Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:54:41 INFO
TEST-RUNNER
Test instance INtYcIsWXnPmgVR created
baseUrl
https://www.certification.openid.net/test/INtYcIsWXnPmgVR
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-invalid-sig-rs256
2020-09-01 12:54:41 SUCCESS
OIDCCGenerateServerConfigurationIdTokenSigningAlgRS256Only
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/",
  "authorization_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/token",
  "jwks_uri": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:54:41
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/",
  "authorization_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/token",
  "jwks_uri": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:54:41
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "4zMVztNwveDykwbmNOOYc8N_Xs6p437GNur4AMlA4TV8vIx20zmmBua7L62TNHkmYMyQXP2J3kM4J_nO2sws51gBLkZlmONywXhnSDBVxwzKPB8EHoAJm1hyibihtzzJbL8tDUAme4ZZzuVP4Uiju1oOBgcNq6rTqUnQMPyYQXc",
      "kty": "RSA",
      "q": "0ialRMw4feP3Px4CXoaQ8G7BR-NHvVJ0KbZJn2RbRN5dnDguqp6F8CdlfzPZVzpfe5D9AyExTCxZBbkc6-94_Pn_5G8cyjkUJ6DJiAVPz-V3bd7OmIwAIWZDioPLDaEQ0bSwVOw1jXUekWlplCeNPIv19b51IsLWkHrpRC14imE",
      "d": "aH0Bkiep4oz2h1Ii6tHei6MYVm3kknBKw-4qlG7ch1pZ7l694NCdmcngG6ka9m7SSf5n-yYS9zLuAFS2S6xdrhBCpYdo692shmE0lufDRk54SmtKGtaLQZArFThrpBDt9KTR-yIrNhK72nCNevTE3lGl5xuZOHMywkfw-M-2lSWm8ZoP8A1bBC1lt-96MWGxLkPbtr__okSZsXkvYGgU1Myj20n6-ua3tEgqDA1LvW35rrpyKdtbXPRm6Zh4FvSd2tADkzPv_ux59pFL2FC8t2i1r-O4i2Del-AVReY9n1wm3Gu5AFVTNj_DKB95ekauJEqZzOKtVsSL5YgbIKO7AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "0c2c75e1-c9a5-45e8-ac39-8a334ff2664d",
      "qi": "R1vKyTfHpSfCUaWOiDpLvFzFTZtkFrcUZ58H1Kelck0yGVLA8MgwexjmW47Xx4pYq3hFAYY19VU67a9TsYyke1ZW1mGbyxqio21F-RQ7STAS0bbY3w8HTqUEf-I-SfvG37WN-FXF-HTx7NDouhSUZT4NG7gYRps2UuTMk7JbbbM",
      "dp": "MdoHsvYaCs_M6g3dfUVjMiN3UyothMlQXMR53lJKdh_yWrzHZdmEYIdIE1IWtrDOhvbbxkurcKV3MO5TQRcD008wEyNHL6DYkTMGFoTkjWR1C3QSx054zSk_GJD2iuo_mCjqjbnBt-Dm28rdGCWEJ5u-7_ukOEKnZsHXeKg0EEk",
      "dq": "PJx00lDsgjK73vJy0HyTVSU8jdVZnZsocddniJdTU5um-CWkIAW0r71NItD7gJMPcv4wWzS5mTS5QFNRqiLZjG02htYdQZ4Q2BUhyx9tE5MlTQUUJR9L8lYiaNL2P6oSxckNipDOKUx8UohKsTZvH-VmPUh_VFVJuUYZ_VX4DEE",
      "n": "uoI0JeIEz_5j0cNwZwCYX0hmz-8CGBMrLMUAtyJWx8taZUzdqiUVEtJp2jChT6M-ZSIRMOCOG23ITIxjLbrXxaPpuoNZk6qatG5L-PJD-1Ohrt2ku0_kDiLWu5xiQkxDwVK9Qm82eGniBtX4NyA2IK0rQyQemGue-1x6KY99EEvBneZ73MbKRMNKW7heiq4qGgYKa0wQOYmOYjCXStzOSWlXkYJsDpGOxLiPHZsCMieA63vsNl1E_TCKI7PsxUZgCQedrZz14yIYZIsqP7gWdZJF5jz6Xdk5DgU8-Akr3-adVmdAn08z369ULLehEezPCGim9IlR92zxTCg2Y8L0Fw"
    },
    {
      "kty": "EC",
      "d": "O8ffTqGhMRxzjQPakM-YoQq5SyyRx5NEar5PfIeSZek",
      "use": "sig",
      "crv": "P-256",
