Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:54:51 INFO
TEST-RUNNER
Test instance hGOuo6Bwk46OZBM created
baseUrl
https://www.certification.openid.net/test/hGOuo6Bwk46OZBM
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-nonce-unless-code-flow
2020-09-01 12:54:51 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/",
  "authorization_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/token",
  "jwks_uri": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:54:51
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/",
  "authorization_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/token",
  "jwks_uri": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:54:51
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "5sWENMH-NVVlp-9Aa-V8lX5OI4nZXOEcfhRSTkVdF1abseNaIjg8bBO8Cv5kbSanBUQbDunXU_uazPxcvMbx2FkQUMe5jefuxvXjXlqXAbjwF5KcSSynO32oWhKtDNOKTpmqS1F-zirk7ZPFNNAEO9QxU8HaCueayprigmePzvE",
      "kty": "RSA",
      "q": "rK6eyB3wwWrK_hm_YIqa286YsuuG0i-0gAm46IoVS70UcrmwTGnUwtKDnzw0V0i1pBnlZ0bCMDEy1Lm6qFZgr7bTeNxUemQQQwwO47vr--ggOEjdh6HIyirDEFE7xBJa1RvzalDyS5sCwYTC4blApqPwbbFosIrY--Rl-3H0fAU",
      "d": "dAgbmpOv_oIz2jyyPNW_G3IIzoFQlAO4YTnK70qU77vJ5hdnZbk5YBRAgL0zFjAP7_SVezSoodp97jC_DyAW8-zHHUJ-psBBJOEf74NQS0GWKzXp1cKBp_iNP4Y1vr2kK_u9ou2P_oNUL0nUAXEE2fy6HODxO8fIamHI2xsJrIJsZLtcL7ReoN17trgQl3DjrDmK_52D3HTLiPxmeEFAsKOvvg3L1TH8vdY5jAhVrPzAxf4sb_IPOOr_qdWMPCfrUcrdXb1xazQRF50MbgBsu18asylEIBeip21TVjStP2MXY-Q2x1oEoG9FUqsjWvcLWN7lB51xdINKcIfKoJ5_QQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "601aa805-3a99-421b-97b6-8dbb324a58ac",
      "qi": "bBxrKuTO7pQ90r0l1hvqx8l57lh0hlmSYqOtPsSwTRua6fzLcC5r7E7AzU8E5lkb7tYj-ZBMFLpjGovtYzUnEGH5-2sHoy5yoCznHZyjzm3ICTHArVxYBASXCYuwxNyQxH5d-VeONaiESEW0PkRCwQprgi2CnWjSxo6ggwgfEbE",
      "dp": "jpQcMahl0jfX3eEBEWixB4AI8QYbSLpAq1kM3RUYBfJZsZeBOcE6-59ZwAUasSF_cc55VUZ-5oF-TAXjmjLke0HTxcUQTK-upDiJaONZhxPnKvlHHCK9lBD38ea2CkWsnxFr2KsaSHDSDkMNRar74qcgbtpHSBN-XI1DQ0SO4lE",
      "dq": "AleoDbziPC1vrXy57NxUd3DY_2xUettszmPTX0woN8vL0DaWnqK84Rur72gIqbpxxFUZmIoMLk0sjFgsoQXy789CFRygBL0Av3gVZ59v9w3SChFq9-EI8T0dQkZn0iQRmVx0s9d_QelLY0aiwh8aMmh85XAHpIVtphUWERAdqeU",
      "n": "m6oeNZsX5xEsvWRPOOfbaDjpjt7OveIUSRAay3OkQ0UX09yKZSIK1WNd4y0VHEcycx0o9prKc2ZpmR-fPXiRHjBNG5lpuLwm07buiXkvDof0XtTG93xw-b_PqafqRIfzrttXWyyIYJEnJ4oAvYUlH4o3e8ojtkh0hDeLZQzxVGdZiuOpfUu8orqcbN69Be7-CbBsHYnU_jy9sL_JKxmz-QgwfKRbyzATPqjjs7Ukh8YryiCRGEVfJrsSubVY1FWllHKC71kmRS5V4c1jAjBE7I_JIJzSvJvAitD6oWlALxxfVbwzqhuDkbMJkkpASt5B_xxaLgrZQ85PB8FqTL_GtQ"
    },
    {
      "kty": "EC",
      "d": "4lcOUt8pQgzITVYYYY9ir1XhbadkmOUoe984HiB-Ix0",
      "use": "sig",
      "crv": "P-256",
      "kid": "f6388efd-7446-4213-8246-81df24ac096b",
      "x": "F17-qTgDiIejxhqIJOVWKCYe8HuZ6WQLu7zSJ7i4tEY",
      "y": "QmqRIXJeVnRQXeMyc9XXRTh4NPZzjkmyz2xq2I6a46c"
    },
    {
      "kty": "EC",
      "d": "OB7vV6L5fyE9rEFo7lbpX95aJD3bWR35gGOGBZjeM-c",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "ea1cc8f5-8302-49ac-947f-0ddcf7cebc11",
      "x": "rbmn_H3wTzcEj1oE-EyDUIf--E94VtktUr7Drrbq_ws",
      "y": "KW9IVQyK0fTEK5jr7XVU5N2xdq_0r3W2sHVkuLMUMEI"
    },
    {
      "kty": "OKP",
      "d": "XCfgYMVMOQQ-eNb8Ph8miJAoWw3ivoXz-zOtyRKyPOY",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "fc63e2f5-8ae5-4111-b703-9e1326d2d9b7",
      "x": "tg_nZvtIbJoL2QHveTuK2FDXI0kjpR5eAteQI-1i2oE"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6eo9vjqaewnXOUYvv9nKin-5NXYyExu_xhvf3wg8_yLkED_Atorfd_FiZqF8_sFBbbuSbVkN5fkhGX6EdrZPPfeRB7Y1bfJTP1cO3AIHKSf91DDz04EZPviMJtzaz8CNV_7iOuAWHus4ZHNZ-QfdL8lROn1UEP5c9xe0RBxXfc8",
      "kty": "RSA",
      "q": "yqLZk1t3kUT2b9MpqnRLjdrlsnLsTzWfRAxvg-9eBWetwHvvvIHb-ETXg-1eA58M3hbRI5DbDAGFYT7bVmAC3XxEtY2H1dNNhWoU4D5J7NR5BlfTZYfSx9TOl47RZXyImTOcgFlR0--N-Rqfgq9-FZHarkqEAhBoEtSoaT7_VR0",
