Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:51:16 INFO
TEST-RUNNER
Test instance WaC43auN4z9Abkd created
baseUrl
https://www.certification.openid.net/test/WaC43auN4z9Abkd
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-invalid-sig-rs256
2020-09-01 12:51:16 SUCCESS
OIDCCGenerateServerConfigurationIdTokenSigningAlgRS256Only
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/",
  "authorization_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/token",
  "jwks_uri": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:16
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/",
  "authorization_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/token",
  "jwks_uri": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:17
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "x9T-yOW41Zg5IPI3v1bw8AIMHNCT2AEI-9acrxcW4NGz9-MkVoehuF_jDTSlxo8oUsPoF5qz0I8W8PfSfpsNAqfsW89NeTWxFJ-zYDkW56n8SR-do0EapAck4BuLDuLbLIMR9OWdz4gSME53qkPuf_o9TDtZf0A_x29Lvs3ZjlM",
      "kty": "RSA",
      "q": "wCPGSJVm0GQGNFAW5PAuFXUH_qZ70WtMHbg-ZAckV_2pidy5wAXr7NSWHXYMKb4WiYP0WvGTLb2EF2XwT8pVdTggHasMnjiUhT5EO6vKa5-rUYbpRhYaXsw3WZ4KMGEHplOzfmO5RgHtLMcFuAXRwUFkOyvcjkRhMvRAg2ayNAc",
      "d": "KigsZpDMU-pINv4EWdSU3_Ov9GhbBG4951hqLaK-w3W9uGW6eqLzO5tX3V7e7xen9AC07kF1kIeCK7AxybTLXbQodSoq6atJz4buNqhBSKl6rtRnTP8z7jzjw2tVfs_R2J7bGk1yl5fFsftVR8xwjIGfBa42pwyflPA9hq6vO5l6hkelur7HopNfWtPezDVrC77pUX0b4IhnAzqUIZXv5HIwG8rG9TIGDIRtG_ZlgQoIju31XQbY49Fw7it6vnF0j9-rgZMoms5DGV3x-qZJf69mrbDSUriSzZ5i1QQy6xxzmU3Y3W9X4dmUXvmZEth3VSg_5GPNk6s9j2avIUt23Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "72807cf0-c5c9-456b-b923-785062db8105",
      "qi": "O8-605LjOF22ppLUax-67bzFI4Qzgb4_AdybLqb5X033-m7CJ09doiB2JKynmmLN3XuEElvOV0E1qIVloY81Wr_CfG477o2cQfTjstIAdXYYz2FQPKR7wwdxP6HDFijeXL8LmzGJAai7tpxED3dmIcxOMbNtLM7De_JRQIzUcOg",
      "dp": "WdfYaUhnLpkO7lIYYE1da_rvqTDZl573hAp8TXgrEA8YQ9X6q3C1c-igc3p9IeWRMozj12D1gUoj_VjeaY-abNxEtw5f_aP3JpealSN1udhCFjpBrHmD2cVgfeXEQoAaHEwdkaZ-qiS6UL-mq4V5QE6oqpJwbXbcdfUC8BkqvAM",
      "dq": "HiT-tOCLsuIefxKZpO1xrXgg-vjPsDlvRbJkR3k_YHaxpKl2kwPa0dtAefrNSbdC_ewv6BzChIiZMrqRi1MpOSzHDSCK6D_kPUtZlSsMpPn1_OJ3ssFA_eJ4RJ0g6BoxAw1audeXd75RoZbP9OEk2XcS7J2jCsb7oOzlOjhgeP0",
      "n": "lfur_OdYTHiEpwUB_DSDa07WYRcMJKaFS8kntHe-YV7keLsm0eUmGZQtpfTb0ztCGqn5u1p0Sp1v4AOFyWuCdbPYfqrom9iGV2xvpOyj8aQTLrIbrMNLzSXQcrj79Tvrfm6ze_wCklCJxfOtRZtqweVWsd-RkA_hHUdlcseeMhLSKlt6RWsIMBHxogUtDhOEnN1Ipn-KCdG1pWQs5k9dllii-jTRItm4zrmIgYZV9zcvApdB6FldQQip_70CiYUkTVbipC2DCUBcSJK4YK4TGKNQnxlVF9ISBJYyaB4-oVX4u7EfAQWqOkopS_59S-YOwM1HJseR2oZXIjh62ZHARQ"
    },
    {
      "kty": "EC",
      "d": "R7xvNRBHvSnLIxoAeEU0u_WaOHZbVc9SRd_MtgFC4uw",
      "use": "sig",
      "crv": "P-256",
      "kid": "3b94bcaf-7065-49f2-9992-101941f88883",
      "x": "bhiyLllLv9M_N7nfCCTJitGmSRI7ARm0zsfcMfFgJBo",
