Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:04:53 INFO
TEST-RUNNER
Test instance avbn4lDnDLmipBp created
baseUrl
https://www.certification.openid.net/test/avbn4lDnDLmipBp
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "request_uri",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias

                                
description
test suite runner for openid-client
planId
yOlk25gGaeYUc
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-signing-key-rotation
2020-09-01 12:04:53 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/token",
  "jwks_uri": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:04:53
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/token",
  "jwks_uri": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:04:53
SetRequestUriParameterSupportedToTrueInServerConfiguration
Enabled request_uri support in server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/token",
  "jwks_uri": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "PS256",
    "ES256"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
2020-09-01 12:04:54
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "1KBjyafjvk-Thw4TrvO-CIHDyrO5iM5xuVNU6yO53_dq28nsLN2y3WR4JZopbgcSVG5vpKdieXBjYc_2v6fS6eqjy-L3dtJTZSyUfBnULcKl703MgHtkDHC4ljBvy01hHWeXZNNPistULctWbmq1Z4aCNUJwI3RffbdJKAKLn_E",
      "kty": "RSA",
      "q": "wV-NfUoH8XCY7xqPNz4D7mrTtMPs3Nv6MguBLXHfN0ecDyWjn7XprWMQjgnWMsfomo9gxaxuvC-mZKAfahqBNuq3KaDdgsR-hpPJduOtJypQj9irFnPJ5O9GtsTgeMOYKBvPR6dwN3vLaxpKhtiWHg5AG-DLrOhg-TWaFjlxew0",
      "d": "SxgHKgtedZ-YDvNEpkXlUylaYCwxsoTbuUzYuZNpuP5vcVAJLzBiarbrFTv2BFbVevBoIC9kw1nGodO_51efy79NIMzZ4QJVv4qoQQALZGY2bMmT6t-UaFtLIJO_lOfUPyzpFbCdPT4f38Md0p9HkMlzfHYSEuC6lXm1aW8luAQ_8n_nb1ggCyev27bSvQ10oarW2Gkjxu7lPNYtbPWnstl4t5BuKIzCYxOPvbNsE8S5XXOhAz8XujuPBwg6mIzJcTBEp5crlyx2XGHhi-IMTpYRYJO_qD4GcK0U9eQ8zzuJd-HcUeus7HuFHUZyUP0zK_D1vkLOogoeKmBOvxvagQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "1b6713da-30c0-4ea3-8e41-37ef8b015a06",
      "qi": "nilRmPp8HlwR-B0YUNQ0yKr0nBfosE-5Ii54FSL7k0giCxZxSTKYUY8DawBysvAmSUcAo3m6bBWtWld3gepItl0eUmk9iVVq5NK1znfNPI2iWXRlt9H2jo9jVvRgILhu-64MEj8Qzqe8lIWxMKuoaTWa1fQ-ySQhfQeqSBa1uIU",
      "dp": "c2YtYnf1Wge0aPtR4YU2YUWUbwJGMyLghBXfI9N7ATw2Sd14ig01E4WA09-slqPN5fceLr4N6xz9Q0vsfq5mAUCw72papqmWS3X7jLMz_jYDezK9SAowDbRr6k-VjUCM8bmUaEtrg0fBgy011q2hkPNm3eMWG5gAb6m3Ubi38PE",
      "dq": "Z6VGmivu-_slDauHrc1goA7EMHR_ZZXGkcJW17vcL64DOJ8tB3KisFuTyP3-wDMkOou1C96zb8x-fBrTG7TfI0dFK1vcvrWBN7LI3h-EdKSaj69LbHpdcYbKuTXnNvNnf8AAJuDZJfQFgP-TiJlYRP3QYODpamEXcRvI3jal25U",
      "n": "oJxIRHYrwLCP9BBnrRPMAph3cwe38Ix5sZKBalrCB4U5qTVoCoGkflT2y2iTcYueolx-ZHwF1nLxE1GjbI4WQFKM28ZGmEFJ64SeTJBFAyNUdMNeXCnER_rzFTHHGCPEX6cK_-Ww4ZnRB6Cr0UHV3De13GwyIpx55QAkHi5pKPoEM9b1svlMoFcx9sPv1aAXszmdIu9M648pCp4bJn3YAaoPybmnMJngYPTZjCGHb_ZZGH15rHW395Z-MVIt17YLIMtgYpiZIWOR9r2KkrsQMJIsy-nMViNjb-Z8DXfbB01S-dihpnF73fXJqSeligD739FAkomaKkNhyt81eVDqPQ"
    },
    {
      "kty": "EC",
      "d": "jX3dZrFqwRCaGm1x_dzTC2fwxC70Xn_geeZOzD_uOZw",
      "use": "sig",
      "crv": "P-256",
      "kid": "84838651-76e9-48e7-b51e-82cbcde4c780",
      "x": "gNAJTeUB8JXDXqdcaAbOp0RbqC_ogRIFQMPoIqSOjrA",
      "y": "WY9KQQwq1vm2q6IQPmkTClBvw3GC1mKORSvB35rJxN8"
    },
    {
      "kty": "EC",
      "d": "jRVi2Q8M9KZX-_obagPKYUqqk8atndsBbkIXsXWc0gI",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "7bf86202-d9fc-401d-af45-02791c1d7ffa",
      "x": "wpINONOqZbnamfGAPrEdO0LwkKt6C8pqcvVmPzu4jy0",
      "y": "1cnTMRBCaVfaPh6JvsDEipR1nA-wq-xU0swwWuEtOuY"
    },
    {
      "kty": "OKP",
      "d": "X_j7eLWmQomZRAPknb4iS_xz8A4BHIshxzLDdWQlwIc",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "cd0d338a-f8c4-4a53-be71-e66f4794b12c",
      "x": "RYnFIyRg8fyh9KEo6atzKNDN3TY_S1SB1hpBgpxGgkU"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "v5kvEc710uK6IqHiI0aUaFQJood2CgkPSI7FnpmginT9QdCyaqmCrfKY98xhX6XonY_Wo4schgssWCcFxXKicfT0dGX4hKoybL2Snx38p_SPjs2-8RJJ3DqNAXv_ErA4k7drsGge5WVwF-9W3xKzZFCUO9oW5dyYCWLmg8lKauU",
      "kty": "RSA",
      "q": "vyQ0-BUqvULHd_mYk3jmhnePnv39-XQi95kAJ5sMqXDf5J2re55hEartxxl9Jv6eneXcCEb7-yhguaOokgG4ocLCMqWGYjLl1LkmglhDRDYQ5WzImuzXcY8k6TUMbgmuOpPQrZZ_UhdWWOQLEZaZeDlTlssfmsXKLQYjO-8KpM8",
      "d": "VqQUKJ4VrwEpF51tSrUAxIhX4W5U9n30hkebplnSVYS4vIwxdEzNKzTi2ndHUyjxeM4aHKLMB-CPsBt4vlNSC6IX_PzwllRqthIkGPFJxj_SHV-7u7KmLBQjJ53ZPe3e57nq2iInB2X34eMfNSUUcrCVGHnIWUSM_dlgv0-D05TZoQdjzrBRLf1NkdviuFNfVJO6Ji0Zz2vC3Ord7Qv2yv7GdMGjryOduMNTtaI9yJQ4dNSd2oNVvLYghCGYYssahATQ4n3ckIw7sfanbm1UIAyaxCaskqkFQcKOluXiXMZhCu-MgsT2z1VLUEto11BaLunruvlrfR4xYdm03VmRoQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "7f263c62-75eb-4e39-9485-062667290981",
      "qi": "QsAJs0YthmzqKy-JCohBKhaPuiYWbxgCdOBPasS9iG_2goAIxxWHC0fbAZ1wewXHYsXOxRcWpYF-CQz7U5WS5WTA1yWs1DLl7M--VUWWNpg4JMX8ci9G68CMPgA6vJlfPaDfRYmsCtAdmyjeswen4m3laxSknWQPONiWp40kCn0",
      "dp": "R9_mKW8TBqZpHx7NX2BVwgFsj9zzKfaWFikA92s4L1iNvQfWNm8ah7iPK74u9Rue9KSF51oDPEGqw_L3lkdXqxoyLgwmu1XBjsta2nf8VOFIjVCfhX3P2V7ZkKn8WP1ka_2N12Jn3LQ95ayyUQKJ62LTCNTabCZhnnvMb7muQgU",
      "alg": "RSA-OAEP",
      "dq": "Szk0n221JEbjuZPBOEiccM8c9rV-_m12VXshVHTwxr5lXtOuaTgre4iJi5G8b1xFkF6l-Zv2DyIU7vo5nTyQLRk41DXQbVUanl0_ioyx7GZav-_QAyiyoT50iFMYUTX-G4-Q0MAp22TT1qfos0NRor7s5quKBJ9SseV4eF3bEoE",
      "n": "jw5jTbG3R9d_KqK3ylqGKbKh7HwUxfIw_j8drltU5ithz5T5bK2vnIid_Ju7cWME8FZkh3l9eeBrbg024qQ8kYf02VwPSzw_HppKN4B4EF3bmxZtGUxMdYB_hWlKMgstGzkOtJ9xcliWgiXT8AhRQ6aUm2dhaNn8w80dst0dWmIEAH_oFR6gmFohEILr65wBI0g9bnzPleVO1tPaVAIhfytoIyN361HPo4S17Rr-hXrHN8Ml5O-3-OJQ74JiUXkDC8l3Lxb6kEWCE-dYV7WA4PnxH_C7jVev1zZX7rTuQjNctf6TaaqIa3BrV0HNYudGq2suSbZm-yRP2Rn-Z5kjKw"
    },
    {
      "kty": "EC",
      "d": "46FSnhpf0szSu3paTAUzb3lZY0DeeasUFPprDWhGKdk",
      "use": "enc",
      "crv": "P-256",
      "kid": "12d60d2f-ac24-4efd-b86d-50ed1bc0aaff",
      "x": "ndboA72hZPXquLif5HSe5VdNSqOyTRDd1CP2HxScFXM",
      "y": "mZ4PgaX4ug3CqVxNOqIN40KAclzTi2zhOLeePCD4KVs",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "1b6713da-30c0-4ea3-8e41-37ef8b015a06",
      "n": "oJxIRHYrwLCP9BBnrRPMAph3cwe38Ix5sZKBalrCB4U5qTVoCoGkflT2y2iTcYueolx-ZHwF1nLxE1GjbI4WQFKM28ZGmEFJ64SeTJBFAyNUdMNeXCnER_rzFTHHGCPEX6cK_-Ww4ZnRB6Cr0UHV3De13GwyIpx55QAkHi5pKPoEM9b1svlMoFcx9sPv1aAXszmdIu9M648pCp4bJn3YAaoPybmnMJngYPTZjCGHb_ZZGH15rHW395Z-MVIt17YLIMtgYpiZIWOR9r2KkrsQMJIsy-nMViNjb-Z8DXfbB01S-dihpnF73fXJqSeligD739FAkomaKkNhyt81eVDqPQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "740efbc6-c00a-4f7b-8a83-1d8f87c998d8",
