Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:50:55 INFO
TEST-RUNNER
Test instance i4sV0AtG7ucghdM created
baseUrl
https://www.certification.openid.net/test/i4sV0AtG7ucghdM
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-invalid-chash
2020-09-01 12:50:55 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/",
  "authorization_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/token",
  "jwks_uri": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:50:55
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/",
  "authorization_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/token",
  "jwks_uri": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:50:56
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "7viDtUWmuSmetQHEuhhzSyXzChzjrKxLmEN5B7WiC1wVwZnO1fi8TlDw_iYIGR1iOclmVFkIAIZ17C2RlQKdzqM5U5QEBXRbeXxlLLZq8V41eR86v2ttGQAGuAsfJG1aEXfeKlOp4dfzwxmOQHveA_5vYGM3AUjoWPFsS31yw0c",
      "kty": "RSA",
      "q": "la8rnecSyJxKhLcW5Exfr8qFFux_PdXyQCP_xU7TkBuXjhMhvFAMiKGNCNd839rCJTYT0f9G46bp6IeE2hsN7c3i3dwwjVkNmHViE_4fLmOkpgH99UPGLEVMFcZ076jW1ZpxBbG1woShPY_wDrhsYsZ61fTTLo51vXN351IDFtE",
      "d": "XWvorbvI7OErTElB5hKflTx7BFmR7SbvSTGbBnUzT7wRf1X0BUwVDFGNmaGeTHKTqHjm5oB8Gac_k0I9aolVBMqS_m2G4Qf-3Ce3-0wzRuAfcoJydlVwqXnyWY19BYovbEsIdra9Awx67a3EWhl7_cIc-YRJ9vLWx0RWBI3gaErD_VJodjFNMOUN2MZnreAkGbwneVTTE0YU2KrsHxNKYch7BKUa3TE_1N-RFd3vsoBByzP_gH2VNNnmVlxA4YdxGLJ3MF_4T8_7VVa0UX5IWYpUVH9w7zORxZRKqZ1O86EAb3y_4i14fMcfOSbhhrR5ZxgO8oAj1yLyNeZtuET8wQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "cd33dedb-c470-4632-b06f-d048d8dbcf7f",
      "qi": "pD_jKXYxW6DJ42maba1CrwzTNDnyuuNekb6zWJHmABRZ9Bn6G7k_6eXlNvQldDV_DKubQHUjSKSLvYq9sDq0ch4JH0bG_KePHbG6oIh2uSpqoINjsVwMCG3eK78WpTR_osq0B8g26GU5X01v1A1MJwb1R1FFwvLaOVm-aLTBjsk",
      "dp": "C383TvRP5h6jfQ_duBpPCbGEtNrY9UjAxk2QuBc7-ZHvlgXhVpgF7zqjrYaE4zhvrloLK0mxQd02NSuoEmQy1Wsy6dt4Kg8EC585euI32O7wYahn-ief8xD2Qcp_MBB2wdpjfOPTi4MJPjyvhFixQL3v-9IqJkysqQLMdAFQESc",
      "dq": "hNjMGD9-P0ffJzyr94EFJ6rRRhAtuf7JGz4YAdC9GdgzQSgft9c_2H-xAVjm_nJT_tyo6KbtDp0UWoj0UvLSAO3K3OdQvBJ-a4I6ws22dOCAv8li0KwPFTmHloflPtMVoMyKZOhdDb_SryWxhA8QOvY3DO9WAqrzOmphz47NKRE",
      "n": "i7opQa6wpzJlqlTAC7YLqRbwQ_woSAeNBfng5U1CAya39dq-1H-cTvr5oIgOYl3sFW7ZWvA6q28d8GxYLWBEghJX_dpiBrNQDX_L222PHtUYfqxU4dda0Z2FNtvT2XuMRBDmhqBb8hSflC19G3VEpKZQA78ZpLlOVba4mZs8nwehhEhVsL-mQ_qI64M0CpgH4p_XOLASjYMr3FREdVeBHPNLqZ87PC1qcaFEoq1IPadwpn85nanF6ppO3FcIx7JdbzP1iSixsgjvY4pukZ4UoeL9UbAzrWpboV06Z2w8qVMOr3yyH7II4vQpqk_a4XUz_yX01MHEYnR-sldfT06G9w"
    },
    {
      "kty": "EC",
      "d": "Fki9fbhXIAUo08evpX6fcvQ_8SHXc-M2wO_Po-0mVHU",
      "use": "sig",
      "crv": "P-256",