      "y": "DvbJeAlU-4HJ9Ap4mYIkynQOSCtzjzk4TsxnQ2XN6oI"
    },
    {
      "kty": "EC",
      "d": "8XFk6M4aCwTHI1TwxeaB8DPppcjiXD8b4k3ae81_RuQ",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "61d6d64e-6be5-40bb-8a8d-eb70bf254394",
      "x": "XgTx2GRhDxaifKtv8K9pB3Ay8fX57PdmgnIZIiv497M",
      "y": "O8DcDeI9vNPZHRh5ueW3g4Vt2aegLJ3U-mJUS39MYi8"
    },
    {
      "kty": "OKP",
      "d": "6DFIMEl8M3VlFGiMUcqKFsllnnjq8p1bR8goVyYCnAk",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "e3b4f401-4d44-4045-8551-0273a5640bb1",
      "x": "sS1h5fkW5d0iU5zWxYYk9yTi9H7IsSkl60HiSBBUNXU"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "18Rx-LBft2TWRc4rDBEPRMjxeR7Og2xJRmNe4lcdW8dPlYqFNna_OtsOhUYpGja9Us2KXRdUx7_2IdOZNS7kzARO9bhNgDBT_2jWFaElaX8q73WHzW695Lb4ACXbLlWRbbcnX9LT1hIjIRk_Mzuk7-0UBQT436IZeZXROjzzaAk",
      "kty": "RSA",
      "q": "v6mhK5fW-QMI2T6RSfSbtLEVgCx_Zkndnox0rpFiL1X4Hnl_8aEMNG7t7rinERiuChu8T9t8qhkt-odV2atu4cy9HscFxQwGkTbkC8WuwLu76L7nF-Wdq1vf4nUToR2QVML_hUQ82LgGFcKL4Ond75Wnz7Ks04Ohu3Uj1JN3xME",
      "d": "UyaCZBiwnwURyn1BMan9RBQgPRILf6TNAZuPvnLiSCe8EMepaD1ezgooaBapNyb9sRMsPYP1OP3u-zMLFqBgPAoUTgq6q0A0EUMWiqwfdsXOm2R8LgMMkQui-y0AklJ9K9khzTAIgzSC-jGf4JGVjxll6JwDUFJGB_brEscP-4-E0T436C3X6L9zhVExNClCwj2E1jBdAqn0qAd9eHMf8PNuiZQOsWru73L5euhR8jIYUhR6_tvm2QBJv-S7SzcsHebj-vQmo4nyqk1giB22QvsT8OOMpM2WHDL3CXYpfyMvVdQD-XCgDi_d0T0DKbpIYLLsDfamhSJPAM2SCBZkAQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "28b9e951-c56b-4712-9bde-1dc0e20c41ee",
      "qi": "naSOQ0qDJmGRygbmZOKGauo-HpgCdR7_o0aFLnTQETUHyaddU0LXdrWs0mAdc7CXoyxvuZVfGukJZXXQG5C9Swl96Bb96TcuJM6njWCF7E9iHs70Rcdq7XEpJtjY736DJKfhD1WgO35woUldUdOXBtFg-ctenx6nQdtFBWnijok",
      "dp": "PQyRLstAmdRHKEMYPPbKuiyc3idQSTEnXmoZW7NIVEKFiwtBe9KHcvCuIBlk4czhLn-HiaVjUI1I5_NF4x1ckTka2j2GeCG0cozIHiCVRE8957j6bq7Jvd_jNa-AX5DIcCGlW2B8nZJOLDxHfIiAt3397xmkDSqBSLySEYdTW3k",
      "alg": "RSA-OAEP",
      "dq": "EY5FIAwZedeoUNXlUwPf2045LPNmfAUaErLE4VSZzMIwJwJ0ELrytj7O9oXdb7h2AKEHv7zYD3CdAIyy9Ww5jN9HF3Gdeq4eT-DaRKXH2wmXLbuGyW6T4aVZvZGByck-djUiWJ-mfydkD0wxqdliJdbsdx7jq8Ar6VLShF85okE",
      "n": "oYqJjxJqdAe3Yx4QeYFhcMPDPPSLlfECbnd1K78bNMHhQRBsbYMU1ZYEuNsNcibr83CFckX9RnaJXZXGPzIAXg7JGonJjtPX4bL8z5avFHvzUhasCp5SUubCiXpvfUDZkq2k1K6V07__YhEbDEJnHx8Lt5ZVTOqxgOFCFLAkNAf4Dl92l9FszzIRl9QMHh9ZD6o7XCFUkcNyGm5T8IBV6uanaSr_EGKbH-2tXZxYIizlX8IbkqEpo-Q_z7aykqWSccUjpLVnztJc7ljhA7x9prfYvFwOkdQcJU6wehkC4ZWNi6WQuqNqZ97YIOsPlW0noHIx8dfpLYnxHc_o1ldSyQ"
    },
    {
      "kty": "EC",
      "d": "Gy_N24B5mqi3XxIOmW_tPki3F-DYfRZYLK76I3_CsyE",
      "use": "enc",
      "crv": "P-256",
      "kid": "bd58299d-294c-49fd-8e05-ecbcbf71097d",
      "x": "mqVYISRnUQOUG5UufhptwqSlA2_XgDAkWZ9kDKVph4k",
      "y": "5GzGrW0zUx3LzHReWiBvuw9vCRhCg04kHuWG6hG_0YA",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "72807cf0-c5c9-456b-b923-785062db8105",