      "n": "l4k-2a6BtfGEjgbdNcVaZn9fxI0cTtY112ub1S5nWKCVjjRYgdIQYoeNvTP_eCHWmN1U3vTE4gCRr2YGkf5RQt4fMBW9eXJi4AL2CNyZ4svKqd6dPOWjtKNir3-4Dag2gq8SgyUZS2v7tb7b_qpTsWn5XmmZvFPBOVEvXTeEVkM_SQLJSn4zvxVIooNbMoKNwKlUz2gvKsk3V0jkYGXlerxIEFMsEdTsiT_WjrMWL0v5dh4vdfgF-0oeDpDsc6p3-BUX9DY9PUGfN8Ug6eaZMfTvzqVg2xgOYG_iZ_1s-gYlI05GlxHave5D4NsP03zzXzPh-DgH_A2ACQzdRXSIew"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "84838651-76e9-48e7-b51e-82cbcde4c780",
      "x": "gNAJTeUB8JXDXqdcaAbOp0RbqC_ogRIFQMPoIqSOjrA",
      "y": "WY9KQQwq1vm2q6IQPmkTClBvw3GC1mKORSvB35rJxN8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "8b71083a-d20a-428c-aacc-c2e96c5c5bde",
      "x": "C31Se22iRSbIG7rsxaFzarFzV8d1uujHcIqgqR6v4K4",
      "y": "DQUwPMpDRu4uM5IZCh-z14hN3BEO3rFjh5lSQ3DDnkU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "7bf86202-d9fc-401d-af45-02791c1d7ffa",
      "x": "wpINONOqZbnamfGAPrEdO0LwkKt6C8pqcvVmPzu4jy0",
      "y": "1cnTMRBCaVfaPh6JvsDEipR1nA-wq-xU0swwWuEtOuY"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "cd0d338a-f8c4-4a53-be71-e66f4794b12c",
      "x": "RYnFIyRg8fyh9KEo6atzKNDN3TY_S1SB1hpBgpxGgkU"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "7f263c62-75eb-4e39-9485-062667290981",
      "alg": "RSA-OAEP",
      "n": "jw5jTbG3R9d_KqK3ylqGKbKh7HwUxfIw_j8drltU5ithz5T5bK2vnIid_Ju7cWME8FZkh3l9eeBrbg024qQ8kYf02VwPSzw_HppKN4B4EF3bmxZtGUxMdYB_hWlKMgstGzkOtJ9xcliWgiXT8AhRQ6aUm2dhaNn8w80dst0dWmIEAH_oFR6gmFohEILr65wBI0g9bnzPleVO1tPaVAIhfytoIyN361HPo4S17Rr-hXrHN8Ml5O-3-OJQ74JiUXkDC8l3Lxb6kEWCE-dYV7WA4PnxH_C7jVev1zZX7rTuQjNctf6TaaqIa3BrV0HNYudGq2suSbZm-yRP2Rn-Z5kjKw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "12d60d2f-ac24-4efd-b86d-50ed1bc0aaff",
      "x": "ndboA72hZPXquLif5HSe5VdNSqOyTRDd1CP2HxScFXM",
      "y": "mZ4PgaX4ug3CqVxNOqIN40KAclzTi2zhOLeePCD4KVs",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:04:54 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:04:54 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:04:54 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:04:54 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:04:54
oidcc-client-test-signing-key-rotation
Setup Done
2020-09-01 12:04:56 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:04:56 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/token",
  "jwks_uri": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "PS256",
    "ES256"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:04:57 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "161",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code"],"grant_types":["authorization_code"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:04:57 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:04:57 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:04:57 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-09-01 12:04:57 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:04:57 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:04:57 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:04:57 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:04:57 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:04:57 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:04:57 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:04:57 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:04:57 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:04:57 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:04:57 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:04:57 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:04:57 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:04:57 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:04:57 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:04:57 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:04:57 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:04:57 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:04:57 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:04:57 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026"
}
2020-09-01 12:04:57
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_SbsiHzxJvqcwMqgqlzilPnUhLpxyTzbUOeZikNkSJCHPTKSzmc0423920170*>}-)
2020-09-01 12:04:57 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:04:57 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "client_secret": "secret_SbsiHzxJvqcwMqgqlzilPnUhLpxyTzbUOeZikNkSJCHPTKSzmc0423920170*\u003e}-)"
}
2020-09-01 12:04:57 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:04:57 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:04:57
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:04:57 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "client_secret": "secret_SbsiHzxJvqcwMqgqlzilPnUhLpxyTzbUOeZikNkSJCHPTKSzmc0423920170*\u003e}-)",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:04:58 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "scope": "openid",
  "response_type": "code",
  "request_uri": "https://limitless-retreat-96294.herokuapp.com/TgpeFyx92eoJYVvOq2uMS"
}
incoming_body
Authorization endpoint
2020-09-01 12:04:58
FetchRequestUriAndExtractRequestObject
Fetching request object from request_uri
request_uri
https://limitless-retreat-96294.herokuapp.com/TgpeFyx92eoJYVvOq2uMS
2020-09-01 12:04:58
FetchRequestUriAndExtractRequestObject
HTTP request
request_uri
https://limitless-retreat-96294.herokuapp.com/TgpeFyx92eoJYVvOq2uMS
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-09-01 12:04:58 RESPONSE
FetchRequestUriAndExtractRequestObject
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "Cowboy",
  "connection": "keep-alive",
  "content-type": "application/jwt",
  "content-length": "543",
  "date": "Tue, 01 Sep 2020 12:04:58 GMT",
  "via": "1.1 vegur"
}
response_body
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ld2JYTVNOUUx0SWx1S1ExMDY0MCs-LWAmIiwic3RhdGUiOiJPcmZwME9UMjhwODFidmNRNlo5Vk1LeWIwQjJtNXkzc2NGSFJHbkQ3WHFZIiwiaXNzIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hdmJuNGxEbkRMbWlwQnAvIiwianRpIjoiUUpBUWJDYjVHYk5vc2lqeEI5NGVmSGNVaUhjU3I1V3k3LWhWUDk1a2E3ayIsImlhdCI6MTU5ODk2MTg5NywiZXhwIjoxNTk4OTYyMTk3fQ.
2020-09-01 12:04:58
FetchRequestUriAndExtractRequestObject
Downloaded request object
request_object
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ld2JYTVNOUUx0SWx1S1ExMDY0MCs-LWAmIiwic3RhdGUiOiJPcmZwME9UMjhwODFidmNRNlo5Vk1LeWIwQjJtNXkzc2NGSFJHbkQ3WHFZIiwiaXNzIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hdmJuNGxEbkRMbWlwQnAvIiwianRpIjoiUUpBUWJDYjVHYk5vc2lqeEI5NGVmSGNVaUhjU3I1V3k3LWhWUDk1a2E3ayIsImlhdCI6MTU5ODk2MTg5NywiZXhwIjoxNTk4OTYyMTk3fQ.
