Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:04:47 INFO
TEST-RUNNER
Test instance o8CN7XtFhpynJAF created
baseUrl
https://www.certification.openid.net/test/o8CN7XtFhpynJAF
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "request_uri",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias

                                
description
test suite runner for openid-client
planId
yOlk25gGaeYUc
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-signing-key-rotation-just-before-signing
2020-09-01 12:04:47 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/",
  "authorization_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/token",
  "jwks_uri": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:04:47
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/",
  "authorization_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/token",
  "jwks_uri": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:04:47
SetRequestUriParameterSupportedToTrueInServerConfiguration
Enabled request_uri support in server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/",
  "authorization_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/token",
  "jwks_uri": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "PS256",
    "ES256"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
2020-09-01 12:04:47
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "7h46oGqCnmsQJO9LoaG8NiN_yfv6q1S-pV0jNRU99T1DfOzgC2ypyi6noJBqe2ItyB4gEOK8_IOoFEplv4p1IohmZJfIrvfPCdXtjKunXIIJ75bY9LXtbHUqCe3GTUKwDop7L2n_1__G7OSetZ8yTRE8OgCIaTuIfQyEFStabgU",
      "kty": "RSA",
      "q": "nzXHcuNgUPbUM32vFfKqfcq7n1I3oFHTdg9mhNb7BxTB-R9wnYfy2j9O2-vZdaMGUd5MWkqVbincv24GclXbSjjtNzD8jAM8svrKteuxekJt1w1QElXs8oeylYENx6CPpYmaj-mdRFEAVinoF109gZB1Woyg2reezbjw4cpobe0",
      "d": "HaMiYk-mIQ98TluRTpqfSXvxPBTH9x6ujLA7oj6OOw-acCZcyxoofyh9OgqPjuX51Pn8R_vbPwvfOGuqz8rfKC5ZA6la14Hn61fG9KeMnp09iH-T9UnNtlMjYD0mDMKk1c1VUm6LPRHOYoahAKTXtXbnbiVXMffIlWX0r0DP92sk_mM5DBEuJH7pY0xU4wRweYNGpVfkjwpRBPKttajz2T96IIIRJ_t-2SvbaV-y-JxIHVauqLBgYOh4ua7jdCjVWWFKmgU0PEXVEvUmywJmPCNsM46aMh1wa7tAcnX0E37bu4nJzxVyBzg2FWNcujJUcYQWSyoVTwvO0vd6JgJ9QQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "7c74fb60-00b4-4e33-922d-e6dc4ff75927",
      "qi": "mrg1Zs_JmHTOC2ecaDBI0ALOswKbG-9wRZ7Ud2aFVCk0nbnIu8ge_T1a6DRPvY01lbRjmZN1F4rFcrKPXpqXuBp-vVWBaHiX7IOqOEnKWKYY12dSZhayoHXbaaZaZkXuNrTQAOcuhNVlJw6y-wo5czQLWz953ECBx88hehk2dw4",
      "dp": "HLqS8jXHipt6OCqS4m5kCdggm9sF9FPmKIdjLw1gC02X7eOaaGZ02crlOI8T-czvnxxbXA4vJPwxdDlBq2lmFoOEbxCNCuclGJex8G3pZFTgJAL8LBIjEhnUt5vzd_Da0vZMRH0ye_oFIyG2ME2DwR6aOJlF3ARtxECVUwSHBY0",
      "dq": "BdXQw5M12oHRcTmwCxvjx8yAZ-x5gXS-TVtvJHtEpBPMsDbIx91Nt1YOq9zPEZKyDpoZLk4BgBIktxdvQQ2IhgXkG9u9xdvwg5bRiy1iSdrZb8JbJvDjSFhU4UnjmWd3HFgYxCGJ1BEr8_yBNyoBsRf8VR9GXf3Q4jVfDsd-YFk",
      "n": "lBbMMCHkYEuF2jXdENy_g52GhP84XdEcZ_gK-n_kZNPXFcxBnAvv8Vdy5OeYMSM5mNzQVgnmcufXfG0Nav4HFgu79b2b7YLqoeqnKW1nkQRf_DI1pxwWLNSL-NPbB-YcbVgMfK3mdnTdL6ThTaPhmMLO_axBGVqJMlQL9_zcoz0NKbJuKrgdykusFaZTAm5sEFhNIiKP3YMKT80nnw-O-9Dn9Kmx-U8X6XLKCRdKa2LNlagQ6bE3uLMn7LlGUAqoSilK9zhGfHPVqGZRbZn5yyLq7NKOrCD_hx844QR1Qe4aPoIPcjQf63veh80vd035pYeS0bdd5Fdr2aUAR5f7oQ"
    },
    {
      "kty": "EC",
      "d": "aIaK-v4ctWI0GIhBl4TwEatygZBWOsSj2ELQbSwlVMc",
      "use": "sig",
      "crv": "P-256",
      "kid": "d9674c35-5fc8-4377-8304-80e693f72788",
      "x": "mPkDH0oCKrn6mWFg5AmC9wADynM3_ilSyZKSiquTNTw",
      "y": "zTDVAnLHe4_8Q9jahiNF7tB8kQ4B5xqPHhFeQc9tsrg"
    },
    {
      "kty": "EC",
      "d": "bgNNe8v9LdPyW7akENYHRJLB1CZXRzGaFOD3Wi_JmQw",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "df66843a-6395-41b9-9081-ca909c72cde7",
      "x": "B0LxOjF-qpyfaXSQ76D7dwFfO0XRCV7txM6oyF9bfHc",
      "y": "J4j-pv9AFf_EydnfiG73QgCf6Utf4VBfTH13dJlyPoU"
    },
    {
      "kty": "OKP",
      "d": "F4Jm4DxwINHDJ0ThmbW8C7V2HarfmnHk-zoghHlOwTw",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f229950c-7cc6-4cf6-8c32-30b637c23788",
      "x": "RYzjNYMK9KviSYFKd82S0sg5V8MN2y85M5H57YSpd50"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "_8BsnIQQrBiytpc0oDnmZhYkyA2YcCJeljvE1EqZa4fgHgTFQCuIEeDfY-IpcKxoyjUup5iS_QpeOPNTPFjgBzFv8heTY3SwjOuhu2uqvu6yND6JQEQbjqpTP5wVVWGkXUrp04In3diwzIkZUE7D57Svlc0jh3kc4CsNkIuosmU",
      "kty": "RSA",
      "q": "1P_a5qXs_1b58zoTei9wGwwf53NP3cl9KnNU6EaRqjcCqHwDmvz5HfvCdI4liXHYw2B-obLSqRdUMotQEz_ZrJN0BauKr12tCZOvldkwYe6Gi8-qpsL_KcGgqoJCnvXlR4GCpPKWk84fIoWXZ0-Z3RcgBKDuTTm2RfSaEupPjy8",
      "d": "I73zdipNTiZ5oLOLD_5v8iR5ROsXMOD_MXx3PkVw_TevubwAruUHeWWDLQqW1kB9zmvGjDIytLhRXA_HBjGZOqQ7FHFnLf1kp8CUBWx309dTJz_udrPQji9V9Mj3gK-dkJd6BTUjrPJB9uxXcGKFCjeEdZBsKLpo4AprEVep-dQ738SU-LnwkXYZ4lcHrLo7cgUIjfeKT7-VSd2oGVeazvtl110_XlUbxC87XJnWckZRX-WGTT2ieZI3f9ObM8bKLpBYonloEOdIm70cOBXXDO7HDoSeSkj8TxR8aRzyJA1Q8E38F83YvnNJW6G7Vyigw5REGnSJl4B5Jj5umUyp",
      "e": "AQAB",
      "use": "enc",
      "kid": "d888f3d1-12cd-43a6-ac2a-dfcc362de0d2",
      "qi": "CB6Hs9TBQqy0DfpFSjCBOa4b5TjPuMWEnGpT34-V-a2FJn44YS671FBJZN8vAdPlsPz0lt1LbMtZyQQ2T4bcWQ68Cz856DIezWXUHlLBTshtcHBUPrDLXkSitM5JmZD67fbX05gYJf56_tPNS8ZarJ4vWB7P0uf-iZpM62ZJdeI",
      "dp": "3ZcMw-PNSj8wAPIrv7PLA6KmBct5y5aL26E3njRwj3Gv5nJ9sWbGQ69R_ooDG8PWG3VO0hlpKeNk1fVFpiDfInxcISb6Jg8BtWenvuq_iyTntEqGwu7_7XF4JcIH3e126vowdHjuL9JDBUS4cRN9u_GavLF72jI-qZ_D5fyLkt0",
      "alg": "RSA-OAEP",
      "dq": "IzU7qN6Kg1aMMHFMIOlQfZgOegKsk_unTeoMgeyQTXOUY-dD7U2dnCAub3fDqql_7CO6Kt5VRhAOIeC3Vsc6IvWouvs1DHHOlYOtBXcGMVntMZUdHz2iUfOorCal_oKk6KH2x282Bq6OpPUyJqiYxVv6NemoGmnMwFmDUlca2Y8",