      "n": "lfur_OdYTHiEpwUB_DSDa07WYRcMJKaFS8kntHe-YV7keLsm0eUmGZQtpfTb0ztCGqn5u1p0Sp1v4AOFyWuCdbPYfqrom9iGV2xvpOyj8aQTLrIbrMNLzSXQcrj79Tvrfm6ze_wCklCJxfOtRZtqweVWsd-RkA_hHUdlcseeMhLSKlt6RWsIMBHxogUtDhOEnN1Ipn-KCdG1pWQs5k9dllii-jTRItm4zrmIgYZV9zcvApdB6FldQQip_70CiYUkTVbipC2DCUBcSJK4YK4TGKNQnxlVF9ISBJYyaB4-oVX4u7EfAQWqOkopS_59S-YOwM1HJseR2oZXIjh62ZHARQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "935ef93b-1f5f-4592-a55a-7291cf527529",
      "n": "m6pGorCdL44YFnI--puJMUFw29Uv4exLeGrwtyDGe1O-5zoPkeciYfQ5f6gnX0KqQ61iWK77SL7z4QCQo-K4T8NWhoCIXl-dEzzP_D3uBJvEiUwyc3i8KKKTuMdDIBS-8UjW-_bH8fN7i_5xjrwgdX5AWHE5G6y_BnbeFfYP-de5JedgaOWKrlpfJr9oVK7o2z_HHrNQrbN4icFi9iryNbK9CQtc7wicZab3zUbKXfbfnj4f1QEBoGn56-Dcu9KsZhnjRaalsxXY7VeWDbuaWe4ckxxqdAYD6H7KVLD0qlk0-RDqV-los8rVSq_GhFHsh5QKuBClqvdTuZua8IE7bQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "3b94bcaf-7065-49f2-9992-101941f88883",
      "x": "bhiyLllLv9M_N7nfCCTJitGmSRI7ARm0zsfcMfFgJBo",
      "y": "DvbJeAlU-4HJ9Ap4mYIkynQOSCtzjzk4TsxnQ2XN6oI"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "a0733a31-816f-4fa3-a4bd-7eff3a7afc4d",
      "x": "mXk6P1E38tZTlLnTNL0fteMgDUXjSn7YCMAnOegYjcw",
      "y": "9k5z79Ms31al2VIc4eiWdrqDWISXm6Tfy1SUvBvXRho"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "61d6d64e-6be5-40bb-8a8d-eb70bf254394",
      "x": "XgTx2GRhDxaifKtv8K9pB3Ay8fX57PdmgnIZIiv497M",
      "y": "O8DcDeI9vNPZHRh5ueW3g4Vt2aegLJ3U-mJUS39MYi8"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "e3b4f401-4d44-4045-8551-0273a5640bb1",
      "x": "sS1h5fkW5d0iU5zWxYYk9yTi9H7IsSkl60HiSBBUNXU"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "28b9e951-c56b-4712-9bde-1dc0e20c41ee",
      "alg": "RSA-OAEP",
      "n": "oYqJjxJqdAe3Yx4QeYFhcMPDPPSLlfECbnd1K78bNMHhQRBsbYMU1ZYEuNsNcibr83CFckX9RnaJXZXGPzIAXg7JGonJjtPX4bL8z5avFHvzUhasCp5SUubCiXpvfUDZkq2k1K6V07__YhEbDEJnHx8Lt5ZVTOqxgOFCFLAkNAf4Dl92l9FszzIRl9QMHh9ZD6o7XCFUkcNyGm5T8IBV6uanaSr_EGKbH-2tXZxYIizlX8IbkqEpo-Q_z7aykqWSccUjpLVnztJc7ljhA7x9prfYvFwOkdQcJU6wehkC4ZWNi6WQuqNqZ97YIOsPlW0noHIx8dfpLYnxHc_o1ldSyQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "bd58299d-294c-49fd-8e05-ecbcbf71097d",
      "x": "mqVYISRnUQOUG5UufhptwqSlA2_XgDAkWZ9kDKVph4k",
      "y": "5GzGrW0zUx3LzHReWiBvuw9vCRhCg04kHuWG6hG_0YA",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:51:17 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:51:17 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:51:17 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:51:17 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:51:17
oidcc-client-test-invalid-sig-rs256
Setup Done
2020-09-01 12:51:19 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance WaC43auN4z9Abkd
