Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:51:55 INFO
TEST-RUNNER
Test instance QI0hncscIt88005 created
baseUrl
https://www.certification.openid.net/test/QI0hncscIt88005
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-invalid-iss
2020-09-01 12:51:55 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/QI0hncscIt88005/",
  "authorization_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/token",
  "jwks_uri": "https://www.certification.openid.net/test/QI0hncscIt88005/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:55
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/QI0hncscIt88005/",
  "authorization_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/token",
  "jwks_uri": "https://www.certification.openid.net/test/QI0hncscIt88005/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:55
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "x-vIBnSdmXGwaBJbPKQRfXXVPv5z3Nvzxw6NSPz64dtppRf-QkiHm14MZGQi4Bdro8-BI4P2DYLMYfwWZZTZlg_W9tIHv1xhcaJ38grrhM9DSLC9klvByoR0F4FaWFSc5-IVPiOJb0O3Xro-5x2F3UCkDMdAUp6tsFbON035ne8",
      "kty": "RSA",
      "q": "s4ZGfg0I4mgFphaOPeNoX3NvlMQSRiAnf-SECFEKJlERiASzK-kld-rAfE8fLbWS4VVfOFwgD9aEXOpolLBfiddsvU6Uuqv_QRKVQ1E6_OvTcEw45S9fxR9YMSA20zGTpl9vYOa9uih0pQb-lDC27GVwbqahBU3pQHTvdhVi8uU",
      "d": "gB2mUGLcmrIj9Cn-zZNqYxZn3ySxZyYr0zE_UxJlJzwuyfSr8GkmB34YBthML5wLFk9biOQn-hDIFGT23k9hBZJBvzpFQoWJBPx94pYq5QTFjS4r4epjJyvgik6zgij8ygdR8FqBjRRmWpE27ZmkteRhfrK-cmuyA8D3S1aYT04w7MpuRusOd_m-D1_JmjvG9AYsBbmWE_N49FINytUUPKHH55E_combMa0Aux5nEvuGSQEhqchNerCvO8AINvPC_Fx0vX2Tz7uHILKJB3vFs_koAeCaO9C7KX6gVGHmSe1oU4AIi2VVr5wkKVxf2hpUdItcGrGYHWaPYKay4KUUeQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "2cc0cb43-4ac7-402a-a83c-4c7511fb4db8",
      "qi": "osma-LGznl0WlijHLBeyCGimJuhhkq_DHy2L49HlQPGXJB2nZUyNTUtyL4IAbZP8G58mDR9etyRRD7suHoFhBpIj9sAOF-24ZKGz8_pZfrbzBWsraEGvRASQmReba0saC3OCvfKr2tbZ-PryVHBslai_BQE1VFz_H3XLInfGWHY",
      "dp": "sKO6E0IcMYSK-hkl9dl8_p4LMWJ_mqfYp4tK-C9VuBM2L8GYTJZrArLBPj5ftiHbYFwqXOfukhd8YCLs4wn2iikqpOAEKmcETfPgCMLvP2QlredDSDq8aiRHsrD-00bHb_aJEGMzvlRVg2QJygiCy2-eww-V3KoJCuJXx_OkVo8",
      "dq": "kOWvv82Ffje3V3adGBaUB3aEeO5IUZFiUDeA2bWPG54TKFWix65GL6Op-Ktj3uDOzFC7qiGxPxdFfjk0b85rTjYx7hmesYxhWYRGNS87DSjKX7klstWp1tCVvhDiL1O0eHRO0UdrmvVMMGaU08b93Y-CT8zt6foYaY34OLbKRoE",
      "n": "jDK5VB_XXS9ESaIz7yrrvIQzGKmVUIKBxftEF0_09iK-bKG5S2vEp5BYlx277DffJapJGta3MS6mKGHQ83AmLz-BIxB9NteH2Aw4cALcm3kw3vpMSNBzLkkEXXkgub2uBJvD7qoKy7ncQGhOVt7PK2eIJ3JhM0P9LSpCNub0Kc4CPoHBkxMt6HE2o_nz5sz4Ur2Avi8AvTvzm3KMLHjlAoa6eUfxS1lyR4pG_t8djMi7-NU9Qq3m0W-ZaPG_8rK28izRZ1o_arP0D-oviKb0Sc_atvTVpVAOODF2TyvdjzmOBCL-kw9ALzYj4WMjJhmX3dQGOqpPz56S9P_byBQ0yw"
    },
    {
      "kty": "EC",
      "d": "wWvTO7roVIHt5yChwKkX1pxYT-3X8VtRx3cjjXDTFEc",
      "use": "sig",
      "crv": "P-256",
      "kid": "47de9474-7737-4f94-a46f-877c2d2975d4",
      "x": "EGefn-7Ri4cxOEl2EkVpOcJFhg4RYakKE0RePwqHvG0",
      "y": "3aDidV5HWFwxehvcHif3-1vghuefL-kBnHvsUiCj8iI"
    },
    {
