Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:50:01 INFO
TEST-RUNNER
Test instance Tvz82eaNmZKIhvO created
baseUrl
https://www.certification.openid.net/test/Tvz82eaNmZKIhvO
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
vvcwgQI1komVg
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-scope-userinfo-claims
2020-09-01 12:50:01 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/",
  "authorization_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/token",
  "jwks_uri": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:50:01
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/",
  "authorization_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/token",
  "jwks_uri": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:50:03
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "zg0e09_44FBCW8QrQ6DvGZ_Qvty6n9LMJbsHg5MnyEgDnI96hr0lvuyPjKI3Xzl2pXU0X2KwZvKUTsnyrLDzVkWBxNSsbsukBBBlMUTJPZ_UVGS4K3vaYJoSx-nt7NITGRBygm-bs8SUoJJrQ0xqqmPXgBA5Lf6cM8WVY3FcrNE",
      "kty": "RSA",
      "q": "t0Tr2TOYc3qVWFSHBxtSpeZaMPtjdZ-NaspnTlWkyCzEzrqTUf3rsLs2Bl5suj9I_23QksSizmhHuk5WtA4Ai83ya7iEAOTMyJNpoyW0By-Dz91MxlfZd7Otk_a8ZnxIvUew5vuw4OeI8rqqiCn3Lvsi0nCMUgmRt3Cfexmah4M",
      "d": "P6Q99r0g7kBsiAI_6zyOhtz0GuRLi22TSKGp8a6Nv3n1ScKpr7XPhe76RZrneMSrct6IUr2tuJowVwH86ONTvb0BNYc6N_t9dbEqSYFwJga0xuiwOv-BNtkWLDgSUjHmL7fHXH0XkT5ncjQv8gFkKodYtXxDE6_n-OkCSF9uzmHx52jVVQJnOKoHH7-d45DLHAIUUrsevFCX0_KFMnVrzWTg--8IccYmTj05hF7JKFcvbOMEzSOElIyDacbwRj6GjulQA6129cDRYjuvYVeQ4qFljqcXLrc8KuXkNi1jy0jfcZQClOoIvQu14Y4AB4gzN_bEuBuL7c0-fgJHp4fK4Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "500c40ce-c3ac-439b-beb3-8b879be582e2",
      "qi": "eLc9hP6vzKCE3KbaQzzd937L0vw-aeRQOxk-khVPSFvsYdkJxXQYNz9rnd_XjsqBLnk9qZKRUkcMaQ0y5e5m4DnyF68ixSL_QEVX4EXJY9E_t_ZsmXPhuVHcGM-kKRZ5KIp_J_PXDLlnnqqWSNIN1p0vjuuW0XJQBuSMr2-L0dM",
      "dp": "kHGWKMUbfHQG8LmF8rTAqF_mP8YQdbWaMuD3lX71JmuFTJ0wMYArE7pVryqQUoq_56FQA4X1T1XCLbFYE0NAcjvrioXkEw9ifQ7ZQT6NLEv81uR8Ts9V-N5JSCdvCNMDXFCxVUrUBaNK5X1_AABzzdqL2VSGIP4ZlhlubfWsF-E",
      "dq": "jHvjgpq_aP31j0E0RGlYYF2Ek3mQkzCcGdlPeUfDScKvlnyEw1wumEnZruYg2F_8l_hY4riiyDA9k33LjrgRCRn0k0hcv8ajh7kgR_R13PA6TVOpL31V8SEllH-VicYJiDZ1T4pt2ukBHHekkz4AAd52ofOuTJCTR5eoWJeW0fs",
      "n": "k4LaWoNVWIhXWzUVIuOdIDM8ZbvPSY4k59yatSx6EL9DIeNwWojoGraxMNapEfks4E1QM8U53cHYHoPFLOsw0cSv7Drrs_ZhMhU9hw4YBjf_LoFWMx252nJu0FnyWV1EncYHQ4BNxr4e6mcuE8SNrNzDpRt3NnNA5Z3du_v4_ZhoPhD7_TYMMcdugYLyFLX9GR1i2siL4pguzpeCeE89-SFi8JnzW0q67JrGKaGDzV6qT42H3vNlqtVxpK4cyepIvhVJH7H8WmYpiKDujg_PDBSlcJuQfIIC0nuMy-_w3BYFGlcceBRvJP1XvNiINvGBcNBfXhaYt1RNE_i2QEil8w"
    },
    {
      "kty": "EC",
      "d": "Ho25aTmICw8Fx7IZ9ENPt-j2kqNOn9IfoZeTC-z3VMk",
      "use": "sig",
      "crv": "P-256",
      "kid": "60f9d741-4b01-4713-90c5-75f48be078ae",
      "x": "Y_CLD3Wa8xCYrbPRl7lntvnWyp8SioneT704R2O5UHU",
      "y": "pg2b8wWPll5qSuXxIcsps1J9smzwehnd0Xo5_WLS-lw"
    },
    {
      "kty": "EC",
