Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:50:57 INFO
TEST-RUNNER
Test instance d4TRXUjEO7EGkPH created
baseUrl
https://www.certification.openid.net/test/d4TRXUjEO7EGkPH
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "id_token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
2AWaC6uTX8byR
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-nonce-unless-code-flow
2020-09-01 12:50:57 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/",
  "authorization_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/token",
  "jwks_uri": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:50:57
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/",
  "authorization_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/token",
  "jwks_uri": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:50:57
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "8dwastzXAVVvbULgfTO4f76E59EPbPSKHYZxduaGAxe8paHUU4ZCjkXDxtcYIFMJo1dGppy-z-3eAulDwK2r0Qy7M5aI_ZWCnDhJSqoGC7ItVDKtQGDCjZmnLNb22jA7blatFzqJ9NofqA73CY5aJ1h3HfRxd8fi_NecAyicyM0",
      "kty": "RSA",
      "q": "7vxl0b8lyh4LQnOBx31oJi-LjKNuPrfgmh4ge9Ct1H-uoAeSe2i_zquq6UNFfU0MrRHQbDxW4pGgl1E01lshEd3POZohyfbGSFlMC8OqJ-pwvfmotiLzGvi-UcPDAV0f0BTFB2CR4S_CCAtQ4tpZAFZMUGr3g3txeTYuTWfcOt8",
      "d": "N-CG8CPY6n7B1cZVkyRivgHRT3nyK6YbXeGYoFewrvdjgSdgPtOHUnhqnBR4JtsMhmvW8Z-MIV3Mb3Dgz6lxjRoJA8nYRVl92Hq1nAHMlatxMm0pKKHkpezXHKWKfGobSlV3W_XwK2PuHL_MG4uWyEh7RDBYiYyOYscFX1hh1Qdh_zF_UnWXqv5YQva3nany_yQDLcZkU1x10ugWDEClPr5eznwEl_74YJRIiIxXv21VcTU-ayTaq3Bu_0WAkwe7Nnarfvu5qiROW-kov4YDNCMfexKpx-lLY1zKZLhldjjW0nf5PVAX9QyGGzBaFpOftaAw3i8UwUUplNjABTOyeQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "6c1a06b3-0767-4ef0-b94d-c2d909158759",
      "qi": "mpFG-o7cUn4lqZdwevGVhK7ohirsw9tx3R7A1OMlZdAhD8Yjy2y7LgacVPsSl8V3RVNZItFXfJfVDNVG4KiNWLs0cClpVzOEbk9gskKdO7Tuh-O9X2UG-GU2ifvGNl4Fv_30iY3Kne7j0jl3s6l5mBAlU04zxAr2OxIxu9Gijng",
      "dp": "HTl6ZGh49mlLaIlvNNG-Fnl_9770PTcjRUQMi9B5GwCQQ_dU_662dhiJ-ondGXLPNFSEbfd8uwVEEVf8XtjdbQo7yJUFApdBS_0lJgd7aYhjH8xr0N6gQ5nwcGOdOmoflEqW6bqiFtsQfi8ovJfd3uk6o3z5BP87N1AaQutyXnU",
      "dq": "mlOxKLZoH9Iw8TOH_hv0spwHYMV0_tldGAkWbv4-Erh1OvBI3pqxKjPfRYzkhdrIscaMMijw7pSeALk3BqmIfHIhTJBE-5f5SWUo33v2GJqjPXrIQP3mwWcZ99ETz4Ckd4nCBlaNPb7KbMlp7WSVDsursk6xEV4Y0-5yDhhgtj8",
      "n": "4ckVrpEyj7k63eS_Iq0-LeCEGb9oDqbiT2iTpGUYvms2SiKm7y-_sjZol6NB0wDLkre3GejDGqhxeYKFgl0c6LZOeZz47o4TEQomhi-VCh4xTpgOXDHlw6JSov7VhlCmv6km3elOAm6rVG1NOHRVOzm_E0wzW_2JY4pBCSKR1aF8b_Dsd5KSGff3uUWhLRZ-ZH3Pqsv16tbLA_uS2WbI6yWYOa4S-n45xPKkwG0_G3zID7txHaucP02Fb6_ItwNAC2q3Rkdh4aTXoRdkXFaDSqQIAuvEJCORIJTHiMrH6TE2O5HfTQvqEhjKye6bPyrtng_5sBTB4MoUstUj8T1ckw"