      "kid": "5a800803-0954-474c-9cc7-3ea55f612665",
      "x": "p0gEbgOy_MfY7COvPJU9spgj2D8advIHiaFf7R2TnJE",
      "y": "CBNFfYunwLIpoKG2MaBR01VRb3RabJ2kbvzmE722Gyg"
    },
    {
      "kty": "EC",
      "d": "Ap9rKC0ppuBBx7rsIC6k3lrE2BTt3dRKb8riw5sqFb8",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "fcb46433-0c6d-49e4-bfc7-24d10a8e1943",
      "x": "jZ_7V3dQ_RpsGOb75h8sqzghGnOy-pDsIoxJGWncJJ4",
      "y": "yFye3Es4WUVG984DVXqmVMsjS3nat_YlPchVMu7An7Y"
    },
    {
      "kty": "OKP",
      "d": "BIqYIS1PBEwyyz36jv4hs2duYJS7FQ_hjMviXusUXqU",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "1e85ffa9-f3d9-41d6-b1bd-2a072f91c214",
      "x": "0CWXJhTbdm6WUSjODzaZ-fohE8ZeVakl6HcMaBAnIGI"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "-BbMxmqbxMpYuv47JtDyr45it9-0LIsVAPKYEIPIK-RpdJ7hoq1-Gm4P8wkuy-izPC-a0vHNDj-9tKDDnJPYZnDpRHHQojNBmBep_5MBleEFjyeBhPaMKAwCpCRpVEYiDF4n9gz6S63g5zmvMZuiW61u3W915MGcwAhqvv8OleU",
      "kty": "RSA",
      "q": "7wdEZM46rdKtG5DpfZXx8a3IpRs5XvZGg__k9amaXmVedgmx5JFRBqWaH_Mlfq-C__MtmVbGey2cRr9Bk63A3idO5C6IROPFJUl2tz8N4LZKPNWTRNJDdEOVnjw7j3Rlz1te-PG2oeiseCQh4mHd8oi-UHEDL8xN-4XunFbDBqU",
      "d": "Lyv1u2N-SRioxUfKD2D4ML6SIMQ6G8kCdDEpFDO9PmvcQoyVDBKEtE9NQNFgzuptAhBmLcmaQLSUal6fdaOA4gdNNfd_FsXboRtsGrP_wkrI8ixql5KyqsrY_IqwagnMxSCmaILxRTIqhCM4b1WnMiEvTU9cIEjH6G5au3rZy8SkQhqGU8qRT0wIvoYKFCoKBJonKCToKsMjsRckXBsclJGwoneK4-uDdji-P_Y-KVYaRVwKe1lo9ZXBlnpMTmcq2CCXA0Amly3aJNuFJnJjb-gjUGxGBOkozQozkz5OWmSnkXTh3czfkcijAS_BeexUPxdT1j8sm2pPhEBj9PS-IQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "78613d03-3544-48e4-897c-8be691b6c0fb",
      "qi": "3Iep7u9lFUwQdLblpSQFFtVAuUvfwTPtouAOWGACahsosjuzNNE3ThxfGx5A9c8dI_q1AEG6qoCxNhVmRd1CZWtahWbeK85Yarf68FDEbOohKVzxXiaVxBW9zJ9bIoTEKPPpMFXHpuAdJBxvx4_pSoDRE4QJYjg9p10ZBNzwL-E",
      "dp": "Y4Q51mnTXEhS-Yeb0MFGaHe0T8_zpV6RKVUm_JDwTfMM_lPxbOEtUYrO6Q3I8NDCfSUXdQC74bhd78QBU6DW0JkAaY1CRJ5M9KahcbzViPq_0SHmyaBgrnvK328ftUeAxvdKDmA8UvlH21j_VuX4ZdAXRco9P2sO5tU5hK4peqU",
      "alg": "RSA-OAEP",
      "dq": "NsCPZhfnURHFHV9gXKgQN6_7GfbWeW4oUOw44hzrg1vs-1TVLuoqiT89wrvLhu1lMIPfmhRKesTD22DMAKv4VerjI1mVVVJnQldFnkwPPb4D21OA3G7djLA-gXSCoCWlfI4NfzC_CO9nMk30hQqt8HRqQ7rfY_-EjWzsb1tgaRE",
      "n": "56RUFJYcPzPxE06_aw3XSnCdH9k7MfiGELgXvBy5QrxDVf0nQis2VrOl7LcaIZd_B_ffIEJySnrI7Zr8SKQDorQQXgEYLJi7p5eY_wr7GFU6rR9bkteRxZAgrI2UcUqrxXwFPV6GC3-NpOGqWEa21icU4Rd3uc_lUnyWuiubACtWAJ5uhIvQN8TQDEzSBSUfWSzudeJjGiVvd9FWMHGhVq0fpD6eD7TWm6rGFIvOSeDoJdHRqqt7SkM3ayS9BowOczneWfjz0FSueDdZSiEliNcquA6olZRyzizkOQMkHbhFubBuEW0-IDRiWv4Nifwboyi_MJhwj7zUT7MX11j6mQ"
    },
    {
      "kty": "EC",
      "d": "1l8vIyfISpQ5vcnZ5xXTe8nfOpgy8qEVLqdP_gsm8Q8",
      "use": "enc",
      "crv": "P-256",
      "kid": "4a10ebc9-79db-411e-8c1e-f3e43d7bee41",