      "d": "LjTNUxLVNqXzNvdGM08zZ7dct0vVyN_fA91OYaIV724",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "0d3a94af-becc-4b77-b8cc-b1c0bff53a50",
      "x": "QsV34LNCgdA58lsNPOrxdrVxjYLNSZVRpCre88PK3SM",
      "y": "vivk4GGYcxwQVmMg3B93T22wbl8lAg-4xBO__CvS0ws"
    },
    {
      "kty": "OKP",
      "d": "qcrUFki-T8-iNUpbPTE8wnWItD3otAlUnjk2WyyQ4h8",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "0b223815-1783-44fd-b046-49a60bd18e24",
      "x": "wSOuM-ulp8kKkAshrsk0sexenfQxrIZqbG8L-1LVEVE"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "23Z4DJOkIQONkXfjUONBNcui5bDd2J1htG6fCE7bZNRGRm1107s1og5_JMRJUyAvZpOJehR_s4rfkFavVEFUVSHPk9V_8ePQ9a8EHs-rWS1InBSVNrjuywekj6qJhphHEBPgpIVJdgVOALaNN4JT0_vQc2ItFCWJgM4eLEG4bxk",
      "kty": "RSA",
      "q": "sXfrUzWhnm2PUfw9qCZrKS4Q2kQjlAlBiOwDmuyuIhuwoxgtBvxDTgdRApcdDkCxBxrZdmtET8-oQTmmCQjvDUlQrq8jAFHMSLIBaCRsMkuGDkkOsNuWvzFc74BBDqfbbRikH6uJhysGOvmfbsdLq3uMx6-punFIonW7QhEgp6s",
      "d": "EJpVKPI4G-q3D5SiTbNYw6xaue4gWp75sbmGY9txyD1jSnUtDOfAO7mF7dgzzVBGbM8ueHRJ8zAD2raIYqj4pH52EhU364Vh2KL73KZf8wx6c8RfCu7Qpj5mg9dWUXkTM-zhg1LWxUuGu6BlbaSkoUPps9fJjmoO8gAimOiEOsgyJTqK-QedhhmRr9VqoeWa1PWgJEM6tByyLq6-JZhthe1z-z56PR2lrHXGFKymZ2wqS7ufwFP6UbrtCuYbFd7KEUIEYgVk6VMAsrYLf0d0RLXnAxchd4kgCObavhu6ic10SGRicSjGfXoNbeCV26u9ABKcEKtPLItK7tZJI95hAQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "d0f1055b-d04f-4204-acc6-b345bfb08495",
      "qi": "g5aWPra7BgI7fZwaDbLKvPbOL6V-X2BTBQ4eq-gvSlu0gqmV9h1gZKnAGm1o6tbrvl4VtlYINukORmuWBq7L_2w2Q-qF-bhUSqut4-UQs5Vx8S5JiUb-rq3rDmZCtzWMfMedz5O_htHJl_BMYXGCD0DjPkXkrP3cKCNBvj-gYRQ",
      "dp": "YVOAmdNADoQM3F5WqSCfYsQUUdjGCbKCCgqk7IJMOcMKB2Gzx1pWxq-3Iw8JlZvIaa00YreEipMj4lcPGkZ-p-J-tAkS3KszmEEtipx-WOYENXPLWKFbBR82k6AFrXMK0M5_6XZSxcxEc3yB1AQwOOqL3x_C7hRXjo_aQbZDnME",
      "alg": "RSA-OAEP",
      "dq": "ee0rznVQXqpjBy7HpZkPkrFFfs_FqdVaIxoTuALX-DMR_luDxALYsukv7RmpKrujZIA727ICstq2fGmA-0AaDQTL29gTsgqA0YkKkmRDuaJNrc7fuv6C6USe1yVEjS8iACgnymJuEGGs3CPYN6HRCTXPGPpFIATopEVCrDdcOhU",
      "n": "mCO2z5WDp-d67YTveZ25zu4wVRPXFAVPDwFvlYrMA_qvh3Y_En-ceTC9Qctesa9h1Bos8cf19Xmqelu-d76LE7nvaTWeqpHyLyKGABR-59GFcxJtXLOr_j90Vvl9vPi44IENwJXWe8lzXsB3oCVOrB4sYEShua-5_RqCVANVc5CeBS2MAzVft89HcPJirXnbDuifGA-0gIf5m_T-csCeXAa63xECpgAyTuu8D-Z9ljr6RvA8hjLtOO23bYLSjQz5nWJSss2TGB3jheqLucgQxnydg_H0tGZP4Q46DBjH2MLHQyoYAR5JlSUWvv5k3XBGC65quMLBsq94Y2RPwsuEsw"
    },
    {
      "kty": "EC",
      "d": "joG8dfJ0ctMR3MaQlfnWl7GA_xxKy0IOEU-EfeckM_o",
      "use": "enc",
      "crv": "P-256",
      "kid": "f8836553-d667-408d-a17d-2f791fb4a0b5",
      "x": "J566QZwp_Ndfq3wJC0BScUoklL-qX8trCrlF3pc0nns",
      "y": "RBQeWtuBFji_ksA9tcZ0XGUDkggkmo87eorMrP8r1Xs",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "500c40ce-c3ac-439b-beb3-8b879be582e2",
      "n": "k4LaWoNVWIhXWzUVIuOdIDM8ZbvPSY4k59yatSx6EL9DIeNwWojoGraxMNapEfks4E1QM8U53cHYHoPFLOsw0cSv7Drrs_ZhMhU9hw4YBjf_LoFWMx252nJu0FnyWV1EncYHQ4BNxr4e6mcuE8SNrNzDpRt3NnNA5Z3du_v4_ZhoPhD7_TYMMcdugYLyFLX9GR1i2siL4pguzpeCeE89-SFi8JnzW0q67JrGKaGDzV6qT42H3vNlqtVxpK4cyepIvhVJH7H8WmYpiKDujg_PDBSlcJuQfIIC0nuMy-_w3BYFGlcceBRvJP1XvNiINvGBcNBfXhaYt1RNE_i2QEil8w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "80a221a6-b49a-4ab7-98c7-15f77531dd2c",
