Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:49:55 INFO
TEST-RUNNER
Test instance xTNKx6GlX14iVl3 created
baseUrl
https://www.certification.openid.net/test/xTNKx6GlX14iVl3
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
vvcwgQI1komVg
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-nonce-invalid
2020-09-01 12:49:55 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/",
  "authorization_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/token",
  "jwks_uri": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:49:55
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/",
  "authorization_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/token",
  "jwks_uri": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:49:56
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "4QRcxB4xCwGBS6lLokE-jwyCtQ8dIA9q1xdZBM8HdnxiRPp5Qn44jgMtTcECV4FUYjUOa_7wEOmiRDYDFH6RJDVURD7GzyQwm2IC4RlcEvYzGqWL4q9oAJLHNv-iXZIPc1_Uc7-RY6WsYZF3FFHsCWuOD0z8oeU7b1ULOwBwds8",
      "kty": "RSA",
      "q": "1kLhYM4bc4_nlHY8HBiEAc1dfAXnOt4hsisa6ZHugbD1IsnWabFNEk3HysLdzs6lFMph9buF8k_gHMOZWvTlXWGNWsSgyPS2Q4oDztlf2OSFcRKSzPy6GT-jdgDinpv9vZPxo7C5KVxSmA2AY1uZvQzc_if_3odu4lvHP1nm2rU",
      "d": "EzOgn7XKBpzD7o1n4Ptf3ibOFDO4CKDRjb8XqETdg2f1Hr95SeTy_TuOB7lCKZOB-UOUIQVsohcaqwUhthKirkAwlhPtgD0aNHAIW6iMGyRDtUt0HP49S4AOSYPFbVNG2cnBo3uJlC_ffbYNiWz_jKt8p7FNT960cEO-C7PR2YdK69FZc8wysi7Nsw6RCwcJ3dm97P5cc2JZrCEBVCOeOjmjHnCMO7Re4qPSlFNqPj_b8Iu2zdcJnNhtlw51h4fZ9h8TONpVKXVssCvRtFbSI4tAuIArpvUv743Duu1y3nxHSqKBWups6jIZ43_NFJLoOU_AeHDWhtqw8ZFb7VnN8Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "d2ed7482-a353-44fc-8c60-4276ea4a2ead",
      "qi": "LRq4V5tvqBU5zqyhHbcpO6QFvPdbPj3M7CHi00JsQwREppU15KQzTLh1Ups4gh54sALIN6kphsTqERbsm70tVPJnOegEDZqf3ngqSvsku6qCNgfWEASGL_cqmf737k1VxHgKQDAfUrpnpMGY8ZBcWMrKzl3at2CDEgMevwxDuDE",
      "dp": "RPpLXatLqW4KrqD1GIYboUpafxpk-UEApXL4zOqSBRZYIYEOzv1WZOJAbwdtqllw_rH4-84o1WZpYbOU-iFaaNkYPdtoonMbm2ZOL6bQfNeQDukUmqbeoN5dx1RR95Egv2NvAxSEgyF0WGx5Lnd2feTEpZgaEZ7tu1E8oheeYi0",
      "dq": "A8uxhG6CS_zLpHSnwfOpOwLxWgYcv4052Zcr5eFg8Uk6PoCG3N54OA_Kr0vedBBzGjgvnhPRXqaNmNTaPaNDAPF-eJItKwIyzGWAhcSSDxyVRJiIozsC7PmUor2HRjoLN7WMPVMfJJ1vFSSAFsKDqba1n4cD4GRT0YzArd2g2lU",
      "n": "vFRuxcghk5uRLQeGkPGM-DXMeIV81VpsSoDIHec9_7_2cvVZx2JXloKJ5SeIk1W5iSOu9H1EQNBK3b3TOKNkByjLwLp8cYC-suzzf5z-OcncC-vTRNJX4KLRPjiB_vRIhuGO82byRhb5jDQ6hUTsEKrEvQd4kvcL_Y4ShYzRPAwAMKYr3PXtr-MCXl82omcI4MHDdi_bL7S6PZMsQgqExpVyCZD7WP-iRULWxxMMtQuOJ1jBuIoRKmp9JyCiQI-ejVfTkw6ibvkJR4jKKNm_Cx-xBopFl3oZY_2JPsh7mknKxWicNJfH9IyUO39EWrEZJ-K7BGZHjs8-d9NgyapGWw"
    },
    {
      "kty": "EC",
      "d": "QD71wf_2M-tyBp0cNev6CZIBdmWsdenav4OZbcaYQ3A",
      "use": "sig",
      "crv": "P-256",
      "kid": "7e9d279b-4776-4928-af6e-65aca63fac29",
      "x": "rlPiaB1D3vLCkmgp34Yiv7yELN5Xhj9_kyAWEoWabg8",
      "y": "nvQcA1mZLRnUGtrlyZE-1im0oR8xhaTn6wMTeIcW7kE"
