OTkzYi05ZmQ4LTQ2ZDktYWQ1ZS1lMzVhZWQyOGEwMjAiLCJpYXQiOjE1OTcwODg1ODYsImV4cCI6MTU5NzA4ODg4Nn0.",
  "scope": "openid profile email"
}
outgoing_path
token
2020-08-10 19:43:06 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to test instance 8b0zTB3IK2tYprN
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Bearer mX3Fpj6CE3e8H8wFLW63HlojvwFFA0niLBOHJ5Ve3ag7g97asu",
  "accept": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-08-10 19:43:06 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
mX3Fpj6CE3e8H8wFLW63HlojvwFFA0niLBOHJ5Ve3ag7g97asu
2020-08-10 19:43:06 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
mX3Fpj6CE3e8H8wFLW63HlojvwFFA0niLBOHJ5Ve3ag7g97asu
2020-08-10 19:43:07 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
email
user@example.com
email_verified
false
2020-08-10 19:43:07
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-08-10 19:43:07 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-08-10 19:43:07 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-08-10 19:43:07 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-08-10 19:43:07 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance 8b0zTB3IK2tYprN
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": "1580000000",
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User",
  "email": "user@example.com",
  "email_verified": false
}
outgoing_path
userinfo
2020-08-10 19:43:07 FINISHED
oidcc-client-test-idtoken-sig-none
Test has run to completion
testmodule_result
PASSED
2020-08-10 19:43:33
TEST-RUNNER
Alias has now been claimed by another test
alias
morph_oidc_client
new_test_id
my7va9wz3qK0YDN
Test Results