Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:51:33 INFO
TEST-RUNNER
Test instance l2JycsdBaM6VJ1g created
baseUrl
https://www.certification.openid.net/test/l2JycsdBaM6VJ1g
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-nonce-invalid
2020-09-01 12:51:33 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/",
  "authorization_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/token",
  "jwks_uri": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:33
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/",
  "authorization_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/token",
  "jwks_uri": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:33
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "-iHFJCLqMDzq3x3gwvZiY8ahvHECpWoz3r7QJhGjNZQ3zP3PA1eprvHWtBJu6vNWNR27iYQOIkOXuuIgJ0dsIc0rkC3QOYzr11adUYJPPpYEW64SmtELUhHx88UEsgGCx39QsWLuVG3WBjjah5s57q9ZXCbCgIZ3oUiTJ11B6Sc",
      "kty": "RSA",
      "q": "9HwO1zkPb8r4ZM7_xPML_E3u6Pu6kgNoAhBl1KYJ6E1jvrsUzS1EVisIvVDj0U6VadH_rtlj_IUh-4Jt0cd7KnmzW1a_2ctdhai9Qqrcy56YzlWO3ZpXBfvNTxLCunhEncDsPmdpVtgzbUrRv1nOKJ8PCS9ZmIEO2T90gg2SMmk",
      "d": "4fOmpQ7fW9whWHKk8K3OxQJlhwEMfx9HrqAJxCujCNwg8s3e6ifAd4gNk3Soc1pA2WMQO-NS2akGf1AaPQ-qPFt3zhwpVegWO3lq4rzH0ZWXgq2KlfNoSN6ThpTzDNOv2qPtE_7bDWa3Anw9cp7xMJiAo1ohd97qn41lgHZVbmYIJSuKMJcQxx3871OxwoYjZ1BrUueM32RJrC7_ee0c8kpaaDqcHvqwl_6y5tIwnFPFkhvoEydgRM5az-s-ZE2mRR921K83OXQ-6WSjtg2Z2miqWR2KNb04Q6aI8EJiQarV3BXFt1TSZcgbz1-gTVrxkHrcRNCMimq-teXtJkwioQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "d9b603ae-edda-4be1-9fc9-a6f07c31f116",
      "qi": "5lcm57ZxICel8fyFzcroqneTecokD6Q36crIsivRzDzX92Dje6dXgH99P2luX0CQff6sxgDtknSLVtv1ky-zqlPpb2vBpt37sglOpO0_DGSHqoSR-P0-pqZWs8Sb5EssjaUKr3a9TR03g4946b5gJVBZlpQ2YMNkt4qIIr1D3tI",
      "dp": "btvEug1XaeW12wks8nusg7gnOpODrrhxIMnFCvpKMZbtXEcpFrwlkknQ9KIu0qbikEwLMBl9Aiae-s75nS8Ed76tDguf-8G_TQMwWk28vWpTqCZwTHlV4Rve9kFdoV8WDUEaDGRiaLz9XGiaQfvEI0tH-ZWcIsZ2At9diNbGPYU",
      "dq": "ygVBFiL2WIA1pMdPneTgAIo9YpOv5TufVCVMn9zbzvMz-sUIOUqwbyt8O0N-HNR8rkZyqn7EGkPAgt2R9YiKg9ywkkcqnMNo8isuyMn7TN4ukkEsnn0Mb8tUKYTtF7yNpnVmQWKeLr7UL_llPGLu8a4NdJ-Fv3jVVjsTAOxJ5BE",
      "n": "7uFmwhGtRMYdZ-UYu-3cLq_aYD_G6WjdV9qi19chFLgosqmSkCdstymbbnqJOL611l9NuY_huaEiGrz3AqSB_InAOjqGF3Ivzbcg-vwz9hxu8PsCHt2GuFyOckMwTM6i6v7VkjdAXdWD7qsvGUAmY0S3C01R0U2Oyla6X2lwY39-YnESrRRM5HmBBGkjNtRcrvcn_IwOQC3CkMGNsoAB67bWdKWOgA1DdSE7k3alF489M9grjQJmuWPrqKUw-xCKHCCXG37FkaM8OyAOqonf3i51Uox_OwGq8LoVu7xM6rB5Roe5hcAZh9_pvLn-pFWNLHrd8FDp-KnoaKWYEtA-_w"
    },
    {
      "kty": "EC",
      "d": "V7Nw2gP6WAIMZQes1DoD-na_nuwEcbL-JZNf7-N_WUw",
      "use": "sig",
      "crv": "P-256",
      "kid": "efa6e719-a6bd-42c1-ab98-5f13c5a2e9d1",