      "kid": "e10d3bd2-8a2d-45b8-875c-a048ac31e5a2",
      "x": "GtvADUAg_muC2Utjcj8N3xXgGphoOkZSEkakslCMUT8",
      "y": "r1UNlnbehkqjYUnk4CiRPgvirNXsMoHw7UgWGFwPsd8"
    },
    {
      "kty": "EC",
      "d": "DYxIhpt9kUvrgx4WEHOx46at6txngtIGdnteqDUKWCQ",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "bc09db09-5198-4f40-b237-ad1d211db723",
      "x": "hkQNOBfBUpU0CJYeZSvuuUpvIlwuZRO3jULUXayszy0",
      "y": "-I0adeKFVdbLmAbonSIOkxsKgfrxZjFvjtReZQVATXI"
    },
    {
      "kty": "OKP",
      "d": "NC1cY8I7pUVAqTUB3oBSxn7SIQ69N7SicGD_sr37WG4",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "20937924-0175-41eb-96da-8b3c4192f6ff",
      "x": "-Ojhur_CAjD1WNogexsNklnk8xQwal4MXXBqBxx_qVs"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "73sajtUMrimhAOK8C_BgW56MoxnnVaCk0W4mWjrWeN4UHbCMhmt-BjmzCBD3v4k-nxz5QULXitclh-pNWHoH4qd2Z4gTNmnbdY0dZy3KUX1Tgcr69WBRy5INEVnYaqZ8YZHXd8THND3JTsjvOijcZSXAOeXcqBNZpzmIu3YDBSE",
      "kty": "RSA",
      "q": "rVXVeagxmgZP7La8PC74RM6YTgEN8pGlAYpw2SnyzhzNnsd1Ejq7xCpfoOGtNW1TDlzTsMi8YTk59vh_0aDUfeTCnQujwaPZ4FwS08A5WooTf5fSTEg0BK2xO7XR7J3vp_MuQM3LZaOZg8eoc-029QScP-mzGTli0f_S5fyda68",
      "d": "Yp0HY_D7Rv2l5a8cIi2nxvVNAZ8AKsFdTG16DtdSYnMhZGQQvSR8vTQB1FgEwjtaiimxwhbg-G3c4hIycKovpST-1g7EFD6QG4hklrczMrXIEwmxcYvmDcFiOhj4iSaugEQE2IaWQG1w-Wgxh2sSmEdC6EpPyufxqw355goolX3W6qDEE0nQakuVbWC3P3WmdG5He13d8PVeB_a5gT-2bfSJUpTEsP8sWOe8DZgj8cxbAYQMC5sEq6DJhKMDfVcipbdFUJgYFmqpZMwKTAFCVylojRUgDa-tDgVQ_TXWTdPD_-fi9cnUWl6GaAFH1y1rk-uAzNoPvD0izksQfmUvwQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "f9b6a756-aeb3-48ca-ad0b-114273cd2ebd",
      "qi": "QusvCUsQnpLd_2wDVBbt2Tv0sOI2XntrsH5MJWqRQZQpgx20ndZk889cdMD9ccz_wpOA3Hl1CszaV_oYBT0qNGT4gwSIZRyBGPHHtwiF3vZo9HKZsvPE7BKFkGkA7qLgZQh4oGI28nre7BVUsNtlaroXyNvXUPjFGcbvpO9L_5Y",
      "dp": "oprwznjkskD73FEXo_ekRbFjBr_o7qA0KSvkiLGYvNr1x67_y6mjGXEGGf0Da58x0PHoYKKVHeW1yxKRT_kT75cLc4LWoMTByZB2nX9e93PkRqXfPssW3uWdT-G0a739iHZxWhZXuCYX0RHoNZJXC6rVWbq0177DyiLrr3WS2WE",
      "alg": "RSA-OAEP",
      "dq": "VBGvakQDWrr5BMxUW7REQcsZ36tvQlkVeLvWo91OoF0j9YCz7VWDQE909ii-w4z0naC0I6gYheclj_1SsS-aID1VjqnYkNCRmdnOX9l5d8pETrwqCUlzwVkk_treqC6p0AGIS3IE1pUUne-2ahOBdjD4P59veCp3HXdAqL9u8o0",
      "n": "oiZ8hZMF48H8TxYCpEW27GkUVagbWO-NF4T6SsJhKkQyr9tyoCHfuqMFeyV_dx1TZiihkxvz_1mnWY_ywupMfkD8xqjflv0bAlj8CAO2QD-uqjT-FmYpO7KkSH9LWTqr6QWgkjVrGLhSg8s43ChFpXyYBAqce-j72cs_dyPP4H96w74p0yMIq9pX3Fi-Gb0BERa1PbPBxouQJGtarSYS--ce1K1km-WRiQznmx6x2wxwPq8YXMVZPTvjP1jM7EDgjMzeRQRMpAyLnBv1vew6-yb0K68sFRT12n6CGvtGBPudbpEjDoculgs80R2VvwOWtD5UwKjNTmLXZNPkkHJMjw"
    },
    {
      "kty": "EC",
      "d": "OAecqReHNKIsFDI27ACEAusiDKxmCPlVZDpMyk2M4Zg",