      "n": "hqnTn6un2D1VKlCES_igzOF8iaFNa3esHYACKuI7zRh7PNBQ46_rwAtonVMibONk1aD1CuP7zzNoZ-3m5HUk_8sTLY01IfLr0X2Kb1ozxBXlcnXKtxhJXCe5RqKeGx8HdgQ65_LwxxDdBu2023xvUnucto7yk34g2nBub38Z3oLQ_kS77cNEPZIM_X93lwOMum9OQuXRkV2O8IuxF1gIdRPI8qwwJTlijg0pGqik7DGq4iWd0or1aJMNB91kx6IH-8fdygjYHCYN2jQ4yF5lKPPmD0HgBPC8PP6-nwHUBjDIGRdSf-aPhb2_HsHSlgVgIjPq-G3v12RaCRlAru4GCw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "60f9d741-4b01-4713-90c5-75f48be078ae",
      "x": "Y_CLD3Wa8xCYrbPRl7lntvnWyp8SioneT704R2O5UHU",
      "y": "pg2b8wWPll5qSuXxIcsps1J9smzwehnd0Xo5_WLS-lw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e45e86cd-b671-4262-82f2-026b29ceaba1",
      "x": "SnE24-meaAT22vACG5gsBYmZqN9t-4Kx_Gb7e4BlFU0",
      "y": "emAoNyAKk0vHZ3k4KoSaxFXbMw-3LsPuymOoc3ZsqIA"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "0d3a94af-becc-4b77-b8cc-b1c0bff53a50",
      "x": "QsV34LNCgdA58lsNPOrxdrVxjYLNSZVRpCre88PK3SM",
      "y": "vivk4GGYcxwQVmMg3B93T22wbl8lAg-4xBO__CvS0ws"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "0b223815-1783-44fd-b046-49a60bd18e24",
      "x": "wSOuM-ulp8kKkAshrsk0sexenfQxrIZqbG8L-1LVEVE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d0f1055b-d04f-4204-acc6-b345bfb08495",
      "alg": "RSA-OAEP",
      "n": "mCO2z5WDp-d67YTveZ25zu4wVRPXFAVPDwFvlYrMA_qvh3Y_En-ceTC9Qctesa9h1Bos8cf19Xmqelu-d76LE7nvaTWeqpHyLyKGABR-59GFcxJtXLOr_j90Vvl9vPi44IENwJXWe8lzXsB3oCVOrB4sYEShua-5_RqCVANVc5CeBS2MAzVft89HcPJirXnbDuifGA-0gIf5m_T-csCeXAa63xECpgAyTuu8D-Z9ljr6RvA8hjLtOO23bYLSjQz5nWJSss2TGB3jheqLucgQxnydg_H0tGZP4Q46DBjH2MLHQyoYAR5JlSUWvv5k3XBGC65quMLBsq94Y2RPwsuEsw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "f8836553-d667-408d-a17d-2f791fb4a0b5",
      "x": "J566QZwp_Ndfq3wJC0BScUoklL-qX8trCrlF3pc0nns",
      "y": "RBQeWtuBFji_ksA9tcZ0XGUDkggkmo87eorMrP8r1Xs",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:50:03 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:50:03 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:50:03 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:50:03 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:50:03
oidcc-client-test-scope-userinfo-claims
Setup Done
2020-09-01 12:50:05 INCOMING
oidcc-client-test-scope-userinfo-claims
Incoming HTTP request to test instance Tvz82eaNmZKIhvO
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:50:05 OUTGOING
oidcc-client-test-scope-userinfo-claims
Response to HTTP request to test instance Tvz82eaNmZKIhvO
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/",
  "authorization_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/token",
  "jwks_uri": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:50:05 INCOMING
oidcc-client-test-scope-userinfo-claims
Incoming HTTP request to test instance Tvz82eaNmZKIhvO