      "x": "h3kEowFVxiQW7D32BfHMfqMRGSysATAPreFSQxSQRKo",
      "y": "SH5mO8GtjppOaB3EQwfw2JZ_A9L5fz_sgVuajBN-F7I"
    },
    {
      "kty": "EC",
      "d": "ZD2Ua6OQJWkqN0tIq1qWpNmieKycAOTx40LBqnjF7eg",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "45d2f5a2-2c5e-489b-8c1e-368f6648a77d",
      "x": "3sKM8SKYNeGmHfqyAeh9Da9uLOUAmvMzAQHxwsp9LMQ",
      "y": "aHA7Tab71lw-3dGfaso8jvA2d0Jugp5gaFF-1VBOxC4"
    },
    {
      "kty": "OKP",
      "d": "sCaMse07OAe7Yj1COQNCPbYylfXGGSAr6j8qxy3l2yo",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "07ac6141-95a6-4759-b249-c0cee0ec9f83",
      "x": "hX9WdYkzJrC7LE_qIECbRLuK9BhKLUla9Prr-xHOo8Y"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "1TMK-O8ZX-TSjvvjvwNICNgKTsrL_4UEyqwYeOzKjOkKlpZA5dTxjHLv8Cy-r4kouoIaJWNVtNW-2QuyC5E8LW2gkE4QFbW7RiMKWMIjRrD1LoO_dAuTSBZuayoGQVjfYMwWLhHUBGgYeWvA1WYP5TrdGNViHn8dTOxzJUScK48",
      "kty": "RSA",
      "q": "qFR0E4mcSY8baKY2Ygq4IJhG3r8YmtewGRJIxm4R07SIda7_6LmXgcURurwl7u6uFjeCsuSpiouIlOGv9TxhPLB5SBik5vdqHDrt6WEPLDUSo1ErbXQIqt15K49OpWxKuYfr3sUS6kgNQo1ngPRGXY5eBI_0eVOQYQPazw0qDkk",
      "d": "J3CVevBf6zeZsNvS8m4SseMAY7gvQahnnRhXD3YSas9W3QxCaGtyQevp1NGuYZfSQOdNTR1tFQhTQOHs3o195-m4a7BuBakFM8RUiqhDCnsh8fhomlDxYEMkCJ8FnwFCBXO0hvqurp8Ir3n4e8tGvZgZVZWoTzdxS62CmxxEpfckTMj_6nkLnxuWrCNyO8PNZDIReL_HiKIduQQo_KWm8swChZzG_4TCj6EpGOumrd7rtIQhz-yhyRx-XFrg7B2tPQZ-ktOlZmcaTJD5Vh7Zgq5-ipEWUG06EzHl13uAPfBMu3DhPThwwZlhHhh1EcE7GvO4ApBGhi8kWoIv4xaXoQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "5b911f31-bc33-49fd-98a5-34b3d58e4210",
      "qi": "uXXVyV-iK0VDO7LY64RxtkR621rugax_LL73YbzPloWqm6saI5eJjp5nYUt5OYDIPUaQZVmSKYxtFNsJbMvPUT2uPkV3N3loeErUqlW4uBFza2SMEOvSi_R6Q6q_ZoKa9zFSl0IKo_oD8-cyLSXd6M29SVrGolx4XFuFEpha1D4",
      "dp": "iksM0ALQc9qLFoKf7ZRkUpBIx2lWwE15mTneufnnPVYhLyMRv8PMV21q5GEx481VpP2lliEEREPuAv5KJKS140XcRB7O4jY63zj1ijOMDFvW_rApLU4g4D7kqxDcc-EBLNnVfVbFL4KSdZiGwiXtI6V2K5imh9-ukupBmqgRoVM",
      "alg": "RSA-OAEP",
      "dq": "eGegd_Ew57UDqAFsWQjN2BLUbrRGR0wM3IIlqDpHaiVyjqtUxgUrCFoMaoP2pkf4IlAmnwvM8hsI4WXl1QcRjrW0qwtluQg00GiekRcqITb9U_DVnX8oTAALkkr5uH4TnU5KO5jABPDw-y_mX2lbg8Q4IA9QkhBh7-Mv-nayJHE",
      "n": "jC_Unlz0MU-DtqfxUFlgG2dNtPoSL7O1i4mKbKWjitcesJjU4nO4w7BM38D0MC57lLkjE-R74flIsAO-zj5RxUqsvbpTAIOp309Itlc3qKtzOlG7OhX9EsBGXNh17ygVpEar0I9dg_P-iQw-1l8PUAqJiL896J2C6tn19NJC9CVJtjiqKbFxQETMD23igi9-8Euz7ERot6T0jzoX9ljNsoZ8rFIruZnwpoWwtutxzzGrM6BSDEXNzWL3-jqsLYlUKYm4UaIw06P2wjRujg3C3bMykKEHOryAPvaSDNnTmhpIssb-2GzHAdEwO9MMRNICpI9SsB-ZKYjPXg3Xg2A9xw"
    },
    {
      "kty": "EC",
      "d": "kTgBnwqNk0KS6uog3EjuoQIS7-izgnlSbfEawmB3W_s",
      "use": "enc",
      "crv": "P-256",