    },
    {
      "kty": "EC",
      "d": "6oPmXgTaQvER1nwjn_-7jviTBuVfiJ3JMvnD4ErTiao",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "9a9ade4f-fa3f-44c2-8a8e-8c92063f4016",
      "x": "UM8JOi2SD5MJbwM--bhIaEGv6AQ5r8aXNtFZHCvJw38",
      "y": "i5Xgf_s9-OoubIXAePG17ilT2-OxVPz26LxSbHrL4FA"
    },
    {
      "kty": "OKP",
      "d": "2YOK4bFpAq9bX_hb3YyWKWNrVh9H-vkaA_IH2EOYab4",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "d5b1d609-8fe1-4d79-9edb-ce77447a9b31",
      "x": "8GUx6NuDZBn2rIgEtVKxD9d8Sh7XgBF30x80VsYRohE"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "3XN1zmlTinwGjgDRQY7mX7QuIF5rTnArkn09TUoRHrKo4ANAk9QdGLLmgeb3gCiVRTEqX-RQMj2bdQtS9t_yTh1nL4kzNOvzaBCUD6n1tzvSqjJp9EY65xZIrUDHA118q8rpTFEkedgve_Jh3lSBxy9C1PL8_ZLar-rHNKQtFlM",
      "kty": "RSA",
      "q": "oxTRZqgP08iTkteN63TIp5MEW8LxocMe8k-DLK9UdNhBT2JsCabv65dohWhO-HEwZ1JWOLo9YIbCZ8Z53WwQs_NVLIT1CnED1kK9pX8_5JSfIuOUrVubkAQ16iUeWZB0dUepS2kka772nPPPvWspdo5DKK_m7ZN71sHvX5h2ugk",
      "d": "hOAa0lMlp85IsH1xglszh_uDnz9eZTXYgz68u9Ve-PEwe_GkNZJG-SOaCg1Y8K3t3rATtkFWLvmaDOcIu2-LlBbyVk0Y634Um4vfcNzxNf7dT-daPHPDFdkQcjT3EVqQAut-36ANZcLtVbmT4i1TN30ju5OpxApObOShR_6X84B5b2yZr98m3jNYWvYI2Y9jJFGTp7MteSh_rv7_bY2QT-xuKi6DEKUWXofeg266JXL_KyDukHiVpZHPa1-xNQ-U1vkJOmIjN3Jr7W4sSEebp7TjqL4zkP7GJTHO305LbJUwoJi1Q7NLoddk4z8IGKndteIIBWlhB9SrOxGh0NGokQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "a7f63028-fa8c-4cd4-9f64-6978dc8475ce",
      "qi": "f1oUzkoo8nk0Jf5tSeX_2fJrbcAybkWZbJuRguU7BiuIi_RaaUQz66TO5_KM0c6A0ZDa-q4l7o_cxtQ1qSmaCRCdWDPSqZUs1PswfMTuEPAD8iFjCgOjl0_EglL8EYCU7X0ODfSLKqAd84oFcuDrdYLQYJ4-Rr9JGa6HgK1KgvI",
      "dp": "OPhnKj72ev4FQar8Kn10ztIvu6wOtxMsYndNugB__wG_aEHt7xn2klAT9P9SVOob3L0VRa4a45Ht2GKdaV2bnHT8AsKtJcQ9zlvVe2IiEI2XWKm3kFww8xpMgCXWDQuT8y40bqnBVIdFUAG_I89hw7ho3RfV9fY9xFwF-4jxAHk",
      "alg": "RSA-OAEP",
      "dq": "X-oxkpAL5wKUEQxoMvCXxz9Hk_SfCwXooJk1TEW-hY5fMyJu6mpdt5Fwbu4_bA2ea1ZY0bpvuOLpWgG40Qrq8_uMv8dfG4oGuLC-O6UQ3g6vXeS-IAu9_cEMOK8mH4U_iW7hWjH3sss43mzjZMOvOkRHqZlzV42ji1a6w923Dok",
      "n": "jRKGK7HAVjX9Ydgv8LmNPqWtaIiDxBU1GcFA3jro2yL2WrDLRh437RmBeh5tfDC2_efMgH_7sDDw09_kJC5T9j1hNd-XQwSh_qqmwqT1LPfMVn70E3u8o-V3usgOU1s7ENstMB1y9m8Qwul3hBZ__jW8VGJG0u7g2Oz6Sr1VjVryn9nLEpgk1u5q345oNIJan1K7q4uyvrftrvtzaVp8fIgH0bgIhx2VsCbH0nJgFVmNPH_Ng4490klSV63edvim9n8GIL390dkLnyaAWUl3CM1zYZ8mAZSa07XpH1dNCosTpsXTfFyX094Tmg5FmTde_99rclU3dVcS4Xf5GhAW6w"
    },
    {
      "kty": "EC",
      "d": "323biGb2fjFkiUb3aDklK7LwtLrvL1D3-o6l9s35tM0",
      "use": "enc",
      "crv": "P-256",
      "kid": "f5ef100d-83d1-4e13-9352-217a891fa124",
      "x": "wzhyDY8TEkII3PNhjfvSkbAxOU-NN_ehmtjwDg7Zxj4",
      "y": "67h9rFFvvqAMKjbKxrYmKWWzdt0-kJyC7abCeiUma5Y",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "d2ed7482-a353-44fc-8c60-4276ea4a2ead",