    },
    {
      "kty": "EC",
      "d": "M2N6UD5pPSnSiZg_XgiHwgAkyncSyfKQsM__jnCrXC4",
      "use": "sig",
      "crv": "P-256",
      "kid": "0333ebc7-14b5-4a4c-acff-e8efc8b4b8f1",
      "x": "3udD02x0nOulVlQw9oJcTfD_1k40uB1YlMtDZBR7qLE",
      "y": "HIZ7u2Z2RN-oxrCOFIBHpCZanGbE8H6h7uA8lBCix34"
    },
    {
      "kty": "EC",
      "d": "eoARtiWswIhVbcMTT05b4AOKKCFtCpyqZQ-Xk7FXdyQ",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "a142d6e4-0328-4fce-8437-9b7c85dafea4",
      "x": "UqmjIcgJHgkIGkr9Yhqv94vUKWkzxw67u2Eu478D-l8",
      "y": "mOcCx__Aq1PszUtv8FFFdTcUdCA1UtnjsYjXdxIdOFU"
    },
    {
      "kty": "OKP",
      "d": "icGhghq_TI8LJpc3MWjmZ6co1C--fK49tx6DkRGp9hI",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "88b61cec-120a-49cb-88b6-ccd65e875aaf",
      "x": "tLDmgKyXGAzUcgVLjXHq6sIYsljSgKD7H5miLE3VG68"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "y_i8pnocRdAJN9-35wLmI3MW739NMckmuQeU75RkHWlN35zC0ibwDoABgn5GmBrxFELXqdfZwdMz5Q7rttpyc_ELHA5_iy5GL-3YfQj41xMpz-4FOc85RFOX-TsAVhqZARmeNPK6oc6UjNfBi_jmPacJ_OaE3cOsICFWjgEPBIs",
      "kty": "RSA",
      "q": "s9rqFagUVt1GjZ2XTctUYRTWGpQRyvUjNLt-7KSn7dAv6kq2A07QkZV4enJFHLZGmExt_jHoZF_0heDsIG7a_nYBjD8qYrSpiTYBvE2MGo07B2sGS4aVkrA3Gtr4S7vGvMCqr7Y_z3Ucdnyt0QBCfkaUrLzL16oPNGNvYRRg-KU",
      "d": "DeeMUyXPN9ub3JJt7nAu0JcqqznF65tglJr4qMB7m5MY1PMrZyM8bx-YslHronAupgRKBo8_yGtadoGy3xX9OeU5BZoHJEoVfqARaoqz8LZnAu-9lw69mupfsgyl89GgSnIH6j30_UaDyjdRjtK9w0KZz1KDjQ92t7wd_XpWPYFfLVV2hj451RMOhsGPAaOagnNEUWi7kF8tcRvjwIFrqGr-rCzu8C_mRvsf-o62AbdEjai6u7HShquFlBBwGK5XFR_YteiI8LWgvWeM23t4NXRMvD2653ErnTmdtJe295a67t2jPdePuM6aY2AKfDBpGJSlut98WjojwqiJVwy_WQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "8e31f9f9-711d-4107-8c35-cd291de3be14",
      "qi": "Qm9vibsbLooZHkdUPcflpdD7GvAMBvrqrjltDL5hPCCIxCZuoz_WKZqvTYkkE0XalOR8V5vIAEJH99BB1FIiKX3On1k2na4DulfVy88Y9eluVo44UOEtRQsZ5jQ_jo8dh_hSVCNpuWAzP9vP5ygawS7OV0cAKbtDW9-qDwzzqQU",
      "dp": "vn4BAaFNQk32Lf576_2jHTxhES9c0sA_r9JK4C1ACs_L8Kigsk-3JnOZ9VslZuzSdc-vRmnWbtRmxOfYcB83gNx_Oaa4qy1-U0jYRH3amFLHW--5ZbIIk61WY2cc-00_0-0u-dgvQOqDhb4CfkzoCnA0PcK0F8CkwiUghuKqOd0",
      "alg": "RSA-OAEP",
      "dq": "kwLQrk0J-wq5vc3fvA4Edaoza9w2QwBm-5Z6o_He9etjDw5sgn2szCMyLFw1E8gGIjzu94VR4KHyXHBCcixKww4wK7QB8Fad8XL8ri9w4s8oPeMEbT2gCxwQntn3dOgTBXwyyJeexvOCBXPaG-krcM4-fod_01PFQ9w3UVH4BaU",
