Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:05:04 INFO
TEST-RUNNER
Test instance qeZbmvGancbiTBm created
baseUrl
https://www.certification.openid.net/test/qeZbmvGancbiTBm
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "request_uri",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias

                                
description
test suite runner for openid-client
planId
yOlk25gGaeYUc
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-userinfo-signed
2020-09-01 12:05:04 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/",
  "authorization_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/token",
  "jwks_uri": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:05:04
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/",
  "authorization_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/token",
  "jwks_uri": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:05:04
SetRequestUriParameterSupportedToTrueInServerConfiguration
Enabled request_uri support in server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/",
  "authorization_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/token",
  "jwks_uri": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "PS256",
    "ES256"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
2020-09-01 12:05:05
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "9aslEIre4AB13EQVtwwR3PdmnrPyPVbvQuo925vURhysg-FfhUbQ6-rWmR4gQiBpjDqJzcg_CQdfhMxFjqbnkGEulzd_eRt05HUcWmCHt-LTyZoao8kPaATAbxDYEOZ37VmZNVwIrJ4AazSWxSTSJs6j3S0wNzDiKneJgrjOw2k",
      "kty": "RSA",
      "q": "r8Y-6Nm5AUEd7qy7R95VhrFZcx8bwGGR9QUb1La5pWc0WVNJ4IHhwXTGjsKrAGkxmgqsLTWBLgJq0TrXayirIVA_eeF7eo80B6s-UNzhYsDKPypt9v8s66G0qcwzK7hUHojb740CWPw6D7gruLQ0jfkt0CJWjcHIfnpOK01iTsE",
      "d": "mKvjojs2LpEMnGo-7MDuPHE9xAg2wSRaqazMHLcf2ON2dlsQ4DvNQehTnVvHzLIuuYmTqGQimhSZDIgwOXolxWP6D_JICA9RUEGKEdA0_kEUsyLOnWGtHVp0MpD-_HvBubUmtOgJhQjCqcYZUERhg8DhxQEikGYcVsfsPv09cupxvLbJdmv-sbqEPDR-ME-GC1hQ2JggnwPuQrqbUZ18uqNfO-g_4nrhNRsUSueToR9FGto9oNp58afkSBNj9b6NF_wn6so5_IrXo28cb6236fKT4fuyCRtb_rt7Z6MTaP_rJDe0YWaNHwDRo4Lg3UZqwSb6eFyzce75rI2LknjWAQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "e2425dd8-8bc5-44a5-a725-88b175d63749",
      "qi": "1Qz7a2Fl-rDAiJxueoLljvd-zpDqTHsw9R0wKGOWmxbmtMgBu-AybpqVVSUggDMRDOqYTgi7xUGKs0J3hEccF-dsU7Slf2wwGL63GT5bQQn48FKPaYouNujmASpsyd_Elkwhmggfki_nNnNX2bnLP2Jrb3L8p542OZeu5rkG0j4",
      "dp": "NXzu0_w4bHMNNkkIpVMWbJLdH_6z5lEQRPR1RWRXQnCpywj94Cm8ATGfSbU6dstRz7tLF6fauZ-GV4aWOmnyjwfpufjWY0rsF3W8F51ez1WuoP1RgYmcNhyavVPgh0V2pRHV_r0sElFQbAcGMKREsThaiyR0k_-rrm1aXkDYm8k",
      "dq": "Zk6sFRmMbed5xY6yHt2QyCn3l2L24x2nN4a2sTN9kIEmXgt1R4AxZ0lRvIwfvch8f11Q46ttudrcU1W9RnjQSj6MA6OzHB23ufL4_VXitXji_qrygD375lYjcmURL5RFGdSstpxLToHYRYf7orD4md37xVYHLNEqojsLvnZ3DsE",
      "n": "qK49E-C8-G5cJgaeGbrqwl9c2eeGMmVgjrHyq7R1cQPGBVUQuH6Y6n4a_42IaVBe3CZmAgt3j7eCFlXTwMZ0SpoLrZ8gqLo9uQAOuQK8QcgbHxNu1bGKfnWliWYCsNjjCM2-jjefsX807UkixiDQ_RarNzl4uUV3RVWZfsP_2Gd8DQL_wVz-5nELzk5d8tcKWhRGouy_WXb3Ib_nfOijtIbFdQRAuADh5Yr5nNqray3kTdBQuZIDdw6U2S3DsPwg1w5eML1GGgUCXwXS-pOrQo2K-S0E627C9q50YnxsTBYVoVgzYs3lLQwVdkEqhfueeGhDF37GkJQ99EBstp1QKQ"
    },
    {
      "kty": "EC",
      "d": "QDtYcNxurLI_oZaYYS8Re_0ZtW8W5WlLu5o664i3afc",
      "use": "sig",
      "crv": "P-256",
      "kid": "795d9f7f-4293-40cf-8e28-6341f892e3b5",
      "x": "8emUUR-UGU6AcHry19-cde-fB-bfJCjhBTDcJGc-luI",
      "y": "uie0Nmp0j1vs1uXNJ8siNnS-JJ_b4kMjx7Jq9Z68XdY"
    },
    {
      "kty": "EC",
      "d": "dtmyXPHpNE0Gui0PjJ2IM2MHEShhILMJ0bMkabLfeXg",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "50086651-c3be-4993-acd2-ddb6e7fcaad9",
      "x": "Y1DJ1Slj6MknPQpNuzjhyDltm6_8Dx0A_X_PePCUXQM",