      "kty": "EC",
      "d": "JYkxadXsukJNLe3UzmH-GrvqG736xTEHPGsKeDB1SoM",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "ffad7363-f24f-40eb-93d0-7971ef93e600",
      "x": "lXlterS-a8WmvX2nLMn2jOWSygl2FFub_Pvce7nMETI",
      "y": "CGURiJE9yQoQXjR0Tu_keOIZyjMv9BnL82CTYOGNtZQ"
    },
    {
      "kty": "OKP",
      "d": "ACMiPr6QOw7YXRbQ3k1_T70v_m820SynxyneWHJJd-U",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "6ff790e4-1b53-4888-911d-1b29c1f93e16",
      "x": "MWrXpBa2Uft2skBsIRBVFYj3iaDOipUJQAJvPMvFZ4A"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6hCuxntZ0X_-wszYEjJ0i7XVQQCG2ZZ1oHLyYSh4KFkhF-9C-FmA3Ivy6JrmNIE7kvRXq-KSgdz92zSgxOA6mwkf2x66GWEiVsfZDS0EbBHVtYMzKPaJnT8XixbNsQ1H29UGBtrgzAKHsTyMx-Ia5Ee_jGOggBU11meR515js8U",
      "kty": "RSA",
      "q": "sCXklT0EaHzxYP67KDojHq96VOANhd-U5GWn_rCvLkiOiQhcIfuj37rtCGzpiKV0UQK_a62fxU8XG3HDO0TxrXNrC40is9Syl6j6Holff-Aic8TRxmdzDIyT38u7tBM4IftO0HL2lxIb8pEg-G2bd2tttneR2vXkprdBJpdLf10",
      "d": "n6J9HeWoMtjxXV_0u7J45CYtYgLlWaBQt51S9LbQ-YqGQRyDOVYpirRqjOgO1abcXwD92fowR-G0J0eCD2SC-SnXfC2EAEr53nwWARiJR4TSyW1w1zoXIzv8X1Bqnv6zDqhvwgvbvvfthkphYoSZwuKp7iw89k6P6iHun12nGx4hgsmZM2Su6ZfEUekVEI2RU-y0JA0O0o-YRVwdsvmsoGfHD98r7H4OoO1fE7A1PF9TzQ6LPYzRDHP-DcgwKGdGfbT-6jMZqN-CuOxO7g6ZOZaqDtQ8NbJ8RJYQHsQv3_jgr0qM2mpX7O4m82U0zJ9cBUQYsFSZpmxeU03Whw2tkQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "6e5107c4-d5c6-4972-8ed7-91c6c195e88f",
      "qi": "miDJ6OAJ3s6mGmWwCNGZ1OtGQG_i-c1MdOsHr9dmeDDBEemzdhOuclnckj-wOLlWl18vc66SpZY3pEswcyjIkkb_NXEHpkIiR88TPeqbvUiG2fywaCr0xz_xVOdkKeQykHOHcyTg3O1SrTpunGUbFZFgN6XztIbrzDtO6W28snE",
      "dp": "hunMw8zvrYjYQFIwLPT2Jl1NqSTzlVFbRXtb59Kax67wG0qm0F1OoFDuV1KJZDQlMYQzUHjNN5s4m3QPQst4HEq7GOLyI5TQZTLWEfkjtmLlSrVv9Kl-Eqv-Fway0t2z0KtNyP-6WP0QV4FuJ_xUwcX1S6dVKN6Q5J9YAwNt9n0",
      "alg": "RSA-OAEP",
      "dq": "gTIJyfwK86hQUlgDZanegG8sRnxe7sXiKvL0mLV2h3foM1HSYYpz03EC0Z8wWm0gNxrQ02VxPgKYbCSwkRQsPo_c_4fw3_0tUFc7vJH9XYlDO64sPl054QZqn0aK0bUXArWURQdNHdjGbs9LY2rhEGHXAnIIpJSdtDnMq0VktnE",
      "n": "oQ4dkQamFNYayK-mAM8HNd9-Q8cK_EhJRRK5xsLCqRqk2TBKLQjj6pGni_UPFLNaRFFYMsJyhjJzv98fPE19BHPZw9dosMVnFtBgJePxIoz6DdlxXS3y7d0_RuujCeKZyfu-05aECm8xG-fNIkAu8UpFNtbFNQgNXtSV5ypMz-dr1PRwhT3gYT7nO8B3XJMyM-Y_hbK7w7P6oAU6v6Aslf-w4ycz4mYXtO8A-9QDtk4n2nz4fD5dApJx-yRDbWmJcO003Uw9PU70D-3OmeQ3ZDSG_LeA4eWr8JLtZISrHWfE4CrEnrHRv1h5RFpjnZ0ZaWUUn2rofO4Pu_Ndnh4JkQ"
    },
    {
      "kty": "EC",
      "d": "2wkiHDjLl6l0mwjyYwfoRWIia3oBy20evi29HokiBts",
      "use": "enc",
      "crv": "P-256",
      "kid": "61b04801-88a7-423c-bce2-3868730607dd",
      "x": "D5ZwGeeNa9NPDuwXaSq0r1NLTNwyyKtJYi_aGG6MaUM",
      "y": "yjFLSKmIW-yb5sqMR0R9JSAA33YjOE3WpQq-N4P-1xI",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "2cc0cb43-4ac7-402a-a83c-4c7511fb4db8",