      "n": "1Mr1ThZoArFMEuk0LN9BITgUT7qzQU6DaBXIzs5-ks5wxvhtphYaAojZu9rhggfoiGisduasEV9lrukAgs4gSN8ES3P9wNm8ZhNAI7t4kLl3CV_CwkkZWUy_WgV-vHHR3YM5OaemAIKUTnjkY5SXXa_4HkDIxVywPjdT_pM9bhrk2BqZbVB9j9Reeprw0w6CKbinA-LqXrFzgiVRMefVJ5abxs9Wlx7RMbmmG_bcoebY5FlWYdBu23sAwGJzfTyhqTp196FLnqEobZcVe5n9867L5knIHlfloey9aVoTnveG-ctFPefCT0cvZ4Gfo6r56s_IKuv4sw8SL9TGPsoriw"
    },
    {
      "kty": "EC",
      "d": "yZRYvHHudoU3BZg9pcdHykCbxxVv6Zc_OdfdFJJWlds",
      "use": "enc",
      "crv": "P-256",
      "kid": "29ac9a69-de0b-4b0f-b7d3-97ff5e573298",
      "x": "kdcI2YvY7xJQa6Yby9OWkkeXnP6Jrf5VbJ9Q7yiUILg",
      "y": "sE5bNqRZorlvgLoGSmWSB73F54EQWcyGQ_8ty8jPLes",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "7c74fb60-00b4-4e33-922d-e6dc4ff75927",
      "n": "lBbMMCHkYEuF2jXdENy_g52GhP84XdEcZ_gK-n_kZNPXFcxBnAvv8Vdy5OeYMSM5mNzQVgnmcufXfG0Nav4HFgu79b2b7YLqoeqnKW1nkQRf_DI1pxwWLNSL-NPbB-YcbVgMfK3mdnTdL6ThTaPhmMLO_axBGVqJMlQL9_zcoz0NKbJuKrgdykusFaZTAm5sEFhNIiKP3YMKT80nnw-O-9Dn9Kmx-U8X6XLKCRdKa2LNlagQ6bE3uLMn7LlGUAqoSilK9zhGfHPVqGZRbZn5yyLq7NKOrCD_hx844QR1Qe4aPoIPcjQf63veh80vd035pYeS0bdd5Fdr2aUAR5f7oQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "8b53c29e-d0da-4b7d-9ac7-6a1b951911af",
      "n": "oPC_w_h0MOJfYXGhX9B_z7cp-x9eqfsuZqGjqmG4uvgjFFDLK-eia9D_-S5AV-ScJ56CCGtUpTmhPvxABDKKmFxQmgjD2iPSiVqVxbg-8NvgA7oDEurSqHq3NT8sPS1OhBP8EYu0tMJcHtO2o2eOrll0w9IG3aP7eCGCa823GQnas9hmoIgwsYJD_BSnY3EEJTr9UepgnjvhvRHwgEy_5On6T9Hao9GGtvewqLanVXohCB1nQT80mReR88a57W7CqwD0ersk49WlZHhpRgVhozdXtrnaOWbbbTmJt30m1Fr1NZhFPdHGxrqn9VqhjYpoakRBnaU6jILwNTD-O6FSow"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "d9674c35-5fc8-4377-8304-80e693f72788",
      "x": "mPkDH0oCKrn6mWFg5AmC9wADynM3_ilSyZKSiquTNTw",
      "y": "zTDVAnLHe4_8Q9jahiNF7tB8kQ4B5xqPHhFeQc9tsrg"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "c1b0831b-847f-4593-9562-1f22339a9ab1",
      "x": "H8HdvBK0VUAzJAVfTOvWAIvOQGK8EFXCGAf5O6Z451Y",
      "y": "WCpSPlWD2ubXZqVOehGCSXYUk0jHkDPVpzfjpIonq5E"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "df66843a-6395-41b9-9081-ca909c72cde7",
      "x": "B0LxOjF-qpyfaXSQ76D7dwFfO0XRCV7txM6oyF9bfHc",
      "y": "J4j-pv9AFf_EydnfiG73QgCf6Utf4VBfTH13dJlyPoU"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f229950c-7cc6-4cf6-8c32-30b637c23788",
      "x": "RYzjNYMK9KviSYFKd82S0sg5V8MN2y85M5H57YSpd50"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d888f3d1-12cd-43a6-ac2a-dfcc362de0d2",
      "alg": "RSA-OAEP",
      "n": "1Mr1ThZoArFMEuk0LN9BITgUT7qzQU6DaBXIzs5-ks5wxvhtphYaAojZu9rhggfoiGisduasEV9lrukAgs4gSN8ES3P9wNm8ZhNAI7t4kLl3CV_CwkkZWUy_WgV-vHHR3YM5OaemAIKUTnjkY5SXXa_4HkDIxVywPjdT_pM9bhrk2BqZbVB9j9Reeprw0w6CKbinA-LqXrFzgiVRMefVJ5abxs9Wlx7RMbmmG_bcoebY5FlWYdBu23sAwGJzfTyhqTp196FLnqEobZcVe5n9867L5knIHlfloey9aVoTnveG-ctFPefCT0cvZ4Gfo6r56s_IKuv4sw8SL9TGPsoriw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "29ac9a69-de0b-4b0f-b7d3-97ff5e573298",
      "x": "kdcI2YvY7xJQa6Yby9OWkkeXnP6Jrf5VbJ9Q7yiUILg",
      "y": "sE5bNqRZorlvgLoGSmWSB73F54EQWcyGQ_8ty8jPLes",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:04:47 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:04:47 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:04:47 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:04:47 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:04:47
oidcc-client-test-signing-key-rotation-just-before-signing
Setup Done
2020-09-01 12:04:48 INCOMING
oidcc-client-test-signing-key-rotation-just-before-signing
Incoming HTTP request to test instance o8CN7XtFhpynJAF
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:04:48 OUTGOING
oidcc-client-test-signing-key-rotation-just-before-signing
Response to HTTP request to test instance o8CN7XtFhpynJAF
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/",
  "authorization_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/token",
  "jwks_uri": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "PS256",
    "ES256"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:04:48 INCOMING
oidcc-client-test-signing-key-rotation-just-before-signing
Incoming HTTP request to test instance o8CN7XtFhpynJAF
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "161",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code"],"grant_types":["authorization_code"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:04:48 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:04:48 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:04:48 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-09-01 12:04:48 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:04:48 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:04:48 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:04:48 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:04:48 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:04:48 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:04:48 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:04:48 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:04:48 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:04:48 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:04:48 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:04:48 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:04:48 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:04:48 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:04:48 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:04:48 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:04:48 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:04:48 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:04:48 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:04:48 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_DJyFzbrjmYendPd16293^\u003e:?{"