      "y": "Gardx5DNOXFDX5XbC4zsblZeiObSE7XCH8avYbP1LNY"
    },
    {
      "kty": "OKP",
      "d": "oGYTfeV0lKrGTh0fj9EnoDJpUVo0zSEwzqyrhQm7aO8",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "ea569321-a1c7-4eb5-ae4e-a3e66d35e119",
      "x": "RbbNLJphb-2WUqioC-X6NhgMjeTeyQ2Yh_8WQnEzTXI"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "4pgsnqbLK2exMvUxQQwCs-vwpXFt5k6GK9BMpFF8Q03nmdLGhdh2gOqAV9Bmwb4pxRuwTlVVuzs4UNHlg93_hmmJhir8s7Y5NFFwPxcHFBLftmHRHo7Ga5oHprLnHrbX9LOlK6GBZr5MwaDkmkDdiQ4Teq-5Tx5S3ZmkENrEnRs",
      "kty": "RSA",
      "q": "qjENjP1nV02m9udCXqTq7bJBsgtZeNCoD_S4fMfM_3comdiKKL8f2rY5vY_z-ltsz7Ounrbhyc02F-S3NUfgXNmvnIWQy6WGn7CNwaeXK3AL2kqqzK1hOOcMInE6-gAD_9xDZHEh20Tm8QJzRWLzSHFMgJSrTblIKk_UOLUp0z0",
      "d": "Tdberk6P_G9QTl-5Jq7c8rM1VizIsnxlGm3N3yaTAUJH7DS_c8MpeazEUPML0DMNtVsmCGJOONHP5Q9WAI1WYGxvj4uoOt7Dgof0CGOy21gZUI4fxUsEiU0acSl06D-1HrXJfRKQyv_5HvQvEu2xwItzkkB1Lf0uZpl09JpzjONk0jW_9WRrd4PhDfVx8CznBmF2eqtHq-IduO4J-YHeX2Dk02B5BdNMXr3GPuxdp23p0qWi64YCStRnQtQDMwzRbDZfQPKCsJu0Nkm_4H3EwsXHDgxHrPk8HmJCPRChkIc47LRTMQxsIChNbrKD-pP-90tQtVc-GoRi9yj5yvVmwQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "6d8e5bbb-471c-4cde-babc-c448f04da415",
      "qi": "Y7FHBLo9u_V4W3LXu0HNMnRmUlz_oHVMBbgGheS8euZ98fKc16FZQPfC96zBTl35lc5bQlq6uGNqz5JjGPzCoRXGmLJvjGJcQSff5-5cNQmWnAzb7Stog31FchVMR9NWOZ2D_zIozehl9jQoTgcW7V5L4B58okqN2l10l61-BT0",
      "dp": "xxG54YfXZkKqwoH2y5apqTfXKwID8xl5dnSBYLrV2KtQlSs_jccmFQvvxTYpkHxoZep1cdw2fU8Bor9ETB10p7mAQIbzi07D4trJKiQo69HJCInXFmmImG-x2RnDQpCQGULaEQLKlGELPfED5SCngAkFw_stafzSAC1CniwUH5E",
      "alg": "RSA-OAEP",
      "dq": "OAsRKEVl21Thz1pV-66ZAg76HTQpkWQ8g4yVl9l_gvxtLUQmMsbFKZNqLicSM3YZvcewj-kvLvHZh0K0peH2Wv0AHC3LgZQPYdSUyZlzaUVrUcXWurG5WzCSSWE6B4srxfx1YMT0Xi0xU1n4NXghHtDYXVsXke-aePxyqP3XOQ0",
      "n": "lqR4wGrpKYrkOTYvGYWAKbr-6_-B9cHjBcRupneE7Xk0ixKInzIdXjXPPPTJiNnxq4UTUaWTd5BN01ysmeEWioOZKItG_TXfeRn-jRdeZc4ztoQVrTpQWKwGhLdpqqQdgDvQPp_itevU7p9nKtqZmUnfsBRgY5A1-WgrKoLQN9GLQYkri1BVE-0AkbDD9Z8gOLg26-OC24Umvx8oDNtfcgXFZBzyX8yu3CG3-YCgyv6sCZs0DoWjwv5cT0gKTR_YkN_WPcfDuKFS1_H0PiWTRsO5dt2xfR0_r5Jt_zQMQ8brlKpUuY1IhKgZI6zsvdIZnHtRNdFQ9OU3p8LNbqmwbw"
    },
    {
      "kty": "EC",
      "d": "9ZErdw9umxAvJvyIctjebs6MTZ8-HMfFXqntf_QBmr0",
      "use": "enc",
      "crv": "P-256",
      "kid": "7c8597fb-78ae-4683-bf16-effce377e11d",
      "x": "oY2Cp9x5NrlY6S7zkw6MZRC_oRwL5pOYkw9lVCPLZBA",
      "y": "_dM7atFgFF_c1OBUJPHzOHDo_7ZPCE7y2OGKm7sOHKA",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e2425dd8-8bc5-44a5-a725-88b175d63749",
      "n": "qK49E-C8-G5cJgaeGbrqwl9c2eeGMmVgjrHyq7R1cQPGBVUQuH6Y6n4a_42IaVBe3CZmAgt3j7eCFlXTwMZ0SpoLrZ8gqLo9uQAOuQK8QcgbHxNu1bGKfnWliWYCsNjjCM2-jjefsX807UkixiDQ_RarNzl4uUV3RVWZfsP_2Gd8DQL_wVz-5nELzk5d8tcKWhRGouy_WXb3Ib_nfOijtIbFdQRAuADh5Yr5nNqray3kTdBQuZIDdw6U2S3DsPwg1w5eML1GGgUCXwXS-pOrQo2K-S0E627C9q50YnxsTBYVoVgzYs3lLQwVdkEqhfueeGhDF37GkJQ99EBstp1QKQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "30663325-e085-4a11-8e98-e7c0a8768052",
      "n": "wovmriE5oYDZVQ261CktEJm9fbtersQR5VPAX8uhzsEgsqN11Ha0hk4b8V7uAmZhceX3ju11mEKeG-0cZYJPfoKA4Z4VQSWher4mA-wyo6t9Bn1DSWogwUOKLEzCIDbIPF5upLJbn3atzS2_XHmNAlmyqjIpjGyRRkJOgysbH0vVAwr12Gtn5Jzl6MYmgRsn8SnP8n6rFp7sCHj2yzD6SToPp2-Lo5SREpBv6P_-sSNMO1p19aIeoXsR8a_PkTYZeKRQvBnhwSA0f26zDGUEgCLrGj4DmMVkCngu6kSjFUcEMSknJ2zjkvcm-JUr1qmzjoqd659SAX-m5kAYDmfl-w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "795d9f7f-4293-40cf-8e28-6341f892e3b5",
      "x": "8emUUR-UGU6AcHry19-cde-fB-bfJCjhBTDcJGc-luI",
      "y": "uie0Nmp0j1vs1uXNJ8siNnS-JJ_b4kMjx7Jq9Z68XdY"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "9cd1351b-2929-4d0f-b380-dd1f575669fe",