      "d": "dYuJj4BvOWGtbaPrUDQxJHSyIxQdm9XQpS0voPggRHk-NdAvhzOGJSO-chjV3uLhI14TlXtJR3E8njMs7y_t0guq5H9QUaiXwtRtvQUnfvTN_EmmGA3h25_n0fQxR94IP2e9tUc10EICRz3jHGmvtyR20IuHtMLePa6W4wivEO5IqtcZkfgCmMLgyeehNs1k2T4l0OM4Uvo-VUDjE_5e7OmrSnztsFAxbLPMMqtSAZcUXHMo25wCnK0Kdfs1LYFZsPAlNvHdE3TtktafqNM8vEeA-0iMPBDxKLt1vnLSOyGh6FIsLZbQUbqQqg05z2JEmZ4uLp_ywzZwM3kJ6EBHMQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "5e04db8a-97a8-4563-95c7-0a1b2aebeb4e",
      "qi": "Zv5rBKmoa_UQAX0V8WLqc1LVHupr0SG6Ox39Wbu8FQQ6bFQR_pMaToj6sZXUEUX3TgGwFMmF-ftITXw_4w-klPAetKZ1dM5fqBJd5CE1x7utj-F4pk_NZ9LiNWMz2twLGi61A_5G8tvs2w9TzV2NfO1w9x7VNSomwXRGnfwZABc",
      "dp": "auIn2FZ65CG5AGi7xNRFokd-X5lkhCq31FREVWs0Q_izcWFQM5j9R5c6uV6s-NNhjDybSe_ZU-4kW7vd10iyqMQItxdhDp4dv-GN3qXmk728VEsR_uEMoiN8Fv3v1eJMM5s50GE4emRM3kl_ITWgsgcxYKKH2UQBQr7IFh9FMy0",
      "alg": "RSA-OAEP",
      "dq": "GVEXVe3Lln7DO11qiz1UYzjCEfWByLOuXlYfaKBzYsF9V9skLK0cynvvYTA62sD4XpcDMipa87kM7QVpafU85mcsPnKcUf7AZLbIPOwLWGeDZ2N5qem6T_UqiozxZHiWqG1mVDLUomH_nuvQmgdK_W7nn3b33zolhpTDJcMVK5E",
      "n": "uSehwWAKM1I7rfPSsLwK7n__W9QMKG8G5bz2WmXTpzW1DRiO_bFl6M17TeeC0o8RmVbWHshO34P7OMpgtuVW2uHYDlZxGOzS5S_DRFP0QsYU8450pV3kw5OU2fyygo_CKMggLIdJIXu6HC57S3ojE7Pv1hNrl6ligyMQJJ6pKsctBUs6QsHBZObMe7zXdg9Gh5rgRmdnC2c-VNpMPlx1ycnrVurd32vK9g7zE5vY37pdz2hvWQ_003QuCxJd-0A_FHNkMFPEJ8rWJ1EcPw4EE_6h8bhd2HsXJHWlwkwqGfng9ygKCsweRfCzQb0cDcTnojGbD7lE2sWzHealtd_7cw"
    },
    {
      "kty": "EC",
      "d": "iiZ1cuAv9rBTgc2iXbqKMUUMZZddLA7dcaAHAieyfhw",
      "use": "enc",
      "crv": "P-256",
      "kid": "2d2d036b-2e5c-4d16-a927-b9caadf0d073",
      "x": "9SH8hkabbCUeuwZyAUsexrbIvd0nf43oN2BYTupE8Ho",
      "y": "NNdYBORMnvNWYRwH37Qf22vk84b4MigVmEsGeQe6AHA",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "601aa805-3a99-421b-97b6-8dbb324a58ac",
      "n": "m6oeNZsX5xEsvWRPOOfbaDjpjt7OveIUSRAay3OkQ0UX09yKZSIK1WNd4y0VHEcycx0o9prKc2ZpmR-fPXiRHjBNG5lpuLwm07buiXkvDof0XtTG93xw-b_PqafqRIfzrttXWyyIYJEnJ4oAvYUlH4o3e8ojtkh0hDeLZQzxVGdZiuOpfUu8orqcbN69Be7-CbBsHYnU_jy9sL_JKxmz-QgwfKRbyzATPqjjs7Ukh8YryiCRGEVfJrsSubVY1FWllHKC71kmRS5V4c1jAjBE7I_JIJzSvJvAitD6oWlALxxfVbwzqhuDkbMJkkpASt5B_xxaLgrZQ85PB8FqTL_GtQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "85f93f6f-9aed-41dc-9e92-86f4ce6ca5d4",
      "n": "jya7X2ulGikDksKDqaMFZXvEDHBujFK6YoF69RZ1RMjkg2a8si7dT-DwBc_CVJm812FWITbgjAFMKwD1lCUYix3h32CbUpXbEhiXoUlEUhvnF8bzHUwmtOEMUOPdvxjWQmwuiU6yJh0_Hcma8PAhc70meaPpB5vBuiT2pY9lo58fwyoGs7KG8BOV6uFt3RUmQa-0h0XYyRmzWX3NJ8TEy5AxLyUxLbgFCa3iXfPUThm7jG_7o0mQljLEljMlkQRiTRppimQ1qilgnstTX9suk_GEGEAlWS84bAKaDLsQbAt8D0C-9U1Two--GruipOCYsTHAEs4YMCQzHAVjXhNKkw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "f6388efd-7446-4213-8246-81df24ac096b",
      "x": "F17-qTgDiIejxhqIJOVWKCYe8HuZ6WQLu7zSJ7i4tEY",
      "y": "QmqRIXJeVnRQXeMyc9XXRTh4NPZzjkmyz2xq2I6a46c"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "f1cfa2ee-a6fc-4484-9110-c6c41c11fafc",
      "x": "dKik_3uiAWKcyuzJqdQuPuaOg7V4usT_Wpzrw6buvr8",
      "y": "H8bpTzoTDxzzanXMsvDAARLXxemMWZ2I05LAPNXpk9k"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "ea1cc8f5-8302-49ac-947f-0ddcf7cebc11",
      "x": "rbmn_H3wTzcEj1oE-EyDUIf--E94VtktUr7Drrbq_ws",
      "y": "KW9IVQyK0fTEK5jr7XVU5N2xdq_0r3W2sHVkuLMUMEI"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "fc63e2f5-8ae5-4111-b703-9e1326d2d9b7",
      "x": "tg_nZvtIbJoL2QHveTuK2FDXI0kjpR5eAteQI-1i2oE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "5e04db8a-97a8-4563-95c7-0a1b2aebeb4e",
      "alg": "RSA-OAEP",
      "n": "uSehwWAKM1I7rfPSsLwK7n__W9QMKG8G5bz2WmXTpzW1DRiO_bFl6M17TeeC0o8RmVbWHshO34P7OMpgtuVW2uHYDlZxGOzS5S_DRFP0QsYU8450pV3kw5OU2fyygo_CKMggLIdJIXu6HC57S3ojE7Pv1hNrl6ligyMQJJ6pKsctBUs6QsHBZObMe7zXdg9Gh5rgRmdnC2c-VNpMPlx1ycnrVurd32vK9g7zE5vY37pdz2hvWQ_003QuCxJd-0A_FHNkMFPEJ8rWJ1EcPw4EE_6h8bhd2HsXJHWlwkwqGfng9ygKCsweRfCzQb0cDcTnojGbD7lE2sWzHealtd_7cw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "2d2d036b-2e5c-4d16-a927-b9caadf0d073",