}
2020-09-01 12:04:48
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_lWFKGTqkbGXOiRlNFraimQzxTqoIaNWjNDGOVMUipUziSCXbkd7272024569*,.__
2020-09-01 12:04:48 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:04:48 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_DJyFzbrjmYendPd16293^\u003e:?{",
  "client_secret": "secret_lWFKGTqkbGXOiRlNFraimQzxTqoIaNWjNDGOVMUipUziSCXbkd7272024569*,.__"
}
2020-09-01 12:04:48 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:04:48 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:04:48
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:04:48 OUTGOING
oidcc-client-test-signing-key-rotation-just-before-signing
Response to HTTP request to test instance o8CN7XtFhpynJAF
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_DJyFzbrjmYendPd16293^\u003e:?{",
  "client_secret": "secret_lWFKGTqkbGXOiRlNFraimQzxTqoIaNWjNDGOVMUipUziSCXbkd7272024569*,.__",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:04:49 INCOMING
oidcc-client-test-signing-key-rotation-just-before-signing
Incoming HTTP request to test instance o8CN7XtFhpynJAF
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:04:49 OUTGOING
oidcc-client-test-signing-key-rotation-just-before-signing
Response to HTTP request to test instance o8CN7XtFhpynJAF
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "7c74fb60-00b4-4e33-922d-e6dc4ff75927",
      "n": "lBbMMCHkYEuF2jXdENy_g52GhP84XdEcZ_gK-n_kZNPXFcxBnAvv8Vdy5OeYMSM5mNzQVgnmcufXfG0Nav4HFgu79b2b7YLqoeqnKW1nkQRf_DI1pxwWLNSL-NPbB-YcbVgMfK3mdnTdL6ThTaPhmMLO_axBGVqJMlQL9_zcoz0NKbJuKrgdykusFaZTAm5sEFhNIiKP3YMKT80nnw-O-9Dn9Kmx-U8X6XLKCRdKa2LNlagQ6bE3uLMn7LlGUAqoSilK9zhGfHPVqGZRbZn5yyLq7NKOrCD_hx844QR1Qe4aPoIPcjQf63veh80vd035pYeS0bdd5Fdr2aUAR5f7oQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "8b53c29e-d0da-4b7d-9ac7-6a1b951911af",
      "n": "oPC_w_h0MOJfYXGhX9B_z7cp-x9eqfsuZqGjqmG4uvgjFFDLK-eia9D_-S5AV-ScJ56CCGtUpTmhPvxABDKKmFxQmgjD2iPSiVqVxbg-8NvgA7oDEurSqHq3NT8sPS1OhBP8EYu0tMJcHtO2o2eOrll0w9IG3aP7eCGCa823GQnas9hmoIgwsYJD_BSnY3EEJTr9UepgnjvhvRHwgEy_5On6T9Hao9GGtvewqLanVXohCB1nQT80mReR88a57W7CqwD0ersk49WlZHhpRgVhozdXtrnaOWbbbTmJt30m1Fr1NZhFPdHGxrqn9VqhjYpoakRBnaU6jILwNTD-O6FSow"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "d9674c35-5fc8-4377-8304-80e693f72788",
      "x": "mPkDH0oCKrn6mWFg5AmC9wADynM3_ilSyZKSiquTNTw",
      "y": "zTDVAnLHe4_8Q9jahiNF7tB8kQ4B5xqPHhFeQc9tsrg"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "c1b0831b-847f-4593-9562-1f22339a9ab1",
      "x": "H8HdvBK0VUAzJAVfTOvWAIvOQGK8EFXCGAf5O6Z451Y",
      "y": "WCpSPlWD2ubXZqVOehGCSXYUk0jHkDPVpzfjpIonq5E"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "df66843a-6395-41b9-9081-ca909c72cde7",
      "x": "B0LxOjF-qpyfaXSQ76D7dwFfO0XRCV7txM6oyF9bfHc",
      "y": "J4j-pv9AFf_EydnfiG73QgCf6Utf4VBfTH13dJlyPoU"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f229950c-7cc6-4cf6-8c32-30b637c23788",
      "x": "RYzjNYMK9KviSYFKd82S0sg5V8MN2y85M5H57YSpd50"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d888f3d1-12cd-43a6-ac2a-dfcc362de0d2",
      "alg": "RSA-OAEP",
      "n": "1Mr1ThZoArFMEuk0LN9BITgUT7qzQU6DaBXIzs5-ks5wxvhtphYaAojZu9rhggfoiGisduasEV9lrukAgs4gSN8ES3P9wNm8ZhNAI7t4kLl3CV_CwkkZWUy_WgV-vHHR3YM5OaemAIKUTnjkY5SXXa_4HkDIxVywPjdT_pM9bhrk2BqZbVB9j9Reeprw0w6CKbinA-LqXrFzgiVRMefVJ5abxs9Wlx7RMbmmG_bcoebY5FlWYdBu23sAwGJzfTyhqTp196FLnqEobZcVe5n9867L5knIHlfloey9aVoTnveG-ctFPefCT0cvZ4Gfo6r56s_IKuv4sw8SL9TGPsoriw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "29ac9a69-de0b-4b0f-b7d3-97ff5e573298",
      "x": "kdcI2YvY7xJQa6Yby9OWkkeXnP6Jrf5VbJ9Q7yiUILg",
      "y": "sE5bNqRZorlvgLoGSmWSB73F54EQWcyGQ_8ty8jPLes",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:04:50 INCOMING
oidcc-client-test-signing-key-rotation-just-before-signing
Incoming HTTP request to test instance o8CN7XtFhpynJAF
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_DJyFzbrjmYendPd16293^\u003e:?{",
  "scope": "openid",
  "response_type": "code",
  "request_uri": "https://limitless-retreat-96294.herokuapp.com/b5_mULflViA1IFjX-MX41"
}
incoming_body
Authorization endpoint
2020-09-01 12:04:50
FetchRequestUriAndExtractRequestObject
Fetching request object from request_uri
request_uri
https://limitless-retreat-96294.herokuapp.com/b5_mULflViA1IFjX-MX41
2020-09-01 12:04:50
FetchRequestUriAndExtractRequestObject
HTTP request
request_uri
https://limitless-retreat-96294.herokuapp.com/b5_mULflViA1IFjX-MX41
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-09-01 12:04:50 RESPONSE
FetchRequestUriAndExtractRequestObject
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "Cowboy",
  "connection": "keep-alive",
  "content-type": "application/oauth.authz.req+jwt",
  "content-length": "543",
  "date": "Tue, 01 Sep 2020 12:04:50 GMT",
  "via": "1.1 vegur"
}
response_body
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ESnlGemJyam1ZZW5kUGQxNjI5M14-Oj97Iiwic3RhdGUiOiJYa1pJaXB3MkRiaExFZXJlOHFjenF4ZDV5ZzUzNm1yWmV6VENwdFNOVkZNIiwiaXNzIjoiY2xpZW50X0RKeUZ6YnJqbVllbmRQZDE2MjkzXj46P3siLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9vOENON1h0RmhweW5KQUYvIiwianRpIjoiYlFXblRUX2NhblAzQ2VYUDhPajd6RUl3TmY3YmFoTUVXb0dvOUdmTXMyQSIsImlhdCI6MTU5ODk2MTk1MCwiZXhwIjoxNTk4OTYyMjUwfQ.