      "use": "enc",
      "crv": "P-256",
      "kid": "be8192c0-6075-4eed-bfd7-5c443a463273",
      "x": "XeuLkIREPVjTuUexSoD2T-584RmgwntYZbusgiw71m0",
      "y": "LEiVN9ilUvTe3AS8dPh1cOXnEmS0rtqTdP317Wr-2Kg",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "cd33dedb-c470-4632-b06f-d048d8dbcf7f",
      "n": "i7opQa6wpzJlqlTAC7YLqRbwQ_woSAeNBfng5U1CAya39dq-1H-cTvr5oIgOYl3sFW7ZWvA6q28d8GxYLWBEghJX_dpiBrNQDX_L222PHtUYfqxU4dda0Z2FNtvT2XuMRBDmhqBb8hSflC19G3VEpKZQA78ZpLlOVba4mZs8nwehhEhVsL-mQ_qI64M0CpgH4p_XOLASjYMr3FREdVeBHPNLqZ87PC1qcaFEoq1IPadwpn85nanF6ppO3FcIx7JdbzP1iSixsgjvY4pukZ4UoeL9UbAzrWpboV06Z2w8qVMOr3yyH7II4vQpqk_a4XUz_yX01MHEYnR-sldfT06G9w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a48885d6-9c84-4faa-bbd3-e9a1e8a78a9f",
      "n": "9z-XxaIKIS8GBJhpPuG2QRivs3klZRLfjsTt31a2XiB_8-oXwrYJyE3WKxgQAch25iLWJs9xDws24V-tKXHx9TNSVEWBMPgpjCoH0Kn6Qu5aLE_U7dy6YDn08Van0QUcNygdcAWsCnFN5nrqE5qRY2lFPxodL1S4Ub1u6vVW9nDUfYDillpQ8VHXVS1R0NyD8A9Z3jGHJMLHL2FzRjiUgtfKiruZhXUKVP7jGl8lVUR6EuxtxeMTCEaikJKnWG7WVcC5BRqeFtk6_GsSuLw0rPShV7shD3hXSU7IWOqBCrnuUkiQuQPlSONHEdmkTQYnhZteHE8btDcslXeBLgXrtQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e10d3bd2-8a2d-45b8-875c-a048ac31e5a2",
      "x": "GtvADUAg_muC2Utjcj8N3xXgGphoOkZSEkakslCMUT8",
      "y": "r1UNlnbehkqjYUnk4CiRPgvirNXsMoHw7UgWGFwPsd8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7626e111-9236-4db1-9dfe-50e5daf37988",
      "x": "38hv32wn8X3j6hVmL6LA78tzqH3sN2iMXE216z1SpAc",
      "y": "8oWAYZTGqXduuMAzg5MqUH9ltxlTSNAdSgUYrc290kg"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "bc09db09-5198-4f40-b237-ad1d211db723",
      "x": "hkQNOBfBUpU0CJYeZSvuuUpvIlwuZRO3jULUXayszy0",
      "y": "-I0adeKFVdbLmAbonSIOkxsKgfrxZjFvjtReZQVATXI"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "20937924-0175-41eb-96da-8b3c4192f6ff",
      "x": "-Ojhur_CAjD1WNogexsNklnk8xQwal4MXXBqBxx_qVs"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "f9b6a756-aeb3-48ca-ad0b-114273cd2ebd",
      "alg": "RSA-OAEP",
      "n": "oiZ8hZMF48H8TxYCpEW27GkUVagbWO-NF4T6SsJhKkQyr9tyoCHfuqMFeyV_dx1TZiihkxvz_1mnWY_ywupMfkD8xqjflv0bAlj8CAO2QD-uqjT-FmYpO7KkSH9LWTqr6QWgkjVrGLhSg8s43ChFpXyYBAqce-j72cs_dyPP4H96w74p0yMIq9pX3Fi-Gb0BERa1PbPBxouQJGtarSYS--ce1K1km-WRiQznmx6x2wxwPq8YXMVZPTvjP1jM7EDgjMzeRQRMpAyLnBv1vew6-yb0K68sFRT12n6CGvtGBPudbpEjDoculgs80R2VvwOWtD5UwKjNTmLXZNPkkHJMjw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "be8192c0-6075-4eed-bfd7-5c443a463273",
      "x": "XeuLkIREPVjTuUexSoD2T-584RmgwntYZbusgiw71m0",