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:51:19 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance WaC43auN4z9Abkd
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/",
  "authorization_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/token",
  "jwks_uri": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:51:20 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance WaC43auN4z9Abkd
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "220",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"],"id_token_signed_response_alg":"RS256"}
Registration endpoint
2020-09-01 12:51:20 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
2020-09-01 12:51:20 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:51:20 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code id_token"
]
2020-09-01 12:51:20 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:20 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:51:20 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:51:20 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:51:20 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:51:20 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:51:20 SUCCESS
ValidateIdTokenSignedResponseAlg
id_token_signed_response_alg is one of the known algorithms
alg
RS256
2020-09-01 12:51:20 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:51:20 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:20 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:51:20 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:51:20 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:51:20 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:51:20 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:51:20 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:51:20 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:51:20 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:51:20 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:51:20 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:51:20 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_USwEUOaUnutriCX88272\u0026/`^\u0027"
}
2020-09-01 12:51:20
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_VoNQjQtMHMhYUJWJWsNLWIotTUrwSAuvwIGiDNqoIPpMsXaMsZ7935374810"!|^&
2020-09-01 12:51:20 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:51:20
SetClientIdTokenSignedResponseAlgToRS256
Set id_token_signed_response_alg to RS256 for the registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_USwEUOaUnutriCX88272\u0026/`^\u0027",
  "client_secret": "secret_VoNQjQtMHMhYUJWJWsNLWIotTUrwSAuvwIGiDNqoIPpMsXaMsZ7935374810\"!|^\u0026"
}
2020-09-01 12:51:20 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_USwEUOaUnutriCX88272\u0026/`^\u0027",