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "161",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code"],"grant_types":["authorization_code"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:50:05 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:50:05 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:50:05 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2020-09-01 12:50:05 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:50:05 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:50:05 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:50:05 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:50:05 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:50:05 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:50:05 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:50:05 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:50:05 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:50:05 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:50:05 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:50:05 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:50:05 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:50:05 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:50:05 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:50:05 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:50:05 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:50:05 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:50:05 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:50:05 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ydDYHxNARmbdFnf32686?%\u0026 \u0027"
}
2020-09-01 12:50:05
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_LsAxwCAsIbbidMoEDtyIBUkIgNQtzazzbSlmCGPYfcOQwtSKmE5244170847))\*]
2020-09-01 12:50:05 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:50:05 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ydDYHxNARmbdFnf32686?%\u0026 \u0027",
  "client_secret": "secret_LsAxwCAsIbbidMoEDtyIBUkIgNQtzazzbSlmCGPYfcOQwtSKmE5244170847))\\*]"
}
2020-09-01 12:50:05 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:50:05 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:50:05
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:50:05 OUTGOING
oidcc-client-test-scope-userinfo-claims
Response to HTTP request to test instance Tvz82eaNmZKIhvO
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_ydDYHxNARmbdFnf32686?%\u0026 \u0027",
  "client_secret": "secret_LsAxwCAsIbbidMoEDtyIBUkIgNQtzazzbSlmCGPYfcOQwtSKmE5244170847))\\*]",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:50:06 INCOMING
oidcc-client-test-scope-userinfo-claims
Incoming HTTP request to test instance Tvz82eaNmZKIhvO
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_ydDYHxNARmbdFnf32686?%\u0026 \u0027",
  "scope": "openid email",
  "response_type": "code",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "UeNtzhnk2H1E8nBgPIKp2TxvqXuesejeN--159BqcNw",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:50:06 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:50:06 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "email"