      "x": "u_CQaqzie_0uF7Ls2XHY_L4fEVSNO4Aof37Lpc1tv_Y",
      "y": "MmDPskDkoaPlX2Je4viuzg6sAFf0a9lWtMV8eBB1NCo"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "50086651-c3be-4993-acd2-ddb6e7fcaad9",
      "x": "Y1DJ1Slj6MknPQpNuzjhyDltm6_8Dx0A_X_PePCUXQM",
      "y": "Gardx5DNOXFDX5XbC4zsblZeiObSE7XCH8avYbP1LNY"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "ea569321-a1c7-4eb5-ae4e-a3e66d35e119",
      "x": "RbbNLJphb-2WUqioC-X6NhgMjeTeyQ2Yh_8WQnEzTXI"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "6d8e5bbb-471c-4cde-babc-c448f04da415",
      "alg": "RSA-OAEP",
      "n": "lqR4wGrpKYrkOTYvGYWAKbr-6_-B9cHjBcRupneE7Xk0ixKInzIdXjXPPPTJiNnxq4UTUaWTd5BN01ysmeEWioOZKItG_TXfeRn-jRdeZc4ztoQVrTpQWKwGhLdpqqQdgDvQPp_itevU7p9nKtqZmUnfsBRgY5A1-WgrKoLQN9GLQYkri1BVE-0AkbDD9Z8gOLg26-OC24Umvx8oDNtfcgXFZBzyX8yu3CG3-YCgyv6sCZs0DoWjwv5cT0gKTR_YkN_WPcfDuKFS1_H0PiWTRsO5dt2xfR0_r5Jt_zQMQ8brlKpUuY1IhKgZI6zsvdIZnHtRNdFQ9OU3p8LNbqmwbw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "7c8597fb-78ae-4683-bf16-effce377e11d",
      "x": "oY2Cp9x5NrlY6S7zkw6MZRC_oRwL5pOYkw9lVCPLZBA",
      "y": "_dM7atFgFF_c1OBUJPHzOHDo_7ZPCE7y2OGKm7sOHKA",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:05:05 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:05:05 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:05:05 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:05:05 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:05:05
oidcc-client-test-userinfo-signed
Setup Done
2020-09-01 12:05:07 INCOMING
oidcc-client-test-userinfo-signed
Incoming HTTP request to test instance qeZbmvGancbiTBm
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:05:07 OUTGOING
oidcc-client-test-userinfo-signed
Response to HTTP request to test instance qeZbmvGancbiTBm
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/",
  "authorization_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/token",
  "jwks_uri": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "PS256",
    "ES256"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:05:08 INCOMING
oidcc-client-test-userinfo-signed
Incoming HTTP request to test instance qeZbmvGancbiTBm
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "200",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "userinfo_signed_response_alg": "RS256"
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code"],"grant_types":["authorization_code"],"redirect_uris":["https://rp.example.com/cb"],"userinfo_signed_response_alg":"RS256"}
Registration endpoint
2020-09-01 12:05:08 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "userinfo_signed_response_alg": "RS256"
}
2020-09-01 12:05:08 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:05:08 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-09-01 12:05:08 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:05:08 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:05:08 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:05:08 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:05:08 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:05:08 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:05:08 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:05:08 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:05:08 SUCCESS
ValidateUserinfoSignedResponseAlg
userinfo_signed_response_alg is one of the known algorithms
alg
RS256