      "y": "LEiVN9ilUvTe3AS8dPh1cOXnEmS0rtqTdP317Wr-2Kg",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:50:56 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:50:56 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:50:56 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:50:56 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:50:56
oidcc-client-test-invalid-chash
Setup Done
2020-09-01 12:50:59 INCOMING
oidcc-client-test-invalid-chash
Incoming HTTP request to test instance i4sV0AtG7ucghdM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:50:59 OUTGOING
oidcc-client-test-invalid-chash
Response to HTTP request to test instance i4sV0AtG7ucghdM
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/",
  "authorization_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/token",
  "jwks_uri": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:50:59 INCOMING
oidcc-client-test-invalid-chash
Incoming HTTP request to test instance i4sV0AtG7ucghdM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "181",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:50:59 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:50:59 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:50:59 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code id_token"
]
2020-09-01 12:50:59 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:50:59 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:50:59 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:50:59 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:50:59 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:50:59 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:50:59 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:50:59 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:50:59 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:50:59 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:50:59 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:50:59 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:50:59 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:50:59 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:50:59 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:50:59 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:50:59 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:50:59 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:50:59 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:50:59 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_rZpWhdPXMtOtMYg39295^/?#*"
}
2020-09-01 12:50:59
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_AOOJjmQeIIDmlzuwNiaTJctqSwYobJcwhcbNzCqROJbetPnUFf9154665552)%\+)