      "n": "vFRuxcghk5uRLQeGkPGM-DXMeIV81VpsSoDIHec9_7_2cvVZx2JXloKJ5SeIk1W5iSOu9H1EQNBK3b3TOKNkByjLwLp8cYC-suzzf5z-OcncC-vTRNJX4KLRPjiB_vRIhuGO82byRhb5jDQ6hUTsEKrEvQd4kvcL_Y4ShYzRPAwAMKYr3PXtr-MCXl82omcI4MHDdi_bL7S6PZMsQgqExpVyCZD7WP-iRULWxxMMtQuOJ1jBuIoRKmp9JyCiQI-ejVfTkw6ibvkJR4jKKNm_Cx-xBopFl3oZY_2JPsh7mknKxWicNJfH9IyUO39EWrEZJ-K7BGZHjs8-d9NgyapGWw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "5553b146-9f49-4b01-93ca-8f70defc1536",
      "n": "m3RNRnZMx7Bj4vRxnPYSqvYr8Cp1wy20qy00bucxqEHgsijfyhH5ssHrLFeQzdAbM63m4wd6l34O9t684CWfiCp6V8JVZIcTEEanPAVyqlbPzJoJdSM-YwvQjTeCr5d0qWwna9MUcujBtNyq5TmgrI_TiFSEnYb-wIjcY7avApNmsGxTnQFs7n928E6iHWqIPs_KCn9NqwfhJn_tB7q6OKXwH2IMqHML8JFeOqOqB0mAXWkOqKzmo0_mKxhe6P6Qy9XZFISRQ9UVoOgBGQ5bWWp4FocH6gpNrC1LVDEdsN9OatN1vZDYjfEq1jxfX9G3iqefP2wx87clFfG1pB6VMQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7e9d279b-4776-4928-af6e-65aca63fac29",
      "x": "rlPiaB1D3vLCkmgp34Yiv7yELN5Xhj9_kyAWEoWabg8",
      "y": "nvQcA1mZLRnUGtrlyZE-1im0oR8xhaTn6wMTeIcW7kE"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "8d5500d3-e166-4630-8a12-3762bfe033b0",
      "x": "gQVJyoRaMZyWTQxO4aQ3Ue2Cwu4tgDVUTOn6MhdH1ZI",
      "y": "bHHpHDQTuUrHcBVYUu4WoEAtD6vA6tomHNB0DafhEbk"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "9a9ade4f-fa3f-44c2-8a8e-8c92063f4016",
      "x": "UM8JOi2SD5MJbwM--bhIaEGv6AQ5r8aXNtFZHCvJw38",
      "y": "i5Xgf_s9-OoubIXAePG17ilT2-OxVPz26LxSbHrL4FA"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "d5b1d609-8fe1-4d79-9edb-ce77447a9b31",
      "x": "8GUx6NuDZBn2rIgEtVKxD9d8Sh7XgBF30x80VsYRohE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "a7f63028-fa8c-4cd4-9f64-6978dc8475ce",
      "alg": "RSA-OAEP",
      "n": "jRKGK7HAVjX9Ydgv8LmNPqWtaIiDxBU1GcFA3jro2yL2WrDLRh437RmBeh5tfDC2_efMgH_7sDDw09_kJC5T9j1hNd-XQwSh_qqmwqT1LPfMVn70E3u8o-V3usgOU1s7ENstMB1y9m8Qwul3hBZ__jW8VGJG0u7g2Oz6Sr1VjVryn9nLEpgk1u5q345oNIJan1K7q4uyvrftrvtzaVp8fIgH0bgIhx2VsCbH0nJgFVmNPH_Ng4490klSV63edvim9n8GIL390dkLnyaAWUl3CM1zYZ8mAZSa07XpH1dNCosTpsXTfFyX094Tmg5FmTde_99rclU3dVcS4Xf5GhAW6w"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "f5ef100d-83d1-4e13-9352-217a891fa124",
      "x": "wzhyDY8TEkII3PNhjfvSkbAxOU-NN_ehmtjwDg7Zxj4",
      "y": "67h9rFFvvqAMKjbKxrYmKWWzdt0-kJyC7abCeiUma5Y",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:49:56 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:49:56 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:49:56 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:49:56 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:49:56
oidcc-client-test-nonce-invalid
Setup Done
2020-09-01 12:49:56 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance xTNKx6GlX14iVl3
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:49:56 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance xTNKx6GlX14iVl3
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/",
  "authorization_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/token",