      "x": "GMVMbV4IcGcdqvDT5djhJDgveMzBSMZEaypOB3Whiho",
      "y": "NKHJfb7Rd89tEhDexlPzP9rS_LYlH0MNcfMigYi_gLo",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0c2c75e1-c9a5-45e8-ac39-8a334ff2664d",
      "n": "uoI0JeIEz_5j0cNwZwCYX0hmz-8CGBMrLMUAtyJWx8taZUzdqiUVEtJp2jChT6M-ZSIRMOCOG23ITIxjLbrXxaPpuoNZk6qatG5L-PJD-1Ohrt2ku0_kDiLWu5xiQkxDwVK9Qm82eGniBtX4NyA2IK0rQyQemGue-1x6KY99EEvBneZ73MbKRMNKW7heiq4qGgYKa0wQOYmOYjCXStzOSWlXkYJsDpGOxLiPHZsCMieA63vsNl1E_TCKI7PsxUZgCQedrZz14yIYZIsqP7gWdZJF5jz6Xdk5DgU8-Akr3-adVmdAn08z369ULLehEezPCGim9IlR92zxTCg2Y8L0Fw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e6809bec-f983-4b88-a3d4-79d1ed52d6c5",
      "n": "ihHL29zWlqaUUQKoPZiKOmvvN_q1um3_hDPLsdga-KguufSUyPK4EjXanrKIWITxXFwS-Y-V7RwDVjhpeyefgv_gcAmtegK3d-jLzjNJ2rqovuIFO9IgbXBvydmBt0_ES5C8-aQj8zDDOOBcpozDCySsh5b2VoCsMymvyFigQpWAooO6VudBost52zoyVSzlISquuHszb3b8p2H_ndCWpN83GQTLuizMpZjxFpeDnN-3XaJM-eDT5yJAWRlqKsCc2FWIK75HbIZLTkAO9Ibd7BV9KOLUwcX8vzfuCP4k__I6SRvccs_qvBeodQAbx70mMIulnwJoPU0e9N6fifkYmw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "5a800803-0954-474c-9cc7-3ea55f612665",
      "x": "p0gEbgOy_MfY7COvPJU9spgj2D8advIHiaFf7R2TnJE",
      "y": "CBNFfYunwLIpoKG2MaBR01VRb3RabJ2kbvzmE722Gyg"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7a29ad7a-6e23-41ba-a519-3f1d113daf71",
      "x": "GMEYMFsL3FL93d3Bo4VG-sPo-6h2NP0Mxvbk7AfBjgA",
      "y": "ahW0NGJefvjbNmxtBxzT2UbFDv0xRFkzSaU61nK7UB4"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "fcb46433-0c6d-49e4-bfc7-24d10a8e1943",
      "x": "jZ_7V3dQ_RpsGOb75h8sqzghGnOy-pDsIoxJGWncJJ4",
      "y": "yFye3Es4WUVG984DVXqmVMsjS3nat_YlPchVMu7An7Y"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "1e85ffa9-f3d9-41d6-b1bd-2a072f91c214",
      "x": "0CWXJhTbdm6WUSjODzaZ-fohE8ZeVakl6HcMaBAnIGI"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "78613d03-3544-48e4-897c-8be691b6c0fb",
      "alg": "RSA-OAEP",
      "n": "56RUFJYcPzPxE06_aw3XSnCdH9k7MfiGELgXvBy5QrxDVf0nQis2VrOl7LcaIZd_B_ffIEJySnrI7Zr8SKQDorQQXgEYLJi7p5eY_wr7GFU6rR9bkteRxZAgrI2UcUqrxXwFPV6GC3-NpOGqWEa21icU4Rd3uc_lUnyWuiubACtWAJ5uhIvQN8TQDEzSBSUfWSzudeJjGiVvd9FWMHGhVq0fpD6eD7TWm6rGFIvOSeDoJdHRqqt7SkM3ayS9BowOczneWfjz0FSueDdZSiEliNcquA6olZRyzizkOQMkHbhFubBuEW0-IDRiWv4Nifwboyi_MJhwj7zUT7MX11j6mQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "4a10ebc9-79db-411e-8c1e-f3e43d7bee41",
      "x": "GMVMbV4IcGcdqvDT5djhJDgveMzBSMZEaypOB3Whiho",
      "y": "NKHJfb7Rd89tEhDexlPzP9rS_LYlH0MNcfMigYi_gLo",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:54:41 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:54:41 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:54:41 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:54:41 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:54:41