      "n": "j01YO6ro1pugMYdoV9jrdZezxG-kG0Q-o_4eV-ODCrJb3tPZ7asJ4K46nLVmeIZYF6D-OPnatTTQSeuGIXLeTKtLRnQNnrSrNITaTYqgmwG4UHcvQTDcCS2OaMPQg7T2tAvZr3qih89pTchavzyxNyCxNlIpSZeP48XGqAy1zGEt-HkJVhzO5ASDazJfPtBxsUMFWjocJhAxARaNSwJO2fIEU0RNRbfeKCHSVYADlDKSeDc4N_8wZ6f2-jr2XscOdft17k19spG9NRgxAYH-GnnxqHPLbl5H9EdTdc1MBQ-b8HMWenj0mbxVVZRaxLLpIzFVrlB56nh2Feo0yzSVlw"
    },
    {
      "kty": "EC",
      "d": "R_ikOcH3r--TM08mdgx4H1L8mFVTZcloiDwzCOqRVss",
      "use": "enc",
      "crv": "P-256",
      "kid": "703a4c60-7c07-4b18-8f5f-26e6d8fdcd18",
      "x": "sl7gd5lvbpqcNQQALz-03Emc-F7mD8M_1V3lcy9SBXE",
      "y": "WUQKBVtP0dNLq4_2lcgb8tE_S_czC7wA61LrEt-3utE",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "6c1a06b3-0767-4ef0-b94d-c2d909158759",
      "n": "4ckVrpEyj7k63eS_Iq0-LeCEGb9oDqbiT2iTpGUYvms2SiKm7y-_sjZol6NB0wDLkre3GejDGqhxeYKFgl0c6LZOeZz47o4TEQomhi-VCh4xTpgOXDHlw6JSov7VhlCmv6km3elOAm6rVG1NOHRVOzm_E0wzW_2JY4pBCSKR1aF8b_Dsd5KSGff3uUWhLRZ-ZH3Pqsv16tbLA_uS2WbI6yWYOa4S-n45xPKkwG0_G3zID7txHaucP02Fb6_ItwNAC2q3Rkdh4aTXoRdkXFaDSqQIAuvEJCORIJTHiMrH6TE2O5HfTQvqEhjKye6bPyrtng_5sBTB4MoUstUj8T1ckw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "3203a51a-e96f-4c8e-8547-a8b4f1160ee1",
      "n": "gOit5vX4SGjP4F_m_aI0nepyxZVjG--VIOMc-7XDmzBSOwK60UQb_BSyrUoJk6qZv57B4WkyusK2S3fS8loS0j1x-FWD_GBw1F5sl3YEN30ooOLk66qWOC9Q1g24sGW8ISDPc-V21AjOiMvJUBmNjAiwO-1idufLZlt2TacK74Sz0K4eZluqm4p9zst4ZEpb9K4ubUmZsmPZYLYYdc-A--hcP3JkxbQtHloItkUYOb0EZc753lFosQpZKRvDgi0Fgr4V-pKWvI2PE80TQ6MqfKPZJ7UazAQ2JRQdxHliwwh1ulhcNILrtZZjEBiOGhupTdjq014IrFZ0tb467V0Xew"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "0333ebc7-14b5-4a4c-acff-e8efc8b4b8f1",
      "x": "3udD02x0nOulVlQw9oJcTfD_1k40uB1YlMtDZBR7qLE",
      "y": "HIZ7u2Z2RN-oxrCOFIBHpCZanGbE8H6h7uA8lBCix34"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "66c50ce7-e821-45cf-932a-9adbdc139ba3",
      "x": "zrxu1SDm_YYcmBXxFbLp1IRHds1B-WnH32xUHAlG2W0",
      "y": "NZXrDicB8jBcisPDQrDvUFmnTHdGpoy0MGsDSW6l9cE"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "a142d6e4-0328-4fce-8437-9b7c85dafea4",
      "x": "UqmjIcgJHgkIGkr9Yhqv94vUKWkzxw67u2Eu478D-l8",
      "y": "mOcCx__Aq1PszUtv8FFFdTcUdCA1UtnjsYjXdxIdOFU"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "88b61cec-120a-49cb-88b6-ccd65e875aaf",
      "x": "tLDmgKyXGAzUcgVLjXHq6sIYsljSgKD7H5miLE3VG68"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "8e31f9f9-711d-4107-8c35-cd291de3be14",
      "alg": "RSA-OAEP",
      "n": "j01YO6ro1pugMYdoV9jrdZezxG-kG0Q-o_4eV-ODCrJb3tPZ7asJ4K46nLVmeIZYF6D-OPnatTTQSeuGIXLeTKtLRnQNnrSrNITaTYqgmwG4UHcvQTDcCS2OaMPQg7T2tAvZr3qih89pTchavzyxNyCxNlIpSZeP48XGqAy1zGEt-HkJVhzO5ASDazJfPtBxsUMFWjocJhAxARaNSwJO2fIEU0RNRbfeKCHSVYADlDKSeDc4N_8wZ6f2-jr2XscOdft17k19spG9NRgxAYH-GnnxqHPLbl5H9EdTdc1MBQ-b8HMWenj0mbxVVZRaxLLpIzFVrlB56nh2Feo0yzSVlw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "703a4c60-7c07-4b18-8f5f-26e6d8fdcd18",