  "jwks_uri": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:49:56 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance xTNKx6GlX14iVl3
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "161",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code"],"grant_types":["authorization_code"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:49:56 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:49:56 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:49:56 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-09-01 12:49:56 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:49:56 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:49:56 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:49:56 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:49:56 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:49:56 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:49:56 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:49:56 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:49:56 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:49:56 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:49:56 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:49:56 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:49:56 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:49:56 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:49:56 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:49:56 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:49:56 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:49:56 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:49:56 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:49:56 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_QsNEgJJgSrptaGM94056.({) "
}
2020-09-01 12:49:56
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_pzlUyhLTkXGbMwocNbeDtgaERyjWEYSfSpdXXswJgaGjtoEBBU7827734432'(#^\
2020-09-01 12:49:56 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:49:56 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_QsNEgJJgSrptaGM94056.({) ",
  "client_secret": "secret_pzlUyhLTkXGbMwocNbeDtgaERyjWEYSfSpdXXswJgaGjtoEBBU7827734432\u0027(#^\\"
}
2020-09-01 12:49:56 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:49:56 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:49:56
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:49:56 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance xTNKx6GlX14iVl3
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_QsNEgJJgSrptaGM94056.({) ",
  "client_secret": "secret_pzlUyhLTkXGbMwocNbeDtgaERyjWEYSfSpdXXswJgaGjtoEBBU7827734432\u0027(#^\\",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:49:57 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance xTNKx6GlX14iVl3
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_QsNEgJJgSrptaGM94056.({) ",