2020-09-01 12:05:08 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:05:08 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:05:08 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:05:08 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:05:08 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:05:08 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:05:08 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:05:08 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:05:08 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:05:08
SetUserinfoSignedResponseAlgToRS256
Set userinfo_signed_response_alg to RS256
2020-09-01 12:05:08 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:05:08 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "userinfo_signed_response_alg": "RS256",
  "client_id": "client_MjZykuclyTloSpL59134#/}!@"
}
2020-09-01 12:05:08
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_vQVQvncETNgdPKPUOojizEgdwrjachXcIBKBEnUaoMlpwGmxLv2809881565%\`(,
2020-09-01 12:05:08 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:05:08 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "userinfo_signed_response_alg": "RS256",
  "client_id": "client_MjZykuclyTloSpL59134#/}!@",
  "client_secret": "secret_vQVQvncETNgdPKPUOojizEgdwrjachXcIBKBEnUaoMlpwGmxLv2809881565%\\`(,"
}
2020-09-01 12:05:08 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:05:08 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:05:08
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:05:08 OUTGOING
oidcc-client-test-userinfo-signed
Response to HTTP request to test instance qeZbmvGancbiTBm
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "userinfo_signed_response_alg": "RS256",
  "client_id": "client_MjZykuclyTloSpL59134#/}!@",
  "client_secret": "secret_vQVQvncETNgdPKPUOojizEgdwrjachXcIBKBEnUaoMlpwGmxLv2809881565%\\`(,",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:05:09 INCOMING
oidcc-client-test-userinfo-signed
Incoming HTTP request to test instance qeZbmvGancbiTBm
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_MjZykuclyTloSpL59134#/}!@",
  "scope": "openid",
  "response_type": "code",
  "request_uri": "https://limitless-retreat-96294.herokuapp.com/7jFJTDyQrdatbogglImNY"
}
incoming_body
Authorization endpoint
2020-09-01 12:05:09
FetchRequestUriAndExtractRequestObject
Fetching request object from request_uri
request_uri
https://limitless-retreat-96294.herokuapp.com/7jFJTDyQrdatbogglImNY
2020-09-01 12:05:09
FetchRequestUriAndExtractRequestObject
HTTP request
request_uri
https://limitless-retreat-96294.herokuapp.com/7jFJTDyQrdatbogglImNY
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-09-01 12:05:09 RESPONSE
FetchRequestUriAndExtractRequestObject
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "Cowboy",
  "connection": "keep-alive",
  "content-type": "application/jwt",
  "content-length": "543",
  "date": "Tue, 01 Sep 2020 12:05:09 GMT",
  "via": "1.1 vegur"
}
response_body
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9Nalp5a3VjbHlUbG9TcEw1OTEzNCMvfSFAIiwic3RhdGUiOiJxT25OX0szMjZhZkVxZUdyalg2cTFreUMtZE1Jb3dPdVA0X3c1UklSVEhnIiwiaXNzIjoiY2xpZW50X01qWnlrdWNseVRsb1NwTDU5MTM0Iy99IUAiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9xZVpibXZHYW5jYmlUQm0vIiwianRpIjoiSnFuN2xWckc3ZmY0NHdSYnZnRktidFBtTEY0eXQyNk5KMHNLcWgzSGFZcyIsImlhdCI6MTU5ODk2MTkwOCwiZXhwIjoxNTk4OTYyMjA4fQ.
2020-09-01 12:05:09
FetchRequestUriAndExtractRequestObject
Downloaded request object
request_object
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9Nalp5a3VjbHlUbG9TcEw1OTEzNCMvfSFAIiwic3RhdGUiOiJxT25OX0szMjZhZkVxZUdyalg2cTFreUMtZE1Jb3dPdVA0X3c1UklSVEhnIiwiaXNzIjoiY2xpZW50X01qWnlrdWNseVRsb1NwTDU5MTM0Iy99IUAiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9xZVpibXZHYW5jYmlUQm0vIiwianRpIjoiSnFuN2xWckc3ZmY0NHdSYnZnRktidFBtTEY0eXQyNk5KMHNLcWgzSGFZcyIsImlhdCI6MTU5ODk2MTkwOCwiZXhwIjoxNTk4OTYyMjA4fQ.