2020-09-01 12:50:59 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:50:59 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_rZpWhdPXMtOtMYg39295^/?#*",
  "client_secret": "secret_AOOJjmQeIIDmlzuwNiaTJctqSwYobJcwhcbNzCqROJbetPnUFf9154665552)%\\+)"
}
2020-09-01 12:50:59 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:50:59 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:50:59
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:50:59 OUTGOING
oidcc-client-test-invalid-chash
Response to HTTP request to test instance i4sV0AtG7ucghdM
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_rZpWhdPXMtOtMYg39295^/?#*",
  "client_secret": "secret_AOOJjmQeIIDmlzuwNiaTJctqSwYobJcwhcbNzCqROJbetPnUFf9154665552)%\\+)",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:51:00 INCOMING
oidcc-client-test-invalid-chash
Incoming HTTP request to test instance i4sV0AtG7ucghdM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_rZpWhdPXMtOtMYg39295^/?#*",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ICMqa7AccB1my9HPKO0RZozT87SACXyIXRLwdnTxaIk",
  "nonce": "AjUKZmA250_VgaStv4QFBGZQmYXMxcnGgIEcxuZ3eWc",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:51:00 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:51:00 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:00 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_rZpWhdPXMtOtMYg39295^/?#*",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ICMqa7AccB1my9HPKO0RZozT87SACXyIXRLwdnTxaIk",
  "nonce": "AjUKZmA250_VgaStv4QFBGZQmYXMxcnGgIEcxuZ3eWc",
  "response_mode": "form_post"
}
2020-09-01 12:51:00 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:51:00 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
AjUKZmA250_VgaStv4QFBGZQmYXMxcnGgIEcxuZ3eWc
2020-09-01 12:51:00 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2020-09-01 12:51:00 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_rZpWhdPXMtOtMYg39295^/?#*
2020-09-01 12:51:00 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:00 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:00 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:51:00 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
HoJJoCZW16
2020-09-01 12:51:00 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
rKxPGLZupOSPJsk4JAtNXA
2020-09-01 12:51:00 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/i4sV0AtG7ucghdM/
sub
user-subject-1234531
aud
client_rZpWhdPXMtOtMYg39295^/?#*
nonce
AjUKZmA250_VgaStv4QFBGZQmYXMxcnGgIEcxuZ3eWc
iat
1598964660
exp
1598964960
2020-09-01 12:51:00 SUCCESS
AddInvalidCHashValueToIdToken
Added invalid c_hash to ID token claims
c_hash
rKxPGLZupOSPJsk4JAtNXA1