      "x": "sl7gd5lvbpqcNQQALz-03Emc-F7mD8M_1V3lcy9SBXE",
      "y": "WUQKBVtP0dNLq4_2lcgb8tE_S_czC7wA61LrEt-3utE",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:50:57 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:50:57 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:50:57 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:50:57 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:50:57
oidcc-client-test-nonce-unless-code-flow
Setup Done
2020-09-01 12:50:58 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance d4TRXUjEO7EGkPH
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:50:58 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance d4TRXUjEO7EGkPH
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/",
  "authorization_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/token",
  "jwks_uri": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:50:58 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance d4TRXUjEO7EGkPH
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "155",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["id_token"],"grant_types":["implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:50:58 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:50:58 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:50:58 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "implicit"
]
response_types
[
  "id_token"
]
2020-09-01 12:50:58 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:50:58 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:50:58 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:50:58 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:50:58 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:50:58 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:50:58 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:50:58 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:50:58 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:50:58 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:50:58 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:50:58 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:50:58 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:50:58 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:50:58 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:50:58 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:50:58 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:50:58 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:50:58 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:50:58 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_WpTGgRdUoQDGdOj68791``.-$"
}
2020-09-01 12:50:58
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_GXYDaojdBuffzYZCqkauMPUgOmRdnwIqOHGWeAOQrKjJdwNJZi7787398198")@'+
2020-09-01 12:50:58 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:50:58 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_WpTGgRdUoQDGdOj68791``.-$",
  "client_secret": "secret_GXYDaojdBuffzYZCqkauMPUgOmRdnwIqOHGWeAOQrKjJdwNJZi7787398198\")@\u0027+"
}
2020-09-01 12:50:58 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:50:58 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:50:58
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:50:58 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance d4TRXUjEO7EGkPH
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_WpTGgRdUoQDGdOj68791``.-$",
  "client_secret": "secret_GXYDaojdBuffzYZCqkauMPUgOmRdnwIqOHGWeAOQrKjJdwNJZi7787398198\")@\u0027+",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:50:58 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance d4TRXUjEO7EGkPH
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_WpTGgRdUoQDGdOj68791``.-$",
  "scope": "openid",
  "response_type": "id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "daCBXvhkK6IR-IoLem4ghktYZnr5u_EPq5ytkIbuaZY",
  "nonce": "l1iTghm74Tr5FickxVOhgYzAgnJM_ydlISH56OXrScw",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:50:58 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:50:58 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:50:58 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_WpTGgRdUoQDGdOj68791``.-$",
  "scope": "openid",
  "response_type": "id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "daCBXvhkK6IR-IoLem4ghktYZnr5u_EPq5ytkIbuaZY",
  "nonce": "l1iTghm74Tr5FickxVOhgYzAgnJM_ydlISH56OXrScw",
  "response_mode": "form_post"
}
2020-09-01 12:50:58 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:50:58 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
l1iTghm74Tr5FickxVOhgYzAgnJM_ydlISH56OXrScw
2020-09-01 12:50:58 SUCCESS
EnsureResponseTypeIsIdToken
Response type is expected value
expected
id_token
2020-09-01 12:50:58 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_WpTGgRdUoQDGdOj68791``.-$
2020-09-01 12:50:58 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:50:58 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:50:58 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:50:58 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/d4TRXUjEO7EGkPH/