2020-09-01 12:05:09 SUCCESS
FetchRequestUriAndExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9Nalp5a3VjbHlUbG9TcEw1OTEzNCMvfSFAIiwic3RhdGUiOiJxT25OX0szMjZhZkVxZUdyalg2cTFreUMtZE1Jb3dPdVA0X3c1UklSVEhnIiwiaXNzIjoiY2xpZW50X01qWnlrdWNseVRsb1NwTDU5MTM0Iy99IUAiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9xZVpibXZHYW5jYmlUQm0vIiwianRpIjoiSnFuN2xWckc3ZmY0NHdSYnZnRktidFBtTEY0eXQyNk5KMHNLcWgzSGFZcyIsImlhdCI6MTU5ODk2MTkwOCwiZXhwIjoxNTk4OTYyMjA4fQ.",
  "header": {
    "typ": "JWT",
    "alg": "none"
  },
  "claims": {
    "aud": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/",
    "scope": "openid",
    "iss": "client_MjZykuclyTloSpL59134#/}!@",
    "response_type": "code",
    "redirect_uri": "https://rp.example.com/cb",
    "state": "qOnN_K326afEqeGrjX6q1kyC-dMIowOuP4_w5RIRTHg",
    "exp": 1598962208,
    "iat": 1598961908,
    "client_id": "client_MjZykuclyTloSpL59134#/}!@",
    "jti": "Jqn7lVrG7ff44wRbvgFKbtPmLF4yt26NJ0sKqh3HaYs"
  }
}
2020-09-01 12:05:09 SUCCESS
EnsureRequestUriIsHttpsOrRequestObjectIsSigned
request_uri is a https url
request_uri
https://limitless-retreat-96294.herokuapp.com/7jFJTDyQrdatbogglImNY
2020-09-01 12:05:09 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:05:09 SUCCESS
OIDCCValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Sep 1, 2020, 12:10:08 PM"
2020-09-01 12:05:09 SUCCESS
ValidateRequestObjectIat
iat claim is valid
iat
1598961908
2020-09-01 12:05:09 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2020-09-01 12:05:09
ValidateRequestObjectMaxAge
Request object does not contain a max_age claim
2020-09-01 12:05:09 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2020-09-01 12:05:09 SUCCESS
OIDCCEnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code
client_id
client_MjZykuclyTloSpL59134#/}!@
2020-09-01 12:05:09 SUCCESS
OIDCCEnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2020-09-01 12:05:09 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_MjZykuclyTloSpL59134#/}!@",
  "scope": "openid",
  "response_type": "code",
  "request_uri": "https://limitless-retreat-96294.herokuapp.com/7jFJTDyQrdatbogglImNY",
  "aud": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/",
  "iss": "client_MjZykuclyTloSpL59134#/}!@",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "qOnN_K326afEqeGrjX6q1kyC-dMIowOuP4_w5RIRTHg",
  "exp": 1598962208,
  "iat": 1598961908,
  "jti": "Jqn7lVrG7ff44wRbvgFKbtPmLF4yt26NJ0sKqh3HaYs"
}
2020-09-01 12:05:09 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:05:09 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2020-09-01 12:05:09 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-09-01 12:05:09 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_MjZykuclyTloSpL59134#/}!@
2020-09-01 12:05:09 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:05:09 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:05:09 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:05:09 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
RtWTaQtK1V
2020-09-01 12:05:09 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
n3882eUyuByGI7dVc2QN8g
2020-09-01 12:05:09 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "qOnN_K326afEqeGrjX6q1kyC-dMIowOuP4_w5RIRTHg"
}
2020-09-01 12:05:09 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "qOnN_K326afEqeGrjX6q1kyC-dMIowOuP4_w5RIRTHg",
  "code": "RtWTaQtK1V"
}
2020-09-01 12:05:09
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://rp.example.com/cb?state=qOnN_K326afEqeGrjX6q1kyC-dMIowOuP4_w5RIRTHg&code=RtWTaQtK1V
2020-09-01 12:05:09 OUTGOING
oidcc-client-test-userinfo-signed
Response to HTTP request to test instance qeZbmvGancbiTBm
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://rp.example.com/cb?state=qOnN_K326afEqeGrjX6q1kyC-dMIowOuP4_w5RIRTHg&code=RtWTaQtK1V]