2020-09-01 12:04:50
FetchRequestUriAndExtractRequestObject
Downloaded request object
request_object
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ESnlGemJyam1ZZW5kUGQxNjI5M14-Oj97Iiwic3RhdGUiOiJYa1pJaXB3MkRiaExFZXJlOHFjenF4ZDV5ZzUzNm1yWmV6VENwdFNOVkZNIiwiaXNzIjoiY2xpZW50X0RKeUZ6YnJqbVllbmRQZDE2MjkzXj46P3siLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9vOENON1h0RmhweW5KQUYvIiwianRpIjoiYlFXblRUX2NhblAzQ2VYUDhPajd6RUl3TmY3YmFoTUVXb0dvOUdmTXMyQSIsImlhdCI6MTU5ODk2MTk1MCwiZXhwIjoxNTk4OTYyMjUwfQ.
2020-09-01 12:04:50 SUCCESS
FetchRequestUriAndExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ESnlGemJyam1ZZW5kUGQxNjI5M14-Oj97Iiwic3RhdGUiOiJYa1pJaXB3MkRiaExFZXJlOHFjenF4ZDV5ZzUzNm1yWmV6VENwdFNOVkZNIiwiaXNzIjoiY2xpZW50X0RKeUZ6YnJqbVllbmRQZDE2MjkzXj46P3siLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9vOENON1h0RmhweW5KQUYvIiwianRpIjoiYlFXblRUX2NhblAzQ2VYUDhPajd6RUl3TmY3YmFoTUVXb0dvOUdmTXMyQSIsImlhdCI6MTU5ODk2MTk1MCwiZXhwIjoxNTk4OTYyMjUwfQ.",
  "header": {
    "typ": "JWT",
    "alg": "none"
  },
  "claims": {
    "aud": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/",
    "scope": "openid",
    "iss": "client_DJyFzbrjmYendPd16293^\u003e:?{",
    "response_type": "code",
    "redirect_uri": "https://rp.example.com/cb",
    "state": "XkZIipw2DbhLEere8qczqxd5yg536mrZezTCptSNVFM",
    "exp": 1598962250,
    "iat": 1598961950,
    "client_id": "client_DJyFzbrjmYendPd16293^\u003e:?{",
    "jti": "bQWnTT_canP3CeXP8Oj7zEIwNf7bahMEWoGo9GfMs2A"
  }
}
2020-09-01 12:04:50 SUCCESS
EnsureRequestUriIsHttpsOrRequestObjectIsSigned
request_uri is a https url
request_uri
https://limitless-retreat-96294.herokuapp.com/b5_mULflViA1IFjX-MX41
2020-09-01 12:04:50 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:04:50 SUCCESS
OIDCCValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Sep 1, 2020, 12:10:50 PM"
2020-09-01 12:04:50 SUCCESS
ValidateRequestObjectIat
iat claim is valid
iat
1598961950
2020-09-01 12:04:50 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2020-09-01 12:04:50
ValidateRequestObjectMaxAge
Request object does not contain a max_age claim
2020-09-01 12:04:50 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2020-09-01 12:04:50 SUCCESS
OIDCCEnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code
client_id
client_DJyFzbrjmYendPd16293^>:?{
2020-09-01 12:04:50 SUCCESS
OIDCCEnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2020-09-01 12:04:50 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_DJyFzbrjmYendPd16293^\u003e:?{",
  "scope": "openid",
  "response_type": "code",
  "request_uri": "https://limitless-retreat-96294.herokuapp.com/b5_mULflViA1IFjX-MX41",
  "aud": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/",
  "iss": "client_DJyFzbrjmYendPd16293^\u003e:?{",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "XkZIipw2DbhLEere8qczqxd5yg536mrZezTCptSNVFM",
  "exp": 1598962250,
  "iat": 1598961950,
  "jti": "bQWnTT_canP3CeXP8Oj7zEIwNf7bahMEWoGo9GfMs2A"
}
2020-09-01 12:04:50 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:04:50 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2020-09-01 12:04:50 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-09-01 12:04:50 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_DJyFzbrjmYendPd16293^>:?{
2020-09-01 12:04:50 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:04:50 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:04:50 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:04:50 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
ssw8fqsQud
2020-09-01 12:04:50 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
xy3tfN0elGr2pX-0UOyLwg
2020-09-01 12:04:50 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "XkZIipw2DbhLEere8qczqxd5yg536mrZezTCptSNVFM"
}
2020-09-01 12:04:50 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "XkZIipw2DbhLEere8qczqxd5yg536mrZezTCptSNVFM",
  "code": "ssw8fqsQud"
}
2020-09-01 12:04:50
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://rp.example.com/cb?state=XkZIipw2DbhLEere8qczqxd5yg536mrZezTCptSNVFM&code=ssw8fqsQud
2020-09-01 12:04:50 OUTGOING
oidcc-client-test-signing-key-rotation-just-before-signing
Response to HTTP request to test instance o8CN7XtFhpynJAF
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://rp.example.com/cb?state=XkZIipw2DbhLEere8qczqxd5yg536mrZezTCptSNVFM&code=ssw8fqsQud]