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/i4sV0AtG7ucghdM/",
  "sub": "user-subject-1234531",
  "aud": "client_rZpWhdPXMtOtMYg39295^/?#*",
  "nonce": "AjUKZmA250_VgaStv4QFBGZQmYXMxcnGgIEcxuZ3eWc",
  "iat": 1598964660,
  "exp": 1598964960,
  "c_hash": "rKxPGLZupOSPJsk4JAtNXA1"
}
2020-09-01 12:51:00 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-09-01 12:51:00 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJjZDMzZGVkYi1jNDcwLTQ2MzItYjA2Zi1kMDQ4ZDhkYmNmN2YiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9yWnBXaGRQWE10T3RNWWczOTI5NV5cLz8jKiIsImNfaGFzaCI6InJLeFBHTFp1cE9TUEpzazRKQXROWEExIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2k0c1YwQXRHN3VjZ2hkTVwvIiwiZXhwIjoxNTk4OTY0OTYwLCJub25jZSI6IkFqVUtabUEyNTBfVmdhU3R2NFFGQkdaUW1ZWE14Y25HZ0lFY3h1WjNlV2MiLCJpYXQiOjE1OTg5NjQ2NjB9.ExSAeVrOOEYNKeWuQijyrXB21Keih2H5BgOACSA1ZBstBUGFIYyvBu0y8kMSFKPdHsIObpXFK8vGXLZhWap0S46UgSXK9mWgh4MKqCiOz3NwnMbU7HdUhvWUA-i73tMtNoPYeFskMmvCs3-8f1XYvLP0KC2q1vaXy5s3p1D1UzfEnckFj3cLSiQBPLCG7OIgJ5JHr93uF5me1_XprhnOgU7TbyFprqd-2I80TFekIM-6ica8iq3v7dz-GrrcNmu6teEDVoo336gumHygdsqDQavX3BeZgREBySMYghPDSLF8Dbc7zYSQu3ncYqnE88Tp1Ng-anryF9ZB5-B1zO7Y4Q
key
{"p":"7viDtUWmuSmetQHEuhhzSyXzChzjrKxLmEN5B7WiC1wVwZnO1fi8TlDw_iYIGR1iOclmVFkIAIZ17C2RlQKdzqM5U5QEBXRbeXxlLLZq8V41eR86v2ttGQAGuAsfJG1aEXfeKlOp4dfzwxmOQHveA_5vYGM3AUjoWPFsS31yw0c","kty":"RSA","q":"la8rnecSyJxKhLcW5Exfr8qFFux_PdXyQCP_xU7TkBuXjhMhvFAMiKGNCNd839rCJTYT0f9G46bp6IeE2hsN7c3i3dwwjVkNmHViE_4fLmOkpgH99UPGLEVMFcZ076jW1ZpxBbG1woShPY_wDrhsYsZ61fTTLo51vXN351IDFtE","d":"XWvorbvI7OErTElB5hKflTx7BFmR7SbvSTGbBnUzT7wRf1X0BUwVDFGNmaGeTHKTqHjm5oB8Gac_k0I9aolVBMqS_m2G4Qf-3Ce3-0wzRuAfcoJydlVwqXnyWY19BYovbEsIdra9Awx67a3EWhl7_cIc-YRJ9vLWx0RWBI3gaErD_VJodjFNMOUN2MZnreAkGbwneVTTE0YU2KrsHxNKYch7BKUa3TE_1N-RFd3vsoBByzP_gH2VNNnmVlxA4YdxGLJ3MF_4T8_7VVa0UX5IWYpUVH9w7zORxZRKqZ1O86EAb3y_4i14fMcfOSbhhrR5ZxgO8oAj1yLyNeZtuET8wQ","e":"AQAB","use":"sig","kid":"cd33dedb-c470-4632-b06f-d048d8dbcf7f","qi":"pD_jKXYxW6DJ42maba1CrwzTNDnyuuNekb6zWJHmABRZ9Bn6G7k_6eXlNvQldDV_DKubQHUjSKSLvYq9sDq0ch4JH0bG_KePHbG6oIh2uSpqoINjsVwMCG3eK78WpTR_osq0B8g26GU5X01v1A1MJwb1R1FFwvLaOVm-aLTBjsk","dp":"C383TvRP5h6jfQ_duBpPCbGEtNrY9UjAxk2QuBc7-ZHvlgXhVpgF7zqjrYaE4zhvrloLK0mxQd02NSuoEmQy1Wsy6dt4Kg8EC585euI32O7wYahn-ief8xD2Qcp_MBB2wdpjfOPTi4MJPjyvhFixQL3v-9IqJkysqQLMdAFQESc","dq":"hNjMGD9-P0ffJzyr94EFJ6rRRhAtuf7JGz4YAdC9GdgzQSgft9c_2H-xAVjm_nJT_tyo6KbtDp0UWoj0UvLSAO3K3OdQvBJ-a4I6ws22dOCAv8li0KwPFTmHloflPtMVoMyKZOhdDb_SryWxhA8QOvY3DO9WAqrzOmphz47NKRE","n":"i7opQa6wpzJlqlTAC7YLqRbwQ_woSAeNBfng5U1CAya39dq-1H-cTvr5oIgOYl3sFW7ZWvA6q28d8GxYLWBEghJX_dpiBrNQDX_L222PHtUYfqxU4dda0Z2FNtvT2XuMRBDmhqBb8hSflC19G3VEpKZQA78ZpLlOVba4mZs8nwehhEhVsL-mQ_qI64M0CpgH4p_XOLASjYMr3FREdVeBHPNLqZ87PC1qcaFEoq1IPadwpn85nanF6ppO3FcIx7JdbzP1iSixsgjvY4pukZ4UoeL9UbAzrWpboV06Z2w8qVMOr3yyH7II4vQpqk_a4XUz_yX01MHEYnR-sldfT06G9w"}