2020-09-01 12:04:58 SUCCESS
FetchRequestUriAndExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ld2JYTVNOUUx0SWx1S1ExMDY0MCs-LWAmIiwic3RhdGUiOiJPcmZwME9UMjhwODFidmNRNlo5Vk1LeWIwQjJtNXkzc2NGSFJHbkQ3WHFZIiwiaXNzIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hdmJuNGxEbkRMbWlwQnAvIiwianRpIjoiUUpBUWJDYjVHYk5vc2lqeEI5NGVmSGNVaUhjU3I1V3k3LWhWUDk1a2E3ayIsImlhdCI6MTU5ODk2MTg5NywiZXhwIjoxNTk4OTYyMTk3fQ.",
  "header": {
    "typ": "JWT",
    "alg": "none"
  },
  "claims": {
    "aud": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
    "scope": "openid",
    "iss": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
    "response_type": "code",
    "redirect_uri": "https://rp.example.com/cb",
    "state": "Orfp0OT28p81bvcQ6Z9VMKyb0B2m5y3scFHRGnD7XqY",
    "exp": 1598962197,
    "iat": 1598961897,
    "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
    "jti": "QJAQbCb5GbNosijxB94efHcUiHcSr5Wy7-hVP95ka7k"
  }
}
2020-09-01 12:04:58 SUCCESS
EnsureRequestUriIsHttpsOrRequestObjectIsSigned
request_uri is a https url
request_uri
https://limitless-retreat-96294.herokuapp.com/TgpeFyx92eoJYVvOq2uMS
2020-09-01 12:04:58 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:04:58 SUCCESS
OIDCCValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Sep 1, 2020, 12:09:57 PM"
2020-09-01 12:04:58 SUCCESS
ValidateRequestObjectIat
iat claim is valid
iat
1598961897
2020-09-01 12:04:58 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2020-09-01 12:04:58
ValidateRequestObjectMaxAge
Request object does not contain a max_age claim
2020-09-01 12:04:58 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2020-09-01 12:04:58 SUCCESS
OIDCCEnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code
client_id
client_ewbXMSNQLtIluKQ10640+>-`&
2020-09-01 12:04:58 SUCCESS
OIDCCEnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2020-09-01 12:04:58 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "scope": "openid",
  "response_type": "code",
  "request_uri": "https://limitless-retreat-96294.herokuapp.com/TgpeFyx92eoJYVvOq2uMS",
  "aud": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
  "iss": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "Orfp0OT28p81bvcQ6Z9VMKyb0B2m5y3scFHRGnD7XqY",
  "exp": 1598962197,
  "iat": 1598961897,
  "jti": "QJAQbCb5GbNosijxB94efHcUiHcSr5Wy7-hVP95ka7k"
}
2020-09-01 12:04:58 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:04:58 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2020-09-01 12:04:58 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-09-01 12:04:58 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_ewbXMSNQLtIluKQ10640+>-`&
2020-09-01 12:04:58 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:04:58 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:04:58 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:04:58 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
ljKzfxgQqN
2020-09-01 12:04:58 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
VSp0ZjezevFU7EA-NPhFHw
2020-09-01 12:04:58 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "Orfp0OT28p81bvcQ6Z9VMKyb0B2m5y3scFHRGnD7XqY"
}
2020-09-01 12:04:58 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "Orfp0OT28p81bvcQ6Z9VMKyb0B2m5y3scFHRGnD7XqY",
  "code": "ljKzfxgQqN"
}
2020-09-01 12:04:58
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://rp.example.com/cb?state=Orfp0OT28p81bvcQ6Z9VMKyb0B2m5y3scFHRGnD7XqY&code=ljKzfxgQqN
2020-09-01 12:04:58 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://rp.example.com/cb?state=Orfp0OT28p81bvcQ6Z9VMKyb0B2m5y3scFHRGnD7XqY&code=ljKzfxgQqN]
outgoing_path
authorize
2020-09-01 12:04:58 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwJTJCJTNFLSU2MCUyNjpzZWNyZXRfU2JzaUh6eEp2cWN3TXFncWx6aWxQblVoTHB4eVR6YlVPZVppa05rU0pDSFBUS1N6bWMwNDIzOTIwMTcwKiUzRSU3RC0p",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "ljKzfxgQqN",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=ljKzfxgQqN&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:04:58 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_ewbXMSNQLtIluKQ10640+>-`&
client_secret
secret_SbsiHzxJvqcwMqgqlzilPnUhLpxyTzbUOeZikNkSJCHPTKSzmc0423920170*>}-)
method
client_secret_basic
2020-09-01 12:04:58 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:04:58 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
ljKzfxgQqN
2020-09-01 12:04:58 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:04:58 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
rnLVYd8NPd0UrhYlLw9K0XH2yQ2DjfyIXY52Zq50LljlW6DZZ9
2020-09-01 12:04:58 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
MWvt2DSAvfvTtnOpXC8ZkQ
2020-09-01 12:04:58 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/avbn4lDnDLmipBp/
sub
user-subject-1234531
aud
client_ewbXMSNQLtIluKQ10640+>-`&
iat
1598961898
exp
1598962198
2020-09-01 12:04:58 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
MWvt2DSAvfvTtnOpXC8ZkQ
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
  "sub": "user-subject-1234531",
  "aud": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "iat": 1598961898,
  "exp": 1598962198,
  "at_hash": "MWvt2DSAvfvTtnOpXC8ZkQ"
}