sub
user-subject-1234531
aud
client_WpTGgRdUoQDGdOj68791``.-$
nonce
l1iTghm74Tr5FickxVOhgYzAgnJM_ydlISH56OXrScw
iat
1598964658
exp
1598964958
2020-09-01 12:50:58 INFO
AddCHashToIdTokenClaims
Skipped evaluation due to missing required string: c_hash
expected
c_hash
2020-09-01 12:50:58 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-09-01 12:50:58 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI2YzFhMDZiMy0wNzY3LTRlZjAtYjk0ZC1jMmQ5MDkxNTg3NTkiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9XcFRHZ1JkVW9RREdkT2o2ODc5MWBgLi0kIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2Q0VFJYVWpFTzdFR2tQSFwvIiwiZXhwIjoxNTk4OTY0OTU4LCJub25jZSI6ImwxaVRnaG03NFRyNUZpY2t4Vk9oZ1l6QWduSk1feWRsSVNINTZPWHJTY3ciLCJpYXQiOjE1OTg5NjQ2NTh9.P7e6B9Z-KvZDusZzWLEWVy9N3MgVtt-nm1FzbR26T6-lfF6fsJb0aNPNXUXsA2GynAtAcccS0RVg8Io6jUpxpQW7J49HguU7RS5xLYM-8aJt5Y5CmM5iUIshCrORo_zDRM1ieonTEUwE_OydlT0CILxxvKLWA1Dde8w2uhSbkrJeQbW9_6Yarbs1xO4AMGYq0rIp7OBuOWJ5Q_ak0K9uNL5nN4mWX-lClf8deo0e9uFWRMiaw0BPwxq2QSOSyBcsgA6QXmC43Lq3NL7HQOyFDI1kRbW2qz3X3MVgipnFPnkHybxhNTHvFNRR0mWBB6lpNRfZ7bdxkZRKONXzMRn35Q
key
{"p":"8dwastzXAVVvbULgfTO4f76E59EPbPSKHYZxduaGAxe8paHUU4ZCjkXDxtcYIFMJo1dGppy-z-3eAulDwK2r0Qy7M5aI_ZWCnDhJSqoGC7ItVDKtQGDCjZmnLNb22jA7blatFzqJ9NofqA73CY5aJ1h3HfRxd8fi_NecAyicyM0","kty":"RSA","q":"7vxl0b8lyh4LQnOBx31oJi-LjKNuPrfgmh4ge9Ct1H-uoAeSe2i_zquq6UNFfU0MrRHQbDxW4pGgl1E01lshEd3POZohyfbGSFlMC8OqJ-pwvfmotiLzGvi-UcPDAV0f0BTFB2CR4S_CCAtQ4tpZAFZMUGr3g3txeTYuTWfcOt8","d":"N-CG8CPY6n7B1cZVkyRivgHRT3nyK6YbXeGYoFewrvdjgSdgPtOHUnhqnBR4JtsMhmvW8Z-MIV3Mb3Dgz6lxjRoJA8nYRVl92Hq1nAHMlatxMm0pKKHkpezXHKWKfGobSlV3W_XwK2PuHL_MG4uWyEh7RDBYiYyOYscFX1hh1Qdh_zF_UnWXqv5YQva3nany_yQDLcZkU1x10ugWDEClPr5eznwEl_74YJRIiIxXv21VcTU-ayTaq3Bu_0WAkwe7Nnarfvu5qiROW-kov4YDNCMfexKpx-lLY1zKZLhldjjW0nf5PVAX9QyGGzBaFpOftaAw3i8UwUUplNjABTOyeQ","e":"AQAB","use":"sig","kid":"6c1a06b3-0767-4ef0-b94d-c2d909158759","qi":"mpFG-o7cUn4lqZdwevGVhK7ohirsw9tx3R7A1OMlZdAhD8Yjy2y7LgacVPsSl8V3RVNZItFXfJfVDNVG4KiNWLs0cClpVzOEbk9gskKdO7Tuh-O9X2UG-GU2ifvGNl4Fv_30iY3Kne7j0jl3s6l5mBAlU04zxAr2OxIxu9Gijng","dp":"HTl6ZGh49mlLaIlvNNG-Fnl_9770PTcjRUQMi9B5GwCQQ_dU_662dhiJ-ondGXLPNFSEbfd8uwVEEVf8XtjdbQo7yJUFApdBS_0lJgd7aYhjH8xr0N6gQ5nwcGOdOmoflEqW6bqiFtsQfi8ovJfd3uk6o3z5BP87N1AaQutyXnU","dq":"mlOxKLZoH9Iw8TOH_hv0spwHYMV0_tldGAkWbv4-Erh1OvBI3pqxKjPfRYzkhdrIscaMMijw7pSeALk3BqmIfHIhTJBE-5f5SWUo33v2GJqjPXrIQP3mwWcZ99ETz4Ckd4nCBlaNPb7KbMlp7WSVDsursk6xEV4Y0-5yDhhgtj8","n":"4ckVrpEyj7k63eS_Iq0-LeCEGb9oDqbiT2iTpGUYvms2SiKm7y-_sjZol6NB0wDLkre3GejDGqhxeYKFgl0c6LZOeZz47o4TEQomhi-VCh4xTpgOXDHlw6JSov7VhlCmv6km3elOAm6rVG1NOHRVOzm_E0wzW_2JY4pBCSKR1aF8b_Dsd5KSGff3uUWhLRZ-ZH3Pqsv16tbLA_uS2WbI6yWYOa4S-n45xPKkwG0_G3zID7txHaucP02Fb6_ItwNAC2q3Rkdh4aTXoRdkXFaDSqQIAuvEJCORIJTHiMrH6TE2O5HfTQvqEhjKye6bPyrtng_5sBTB4MoUstUj8T1ckw"}