  "scope": "openid",
  "response_type": "code",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "9b9LXNsE-hfdRWusCbrxrLCUvtfa-VO_mXHKHkwK5cs",
  "nonce": "0u5pzhn4kR202pFpJSS_ERxwMKHhctoKu4-_XD6J35U",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:49:57 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:49:57 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:49:57 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_QsNEgJJgSrptaGM94056.({) ",
  "scope": "openid",
  "response_type": "code",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "9b9LXNsE-hfdRWusCbrxrLCUvtfa-VO_mXHKHkwK5cs",
  "nonce": "0u5pzhn4kR202pFpJSS_ERxwMKHhctoKu4-_XD6J35U",
  "response_mode": "form_post"
}
2020-09-01 12:49:57 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:49:57 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
0u5pzhn4kR202pFpJSS_ERxwMKHhctoKu4-_XD6J35U
2020-09-01 12:49:57 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-09-01 12:49:57 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_QsNEgJJgSrptaGM94056.({) 
2020-09-01 12:49:57 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:49:57 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:49:57 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:49:57 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
Eu75JBPSv3
2020-09-01 12:49:57 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
MAAQQglwRxBRDTeu00btpg
2020-09-01 12:49:57 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "9b9LXNsE-hfdRWusCbrxrLCUvtfa-VO_mXHKHkwK5cs"
}
2020-09-01 12:49:57 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "9b9LXNsE-hfdRWusCbrxrLCUvtfa-VO_mXHKHkwK5cs",
  "code": "Eu75JBPSv3"
}
2020-09-01 12:49:57 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance xTNKx6GlX14iVl3
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"9b9LXNsE-hfdRWusCbrxrLCUvtfa-VO_mXHKHkwK5cs","code":"Eu75JBPSv3"}}]
outgoing_path
authorize
2020-09-01 12:49:57 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance xTNKx6GlX14iVl3
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X1FzTkVnSkpnU3JwdGFHTTk0MDU2LiglN0IpKzpzZWNyZXRfcHpsVXloTFRrWEdiTXdvY05iZUR0Z2FFUnlqV0VZU2ZTcGRYWHN3SmdhR2p0b0VCQlU3ODI3NzM0NDMyJyglMjMlNUUlNUM\u003d",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "Eu75JBPSv3",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=Eu75JBPSv3&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:49:57 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_QsNEgJJgSrptaGM94056.({) 
client_secret
secret_pzlUyhLTkXGbMwocNbeDtgaERyjWEYSfSpdXXswJgaGjtoEBBU7827734432'(#^\
method
client_secret_basic
2020-09-01 12:49:57 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:49:57 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
Eu75JBPSv3
