Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:51:00 INFO
TEST-RUNNER
Test instance inZ0M9FN0MHfPCB created
baseUrl
https://www.certification.openid.net/test/inZ0M9FN0MHfPCB
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "id_token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
2AWaC6uTX8byR
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-nonce-invalid
2020-09-01 12:51:00 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/",
  "authorization_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/token",
  "jwks_uri": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:00
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/",
  "authorization_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/token",
  "jwks_uri": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:01
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "7OrB2EzbgQhQcze2mt5PsA_WSCUPqzjJLFE7aQVAAC6GTrPY7Rj2_ZE5dO2ig1Vfo_O8Etzr1_PZvaSmqn2-TIKR8vw1YfVwFoEEA4JHpmF0b_aRoS1bJVpqbio5SaxUa8O_G5rbvCO8G_eA8T3s30xd9yHQ0XuYR6dCzC8u87U",
      "kty": "RSA",
      "q": "1aiimgorPWflFgnrNhztZW3rrzj2mGbXUGj6KNZQDbPFMIxQG4NORCFG0x7uN-Hcmf2jySArNznde5C4cwIQfMpeBB57IF43irlM_dH1r2aIppNlHLjOhDlRCbtRIwY6UTv2YP41WN9xYjvfjYVkLXdzWMgwZOplJylFQBZXii8",
      "d": "R97V6P4i5cZgkrEJ1RqCyT5cdaKAHLll2lM_IBrQErlqtWH-BzZ3ER0uOJ9sKBYyg2XdajrIN9znILQSUjSgLJmQt8vxRckm0xCBdORtNvDy023GjS-ElKHCtDllab2w4EGy7mHxY97IfWS2lFeHgt4PNfJQmicwBRP77gXLFkP78mPLZIpjbmpYShPP0lu0yHJDq_nh70yEEoAVz2VaDzpwfBvTQInGxhzECoGcYCckIb75l2IRvhG8EKTTRQn7_IHtrRGOSTUXyyiD4_mfEGCSJs46b0e74ecW8O0vtgF8St0p7g9EH3s9ajanVVQz_6IVgZwmtorfIUrje62meQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "78094b9f-fa8b-4027-ab69-0f3c02326958",
      "qi": "iwCzGjRytzg8j2BAZzF_D2-4W3h8UAMTMi0c00RkNOX6rFdH0zmSR9WB39ZDUUxukMgBvQiI1CInJkf4HIzxSpXrh3xR9ka7VqprYJjkBCoVVs1lQV1_akwbUzNg7A0ZtvVv1Rbroo885XfL-r9mjafoRCfnx2Xgav2Omhr9OeI",
      "dp": "qthviSeDcv0n5q5ahDukg3YoNEZlkjeU-txpV0Zt7LOgLskKuY-zLQ-4u1VSSBscqQJusbuWZ1h1wIgnl_KtdEcEMJEnfcicV94Zot4kBRtp-AN66RvoCnu1HFRek34uMrgp7CI0KuwqDpDg7xaU5kIP0NMV3rqeCa3YQZ4U4bE",
      "dq": "jacCNtJrHIkXLudglD3VfpvD2CYSB7SXJ-6RfCWqaYs4PxmnurXxW-YcCLjHAzGxij7JKf0z6adpmhS21TkXKUUZ0-1JgIo2lLiJvPZIxwNZseai8Mnt0WgWvDb-chQc8eKpVGD1iXiKubAsZK19X0-En-YJf76PVclc6kJlw20",
      "n": "xbtj00sxvv7VE_PiGpdg5sSe4YWGyf3xXB9wdWBIXTZiMQjWmv7153p5b9wdLt7lPy9DM2z3gZYiCqx52bVgz02o8aN7OxnwSlxdIB75NkMvxg9CoT78DroQNL8Ylxc1ggKtj-CH5vu3RHWc53dXg_-irLfBSV3EkqwyRhD4bJUv7bz0gk_rL5uKs3PnozTSN8DfEkEtYSvVoBBeGyzE7hbrqOFxM8_O2EVu-hv8whF7weKpmcOqUjeQPYQ2Wu1qQA0PEdNrJ3JLGECYZwJQYCNft9MY4Fm8FEZTilK1jWAs7kWRLjPUGVHvL9eLJ2LRYFBPD9Gxivyfkx0SWYFQOw"