      "n": "jDK5VB_XXS9ESaIz7yrrvIQzGKmVUIKBxftEF0_09iK-bKG5S2vEp5BYlx277DffJapJGta3MS6mKGHQ83AmLz-BIxB9NteH2Aw4cALcm3kw3vpMSNBzLkkEXXkgub2uBJvD7qoKy7ncQGhOVt7PK2eIJ3JhM0P9LSpCNub0Kc4CPoHBkxMt6HE2o_nz5sz4Ur2Avi8AvTvzm3KMLHjlAoa6eUfxS1lyR4pG_t8djMi7-NU9Qq3m0W-ZaPG_8rK28izRZ1o_arP0D-oviKb0Sc_atvTVpVAOODF2TyvdjzmOBCL-kw9ALzYj4WMjJhmX3dQGOqpPz56S9P_byBQ0yw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "7557dc8c-f6df-49a2-8575-70f63cd98438",
      "n": "gBBT5ifAYyNEQRDTgkZTLgr0wv8BcHFq--D48_qAl3RKgTf8MTvCris7JnZuG_xcUQ3FUAyzig_dDSL1Cc1vkg3xmF_qq1kw4ZSgx_nGo_pcfKsSUNrZiKRmVG_4XT-EIebYsKDKOOxQZEOS9z2JUOcrhU982qTByZZ0D94QSP9r6clgHicr4gZPCHnK9Rbm267HwcvtWsSVOsyk6-wQevjBKLt3RWP8WKtVwfoDNRxryO28iZQ99D2YL-WJU4BbUD9JMEmiAt5rj1gaFVU7D7QLo5WtTCANT0ZFzXt3Zhtsy5p-vbK2l1vITQj9x_oT_HnDK8RdM49YXVbOhz1p1w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "47de9474-7737-4f94-a46f-877c2d2975d4",
      "x": "EGefn-7Ri4cxOEl2EkVpOcJFhg4RYakKE0RePwqHvG0",
      "y": "3aDidV5HWFwxehvcHif3-1vghuefL-kBnHvsUiCj8iI"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e33fb42c-864e-4ec8-a83a-38cb826f7e3b",
      "x": "IDEp1AY-R-LOVeGsQQAb813fvq4wFkiP2_GWmaL8-mk",
      "y": "nNgixidDH2KgHUIu1cdZOeHV4IpcYOiHKI-Dg1PFU-U"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "ffad7363-f24f-40eb-93d0-7971ef93e600",
      "x": "lXlterS-a8WmvX2nLMn2jOWSygl2FFub_Pvce7nMETI",
      "y": "CGURiJE9yQoQXjR0Tu_keOIZyjMv9BnL82CTYOGNtZQ"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "6ff790e4-1b53-4888-911d-1b29c1f93e16",
      "x": "MWrXpBa2Uft2skBsIRBVFYj3iaDOipUJQAJvPMvFZ4A"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "6e5107c4-d5c6-4972-8ed7-91c6c195e88f",
      "alg": "RSA-OAEP",
      "n": "oQ4dkQamFNYayK-mAM8HNd9-Q8cK_EhJRRK5xsLCqRqk2TBKLQjj6pGni_UPFLNaRFFYMsJyhjJzv98fPE19BHPZw9dosMVnFtBgJePxIoz6DdlxXS3y7d0_RuujCeKZyfu-05aECm8xG-fNIkAu8UpFNtbFNQgNXtSV5ypMz-dr1PRwhT3gYT7nO8B3XJMyM-Y_hbK7w7P6oAU6v6Aslf-w4ycz4mYXtO8A-9QDtk4n2nz4fD5dApJx-yRDbWmJcO003Uw9PU70D-3OmeQ3ZDSG_LeA4eWr8JLtZISrHWfE4CrEnrHRv1h5RFpjnZ0ZaWUUn2rofO4Pu_Ndnh4JkQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "61b04801-88a7-423c-bce2-3868730607dd",
      "x": "D5ZwGeeNa9NPDuwXaSq0r1NLTNwyyKtJYi_aGG6MaUM",
      "y": "yjFLSKmIW-yb5sqMR0R9JSAA33YjOE3WpQq-N4P-1xI",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:51:55 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:51:55 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:51:55 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:51:56 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:51:56
oidcc-client-test-invalid-iss
Setup Done
2020-09-01 12:51:58 INCOMING
oidcc-client-test-invalid-iss
Incoming HTTP request to test instance QI0hncscIt88005
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:51:58 OUTGOING
oidcc-client-test-invalid-iss
Response to HTTP request to test instance QI0hncscIt88005
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/QI0hncscIt88005/",
  "authorization_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/token",
  "jwks_uri": "https://www.certification.openid.net/test/QI0hncscIt88005/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/QI0hncscIt88005/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:51:59 INCOMING