2020-09-01 12:49:57 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:49:57 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
0vkmk06YEnd2MCB6g0G3KZTkRMMYcVkhMlZIeGLWkEkK84ATm0
2020-09-01 12:49:57 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
VJzxqAUPVL6mXokiC4eXZg
2020-09-01 12:49:57 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/xTNKx6GlX14iVl3/
sub
user-subject-1234531
aud
client_QsNEgJJgSrptaGM94056.({) 
nonce
0u5pzhn4kR202pFpJSS_ERxwMKHhctoKu4-_XD6J35U
iat
1598964597
exp
1598964897
2020-09-01 12:49:57 SUCCESS
AddInvalidNonceValueToIdToken
Added invalid nonce to ID token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/",
  "sub": "user-subject-1234531",
  "aud": "client_QsNEgJJgSrptaGM94056.({) ",
  "nonce": "0u5pzhn4kR202pFpJSS_ERxwMKHhctoKu4-_XD6J35U1",
  "iat": 1598964597,
  "exp": 1598964897
}
nonce
0u5pzhn4kR202pFpJSS_ERxwMKHhctoKu4-_XD6J35U1
2020-09-01 12:49:57 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
VJzxqAUPVL6mXokiC4eXZg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/xTNKx6GlX14iVl3/",
  "sub": "user-subject-1234531",
  "aud": "client_QsNEgJJgSrptaGM94056.({) ",
  "nonce": "0u5pzhn4kR202pFpJSS_ERxwMKHhctoKu4-_XD6J35U1",
  "iat": 1598964597,
  "exp": 1598964897,
  "at_hash": "VJzxqAUPVL6mXokiC4eXZg"
}
2020-09-01 12:49:57 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJkMmVkNzQ4Mi1hMzUzLTQ0ZmMtOGM2MC00Mjc2ZWE0YTJlYWQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiVkp6eHFBVVBWTDZtWG9raUM0ZVhaZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1FzTkVnSkpnU3JwdGFHTTk0MDU2Lih7KSAiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwveFROS3g2R2xYMTRpVmwzXC8iLCJleHAiOjE1OTg5NjQ4OTcsIm5vbmNlIjoiMHU1cHpobjRrUjIwMnBGcEpTU19FUnh3TUtIaGN0b0t1NC1fWEQ2SjM1VTEiLCJpYXQiOjE1OTg5NjQ1OTd9.JMiTjvtaI2Jf1nc2RTbqmmpS_iYVPzPSQ97WtdW8KhNhhjjw7wI23rt6yOdzrMl85PzmnNjiGiglWkhnqwVsBTwf0poKOdnijLK287kffF8xggdZih1ik_JvlUxjqwB__FXVo2GOCP9FUm2F2UY6aBAP58OZnodCnftr9tFm2rn14qoOpPSghFrhWc6KRDrQFe2do8FUwqLfOAKuokkrcdY-3p6oiprwT85wXlroQAgkqlPhCd0MX8KTUIObBESyO_QQUcsFwcGZKHiR0AHbudt0NIIJPn_oG5suHsHo4i7esaCp-ggHGGTouygZxzgroEi76dEMDCSTgb6i74_Zrw
key
{"p":"4QRcxB4xCwGBS6lLokE-jwyCtQ8dIA9q1xdZBM8HdnxiRPp5Qn44jgMtTcECV4FUYjUOa_7wEOmiRDYDFH6RJDVURD7GzyQwm2IC4RlcEvYzGqWL4q9oAJLHNv-iXZIPc1_Uc7-RY6WsYZF3FFHsCWuOD0z8oeU7b1ULOwBwds8","kty":"RSA","q":"1kLhYM4bc4_nlHY8HBiEAc1dfAXnOt4hsisa6ZHugbD1IsnWabFNEk3HysLdzs6lFMph9buF8k_gHMOZWvTlXWGNWsSgyPS2Q4oDztlf2OSFcRKSzPy6GT-jdgDinpv9vZPxo7C5KVxSmA2AY1uZvQzc_if_3odu4lvHP1nm2rU","d":"EzOgn7XKBpzD7o1n4Ptf3ibOFDO4CKDRjb8XqETdg2f1Hr95SeTy_TuOB7lCKZOB-UOUIQVsohcaqwUhthKirkAwlhPtgD0aNHAIW6iMGyRDtUt0HP49S4AOSYPFbVNG2cnBo3uJlC_ffbYNiWz_jKt8p7FNT960cEO-C7PR2YdK69FZc8wysi7Nsw6RCwcJ3dm97P5cc2JZrCEBVCOeOjmjHnCMO7Re4qPSlFNqPj_b8Iu2zdcJnNhtlw51h4fZ9h8TONpVKXVssCvRtFbSI4tAuIArpvUv743Duu1y3nxHSqKBWups6jIZ43_NFJLoOU_AeHDWhtqw8ZFb7VnN8Q","e":"AQAB","use":"sig","kid":"d2ed7482-a353-44fc-8c60-4276ea4a2ead","qi":