    },
    {
      "kty": "EC",
      "d": "D8erRfS7Jr4U9i57Yj52harnIN9crC-V-MS5dFBtUu4",
      "use": "sig",
      "crv": "P-256",
      "kid": "691a78af-0b10-4dfa-b125-3693fc37eefb",
      "x": "0UZ6EzPypsATLixQRBikMNpdrpZyhcWyu3cPo78qBT8",
      "y": "cW-6sPFpipUQg7f1gj60oD2fe1i5-wZsLNOODcBMZ9Y"
    },
    {
      "kty": "EC",
      "d": "8uZcfNP1yhp2X7JDKAPFIRwBqhTaow01VxUmkeffUDo",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "ea539f1b-9eb8-45a8-ba14-492ea8707ab2",
      "x": "nfCQzqhSrpxT0gJWuCvlbIMc8w4Lgrjs-Ob4g_TSESw",
      "y": "vsOk7sTrsbWIQcizds-wML95dNjoJRfuiEGV3yfjeOE"
    },
    {
      "kty": "OKP",
      "d": "gnbjxYNPTh5eNsphNq1nZY0kMfW-7PuILqgBZbRHyN0",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "2256de3e-4d32-4fc1-9145-30b87dc3f002",
      "x": "kuf27DCfasqvmdV88Q8Ax8qWJi8y4x2DA-FA_Mg2sLA"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "8repibY15WXyKvgUPBEQWHGffQqWconiVwcemn_MpRgpWH9XRnyV-Kn11PDN9AaBobOb7BJMULrH5LIkLw81HTtw79zbvQH2bf4bTjfTeQnZYlAzjCxPTpVt9B7mNvVHe1OM5_gxye8C_REkcCk5JVuDKa-v65ZxJWSvY81T05k",
      "kty": "RSA",
      "q": "0HdlaFgiVqklE4XdDZhoG2pvb0wT0-wJbRXjKcTXL62-S8p_P15XguCKRmWfKxWRqJ5Cox6bbabbVhgAooNrfIpcmee-hlpzT0EgEcDJQv0pYMROdytUtpEzvwVnNP7sOK3og7NwGVjODJomix8G-_86-4n-bRIz-343u6E3nGc",
      "d": "P9lChUYx8n83Nn2dBtKfSE52j5F-B3VF8Ubzu4gdc9CIhAHcZnnHD0Vq26SsPu5pGDCHcyDynSG3BLl8mRO0mcw9WpJnZ2ZxvTh14Nkzl67JTdH6M2W-UNY6JSxD8P13y1DArOE0Hp3ZKD31x23MrIAo9DVcIMs2xH4XI8VU2bnACz7E3Q4QEbXi3PPOm-KMTwsKrcyDreuILqe5300DsVIrcrINEdR0_H9GaIwbSDKbadWfM4fcD9dOymMBuBaiPu3bFg2T-FyQfwPKOHiuMj7zBC8fSi5v58AFb9doaQbH6cht8omH1s_6WpqHi_5E7Pq4ueWQiRavHEx_7vnusQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0e5edf22-64ca-497e-9e70-c421849252e9",
      "qi": "qMpTi9-f45jrDZOCQaz6Ch-shMACyQxcBuVMviliHeutesmMYDYqOhJd1LIiM24RzJHbX2FodhReBcQPNNANcSuXqTQOKl4DOHQ9ZuYZjT6e6wjvX_iBQTv-EI2BWzg6pm_xQFk8tvWhqI62kNuiAJbE5ItV5JMKEe4vZ7PpgXs",
      "dp": "MwMi4Myo-zO3-Av3xMAZXV1UFeW5xQzxwzS9297sVe6EEhOBdlEM_BxMjJqnzpfneuLS7ITUAUugY5KFRFa_5QrvK5qRnGHjNy7m8kONcKz_QUh17QoLCQsi9uHfpMFcarEetkpVvIk9aY7Gx8QCPLXFFWfVY4BU-3Tz39fxvFE",
      "alg": "RSA-OAEP",
      "dq": "ODDGm76N2vASt1VwxRZckW86BDTsb0YDMG0i4wJUwlxBm-pELE-ApR1jCCCiK5nPvjSSX6eDW6YLHwSvPx7PXS1qUm291DcTN7ylKUPeu_jDK3seb061sdQnr4iETiucfpaZws4eHCbsu0bdtsgxOMGOI3kJpFqwukxGN4P4Gmc",
      "n": "xaZtRRcfYxus09yvfAw21h9N-1VHtH0xhgCd50IFrrFxMyp1wY8adTnKDup2eQZZPw4nx1FEbf4wIauW7V6wS6hlK-1m9gvjXLAMfqowNZ7dXRylb3OPVWmWVS5ctmm3xZP4R-XL7fuF8b60ER4AY_yhv0mPTeagKtDr3XiNg3dnIJT8n1CePkwnUlviuA4tn87bOfYGf8dMPEBlyA35iW5YDwph9vODp3ndvR4rs319YKug0rJ2GpPLuIX3l1j1pHqAoy0b2wwMcdD30E7xSrQhfwQXsmZpkLOuz6smYbi9Hig76BYMWWJQL0abKDRW7-rrJ6StjXb_9acfYIpejw"