outgoing_path
authorize
2020-09-01 12:04:50 INCOMING
oidcc-client-test-signing-key-rotation-just-before-signing
Incoming HTTP request to test instance o8CN7XtFhpynJAF
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X0RKeUZ6YnJqbVllbmRQZDE2MjkzJTVFJTNFJTNBJTNGJTdCOnNlY3JldF9sV0ZLR1Rxa2JHWE9pUmxORnJhaW1RenhUcW9JYU5Xak5ER09WTVVpcFV6aVNDWGJrZDcyNzIwMjQ1NjkqJTJDLl9f",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "ssw8fqsQud",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=ssw8fqsQud&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:04:50 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_DJyFzbrjmYendPd16293^>:?{
client_secret
secret_lWFKGTqkbGXOiRlNFraimQzxTqoIaNWjNDGOVMUipUziSCXbkd7272024569*,.__
method
client_secret_basic
2020-09-01 12:04:50 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:04:50 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
ssw8fqsQud
2020-09-01 12:04:50 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:04:50 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
xgfHIEmDsRK1INkIch6RD1i2F4wNuW2uXMHyNqisPFSIYj7tvK
2020-09-01 12:04:50 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
Z6n3NPTUJvW6o0EfMyPTKA
2020-09-01 12:04:50 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/o8CN7XtFhpynJAF/
sub
user-subject-1234531
aud
client_DJyFzbrjmYendPd16293^>:?{
iat
1598961890
exp
1598962190
2020-09-01 12:04:50 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
Z6n3NPTUJvW6o0EfMyPTKA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/o8CN7XtFhpynJAF/",
  "sub": "user-subject-1234531",
  "aud": "client_DJyFzbrjmYendPd16293^\u003e:?{",
  "iat": 1598961890,
  "exp": 1598962190,
  "at_hash": "Z6n3NPTUJvW6o0EfMyPTKA"
}
2020-09-01 12:04:51
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "9ge-lANRrcsbR4215Y5837hxQ3rEKKtoFV209HdqlWEl-WuhK0waSFTBbmUus-_-fjUpmEyywsMkDJt-o-IUdrxtKbCcdaheNe_HjljgT8DTOPWhflbSnpH-F6Mxtrh0QPFQSOixZJ7dmIBB7jAvlY0JDVVzd5xNms_cAco2CqE",
      "kty": "RSA",
      "q": "tnLnA3xBs3eBV9jZrnU9WEQUh_anFhyYyg22CzsnbVEdUfUmGB1pJPZ7aV98ulh2alaGloGfc07HcX3Zfub3d1BPnoYXhzv-8R_w05vUsUMlYU9WOtZkVzQ42sTSW6LhkYciN1LImGWxWV1LuQcWw6cwJjj8MHDHFAy9vfPp4Bs",
      "d": "AltrQevvNCxDMvLDbGFVm7rhw-aPNmyS5wtl2fb0AWYj2MjwAWr-M5zqJbO0CcvU_sRLwicl5Mq9KEsSQ1tdU8AadSiF52i6axPiduTw83ORcu679jSemPAHFTX-LwmOKlbkf791gscmqqSSo6XesYhReBEflMzK6sKu0ZNA7WHNEbdz2_vo5nHaoZ5Qv6khy2PeNmfGtAclTPPn-L4lWA4KyXjdt2gUho_WanZjxmoEOpFwGehfEHtSSiFdxApBAc4lmhFNhB7amDLCJ55Qcq98vS2LfHH90A8bOcLW8OSFTvXA4ylEI-taDPr6DaVQ9BrTau5RsszflkS6N12wQQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "fd0b84ba-fda8-4668-b85e-ee9292e4c638",
      "qi": "YC_5PqDfE6FqCz6ZQYKQkRYwiT9D4mviiVRqWbD3XhmutaFmKaHf_HXUuRdrqO_x-EbiY4zULAiujKf8IPWzFnCXKZIzTNiodfDfpUwSolOY4wZ04JeMVwEX_F9OHNfLuwEp7M0DIzKTflOnGzgR6-8y9DPCVTXq9YV3rTxXZqk",
      "dp": "WWB2205ZXclrH5NbgQlCVAOtIdZ3bE7YgOqJ0kWPcrTYFsQCyLfc1Gn12yTm0ndc_HxToAA88IPzlKDoYKDAzmGlRn_iVtvTXcS9ufiPhGmIUijpgfwIh5KBvBSM-tQHZ5BCmjnuN59-4Oe3C9B1eN7DaxSf3dPqXVMlmYDcIQ",
      "dq": "MQTeHImd_WH2Vmvk0IKfYL-p5H3YlpBIXMEiUBIsnapVflenTINaZJv0vHLzR_3MkvV8Y6Of-5MG8u8lKHtVsbDaM3VDjQoJjS9PvQr5MkcgG-z89gH0I5ncTKrk-cnhYQA1qTeMvaVU6PWwCp5k91xMC3j0CO_EDRb_Q7Hs_FE",
      "n": "r1fu9G6_O2ng-CS4jy9cbDzf-R7VkhlgEhppleHFZ8doliqnegruc2TC3fV2s4pBQ3-3fFcv7ZY27cKPFtj4enV0Tr3EHvwsHJCTQl6vCub7NKXjy91dJaqTZI_zg45xS5E-FFQNb3vqb_FDMBftOrNJoNy82p-8dLJLC1qEG4hXx81HIoX6yfM8vbgTR_qRou0gFLiSHte0u62E-KJO4ubYKuuj9qz1ww_L8RJdX1oSRLCq-8nr7gAOpeJr1rWkQooMj-IRpWpvuKYtwt0fhrZ5VjG90rFeZbgL8FD9ERTKeVZFOFMjbZmwACPkaxrvjj0heEaTvspoStJDHIj--w"
    },
    {
      "kty": "EC",
      "d": "0RGne8kbrtgi-7tsL8tgRSprZhIm_BED5OaPnMICH-Q",
      "use": "sig",
      "crv": "P-256",
      "kid": "16aa9a2b-f8e8-4923-93e1-5679e0096368",
      "x": "p4oylaF67wtOl1fMZ6Bz-LlEr0xNgQn-ETvAPgI5CqY",
      "y": "KrIlNN8yEI8sjIPv_pRkEpRSG41x8keEmILqV7f5A6w"
    },
    {
      "kty": "EC",
      "d": "yYavBHeYJNz5svlCcgMrsj6UOC0sOJWguj9vkvL6_2o",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "1e36593f-81b2-41fb-b99f-a5e9fd726770",
      "x": "rdEXn3aM-v6ykGMXssfOktAEGG5YKFdjbmOyRRmgqZc",
      "y": "ct8UhcS8z9NfWpfIp2Cf2y2ROL5pwjyFOYcOBpxAM8o"
    },
    {
      "kty": "OKP",
      "d": "RUOo5KQutoUnVo4tsqYvi8e5dp3UiCbIcIqnRFBtHZw",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "67c7d665-7efa-432e-97dc-cd268553af57",