"LRq4V5tvqBU5zqyhHbcpO6QFvPdbPj3M7CHi00JsQwREppU15KQzTLh1Ups4gh54sALIN6kphsTqERbsm70tVPJnOegEDZqf3ngqSvsku6qCNgfWEASGL_cqmf737k1VxHgKQDAfUrpnpMGY8ZBcWMrKzl3at2CDEgMevwxDuDE","dp":"RPpLXatLqW4KrqD1GIYboUpafxpk-UEApXL4zOqSBRZYIYEOzv1WZOJAbwdtqllw_rH4-84o1WZpYbOU-iFaaNkYPdtoonMbm2ZOL6bQfNeQDukUmqbeoN5dx1RR95Egv2NvAxSEgyF0WGx5Lnd2feTEpZgaEZ7tu1E8oheeYi0","dq":"A8uxhG6CS_zLpHSnwfOpOwLxWgYcv4052Zcr5eFg8Uk6PoCG3N54OA_Kr0vedBBzGjgvnhPRXqaNmNTaPaNDAPF-eJItKwIyzGWAhcSSDxyVRJiIozsC7PmUor2HRjoLN7WMPVMfJJ1vFSSAFsKDqba1n4cD4GRT0YzArd2g2lU","n":"vFRuxcghk5uRLQeGkPGM-DXMeIV81VpsSoDIHec9_7_2cvVZx2JXloKJ5SeIk1W5iSOu9H1EQNBK3b3TOKNkByjLwLp8cYC-suzzf5z-OcncC-vTRNJX4KLRPjiB_vRIhuGO82byRhb5jDQ6hUTsEKrEvQd4kvcL_Y4ShYzRPAwAMKYr3PXtr-MCXl82omcI4MHDdi_bL7S6PZMsQgqExpVyCZD7WP-iRULWxxMMtQuOJ1jBuIoRKmp9JyCiQI-ejVfTkw6ibvkJR4jKKNm_Cx-xBopFl3oZY_2JPsh7mknKxWicNJfH9IyUO39EWrEZJ-K7BGZHjs8-d9NgyapGWw"}
algorithm
RS256
2020-09-01 12:49:57 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:49:57 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
0vkmk06YEnd2MCB6g0G3KZTkRMMYcVkhMlZIeGLWkEkK84ATm0
token_type
Bearer
id_token
eyJraWQiOiJkMmVkNzQ4Mi1hMzUzLTQ0ZmMtOGM2MC00Mjc2ZWE0YTJlYWQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiVkp6eHFBVVBWTDZtWG9raUM0ZVhaZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1FzTkVnSkpnU3JwdGFHTTk0MDU2Lih7KSAiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwveFROS3g2R2xYMTRpVmwzXC8iLCJleHAiOjE1OTg5NjQ4OTcsIm5vbmNlIjoiMHU1cHpobjRrUjIwMnBGcEpTU19FUnh3TUtIaGN0b0t1NC1fWEQ2SjM1VTEiLCJpYXQiOjE1OTg5NjQ1OTd9.JMiTjvtaI2Jf1nc2RTbqmmpS_iYVPzPSQ97WtdW8KhNhhjjw7wI23rt6yOdzrMl85PzmnNjiGiglWkhnqwVsBTwf0poKOdnijLK287kffF8xggdZih1ik_JvlUxjqwB__FXVo2GOCP9FUm2F2UY6aBAP58OZnodCnftr9tFm2rn14qoOpPSghFrhWc6KRDrQFe2do8FUwqLfOAKuokkrcdY-3p6oiprwT85wXlroQAgkqlPhCd0MX8KTUIObBESyO_QQUcsFwcGZKHiR0AHbudt0NIIJPn_oG5suHsHo4i7esaCp-ggHGGTouygZxzgroEi76dEMDCSTgb6i74_Zrw
scope
openid
2020-09-01 12:49:57 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance xTNKx6GlX14iVl3
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "0vkmk06YEnd2MCB6g0G3KZTkRMMYcVkhMlZIeGLWkEkK84ATm0",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJkMmVkNzQ4Mi1hMzUzLTQ0ZmMtOGM2MC00Mjc2ZWE0YTJlYWQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiVkp6eHFBVVBWTDZtWG9raUM0ZVhaZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1FzTkVnSkpnU3JwdGFHTTk0MDU2Lih7KSAiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwveFROS3g2R2xYMTRpVmwzXC8iLCJleHAiOjE1OTg5NjQ4OTcsIm5vbmNlIjoiMHU1cHpobjRrUjIwMnBGcEpTU19FUnh3TUtIaGN0b0t1NC1fWEQ2SjM1VTEiLCJpYXQiOjE1OTg5NjQ1OTd9.JMiTjvtaI2Jf1nc2RTbqmmpS_iYVPzPSQ97WtdW8KhNhhjjw7wI23rt6yOdzrMl85PzmnNjiGiglWkhnqwVsBTwf0poKOdnijLK287kffF8xggdZih1ik_JvlUxjqwB__FXVo2GOCP9FUm2F2UY6aBAP58OZnodCnftr9tFm2rn14qoOpPSghFrhWc6KRDrQFe2do8FUwqLfOAKuokkrcdY-3p6oiprwT85wXlroQAgkqlPhCd0MX8KTUIObBESyO_QQUcsFwcGZKHiR0AHbudt0NIIJPn_oG5suHsHo4i7esaCp-ggHGGTouygZxzgroEi76dEMDCSTgb6i74_Zrw",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:49:58 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance xTNKx6GlX14iVl3