    },
    {
      "kty": "EC",
      "d": "KkQsRVUUtT3Tf0xBTxJhdVjJ48Hoz1AuTIroLJUuK2A",
      "use": "enc",
      "crv": "P-256",
      "kid": "c277f744-2cce-4586-b3dd-1ede37f5f97b",
      "x": "bwHee-40FKzTwqMluJbMrafKOOBaonXR9Wkvj3yWNxs",
      "y": "J2DQz3B2vGOaYmWKcvM8SaB63lYdYX9YWoC9Qkj56RA",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "78094b9f-fa8b-4027-ab69-0f3c02326958",
      "n": "xbtj00sxvv7VE_PiGpdg5sSe4YWGyf3xXB9wdWBIXTZiMQjWmv7153p5b9wdLt7lPy9DM2z3gZYiCqx52bVgz02o8aN7OxnwSlxdIB75NkMvxg9CoT78DroQNL8Ylxc1ggKtj-CH5vu3RHWc53dXg_-irLfBSV3EkqwyRhD4bJUv7bz0gk_rL5uKs3PnozTSN8DfEkEtYSvVoBBeGyzE7hbrqOFxM8_O2EVu-hv8whF7weKpmcOqUjeQPYQ2Wu1qQA0PEdNrJ3JLGECYZwJQYCNft9MY4Fm8FEZTilK1jWAs7kWRLjPUGVHvL9eLJ2LRYFBPD9Gxivyfkx0SWYFQOw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e8568ad2-29dc-4784-9b7c-3171bf50a6fb",
      "n": "iIU5qsEMxDQm5MZoPpYYUrTC4d7I_SxodLyv5oWD11yGSesFMw5YPjrepPXzQxrkbjrPXZlFdsJGNHtv3fN5Ku2J0GzaksWKcysUwcN8SCRkJAy24w14A0TY5-qnvmG51zutwtpQMoT58WVtslYAmtOwS8r0LYpORxCiOpUzcitR_K_zF3_p0uCJdhAtjc9291G13hrxJcfRs1_37Ot7ev3sPKcVe7HYh709W90iOaN7XuBVLVUCXPkLGlURNozux9jmMch0vnkWD_HUioDKKx_sXv33sc_eKDOcCH79YOTo7X-vTmcto_xvXAt5zAd8rFMCSW8hxRHbfkNtS7WL7w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "691a78af-0b10-4dfa-b125-3693fc37eefb",
      "x": "0UZ6EzPypsATLixQRBikMNpdrpZyhcWyu3cPo78qBT8",
      "y": "cW-6sPFpipUQg7f1gj60oD2fe1i5-wZsLNOODcBMZ9Y"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7a665aeb-b84d-456c-9ae4-2f3ae8130883",
      "x": "4lsRekjWAm_TZehtr0tDCdmGBl_jxO966a1mqdE3Als",
      "y": "6Ovhczrha5-6QVv0-8MXZl3b5Ki4-lMrxbWu-l5SF3U"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "ea539f1b-9eb8-45a8-ba14-492ea8707ab2",
      "x": "nfCQzqhSrpxT0gJWuCvlbIMc8w4Lgrjs-Ob4g_TSESw",
      "y": "vsOk7sTrsbWIQcizds-wML95dNjoJRfuiEGV3yfjeOE"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "2256de3e-4d32-4fc1-9145-30b87dc3f002",
      "x": "kuf27DCfasqvmdV88Q8Ax8qWJi8y4x2DA-FA_Mg2sLA"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0e5edf22-64ca-497e-9e70-c421849252e9",
      "alg": "RSA-OAEP",
      "n": "xaZtRRcfYxus09yvfAw21h9N-1VHtH0xhgCd50IFrrFxMyp1wY8adTnKDup2eQZZPw4nx1FEbf4wIauW7V6wS6hlK-1m9gvjXLAMfqowNZ7dXRylb3OPVWmWVS5ctmm3xZP4R-XL7fuF8b60ER4AY_yhv0mPTeagKtDr3XiNg3dnIJT8n1CePkwnUlviuA4tn87bOfYGf8dMPEBlyA35iW5YDwph9vODp3ndvR4rs319YKug0rJ2GpPLuIX3l1j1pHqAoy0b2wwMcdD30E7xSrQhfwQXsmZpkLOuz6smYbi9Hig76BYMWWJQL0abKDRW7-rrJ6StjXb_9acfYIpejw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "c277f744-2cce-4586-b3dd-1ede37f5f97b",