oidcc-client-test-invalid-sig-rs256
Setup Done
2020-09-01 12:54:42 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance INtYcIsWXnPmgVR
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:54:42 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance INtYcIsWXnPmgVR
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/",
  "authorization_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/token",
  "jwks_uri": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:54:42 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance INtYcIsWXnPmgVR
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "226",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"],"id_token_signed_response_alg":"RS256"}
Registration endpoint
2020-09-01 12:54:42 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
2020-09-01 12:54:42 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:54:42 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code id_token token"
]
2020-09-01 12:54:42 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:54:42 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:54:42 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:54:42 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:54:42 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:54:42 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:54:42 SUCCESS
ValidateIdTokenSignedResponseAlg
id_token_signed_response_alg is one of the known algorithms
alg
RS256
2020-09-01 12:54:42 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:54:42 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:54:42 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:54:42 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:54:42 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:54:42 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:54:42 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:54:42 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:54:42 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:54:42 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:54:42 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:54:42 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:54:42 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_jQKOSLfyilINbzA03525$\u003d\u0027{}"
}
2020-09-01 12:54:42
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_PFBcWGXzucpQIVVggGWUtxjLOmNsnbGSwfavkfYGyqMvPQYhFa0108742053|+<&@
2020-09-01 12:54:42 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:54:42
SetClientIdTokenSignedResponseAlgToRS256
Set id_token_signed_response_alg to RS256 for the registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_jQKOSLfyilINbzA03525$\u003d\u0027{}",