      "x": "5R7YgiijGq_V7h7NTkTGF3DqlNjYI7943b2TL_fkp_4"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "3cdrnuXKT9o1NSBKeML6bcAqpAkiJaH2HYnZ9J2QixgrRSuIusy4GTPNhWTCVVUzql96mas4p7RK6s4RkAc3I6XuW9BnTVw8AGNK3lVrHYqjtkUWN0yPIDEHXonlxEALNIy9QkDYJZSuHKMGdItGLl8QCT09xy5WfeVK3Uqs9aU",
      "kty": "RSA",
      "q": "vzDJBdbgx332mkRJYusmvEh8dbk_Wvf3sw6PRUGPTh3_yiLO5N47FF5Mm4zsk9Mz4uZj16R4ytZMad4qDkTjoaThTjNeBRly63o4mm0KtXSh9gS79j5lLJbA-GXzJkRce62Yv0cutBFvMHuwyFLdVsEQrdO8IpCaQEvkEvhia00",
      "d": "mk2TZAlPSz1ATVGvaLENC_oeprdQ79MpXycNss1h1r0HSDKczzbk7SUf0S_9Jm9piVGAsU_Uhso1aWOhPDjizegQ6kfJ-AxIaZdm2FHxJp_Q7_eDxVtfNrdnfz-LAU-AsF-TkaqHxyYzC1egrSqA7tXaRomDMFMqzbYEhPpvnek2Wrj_-5tHEeG-6oq7pYkj-H78yFkqRWZfxK79hsp2OkYEqOqrk-t-wHh3Mzs5K-1ljxom0Xry7NeQLfeRnj-caGLvi9Lx6wJGlcH2_V03RWTbS9XA5wGm1bERsypFHe5785T1-7_X3vH8nhlS5Ihpx3XRo0PtzDKzC_9gujYGoQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "ce8e8e37-dc4a-47f0-938d-6e3283157fe5",
      "qi": "2neV9cHp4E37TWbUb_EuUxvNCnSvEkD8V5w5kRSvwaPOHZrbu8dpqPPANDZwsQR4M3GEDAx3s2ozwvgbLnMkrpe-jbVON_UPjfI_whGfy0bI-pknJtA5JJJr0mm9eMdqABBH7t4f5c9UKK98oO6plUYRdDY2bL5Pl4fiqLN2-2U",
      "dp": "bP1Gz1TgQrPauBwBXS18wpjQm8J9TH82ozeOrB8O3Lxo71pAnIRk6MXDd42XzzXK6Sx45LH3ars4ogHZMa3KFDPEWsylJ6hvOEWTkoXp2R-76qQzEcQHBmvx0iz0hKhwmUec7sVNM9LIafxX_MhBGiLPj6rQBGWqTb50NyIus50",
      "alg": "RSA-OAEP",
      "dq": "Ph4uogwPmiFN9w9KvK3kNvZiIamfcQHx46ZOXFURp3LNwbIPgILHtTVyNHPUBa9wQz9RnyWb7WM1DoyVI2-0ebdlUJAV8xgyo1lhfKMDALO1T4Z4P2hEXPlaFxqgpoU9ex2K7FLHVM_5TUpSxLNPoLk3nxKVJLHQvCUsJBG5gF0",
      "n": "paIM1l3JU1FADgeeGEVkqWTi7d6Jz-6HT0qlxA2JqDGR4UPJ1X-YB8HdFx6Tq9LQ5hdwYEYQg8F90FJLbFkOMUWBu7DAz4elUkqNtK4ZlGlTmWySm6heVa67Y2mH3Y-NR1uVXlwihh4U2qbH_jxJme_jALZAkDL3cQnhM8vKiD_BMmbjGRRDWcjgDp6RX3A-BkiUKs_OZperjwnlCaZdT63z4z3bBKJujcetDEs6VLf2li48OewM9e0D1oXECr_EsmJX_GKAC8B9BN8XlGFDrJyY08rNIcVSHppFy_85f2FQhL2UcvGOdpCsnKghXGmacTXk97DIdlg_l2CNodvZoQ"
    },
    {
      "kty": "EC",
      "d": "RZz_Krix-Pj31TBuP88_GY110O05wMlkPUAn6GpRATs",
      "use": "enc",
      "crv": "P-256",
      "kid": "633219e3-e4e0-419a-a60a-08a59bbd1936",
      "x": "TQhulT-Vl48eF8mFj2OEwSTPGGLtTHT9gcxwBsxvtP8",
      "y": "zCte98l2EiLr5RW8QwbtWJzpngbZ3fcLaLDROgxb1Iw",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "fd0b84ba-fda8-4668-b85e-ee9292e4c638",
      "n": "r1fu9G6_O2ng-CS4jy9cbDzf-R7VkhlgEhppleHFZ8doliqnegruc2TC3fV2s4pBQ3-3fFcv7ZY27cKPFtj4enV0Tr3EHvwsHJCTQl6vCub7NKXjy91dJaqTZI_zg45xS5E-FFQNb3vqb_FDMBftOrNJoNy82p-8dLJLC1qEG4hXx81HIoX6yfM8vbgTR_qRou0gFLiSHte0u62E-KJO4ubYKuuj9qz1ww_L8RJdX1oSRLCq-8nr7gAOpeJr1rWkQooMj-IRpWpvuKYtwt0fhrZ5VjG90rFeZbgL8FD9ERTKeVZFOFMjbZmwACPkaxrvjj0heEaTvspoStJDHIj--w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e0f00f7d-aeff-44f5-b6cf-e93c177c55fc",
      "n": "z0IDg7nxW1aW0mU2oMqNURdVHighsObs6TEWRSWHPQGc4ksyIH9R6s4TJW0wKX095u8u6J0vAVpJ8MGeU8kIwxNAM4633kwMt4mPSmDc2UbPaVyBXDAXQv4x3WjF6keE8Z7N6K8Qgdf8L6nzOtLM7AqXnBYiEM8R23q8G1oYkPstoc0sq3VDBAQnHDogliQBhUt9KBta9zQ7Ju_Ii_HELwOPYCMyWdGFypPtZ-nsSHAvP5PUA1shmdCB_KyNlfVqVBLy1_lXVhd2TcyG4T7FMO1KMYFsfW1Gk1JPHcmkn26ErFo_utbtLe-cqoy53PvTMkJovqfquJmimz4b8Ne21Q"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "16aa9a2b-f8e8-4923-93e1-5679e0096368",
      "x": "p4oylaF67wtOl1fMZ6Bz-LlEr0xNgQn-ETvAPgI5CqY",
      "y": "KrIlNN8yEI8sjIPv_pRkEpRSG41x8keEmILqV7f5A6w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "1d8d1dc7-7eb7-4938-8a2a-eb0de52b8624",
      "x": "wqGqkwTZfQO8O64b867IFfxgrPdJZP9wUN8nV38rcbg",
      "y": "9E-BfFHiPLff5EHdC-F1i3CPsd306p0NEBPyegXA7-I"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "1e36593f-81b2-41fb-b99f-a5e9fd726770",
      "x": "rdEXn3aM-v6ykGMXssfOktAEGG5YKFdjbmOyRRmgqZc",
      "y": "ct8UhcS8z9NfWpfIp2Cf2y2ROL5pwjyFOYcOBpxAM8o"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "67c7d665-7efa-432e-97dc-cd268553af57",
      "x": "5R7YgiijGq_V7h7NTkTGF3DqlNjYI7943b2TL_fkp_4"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "ce8e8e37-dc4a-47f0-938d-6e3283157fe5",
      "alg": "RSA-OAEP",
      "n": "paIM1l3JU1FADgeeGEVkqWTi7d6Jz-6HT0qlxA2JqDGR4UPJ1X-YB8HdFx6Tq9LQ5hdwYEYQg8F90FJLbFkOMUWBu7DAz4elUkqNtK4ZlGlTmWySm6heVa67Y2mH3Y-NR1uVXlwihh4U2qbH_jxJme_jALZAkDL3cQnhM8vKiD_BMmbjGRRDWcjgDp6RX3A-BkiUKs_OZperjwnlCaZdT63z4z3bBKJujcetDEs6VLf2li48OewM9e0D1oXECr_EsmJX_GKAC8B9BN8XlGFDrJyY08rNIcVSHppFy_85f2FQhL2UcvGOdpCsnKghXGmacTXk97DIdlg_l2CNodvZoQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "633219e3-e4e0-419a-a60a-08a59bbd1936",