  "client_secret": "secret_VoNQjQtMHMhYUJWJWsNLWIotTUrwSAuvwIGiDNqoIPpMsXaMsZ7935374810\"!|^\u0026"
}
2020-09-01 12:51:20 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:51:20
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2020-09-01 12:51:20
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:51:20 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance WaC43auN4z9Abkd
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_USwEUOaUnutriCX88272\u0026/`^\u0027",
  "client_secret": "secret_VoNQjQtMHMhYUJWJWsNLWIotTUrwSAuvwIGiDNqoIPpMsXaMsZ7935374810\"!|^\u0026"
}
outgoing_path
register
2020-09-01 12:51:20 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance WaC43auN4z9Abkd
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_USwEUOaUnutriCX88272\u0026/`^\u0027",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "zKyK2BMes8kCqF9NL4d7nUmK-xZWMdZnY_SUgkscLnk",
  "nonce": "hWwMyQ1pJ5Ff0R6pA0NAYTbLeWEcu7CUB-kWssJ8aoc",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:51:20 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:51:20 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:20 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_USwEUOaUnutriCX88272\u0026/`^\u0027",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "zKyK2BMes8kCqF9NL4d7nUmK-xZWMdZnY_SUgkscLnk",
  "nonce": "hWwMyQ1pJ5Ff0R6pA0NAYTbLeWEcu7CUB-kWssJ8aoc",
  "response_mode": "form_post"
}
2020-09-01 12:51:20 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:51:20 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
hWwMyQ1pJ5Ff0R6pA0NAYTbLeWEcu7CUB-kWssJ8aoc
2020-09-01 12:51:20 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2020-09-01 12:51:20 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_USwEUOaUnutriCX88272&/`^'
2020-09-01 12:51:20 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:20 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:20 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:51:20 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
klmtQVl43H
2020-09-01 12:51:20 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
LrxLnWfvOlOoq8JQDZTdBw
2020-09-01 12:51:20 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/WaC43auN4z9Abkd/
sub
user-subject-1234531
aud
client_USwEUOaUnutriCX88272&/`^'
nonce
hWwMyQ1pJ5Ff0R6pA0NAYTbLeWEcu7CUB-kWssJ8aoc
iat
1598964680
exp
1598964980
2020-09-01 12:51:20 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
LrxLnWfvOlOoq8JQDZTdBw
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/WaC43auN4z9Abkd/",
  "sub": "user-subject-1234531",
  "aud": "client_USwEUOaUnutriCX88272\u0026/`^\u0027",
  "nonce": "hWwMyQ1pJ5Ff0R6pA0NAYTbLeWEcu7CUB-kWssJ8aoc",
  "iat": 1598964680,
  "exp": 1598964980,
  "c_hash": "LrxLnWfvOlOoq8JQDZTdBw"
}