2020-09-01 12:04:58 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIxYjY3MTNkYS0zMGMwLTRlYTMtOGU0MS0zN2VmOGIwMTVhMDYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTVd2dDJEU0F2ZnZUdG5PcFhDOFprUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYXZibjRsRG5ETG1pcEJwXC8iLCJleHAiOjE1OTg5NjIxOTgsImlhdCI6MTU5ODk2MTg5OH0.KhX5VtOmqJJnc72YwaT8T3nIlmzBrzV8PNgI66bnxXrVhGu4dUtXJ90KA1RlzttZ_OWuehal7H2G-yuRdZ3sjIK4UxhW3Y8cJ6y8STs7283GfEE-BNmq7lD9jSXHHrB_9s0opxVtaLim1q7kAPUOIKQFj5-d2LEa1IuCCFxvTf5Etz4UdY2AcW3d_RhOVR2il9JTr74cgjP-Rr1s_bTcuKxmst3B8xuFopo_I3fNuqCH7hPrzDsWKugPPfKcZYrx1GEYLNxAo_dxgUFLjCPLvuNZNsXOjW0uAn2xdFy-YGQh2Uq1kNaAiyaNzSmkMJJTERagnhKdlDUaPThXn4zOqQ
key
{"p":"1KBjyafjvk-Thw4TrvO-CIHDyrO5iM5xuVNU6yO53_dq28nsLN2y3WR4JZopbgcSVG5vpKdieXBjYc_2v6fS6eqjy-L3dtJTZSyUfBnULcKl703MgHtkDHC4ljBvy01hHWeXZNNPistULctWbmq1Z4aCNUJwI3RffbdJKAKLn_E","kty":"RSA","q":"wV-NfUoH8XCY7xqPNz4D7mrTtMPs3Nv6MguBLXHfN0ecDyWjn7XprWMQjgnWMsfomo9gxaxuvC-mZKAfahqBNuq3KaDdgsR-hpPJduOtJypQj9irFnPJ5O9GtsTgeMOYKBvPR6dwN3vLaxpKhtiWHg5AG-DLrOhg-TWaFjlxew0","d":"SxgHKgtedZ-YDvNEpkXlUylaYCwxsoTbuUzYuZNpuP5vcVAJLzBiarbrFTv2BFbVevBoIC9kw1nGodO_51efy79NIMzZ4QJVv4qoQQALZGY2bMmT6t-UaFtLIJO_lOfUPyzpFbCdPT4f38Md0p9HkMlzfHYSEuC6lXm1aW8luAQ_8n_nb1ggCyev27bSvQ10oarW2Gkjxu7lPNYtbPWnstl4t5BuKIzCYxOPvbNsE8S5XXOhAz8XujuPBwg6mIzJcTBEp5crlyx2XGHhi-IMTpYRYJO_qD4GcK0U9eQ8zzuJd-HcUeus7HuFHUZyUP0zK_D1vkLOogoeKmBOvxvagQ","e":"AQAB","use":"sig","kid":"1b6713da-30c0-4ea3-8e41-37ef8b015a06","qi":"nilRmPp8HlwR-B0YUNQ0yKr0nBfosE-5Ii54FSL7k0giCxZxSTKYUY8DawBysvAmSUcAo3m6bBWtWld3gepItl0eUmk9iVVq5NK1znfNPI2iWXRlt9H2jo9jVvRgILhu-64MEj8Qzqe8lIWxMKuoaTWa1fQ-ySQhfQeqSBa1uIU","dp":"c2YtYnf1Wge0aPtR4YU2YUWUbwJGMyLghBXfI9N7ATw2Sd14ig01E4WA09-slqPN5fceLr4N6xz9Q0vsfq5mAUCw72papqmWS3X7jLMz_jYDezK9SAowDbRr6k-VjUCM8bmUaEtrg0fBgy011q2hkPNm3eMWG5gAb6m3Ubi38PE","dq":"Z6VGmivu-_slDauHrc1goA7EMHR_ZZXGkcJW17vcL64DOJ8tB3KisFuTyP3-wDMkOou1C96zb8x-fBrTG7TfI0dFK1vcvrWBN7LI3h-EdKSaj69LbHpdcYbKuTXnNvNnf8AAJuDZJfQFgP-TiJlYRP3QYODpamEXcRvI3jal25U","n":"oJxIRHYrwLCP9BBnrRPMAph3cwe38Ix5sZKBalrCB4U5qTVoCoGkflT2y2iTcYueolx-ZHwF1nLxE1GjbI4WQFKM28ZGmEFJ64SeTJBFAyNUdMNeXCnER_rzFTHHGCPEX6cK_-Ww4ZnRB6Cr0UHV3De13GwyIpx55QAkHi5pKPoEM9b1svlMoFcx9sPv1aAXszmdIu9M648pCp4bJn3YAaoPybmnMJngYPTZjCGHb_ZZGH15rHW395Z-MVIt17YLIMtgYpiZIWOR9r2KkrsQMJIsy-nMViNjb-Z8DXfbB01S-dihpnF73fXJqSeligD739FAkomaKkNhyt81eVDqPQ"}
algorithm
RS256
2020-09-01 12:04:58 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:04:58 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
rnLVYd8NPd0UrhYlLw9K0XH2yQ2DjfyIXY52Zq50LljlW6DZZ9
token_type
Bearer
id_token
eyJraWQiOiIxYjY3MTNkYS0zMGMwLTRlYTMtOGU0MS0zN2VmOGIwMTVhMDYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTVd2dDJEU0F2ZnZUdG5PcFhDOFprUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYXZibjRsRG5ETG1pcEJwXC8iLCJleHAiOjE1OTg5NjIxOTgsImlhdCI6MTU5ODk2MTg5OH0.KhX5VtOmqJJnc72YwaT8T3nIlmzBrzV8PNgI66bnxXrVhGu4dUtXJ90KA1RlzttZ_OWuehal7H2G-yuRdZ3sjIK4UxhW3Y8cJ6y8STs7283GfEE-BNmq7lD9jSXHHrB_9s0opxVtaLim1q7kAPUOIKQFj5-d2LEa1IuCCFxvTf5Etz4UdY2AcW3d_RhOVR2il9JTr74cgjP-Rr1s_bTcuKxmst3B8xuFopo_I3fNuqCH7hPrzDsWKugPPfKcZYrx1GEYLNxAo_dxgUFLjCPLvuNZNsXOjW0uAn2xdFy-YGQh2Uq1kNaAiyaNzSmkMJJTERagnhKdlDUaPThXn4zOqQ
scope
openid
2020-09-01 12:04:58 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "rnLVYd8NPd0UrhYlLw9K0XH2yQ2DjfyIXY52Zq50LljlW6DZZ9",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiIxYjY3MTNkYS0zMGMwLTRlYTMtOGU0MS0zN2VmOGIwMTVhMDYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTVd2dDJEU0F2ZnZUdG5PcFhDOFprUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYXZibjRsRG5ETG1pcEJwXC8iLCJleHAiOjE1OTg5NjIxOTgsImlhdCI6MTU5ODk2MTg5OH0.KhX5VtOmqJJnc72YwaT8T3nIlmzBrzV8PNgI66bnxXrVhGu4dUtXJ90KA1RlzttZ_OWuehal7H2G-yuRdZ3sjIK4UxhW3Y8cJ6y8STs7283GfEE-BNmq7lD9jSXHHrB_9s0opxVtaLim1q7kAPUOIKQFj5-d2LEa1IuCCFxvTf5Etz4UdY2AcW3d_RhOVR2il9JTr74cgjP-Rr1s_bTcuKxmst3B8xuFopo_I3fNuqCH7hPrzDsWKugPPfKcZYrx1GEYLNxAo_dxgUFLjCPLvuNZNsXOjW0uAn2xdFy-YGQh2Uq1kNaAiyaNzSmkMJJTERagnhKdlDUaPThXn4zOqQ",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:04:59 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:04:59 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "1b6713da-30c0-4ea3-8e41-37ef8b015a06",
      "n": "oJxIRHYrwLCP9BBnrRPMAph3cwe38Ix5sZKBalrCB4U5qTVoCoGkflT2y2iTcYueolx-ZHwF1nLxE1GjbI4WQFKM28ZGmEFJ64SeTJBFAyNUdMNeXCnER_rzFTHHGCPEX6cK_-Ww4ZnRB6Cr0UHV3De13GwyIpx55QAkHi5pKPoEM9b1svlMoFcx9sPv1aAXszmdIu9M648pCp4bJn3YAaoPybmnMJngYPTZjCGHb_ZZGH15rHW395Z-MVIt17YLIMtgYpiZIWOR9r2KkrsQMJIsy-nMViNjb-Z8DXfbB01S-dihpnF73fXJqSeligD739FAkomaKkNhyt81eVDqPQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "740efbc6-c00a-4f7b-8a83-1d8f87c998d8",
      "n": "l4k-2a6BtfGEjgbdNcVaZn9fxI0cTtY112ub1S5nWKCVjjRYgdIQYoeNvTP_eCHWmN1U3vTE4gCRr2YGkf5RQt4fMBW9eXJi4AL2CNyZ4svKqd6dPOWjtKNir3-4Dag2gq8SgyUZS2v7tb7b_qpTsWn5XmmZvFPBOVEvXTeEVkM_SQLJSn4zvxVIooNbMoKNwKlUz2gvKsk3V0jkYGXlerxIEFMsEdTsiT_WjrMWL0v5dh4vdfgF-0oeDpDsc6p3-BUX9DY9PUGfN8Ug6eaZMfTvzqVg2xgOYG_iZ_1s-gYlI05GlxHave5D4NsP03zzXzPh-DgH_A2ACQzdRXSIew"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "84838651-76e9-48e7-b51e-82cbcde4c780",
      "x": "gNAJTeUB8JXDXqdcaAbOp0RbqC_ogRIFQMPoIqSOjrA",
      "y": "WY9KQQwq1vm2q6IQPmkTClBvw3GC1mKORSvB35rJxN8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "8b71083a-d20a-428c-aacc-c2e96c5c5bde",
      "x": "C31Se22iRSbIG7rsxaFzarFzV8d1uujHcIqgqR6v4K4",
      "y": "DQUwPMpDRu4uM5IZCh-z14hN3BEO3rFjh5lSQ3DDnkU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "7bf86202-d9fc-401d-af45-02791c1d7ffa",
      "x": "wpINONOqZbnamfGAPrEdO0LwkKt6C8pqcvVmPzu4jy0",