algorithm
RS256
2020-09-01 12:50:58 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:50:58 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "daCBXvhkK6IR-IoLem4ghktYZnr5u_EPq5ytkIbuaZY"
}
2020-09-01 12:50:58 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "daCBXvhkK6IR-IoLem4ghktYZnr5u_EPq5ytkIbuaZY",
  "id_token": "eyJraWQiOiI2YzFhMDZiMy0wNzY3LTRlZjAtYjk0ZC1jMmQ5MDkxNTg3NTkiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9XcFRHZ1JkVW9RREdkT2o2ODc5MWBgLi0kIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2Q0VFJYVWpFTzdFR2tQSFwvIiwiZXhwIjoxNTk4OTY0OTU4LCJub25jZSI6ImwxaVRnaG03NFRyNUZpY2t4Vk9oZ1l6QWduSk1feWRsSVNINTZPWHJTY3ciLCJpYXQiOjE1OTg5NjQ2NTh9.P7e6B9Z-KvZDusZzWLEWVy9N3MgVtt-nm1FzbR26T6-lfF6fsJb0aNPNXUXsA2GynAtAcccS0RVg8Io6jUpxpQW7J49HguU7RS5xLYM-8aJt5Y5CmM5iUIshCrORo_zDRM1ieonTEUwE_OydlT0CILxxvKLWA1Dde8w2uhSbkrJeQbW9_6Yarbs1xO4AMGYq0rIp7OBuOWJ5Q_ak0K9uNL5nN4mWX-lClf8deo0e9uFWRMiaw0BPwxq2QSOSyBcsgA6QXmC43Lq3NL7HQOyFDI1kRbW2qz3X3MVgipnFPnkHybxhNTHvFNRR0mWBB6lpNRfZ7bdxkZRKONXzMRn35Q"
}
2020-09-01 12:50:58 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance d4TRXUjEO7EGkPH
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"daCBXvhkK6IR-IoLem4ghktYZnr5u_EPq5ytkIbuaZY","id_token":"eyJraWQiOiI2YzFhMDZiMy0wNzY3LTRlZjAtYjk0ZC1jMmQ5MDkxNTg3NTkiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9XcFRHZ1JkVW9RREdkT2o2ODc5MWBgLi0kIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2Q0VFJYVWpFTzdFR2tQSFwvIiwiZXhwIjoxNTk4OTY0OTU4LCJub25jZSI6ImwxaVRnaG03NFRyNUZpY2t4Vk9oZ1l6QWduSk1feWRsSVNINTZPWHJTY3ciLCJpYXQiOjE1OTg5NjQ2NTh9.P7e6B9Z-KvZDusZzWLEWVy9N3MgVtt-nm1FzbR26T6-lfF6fsJb0aNPNXUXsA2GynAtAcccS0RVg8Io6jUpxpQW7J49HguU7RS5xLYM-8aJt5Y5CmM5iUIshCrORo_zDRM1ieonTEUwE_OydlT0CILxxvKLWA1Dde8w2uhSbkrJeQbW9_6Yarbs1xO4AMGYq0rIp7OBuOWJ5Q_ak0K9uNL5nN4mWX-lClf8deo0e9uFWRMiaw0BPwxq2QSOSyBcsgA6QXmC43Lq3NL7HQOyFDI1kRbW2qz3X3MVgipnFPnkHybxhNTHvFNRR0mWBB6lpNRfZ7bdxkZRKONXzMRn35Q"}}]
outgoing_path
authorize
2020-09-01 12:50:59 INCOMING
oidcc-client-test-nonce-unless-code-flow
Incoming HTTP request to test instance d4TRXUjEO7EGkPH
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:50:59 OUTGOING
oidcc-client-test-nonce-unless-code-flow