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:49:58 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance xTNKx6GlX14iVl3
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "d2ed7482-a353-44fc-8c60-4276ea4a2ead",
      "n": "vFRuxcghk5uRLQeGkPGM-DXMeIV81VpsSoDIHec9_7_2cvVZx2JXloKJ5SeIk1W5iSOu9H1EQNBK3b3TOKNkByjLwLp8cYC-suzzf5z-OcncC-vTRNJX4KLRPjiB_vRIhuGO82byRhb5jDQ6hUTsEKrEvQd4kvcL_Y4ShYzRPAwAMKYr3PXtr-MCXl82omcI4MHDdi_bL7S6PZMsQgqExpVyCZD7WP-iRULWxxMMtQuOJ1jBuIoRKmp9JyCiQI-ejVfTkw6ibvkJR4jKKNm_Cx-xBopFl3oZY_2JPsh7mknKxWicNJfH9IyUO39EWrEZJ-K7BGZHjs8-d9NgyapGWw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "5553b146-9f49-4b01-93ca-8f70defc1536",
      "n": "m3RNRnZMx7Bj4vRxnPYSqvYr8Cp1wy20qy00bucxqEHgsijfyhH5ssHrLFeQzdAbM63m4wd6l34O9t684CWfiCp6V8JVZIcTEEanPAVyqlbPzJoJdSM-YwvQjTeCr5d0qWwna9MUcujBtNyq5TmgrI_TiFSEnYb-wIjcY7avApNmsGxTnQFs7n928E6iHWqIPs_KCn9NqwfhJn_tB7q6OKXwH2IMqHML8JFeOqOqB0mAXWkOqKzmo0_mKxhe6P6Qy9XZFISRQ9UVoOgBGQ5bWWp4FocH6gpNrC1LVDEdsN9OatN1vZDYjfEq1jxfX9G3iqefP2wx87clFfG1pB6VMQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7e9d279b-4776-4928-af6e-65aca63fac29",
      "x": "rlPiaB1D3vLCkmgp34Yiv7yELN5Xhj9_kyAWEoWabg8",
      "y": "nvQcA1mZLRnUGtrlyZE-1im0oR8xhaTn6wMTeIcW7kE"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "8d5500d3-e166-4630-8a12-3762bfe033b0",
      "x": "gQVJyoRaMZyWTQxO4aQ3Ue2Cwu4tgDVUTOn6MhdH1ZI",
      "y": "bHHpHDQTuUrHcBVYUu4WoEAtD6vA6tomHNB0DafhEbk"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "9a9ade4f-fa3f-44c2-8a8e-8c92063f4016",
      "x": "UM8JOi2SD5MJbwM--bhIaEGv6AQ5r8aXNtFZHCvJw38",
      "y": "i5Xgf_s9-OoubIXAePG17ilT2-OxVPz26LxSbHrL4FA"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "d5b1d609-8fe1-4d79-9edb-ce77447a9b31",
      "x": "8GUx6NuDZBn2rIgEtVKxD9d8Sh7XgBF30x80VsYRohE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "a7f63028-fa8c-4cd4-9f64-6978dc8475ce",
      "alg": "RSA-OAEP",
      "n": "jRKGK7HAVjX9Ydgv8LmNPqWtaIiDxBU1GcFA3jro2yL2WrDLRh437RmBeh5tfDC2_efMgH_7sDDw09_kJC5T9j1hNd-XQwSh_qqmwqT1LPfMVn70E3u8o-V3usgOU1s7ENstMB1y9m8Qwul3hBZ__jW8VGJG0u7g2Oz6Sr1VjVryn9nLEpgk1u5q345oNIJan1K7q4uyvrftrvtzaVp8fIgH0bgIhx2VsCbH0nJgFVmNPH_Ng4490klSV63edvim9n8GIL390dkLnyaAWUl3CM1zYZ8mAZSa07XpH1dNCosTpsXTfFyX094Tmg5FmTde_99rclU3dVcS4Xf5GhAW6w"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "f5ef100d-83d1-4e13-9352-217a891fa124",
      "x": "wzhyDY8TEkII3PNhjfvSkbAxOU-NN_ehmtjwDg7Zxj4",
      "y": "67h9rFFvvqAMKjbKxrYmKWWzdt0-kJyC7abCeiUma5Y",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:49:59 FINISHED
oidcc-client-test-nonce-invalid
Test has run to completion
testmodule_result
PASSED
Test Results