2020-09-01 12:51:20 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-09-01 12:51:20 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI3MjgwN2NmMC1jNWM5LTQ1NmItYjkyMy03ODUwNjJkYjgxMDUiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9VU3dFVU9hVW51dHJpQ1g4ODI3MiZcL2BeJyIsImNfaGFzaCI6IkxyeExuV2Z2T2xPb3E4SlFEWlRkQnciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvV2FDNDNhdU40ejlBYmtkXC8iLCJleHAiOjE1OTg5NjQ5ODAsIm5vbmNlIjoiaFd3TXlRMXBKNUZmMFI2cEEwTkFZVGJMZVdFY3U3Q1VCLWtXc3NKOGFvYyIsImlhdCI6MTU5ODk2NDY4MH0.j2VBp8ZAG_65zhFt6pszXWSDg0N_8jmHXo-AT4LOUEDu3YaMcoQFguj1huuGH3-mtZ5iX7ZTISE3S6h8mtArVx2wKHRlysBJ-PuOlpzEOz_p82UXDC5aW_2ulHH59lU16nna3hB8bpaT3Twt6aSUl1QBbsKC-r1_pjh5m039eMUCs5fJPsos7SSL4cM-bCa5QDiIE-IvmZ4wwIXamGfjSy_2clgtszBg8FEHsRPMO8WVL9Sx-jkvfx2_RmojvlVlXcNl4lyk6FkOQaNWerc-BR_OUtKyWhIuO-q5Sc3L5WSmnZ-kbVBz_YK555FBV0A0a44grlm3LuBiPXAPak-LIA
key
{"p":"x9T-yOW41Zg5IPI3v1bw8AIMHNCT2AEI-9acrxcW4NGz9-MkVoehuF_jDTSlxo8oUsPoF5qz0I8W8PfSfpsNAqfsW89NeTWxFJ-zYDkW56n8SR-do0EapAck4BuLDuLbLIMR9OWdz4gSME53qkPuf_o9TDtZf0A_x29Lvs3ZjlM","kty":"RSA","q":"wCPGSJVm0GQGNFAW5PAuFXUH_qZ70WtMHbg-ZAckV_2pidy5wAXr7NSWHXYMKb4WiYP0WvGTLb2EF2XwT8pVdTggHasMnjiUhT5EO6vKa5-rUYbpRhYaXsw3WZ4KMGEHplOzfmO5RgHtLMcFuAXRwUFkOyvcjkRhMvRAg2ayNAc","d":"KigsZpDMU-pINv4EWdSU3_Ov9GhbBG4951hqLaK-w3W9uGW6eqLzO5tX3V7e7xen9AC07kF1kIeCK7AxybTLXbQodSoq6atJz4buNqhBSKl6rtRnTP8z7jzjw2tVfs_R2J7bGk1yl5fFsftVR8xwjIGfBa42pwyflPA9hq6vO5l6hkelur7HopNfWtPezDVrC77pUX0b4IhnAzqUIZXv5HIwG8rG9TIGDIRtG_ZlgQoIju31XQbY49Fw7it6vnF0j9-rgZMoms5DGV3x-qZJf69mrbDSUriSzZ5i1QQy6xxzmU3Y3W9X4dmUXvmZEth3VSg_5GPNk6s9j2avIUt23Q","e":"AQAB","use":"sig","kid":"72807cf0-c5c9-456b-b923-785062db8105","qi":"O8-605LjOF22ppLUax-67bzFI4Qzgb4_AdybLqb5X033-m7CJ09doiB2JKynmmLN3XuEElvOV0E1qIVloY81Wr_CfG477o2cQfTjstIAdXYYz2FQPKR7wwdxP6HDFijeXL8LmzGJAai7tpxED3dmIcxOMbNtLM7De_JRQIzUcOg","dp":"WdfYaUhnLpkO7lIYYE1da_rvqTDZl573hAp8TXgrEA8YQ9X6q3C1c-igc3p9IeWRMozj12D1gUoj_VjeaY-abNxEtw5f_aP3JpealSN1udhCFjpBrHmD2cVgfeXEQoAaHEwdkaZ-qiS6UL-mq4V5QE6oqpJwbXbcdfUC8BkqvAM","dq":"HiT-tOCLsuIefxKZpO1xrXgg-vjPsDlvRbJkR3k_YHaxpKl2kwPa0dtAefrNSbdC_ewv6BzChIiZMrqRi1MpOSzHDSCK6D_kPUtZlSsMpPn1_OJ3ssFA_eJ4RJ0g6BoxAw1audeXd75RoZbP9OEk2XcS7J2jCsb7oOzlOjhgeP0","n":"lfur_OdYTHiEpwUB_DSDa07WYRcMJKaFS8kntHe-YV7keLsm0eUmGZQtpfTb0ztCGqn5u1p0Sp1v4AOFyWuCdbPYfqrom9iGV2xvpOyj8aQTLrIbrMNLzSXQcrj79Tvrfm6ze_wCklCJxfOtRZtqweVWsd-RkA_hHUdlcseeMhLSKlt6RWsIMBHxogUtDhOEnN1Ipn-KCdG1pWQs5k9dllii-jTRItm4zrmIgYZV9zcvApdB6FldQQip_70CiYUkTVbipC2DCUBcSJK4YK4TGKNQnxlVF9ISBJYyaB4-oVX4u7EfAQWqOkopS_59S-YOwM1HJseR2oZXIjh62ZHARQ"}
algorithm
RS256
2020-09-01 12:51:20 SUCCESS
SignIdTokenInvalid
Made the id_token signature invalid
id_token