      "x": "9SH8hkabbCUeuwZyAUsexrbIvd0nf43oN2BYTupE8Ho",
      "y": "NNdYBORMnvNWYRwH37Qf22vk84b4MigVmEsGeQe6AHA",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:54:51 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:54:51 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:54:51 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:54:51 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:54:51
oidcc-client-test-nonce-unless-code-flow
Setup Done
2020-09-01 12:54:52 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance hGOuo6Bwk46OZBM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:54:52 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance hGOuo6Bwk46OZBM
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/",
  "authorization_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/token",
  "jwks_uri": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:54:52 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance hGOuo6Bwk46OZBM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "187",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:54:52 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:54:52 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:54:52 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code id_token token"
]
2020-09-01 12:54:52 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:54:52 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:54:52 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:54:52 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:54:52 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:54:52 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:54:52 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:54:52 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:54:52 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:54:52 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:54:52 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:54:52 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:54:52 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:54:52 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:54:52 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:54:52 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:54:52 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:54:52 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:54:52 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:54:52 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_qpzdRxxvgOVJeJQ28592\u003e|,@~"
}
2020-09-01 12:54:52
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_TcBFfVVgfyrNLdOeyXcKSDXvMQzXCcaPoDligNDmyqSBxgQMDG5045745773@|]!<
2020-09-01 12:54:52 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:54:52 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_qpzdRxxvgOVJeJQ28592\u003e|,@~",
  "client_secret": "secret_TcBFfVVgfyrNLdOeyXcKSDXvMQzXCcaPoDligNDmyqSBxgQMDG5045745773@|]!\u003c"
}
2020-09-01 12:54:52 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:54:52 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:54:52
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:54:52 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance hGOuo6Bwk46OZBM
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_qpzdRxxvgOVJeJQ28592\u003e|,@~",
  "client_secret": "secret_TcBFfVVgfyrNLdOeyXcKSDXvMQzXCcaPoDligNDmyqSBxgQMDG5045745773@|]!\u003c",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:54:53 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance hGOuo6Bwk46OZBM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_qpzdRxxvgOVJeJQ28592\u003e|,@~",
  "scope": "openid",