      "y": "1cnTMRBCaVfaPh6JvsDEipR1nA-wq-xU0swwWuEtOuY"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "cd0d338a-f8c4-4a53-be71-e66f4794b12c",
      "x": "RYnFIyRg8fyh9KEo6atzKNDN3TY_S1SB1hpBgpxGgkU"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "7f263c62-75eb-4e39-9485-062667290981",
      "alg": "RSA-OAEP",
      "n": "jw5jTbG3R9d_KqK3ylqGKbKh7HwUxfIw_j8drltU5ithz5T5bK2vnIid_Ju7cWME8FZkh3l9eeBrbg024qQ8kYf02VwPSzw_HppKN4B4EF3bmxZtGUxMdYB_hWlKMgstGzkOtJ9xcliWgiXT8AhRQ6aUm2dhaNn8w80dst0dWmIEAH_oFR6gmFohEILr65wBI0g9bnzPleVO1tPaVAIhfytoIyN361HPo4S17Rr-hXrHN8Ml5O-3-OJQ74JiUXkDC8l3Lxb6kEWCE-dYV7WA4PnxH_C7jVev1zZX7rTuQjNctf6TaaqIa3BrV0HNYudGq2suSbZm-yRP2Rn-Z5kjKw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "12d60d2f-ac24-4efd-b86d-50ed1bc0aaff",
      "x": "ndboA72hZPXquLif5HSe5VdNSqOyTRDd1CP2HxScFXM",
      "y": "mZ4PgaX4ug3CqVxNOqIN40KAclzTi2zhOLeePCD4KVs",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:04:59 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer rnLVYd8NPd0UrhYlLw9K0XH2yQ2DjfyIXY52Zq50LljlW6DZZ9",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:04:59 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
rnLVYd8NPd0UrhYlLw9K0XH2yQ2DjfyIXY52Zq50LljlW6DZZ9
2020-09-01 12:04:59 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
rnLVYd8NPd0UrhYlLw9K0XH2yQ2DjfyIXY52Zq50LljlW6DZZ9
2020-09-01 12:04:59 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:04:59
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:04:59 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:04:59 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:04:59 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:04:59 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531"
}
outgoing_path
userinfo
2020-09-01 12:05:00 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "scope": "openid",
  "response_type": "code",
  "request_uri": "https://limitless-retreat-96294.herokuapp.com/u-JFCPWISMMOxdfTEauzK"
}
incoming_body
2020-09-01 12:05:01
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "vzikbT6WVyldUFV5VBAHSWVSauibvP2AUQH1fwxX7_qoa22FFtjbWtDC6-sioElRrF2XzVe78--J4eXz6LduZvLXnilb_Jtimkjy9RUH5QUEnwtFsE7lC3S4MGgJNvWV4UCRCm7d8ERD-6MYM1f3g16c6Un79jrF5o3OxRO1bRc",
      "kty": "RSA",
      "q": "sAUWv1fkjoLq7UrEDClvPlKkkVx21faZ-TSmKT91PRW__fnSK_kq2shEB2pqSWXlo58YiG-w3a6LiUDwGCS6NfDbsZifMbTKlovVPgSL7pFWjE88IOmlVltUctLHTTypuAWgU4pO31ntIJ5kClqp_MjSJbbULtuIa5MPhbC1wME",
      "d": "MoH8eTK8pAj4LD1VBFwcIwPoWhljcCHzaFZvr7KtjHP4CiLHUVyCl-UjLDzfy2LPFBXKzwrGqcoVzpUxmwKNOIweXLIfqjTuaBuYK5NAKb2_2f8jLLY2qtj2DoIwq8VQajvpEjhH6wTZs5v87ZWHiv0lBCy9r-85NFAv8OjXzb0ICYe57sgWNG7S-R5VKsiMbvErW_-GTnoo878RZv4ZIWKr28YQZFUStrGp03s1WcbxOdPanTiI-sZytREn2RRectGxOgsCiKIooPeQVHaeZXrm1hP0VRWrls1JwyeL2yQc8zL0mBFgI0xP21jrDt28eoXP5gQRekIFMxYsaWusAQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "dd313901-3bcb-499a-abad-8ee2b81072e9",
      "qi": "UMrHAMTb02mS4vsaSnS-eKzvOlxj5qU-pb8fZsv-fWR15GpXT558C0a1FG57NlLCiSEt8ykpoSXllQHJzQ66NwMembwnZ4b8qcX_7sohEpZ-E1NAsCC1il0-fJGA4pKwEUKBfcn4uS5yk3kK0dhwD5UkfBXU9Tev7PE_uXfST-o",
      "dp": "DyPn-PJcqvgOeF7cJWjDeu830Fksg5E6yK80BeQvTkP1c9QPFpkC_TTMSiuq6TAE9HXQoCSTMCRGMYmof0OOzT3rDo3Nx7lx3C9sdTU-E8cK76DP2r7UaczLDKIgIKbfQB-BnGbc0bpF-7WVI_OSGGe0WtBNz9gldTTDK119Hu8",
      "dq": "Lb9U1yw3ydY6yqt44pRORktiXClE9X0fLYbCfMvyY4romFC6kBU1TyFnlOnSb_scwPbTgHpO5H6941FOVWgOQYC1CKZbEackVBZJuNGjsMBzVwos3Xz8LMKV4zXm-KsAjURhE_VJZIFRwP2JkKtZrMpg2851vSvve83_5cY0psE",
      "n": "g3q-JBw0noWIopaBXAPo43KSPgEdI0c3A5kYjERNwlqqpbuu24OULaITNkJWzNvoJ2vvx5oMaUVimYhr3l1OxpUZOdfHBQJIscOko3YngROzxmVUekd1Ec-wWwe4Ox53aculXC4lSmZiBzdnKhTghhuoe9QXZOusvH7x8CUu13ZjrNljpQ_QPkU5jtg-ZTRjBppvgpm3IfzBSNR9fNlMS9R-icU0HvP6VXjXkNKN-bFIWSaow6I-5o7tBJnyKKsB_vQGGFVxDhbAcOO1S-u17-7G-x11jZGg-9K5XFfJcz6fnL7T9Ssa1JO8QzOU5mA2dLywRcEr_BD6u2GU3tt-Vw"
    },
    {
      "kty": "EC",
      "d": "irknx21ZoARo3gDpFLa8DT5X_35znQVuAVBULB_PWtU",
      "use": "sig",
      "crv": "P-256",
      "kid": "771713c8-b057-4e66-b59e-0857e2a3ef6a",
      "x": "ngFdrO62hCQD4l4d5l1OOUe9CsYxyuDd830qHGG2j70",
      "y": "6O9n8koASGKDiFmqKtIRet_rOyLRk2SM0jETOrZz-DQ"
    },
    {
      "kty": "EC",
      "d": "IE3uL4QWu3BH_Q2zCAIR5yyW5lmeQ48gFIDUfIxrT-g",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "be79f005-446e-4eab-9926-fab26b1dbdfc",
      "x": "cspDuNn86YUIVvMRUW3Hr-a776AbtpEiM9XiBW4UliA",
      "y": "UJQ7h2i7QeHo4-7pBXMcLZzEsUVKlg12E2FKZiWbcXc"
    },
    {
      "kty": "OKP",
      "d": "Y-NZAJlUi07Yq6ksi_3_aS4hfjV0OA-6P1MGCIN3e0M",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f6987e43-a15c-4aae-bec7-e0035cdaedbc",
      "x": "sJTe02qaVplvGVkuT98dDN_Fg3PahiXrJB3603I0ozo"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "-cMX8nmvhoYlhzqNdEmHyUntKBkqonTgrxsIsqumHm37oq4SBY5DkIm05-ms88CI894X3BDyFh9BUJqi1feKuNtJ8SUNuM-NW46XpR8vAVipddUja0JUgsSbGVRYkkGDRR35DqbLLC4PKOW-9KUVbjCGckuxtgdnzNGBcIUqO8k",
      "kty": "RSA",
      "q": "uiZoboCgqY1_vLq95tq4iuOes3IhdVFFlQKjjTCt7jubdXxvH5IFIrn9FcZCK2PpvWQLl8F0EcAA-Ntx6W1nFiMkajrmVOe42CYo7rcYpDgvZs-NHxSmI85ITStl48lX72NEOUBK6vIrdZEvppcUu844VYJufCZ3i1HeniUH5JU",
      "d": "JS5Huotamv_hVpMcp1-o2u_TG35w7n5NG7G0YscfEoFgql4C3ykgqKABJNwz-gzPrcF8RNFP3R59zrQ7Gd7_6qgTBJyVEl3SIiFOS39PU1_YuLxHqEJPjW0fl1q8u0-FOToc_3Xcy8UK3emA63O5LKDlrsvT_YuQCVh8r-w2j9Xei-aI9K0EGd7adGmTO-ATiAOdSYAlRAknuQbyo83XHnGajOgJki-prklB9E0LhtmpvTYgfjSLUJhCQCwj2aIFOxcrwXoAUN8yaO2zgJjoYQZmnFME_TIxATonmDaGiloHMEoqUicdShRtb-XmzZk2pEc5Qv9fKV-O3Raj7HOIoQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "f8b84ad5-63ef-49d5-8dd0-4a4be6a4f324",