]
expected
openid
2020-09-01 12:50:06 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_ydDYHxNARmbdFnf32686?%\u0026 \u0027",
  "scope": "openid email",
  "response_type": "code",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "UeNtzhnk2H1E8nBgPIKp2TxvqXuesejeN--159BqcNw",
  "response_mode": "form_post"
}
2020-09-01 12:50:06 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid email
2020-09-01 12:50:06 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2020-09-01 12:50:06 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2020-09-01 12:50:06 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_ydDYHxNARmbdFnf32686?%& '
2020-09-01 12:50:06 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:50:06 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "email"
]
expected
openid
2020-09-01 12:50:06 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:50:06 SUCCESS
EnsureScopeContainsAtLeastOneOfProfileEmailPhoneAddress
Found at least one of profile, email, phone and address scopes in request
actual
[
  "openid",
  "email"
]
2020-09-01 12:50:06 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
CrC0z1zBu0
2020-09-01 12:50:06 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
gTTJY_i5Dt7uHA4mIMNXPg
2020-09-01 12:50:06 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "UeNtzhnk2H1E8nBgPIKp2TxvqXuesejeN--159BqcNw"
}
2020-09-01 12:50:06 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "UeNtzhnk2H1E8nBgPIKp2TxvqXuesejeN--159BqcNw",
  "code": "CrC0z1zBu0"
}
2020-09-01 12:50:06 OUTGOING
oidcc-client-test-scope-userinfo-claims
Response to HTTP request to test instance Tvz82eaNmZKIhvO
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"UeNtzhnk2H1E8nBgPIKp2TxvqXuesejeN--159BqcNw","code":"CrC0z1zBu0"}}]
outgoing_path
authorize
2020-09-01 12:50:06 INCOMING
oidcc-client-test-scope-userinfo-claims
Incoming HTTP request to test instance Tvz82eaNmZKIhvO
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X3lkRFlIeE5BUm1iZEZuZjMyNjg2JTNGJTI1JTI2Kyc6c2VjcmV0X0xzQXh3Q0FzSWJiaWRNb0VEdHlJQlVrSWdOUXR6YXp6YlNsbUNHUFlmY09Rd3RTS21FNTI0NDE3MDg0NykpJTVDKiU1RA\u003d\u003d",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "CrC0z1zBu0",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=CrC0z1zBu0&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:50:06 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_ydDYHxNARmbdFnf32686?%& '
client_secret
secret_LsAxwCAsIbbidMoEDtyIBUkIgNQtzazzbSlmCGPYfcOQwtSKmE5244170847))\*]
method
client_secret_basic
2020-09-01 12:50:06 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:50:06 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
CrC0z1zBu0
2020-09-01 12:50:06 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:50:06 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
tpDkli2yhk8z5TSrt8ZkWgumiS9g3cLZbtcNScttJfBvMmsCyU
2020-09-01 12:50:06 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