eyJraWQiOiI3MjgwN2NmMC1jNWM5LTQ1NmItYjkyMy03ODUwNjJkYjgxMDUiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9VU3dFVU9hVW51dHJpQ1g4ODI3MiZcL2BeJyIsImNfaGFzaCI6IkxyeExuV2Z2T2xPb3E4SlFEWlRkQnciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvV2FDNDNhdU40ejlBYmtkXC8iLCJleHAiOjE1OTg5NjQ5ODAsIm5vbmNlIjoiaFd3TXlRMXBKNUZmMFI2cEEwTkFZVGJMZVdFY3U3Q1VCLWtXc3NKOGFvYyIsImlhdCI6MTU5ODk2NDY4MH0.1T8b_ZwaQaTjlEs3sMFpBz7Z2RklqGPdBNXaFdiUChq0h9zWKN5f2LKv3LHcRSX878Q4BewJe3ttEfImwIpxDUfqci4_kJoToqHUzMaeYWWzqT9NVnQAAaf0ziujrA9vsCOAhEomNMzJh2Z3s_7OzQ5bNJjYoOcl_GIjwRenIp9Y6c2TZJB2t37Ru5lkNnzjGmLSSbh1w8Rqmt-Awj25EXWsKAJ36Wo6qgtd60mWYZ_PdY7roGN1JUflHDB55A8_B5k_uAb-sgNUG_kMIO1kX0WUCIjoAEh0YbDjE5eRvz78x8X-Nwopp9jjvcsbDRpuMdR69APtdLo4ZypVMBXReg
2020-09-01 12:51:20 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:20 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "zKyK2BMes8kCqF9NL4d7nUmK-xZWMdZnY_SUgkscLnk"
}
2020-09-01 12:51:20 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "zKyK2BMes8kCqF9NL4d7nUmK-xZWMdZnY_SUgkscLnk",
  "code": "klmtQVl43H"
}
2020-09-01 12:51:20 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "zKyK2BMes8kCqF9NL4d7nUmK-xZWMdZnY_SUgkscLnk",
  "code": "klmtQVl43H",
  "id_token": "eyJraWQiOiI3MjgwN2NmMC1jNWM5LTQ1NmItYjkyMy03ODUwNjJkYjgxMDUiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9VU3dFVU9hVW51dHJpQ1g4ODI3MiZcL2BeJyIsImNfaGFzaCI6IkxyeExuV2Z2T2xPb3E4SlFEWlRkQnciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvV2FDNDNhdU40ejlBYmtkXC8iLCJleHAiOjE1OTg5NjQ5ODAsIm5vbmNlIjoiaFd3TXlRMXBKNUZmMFI2cEEwTkFZVGJMZVdFY3U3Q1VCLWtXc3NKOGFvYyIsImlhdCI6MTU5ODk2NDY4MH0.1T8b_ZwaQaTjlEs3sMFpBz7Z2RklqGPdBNXaFdiUChq0h9zWKN5f2LKv3LHcRSX878Q4BewJe3ttEfImwIpxDUfqci4_kJoToqHUzMaeYWWzqT9NVnQAAaf0ziujrA9vsCOAhEomNMzJh2Z3s_7OzQ5bNJjYoOcl_GIjwRenIp9Y6c2TZJB2t37Ru5lkNnzjGmLSSbh1w8Rqmt-Awj25EXWsKAJ36Wo6qgtd60mWYZ_PdY7roGN1JUflHDB55A8_B5k_uAb-sgNUG_kMIO1kX0WUCIjoAEh0YbDjE5eRvz78x8X-Nwopp9jjvcsbDRpuMdR69APtdLo4ZypVMBXReg"
}
2020-09-01 12:51:20 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance WaC43auN4z9Abkd
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"zKyK2BMes8kCqF9NL4d7nUmK-xZWMdZnY_SUgkscLnk","code":"klmtQVl43H","id_token":"eyJraWQiOiI3MjgwN2NmMC1jNWM5LTQ1NmItYjkyMy03ODUwNjJkYjgxMDUiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9VU3dFVU9hVW51dHJpQ1g4ODI3MiZcL2BeJyIsImNfaGFzaCI6IkxyeExuV2Z2T2xPb3E4SlFEWlRkQnciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvV2FDNDNhdU40ejlBYmtkXC8iLCJleHAiOjE1OTg5NjQ5ODAsIm5vbmNlIjoiaFd3TXlRMXBKNUZmMFI2cEEwTkFZVGJMZVdFY3U3Q1VCLWtXc3NKOGFvYyIsImlhdCI6MTU5ODk2NDY4MH0.1T8b_ZwaQaTjlEs3sMFpBz7Z2RklqGPdBNXaFdiUChq0h9zWKN5f2LKv3LHcRSX878Q4BewJe3ttEfImwIpxDUfqci4_kJoToqHUzMaeYWWzqT9NVnQAAaf0ziujrA9vsCOAhEomNMzJh2Z3s_7OzQ5bNJjYoOcl_GIjwRenIp9Y6c2TZJB2t37Ru5lkNnzjGmLSSbh1w8Rqmt-Awj25EXWsKAJ36Wo6qgtd60mWYZ_PdY7roGN1JUflHDB55A8_B5k_uAb-sgNUG_kMIO1kX0WUCIjoAEh0YbDjE5eRvz78x8X-Nwopp9jjvcsbDRpuMdR69APtdLo4ZypVMBXReg"}}]