      "x": "bwHee-40FKzTwqMluJbMrafKOOBaonXR9Wkvj3yWNxs",
      "y": "J2DQz3B2vGOaYmWKcvM8SaB63lYdYX9YWoC9Qkj56RA",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:51:01 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:51:01 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:51:01 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:51:01 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:51:01
oidcc-client-test-nonce-invalid
Setup Done
2020-09-01 12:51:04 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance inZ0M9FN0MHfPCB
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:51:04 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance inZ0M9FN0MHfPCB
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/",
  "authorization_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/token",
  "jwks_uri": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:51:04 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance inZ0M9FN0MHfPCB
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "155",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["id_token"],"grant_types":["implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:51:04 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:51:04 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:51:04 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "implicit"
]
response_types
[
  "id_token"
]
2020-09-01 12:51:04 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:04 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:51:04 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:51:04 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:51:04 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:51:04 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:51:04 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:51:04 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:51:04 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:04 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:51:04 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:51:04 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:51:04 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:51:04 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:51:04 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:51:04 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:51:04 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:51:04 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:51:04 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:51:04 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_KCqDofbRnncvAud15157;;\\%\""
}
2020-09-01 12:51:04
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_LHQrmCqvZCBTlPbkhQtisFRdddpxLgtXofTMaXKtwIfBcJmGOb1167903935,#({]
2020-09-01 12:51:04 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:51:04 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_KCqDofbRnncvAud15157;;\\%\"",
  "client_secret": "secret_LHQrmCqvZCBTlPbkhQtisFRdddpxLgtXofTMaXKtwIfBcJmGOb1167903935,#({]"
}
2020-09-01 12:51:04 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:51:04 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:51:04
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:51:04 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance inZ0M9FN0MHfPCB
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_KCqDofbRnncvAud15157;;\\%\"",
  "client_secret": "secret_LHQrmCqvZCBTlPbkhQtisFRdddpxLgtXofTMaXKtwIfBcJmGOb1167903935,#({]",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:51:05 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance inZ0M9FN0MHfPCB
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_KCqDofbRnncvAud15157;;\\%\"",
  "scope": "openid",
  "response_type": "id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "MK7aknQb4GKoIe9vFnmqajOE-lqVpeEe_y-2QwnsfXM",
  "nonce": "SMpNbHHwogpKkw-ESxpnXYXEwTQUwTegzr6xHbr23yE",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:51:05 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:51:05 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:05 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_KCqDofbRnncvAud15157;;\\%\"",
  "scope": "openid",
  "response_type": "id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "MK7aknQb4GKoIe9vFnmqajOE-lqVpeEe_y-2QwnsfXM",
  "nonce": "SMpNbHHwogpKkw-ESxpnXYXEwTQUwTegzr6xHbr23yE",
  "response_mode": "form_post"
}
2020-09-01 12:51:05 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:51:05 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
SMpNbHHwogpKkw-ESxpnXYXEwTQUwTegzr6xHbr23yE
2020-09-01 12:51:05 SUCCESS
EnsureResponseTypeIsIdToken
Response type is expected value
expected
id_token
2020-09-01 12:51:05 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_KCqDofbRnncvAud15157;;\%"
2020-09-01 12:51:05 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:05 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:05 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:51:05 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/
sub
user-subject-1234531
aud
client_KCqDofbRnncvAud15157;;\%"
nonce
SMpNbHHwogpKkw-ESxpnXYXEwTQUwTegzr6xHbr23yE