      "kid": "9e7b134e-1432-4152-8ace-1d354738c9f2",
      "x": "u3y39dY3T2eZKd8ozz-tjjUccAjAkK_F2DKVx9nPaEI",
      "y": "W5FvLZnPk19xlvm6Jl5jeSW6PCWqhAZ4YjP4fbf3LBE",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "d9b603ae-edda-4be1-9fc9-a6f07c31f116",
      "n": "7uFmwhGtRMYdZ-UYu-3cLq_aYD_G6WjdV9qi19chFLgosqmSkCdstymbbnqJOL611l9NuY_huaEiGrz3AqSB_InAOjqGF3Ivzbcg-vwz9hxu8PsCHt2GuFyOckMwTM6i6v7VkjdAXdWD7qsvGUAmY0S3C01R0U2Oyla6X2lwY39-YnESrRRM5HmBBGkjNtRcrvcn_IwOQC3CkMGNsoAB67bWdKWOgA1DdSE7k3alF489M9grjQJmuWPrqKUw-xCKHCCXG37FkaM8OyAOqonf3i51Uox_OwGq8LoVu7xM6rB5Roe5hcAZh9_pvLn-pFWNLHrd8FDp-KnoaKWYEtA-_w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "dd038049-b45f-4ba5-9226-105aebcda297",
      "n": "gc2g2SP3kkg4Fk69TurWAs9VU6j8SwOi7WfqK1TrdrbNAQtd2JYkAFNGeAEhyC8GPltZ07ReEWrQXbS1GUkLakPz6MKjBUy6c1zwgLYl36XztVDxpwsI9jdq640ZrWJezevI5mVWZIH5fnM_pKLqhgng52f5ZCZafVXwG_8gxu6DCsVHX-9qlh9F60ZHpH0ItFSyoyxa-zhc8y8OCkrVn2NxzWm8vZZZ7mtO52NnypCaAQnmy9-ZByQAg_BCg06dW-6RtA1a3M9EfZV2Rvx1bRnDPK-Cg0UT3aCD5vlzf4RiRzOgoiUJk7dbWScI2pF8SPAlHHFnaDecSki_8Bp9Aw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "efa6e719-a6bd-42c1-ab98-5f13c5a2e9d1",
      "x": "h3kEowFVxiQW7D32BfHMfqMRGSysATAPreFSQxSQRKo",
      "y": "SH5mO8GtjppOaB3EQwfw2JZ_A9L5fz_sgVuajBN-F7I"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "5b301954-90fe-496f-bb3a-f78cd5a33409",
      "x": "dJteaEYYdM8qe-95ynnUCiJNfEeYv35UqCnOHfqgkos",
      "y": "b8GLBvlOCAgUdRAVhETvJfaFH0uSFE-eLh3PrLuu2b8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "45d2f5a2-2c5e-489b-8c1e-368f6648a77d",
      "x": "3sKM8SKYNeGmHfqyAeh9Da9uLOUAmvMzAQHxwsp9LMQ",
      "y": "aHA7Tab71lw-3dGfaso8jvA2d0Jugp5gaFF-1VBOxC4"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "07ac6141-95a6-4759-b249-c0cee0ec9f83",
      "x": "hX9WdYkzJrC7LE_qIECbRLuK9BhKLUla9Prr-xHOo8Y"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "5b911f31-bc33-49fd-98a5-34b3d58e4210",
      "alg": "RSA-OAEP",
      "n": "jC_Unlz0MU-DtqfxUFlgG2dNtPoSL7O1i4mKbKWjitcesJjU4nO4w7BM38D0MC57lLkjE-R74flIsAO-zj5RxUqsvbpTAIOp309Itlc3qKtzOlG7OhX9EsBGXNh17ygVpEar0I9dg_P-iQw-1l8PUAqJiL896J2C6tn19NJC9CVJtjiqKbFxQETMD23igi9-8Euz7ERot6T0jzoX9ljNsoZ8rFIruZnwpoWwtutxzzGrM6BSDEXNzWL3-jqsLYlUKYm4UaIw06P2wjRujg3C3bMykKEHOryAPvaSDNnTmhpIssb-2GzHAdEwO9MMRNICpI9SsB-ZKYjPXg3Xg2A9xw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "9e7b134e-1432-4152-8ace-1d354738c9f2",
      "x": "u3y39dY3T2eZKd8ozz-tjjUccAjAkK_F2DKVx9nPaEI",
      "y": "W5FvLZnPk19xlvm6Jl5jeSW6PCWqhAZ4YjP4fbf3LBE",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:51:33 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:51:33 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:51:33 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:51:33 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:51:33
oidcc-client-test-nonce-invalid
Setup Done
2020-09-01 12:51:33 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance l2JycsdBaM6VJ1g
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:51:33 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance l2JycsdBaM6VJ1g
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/",
  "authorization_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/token",
  "jwks_uri": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:51:34 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance l2JycsdBaM6VJ1g
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "181",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:51:34 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:51:34 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:51:34 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code id_token"
]
2020-09-01 12:51:34 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:34 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:51:34 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:51:34 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:51:34 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:51:34 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:51:34 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:51:34 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:51:34 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:34 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:51:34 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:51:34 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:51:34 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:51:34 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:51:34 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:51:34 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:51:34 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:51:34 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:51:34 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:51:34 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ZQTmVZTMVqpPglW89572),}/^"
}
2020-09-01 12:51:34
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_pfyOJCYIRPHQcAQQrbWoPHuxCAHhAiAgUgJFjMtEjkxJzrhFfq4403500976)'];.
2020-09-01 12:51:34 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:51:34 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ZQTmVZTMVqpPglW89572),}/^",
  "client_secret": "secret_pfyOJCYIRPHQcAQQrbWoPHuxCAHhAiAgUgJFjMtEjkxJzrhFfq4403500976)\u0027];."