oidcc-client-test-invalid-iss
Incoming HTTP request to test instance QI0hncscIt88005
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "178",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:51:59 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:51:59 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:51:59 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code token"
]
2020-09-01 12:51:59 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:59 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:51:59 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:51:59 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:51:59 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:51:59 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:51:59 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:51:59 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:51:59 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:59 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:51:59 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:51:59 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:51:59 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:51:59 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:51:59 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:51:59 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:51:59 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:51:59 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:51:59 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:51:59 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_XPNyHsELveXdQES97211(!`?@"
}
2020-09-01 12:51:59
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_kpgmpduDAqsQXfFmCoouywFgsbofnveDjQrpiNkhrWDVgtOnCB3085213864}"?#|
2020-09-01 12:51:59 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:51:59 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_XPNyHsELveXdQES97211(!`?@",
  "client_secret": "secret_kpgmpduDAqsQXfFmCoouywFgsbofnveDjQrpiNkhrWDVgtOnCB3085213864}\"?#|"
}
2020-09-01 12:51:59 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:51:59 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:51:59
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:51:59 OUTGOING
oidcc-client-test-invalid-iss
Response to HTTP request to test instance QI0hncscIt88005
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_XPNyHsELveXdQES97211(!`?@",
  "client_secret": "secret_kpgmpduDAqsQXfFmCoouywFgsbofnveDjQrpiNkhrWDVgtOnCB3085213864}\"?#|",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:51:59 INCOMING
oidcc-client-test-invalid-iss
Incoming HTTP request to test instance QI0hncscIt88005
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_XPNyHsELveXdQES97211(!`?@",
  "scope": "openid",