Response to HTTP request to test instance d4TRXUjEO7EGkPH
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "6c1a06b3-0767-4ef0-b94d-c2d909158759",
      "n": "4ckVrpEyj7k63eS_Iq0-LeCEGb9oDqbiT2iTpGUYvms2SiKm7y-_sjZol6NB0wDLkre3GejDGqhxeYKFgl0c6LZOeZz47o4TEQomhi-VCh4xTpgOXDHlw6JSov7VhlCmv6km3elOAm6rVG1NOHRVOzm_E0wzW_2JY4pBCSKR1aF8b_Dsd5KSGff3uUWhLRZ-ZH3Pqsv16tbLA_uS2WbI6yWYOa4S-n45xPKkwG0_G3zID7txHaucP02Fb6_ItwNAC2q3Rkdh4aTXoRdkXFaDSqQIAuvEJCORIJTHiMrH6TE2O5HfTQvqEhjKye6bPyrtng_5sBTB4MoUstUj8T1ckw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "3203a51a-e96f-4c8e-8547-a8b4f1160ee1",
      "n": "gOit5vX4SGjP4F_m_aI0nepyxZVjG--VIOMc-7XDmzBSOwK60UQb_BSyrUoJk6qZv57B4WkyusK2S3fS8loS0j1x-FWD_GBw1F5sl3YEN30ooOLk66qWOC9Q1g24sGW8ISDPc-V21AjOiMvJUBmNjAiwO-1idufLZlt2TacK74Sz0K4eZluqm4p9zst4ZEpb9K4ubUmZsmPZYLYYdc-A--hcP3JkxbQtHloItkUYOb0EZc753lFosQpZKRvDgi0Fgr4V-pKWvI2PE80TQ6MqfKPZJ7UazAQ2JRQdxHliwwh1ulhcNILrtZZjEBiOGhupTdjq014IrFZ0tb467V0Xew"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "0333ebc7-14b5-4a4c-acff-e8efc8b4b8f1",
      "x": "3udD02x0nOulVlQw9oJcTfD_1k40uB1YlMtDZBR7qLE",
      "y": "HIZ7u2Z2RN-oxrCOFIBHpCZanGbE8H6h7uA8lBCix34"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "66c50ce7-e821-45cf-932a-9adbdc139ba3",
      "x": "zrxu1SDm_YYcmBXxFbLp1IRHds1B-WnH32xUHAlG2W0",
      "y": "NZXrDicB8jBcisPDQrDvUFmnTHdGpoy0MGsDSW6l9cE"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "a142d6e4-0328-4fce-8437-9b7c85dafea4",
      "x": "UqmjIcgJHgkIGkr9Yhqv94vUKWkzxw67u2Eu478D-l8",
      "y": "mOcCx__Aq1PszUtv8FFFdTcUdCA1UtnjsYjXdxIdOFU"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "88b61cec-120a-49cb-88b6-ccd65e875aaf",
      "x": "tLDmgKyXGAzUcgVLjXHq6sIYsljSgKD7H5miLE3VG68"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "8e31f9f9-711d-4107-8c35-cd291de3be14",
      "alg": "RSA-OAEP",
      "n": "j01YO6ro1pugMYdoV9jrdZezxG-kG0Q-o_4eV-ODCrJb3tPZ7asJ4K46nLVmeIZYF6D-OPnatTTQSeuGIXLeTKtLRnQNnrSrNITaTYqgmwG4UHcvQTDcCS2OaMPQg7T2tAvZr3qih89pTchavzyxNyCxNlIpSZeP48XGqAy1zGEt-HkJVhzO5ASDazJfPtBxsUMFWjocJhAxARaNSwJO2fIEU0RNRbfeKCHSVYADlDKSeDc4N_8wZ6f2-jr2XscOdft17k19spG9NRgxAYH-GnnxqHPLbl5H9EdTdc1MBQ-b8HMWenj0mbxVVZRaxLLpIzFVrlB56nh2Feo0yzSVlw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "703a4c60-7c07-4b18-8f5f-26e6d8fdcd18",
      "x": "sl7gd5lvbpqcNQQALz-03Emc-F7mD8M_1V3lcy9SBXE",
      "y": "WUQKBVtP0dNLq4_2lcgb8tE_S_czC7wA61LrEt-3utE",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:50:59 FINISHED
oidcc-client-test-nonce-unless-code-flow
Test has run to completion
testmodule_result
PASSED
Test Results