}
2020-09-01 12:51:34 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:51:34 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:51:34
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:51:34 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance l2JycsdBaM6VJ1g
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ZQTmVZTMVqpPglW89572),}/^",
  "client_secret": "secret_pfyOJCYIRPHQcAQQrbWoPHuxCAHhAiAgUgJFjMtEjkxJzrhFfq4403500976)\u0027];.",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:51:34 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance l2JycsdBaM6VJ1g
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_ZQTmVZTMVqpPglW89572),}/^",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "N7fvhZ1dCgsZkPhWaSlavUWkAZPJrzt7MlhFuoqgmUg",
  "nonce": "0u6RbsJOxGh8BCXCv1rq9Fen8ROIrRQMPXrq1GvbSlQ",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:51:34 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:51:34 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:34 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_ZQTmVZTMVqpPglW89572),}/^",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "N7fvhZ1dCgsZkPhWaSlavUWkAZPJrzt7MlhFuoqgmUg",
  "nonce": "0u6RbsJOxGh8BCXCv1rq9Fen8ROIrRQMPXrq1GvbSlQ",
  "response_mode": "form_post"
}
2020-09-01 12:51:34 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:51:34 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
0u6RbsJOxGh8BCXCv1rq9Fen8ROIrRQMPXrq1GvbSlQ
2020-09-01 12:51:34 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2020-09-01 12:51:34 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_ZQTmVZTMVqpPglW89572),}/^
2020-09-01 12:51:34 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:34 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:34 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:51:34 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
ykoTl1DvjH
2020-09-01 12:51:34 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
fOmn2lWfje1PMzRiIxDk6g
2020-09-01 12:51:34 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/
sub
user-subject-1234531
aud
client_ZQTmVZTMVqpPglW89572),}/^
nonce
0u6RbsJOxGh8BCXCv1rq9Fen8ROIrRQMPXrq1GvbSlQ
iat
1598964694
exp
1598964994
2020-09-01 12:51:34 SUCCESS
AddInvalidNonceValueToIdToken
Added invalid nonce to ID token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/",
  "sub": "user-subject-1234531",
  "aud": "client_ZQTmVZTMVqpPglW89572),}/^",
  "nonce": "0u6RbsJOxGh8BCXCv1rq9Fen8ROIrRQMPXrq1GvbSlQ1",
  "iat": 1598964694,
  "exp": 1598964994
}
nonce
0u6RbsJOxGh8BCXCv1rq9Fen8ROIrRQMPXrq1GvbSlQ1
2020-09-01 12:51:34 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