  "response_type": "code token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "LA4HLMs-BV3mczlSHeZgQEWjuixy6CnvpsubwaQeuUw",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:51:59 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:51:59 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:59 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_XPNyHsELveXdQES97211(!`?@",
  "scope": "openid",
  "response_type": "code token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "LA4HLMs-BV3mczlSHeZgQEWjuixy6CnvpsubwaQeuUw",
  "response_mode": "form_post"
}
2020-09-01 12:51:59 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:51:59 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2020-09-01 12:51:59 SUCCESS
EnsureResponseTypeIsCodeToken
Response type is expected value
expected
code token
2020-09-01 12:51:59 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_XPNyHsELveXdQES97211(!`?@
2020-09-01 12:51:59 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:59 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:59 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:51:59 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
iJg6l3kD8I
2020-09-01 12:51:59 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
4f72VFsBqrXDwWHfSJY8Sw
2020-09-01 12:51:59 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
fIUBTn04kxwkBVumuTLsIphCQ6TiKLZ0tmddgMoXK8ldrYrele
2020-09-01 12:51:59 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
bOZ20wtyjTjwjNyHR05xQA
2020-09-01 12:51:59 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "LA4HLMs-BV3mczlSHeZgQEWjuixy6CnvpsubwaQeuUw"
}
2020-09-01 12:51:59 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "LA4HLMs-BV3mczlSHeZgQEWjuixy6CnvpsubwaQeuUw",
  "code": "iJg6l3kD8I"
}
2020-09-01 12:51:59
AddTokenToAuthorizationEndpointResponseParams
Added token and token_type to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "LA4HLMs-BV3mczlSHeZgQEWjuixy6CnvpsubwaQeuUw",
  "code": "iJg6l3kD8I",
  "access_token": "fIUBTn04kxwkBVumuTLsIphCQ6TiKLZ0tmddgMoXK8ldrYrele",
  "token_type": "Bearer"
}
2020-09-01 12:51:59 OUTGOING
oidcc-client-test-invalid-iss
Response to HTTP request to test instance QI0hncscIt88005
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"LA4HLMs-BV3mczlSHeZgQEWjuixy6CnvpsubwaQeuUw","code":"iJg6l3kD8I","access_token":"fIUBTn04kxwkBVumuTLsIphCQ6TiKLZ0tmddgMoXK8ldrYrele","token_type":"Bearer"}}]
outgoing_path
authorize
2020-09-01 12:52:00 INCOMING
oidcc-client-test-invalid-iss
Incoming HTTP request to test instance QI0hncscIt88005
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X1hQTnlIc0VMdmVYZFFFUzk3MjExKCElNjAlM0YlNDA6c2VjcmV0X2twZ21wZHVEQXFzUVhmRm1Db291eXdGZ3Nib2ZudmVEalFycGlOa2hyV0RWZ3RPbkNCMzA4NTIxMzg2NCU3RCUyMiUzRiUyMyU3Qw\u003d\u003d",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "iJg6l3kD8I",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=iJg6l3kD8I&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:52:00 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_XPNyHsELveXdQES97211(!`?@
client_secret