  "response_type": "code id_token token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "SBd1UtiGcawIMTcz_UDSI2hIwq3UAdREcngFtYu7Ys8",
  "nonce": "AFleVRoynxy-go7LFP8vhQICJ6_bjg5LbWT8ibk6Pzw",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:54:53 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:54:53 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:54:53 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_qpzdRxxvgOVJeJQ28592\u003e|,@~",
  "scope": "openid",
  "response_type": "code id_token token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "SBd1UtiGcawIMTcz_UDSI2hIwq3UAdREcngFtYu7Ys8",
  "nonce": "AFleVRoynxy-go7LFP8vhQICJ6_bjg5LbWT8ibk6Pzw",
  "response_mode": "form_post"
}
2020-09-01 12:54:53 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:54:53 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
AFleVRoynxy-go7LFP8vhQICJ6_bjg5LbWT8ibk6Pzw
2020-09-01 12:54:53 SUCCESS
EnsureResponseTypeIsCodeIdTokenToken
Response type is expected value
expected
code id_token token
2020-09-01 12:54:53 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_qpzdRxxvgOVJeJQ28592>|,@~
2020-09-01 12:54:53 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:54:53 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:54:53 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:54:53 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
tHGCNRSTdz
2020-09-01 12:54:53 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
WqOwMKdvQd4Z3hTDwkkkzA
2020-09-01 12:54:53 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
CFECHbLCXwHvazJ7HU7JOhLhzNNh1OEeJ5oOyRNK8Hkd73nCgd
2020-09-01 12:54:53 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
64N124j9os_jyeGDvrki1w
2020-09-01 12:54:53 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/
sub
user-subject-1234531
aud
client_qpzdRxxvgOVJeJQ28592>|,@~
nonce
AFleVRoynxy-go7LFP8vhQICJ6_bjg5LbWT8ibk6Pzw
iat
1598964893
exp
1598965193
2020-09-01 12:54:53 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
WqOwMKdvQd4Z3hTDwkkkzA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/",
  "sub": "user-subject-1234531",
  "aud": "client_qpzdRxxvgOVJeJQ28592\u003e|,@~",
  "nonce": "AFleVRoynxy-go7LFP8vhQICJ6_bjg5LbWT8ibk6Pzw",
  "iat": 1598964893,
  "exp": 1598965193,
  "c_hash": "WqOwMKdvQd4Z3hTDwkkkzA"
}
2020-09-01 12:54:53 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
64N124j9os_jyeGDvrki1w
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/",
  "sub": "user-subject-1234531",
  "aud": "client_qpzdRxxvgOVJeJQ28592\u003e|,@~",
  "nonce": "AFleVRoynxy-go7LFP8vhQICJ6_bjg5LbWT8ibk6Pzw",
  "iat": 1598964893,
  "exp": 1598965193,
  "c_hash": "WqOwMKdvQd4Z3hTDwkkkzA",
  "at_hash": "64N124j9os_jyeGDvrki1w"
}
2020-09-01 12:54:53 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI2MDFhYTgwNS0zYTk5LTQyMWItOTdiNi04ZGJiMzI0YTU4YWMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiNjROMTI0ajlvc19qeWVHRHZya2kxdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FwemRSeHh2Z09WSmVKUTI4NTkyPnwsQH4iLCJjX2hhc2giOiJXcU93TUtkdlFkNFozaFREd2tra3pBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2hHT3VvNkJ3azQ2T1pCTVwvIiwiZXhwIjoxNTk4OTY1MTkzLCJub25jZSI6IkFGbGVWUm95bnh5LWdvN0xGUDh2aFFJQ0o2X2JqZzVMYldUOGliazZQenciLCJpYXQiOjE1OTg5NjQ4OTN9.bqY0AxZKbEyU8WlKTx5lkPysyQkxRe6JtnpIjyqfY7OPSVOcI-lcXvJmjsDBKmFBUNeczygdXoafXFxLSN_sllwsMMnCzyOvM6j-8QX2ck9F09gRfLyrmq0CNu2ujXuPzowm0H9ySy9vIS3R5r69IRfxqLii2BB_FT4PCP6oL_h5HOmDMFrDicLLekM71XvgPp7vLenCXGfVFLd2tGUzMYLlgEFsd38gO17Ne8w9nhKkoxpvMEvI6VnVxrwgS1mrqBNa1YJ4AJ3RcH012WWDZ0--4X1V5ln9TRMbZhGGRgRwCPVjbN9SKlexPj5Atov3hAXfSCvO9Olu-4a_VNq9Hg
key