iat
1598964665
exp
1598964965
2020-09-01 12:51:05 SUCCESS
AddInvalidNonceValueToIdToken
Added invalid nonce to ID token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/inZ0M9FN0MHfPCB/",
  "sub": "user-subject-1234531",
  "aud": "client_KCqDofbRnncvAud15157;;\\%\"",
  "nonce": "SMpNbHHwogpKkw-ESxpnXYXEwTQUwTegzr6xHbr23yE1",
  "iat": 1598964665,
  "exp": 1598964965
}
nonce
SMpNbHHwogpKkw-ESxpnXYXEwTQUwTegzr6xHbr23yE1
2020-09-01 12:51:05 INFO
AddCHashToIdTokenClaims
Skipped evaluation due to missing required string: c_hash
expected
c_hash
2020-09-01 12:51:05 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-09-01 12:51:05 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI3ODA5NGI5Zi1mYThiLTQwMjctYWI2OS0wZjNjMDIzMjY5NTgiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9LQ3FEb2ZiUm5uY3ZBdWQxNTE1Nzs7XFwlXCIiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvaW5aME05Rk4wTUhmUENCXC8iLCJleHAiOjE1OTg5NjQ5NjUsIm5vbmNlIjoiU01wTmJISHdvZ3BLa3ctRVN4cG5YWVhFd1RRVXdUZWd6cjZ4SGJyMjN5RTEiLCJpYXQiOjE1OTg5NjQ2NjV9.OLboQojmnSN0b-a50joeCIS9Zjt_rAI1ZGqWrKgso2tdHuA1x2x4tNQfZuFJHcTjBN2T0riZAHJYUVcTrzEWtttEtcaMb7gLZO80DGzBERFWAw0w-W5oLR0Y9ZYfSxicbhoH27bSV2-oNFyYf49_3AP4q0rDk3-BLAR0M_EoC0R2apCyIWu3h6gA1QgCO8NKCGn-AZvwSwKuY0hmE-di08w7FrgbLwwDqtDoXe7lWeKrBBoQmZDeYLUJh_83lXgZ4d_D3EHQoMNhRg9y4VMAxjfjBoz4Na-JDWbXwNsVWBYheJUBvf8BWVCFYI5vZkB9OjN0he2iDdiyJN6HCIUSZg
key
{"p":"7OrB2EzbgQhQcze2mt5PsA_WSCUPqzjJLFE7aQVAAC6GTrPY7Rj2_ZE5dO2ig1Vfo_O8Etzr1_PZvaSmqn2-TIKR8vw1YfVwFoEEA4JHpmF0b_aRoS1bJVpqbio5SaxUa8O_G5rbvCO8G_eA8T3s30xd9yHQ0XuYR6dCzC8u87U","kty":"RSA","q":"1aiimgorPWflFgnrNhztZW3rrzj2mGbXUGj6KNZQDbPFMIxQG4NORCFG0x7uN-Hcmf2jySArNznde5C4cwIQfMpeBB57IF43irlM_dH1r2aIppNlHLjOhDlRCbtRIwY6UTv2YP41WN9xYjvfjYVkLXdzWMgwZOplJylFQBZXii8","d":"R97V6P4i5cZgkrEJ1RqCyT5cdaKAHLll2lM_IBrQErlqtWH-BzZ3ER0uOJ9sKBYyg2XdajrIN9znILQSUjSgLJmQt8vxRckm0xCBdORtNvDy023GjS-ElKHCtDllab2w4EGy7mHxY97IfWS2lFeHgt4PNfJQmicwBRP77gXLFkP78mPLZIpjbmpYShPP0lu0yHJDq_nh70yEEoAVz2VaDzpwfBvTQInGxhzECoGcYCckIb75l2IRvhG8EKTTRQn7_IHtrRGOSTUXyyiD4_mfEGCSJs46b0e74ecW8O0vtgF8St0p7g9EH3s9ajanVVQz_6IVgZwmtorfIUrje62meQ","e":"AQAB","use":"sig","kid":"78094b9f-fa8b-4027-ab69-0f3c02326958","qi":"iwCzGjRytzg8j2BAZzF_D2-4W3h8UAMTMi0c00RkNOX6rFdH0zmSR9WB39ZDUUxukMgBvQiI1CInJkf4HIzxSpXrh3xR9ka7VqprYJjkBCoVVs1lQV1_akwbUzNg7A0ZtvVv1Rbroo885XfL-r9mjafoRCfnx2Xgav2Omhr9OeI","dp":"qthviSeDcv0n5q5ahDukg3YoNEZlkjeU-txpV0Zt7LOgLskKuY-zLQ-4u1VSSBscqQJusbuWZ1h1wIgnl_KtdEcEMJEnfcicV94Zot4kBRtp-AN66RvoCnu1HFRek34uMrgp7CI0KuwqDpDg7xaU5kIP0NMV3rqeCa3YQZ4U4bE","dq":"jacCNtJrHIkXLudglD3VfpvD2CYSB7SXJ-6RfCWqaYs4PxmnurXxW-YcCLjHAzGxij7JKf0z6adpmhS21TkXKUUZ0-1JgIo2lLiJvPZIxwNZseai8Mnt0WgWvDb-chQc8eKpVGD1iXiKubAsZK19X0-En-YJf76PVclc6kJlw20","n":"xbtj00sxvv7VE_PiGpdg5sSe4YWGyf3xXB9wdWBIXTZiMQjWmv7153p5b9wdLt7lPy9DM2z3gZYiCqx52bVgz02o8aN7OxnwSlxdIB75NkMvxg9CoT78DroQNL8Ylxc1ggKtj-CH5vu3RHWc53dXg_-irLfBSV3EkqwyRhD4bJUv7bz0gk_rL5uKs3PnozTSN8DfEkEtYSvVoBBeGyzE7hbrqOFxM8_O2EVu-hv8whF7weKpmcOqUjeQPYQ2Wu1qQA0PEdNrJ3JLGECYZwJQYCNft9MY4Fm8FEZTilK1jWAs7kWRLjPUGVHvL9eLJ2LRYFBPD9Gxivyfkx0SWYFQOw"}
algorithm
RS256
2020-09-01 12:51:05 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:05 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "MK7aknQb4GKoIe9vFnmqajOE-lqVpeEe_y-2QwnsfXM"
}
2020-09-01 12:51:05 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "MK7aknQb4GKoIe9vFnmqajOE-lqVpeEe_y-2QwnsfXM",
  "id_token": "eyJraWQiOiI3ODA5NGI5Zi1mYThiLTQwMjctYWI2OS0wZjNjMDIzMjY5NTgiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9LQ3FEb2ZiUm5uY3ZBdWQxNTE1Nzs7XFwlXCIiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvaW5aME05Rk4wTUhmUENCXC8iLCJleHAiOjE1OTg5NjQ5NjUsIm5vbmNlIjoiU01wTmJISHdvZ3BLa3ctRVN4cG5YWVhFd1RRVXdUZWd6cjZ4SGJyMjN5RTEiLCJpYXQiOjE1OTg5NjQ2NjV9.OLboQojmnSN0b-a50joeCIS9Zjt_rAI1ZGqWrKgso2tdHuA1x2x4tNQfZuFJHcTjBN2T0riZAHJYUVcTrzEWtttEtcaMb7gLZO80DGzBERFWAw0w-W5oLR0Y9ZYfSxicbhoH27bSV2-oNFyYf49_3AP4q0rDk3-BLAR0M_EoC0R2apCyIWu3h6gA1QgCO8NKCGn-AZvwSwKuY0hmE-di08w7FrgbLwwDqtDoXe7lWeKrBBoQmZDeYLUJh_83lXgZ4d_D3EHQoMNhRg9y4VMAxjfjBoz4Na-JDWbXwNsVWBYheJUBvf8BWVCFYI5vZkB9OjN0he2iDdiyJN6HCIUSZg"
}
2020-09-01 12:51:05 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance inZ0M9FN0MHfPCB
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"MK7aknQb4GKoIe9vFnmqajOE-lqVpeEe_y-2QwnsfXM","id_token":"eyJraWQiOiI3ODA5NGI5Zi1mYThiLTQwMjctYWI2OS0wZjNjMDIzMjY5NTgiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9LQ3FEb2ZiUm5uY3ZBdWQxNTE1Nzs7XFwlXCIiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvaW5aME05Rk4wTUhmUENCXC8iLCJleHAiOjE1OTg5NjQ5NjUsIm5vbmNlIjoiU01wTmJISHdvZ3BLa3ctRVN4cG5YWVhFd1RRVXdUZWd6cjZ4SGJyMjN5RTEiLCJpYXQiOjE1OTg5NjQ2NjV9.OLboQojmnSN0b-a50joeCIS9Zjt_rAI1ZGqWrKgso2tdHuA1x2x4tNQfZuFJHcTjBN2T0riZAHJYUVcTrzEWtttEtcaMb7gLZO80DGzBERFWAw0w-W5oLR0Y9ZYfSxicbhoH27bSV2-oNFyYf49_3AP4q0rDk3-BLAR0M_EoC0R2apCyIWu3h6gA1QgCO8NKCGn-AZvwSwKuY0hmE-di08w7FrgbLwwDqtDoXe7lWeKrBBoQmZDeYLUJh_83lXgZ4d_D3EHQoMNhRg9y4VMAxjfjBoz4Na-JDWbXwNsVWBYheJUBvf8BWVCFYI5vZkB9OjN0he2iDdiyJN6HCIUSZg"}}]
outgoing_path
authorize
2020-09-01 12:51:05 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance inZ0M9FN0MHfPCB