  "client_secret": "secret_PFBcWGXzucpQIVVggGWUtxjLOmNsnbGSwfavkfYGyqMvPQYhFa0108742053|+\u003c\u0026@"
}
2020-09-01 12:54:42 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_jQKOSLfyilINbzA03525$\u003d\u0027{}",
  "client_secret": "secret_PFBcWGXzucpQIVVggGWUtxjLOmNsnbGSwfavkfYGyqMvPQYhFa0108742053|+\u003c\u0026@"
}
2020-09-01 12:54:42 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:54:42
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2020-09-01 12:54:42
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:54:42 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance INtYcIsWXnPmgVR
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_jQKOSLfyilINbzA03525$\u003d\u0027{}",
  "client_secret": "secret_PFBcWGXzucpQIVVggGWUtxjLOmNsnbGSwfavkfYGyqMvPQYhFa0108742053|+\u003c\u0026@"
}
outgoing_path
register
2020-09-01 12:54:43 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance INtYcIsWXnPmgVR
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_jQKOSLfyilINbzA03525$\u003d\u0027{}",
  "scope": "openid",
  "response_type": "code id_token token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "gpysabhPt3INeQV8ShSMrhDpErokz7O8qQNf6XYMWsM",
  "nonce": "_jepVYb19yKgnZaDovy9X7OMzBlxXQbb07FdWADYU8E",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:54:43 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:54:43 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:54:43 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_jQKOSLfyilINbzA03525$\u003d\u0027{}",
  "scope": "openid",
  "response_type": "code id_token token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "gpysabhPt3INeQV8ShSMrhDpErokz7O8qQNf6XYMWsM",
  "nonce": "_jepVYb19yKgnZaDovy9X7OMzBlxXQbb07FdWADYU8E",
  "response_mode": "form_post"
}
2020-09-01 12:54:43 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:54:43 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
_jepVYb19yKgnZaDovy9X7OMzBlxXQbb07FdWADYU8E
2020-09-01 12:54:43 SUCCESS
EnsureResponseTypeIsCodeIdTokenToken
Response type is expected value
expected
code id_token token
2020-09-01 12:54:43 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_jQKOSLfyilINbzA03525$='{}
2020-09-01 12:54:43 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:54:43 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:54:43 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:54:43 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
1QOZfPyqNQ
2020-09-01 12:54:43 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
v3uwTCmmMsCs9idlSGW_9A
2020-09-01 12:54:43 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
S9vJdhx8ioK5zITueTdlkM6PMQvsCdd9JQllsWlSjsuqbfEwha