      "qi": "s_FwE2mBa9OJkKcFy7f8mMZZ2oKSrMO3fx2u4ykZqienFKTfUhpZM20TcIzEIWfTB_TwgX0L3dkT83y7O2zqFmkwR6mf8pXdO32hayH3Puvbw0q3kkIvcgR5xO2V81uPMYsEm9_PxE1zhM8wLGIyUOKXYlLjJ7jT7gpOiiVekZQ",
      "dp": "YpVLAn5dde_FKFdINjo_yofPgCBO38jaVsOI710pOKGYzWF_44l_ybFRIqjth1jbtcZYDJjztR-pHDOtSl9m9gg4a2KAxA3IcfcajCZ-2z0vxj7WuCN6UBNiVOEiBLivI7zs7YeQcmPLwAzPDqmKh-_HYZ3XC05o_kNDoDIvtWE",
      "alg": "RSA-OAEP",
      "dq": "RjYcZ6mOb8VWK8pHvF49Au3tuwNOSWC5HQYcyDFXOSc0cLDZfQ_nbfy2z9KyvIj37Z5hnQCzlcpU04h5w7CnFDt3DbZfkCDCoIxsHfXjjnU-s8mPEe0I6TJyJOE8khksWLeZUPrGBy4GZFa5oV0Uze1vZBlJMPyVVHAxxnZzLq0",
      "n": "tZ04Pst0rr8Thx2xeZD-zy_CPkT21xipxrLInoJuDEIUB4fRY-Kc6VOCi20ZDqZMaIF6rD-qL2b0q4hJYnmm2bSqNYgX8dwGLlq3OV3o40S1u0q-stHXWqAGzTvRe7PD8xbOIpcBk574SmuNYkt0kW5io5-ByodPLm6qjBrCgVdI-1y3DYutAx8F22JIpHA_RIWRHTs9k1Ph5OcbEbR6zJjjSQZpJst5URHCal4NEkSk1a8E23tiCAte-RMWjHUUB0XdnCqBNNUK0caFCVPRyud4bbF2VCO7_WW7_FJFcU8gyCrhS4h8KN3v2SAm80dEGzXe6mVOy3N4DX_wzlLP_Q"
    },
    {
      "kty": "EC",
      "d": "68QriRwbXX9U-nPw-gAk6xgMA3BwE37A6uoiOoayYpo",
      "use": "enc",
      "crv": "P-256",
      "kid": "79371518-101a-49b3-8830-c033ba50eadf",
      "x": "ulH4wR68MooO_KYsijurjHNIMWJ89ciTd_xP1APyq_s",
      "y": "v4eJ0OLnJEAykjS_gOqIMHKGOHqCQMoRY4XKiy7VMcc",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "dd313901-3bcb-499a-abad-8ee2b81072e9",
      "n": "g3q-JBw0noWIopaBXAPo43KSPgEdI0c3A5kYjERNwlqqpbuu24OULaITNkJWzNvoJ2vvx5oMaUVimYhr3l1OxpUZOdfHBQJIscOko3YngROzxmVUekd1Ec-wWwe4Ox53aculXC4lSmZiBzdnKhTghhuoe9QXZOusvH7x8CUu13ZjrNljpQ_QPkU5jtg-ZTRjBppvgpm3IfzBSNR9fNlMS9R-icU0HvP6VXjXkNKN-bFIWSaow6I-5o7tBJnyKKsB_vQGGFVxDhbAcOO1S-u17-7G-x11jZGg-9K5XFfJcz6fnL7T9Ssa1JO8QzOU5mA2dLywRcEr_BD6u2GU3tt-Vw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "747e095c-f993-406a-9ba1-7bd40573daf0",
      "n": "r8_40zo7ShKLf7FCOS-2U-Quh6bGV_Zkbjw_fCU1Abbzo6XhCy0GRFR3YAtc9uQU02kMYdn-aYSOj4XrKkDHdTF2d0ih9alTFJUjJoEw49o5-VfiXbFU4W2M-PLVujlt3q7UA2K2IrEW5AmK9kUv7z3-OVIRiyCZlHezsqFfOKB7KLVJF8uO2bosS2CSG6zDcf71-IgoxB6I2SiEsc2BugqF7KksMuk1DbDW8eokZxQgdTS3cvMTiTsFTYQVKseb0kUn61e7e7ZMvIqcv0ZjHlZGlbZHFU8FkVP8QaEHTv4000c7rjlP9M8edirz9WagIQpAf0l7ODWqHqXM5DLQ5w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "771713c8-b057-4e66-b59e-0857e2a3ef6a",
      "x": "ngFdrO62hCQD4l4d5l1OOUe9CsYxyuDd830qHGG2j70",
      "y": "6O9n8koASGKDiFmqKtIRet_rOyLRk2SM0jETOrZz-DQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "40183733-63da-4b60-a778-d85fc3c09096",
      "x": "oXHx6QIKO_3GmBkt4cvt1gBZM8UMCpWVzKrrgPC14Ao",
      "y": "6N5uoOLuASOnxCLQM6NwlubEcNsBm5qWvQ3-7T9TO7o"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "be79f005-446e-4eab-9926-fab26b1dbdfc",
      "x": "cspDuNn86YUIVvMRUW3Hr-a776AbtpEiM9XiBW4UliA",
      "y": "UJQ7h2i7QeHo4-7pBXMcLZzEsUVKlg12E2FKZiWbcXc"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f6987e43-a15c-4aae-bec7-e0035cdaedbc",
      "x": "sJTe02qaVplvGVkuT98dDN_Fg3PahiXrJB3603I0ozo"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "f8b84ad5-63ef-49d5-8dd0-4a4be6a4f324",
      "alg": "RSA-OAEP",
      "n": "tZ04Pst0rr8Thx2xeZD-zy_CPkT21xipxrLInoJuDEIUB4fRY-Kc6VOCi20ZDqZMaIF6rD-qL2b0q4hJYnmm2bSqNYgX8dwGLlq3OV3o40S1u0q-stHXWqAGzTvRe7PD8xbOIpcBk574SmuNYkt0kW5io5-ByodPLm6qjBrCgVdI-1y3DYutAx8F22JIpHA_RIWRHTs9k1Ph5OcbEbR6zJjjSQZpJst5URHCal4NEkSk1a8E23tiCAte-RMWjHUUB0XdnCqBNNUK0caFCVPRyud4bbF2VCO7_WW7_FJFcU8gyCrhS4h8KN3v2SAm80dEGzXe6mVOy3N4DX_wzlLP_Q"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "79371518-101a-49b3-8830-c033ba50eadf",
      "x": "ulH4wR68MooO_KYsijurjHNIMWJ89ciTd_xP1APyq_s",
      "y": "v4eJ0OLnJEAykjS_gOqIMHKGOHqCQMoRY4XKiy7VMcc",
      "alg": "ECDH-ES"
    }
  ]
}
Second Authorization Request
2020-09-01 12:05:01
FetchRequestUriAndExtractRequestObject
Fetching request object from request_uri
request_uri
https://limitless-retreat-96294.herokuapp.com/u-JFCPWISMMOxdfTEauzK
2020-09-01 12:05:01
FetchRequestUriAndExtractRequestObject
HTTP request
request_uri
https://limitless-retreat-96294.herokuapp.com/u-JFCPWISMMOxdfTEauzK
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-09-01 12:05:01 RESPONSE
FetchRequestUriAndExtractRequestObject
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "Cowboy",
  "connection": "keep-alive",
  "content-type": "application/oauth.authz.req+jwt",
  "content-length": "543",
  "date": "Tue, 01 Sep 2020 12:05:01 GMT",
  "via": "1.1 vegur"
}
response_body
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ld2JYTVNOUUx0SWx1S1ExMDY0MCs-LWAmIiwic3RhdGUiOiIzeC13cnNHOFd6NXVaWkNKUi1mOGlDdUUtSnczc2JXOXRXU2xJdURlYmdBIiwiaXNzIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hdmJuNGxEbkRMbWlwQnAvIiwianRpIjoiLVd5WTBWVjRpaDNxcnBtZVZrdE5YS1VhWW9sYldjbjNIVnZJZlZuR1ZncyIsImlhdCI6MTU5ODk2MTk2MCwiZXhwIjoxNTk4OTYyMjYwfQ.
2020-09-01 12:05:01
FetchRequestUriAndExtractRequestObject
Downloaded request object
request_object
eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ld2JYTVNOUUx0SWx1S1ExMDY0MCs-LWAmIiwic3RhdGUiOiIzeC13cnNHOFd6NXVaWkNKUi1mOGlDdUUtSnczc2JXOXRXU2xJdURlYmdBIiwiaXNzIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hdmJuNGxEbkRMbWlwQnAvIiwianRpIjoiLVd5WTBWVjRpaDNxcnBtZVZrdE5YS1VhWW9sYldjbjNIVnZJZlZuR1ZncyIsImlhdCI6MTU5ODk2MTk2MCwiZXhwIjoxNTk4OTYyMjYwfQ.