outgoing_path
authorize
2020-09-01 12:05:09 INCOMING
oidcc-client-test-userinfo-signed
Incoming HTTP request to test instance qeZbmvGancbiTBm
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X01qWnlrdWNseVRsb1NwTDU5MTM0JTIzJTJGJTdEISU0MDpzZWNyZXRfdlFWUXZuY0VUTmdkUEtQVU9vaml6RWdkd3JqYWNoWGNJQktCRW5VYW9NbHB3R214THYyODA5ODgxNTY1JTI1JTVDJTYwKCUyQw\u003d\u003d",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "RtWTaQtK1V",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=RtWTaQtK1V&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:05:09 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_MjZykuclyTloSpL59134#/}!@
client_secret
secret_vQVQvncETNgdPKPUOojizEgdwrjachXcIBKBEnUaoMlpwGmxLv2809881565%\`(,
method
client_secret_basic
2020-09-01 12:05:09 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:05:09 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
RtWTaQtK1V
2020-09-01 12:05:09 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:05:09 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
xohMly5xgBHD9gzAGg4o4UbKkQ8nLVgJvnd7zLSXyRra1lpcEg
2020-09-01 12:05:09 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
FKQjPBntH_rPiKIKPxBE6w
2020-09-01 12:05:09 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/qeZbmvGancbiTBm/
sub
user-subject-1234531
aud
client_MjZykuclyTloSpL59134#/}!@
iat
1598961909
exp
1598962209
2020-09-01 12:05:09 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
FKQjPBntH_rPiKIKPxBE6w
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/qeZbmvGancbiTBm/",
  "sub": "user-subject-1234531",
  "aud": "client_MjZykuclyTloSpL59134#/}!@",
  "iat": 1598961909,
  "exp": 1598962209,
  "at_hash": "FKQjPBntH_rPiKIKPxBE6w"
}
2020-09-01 12:05:09 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJlMjQyNWRkOC04YmM1LTQ0YTUtYTcyNS04OGIxNzVkNjM3NDkiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiRktRalBCbnRIX3JQaUtJS1B4QkU2dyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X01qWnlrdWNseVRsb1NwTDU5MTM0I1wvfSFAIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL3FlWmJtdkdhbmNiaVRCbVwvIiwiZXhwIjoxNTk4OTYyMjA5LCJpYXQiOjE1OTg5NjE5MDl9.p-I4H-GkxfJqrMBxgPNHaLYwLtoCE1uNifuPjLpZOWsSMKkShYslxXXDIlky0SYzaNaMFNp9WpW4wnvXebKLt8bqPR1YlCzkiMnjOfXZTAeX4Aw5bD6Xc-1ZQ6iFTMGO7NG7cpVhKPjiNHBruT6jCOirCoLe84QHHlQtxv90aHnuIlvTL19xGDy_VDO4DirEWwbKvqK-M2omWGAt1fnLR9H1otymPsGJAbvPQYEPr-WlHUI1ySk8J2B93x_RJPWQhigF9Xdn4xljMcjHLd1mpd81uCT9TBXrRShc9p9x52qANfkY4-_KYSMVLZGmpKFqG10y0g7RY53bq3AWWq3PMg
key
{"p":"9aslEIre4AB13EQVtwwR3PdmnrPyPVbvQuo925vURhysg-FfhUbQ6-rWmR4gQiBpjDqJzcg_CQdfhMxFjqbnkGEulzd_eRt05HUcWmCHt-LTyZoao8kPaATAbxDYEOZ37VmZNVwIrJ4AazSWxSTSJs6j3S0wNzDiKneJgrjOw2k","kty":"RSA","q":"r8Y-6Nm5AUEd7qy7R95VhrFZcx8bwGGR9QUb1La5pWc0WVNJ4IHhwXTGjsKrAGkxmgqsLTWBLgJq0TrXayirIVA_eeF7eo80B6s-UNzhYsDKPypt9v8s66G0qcwzK7hUHojb740CWPw6D7gruLQ0jfkt0CJWjcHIfnpOK01iTsE","d":"mKvjojs2LpEMnGo-7MDuPHE9xAg2wSRaqazMHLcf2ON2dlsQ4DvNQehTnVvHzLIuuYmTqGQimhSZDIgwOXolxWP6D_JICA9RUEGKEdA0_kEUsyLOnWGtHVp0MpD-_HvBubUmtOgJhQjCqcYZUERhg8DhxQEikGYcVsfsPv09cupxvLbJdmv-sbqEPDR-ME-GC1hQ2JggnwPuQrqbUZ18uqNfO-g_4nrhNRsUSueToR9FGto9oNp58afkSBNj9b6NF_wn6so5_IrXo28cb6236fKT4fuyCRtb_rt7Z6MTaP_rJDe0YWaNHwDRo4Lg3UZqwSb6eFyzce75rI2LknjWAQ","e":"AQAB","use":"sig","kid":"e2425dd8-8bc5-44a5-a725-88b175d63749","qi":"1Qz7a2Fl-rDAiJxueoLljvd-zpDqTHsw9R0wKGOWmxbmtMgBu-AybpqVVSUggDMRDOqYTgi7xUGKs0J3hEccF-dsU7Slf2wwGL63GT5bQQn48FKPaYouNujmASpsyd_Elkwhmggfki_nNnNX2bnLP2Jrb3L8p542OZeu5rkG0j4","dp":"NXzu0_w4bHMNNkkIpVMWbJLdH_6z5lEQRPR1RWRXQnCpywj94Cm8ATGfSbU6dstRz7tLF6fauZ-GV4aWOmnyjwfpufjWY0rsF3W8F51ez1WuoP1RgYmcNhyavVPgh0V2pRHV_r0sElFQbAcGMKREsThaiyR0k_-rrm1aXkDYm8k","dq":"Zk6sFRmMbed5xY6yHt2QyCn3l2L24x2nN4a2sTN9kIEmXgt1R4AxZ0lRvIwfvch8f11Q46ttudrcU1W9RnjQSj6MA6OzHB23ufL4_VXitXji_qrygD375lYjcmURL5RFGdSstpxLToHYRYf7orD4md37xVYHLNEqojsLvnZ3DsE","n":"qK49E-C8-G5cJgaeGbrqwl9c2eeGMmVgjrHyq7R1cQPGBVUQuH6Y6n4a_42IaVBe3CZmAgt3j7eCFlXTwMZ0SpoLrZ8gqLo9uQAOuQK8QcgbHxNu1bGKfnWliWYCsNjjCM2-jjefsX807UkixiDQ_RarNzl4uUV3RVWZfsP_2Gd8DQL_wVz-5nELzk5d8tcKWhRGouy_WXb3Ib_nfOijtIbFdQRAuADh5Yr5nNqray3kTdBQuZIDdw6U2S3DsPwg1w5eML1GGgUCXwXS-pOrQo2K-S0E627C9q50YnxsTBYVoVgzYs3lLQwVdkEqhfueeGhDF37GkJQ99EBstp1QKQ"}