secret_kpgmpduDAqsQXfFmCoouywFgsbofnveDjQrpiNkhrWDVgtOnCB3085213864}"?#|
method
client_secret_basic
2020-09-01 12:52:00 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:52:00 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
iJg6l3kD8I
2020-09-01 12:52:00 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:52:00 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
bibkWOw8c23biCOdxAaPhCPPxDIAq1IIyClqgjnC40fjqWHcEA
2020-09-01 12:52:00 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
ITc75bL8vOWen-k7Vk-S7w
2020-09-01 12:52:00 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/QI0hncscIt88005/
sub
user-subject-1234531
aud
client_XPNyHsELveXdQES97211(!`?@
iat
1598964720
exp
1598965020
2020-09-01 12:52:00 SUCCESS
AddInvalidIssValueToIdToken
Added invalid iss to ID token claims
iss
https://www.certification.openid.net/test/QI0hncscIt88005/1
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/QI0hncscIt88005/1",
  "sub": "user-subject-1234531",
  "aud": "client_XPNyHsELveXdQES97211(!`?@",
  "iat": 1598964720,
  "exp": 1598965020
}
2020-09-01 12:52:00 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
ITc75bL8vOWen-k7Vk-S7w
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/QI0hncscIt88005/1",
  "sub": "user-subject-1234531",
  "aud": "client_XPNyHsELveXdQES97211(!`?@",
  "iat": 1598964720,
  "exp": 1598965020,
  "at_hash": "ITc75bL8vOWen-k7Vk-S7w"
}
2020-09-01 12:52:00 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIyY2MwY2I0My00YWM3LTQwMmEtYTgzYy00Yzc1MTFmYjRkYjgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSVRjNzViTDh2T1dlbi1rN1ZrLVM3dyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1hQTnlIc0VMdmVYZFFFUzk3MjExKCFgP0AiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvUUkwaG5jc2NJdDg4MDA1XC8xIiwiZXhwIjoxNTk4OTY1MDIwLCJpYXQiOjE1OTg5NjQ3MjB9.YG7Z9piwbIEub8kjYW-TEyowiwC9bPxyMvs08vzEMOOVyIsRrUc-2UsszMw7h_z8RoOEs52jyO-RAh6EtwpKmorubkZSdO0VAVX1JF2j_ZU-CwOVaWPRvlMeYMcsGMweCfM2Fmg2j41ucd9_hPCLY6qNo5WS8yPvXUv2QKtOhzjafcRXNAuktFalv4kfGAnZih5elmE6xhNZukbourbF23ncnM7d1AzVGCrYFPqH2WSBNj2qAxGzSyABY2TvORkTBGpiJWElTZm1g0b4AUFW5WSW9C7kYSIbpn67-XTK0MKne3pPOupLHPtI9GJvyP_U9OmJUpsSh0SH5LHpDEu9rg
key
{"p":"x-vIBnSdmXGwaBJbPKQRfXXVPv5z3Nvzxw6NSPz64dtppRf-QkiHm14MZGQi4Bdro8-BI4P2DYLMYfwWZZTZlg_W9tIHv1xhcaJ38grrhM9DSLC9klvByoR0F4FaWFSc5-IVPiOJb0O3Xro-5x2F3UCkDMdAUp6tsFbON035ne8","kty":"RSA","q":"s4ZGfg0I4mgFphaOPeNoX3NvlMQSRiAnf-SECFEKJlERiASzK-kld-rAfE8fLbWS4VVfOFwgD9aEXOpolLBfiddsvU6Uuqv_QRKVQ1E6_OvTcEw45S9fxR9YMSA20zGTpl9vYOa9uih0pQb-lDC27GVwbqahBU3pQHTvdhVi8uU","d":"gB2mUGLcmrIj9Cn-zZNqYxZn3ySxZyYr0zE_UxJlJzwuyfSr8GkmB34YBthML5wLFk9biOQn-hDIFGT23k9hBZJBvzpFQoWJBPx94pYq5QTFjS4r4epjJyvgik6zgij8ygdR8FqBjRRmWpE27ZmkteRhfrK-cmuyA8D3S1aYT04w7MpuRusOd_m-D1_JmjvG9AYsBbmWE_N49FINytUUPKHH55E_combMa0Aux5nEvuGSQEhqchNerCvO8AINvPC_Fx0vX2Tz7uHILKJB3vFs_koAeCaO9C7KX6gVGHmSe1oU4AIi2VVr5wkKVxf2hpUdItcGrGYHWaPYKay4KUUeQ","e":"AQAB","use":"sig","kid":"2cc0cb43-4ac7-402a-a83c-4c7511fb4db8","qi":"osma-LGznl0WlijHLBeyCGimJuhhkq_DHy2L49HlQPGXJB2nZUyNTUtyL4IAbZP8G58mDR9etyRRD7suHoFhBpIj9sAOF-24ZKGz8_pZfrbzBWsraEGvRASQmReba0saC3OCvfKr2tbZ-PryVHBslai_BQE1VFz_H3XLInfGWHY","dp":"sKO6E0IcMYSK-hkl9dl8_p4LMWJ_mqfYp4tK-C9VuBM2L8GYTJZrArLBPj5ftiHbYFwqXOfukhd8YCLs4wn2iikqpOAEKmcETfPgCMLvP2QlredDSDq8aiRHsrD-00bHb_aJEGMzvlRVg2QJygiCy2-eww-V3KoJCuJXx_OkVo8","dq":"kOWvv82Ffje3V3adGBaUB3aEeO5IUZFiUDeA2bWPG54TKFWix65GL6Op-Ktj3uDOzFC7qiGxPxdFfjk0b85rTjYx7hmesYxhWYRGNS87DSjKX7klstWp1tCVvhDiL1O0eHRO0UdrmvVMMGaU08b93Y-CT8zt6foYaY34OLbKRoE","n":"jDK5VB_XXS9ESaIz7yrrvIQzGKmVUIKBxftEF0_09iK-bKG5S2vEp5BYlx277DffJapJGta3MS6mKGHQ83AmLz-BIxB9NteH2Aw4cALcm3kw3vpMSNBzLkkEXXkgub2uBJvD7qoKy7ncQGhOVt7PK2eIJ3JhM0P9LSpCNub0Kc4CPoHBkxMt6HE2o_nz5sz4Ur2Avi8AvTvzm3KMLHjlAoa6eUfxS1lyR4pG_t8djMi7-NU9Qq3m0W-ZaPG_8rK28izRZ1o_arP0D-oviKb0Sc_atvTVpVAOODF2TyvdjzmOBCL-kw9ALzYj4WMjJhmX3dQGOqpPz56S9P_byBQ0yw"}
algorithm
RS256
2020-09-01 12:52:00 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:52:00 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
bibkWOw8c23biCOdxAaPhCPPxDIAq1IIyClqgjnC40fjqWHcEA
token_type
Bearer
id_token
eyJraWQiOiIyY2MwY2I0My00YWM3LTQwMmEtYTgzYy00Yzc1MTFmYjRkYjgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSVRjNzViTDh2T1dlbi1rN1ZrLVM3dyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1hQTnlIc0VMdmVYZFFFUzk3MjExKCFgP0AiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvUUkwaG5jc2NJdDg4MDA1XC8xIiwiZXhwIjoxNTk4OTY1MDIwLCJpYXQiOjE1OTg5NjQ3MjB9.YG7Z9piwbIEub8kjYW-TEyowiwC9bPxyMvs08vzEMOOVyIsRrUc-2UsszMw7h_z8RoOEs52jyO-RAh6EtwpKmorubkZSdO0VAVX1JF2j_ZU-CwOVaWPRvlMeYMcsGMweCfM2Fmg2j41ucd9_hPCLY6qNo5WS8yPvXUv2QKtOhzjafcRXNAuktFalv4kfGAnZih5elmE6xhNZukbourbF23ncnM7d1AzVGCrYFPqH2WSBNj2qAxGzSyABY2TvORkTBGpiJWElTZm1g0b4AUFW5WSW9C7kYSIbpn67-XTK0MKne3pPOupLHPtI9GJvyP_U9OmJUpsSh0SH5LHpDEu9rg
scope
openid
2020-09-01 12:52:00 OUTGOING
oidcc-client-test-invalid-iss
Response to HTTP request to test instance QI0hncscIt88005
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "bibkWOw8c23biCOdxAaPhCPPxDIAq1IIyClqgjnC40fjqWHcEA",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiIyY2MwY2I0My00YWM3LTQwMmEtYTgzYy00Yzc1MTFmYjRkYjgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSVRjNzViTDh2T1dlbi1rN1ZrLVM3dyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1hQTnlIc0VMdmVYZFFFUzk3MjExKCFgP0AiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvUUkwaG5jc2NJdDg4MDA1XC8xIiwiZXhwIjoxNTk4OTY1MDIwLCJpYXQiOjE1OTg5NjQ3MjB9.YG7Z9piwbIEub8kjYW-TEyowiwC9bPxyMvs08vzEMOOVyIsRrUc-2UsszMw7h_z8RoOEs52jyO-RAh6EtwpKmorubkZSdO0VAVX1JF2j_ZU-CwOVaWPRvlMeYMcsGMweCfM2Fmg2j41ucd9_hPCLY6qNo5WS8yPvXUv2QKtOhzjafcRXNAuktFalv4kfGAnZih5elmE6xhNZukbourbF23ncnM7d1AzVGCrYFPqH2WSBNj2qAxGzSyABY2TvORkTBGpiJWElTZm1g0b4AUFW5WSW9C7kYSIbpn67-XTK0MKne3pPOupLHPtI9GJvyP_U9OmJUpsSh0SH5LHpDEu9rg",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:52:02 FINISHED
oidcc-client-test-invalid-iss
Test has run to completion
testmodule_result
PASSED
Test Results