{"p":"5sWENMH-NVVlp-9Aa-V8lX5OI4nZXOEcfhRSTkVdF1abseNaIjg8bBO8Cv5kbSanBUQbDunXU_uazPxcvMbx2FkQUMe5jefuxvXjXlqXAbjwF5KcSSynO32oWhKtDNOKTpmqS1F-zirk7ZPFNNAEO9QxU8HaCueayprigmePzvE","kty":"RSA","q":"rK6eyB3wwWrK_hm_YIqa286YsuuG0i-0gAm46IoVS70UcrmwTGnUwtKDnzw0V0i1pBnlZ0bCMDEy1Lm6qFZgr7bTeNxUemQQQwwO47vr--ggOEjdh6HIyirDEFE7xBJa1RvzalDyS5sCwYTC4blApqPwbbFosIrY--Rl-3H0fAU","d":"dAgbmpOv_oIz2jyyPNW_G3IIzoFQlAO4YTnK70qU77vJ5hdnZbk5YBRAgL0zFjAP7_SVezSoodp97jC_DyAW8-zHHUJ-psBBJOEf74NQS0GWKzXp1cKBp_iNP4Y1vr2kK_u9ou2P_oNUL0nUAXEE2fy6HODxO8fIamHI2xsJrIJsZLtcL7ReoN17trgQl3DjrDmK_52D3HTLiPxmeEFAsKOvvg3L1TH8vdY5jAhVrPzAxf4sb_IPOOr_qdWMPCfrUcrdXb1xazQRF50MbgBsu18asylEIBeip21TVjStP2MXY-Q2x1oEoG9FUqsjWvcLWN7lB51xdINKcIfKoJ5_QQ","e":"AQAB","use":"sig","kid":"601aa805-3a99-421b-97b6-8dbb324a58ac","qi":"bBxrKuTO7pQ90r0l1hvqx8l57lh0hlmSYqOtPsSwTRua6fzLcC5r7E7AzU8E5lkb7tYj-ZBMFLpjGovtYzUnEGH5-2sHoy5yoCznHZyjzm3ICTHArVxYBASXCYuwxNyQxH5d-VeONaiESEW0PkRCwQprgi2CnWjSxo6ggwgfEbE","dp":"jpQcMahl0jfX3eEBEWixB4AI8QYbSLpAq1kM3RUYBfJZsZeBOcE6-59ZwAUasSF_cc55VUZ-5oF-TAXjmjLke0HTxcUQTK-upDiJaONZhxPnKvlHHCK9lBD38ea2CkWsnxFr2KsaSHDSDkMNRar74qcgbtpHSBN-XI1DQ0SO4lE","dq":"AleoDbziPC1vrXy57NxUd3DY_2xUettszmPTX0woN8vL0DaWnqK84Rur72gIqbpxxFUZmIoMLk0sjFgsoQXy789CFRygBL0Av3gVZ59v9w3SChFq9-EI8T0dQkZn0iQRmVx0s9d_QelLY0aiwh8aMmh85XAHpIVtphUWERAdqeU","n":"m6oeNZsX5xEsvWRPOOfbaDjpjt7OveIUSRAay3OkQ0UX09yKZSIK1WNd4y0VHEcycx0o9prKc2ZpmR-fPXiRHjBNG5lpuLwm07buiXkvDof0XtTG93xw-b_PqafqRIfzrttXWyyIYJEnJ4oAvYUlH4o3e8ojtkh0hDeLZQzxVGdZiuOpfUu8orqcbN69Be7-CbBsHYnU_jy9sL_JKxmz-QgwfKRbyzATPqjjs7Ukh8YryiCRGEVfJrsSubVY1FWllHKC71kmRS5V4c1jAjBE7I_JIJzSvJvAitD6oWlALxxfVbwzqhuDkbMJkkpASt5B_xxaLgrZQ85PB8FqTL_GtQ"}
algorithm
RS256
2020-09-01 12:54:53 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:54:53 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "SBd1UtiGcawIMTcz_UDSI2hIwq3UAdREcngFtYu7Ys8"
}
2020-09-01 12:54:53 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "SBd1UtiGcawIMTcz_UDSI2hIwq3UAdREcngFtYu7Ys8",
  "code": "tHGCNRSTdz"
}
2020-09-01 12:54:53 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "SBd1UtiGcawIMTcz_UDSI2hIwq3UAdREcngFtYu7Ys8",
  "code": "tHGCNRSTdz",
  "id_token": "eyJraWQiOiI2MDFhYTgwNS0zYTk5LTQyMWItOTdiNi04ZGJiMzI0YTU4YWMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiNjROMTI0ajlvc19qeWVHRHZya2kxdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FwemRSeHh2Z09WSmVKUTI4NTkyPnwsQH4iLCJjX2hhc2giOiJXcU93TUtkdlFkNFozaFREd2tra3pBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2hHT3VvNkJ3azQ2T1pCTVwvIiwiZXhwIjoxNTk4OTY1MTkzLCJub25jZSI6IkFGbGVWUm95bnh5LWdvN0xGUDh2aFFJQ0o2X2JqZzVMYldUOGliazZQenciLCJpYXQiOjE1OTg5NjQ4OTN9.bqY0AxZKbEyU8WlKTx5lkPysyQkxRe6JtnpIjyqfY7OPSVOcI-lcXvJmjsDBKmFBUNeczygdXoafXFxLSN_sllwsMMnCzyOvM6j-8QX2ck9F09gRfLyrmq0CNu2ujXuPzowm0H9ySy9vIS3R5r69IRfxqLii2BB_FT4PCP6oL_h5HOmDMFrDicLLekM71XvgPp7vLenCXGfVFLd2tGUzMYLlgEFsd38gO17Ne8w9nhKkoxpvMEvI6VnVxrwgS1mrqBNa1YJ4AJ3RcH012WWDZ0--4X1V5ln9TRMbZhGGRgRwCPVjbN9SKlexPj5Atov3hAXfSCvO9Olu-4a_VNq9Hg"
}
2020-09-01 12:54:53
AddTokenToAuthorizationEndpointResponseParams
Added token and token_type to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "SBd1UtiGcawIMTcz_UDSI2hIwq3UAdREcngFtYu7Ys8",
  "code": "tHGCNRSTdz",
  "id_token": "eyJraWQiOiI2MDFhYTgwNS0zYTk5LTQyMWItOTdiNi04ZGJiMzI0YTU4YWMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiNjROMTI0ajlvc19qeWVHRHZya2kxdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FwemRSeHh2Z09WSmVKUTI4NTkyPnwsQH4iLCJjX2hhc2giOiJXcU93TUtkdlFkNFozaFREd2tra3pBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2hHT3VvNkJ3azQ2T1pCTVwvIiwiZXhwIjoxNTk4OTY1MTkzLCJub25jZSI6IkFGbGVWUm95bnh5LWdvN0xGUDh2aFFJQ0o2X2JqZzVMYldUOGliazZQenciLCJpYXQiOjE1OTg5NjQ4OTN9.bqY0AxZKbEyU8WlKTx5lkPysyQkxRe6JtnpIjyqfY7OPSVOcI-lcXvJmjsDBKmFBUNeczygdXoafXFxLSN_sllwsMMnCzyOvM6j-8QX2ck9F09gRfLyrmq0CNu2ujXuPzowm0H9ySy9vIS3R5r69IRfxqLii2BB_FT4PCP6oL_h5HOmDMFrDicLLekM71XvgPp7vLenCXGfVFLd2tGUzMYLlgEFsd38gO17Ne8w9nhKkoxpvMEvI6VnVxrwgS1mrqBNa1YJ4AJ3RcH012WWDZ0--4X1V5ln9TRMbZhGGRgRwCPVjbN9SKlexPj5Atov3hAXfSCvO9Olu-4a_VNq9Hg",