8etU-90LuT3cV1E0ZfCNuA
2020-09-01 12:50:06 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/
sub
user-subject-1234531
aud
client_ydDYHxNARmbdFnf32686?%& '
iat
1598964606
exp
1598964906
2020-09-01 12:50:06 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
8etU-90LuT3cV1E0ZfCNuA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/Tvz82eaNmZKIhvO/",
  "sub": "user-subject-1234531",
  "aud": "client_ydDYHxNARmbdFnf32686?%\u0026 \u0027",
  "iat": 1598964606,
  "exp": 1598964906,
  "at_hash": "8etU-90LuT3cV1E0ZfCNuA"
}
2020-09-01 12:50:06 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI1MDBjNDBjZS1jM2FjLTQzOWItYmViMy04Yjg3OWJlNTgyZTIiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOGV0VS05MEx1VDNjVjFFMFpmQ051QSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3lkRFlIeE5BUm1iZEZuZjMyNjg2PyUmICciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvVHZ6ODJlYU5tWktJaHZPXC8iLCJleHAiOjE1OTg5NjQ5MDYsImlhdCI6MTU5ODk2NDYwNn0.VJahFiXZug41rTcjfs0zJ0pVXTz40xqufBFxv1OJjpq81roifeOl60HrBbYl-H84wq-hP0q8HerjbLvALy5ODtmlT3KDY40yLjNFLXhy1ha2wWB6Av2BulYRdDiV9s-_48qnw_dz8YgGew3GPW_mr6xm2URw2JFI-uYQATMdlGa1q7TC6NX0__q3tXGWEkgtTGh_SE5jevPHSoZ9jigmCcatjQ8aHHBjJ9byi8EQ7DVaGRWVJbu2ZpqC7gShbPwwbr7AkMLM3nnzavIUdNnn-imbGONXU8GJ8Wm5QfALYe8st75VvEkIHVZv_SAVZ3Dd-7haJKOs93vHt4VK01XFRg
key
{"p":"zg0e09_44FBCW8QrQ6DvGZ_Qvty6n9LMJbsHg5MnyEgDnI96hr0lvuyPjKI3Xzl2pXU0X2KwZvKUTsnyrLDzVkWBxNSsbsukBBBlMUTJPZ_UVGS4K3vaYJoSx-nt7NITGRBygm-bs8SUoJJrQ0xqqmPXgBA5Lf6cM8WVY3FcrNE","kty":"RSA","q":"t0Tr2TOYc3qVWFSHBxtSpeZaMPtjdZ-NaspnTlWkyCzEzrqTUf3rsLs2Bl5suj9I_23QksSizmhHuk5WtA4Ai83ya7iEAOTMyJNpoyW0By-Dz91MxlfZd7Otk_a8ZnxIvUew5vuw4OeI8rqqiCn3Lvsi0nCMUgmRt3Cfexmah4M","d":"P6Q99r0g7kBsiAI_6zyOhtz0GuRLi22TSKGp8a6Nv3n1ScKpr7XPhe76RZrneMSrct6IUr2tuJowVwH86ONTvb0BNYc6N_t9dbEqSYFwJga0xuiwOv-BNtkWLDgSUjHmL7fHXH0XkT5ncjQv8gFkKodYtXxDE6_n-OkCSF9uzmHx52jVVQJnOKoHH7-d45DLHAIUUrsevFCX0_KFMnVrzWTg--8IccYmTj05hF7JKFcvbOMEzSOElIyDacbwRj6GjulQA6129cDRYjuvYVeQ4qFljqcXLrc8KuXkNi1jy0jfcZQClOoIvQu14Y4AB4gzN_bEuBuL7c0-fgJHp4fK4Q","e":"AQAB","use":"sig","kid":"500c40ce-c3ac-439b-beb3-8b879be582e2","qi":"eLc9hP6vzKCE3KbaQzzd937L0vw-aeRQOxk-khVPSFvsYdkJxXQYNz9rnd_XjsqBLnk9qZKRUkcMaQ0y5e5m4DnyF68ixSL_QEVX4EXJY9E_t_ZsmXPhuVHcGM-kKRZ5KIp_J_PXDLlnnqqWSNIN1p0vjuuW0XJQBuSMr2-L0dM","dp":"kHGWKMUbfHQG8LmF8rTAqF_mP8YQdbWaMuD3lX71JmuFTJ0wMYArE7pVryqQUoq_56FQA4X1T1XCLbFYE0NAcjvrioXkEw9ifQ7ZQT6NLEv81uR8Ts9V-N5JSCdvCNMDXFCxVUrUBaNK5X1_AABzzdqL2VSGIP4ZlhlubfWsF-E","dq":"jHvjgpq_aP31j0E0RGlYYF2Ek3mQkzCcGdlPeUfDScKvlnyEw1wumEnZruYg2F_8l_hY4riiyDA9k33LjrgRCRn0k0hcv8ajh7kgR_R13PA6TVOpL31V8SEllH-VicYJiDZ1T4pt2ukBHHekkz4AAd52ofOuTJCTR5eoWJeW0fs","n":"k4LaWoNVWIhXWzUVIuOdIDM8ZbvPSY4k59yatSx6EL9DIeNwWojoGraxMNapEfks4E1QM8U53cHYHoPFLOsw0cSv7Drrs_ZhMhU9hw4YBjf_LoFWMx252nJu0FnyWV1EncYHQ4BNxr4e6mcuE8SNrNzDpRt3NnNA5Z3du_v4_ZhoPhD7_TYMMcdugYLyFLX9GR1i2siL4pguzpeCeE89-SFi8JnzW0q67JrGKaGDzV6qT42H3vNlqtVxpK4cyepIvhVJH7H8WmYpiKDujg_PDBSlcJuQfIIC0nuMy-_w3BYFGlcceBRvJP1XvNiINvGBcNBfXhaYt1RNE_i2QEil8w"}