outgoing_path
authorize
2020-09-01 12:51:21 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance WaC43auN4z9Abkd
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:51:21 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance WaC43auN4z9Abkd
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "72807cf0-c5c9-456b-b923-785062db8105",
      "n": "lfur_OdYTHiEpwUB_DSDa07WYRcMJKaFS8kntHe-YV7keLsm0eUmGZQtpfTb0ztCGqn5u1p0Sp1v4AOFyWuCdbPYfqrom9iGV2xvpOyj8aQTLrIbrMNLzSXQcrj79Tvrfm6ze_wCklCJxfOtRZtqweVWsd-RkA_hHUdlcseeMhLSKlt6RWsIMBHxogUtDhOEnN1Ipn-KCdG1pWQs5k9dllii-jTRItm4zrmIgYZV9zcvApdB6FldQQip_70CiYUkTVbipC2DCUBcSJK4YK4TGKNQnxlVF9ISBJYyaB4-oVX4u7EfAQWqOkopS_59S-YOwM1HJseR2oZXIjh62ZHARQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "935ef93b-1f5f-4592-a55a-7291cf527529",
      "n": "m6pGorCdL44YFnI--puJMUFw29Uv4exLeGrwtyDGe1O-5zoPkeciYfQ5f6gnX0KqQ61iWK77SL7z4QCQo-K4T8NWhoCIXl-dEzzP_D3uBJvEiUwyc3i8KKKTuMdDIBS-8UjW-_bH8fN7i_5xjrwgdX5AWHE5G6y_BnbeFfYP-de5JedgaOWKrlpfJr9oVK7o2z_HHrNQrbN4icFi9iryNbK9CQtc7wicZab3zUbKXfbfnj4f1QEBoGn56-Dcu9KsZhnjRaalsxXY7VeWDbuaWe4ckxxqdAYD6H7KVLD0qlk0-RDqV-los8rVSq_GhFHsh5QKuBClqvdTuZua8IE7bQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "3b94bcaf-7065-49f2-9992-101941f88883",
      "x": "bhiyLllLv9M_N7nfCCTJitGmSRI7ARm0zsfcMfFgJBo",
      "y": "DvbJeAlU-4HJ9Ap4mYIkynQOSCtzjzk4TsxnQ2XN6oI"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "a0733a31-816f-4fa3-a4bd-7eff3a7afc4d",
      "x": "mXk6P1E38tZTlLnTNL0fteMgDUXjSn7YCMAnOegYjcw",
      "y": "9k5z79Ms31al2VIc4eiWdrqDWISXm6Tfy1SUvBvXRho"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "61d6d64e-6be5-40bb-8a8d-eb70bf254394",
      "x": "XgTx2GRhDxaifKtv8K9pB3Ay8fX57PdmgnIZIiv497M",
      "y": "O8DcDeI9vNPZHRh5ueW3g4Vt2aegLJ3U-mJUS39MYi8"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "e3b4f401-4d44-4045-8551-0273a5640bb1",
      "x": "sS1h5fkW5d0iU5zWxYYk9yTi9H7IsSkl60HiSBBUNXU"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "28b9e951-c56b-4712-9bde-1dc0e20c41ee",
      "alg": "RSA-OAEP",
      "n": "oYqJjxJqdAe3Yx4QeYFhcMPDPPSLlfECbnd1K78bNMHhQRBsbYMU1ZYEuNsNcibr83CFckX9RnaJXZXGPzIAXg7JGonJjtPX4bL8z5avFHvzUhasCp5SUubCiXpvfUDZkq2k1K6V07__YhEbDEJnHx8Lt5ZVTOqxgOFCFLAkNAf4Dl92l9FszzIRl9QMHh9ZD6o7XCFUkcNyGm5T8IBV6uanaSr_EGKbH-2tXZxYIizlX8IbkqEpo-Q_z7aykqWSccUjpLVnztJc7ljhA7x9prfYvFwOkdQcJU6wehkC4ZWNi6WQuqNqZ97YIOsPlW0noHIx8dfpLYnxHc_o1ldSyQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "bd58299d-294c-49fd-8e05-ecbcbf71097d",
      "x": "mqVYISRnUQOUG5UufhptwqSlA2_XgDAkWZ9kDKVph4k",
      "y": "5GzGrW0zUx3LzHReWiBvuw9vCRhCg04kHuWG6hG_0YA",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:51:22 FINISHED
oidcc-client-test-invalid-sig-rs256
Test has run to completion
testmodule_result
PASSED
Test Results