algorithm
RS256
2020-09-01 12:51:00 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:00 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ICMqa7AccB1my9HPKO0RZozT87SACXyIXRLwdnTxaIk"
}
2020-09-01 12:51:00 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ICMqa7AccB1my9HPKO0RZozT87SACXyIXRLwdnTxaIk",
  "code": "HoJJoCZW16"
}
2020-09-01 12:51:00 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ICMqa7AccB1my9HPKO0RZozT87SACXyIXRLwdnTxaIk",
  "code": "HoJJoCZW16",
  "id_token": "eyJraWQiOiJjZDMzZGVkYi1jNDcwLTQ2MzItYjA2Zi1kMDQ4ZDhkYmNmN2YiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9yWnBXaGRQWE10T3RNWWczOTI5NV5cLz8jKiIsImNfaGFzaCI6InJLeFBHTFp1cE9TUEpzazRKQXROWEExIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2k0c1YwQXRHN3VjZ2hkTVwvIiwiZXhwIjoxNTk4OTY0OTYwLCJub25jZSI6IkFqVUtabUEyNTBfVmdhU3R2NFFGQkdaUW1ZWE14Y25HZ0lFY3h1WjNlV2MiLCJpYXQiOjE1OTg5NjQ2NjB9.ExSAeVrOOEYNKeWuQijyrXB21Keih2H5BgOACSA1ZBstBUGFIYyvBu0y8kMSFKPdHsIObpXFK8vGXLZhWap0S46UgSXK9mWgh4MKqCiOz3NwnMbU7HdUhvWUA-i73tMtNoPYeFskMmvCs3-8f1XYvLP0KC2q1vaXy5s3p1D1UzfEnckFj3cLSiQBPLCG7OIgJ5JHr93uF5me1_XprhnOgU7TbyFprqd-2I80TFekIM-6ica8iq3v7dz-GrrcNmu6teEDVoo336gumHygdsqDQavX3BeZgREBySMYghPDSLF8Dbc7zYSQu3ncYqnE88Tp1Ng-anryF9ZB5-B1zO7Y4Q"
}
2020-09-01 12:51:00 OUTGOING
oidcc-client-test-invalid-chash
Response to HTTP request to test instance i4sV0AtG7ucghdM
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"ICMqa7AccB1my9HPKO0RZozT87SACXyIXRLwdnTxaIk","code":"HoJJoCZW16","id_token":"eyJraWQiOiJjZDMzZGVkYi1jNDcwLTQ2MzItYjA2Zi1kMDQ4ZDhkYmNmN2YiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9yWnBXaGRQWE10T3RNWWczOTI5NV5cLz8jKiIsImNfaGFzaCI6InJLeFBHTFp1cE9TUEpzazRKQXROWEExIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2k0c1YwQXRHN3VjZ2hkTVwvIiwiZXhwIjoxNTk4OTY0OTYwLCJub25jZSI6IkFqVUtabUEyNTBfVmdhU3R2NFFGQkdaUW1ZWE14Y25HZ0lFY3h1WjNlV2MiLCJpYXQiOjE1OTg5NjQ2NjB9.ExSAeVrOOEYNKeWuQijyrXB21Keih2H5BgOACSA1ZBstBUGFIYyvBu0y8kMSFKPdHsIObpXFK8vGXLZhWap0S46UgSXK9mWgh4MKqCiOz3NwnMbU7HdUhvWUA-i73tMtNoPYeFskMmvCs3-8f1XYvLP0KC2q1vaXy5s3p1D1UzfEnckFj3cLSiQBPLCG7OIgJ5JHr93uF5me1_XprhnOgU7TbyFprqd-2I80TFekIM-6ica8iq3v7dz-GrrcNmu6teEDVoo336gumHygdsqDQavX3BeZgREBySMYghPDSLF8Dbc7zYSQu3ncYqnE88Tp1Ng-anryF9ZB5-B1zO7Y4Q"}}]
outgoing_path
authorize
2020-09-01 12:51:00 INCOMING
oidcc-client-test-invalid-chash
Incoming HTTP request to test instance i4sV0AtG7ucghdM
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:51:00 OUTGOING