  "access_token": "CFECHbLCXwHvazJ7HU7JOhLhzNNh1OEeJ5oOyRNK8Hkd73nCgd",
  "token_type": "Bearer"
}
2020-09-01 12:54:53 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance hGOuo6Bwk46OZBM
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"SBd1UtiGcawIMTcz_UDSI2hIwq3UAdREcngFtYu7Ys8","code":"tHGCNRSTdz","id_token":"eyJraWQiOiI2MDFhYTgwNS0zYTk5LTQyMWItOTdiNi04ZGJiMzI0YTU4YWMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiNjROMTI0ajlvc19qeWVHRHZya2kxdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FwemRSeHh2Z09WSmVKUTI4NTkyPnwsQH4iLCJjX2hhc2giOiJXcU93TUtkdlFkNFozaFREd2tra3pBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2hHT3VvNkJ3azQ2T1pCTVwvIiwiZXhwIjoxNTk4OTY1MTkzLCJub25jZSI6IkFGbGVWUm95bnh5LWdvN0xGUDh2aFFJQ0o2X2JqZzVMYldUOGliazZQenciLCJpYXQiOjE1OTg5NjQ4OTN9.bqY0AxZKbEyU8WlKTx5lkPysyQkxRe6JtnpIjyqfY7OPSVOcI-lcXvJmjsDBKmFBUNeczygdXoafXFxLSN_sllwsMMnCzyOvM6j-8QX2ck9F09gRfLyrmq0CNu2ujXuPzowm0H9ySy9vIS3R5r69IRfxqLii2BB_FT4PCP6oL_h5HOmDMFrDicLLekM71XvgPp7vLenCXGfVFLd2tGUzMYLlgEFsd38gO17Ne8w9nhKkoxpvMEvI6VnVxrwgS1mrqBNa1YJ4AJ3RcH012WWDZ0--4X1V5ln9TRMbZhGGRgRwCPVjbN9SKlexPj5Atov3hAXfSCvO9Olu-4a_VNq9Hg","access_token":"CFECHbLCXwHvazJ7HU7JOhLhzNNh1OEeJ5oOyRNK8Hkd73nCgd","token_type":"Bearer"}}]
outgoing_path
authorize
2020-09-01 12:54:53 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance hGOuo6Bwk46OZBM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:54:53 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance hGOuo6Bwk46OZBM
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "601aa805-3a99-421b-97b6-8dbb324a58ac",
      "n": "m6oeNZsX5xEsvWRPOOfbaDjpjt7OveIUSRAay3OkQ0UX09yKZSIK1WNd4y0VHEcycx0o9prKc2ZpmR-fPXiRHjBNG5lpuLwm07buiXkvDof0XtTG93xw-b_PqafqRIfzrttXWyyIYJEnJ4oAvYUlH4o3e8ojtkh0hDeLZQzxVGdZiuOpfUu8orqcbN69Be7-CbBsHYnU_jy9sL_JKxmz-QgwfKRbyzATPqjjs7Ukh8YryiCRGEVfJrsSubVY1FWllHKC71kmRS5V4c1jAjBE7I_JIJzSvJvAitD6oWlALxxfVbwzqhuDkbMJkkpASt5B_xxaLgrZQ85PB8FqTL_GtQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "85f93f6f-9aed-41dc-9e92-86f4ce6ca5d4",
      "n": "jya7X2ulGikDksKDqaMFZXvEDHBujFK6YoF69RZ1RMjkg2a8si7dT-DwBc_CVJm812FWITbgjAFMKwD1lCUYix3h32CbUpXbEhiXoUlEUhvnF8bzHUwmtOEMUOPdvxjWQmwuiU6yJh0_Hcma8PAhc70meaPpB5vBuiT2pY9lo58fwyoGs7KG8BOV6uFt3RUmQa-0h0XYyRmzWX3NJ8TEy5AxLyUxLbgFCa3iXfPUThm7jG_7o0mQljLEljMlkQRiTRppimQ1qilgnstTX9suk_GEGEAlWS84bAKaDLsQbAt8D0C-9U1Two--GruipOCYsTHAEs4YMCQzHAVjXhNKkw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "f6388efd-7446-4213-8246-81df24ac096b",
      "x": "F17-qTgDiIejxhqIJOVWKCYe8HuZ6WQLu7zSJ7i4tEY",
      "y": "QmqRIXJeVnRQXeMyc9XXRTh4NPZzjkmyz2xq2I6a46c"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "f1cfa2ee-a6fc-4484-9110-c6c41c11fafc",
      "x": "dKik_3uiAWKcyuzJqdQuPuaOg7V4usT_Wpzrw6buvr8",
      "y": "H8bpTzoTDxzzanXMsvDAARLXxemMWZ2I05LAPNXpk9k"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "ea1cc8f5-8302-49ac-947f-0ddcf7cebc11",
      "x": "rbmn_H3wTzcEj1oE-EyDUIf--E94VtktUr7Drrbq_ws",
      "y": "KW9IVQyK0fTEK5jr7XVU5N2xdq_0r3W2sHVkuLMUMEI"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "fc63e2f5-8ae5-4111-b703-9e1326d2d9b7",
      "x": "tg_nZvtIbJoL2QHveTuK2FDXI0kjpR5eAteQI-1i2oE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "5e04db8a-97a8-4563-95c7-0a1b2aebeb4e",
      "alg": "RSA-OAEP",
      "n": "uSehwWAKM1I7rfPSsLwK7n__W9QMKG8G5bz2WmXTpzW1DRiO_bFl6M17TeeC0o8RmVbWHshO34P7OMpgtuVW2uHYDlZxGOzS5S_DRFP0QsYU8450pV3kw5OU2fyygo_CKMggLIdJIXu6HC57S3ojE7Pv1hNrl6ligyMQJJ6pKsctBUs6QsHBZObMe7zXdg9Gh5rgRmdnC2c-VNpMPlx1ycnrVurd32vK9g7zE5vY37pdz2hvWQ_003QuCxJd-0A_FHNkMFPEJ8rWJ1EcPw4EE_6h8bhd2HsXJHWlwkwqGfng9ygKCsweRfCzQb0cDcTnojGbD7lE2sWzHealtd_7cw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "2d2d036b-2e5c-4d16-a927-b9caadf0d073",