algorithm
RS256
2020-09-01 12:05:09 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:05:09 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
xohMly5xgBHD9gzAGg4o4UbKkQ8nLVgJvnd7zLSXyRra1lpcEg
token_type
Bearer
id_token
eyJraWQiOiJlMjQyNWRkOC04YmM1LTQ0YTUtYTcyNS04OGIxNzVkNjM3NDkiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiRktRalBCbnRIX3JQaUtJS1B4QkU2dyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X01qWnlrdWNseVRsb1NwTDU5MTM0I1wvfSFAIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL3FlWmJtdkdhbmNiaVRCbVwvIiwiZXhwIjoxNTk4OTYyMjA5LCJpYXQiOjE1OTg5NjE5MDl9.p-I4H-GkxfJqrMBxgPNHaLYwLtoCE1uNifuPjLpZOWsSMKkShYslxXXDIlky0SYzaNaMFNp9WpW4wnvXebKLt8bqPR1YlCzkiMnjOfXZTAeX4Aw5bD6Xc-1ZQ6iFTMGO7NG7cpVhKPjiNHBruT6jCOirCoLe84QHHlQtxv90aHnuIlvTL19xGDy_VDO4DirEWwbKvqK-M2omWGAt1fnLR9H1otymPsGJAbvPQYEPr-WlHUI1ySk8J2B93x_RJPWQhigF9Xdn4xljMcjHLd1mpd81uCT9TBXrRShc9p9x52qANfkY4-_KYSMVLZGmpKFqG10y0g7RY53bq3AWWq3PMg
scope
openid
2020-09-01 12:05:09 OUTGOING
oidcc-client-test-userinfo-signed
Response to HTTP request to test instance qeZbmvGancbiTBm
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "xohMly5xgBHD9gzAGg4o4UbKkQ8nLVgJvnd7zLSXyRra1lpcEg",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJlMjQyNWRkOC04YmM1LTQ0YTUtYTcyNS04OGIxNzVkNjM3NDkiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiRktRalBCbnRIX3JQaUtJS1B4QkU2dyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X01qWnlrdWNseVRsb1NwTDU5MTM0I1wvfSFAIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL3FlWmJtdkdhbmNiaVRCbVwvIiwiZXhwIjoxNTk4OTYyMjA5LCJpYXQiOjE1OTg5NjE5MDl9.p-I4H-GkxfJqrMBxgPNHaLYwLtoCE1uNifuPjLpZOWsSMKkShYslxXXDIlky0SYzaNaMFNp9WpW4wnvXebKLt8bqPR1YlCzkiMnjOfXZTAeX4Aw5bD6Xc-1ZQ6iFTMGO7NG7cpVhKPjiNHBruT6jCOirCoLe84QHHlQtxv90aHnuIlvTL19xGDy_VDO4DirEWwbKvqK-M2omWGAt1fnLR9H1otymPsGJAbvPQYEPr-WlHUI1ySk8J2B93x_RJPWQhigF9Xdn4xljMcjHLd1mpd81uCT9TBXrRShc9p9x52qANfkY4-_KYSMVLZGmpKFqG10y0g7RY53bq3AWWq3PMg",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:05:10 INCOMING
oidcc-client-test-userinfo-signed
Incoming HTTP request to test instance qeZbmvGancbiTBm
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:05:10 OUTGOING
oidcc-client-test-userinfo-signed
Response to HTTP request to test instance qeZbmvGancbiTBm
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e2425dd8-8bc5-44a5-a725-88b175d63749",
      "n": "qK49E-C8-G5cJgaeGbrqwl9c2eeGMmVgjrHyq7R1cQPGBVUQuH6Y6n4a_42IaVBe3CZmAgt3j7eCFlXTwMZ0SpoLrZ8gqLo9uQAOuQK8QcgbHxNu1bGKfnWliWYCsNjjCM2-jjefsX807UkixiDQ_RarNzl4uUV3RVWZfsP_2Gd8DQL_wVz-5nELzk5d8tcKWhRGouy_WXb3Ib_nfOijtIbFdQRAuADh5Yr5nNqray3kTdBQuZIDdw6U2S3DsPwg1w5eML1GGgUCXwXS-pOrQo2K-S0E627C9q50YnxsTBYVoVgzYs3lLQwVdkEqhfueeGhDF37GkJQ99EBstp1QKQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "30663325-e085-4a11-8e98-e7c0a8768052",
      "n": "wovmriE5oYDZVQ261CktEJm9fbtersQR5VPAX8uhzsEgsqN11Ha0hk4b8V7uAmZhceX3ju11mEKeG-0cZYJPfoKA4Z4VQSWher4mA-wyo6t9Bn1DSWogwUOKLEzCIDbIPF5upLJbn3atzS2_XHmNAlmyqjIpjGyRRkJOgysbH0vVAwr12Gtn5Jzl6MYmgRsn8SnP8n6rFp7sCHj2yzD6SToPp2-Lo5SREpBv6P_-sSNMO1p19aIeoXsR8a_PkTYZeKRQvBnhwSA0f26zDGUEgCLrGj4DmMVkCngu6kSjFUcEMSknJ2zjkvcm-JUr1qmzjoqd659SAX-m5kAYDmfl-w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "795d9f7f-4293-40cf-8e28-6341f892e3b5",
      "x": "8emUUR-UGU6AcHry19-cde-fB-bfJCjhBTDcJGc-luI",
      "y": "uie0Nmp0j1vs1uXNJ8siNnS-JJ_b4kMjx7Jq9Z68XdY"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "9cd1351b-2929-4d0f-b380-dd1f575669fe",