algorithm
RS256
2020-09-01 12:50:06 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:50:06 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
tpDkli2yhk8z5TSrt8ZkWgumiS9g3cLZbtcNScttJfBvMmsCyU
token_type
Bearer
id_token
eyJraWQiOiI1MDBjNDBjZS1jM2FjLTQzOWItYmViMy04Yjg3OWJlNTgyZTIiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOGV0VS05MEx1VDNjVjFFMFpmQ051QSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3lkRFlIeE5BUm1iZEZuZjMyNjg2PyUmICciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvVHZ6ODJlYU5tWktJaHZPXC8iLCJleHAiOjE1OTg5NjQ5MDYsImlhdCI6MTU5ODk2NDYwNn0.VJahFiXZug41rTcjfs0zJ0pVXTz40xqufBFxv1OJjpq81roifeOl60HrBbYl-H84wq-hP0q8HerjbLvALy5ODtmlT3KDY40yLjNFLXhy1ha2wWB6Av2BulYRdDiV9s-_48qnw_dz8YgGew3GPW_mr6xm2URw2JFI-uYQATMdlGa1q7TC6NX0__q3tXGWEkgtTGh_SE5jevPHSoZ9jigmCcatjQ8aHHBjJ9byi8EQ7DVaGRWVJbu2ZpqC7gShbPwwbr7AkMLM3nnzavIUdNnn-imbGONXU8GJ8Wm5QfALYe8st75VvEkIHVZv_SAVZ3Dd-7haJKOs93vHt4VK01XFRg
scope
openid email
2020-09-01 12:50:06 OUTGOING
oidcc-client-test-scope-userinfo-claims
Response to HTTP request to test instance Tvz82eaNmZKIhvO
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "tpDkli2yhk8z5TSrt8ZkWgumiS9g3cLZbtcNScttJfBvMmsCyU",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiI1MDBjNDBjZS1jM2FjLTQzOWItYmViMy04Yjg3OWJlNTgyZTIiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOGV0VS05MEx1VDNjVjFFMFpmQ051QSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3lkRFlIeE5BUm1iZEZuZjMyNjg2PyUmICciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvVHZ6ODJlYU5tWktJaHZPXC8iLCJleHAiOjE1OTg5NjQ5MDYsImlhdCI6MTU5ODk2NDYwNn0.VJahFiXZug41rTcjfs0zJ0pVXTz40xqufBFxv1OJjpq81roifeOl60HrBbYl-H84wq-hP0q8HerjbLvALy5ODtmlT3KDY40yLjNFLXhy1ha2wWB6Av2BulYRdDiV9s-_48qnw_dz8YgGew3GPW_mr6xm2URw2JFI-uYQATMdlGa1q7TC6NX0__q3tXGWEkgtTGh_SE5jevPHSoZ9jigmCcatjQ8aHHBjJ9byi8EQ7DVaGRWVJbu2ZpqC7gShbPwwbr7AkMLM3nnzavIUdNnn-imbGONXU8GJ8Wm5QfALYe8st75VvEkIHVZv_SAVZ3Dd-7haJKOs93vHt4VK01XFRg",
  "scope": "openid email"
}
outgoing_path
token
2020-09-01 12:50:07 INCOMING
oidcc-client-test-scope-userinfo-claims
Incoming HTTP request to test instance Tvz82eaNmZKIhvO
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:50:07 OUTGOING
oidcc-client-test-scope-userinfo-claims
Response to HTTP request to test instance Tvz82eaNmZKIhvO
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "500c40ce-c3ac-439b-beb3-8b879be582e2",
      "n": "k4LaWoNVWIhXWzUVIuOdIDM8ZbvPSY4k59yatSx6EL9DIeNwWojoGraxMNapEfks4E1QM8U53cHYHoPFLOsw0cSv7Drrs_ZhMhU9hw4YBjf_LoFWMx252nJu0FnyWV1EncYHQ4BNxr4e6mcuE8SNrNzDpRt3NnNA5Z3du_v4_ZhoPhD7_TYMMcdugYLyFLX9GR1i2siL4pguzpeCeE89-SFi8JnzW0q67JrGKaGDzV6qT42H3vNlqtVxpK4cyepIvhVJH7H8WmYpiKDujg_PDBSlcJuQfIIC0nuMy-_w3BYFGlcceBRvJP1XvNiINvGBcNBfXhaYt1RNE_i2QEil8w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "80a221a6-b49a-4ab7-98c7-15f77531dd2c",