2020-09-01 12:54:43 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
lBe2-3uXllcbeuTarhIkoQ
2020-09-01 12:54:43 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/INtYcIsWXnPmgVR/
sub
user-subject-1234531
aud
client_jQKOSLfyilINbzA03525$='{}
nonce
_jepVYb19yKgnZaDovy9X7OMzBlxXQbb07FdWADYU8E
iat
1598964883
exp
1598965183
2020-09-01 12:54:43 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
v3uwTCmmMsCs9idlSGW_9A
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/",
  "sub": "user-subject-1234531",
  "aud": "client_jQKOSLfyilINbzA03525$\u003d\u0027{}",
  "nonce": "_jepVYb19yKgnZaDovy9X7OMzBlxXQbb07FdWADYU8E",
  "iat": 1598964883,
  "exp": 1598965183,
  "c_hash": "v3uwTCmmMsCs9idlSGW_9A"
}
2020-09-01 12:54:43 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
lBe2-3uXllcbeuTarhIkoQ
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/INtYcIsWXnPmgVR/",
  "sub": "user-subject-1234531",
  "aud": "client_jQKOSLfyilINbzA03525$\u003d\u0027{}",
  "nonce": "_jepVYb19yKgnZaDovy9X7OMzBlxXQbb07FdWADYU8E",
  "iat": 1598964883,
  "exp": 1598965183,
  "c_hash": "v3uwTCmmMsCs9idlSGW_9A",
  "at_hash": "lBe2-3uXllcbeuTarhIkoQ"
}
2020-09-01 12:54:43 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIwYzJjNzVlMS1jOWE1LTQ1ZTgtYWMzOS04YTMzNGZmMjY2NGQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoibEJlMi0zdVhsbGNiZXVUYXJoSWtvUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2pRS09TTGZ5aWxJTmJ6QTAzNTI1JD0ne30iLCJjX2hhc2giOiJ2M3V3VENtbU1zQ3M5aWRsU0dXXzlBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL0lOdFljSXNXWG5QbWdWUlwvIiwiZXhwIjoxNTk4OTY1MTgzLCJub25jZSI6Il9qZXBWWWIxOXlLZ25aYURvdnk5WDdPTXpCbHhYUWJiMDdGZFdBRFlVOEUiLCJpYXQiOjE1OTg5NjQ4ODN9.NMBBqKivLZ0hWOfmzkW9VZdRMbrlZUpw7FSw6W1LJLgxuQppp7Yr08kxQdhBKuOExMOylM2wh8pRbuCke57LK467VTKPBOh1Amlp8dEu5NgagiM9zdsegvDElLrrS_zvUE6199sin3SE4YNTxN0wINr37bpxpFPp0MjFkvO_ap6u1ts-OZ6ogCzpP0nGygR1oVlSbxdkSYLAqwrLFT1bZjnNgGEp7UNVAb2SsgoUxRnYRz9b2q61nF75xHT2yqjhz7tyzSLrUFTkIHCx6EO0QjmvtGui8-rkIB8jd4P2u7ljWAVUJMYAjfdJzg6ZjMQ8mnEyqwmHJq6RA-lFL3hdSA
key
{"p":"4zMVztNwveDykwbmNOOYc8N_Xs6p437GNur4AMlA4TV8vIx20zmmBua7L62TNHkmYMyQXP2J3kM4J_nO2sws51gBLkZlmONywXhnSDBVxwzKPB8EHoAJm1hyibihtzzJbL8tDUAme4ZZzuVP4Uiju1oOBgcNq6rTqUnQMPyYQXc","kty":"RSA","q":"0ialRMw4feP3Px4CXoaQ8G7BR-NHvVJ0KbZJn2RbRN5dnDguqp6F8CdlfzPZVzpfe5D9AyExTCxZBbkc6-94_Pn_5G8cyjkUJ6DJiAVPz-V3bd7OmIwAIWZDioPLDaEQ0bSwVOw1jXUekWlplCeNPIv19b51IsLWkHrpRC14imE","d":"aH0Bkiep4oz2h1Ii6tHei6MYVm3kknBKw-4qlG7ch1pZ7l694NCdmcngG6ka9m7SSf5n-yYS9zLuAFS2S6xdrhBCpYdo692shmE0lufDRk54SmtKGtaLQZArFThrpBDt9KTR-yIrNhK72nCNevTE3lGl5xuZOHMywkfw-M-2lSWm8ZoP8A1bBC1lt-96MWGxLkPbtr__okSZsXkvYGgU1Myj20n6-ua3tEgqDA1LvW35rrpyKdtbXPRm6Zh4FvSd2tADkzPv_ux59pFL2FC8t2i1r-O4i2Del-AVReY9n1wm3Gu5AFVTNj_DKB95ekauJEqZzOKtVsSL5YgbIKO7AQ","e":"AQAB","use":"sig","kid":"0c2c75e1-c9a5-45e8-ac39-8a334ff2664d","qi":"R1vKyTfHpSfCUaWOiDpLvFzFTZtkFrcUZ58H1Kelck0yGVLA8MgwexjmW47Xx4pYq3hFAYY19VU67a9TsYyke1ZW1mGbyxqio21F-RQ7STAS0bbY3w8HTqUEf-I-SfvG37WN-FXF-HTx7NDouhSUZT4NG7gYRps2UuTMk7JbbbM","dp":"MdoHsvYaCs_M6g3dfUVjMiN3UyothMlQXMR53lJKdh_yWrzHZdmEYIdIE1IWtrDOhvbbxkurcKV3MO5TQRcD008wEyNHL6DYkTMGFoTkjWR1C3QSx054zSk_GJD2iuo_mCjqjbnBt-Dm28rdGCWEJ5u-7_ukOEKnZsHXeKg0EEk","dq":"PJx00lDsgjK73vJy0HyTVSU8jdVZnZsocddniJdTU5um-CWkIAW0r71NItD7gJMPcv4wWzS5mTS5QFNRqiLZjG02htYdQZ4Q2BUhyx9tE5MlTQUUJR9L8lYiaNL2P6oSxckNipDOKUx8UohKsTZvH-VmPUh_VFVJuUYZ_VX4DEE","n":"uoI0JeIEz_5j0cNwZwCYX0hmz-8CGBMrLMUAtyJWx8taZUzdqiUVEtJp2jChT6M-ZSIRMOCOG23ITIxjLbrXxaPpuoNZk6qatG5L-PJD-1Ohrt2ku0_kDiLWu5xiQkxDwVK9Qm82eGniBtX4NyA2IK0rQyQemGue-1x6KY99EEvBneZ73MbKRMNKW7heiq4qGgYKa0wQOYmOYjCXStzOSWlXkYJsDpGOxLiPHZsCMieA63vsNl1E_TCKI7PsxUZgCQedrZz14yIYZIsqP7gWdZJF5jz6Xdk5DgU8-Akr3-adVmdAn08z369ULLehEezPCGim9IlR92zxTCg2Y8L0Fw"}
algorithm
RS256
2020-09-01 12:54:43 SUCCESS
SignIdTokenInvalid
Made the id_token signature invalid
id_token
eyJraWQiOiIwYzJjNzVlMS1jOWE1LTQ1ZTgtYWMzOS04YTMzNGZmMjY2NGQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoibEJlMi0zdVhsbGNiZXVUYXJoSWtvUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2pRS09TTGZ5aWxJTmJ6QTAzNTI1JD0ne30iLCJjX2hhc2giOiJ2M3V3VENtbU1zQ3M5aWRsU0dXXzlBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL0lOdFljSXNXWG5QbWdWUlwvIiwiZXhwIjoxNTk4OTY1MTgzLCJub25jZSI6Il9qZXBWWWIxOXlLZ25aYURvdnk5WDdPTXpCbHhYUWJiMDdGZFdBRFlVOEUiLCJpYXQiOjE1OTg5NjQ4ODN9.bpob8vL1d8d7Ar28lB_nD80La-C_PxAqtg7qszcRfuJr41Az_exxiZNrG4IbcLnenpnozpfq3ZALNLr-IcSRcdThD2jVXrIvWDMzq4t0voJA2Hlnl4FE2KqezuCxEaa1ChTvrYF4xS7eu9kJnodqeoCtt-Ar_gmzipKfyKnlMMT0jIFkY8Ty2nazZROckF4v-wMINU0-E9ia8VCRT2cBPGOX2jtztxkPW-fI6FBOn0OCHWUBgPTvxgSjni6skPK7leEol3ixCg6-eirrshnuGGP17jH4qbC-ekV5Ldms4eM5Al8Ofpxa160TlFTD1p5mwCto8VPdfPTLWbMfdSIHEg
2020-09-01 12:54:43 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:54:43 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "gpysabhPt3INeQV8ShSMrhDpErokz7O8qQNf6XYMWsM"
}
2020-09-01 12:54:43 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "gpysabhPt3INeQV8ShSMrhDpErokz7O8qQNf6XYMWsM",
  "code": "1QOZfPyqNQ"
}
2020-09-01 12:54:43 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "gpysabhPt3INeQV8ShSMrhDpErokz7O8qQNf6XYMWsM",
  "code": "1QOZfPyqNQ",