      "x": "9SH8hkabbCUeuwZyAUsexrbIvd0nf43oN2BYTupE8Ho",
      "y": "NNdYBORMnvNWYRwH37Qf22vk84b4MigVmEsGeQe6AHA",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:54:53 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance hGOuo6Bwk46OZBM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X3FwemRSeHh2Z09WSmVKUTI4NTkyJTNFJTdDJTJDJTQwfjpzZWNyZXRfVGNCRmZWVmdmeXJOTGRPZXlYY0tTRFh2TVF6WENjYVBvRGxpZ05EbXlxU0J4Z1FNREc1MDQ1NzQ1NzczJTQwJTdDJTVEISUzQw\u003d\u003d",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "tHGCNRSTdz",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=tHGCNRSTdz&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:54:53 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_qpzdRxxvgOVJeJQ28592>|,@~
client_secret
secret_TcBFfVVgfyrNLdOeyXcKSDXvMQzXCcaPoDligNDmyqSBxgQMDG5045745773@|]!<
method
client_secret_basic
2020-09-01 12:54:53 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:54:53 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
tHGCNRSTdz
2020-09-01 12:54:53 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:54:53 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
mLkyLQy7fMmtoNgYTd2SJpDmeeJ1XRThOHMCis9ZMp1x6cqLsA
2020-09-01 12:54:53 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
O2hib29BCcmrvfAVppi7og
2020-09-01 12:54:53 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/
sub
user-subject-1234531
aud
client_qpzdRxxvgOVJeJQ28592>|,@~
nonce
AFleVRoynxy-go7LFP8vhQICJ6_bjg5LbWT8ibk6Pzw
iat
1598964893
exp
1598965193
2020-09-01 12:54:53 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
O2hib29BCcmrvfAVppi7og
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/hGOuo6Bwk46OZBM/",
  "sub": "user-subject-1234531",
  "aud": "client_qpzdRxxvgOVJeJQ28592\u003e|,@~",
  "nonce": "AFleVRoynxy-go7LFP8vhQICJ6_bjg5LbWT8ibk6Pzw",
  "iat": 1598964893,
  "exp": 1598965193,
  "at_hash": "O2hib29BCcmrvfAVppi7og"
}
2020-09-01 12:54:53 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI2MDFhYTgwNS0zYTk5LTQyMWItOTdiNi04ZGJiMzI0YTU4YWMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTzJoaWIyOUJDY21ydmZBVnBwaTdvZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FwemRSeHh2Z09WSmVKUTI4NTkyPnwsQH4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvaEdPdW82QndrNDZPWkJNXC8iLCJleHAiOjE1OTg5NjUxOTMsIm5vbmNlIjoiQUZsZVZSb3lueHktZ283TEZQOHZoUUlDSjZfYmpnNUxiV1Q4aWJrNlB6dyIsImlhdCI6MTU5ODk2NDg5M30.Eq1epF4nJItwVlYwMfOaSADMt3byzMPZ0atcztjv1eo8uiPpoOXCTkVTom62dBx1KudB6QpHX85_k59SBRgAWr88hRTMywkMBrnawGqKSWIjup2lDI05HamOfqp4HOq4lk5TE-cqKp4lDuRgaGcoomDbG-GOrKnnR8PIhOfuyazBnERLjUgIwr_DRDFetlYxJ9WGhjBRcz7HP2Jkfg3EFRbzlk5Xd6ccW_9mUDxB9kYLTJ0g7b0jAHoEIYiwKUh_xKO6xRiddL6e3lR88byZ_JXhzj8E9bg1GIbNeDHxumP-b3TX-4szBZ9yjNfoAkONxpdSuSQfxrINH_cJzfa7wg
key
{"p":"5sWENMH-NVVlp-9Aa-V8lX5OI4nZXOEcfhRSTkVdF1abseNaIjg8bBO8Cv5kbSanBUQbDunXU_uazPxcvMbx2FkQUMe5jefuxvXjXlqXAbjwF5KcSSynO32oWhKtDNOKTpmqS1F-zirk7ZPFNNAEO9QxU8HaCueayprigmePzvE","kty":"RSA","q":"rK6eyB3wwWrK_hm_YIqa286YsuuG0i-0gAm46IoVS70UcrmwTGnUwtKDnzw0V0i1pBnlZ0bCMDEy1Lm6qFZgr7bTeNxUemQQQwwO47vr--ggOEjdh6HIyirDEFE7xBJa1RvzalDyS5sCwYTC4blApqPwbbFosIrY--Rl-3H0fAU","d":"dAgbmpOv_oIz2jyyPNW_G3IIzoFQlAO4YTnK70qU77vJ5hdnZbk5YBRAgL0zFjAP7_SVezSoodp97jC_DyAW8-zHHUJ-psBBJOEf74NQS0GWKzXp1cKBp_iNP4Y1vr2kK_u9ou2P_oNUL0nUAXEE2fy6HODxO8fIamHI2xsJrIJsZLtcL7ReoN17trgQl3DjrDmK_52D3HTLiPxmeEFAsKOvvg3L1TH8vdY5jAhVrPzAxf4sb_IPOOr_qdWMPCfrUcrdXb1xazQRF50MbgBsu18asylEIBeip21TVjStP2MXY-Q2x1oEoG9FUqsjWvcLWN7lB51xdINKcIfKoJ5_QQ","e":"AQAB","use":"sig","kid":"601aa805-3a99-421b-97b6-8dbb324a58ac","qi":"bBxrKuTO7pQ90r0l1hvqx8l57lh0hlmSYqOtPsSwTRua6fzLcC5r7E7AzU8E5lkb7tYj-ZBMFLpjGovtYzUnEGH5-2sHoy5yoCznHZyjzm3ICTHArVxYBASXCYuwxNyQxH5d-VeONaiESEW0PkRCwQprgi2CnWjSxo6ggwgfEbE","dp":"jpQcMahl0jfX3eEBEWixB4AI8QYbSLpAq1kM3RUYBfJZsZeBOcE6-59ZwAUasSF_cc55VUZ-5oF-TAXjmjLke0HTxcUQTK-upDiJaONZhxPnKvlHHCK9lBD38ea2CkWsnxFr2KsaSHDSDkMNRar74qcgbtpHSBN-XI1DQ0SO4lE","dq":"AleoDbziPC1vrXy57NxUd3DY_2xUettszmPTX0woN8vL0DaWnqK84Rur72gIqbpxxFUZmIoMLk0sjFgsoQXy789CFRygBL0Av3gVZ59v9w3SChFq9-EI8T0dQkZn0iQRmVx0s9d_QelLY0aiwh8aMmh85XAHpIVtphUWERAdqeU","n":"m6oeNZsX5xEsvWRPOOfbaDjpjt7OveIUSRAay3OkQ0UX09yKZSIK1WNd4y0VHEcycx0o9prKc2ZpmR-fPXiRHjBNG5lpuLwm07buiXkvDof0XtTG93xw-b_PqafqRIfzrttXWyyIYJEnJ4oAvYUlH4o3e8ojtkh0hDeLZQzxVGdZiuOpfUu8orqcbN69Be7-CbBsHYnU_jy9sL_JKxmz-QgwfKRbyzATPqjjs7Ukh8YryiCRGEVfJrsSubVY1FWllHKC71kmRS5V4c1jAjBE7I_JIJzSvJvAitD6oWlALxxfVbwzqhuDkbMJkkpASt5B_xxaLgrZQ85PB8FqTL_GtQ"}
algorithm
RS256
2020-09-01 12:54:53 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:54:53 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
mLkyLQy7fMmtoNgYTd2SJpDmeeJ1XRThOHMCis9ZMp1x6cqLsA
token_type
Bearer
id_token
eyJraWQiOiI2MDFhYTgwNS0zYTk5LTQyMWItOTdiNi04ZGJiMzI0YTU4YWMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTzJoaWIyOUJDY21ydmZBVnBwaTdvZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FwemRSeHh2Z09WSmVKUTI4NTkyPnwsQH4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvaEdPdW82QndrNDZPWkJNXC8iLCJleHAiOjE1OTg5NjUxOTMsIm5vbmNlIjoiQUZsZVZSb3lueHktZ283TEZQOHZoUUlDSjZfYmpnNUxiV1Q4aWJrNlB6dyIsImlhdCI6MTU5ODk2NDg5M30.Eq1epF4nJItwVlYwMfOaSADMt3byzMPZ0atcztjv1eo8uiPpoOXCTkVTom62dBx1KudB6QpHX85_k59SBRgAWr88hRTMywkMBrnawGqKSWIjup2lDI05HamOfqp4HOq4lk5TE-cqKp4lDuRgaGcoomDbG-GOrKnnR8PIhOfuyazBnERLjUgIwr_DRDFetlYxJ9WGhjBRcz7HP2Jkfg3EFRbzlk5Xd6ccW_9mUDxB9kYLTJ0g7b0jAHoEIYiwKUh_xKO6xRiddL6e3lR88byZ_JXhzj8E9bg1GIbNeDHxumP-b3TX-4szBZ9yjNfoAkONxpdSuSQfxrINH_cJzfa7wg
scope
openid
2020-09-01 12:54:53 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance hGOuo6Bwk46OZBM
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "mLkyLQy7fMmtoNgYTd2SJpDmeeJ1XRThOHMCis9ZMp1x6cqLsA",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiI2MDFhYTgwNS0zYTk5LTQyMWItOTdiNi04ZGJiMzI0YTU4YWMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTzJoaWIyOUJDY21ydmZBVnBwaTdvZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FwemRSeHh2Z09WSmVKUTI4NTkyPnwsQH4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvaEdPdW82QndrNDZPWkJNXC8iLCJleHAiOjE1OTg5NjUxOTMsIm5vbmNlIjoiQUZsZVZSb3lueHktZ283TEZQOHZoUUlDSjZfYmpnNUxiV1Q4aWJrNlB6dyIsImlhdCI6MTU5ODk2NDg5M30.Eq1epF4nJItwVlYwMfOaSADMt3byzMPZ0atcztjv1eo8uiPpoOXCTkVTom62dBx1KudB6QpHX85_k59SBRgAWr88hRTMywkMBrnawGqKSWIjup2lDI05HamOfqp4HOq4lk5TE-cqKp4lDuRgaGcoomDbG-GOrKnnR8PIhOfuyazBnERLjUgIwr_DRDFetlYxJ9WGhjBRcz7HP2Jkfg3EFRbzlk5Xd6ccW_9mUDxB9kYLTJ0g7b0jAHoEIYiwKUh_xKO6xRiddL6e3lR88byZ_JXhzj8E9bg1GIbNeDHxumP-b3TX-4szBZ9yjNfoAkONxpdSuSQfxrINH_cJzfa7wg",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:54:54 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance hGOuo6Bwk46OZBM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer mLkyLQy7fMmtoNgYTd2SJpDmeeJ1XRThOHMCis9ZMp1x6cqLsA",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:54:54 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
mLkyLQy7fMmtoNgYTd2SJpDmeeJ1XRThOHMCis9ZMp1x6cqLsA
2020-09-01 12:54:54 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
mLkyLQy7fMmtoNgYTd2SJpDmeeJ1XRThOHMCis9ZMp1x6cqLsA
2020-09-01 12:54:54 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:54:54
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:54:54 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:54:54 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:54:54 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:54:54 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance hGOuo6Bwk46OZBM
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531"
}
outgoing_path
userinfo
2020-09-01 12:54:54 FINISHED
oidcc-client-test-nonce-unless-code-flow
Test has run to completion
testmodule_result
PASSED
Test Results