      "x": "TQhulT-Vl48eF8mFj2OEwSTPGGLtTHT9gcxwBsxvtP8",
      "y": "zCte98l2EiLr5RW8QwbtWJzpngbZ3fcLaLDROgxb1Iw",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:04:51 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJmZDBiODRiYS1mZGE4LTQ2NjgtYjg1ZS1lZTkyOTJlNGM2MzgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiWjZuM05QVFVKdlc2bzBFZk15UFRLQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X0RKeUZ6YnJqbVllbmRQZDE2MjkzXj46P3siLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvbzhDTjdYdEZocHluSkFGXC8iLCJleHAiOjE1OTg5NjIxOTAsImlhdCI6MTU5ODk2MTg5MH0.U8g13UZTUVvO7p4P5B2gJ-03uR1yKGPV5x453z8PgREYSEubmXjCmSVxJ1mF0nnJsWloQNa4EijvQ53Fj3WEBzLQQ4RSUtS1M1CNkTXxK8AtFl77Ghml1AgJWf4zK6GE9BSVFaBDyxdbxuMtbzxdMNxPIiTqtxQUvnN5_pXFq4b_KT3WplUNt_m0lK__CE2TKVcTLsx-_tUCkrFoj-CdtT69sUgVaEcG1KdtWPXNssfQCkC5w08rSRXLkiy3-fOhgkxCKxLEJzXcmBF2ujGz9AT3-O4k8HvBwhjj2VGkPlYXTWYyiGz3ObintGNWVL50o7hIQvUx-Bx7b89SgEmfcA
key
{"p":"9ge-lANRrcsbR4215Y5837hxQ3rEKKtoFV209HdqlWEl-WuhK0waSFTBbmUus-_-fjUpmEyywsMkDJt-o-IUdrxtKbCcdaheNe_HjljgT8DTOPWhflbSnpH-F6Mxtrh0QPFQSOixZJ7dmIBB7jAvlY0JDVVzd5xNms_cAco2CqE","kty":"RSA","q":"tnLnA3xBs3eBV9jZrnU9WEQUh_anFhyYyg22CzsnbVEdUfUmGB1pJPZ7aV98ulh2alaGloGfc07HcX3Zfub3d1BPnoYXhzv-8R_w05vUsUMlYU9WOtZkVzQ42sTSW6LhkYciN1LImGWxWV1LuQcWw6cwJjj8MHDHFAy9vfPp4Bs","d":"AltrQevvNCxDMvLDbGFVm7rhw-aPNmyS5wtl2fb0AWYj2MjwAWr-M5zqJbO0CcvU_sRLwicl5Mq9KEsSQ1tdU8AadSiF52i6axPiduTw83ORcu679jSemPAHFTX-LwmOKlbkf791gscmqqSSo6XesYhReBEflMzK6sKu0ZNA7WHNEbdz2_vo5nHaoZ5Qv6khy2PeNmfGtAclTPPn-L4lWA4KyXjdt2gUho_WanZjxmoEOpFwGehfEHtSSiFdxApBAc4lmhFNhB7amDLCJ55Qcq98vS2LfHH90A8bOcLW8OSFTvXA4ylEI-taDPr6DaVQ9BrTau5RsszflkS6N12wQQ","e":"AQAB","use":"sig","kid":"fd0b84ba-fda8-4668-b85e-ee9292e4c638","qi":"YC_5PqDfE6FqCz6ZQYKQkRYwiT9D4mviiVRqWbD3XhmutaFmKaHf_HXUuRdrqO_x-EbiY4zULAiujKf8IPWzFnCXKZIzTNiodfDfpUwSolOY4wZ04JeMVwEX_F9OHNfLuwEp7M0DIzKTflOnGzgR6-8y9DPCVTXq9YV3rTxXZqk","dp":"WWB2205ZXclrH5NbgQlCVAOtIdZ3bE7YgOqJ0kWPcrTYFsQCyLfc1Gn12yTm0ndc_HxToAA88IPzlKDoYKDAzmGlRn_iVtvTXcS9ufiPhGmIUijpgfwIh5KBvBSM-tQHZ5BCmjnuN59-4Oe3C9B1eN7DaxSf3dPqXVMlmYDcIQ","dq":"MQTeHImd_WH2Vmvk0IKfYL-p5H3YlpBIXMEiUBIsnapVflenTINaZJv0vHLzR_3MkvV8Y6Of-5MG8u8lKHtVsbDaM3VDjQoJjS9PvQr5MkcgG-z89gH0I5ncTKrk-cnhYQA1qTeMvaVU6PWwCp5k91xMC3j0CO_EDRb_Q7Hs_FE","n":"r1fu9G6_O2ng-CS4jy9cbDzf-R7VkhlgEhppleHFZ8doliqnegruc2TC3fV2s4pBQ3-3fFcv7ZY27cKPFtj4enV0Tr3EHvwsHJCTQl6vCub7NKXjy91dJaqTZI_zg45xS5E-FFQNb3vqb_FDMBftOrNJoNy82p-8dLJLC1qEG4hXx81HIoX6yfM8vbgTR_qRou0gFLiSHte0u62E-KJO4ubYKuuj9qz1ww_L8RJdX1oSRLCq-8nr7gAOpeJr1rWkQooMj-IRpWpvuKYtwt0fhrZ5VjG90rFeZbgL8FD9ERTKeVZFOFMjbZmwACPkaxrvjj0heEaTvspoStJDHIj--w"}
algorithm
RS256
2020-09-01 12:04:51 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:04:51 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
xgfHIEmDsRK1INkIch6RD1i2F4wNuW2uXMHyNqisPFSIYj7tvK
token_type
Bearer
id_token
eyJraWQiOiJmZDBiODRiYS1mZGE4LTQ2NjgtYjg1ZS1lZTkyOTJlNGM2MzgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiWjZuM05QVFVKdlc2bzBFZk15UFRLQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X0RKeUZ6YnJqbVllbmRQZDE2MjkzXj46P3siLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvbzhDTjdYdEZocHluSkFGXC8iLCJleHAiOjE1OTg5NjIxOTAsImlhdCI6MTU5ODk2MTg5MH0.U8g13UZTUVvO7p4P5B2gJ-03uR1yKGPV5x453z8PgREYSEubmXjCmSVxJ1mF0nnJsWloQNa4EijvQ53Fj3WEBzLQQ4RSUtS1M1CNkTXxK8AtFl77Ghml1AgJWf4zK6GE9BSVFaBDyxdbxuMtbzxdMNxPIiTqtxQUvnN5_pXFq4b_KT3WplUNt_m0lK__CE2TKVcTLsx-_tUCkrFoj-CdtT69sUgVaEcG1KdtWPXNssfQCkC5w08rSRXLkiy3-fOhgkxCKxLEJzXcmBF2ujGz9AT3-O4k8HvBwhjj2VGkPlYXTWYyiGz3ObintGNWVL50o7hIQvUx-Bx7b89SgEmfcA
scope
openid
2020-09-01 12:04:51 OUTGOING
oidcc-client-test-signing-key-rotation-just-before-signing
Response to HTTP request to test instance o8CN7XtFhpynJAF
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "xgfHIEmDsRK1INkIch6RD1i2F4wNuW2uXMHyNqisPFSIYj7tvK",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJmZDBiODRiYS1mZGE4LTQ2NjgtYjg1ZS1lZTkyOTJlNGM2MzgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiWjZuM05QVFVKdlc2bzBFZk15UFRLQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X0RKeUZ6YnJqbVllbmRQZDE2MjkzXj46P3siLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvbzhDTjdYdEZocHluSkFGXC8iLCJleHAiOjE1OTg5NjIxOTAsImlhdCI6MTU5ODk2MTg5MH0.U8g13UZTUVvO7p4P5B2gJ-03uR1yKGPV5x453z8PgREYSEubmXjCmSVxJ1mF0nnJsWloQNa4EijvQ53Fj3WEBzLQQ4RSUtS1M1CNkTXxK8AtFl77Ghml1AgJWf4zK6GE9BSVFaBDyxdbxuMtbzxdMNxPIiTqtxQUvnN5_pXFq4b_KT3WplUNt_m0lK__CE2TKVcTLsx-_tUCkrFoj-CdtT69sUgVaEcG1KdtWPXNssfQCkC5w08rSRXLkiy3-fOhgkxCKxLEJzXcmBF2ujGz9AT3-O4k8HvBwhjj2VGkPlYXTWYyiGz3ObintGNWVL50o7hIQvUx-Bx7b89SgEmfcA",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:04:51 INCOMING