      "n": "hqnTn6un2D1VKlCES_igzOF8iaFNa3esHYACKuI7zRh7PNBQ46_rwAtonVMibONk1aD1CuP7zzNoZ-3m5HUk_8sTLY01IfLr0X2Kb1ozxBXlcnXKtxhJXCe5RqKeGx8HdgQ65_LwxxDdBu2023xvUnucto7yk34g2nBub38Z3oLQ_kS77cNEPZIM_X93lwOMum9OQuXRkV2O8IuxF1gIdRPI8qwwJTlijg0pGqik7DGq4iWd0or1aJMNB91kx6IH-8fdygjYHCYN2jQ4yF5lKPPmD0HgBPC8PP6-nwHUBjDIGRdSf-aPhb2_HsHSlgVgIjPq-G3v12RaCRlAru4GCw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "60f9d741-4b01-4713-90c5-75f48be078ae",
      "x": "Y_CLD3Wa8xCYrbPRl7lntvnWyp8SioneT704R2O5UHU",
      "y": "pg2b8wWPll5qSuXxIcsps1J9smzwehnd0Xo5_WLS-lw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e45e86cd-b671-4262-82f2-026b29ceaba1",
      "x": "SnE24-meaAT22vACG5gsBYmZqN9t-4Kx_Gb7e4BlFU0",
      "y": "emAoNyAKk0vHZ3k4KoSaxFXbMw-3LsPuymOoc3ZsqIA"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "0d3a94af-becc-4b77-b8cc-b1c0bff53a50",
      "x": "QsV34LNCgdA58lsNPOrxdrVxjYLNSZVRpCre88PK3SM",
      "y": "vivk4GGYcxwQVmMg3B93T22wbl8lAg-4xBO__CvS0ws"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "0b223815-1783-44fd-b046-49a60bd18e24",
      "x": "wSOuM-ulp8kKkAshrsk0sexenfQxrIZqbG8L-1LVEVE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d0f1055b-d04f-4204-acc6-b345bfb08495",
      "alg": "RSA-OAEP",
      "n": "mCO2z5WDp-d67YTveZ25zu4wVRPXFAVPDwFvlYrMA_qvh3Y_En-ceTC9Qctesa9h1Bos8cf19Xmqelu-d76LE7nvaTWeqpHyLyKGABR-59GFcxJtXLOr_j90Vvl9vPi44IENwJXWe8lzXsB3oCVOrB4sYEShua-5_RqCVANVc5CeBS2MAzVft89HcPJirXnbDuifGA-0gIf5m_T-csCeXAa63xECpgAyTuu8D-Z9ljr6RvA8hjLtOO23bYLSjQz5nWJSss2TGB3jheqLucgQxnydg_H0tGZP4Q46DBjH2MLHQyoYAR5JlSUWvv5k3XBGC65quMLBsq94Y2RPwsuEsw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "f8836553-d667-408d-a17d-2f791fb4a0b5",
      "x": "J566QZwp_Ndfq3wJC0BScUoklL-qX8trCrlF3pc0nns",
      "y": "RBQeWtuBFji_ksA9tcZ0XGUDkggkmo87eorMrP8r1Xs",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:50:07 INCOMING
oidcc-client-test-scope-userinfo-claims
Incoming HTTP request to test instance Tvz82eaNmZKIhvO
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer tpDkli2yhk8z5TSrt8ZkWgumiS9g3cLZbtcNScttJfBvMmsCyU",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:50:07 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
tpDkli2yhk8z5TSrt8ZkWgumiS9g3cLZbtcNScttJfBvMmsCyU
2020-09-01 12:50:07 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
tpDkli2yhk8z5TSrt8ZkWgumiS9g3cLZbtcNScttJfBvMmsCyU
2020-09-01 12:50:07 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
email
user@example.com
email_verified
false
2020-09-01 12:50:07
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:50:07 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:50:07 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:50:07 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:50:07 OUTGOING
oidcc-client-test-scope-userinfo-claims
Response to HTTP request to test instance Tvz82eaNmZKIhvO
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "email": "user@example.com",
  "email_verified": false
}
outgoing_path
userinfo
2020-09-01 12:50:07 FINISHED
oidcc-client-test-scope-userinfo-claims
Test has run to completion
testmodule_result
PASSED
Test Results