fOmn2lWfje1PMzRiIxDk6g
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/l2JycsdBaM6VJ1g/",
  "sub": "user-subject-1234531",
  "aud": "client_ZQTmVZTMVqpPglW89572),}/^",
  "nonce": "0u6RbsJOxGh8BCXCv1rq9Fen8ROIrRQMPXrq1GvbSlQ1",
  "iat": 1598964694,
  "exp": 1598964994,
  "c_hash": "fOmn2lWfje1PMzRiIxDk6g"
}
2020-09-01 12:51:34 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-09-01 12:51:34 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJkOWI2MDNhZS1lZGRhLTRiZTEtOWZjOS1hNmYwN2MzMWYxMTYiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9aUVRtVlpUTVZxcFBnbFc4OTU3MiksfVwvXiIsImNfaGFzaCI6ImZPbW4ybFdmamUxUE16UmlJeERrNmciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvbDJKeWNzZEJhTTZWSjFnXC8iLCJleHAiOjE1OTg5NjQ5OTQsIm5vbmNlIjoiMHU2UmJzSk94R2g4QkNYQ3YxcnE5RmVuOFJPSXJSUU1QWHJxMUd2YlNsUTEiLCJpYXQiOjE1OTg5NjQ2OTR9.AJe3BU5edtdT0AVxjigXcAb8DjFSVaVN9XapDqZFB_O4hX3mfH9bneAv5ak98nWTEgqH9Z6kzKAxGjpVWOca-efQWNZPlwYbDjZFKdXH5ta0StW39qXn0sOwqabdk_wE5d31xfrNHeHDRj6aoiL0osgaGzyqOkxLWxTeJNypiseWiyVl84cSOM4cZ4P26AtaWw_e1SnLyxei2fRCN3-rGrwvYiYNV8XdGcZKtLILuCh2H4Ra9WfoxyaocZOr-ihDQIGg9foimj4tx2sfl2PV_GCy_R1DhTf3Q_sezf0KTfn8k99Fc6kuclJnsyUrBuSxYmJDi9CMruaSz4hul5--JQ
key
{"p":"-iHFJCLqMDzq3x3gwvZiY8ahvHECpWoz3r7QJhGjNZQ3zP3PA1eprvHWtBJu6vNWNR27iYQOIkOXuuIgJ0dsIc0rkC3QOYzr11adUYJPPpYEW64SmtELUhHx88UEsgGCx39QsWLuVG3WBjjah5s57q9ZXCbCgIZ3oUiTJ11B6Sc","kty":"RSA","q":"9HwO1zkPb8r4ZM7_xPML_E3u6Pu6kgNoAhBl1KYJ6E1jvrsUzS1EVisIvVDj0U6VadH_rtlj_IUh-4Jt0cd7KnmzW1a_2ctdhai9Qqrcy56YzlWO3ZpXBfvNTxLCunhEncDsPmdpVtgzbUrRv1nOKJ8PCS9ZmIEO2T90gg2SMmk","d":"4fOmpQ7fW9whWHKk8K3OxQJlhwEMfx9HrqAJxCujCNwg8s3e6ifAd4gNk3Soc1pA2WMQO-NS2akGf1AaPQ-qPFt3zhwpVegWO3lq4rzH0ZWXgq2KlfNoSN6ThpTzDNOv2qPtE_7bDWa3Anw9cp7xMJiAo1ohd97qn41lgHZVbmYIJSuKMJcQxx3871OxwoYjZ1BrUueM32RJrC7_ee0c8kpaaDqcHvqwl_6y5tIwnFPFkhvoEydgRM5az-s-ZE2mRR921K83OXQ-6WSjtg2Z2miqWR2KNb04Q6aI8EJiQarV3BXFt1TSZcgbz1-gTVrxkHrcRNCMimq-teXtJkwioQ","e":"AQAB","use":"sig","kid":"d9b603ae-edda-4be1-9fc9-a6f07c31f116","qi":"5lcm57ZxICel8fyFzcroqneTecokD6Q36crIsivRzDzX92Dje6dXgH99P2luX0CQff6sxgDtknSLVtv1ky-zqlPpb2vBpt37sglOpO0_DGSHqoSR-P0-pqZWs8Sb5EssjaUKr3a9TR03g4946b5gJVBZlpQ2YMNkt4qIIr1D3tI","dp":"btvEug1XaeW12wks8nusg7gnOpODrrhxIMnFCvpKMZbtXEcpFrwlkknQ9KIu0qbikEwLMBl9Aiae-s75nS8Ed76tDguf-8G_TQMwWk28vWpTqCZwTHlV4Rve9kFdoV8WDUEaDGRiaLz9XGiaQfvEI0tH-ZWcIsZ2At9diNbGPYU","dq":"ygVBFiL2WIA1pMdPneTgAIo9YpOv5TufVCVMn9zbzvMz-sUIOUqwbyt8O0N-HNR8rkZyqn7EGkPAgt2R9YiKg9ywkkcqnMNo8isuyMn7TN4ukkEsnn0Mb8tUKYTtF7yNpnVmQWKeLr7UL_llPGLu8a4NdJ-Fv3jVVjsTAOxJ5BE","n":"7uFmwhGtRMYdZ-UYu-3cLq_aYD_G6WjdV9qi19chFLgosqmSkCdstymbbnqJOL611l9NuY_huaEiGrz3AqSB_InAOjqGF3Ivzbcg-vwz9hxu8PsCHt2GuFyOckMwTM6i6v7VkjdAXdWD7qsvGUAmY0S3C01R0U2Oyla6X2lwY39-YnESrRRM5HmBBGkjNtRcrvcn_IwOQC3CkMGNsoAB67bWdKWOgA1DdSE7k3alF489M9grjQJmuWPrqKUw-xCKHCCXG37FkaM8OyAOqonf3i51Uox_OwGq8LoVu7xM6rB5Roe5hcAZh9_pvLn-pFWNLHrd8FDp-KnoaKWYEtA-_w"}