oidcc-client-test-invalid-chash
Response to HTTP request to test instance i4sV0AtG7ucghdM
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "cd33dedb-c470-4632-b06f-d048d8dbcf7f",
      "n": "i7opQa6wpzJlqlTAC7YLqRbwQ_woSAeNBfng5U1CAya39dq-1H-cTvr5oIgOYl3sFW7ZWvA6q28d8GxYLWBEghJX_dpiBrNQDX_L222PHtUYfqxU4dda0Z2FNtvT2XuMRBDmhqBb8hSflC19G3VEpKZQA78ZpLlOVba4mZs8nwehhEhVsL-mQ_qI64M0CpgH4p_XOLASjYMr3FREdVeBHPNLqZ87PC1qcaFEoq1IPadwpn85nanF6ppO3FcIx7JdbzP1iSixsgjvY4pukZ4UoeL9UbAzrWpboV06Z2w8qVMOr3yyH7II4vQpqk_a4XUz_yX01MHEYnR-sldfT06G9w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a48885d6-9c84-4faa-bbd3-e9a1e8a78a9f",
      "n": "9z-XxaIKIS8GBJhpPuG2QRivs3klZRLfjsTt31a2XiB_8-oXwrYJyE3WKxgQAch25iLWJs9xDws24V-tKXHx9TNSVEWBMPgpjCoH0Kn6Qu5aLE_U7dy6YDn08Van0QUcNygdcAWsCnFN5nrqE5qRY2lFPxodL1S4Ub1u6vVW9nDUfYDillpQ8VHXVS1R0NyD8A9Z3jGHJMLHL2FzRjiUgtfKiruZhXUKVP7jGl8lVUR6EuxtxeMTCEaikJKnWG7WVcC5BRqeFtk6_GsSuLw0rPShV7shD3hXSU7IWOqBCrnuUkiQuQPlSONHEdmkTQYnhZteHE8btDcslXeBLgXrtQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e10d3bd2-8a2d-45b8-875c-a048ac31e5a2",
      "x": "GtvADUAg_muC2Utjcj8N3xXgGphoOkZSEkakslCMUT8",
      "y": "r1UNlnbehkqjYUnk4CiRPgvirNXsMoHw7UgWGFwPsd8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7626e111-9236-4db1-9dfe-50e5daf37988",
      "x": "38hv32wn8X3j6hVmL6LA78tzqH3sN2iMXE216z1SpAc",
      "y": "8oWAYZTGqXduuMAzg5MqUH9ltxlTSNAdSgUYrc290kg"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "bc09db09-5198-4f40-b237-ad1d211db723",
      "x": "hkQNOBfBUpU0CJYeZSvuuUpvIlwuZRO3jULUXayszy0",
      "y": "-I0adeKFVdbLmAbonSIOkxsKgfrxZjFvjtReZQVATXI"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "20937924-0175-41eb-96da-8b3c4192f6ff",
      "x": "-Ojhur_CAjD1WNogexsNklnk8xQwal4MXXBqBxx_qVs"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "f9b6a756-aeb3-48ca-ad0b-114273cd2ebd",
      "alg": "RSA-OAEP",
      "n": "oiZ8hZMF48H8TxYCpEW27GkUVagbWO-NF4T6SsJhKkQyr9tyoCHfuqMFeyV_dx1TZiihkxvz_1mnWY_ywupMfkD8xqjflv0bAlj8CAO2QD-uqjT-FmYpO7KkSH9LWTqr6QWgkjVrGLhSg8s43ChFpXyYBAqce-j72cs_dyPP4H96w74p0yMIq9pX3Fi-Gb0BERa1PbPBxouQJGtarSYS--ce1K1km-WRiQznmx6x2wxwPq8YXMVZPTvjP1jM7EDgjMzeRQRMpAyLnBv1vew6-yb0K68sFRT12n6CGvtGBPudbpEjDoculgs80R2VvwOWtD5UwKjNTmLXZNPkkHJMjw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "be8192c0-6075-4eed-bfd7-5c443a463273",
      "x": "XeuLkIREPVjTuUexSoD2T-584RmgwntYZbusgiw71m0",
      "y": "LEiVN9ilUvTe3AS8dPh1cOXnEmS0rtqTdP317Wr-2Kg",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:51:02 FINISHED
oidcc-client-test-invalid-chash
Test has run to completion
testmodule_result
PASSED
Test Results