oidcc-client-test-signing-key-rotation-just-before-signing
Incoming HTTP request to test instance o8CN7XtFhpynJAF
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:04:51 OUTGOING
oidcc-client-test-signing-key-rotation-just-before-signing
Response to HTTP request to test instance o8CN7XtFhpynJAF
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "fd0b84ba-fda8-4668-b85e-ee9292e4c638",
      "n": "r1fu9G6_O2ng-CS4jy9cbDzf-R7VkhlgEhppleHFZ8doliqnegruc2TC3fV2s4pBQ3-3fFcv7ZY27cKPFtj4enV0Tr3EHvwsHJCTQl6vCub7NKXjy91dJaqTZI_zg45xS5E-FFQNb3vqb_FDMBftOrNJoNy82p-8dLJLC1qEG4hXx81HIoX6yfM8vbgTR_qRou0gFLiSHte0u62E-KJO4ubYKuuj9qz1ww_L8RJdX1oSRLCq-8nr7gAOpeJr1rWkQooMj-IRpWpvuKYtwt0fhrZ5VjG90rFeZbgL8FD9ERTKeVZFOFMjbZmwACPkaxrvjj0heEaTvspoStJDHIj--w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e0f00f7d-aeff-44f5-b6cf-e93c177c55fc",
      "n": "z0IDg7nxW1aW0mU2oMqNURdVHighsObs6TEWRSWHPQGc4ksyIH9R6s4TJW0wKX095u8u6J0vAVpJ8MGeU8kIwxNAM4633kwMt4mPSmDc2UbPaVyBXDAXQv4x3WjF6keE8Z7N6K8Qgdf8L6nzOtLM7AqXnBYiEM8R23q8G1oYkPstoc0sq3VDBAQnHDogliQBhUt9KBta9zQ7Ju_Ii_HELwOPYCMyWdGFypPtZ-nsSHAvP5PUA1shmdCB_KyNlfVqVBLy1_lXVhd2TcyG4T7FMO1KMYFsfW1Gk1JPHcmkn26ErFo_utbtLe-cqoy53PvTMkJovqfquJmimz4b8Ne21Q"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "16aa9a2b-f8e8-4923-93e1-5679e0096368",
      "x": "p4oylaF67wtOl1fMZ6Bz-LlEr0xNgQn-ETvAPgI5CqY",
      "y": "KrIlNN8yEI8sjIPv_pRkEpRSG41x8keEmILqV7f5A6w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "1d8d1dc7-7eb7-4938-8a2a-eb0de52b8624",
      "x": "wqGqkwTZfQO8O64b867IFfxgrPdJZP9wUN8nV38rcbg",
      "y": "9E-BfFHiPLff5EHdC-F1i3CPsd306p0NEBPyegXA7-I"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "1e36593f-81b2-41fb-b99f-a5e9fd726770",
      "x": "rdEXn3aM-v6ykGMXssfOktAEGG5YKFdjbmOyRRmgqZc",
      "y": "ct8UhcS8z9NfWpfIp2Cf2y2ROL5pwjyFOYcOBpxAM8o"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "67c7d665-7efa-432e-97dc-cd268553af57",
      "x": "5R7YgiijGq_V7h7NTkTGF3DqlNjYI7943b2TL_fkp_4"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "ce8e8e37-dc4a-47f0-938d-6e3283157fe5",
      "alg": "RSA-OAEP",
      "n": "paIM1l3JU1FADgeeGEVkqWTi7d6Jz-6HT0qlxA2JqDGR4UPJ1X-YB8HdFx6Tq9LQ5hdwYEYQg8F90FJLbFkOMUWBu7DAz4elUkqNtK4ZlGlTmWySm6heVa67Y2mH3Y-NR1uVXlwihh4U2qbH_jxJme_jALZAkDL3cQnhM8vKiD_BMmbjGRRDWcjgDp6RX3A-BkiUKs_OZperjwnlCaZdT63z4z3bBKJujcetDEs6VLf2li48OewM9e0D1oXECr_EsmJX_GKAC8B9BN8XlGFDrJyY08rNIcVSHppFy_85f2FQhL2UcvGOdpCsnKghXGmacTXk97DIdlg_l2CNodvZoQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "633219e3-e4e0-419a-a60a-08a59bbd1936",
      "x": "TQhulT-Vl48eF8mFj2OEwSTPGGLtTHT9gcxwBsxvtP8",
      "y": "zCte98l2EiLr5RW8QwbtWJzpngbZ3fcLaLDROgxb1Iw",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:04:51 INCOMING
oidcc-client-test-signing-key-rotation-just-before-signing
Incoming HTTP request to test instance o8CN7XtFhpynJAF
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer xgfHIEmDsRK1INkIch6RD1i2F4wNuW2uXMHyNqisPFSIYj7tvK",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:04:51 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
xgfHIEmDsRK1INkIch6RD1i2F4wNuW2uXMHyNqisPFSIYj7tvK
2020-09-01 12:04:51 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
xgfHIEmDsRK1INkIch6RD1i2F4wNuW2uXMHyNqisPFSIYj7tvK
2020-09-01 12:04:51 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:04:51
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:04:51 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:04:51 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:04:51 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:04:51 OUTGOING
oidcc-client-test-signing-key-rotation-just-before-signing
Response to HTTP request to test instance o8CN7XtFhpynJAF
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531"
}
outgoing_path
userinfo
2020-09-01 12:04:51 FINISHED
oidcc-client-test-signing-key-rotation-just-before-signing
Test has run to completion
testmodule_result
PASSED
Test Results