algorithm
RS256
2020-09-01 12:51:34 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:34 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "N7fvhZ1dCgsZkPhWaSlavUWkAZPJrzt7MlhFuoqgmUg"
}
2020-09-01 12:51:34 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "N7fvhZ1dCgsZkPhWaSlavUWkAZPJrzt7MlhFuoqgmUg",
  "code": "ykoTl1DvjH"
}
2020-09-01 12:51:34 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "N7fvhZ1dCgsZkPhWaSlavUWkAZPJrzt7MlhFuoqgmUg",
  "code": "ykoTl1DvjH",
  "id_token": "eyJraWQiOiJkOWI2MDNhZS1lZGRhLTRiZTEtOWZjOS1hNmYwN2MzMWYxMTYiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9aUVRtVlpUTVZxcFBnbFc4OTU3MiksfVwvXiIsImNfaGFzaCI6ImZPbW4ybFdmamUxUE16UmlJeERrNmciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvbDJKeWNzZEJhTTZWSjFnXC8iLCJleHAiOjE1OTg5NjQ5OTQsIm5vbmNlIjoiMHU2UmJzSk94R2g4QkNYQ3YxcnE5RmVuOFJPSXJSUU1QWHJxMUd2YlNsUTEiLCJpYXQiOjE1OTg5NjQ2OTR9.AJe3BU5edtdT0AVxjigXcAb8DjFSVaVN9XapDqZFB_O4hX3mfH9bneAv5ak98nWTEgqH9Z6kzKAxGjpVWOca-efQWNZPlwYbDjZFKdXH5ta0StW39qXn0sOwqabdk_wE5d31xfrNHeHDRj6aoiL0osgaGzyqOkxLWxTeJNypiseWiyVl84cSOM4cZ4P26AtaWw_e1SnLyxei2fRCN3-rGrwvYiYNV8XdGcZKtLILuCh2H4Ra9WfoxyaocZOr-ihDQIGg9foimj4tx2sfl2PV_GCy_R1DhTf3Q_sezf0KTfn8k99Fc6kuclJnsyUrBuSxYmJDi9CMruaSz4hul5--JQ"
}
2020-09-01 12:51:34 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance l2JycsdBaM6VJ1g
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"N7fvhZ1dCgsZkPhWaSlavUWkAZPJrzt7MlhFuoqgmUg","code":"ykoTl1DvjH","id_token":"eyJraWQiOiJkOWI2MDNhZS1lZGRhLTRiZTEtOWZjOS1hNmYwN2MzMWYxMTYiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9aUVRtVlpUTVZxcFBnbFc4OTU3MiksfVwvXiIsImNfaGFzaCI6ImZPbW4ybFdmamUxUE16UmlJeERrNmciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvbDJKeWNzZEJhTTZWSjFnXC8iLCJleHAiOjE1OTg5NjQ5OTQsIm5vbmNlIjoiMHU2UmJzSk94R2g4QkNYQ3YxcnE5RmVuOFJPSXJSUU1QWHJxMUd2YlNsUTEiLCJpYXQiOjE1OTg5NjQ2OTR9.AJe3BU5edtdT0AVxjigXcAb8DjFSVaVN9XapDqZFB_O4hX3mfH9bneAv5ak98nWTEgqH9Z6kzKAxGjpVWOca-efQWNZPlwYbDjZFKdXH5ta0StW39qXn0sOwqabdk_wE5d31xfrNHeHDRj6aoiL0osgaGzyqOkxLWxTeJNypiseWiyVl84cSOM4cZ4P26AtaWw_e1SnLyxei2fRCN3-rGrwvYiYNV8XdGcZKtLILuCh2H4Ra9WfoxyaocZOr-ihDQIGg9foimj4tx2sfl2PV_GCy_R1DhTf3Q_sezf0KTfn8k99Fc6kuclJnsyUrBuSxYmJDi9CMruaSz4hul5--JQ"}}]
outgoing_path
authorize
2020-09-01 12:51:35 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance l2JycsdBaM6VJ1g