2020-09-01 12:05:01 SUCCESS
FetchRequestUriAndExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL3JwLmV4YW1wbGUuY29tL2NiIiwic2NvcGUiOiJvcGVuaWQiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9pZCI6ImNsaWVudF9ld2JYTVNOUUx0SWx1S1ExMDY0MCs-LWAmIiwic3RhdGUiOiIzeC13cnNHOFd6NXVaWkNKUi1mOGlDdUUtSnczc2JXOXRXU2xJdURlYmdBIiwiaXNzIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hdmJuNGxEbkRMbWlwQnAvIiwianRpIjoiLVd5WTBWVjRpaDNxcnBtZVZrdE5YS1VhWW9sYldjbjNIVnZJZlZuR1ZncyIsImlhdCI6MTU5ODk2MTk2MCwiZXhwIjoxNTk4OTYyMjYwfQ.",
  "header": {
    "typ": "JWT",
    "alg": "none"
  },
  "claims": {
    "aud": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
    "scope": "openid",
    "iss": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
    "response_type": "code",
    "redirect_uri": "https://rp.example.com/cb",
    "state": "3x-wrsG8Wz5uZZCJR-f8iCuE-Jw3sbW9tWSlIuDebgA",
    "exp": 1598962260,
    "iat": 1598961960,
    "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
    "jti": "-WyY0VV4ih3qrpmeVktNXKUaYolbWcn3HVvIfVnGVgs"
  }
}
2020-09-01 12:05:01 SUCCESS
EnsureRequestUriIsHttpsOrRequestObjectIsSigned
request_uri is a https url
request_uri
https://limitless-retreat-96294.herokuapp.com/u-JFCPWISMMOxdfTEauzK
2020-09-01 12:05:01 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:05:01 SUCCESS
OIDCCValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Sep 1, 2020, 12:11:00 PM"
2020-09-01 12:05:01 SUCCESS
ValidateRequestObjectIat
iat claim is valid
iat
1598961960
2020-09-01 12:05:01 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2020-09-01 12:05:01
ValidateRequestObjectMaxAge
Request object does not contain a max_age claim
2020-09-01 12:05:01 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2020-09-01 12:05:01 SUCCESS
OIDCCEnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code
client_id
client_ewbXMSNQLtIluKQ10640+>-`&
2020-09-01 12:05:01 SUCCESS
OIDCCEnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2020-09-01 12:05:01 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "scope": "openid",
  "response_type": "code",
  "request_uri": "https://limitless-retreat-96294.herokuapp.com/u-JFCPWISMMOxdfTEauzK",
  "aud": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
  "iss": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "3x-wrsG8Wz5uZZCJR-f8iCuE-Jw3sbW9tWSlIuDebgA",
  "exp": 1598962260,
  "iat": 1598961960,
  "jti": "-WyY0VV4ih3qrpmeVktNXKUaYolbWcn3HVvIfVnGVgs"
}
2020-09-01 12:05:01 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:05:01 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2020-09-01 12:05:01 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-09-01 12:05:01 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_ewbXMSNQLtIluKQ10640+>-`&
2020-09-01 12:05:01 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:05:01 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:05:01 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:05:01 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
bncsFz4Gux
2020-09-01 12:05:01 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
cydHwZFUWWLUaNLr-uKOlw
2020-09-01 12:05:01 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "3x-wrsG8Wz5uZZCJR-f8iCuE-Jw3sbW9tWSlIuDebgA"
}
2020-09-01 12:05:01 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "3x-wrsG8Wz5uZZCJR-f8iCuE-Jw3sbW9tWSlIuDebgA",
  "code": "bncsFz4Gux"
}
2020-09-01 12:05:01
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://rp.example.com/cb?state=3x-wrsG8Wz5uZZCJR-f8iCuE-Jw3sbW9tWSlIuDebgA&code=bncsFz4Gux
2020-09-01 12:05:01 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://rp.example.com/cb?state=3x-wrsG8Wz5uZZCJR-f8iCuE-Jw3sbW9tWSlIuDebgA&code=bncsFz4Gux]
outgoing_path
authorize
2020-09-01 12:05:01 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwJTJCJTNFLSU2MCUyNjpzZWNyZXRfU2JzaUh6eEp2cWN3TXFncWx6aWxQblVoTHB4eVR6YlVPZVppa05rU0pDSFBUS1N6bWMwNDIzOTIwMTcwKiUzRSU3RC0p",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "bncsFz4Gux",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=bncsFz4Gux&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:05:01 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_ewbXMSNQLtIluKQ10640+>-`&
client_secret
secret_SbsiHzxJvqcwMqgqlzilPnUhLpxyTzbUOeZikNkSJCHPTKSzmc0423920170*>}-)
method
client_secret_basic
2020-09-01 12:05:01 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:05:01 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
bncsFz4Gux
2020-09-01 12:05:01 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:05:01 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
X0R1ktlssfs5bHYtEXmd9EnhjWbkRrUcjlt5vNReVD0lPLmsIC
2020-09-01 12:05:01 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
K9N_gJqDqGM8gSWVCp3gUw
2020-09-01 12:05:01 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/avbn4lDnDLmipBp/
sub
user-subject-1234531
aud
client_ewbXMSNQLtIluKQ10640+>-`&
iat
1598961901
exp
1598962201
2020-09-01 12:05:01 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
K9N_gJqDqGM8gSWVCp3gUw
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/avbn4lDnDLmipBp/",
  "sub": "user-subject-1234531",
  "aud": "client_ewbXMSNQLtIluKQ10640+\u003e-`\u0026",
  "iat": 1598961901,
  "exp": 1598962201,
  "at_hash": "K9N_gJqDqGM8gSWVCp3gUw"
}
2020-09-01 12:05:01 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJkZDMxMzkwMS0zYmNiLTQ5OWEtYWJhZC04ZWUyYjgxMDcyZTkiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSzlOX2dKcURxR004Z1NXVkNwM2dVdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYXZibjRsRG5ETG1pcEJwXC8iLCJleHAiOjE1OTg5NjIyMDEsImlhdCI6MTU5ODk2MTkwMX0.CskieTt1G5doq1wOxv6PrljptViOeFJvc7M3D-GCx-ZVkIZifSh8N4gw9-w6kD2zKIYpJMKOQK2rkj8HvTEErFORxrIpJC9Sl_WH3LUH91clFtylYHuzhyOhIwFTZIb9aYQnYLlTNnv3p40D3T2jNqFpa9HvBPmzc1srA44NH2Fyb2j1mG6iPasEeeUA9yC6vCKgA53Dflaz1TNU0TZKBmRdToTi0N4o20m5dDPpPuydfPENhtU7Z7PW90ZD3yGPPlUyTjT_NP6L3Ibd8lvHoENELrB7vbJicshnEE1RYqSFn3IvSaZdFOtOfpEdXsXKn1VJaRm3i08MKZkowAG-Vw
key