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:51:05 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance inZ0M9FN0MHfPCB
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "78094b9f-fa8b-4027-ab69-0f3c02326958",
      "n": "xbtj00sxvv7VE_PiGpdg5sSe4YWGyf3xXB9wdWBIXTZiMQjWmv7153p5b9wdLt7lPy9DM2z3gZYiCqx52bVgz02o8aN7OxnwSlxdIB75NkMvxg9CoT78DroQNL8Ylxc1ggKtj-CH5vu3RHWc53dXg_-irLfBSV3EkqwyRhD4bJUv7bz0gk_rL5uKs3PnozTSN8DfEkEtYSvVoBBeGyzE7hbrqOFxM8_O2EVu-hv8whF7weKpmcOqUjeQPYQ2Wu1qQA0PEdNrJ3JLGECYZwJQYCNft9MY4Fm8FEZTilK1jWAs7kWRLjPUGVHvL9eLJ2LRYFBPD9Gxivyfkx0SWYFQOw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e8568ad2-29dc-4784-9b7c-3171bf50a6fb",
      "n": "iIU5qsEMxDQm5MZoPpYYUrTC4d7I_SxodLyv5oWD11yGSesFMw5YPjrepPXzQxrkbjrPXZlFdsJGNHtv3fN5Ku2J0GzaksWKcysUwcN8SCRkJAy24w14A0TY5-qnvmG51zutwtpQMoT58WVtslYAmtOwS8r0LYpORxCiOpUzcitR_K_zF3_p0uCJdhAtjc9291G13hrxJcfRs1_37Ot7ev3sPKcVe7HYh709W90iOaN7XuBVLVUCXPkLGlURNozux9jmMch0vnkWD_HUioDKKx_sXv33sc_eKDOcCH79YOTo7X-vTmcto_xvXAt5zAd8rFMCSW8hxRHbfkNtS7WL7w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "691a78af-0b10-4dfa-b125-3693fc37eefb",
      "x": "0UZ6EzPypsATLixQRBikMNpdrpZyhcWyu3cPo78qBT8",
      "y": "cW-6sPFpipUQg7f1gj60oD2fe1i5-wZsLNOODcBMZ9Y"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7a665aeb-b84d-456c-9ae4-2f3ae8130883",
      "x": "4lsRekjWAm_TZehtr0tDCdmGBl_jxO966a1mqdE3Als",
      "y": "6Ovhczrha5-6QVv0-8MXZl3b5Ki4-lMrxbWu-l5SF3U"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "ea539f1b-9eb8-45a8-ba14-492ea8707ab2",
      "x": "nfCQzqhSrpxT0gJWuCvlbIMc8w4Lgrjs-Ob4g_TSESw",
      "y": "vsOk7sTrsbWIQcizds-wML95dNjoJRfuiEGV3yfjeOE"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "2256de3e-4d32-4fc1-9145-30b87dc3f002",
      "x": "kuf27DCfasqvmdV88Q8Ax8qWJi8y4x2DA-FA_Mg2sLA"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0e5edf22-64ca-497e-9e70-c421849252e9",
      "alg": "RSA-OAEP",
      "n": "xaZtRRcfYxus09yvfAw21h9N-1VHtH0xhgCd50IFrrFxMyp1wY8adTnKDup2eQZZPw4nx1FEbf4wIauW7V6wS6hlK-1m9gvjXLAMfqowNZ7dXRylb3OPVWmWVS5ctmm3xZP4R-XL7fuF8b60ER4AY_yhv0mPTeagKtDr3XiNg3dnIJT8n1CePkwnUlviuA4tn87bOfYGf8dMPEBlyA35iW5YDwph9vODp3ndvR4rs319YKug0rJ2GpPLuIX3l1j1pHqAoy0b2wwMcdD30E7xSrQhfwQXsmZpkLOuz6smYbi9Hig76BYMWWJQL0abKDRW7-rrJ6StjXb_9acfYIpejw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "c277f744-2cce-4586-b3dd-1ede37f5f97b",
      "x": "bwHee-40FKzTwqMluJbMrafKOOBaonXR9Wkvj3yWNxs",
      "y": "J2DQz3B2vGOaYmWKcvM8SaB63lYdYX9YWoC9Qkj56RA",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:51:05 FINISHED
oidcc-client-test-nonce-invalid
Test has run to completion
testmodule_result
PASSED
Test Results