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:51:35 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance l2JycsdBaM6VJ1g
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "d9b603ae-edda-4be1-9fc9-a6f07c31f116",
      "n": "7uFmwhGtRMYdZ-UYu-3cLq_aYD_G6WjdV9qi19chFLgosqmSkCdstymbbnqJOL611l9NuY_huaEiGrz3AqSB_InAOjqGF3Ivzbcg-vwz9hxu8PsCHt2GuFyOckMwTM6i6v7VkjdAXdWD7qsvGUAmY0S3C01R0U2Oyla6X2lwY39-YnESrRRM5HmBBGkjNtRcrvcn_IwOQC3CkMGNsoAB67bWdKWOgA1DdSE7k3alF489M9grjQJmuWPrqKUw-xCKHCCXG37FkaM8OyAOqonf3i51Uox_OwGq8LoVu7xM6rB5Roe5hcAZh9_pvLn-pFWNLHrd8FDp-KnoaKWYEtA-_w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "dd038049-b45f-4ba5-9226-105aebcda297",
      "n": "gc2g2SP3kkg4Fk69TurWAs9VU6j8SwOi7WfqK1TrdrbNAQtd2JYkAFNGeAEhyC8GPltZ07ReEWrQXbS1GUkLakPz6MKjBUy6c1zwgLYl36XztVDxpwsI9jdq640ZrWJezevI5mVWZIH5fnM_pKLqhgng52f5ZCZafVXwG_8gxu6DCsVHX-9qlh9F60ZHpH0ItFSyoyxa-zhc8y8OCkrVn2NxzWm8vZZZ7mtO52NnypCaAQnmy9-ZByQAg_BCg06dW-6RtA1a3M9EfZV2Rvx1bRnDPK-Cg0UT3aCD5vlzf4RiRzOgoiUJk7dbWScI2pF8SPAlHHFnaDecSki_8Bp9Aw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "efa6e719-a6bd-42c1-ab98-5f13c5a2e9d1",
      "x": "h3kEowFVxiQW7D32BfHMfqMRGSysATAPreFSQxSQRKo",
      "y": "SH5mO8GtjppOaB3EQwfw2JZ_A9L5fz_sgVuajBN-F7I"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "5b301954-90fe-496f-bb3a-f78cd5a33409",
      "x": "dJteaEYYdM8qe-95ynnUCiJNfEeYv35UqCnOHfqgkos",
      "y": "b8GLBvlOCAgUdRAVhETvJfaFH0uSFE-eLh3PrLuu2b8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "45d2f5a2-2c5e-489b-8c1e-368f6648a77d",
      "x": "3sKM8SKYNeGmHfqyAeh9Da9uLOUAmvMzAQHxwsp9LMQ",
      "y": "aHA7Tab71lw-3dGfaso8jvA2d0Jugp5gaFF-1VBOxC4"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "07ac6141-95a6-4759-b249-c0cee0ec9f83",
      "x": "hX9WdYkzJrC7LE_qIECbRLuK9BhKLUla9Prr-xHOo8Y"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "5b911f31-bc33-49fd-98a5-34b3d58e4210",
      "alg": "RSA-OAEP",
      "n": "jC_Unlz0MU-DtqfxUFlgG2dNtPoSL7O1i4mKbKWjitcesJjU4nO4w7BM38D0MC57lLkjE-R74flIsAO-zj5RxUqsvbpTAIOp309Itlc3qKtzOlG7OhX9EsBGXNh17ygVpEar0I9dg_P-iQw-1l8PUAqJiL896J2C6tn19NJC9CVJtjiqKbFxQETMD23igi9-8Euz7ERot6T0jzoX9ljNsoZ8rFIruZnwpoWwtutxzzGrM6BSDEXNzWL3-jqsLYlUKYm4UaIw06P2wjRujg3C3bMykKEHOryAPvaSDNnTmhpIssb-2GzHAdEwO9MMRNICpI9SsB-ZKYjPXg3Xg2A9xw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "9e7b134e-1432-4152-8ace-1d354738c9f2",
      "x": "u3y39dY3T2eZKd8ozz-tjjUccAjAkK_F2DKVx9nPaEI",
      "y": "W5FvLZnPk19xlvm6Jl5jeSW6PCWqhAZ4YjP4fbf3LBE",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:51:36 FINISHED
oidcc-client-test-nonce-invalid
Test has run to completion
testmodule_result
PASSED
Test Results