{"p":"vzikbT6WVyldUFV5VBAHSWVSauibvP2AUQH1fwxX7_qoa22FFtjbWtDC6-sioElRrF2XzVe78--J4eXz6LduZvLXnilb_Jtimkjy9RUH5QUEnwtFsE7lC3S4MGgJNvWV4UCRCm7d8ERD-6MYM1f3g16c6Un79jrF5o3OxRO1bRc","kty":"RSA","q":"sAUWv1fkjoLq7UrEDClvPlKkkVx21faZ-TSmKT91PRW__fnSK_kq2shEB2pqSWXlo58YiG-w3a6LiUDwGCS6NfDbsZifMbTKlovVPgSL7pFWjE88IOmlVltUctLHTTypuAWgU4pO31ntIJ5kClqp_MjSJbbULtuIa5MPhbC1wME","d":"MoH8eTK8pAj4LD1VBFwcIwPoWhljcCHzaFZvr7KtjHP4CiLHUVyCl-UjLDzfy2LPFBXKzwrGqcoVzpUxmwKNOIweXLIfqjTuaBuYK5NAKb2_2f8jLLY2qtj2DoIwq8VQajvpEjhH6wTZs5v87ZWHiv0lBCy9r-85NFAv8OjXzb0ICYe57sgWNG7S-R5VKsiMbvErW_-GTnoo878RZv4ZIWKr28YQZFUStrGp03s1WcbxOdPanTiI-sZytREn2RRectGxOgsCiKIooPeQVHaeZXrm1hP0VRWrls1JwyeL2yQc8zL0mBFgI0xP21jrDt28eoXP5gQRekIFMxYsaWusAQ","e":"AQAB","use":"sig","kid":"dd313901-3bcb-499a-abad-8ee2b81072e9","qi":"UMrHAMTb02mS4vsaSnS-eKzvOlxj5qU-pb8fZsv-fWR15GpXT558C0a1FG57NlLCiSEt8ykpoSXllQHJzQ66NwMembwnZ4b8qcX_7sohEpZ-E1NAsCC1il0-fJGA4pKwEUKBfcn4uS5yk3kK0dhwD5UkfBXU9Tev7PE_uXfST-o","dp":"DyPn-PJcqvgOeF7cJWjDeu830Fksg5E6yK80BeQvTkP1c9QPFpkC_TTMSiuq6TAE9HXQoCSTMCRGMYmof0OOzT3rDo3Nx7lx3C9sdTU-E8cK76DP2r7UaczLDKIgIKbfQB-BnGbc0bpF-7WVI_OSGGe0WtBNz9gldTTDK119Hu8","dq":"Lb9U1yw3ydY6yqt44pRORktiXClE9X0fLYbCfMvyY4romFC6kBU1TyFnlOnSb_scwPbTgHpO5H6941FOVWgOQYC1CKZbEackVBZJuNGjsMBzVwos3Xz8LMKV4zXm-KsAjURhE_VJZIFRwP2JkKtZrMpg2851vSvve83_5cY0psE","n":"g3q-JBw0noWIopaBXAPo43KSPgEdI0c3A5kYjERNwlqqpbuu24OULaITNkJWzNvoJ2vvx5oMaUVimYhr3l1OxpUZOdfHBQJIscOko3YngROzxmVUekd1Ec-wWwe4Ox53aculXC4lSmZiBzdnKhTghhuoe9QXZOusvH7x8CUu13ZjrNljpQ_QPkU5jtg-ZTRjBppvgpm3IfzBSNR9fNlMS9R-icU0HvP6VXjXkNKN-bFIWSaow6I-5o7tBJnyKKsB_vQGGFVxDhbAcOO1S-u17-7G-x11jZGg-9K5XFfJcz6fnL7T9Ssa1JO8QzOU5mA2dLywRcEr_BD6u2GU3tt-Vw"}
algorithm
RS256
2020-09-01 12:05:01 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:05:01 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
X0R1ktlssfs5bHYtEXmd9EnhjWbkRrUcjlt5vNReVD0lPLmsIC
token_type
Bearer
id_token
eyJraWQiOiJkZDMxMzkwMS0zYmNiLTQ5OWEtYWJhZC04ZWUyYjgxMDcyZTkiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSzlOX2dKcURxR004Z1NXVkNwM2dVdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYXZibjRsRG5ETG1pcEJwXC8iLCJleHAiOjE1OTg5NjIyMDEsImlhdCI6MTU5ODk2MTkwMX0.CskieTt1G5doq1wOxv6PrljptViOeFJvc7M3D-GCx-ZVkIZifSh8N4gw9-w6kD2zKIYpJMKOQK2rkj8HvTEErFORxrIpJC9Sl_WH3LUH91clFtylYHuzhyOhIwFTZIb9aYQnYLlTNnv3p40D3T2jNqFpa9HvBPmzc1srA44NH2Fyb2j1mG6iPasEeeUA9yC6vCKgA53Dflaz1TNU0TZKBmRdToTi0N4o20m5dDPpPuydfPENhtU7Z7PW90ZD3yGPPlUyTjT_NP6L3Ibd8lvHoENELrB7vbJicshnEE1RYqSFn3IvSaZdFOtOfpEdXsXKn1VJaRm3i08MKZkowAG-Vw
scope
openid
2020-09-01 12:05:01 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "X0R1ktlssfs5bHYtEXmd9EnhjWbkRrUcjlt5vNReVD0lPLmsIC",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJkZDMxMzkwMS0zYmNiLTQ5OWEtYWJhZC04ZWUyYjgxMDcyZTkiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSzlOX2dKcURxR004Z1NXVkNwM2dVdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2V3YlhNU05RTHRJbHVLUTEwNjQwKz4tYCYiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYXZibjRsRG5ETG1pcEJwXC8iLCJleHAiOjE1OTg5NjIyMDEsImlhdCI6MTU5ODk2MTkwMX0.CskieTt1G5doq1wOxv6PrljptViOeFJvc7M3D-GCx-ZVkIZifSh8N4gw9-w6kD2zKIYpJMKOQK2rkj8HvTEErFORxrIpJC9Sl_WH3LUH91clFtylYHuzhyOhIwFTZIb9aYQnYLlTNnv3p40D3T2jNqFpa9HvBPmzc1srA44NH2Fyb2j1mG6iPasEeeUA9yC6vCKgA53Dflaz1TNU0TZKBmRdToTi0N4o20m5dDPpPuydfPENhtU7Z7PW90ZD3yGPPlUyTjT_NP6L3Ibd8lvHoENELrB7vbJicshnEE1RYqSFn3IvSaZdFOtOfpEdXsXKn1VJaRm3i08MKZkowAG-Vw",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:05:01 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:05:02 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "dd313901-3bcb-499a-abad-8ee2b81072e9",
      "n": "g3q-JBw0noWIopaBXAPo43KSPgEdI0c3A5kYjERNwlqqpbuu24OULaITNkJWzNvoJ2vvx5oMaUVimYhr3l1OxpUZOdfHBQJIscOko3YngROzxmVUekd1Ec-wWwe4Ox53aculXC4lSmZiBzdnKhTghhuoe9QXZOusvH7x8CUu13ZjrNljpQ_QPkU5jtg-ZTRjBppvgpm3IfzBSNR9fNlMS9R-icU0HvP6VXjXkNKN-bFIWSaow6I-5o7tBJnyKKsB_vQGGFVxDhbAcOO1S-u17-7G-x11jZGg-9K5XFfJcz6fnL7T9Ssa1JO8QzOU5mA2dLywRcEr_BD6u2GU3tt-Vw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "747e095c-f993-406a-9ba1-7bd40573daf0",
      "n": "r8_40zo7ShKLf7FCOS-2U-Quh6bGV_Zkbjw_fCU1Abbzo6XhCy0GRFR3YAtc9uQU02kMYdn-aYSOj4XrKkDHdTF2d0ih9alTFJUjJoEw49o5-VfiXbFU4W2M-PLVujlt3q7UA2K2IrEW5AmK9kUv7z3-OVIRiyCZlHezsqFfOKB7KLVJF8uO2bosS2CSG6zDcf71-IgoxB6I2SiEsc2BugqF7KksMuk1DbDW8eokZxQgdTS3cvMTiTsFTYQVKseb0kUn61e7e7ZMvIqcv0ZjHlZGlbZHFU8FkVP8QaEHTv4000c7rjlP9M8edirz9WagIQpAf0l7ODWqHqXM5DLQ5w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "771713c8-b057-4e66-b59e-0857e2a3ef6a",
      "x": "ngFdrO62hCQD4l4d5l1OOUe9CsYxyuDd830qHGG2j70",
      "y": "6O9n8koASGKDiFmqKtIRet_rOyLRk2SM0jETOrZz-DQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "40183733-63da-4b60-a778-d85fc3c09096",
      "x": "oXHx6QIKO_3GmBkt4cvt1gBZM8UMCpWVzKrrgPC14Ao",
      "y": "6N5uoOLuASOnxCLQM6NwlubEcNsBm5qWvQ3-7T9TO7o"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "be79f005-446e-4eab-9926-fab26b1dbdfc",
      "x": "cspDuNn86YUIVvMRUW3Hr-a776AbtpEiM9XiBW4UliA",
      "y": "UJQ7h2i7QeHo4-7pBXMcLZzEsUVKlg12E2FKZiWbcXc"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "f6987e43-a15c-4aae-bec7-e0035cdaedbc",
      "x": "sJTe02qaVplvGVkuT98dDN_Fg3PahiXrJB3603I0ozo"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "f8b84ad5-63ef-49d5-8dd0-4a4be6a4f324",
      "alg": "RSA-OAEP",
      "n": "tZ04Pst0rr8Thx2xeZD-zy_CPkT21xipxrLInoJuDEIUB4fRY-Kc6VOCi20ZDqZMaIF6rD-qL2b0q4hJYnmm2bSqNYgX8dwGLlq3OV3o40S1u0q-stHXWqAGzTvRe7PD8xbOIpcBk574SmuNYkt0kW5io5-ByodPLm6qjBrCgVdI-1y3DYutAx8F22JIpHA_RIWRHTs9k1Ph5OcbEbR6zJjjSQZpJst5URHCal4NEkSk1a8E23tiCAte-RMWjHUUB0XdnCqBNNUK0caFCVPRyud4bbF2VCO7_WW7_FJFcU8gyCrhS4h8KN3v2SAm80dEGzXe6mVOy3N4DX_wzlLP_Q"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "79371518-101a-49b3-8830-c033ba50eadf",
      "x": "ulH4wR68MooO_KYsijurjHNIMWJ89ciTd_xP1APyq_s",
      "y": "v4eJ0OLnJEAykjS_gOqIMHKGOHqCQMoRY4XKiy7VMcc",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:05:02 INCOMING
oidcc-client-test-signing-key-rotation
Incoming HTTP request to test instance avbn4lDnDLmipBp
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer X0R1ktlssfs5bHYtEXmd9EnhjWbkRrUcjlt5vNReVD0lPLmsIC",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:05:02 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
X0R1ktlssfs5bHYtEXmd9EnhjWbkRrUcjlt5vNReVD0lPLmsIC
2020-09-01 12:05:02 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
X0R1ktlssfs5bHYtEXmd9EnhjWbkRrUcjlt5vNReVD0lPLmsIC
2020-09-01 12:05:02 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:05:02
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:05:02 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:05:02 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:05:02 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:05:02 OUTGOING
oidcc-client-test-signing-key-rotation
Response to HTTP request to test instance avbn4lDnDLmipBp
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531"
}
outgoing_path
userinfo
2020-09-01 12:05:02 FINISHED
oidcc-client-test-signing-key-rotation
Test has run to completion
testmodule_result
PASSED
Test Results