      "x": "u_CQaqzie_0uF7Ls2XHY_L4fEVSNO4Aof37Lpc1tv_Y",
      "y": "MmDPskDkoaPlX2Je4viuzg6sAFf0a9lWtMV8eBB1NCo"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "50086651-c3be-4993-acd2-ddb6e7fcaad9",
      "x": "Y1DJ1Slj6MknPQpNuzjhyDltm6_8Dx0A_X_PePCUXQM",
      "y": "Gardx5DNOXFDX5XbC4zsblZeiObSE7XCH8avYbP1LNY"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "ea569321-a1c7-4eb5-ae4e-a3e66d35e119",
      "x": "RbbNLJphb-2WUqioC-X6NhgMjeTeyQ2Yh_8WQnEzTXI"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "6d8e5bbb-471c-4cde-babc-c448f04da415",
      "alg": "RSA-OAEP",
      "n": "lqR4wGrpKYrkOTYvGYWAKbr-6_-B9cHjBcRupneE7Xk0ixKInzIdXjXPPPTJiNnxq4UTUaWTd5BN01ysmeEWioOZKItG_TXfeRn-jRdeZc4ztoQVrTpQWKwGhLdpqqQdgDvQPp_itevU7p9nKtqZmUnfsBRgY5A1-WgrKoLQN9GLQYkri1BVE-0AkbDD9Z8gOLg26-OC24Umvx8oDNtfcgXFZBzyX8yu3CG3-YCgyv6sCZs0DoWjwv5cT0gKTR_YkN_WPcfDuKFS1_H0PiWTRsO5dt2xfR0_r5Jt_zQMQ8brlKpUuY1IhKgZI6zsvdIZnHtRNdFQ9OU3p8LNbqmwbw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "7c8597fb-78ae-4683-bf16-effce377e11d",
      "x": "oY2Cp9x5NrlY6S7zkw6MZRC_oRwL5pOYkw9lVCPLZBA",
      "y": "_dM7atFgFF_c1OBUJPHzOHDo_7ZPCE7y2OGKm7sOHKA",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:05:10 INCOMING
oidcc-client-test-userinfo-signed
Incoming HTTP request to test instance qeZbmvGancbiTBm
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer xohMly5xgBHD9gzAGg4o4UbKkQ8nLVgJvnd7zLSXyRra1lpcEg",
  "accept": "application/jwt",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:05:10 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
xohMly5xgBHD9gzAGg4o4UbKkQ8nLVgJvnd7zLSXyRra1lpcEg
2020-09-01 12:05:10 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
xohMly5xgBHD9gzAGg4o4UbKkQ8nLVgJvnd7zLSXyRra1lpcEg
2020-09-01 12:05:10 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:05:10
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:05:10
AddIssAndAudToUserInfoResponse
Added iss and aud claims to userinfo response
aud
client_MjZykuclyTloSpL59134#/}!@
iss
https://www.certification.openid.net/test/qeZbmvGancbiTBm/
2020-09-01 12:05:10 SUCCESS
SignUserInfoResponse
Signed the userinfo response
userinfo
eyJraWQiOiJlMjQyNWRkOC04YmM1LTQ0YTUtYTcyNS04OGIxNzVkNjM3NDkiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9Nalp5a3VjbHlUbG9TcEw1OTEzNCNcL30hQCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9xZVpibXZHYW5jYmlUQm1cLyJ9.J1nAy9raSdknlF8NYiNLA6OGS2nmLXSsroQlgRRzoDudTn34VNkJBx9mFsxdQKP_BQIcRR0RHmDn1qyngzQXrZyD-LiqRG-eBagKQncpJwsCg68CzW5wDgD4CA67cM8JfOGPFLIblqBFTRuIMOB4LFiq0haj02h4xt1lePgmQ9cLzHMLxRPEtWfNTlL2IyNXEnNeh4u2JgBaqflKa3v0cx8qzluYDM6PVEPsNxLeWBEbj2zxZOXLLKDDJuGsQKVjy2TSSYswYbDJZ2nt2lX83-P8AlmS0Y6TGdtJUXO9LJgjog99REb7ZYL9Tuf2gOkLXtmxKmnzsD3GRAzAsGcSsA
2020-09-01 12:05:10 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:05:10 OUTGOING
oidcc-client-test-userinfo-signed
Response to HTTP request to test instance qeZbmvGancbiTBm
outgoing_status_code
200
outgoing_headers
{
  "Content-Type": [
    "application/jwt;charset\u003dUTF-8"
  ]
}
outgoing_body
eyJraWQiOiJlMjQyNWRkOC04YmM1LTQ0YTUtYTcyNS04OGIxNzVkNjM3NDkiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9Nalp5a3VjbHlUbG9TcEw1OTEzNCNcL30hQCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9xZVpibXZHYW5jYmlUQm1cLyJ9.J1nAy9raSdknlF8NYiNLA6OGS2nmLXSsroQlgRRzoDudTn34VNkJBx9mFsxdQKP_BQIcRR0RHmDn1qyngzQXrZyD-LiqRG-eBagKQncpJwsCg68CzW5wDgD4CA67cM8JfOGPFLIblqBFTRuIMOB4LFiq0haj02h4xt1lePgmQ9cLzHMLxRPEtWfNTlL2IyNXEnNeh4u2JgBaqflKa3v0cx8qzluYDM6PVEPsNxLeWBEbj2zxZOXLLKDDJuGsQKVjy2TSSYswYbDJZ2nt2lX83-P8AlmS0Y6TGdtJUXO9LJgjog99REb7ZYL9Tuf2gOkLXtmxKmnzsD3GRAzAsGcSsA
outgoing_path
userinfo
2020-09-01 12:05:10 FINISHED
oidcc-client-test-userinfo-signed
Test has run to completion
testmodule_result
PASSED
Test Results