  "id_token": "eyJraWQiOiIwYzJjNzVlMS1jOWE1LTQ1ZTgtYWMzOS04YTMzNGZmMjY2NGQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoibEJlMi0zdVhsbGNiZXVUYXJoSWtvUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2pRS09TTGZ5aWxJTmJ6QTAzNTI1JD0ne30iLCJjX2hhc2giOiJ2M3V3VENtbU1zQ3M5aWRsU0dXXzlBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL0lOdFljSXNXWG5QbWdWUlwvIiwiZXhwIjoxNTk4OTY1MTgzLCJub25jZSI6Il9qZXBWWWIxOXlLZ25aYURvdnk5WDdPTXpCbHhYUWJiMDdGZFdBRFlVOEUiLCJpYXQiOjE1OTg5NjQ4ODN9.bpob8vL1d8d7Ar28lB_nD80La-C_PxAqtg7qszcRfuJr41Az_exxiZNrG4IbcLnenpnozpfq3ZALNLr-IcSRcdThD2jVXrIvWDMzq4t0voJA2Hlnl4FE2KqezuCxEaa1ChTvrYF4xS7eu9kJnodqeoCtt-Ar_gmzipKfyKnlMMT0jIFkY8Ty2nazZROckF4v-wMINU0-E9ia8VCRT2cBPGOX2jtztxkPW-fI6FBOn0OCHWUBgPTvxgSjni6skPK7leEol3ixCg6-eirrshnuGGP17jH4qbC-ekV5Ldms4eM5Al8Ofpxa160TlFTD1p5mwCto8VPdfPTLWbMfdSIHEg"
}
2020-09-01 12:54:43
AddTokenToAuthorizationEndpointResponseParams
Added token and token_type to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "gpysabhPt3INeQV8ShSMrhDpErokz7O8qQNf6XYMWsM",
  "code": "1QOZfPyqNQ",
  "id_token": "eyJraWQiOiIwYzJjNzVlMS1jOWE1LTQ1ZTgtYWMzOS04YTMzNGZmMjY2NGQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoibEJlMi0zdVhsbGNiZXVUYXJoSWtvUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2pRS09TTGZ5aWxJTmJ6QTAzNTI1JD0ne30iLCJjX2hhc2giOiJ2M3V3VENtbU1zQ3M5aWRsU0dXXzlBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL0lOdFljSXNXWG5QbWdWUlwvIiwiZXhwIjoxNTk4OTY1MTgzLCJub25jZSI6Il9qZXBWWWIxOXlLZ25aYURvdnk5WDdPTXpCbHhYUWJiMDdGZFdBRFlVOEUiLCJpYXQiOjE1OTg5NjQ4ODN9.bpob8vL1d8d7Ar28lB_nD80La-C_PxAqtg7qszcRfuJr41Az_exxiZNrG4IbcLnenpnozpfq3ZALNLr-IcSRcdThD2jVXrIvWDMzq4t0voJA2Hlnl4FE2KqezuCxEaa1ChTvrYF4xS7eu9kJnodqeoCtt-Ar_gmzipKfyKnlMMT0jIFkY8Ty2nazZROckF4v-wMINU0-E9ia8VCRT2cBPGOX2jtztxkPW-fI6FBOn0OCHWUBgPTvxgSjni6skPK7leEol3ixCg6-eirrshnuGGP17jH4qbC-ekV5Ldms4eM5Al8Ofpxa160TlFTD1p5mwCto8VPdfPTLWbMfdSIHEg",
  "access_token": "S9vJdhx8ioK5zITueTdlkM6PMQvsCdd9JQllsWlSjsuqbfEwha",
  "token_type": "Bearer"
}
2020-09-01 12:54:43 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance INtYcIsWXnPmgVR
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"gpysabhPt3INeQV8ShSMrhDpErokz7O8qQNf6XYMWsM","code":"1QOZfPyqNQ","id_token":"eyJraWQiOiIwYzJjNzVlMS1jOWE1LTQ1ZTgtYWMzOS04YTMzNGZmMjY2NGQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoibEJlMi0zdVhsbGNiZXVUYXJoSWtvUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2pRS09TTGZ5aWxJTmJ6QTAzNTI1JD0ne30iLCJjX2hhc2giOiJ2M3V3VENtbU1zQ3M5aWRsU0dXXzlBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL0lOdFljSXNXWG5QbWdWUlwvIiwiZXhwIjoxNTk4OTY1MTgzLCJub25jZSI6Il9qZXBWWWIxOXlLZ25aYURvdnk5WDdPTXpCbHhYUWJiMDdGZFdBRFlVOEUiLCJpYXQiOjE1OTg5NjQ4ODN9.bpob8vL1d8d7Ar28lB_nD80La-C_PxAqtg7qszcRfuJr41Az_exxiZNrG4IbcLnenpnozpfq3ZALNLr-IcSRcdThD2jVXrIvWDMzq4t0voJA2Hlnl4FE2KqezuCxEaa1ChTvrYF4xS7eu9kJnodqeoCtt-Ar_gmzipKfyKnlMMT0jIFkY8Ty2nazZROckF4v-wMINU0-E9ia8VCRT2cBPGOX2jtztxkPW-fI6FBOn0OCHWUBgPTvxgSjni6skPK7leEol3ixCg6-eirrshnuGGP17jH4qbC-ekV5Ldms4eM5Al8Ofpxa160TlFTD1p5mwCto8VPdfPTLWbMfdSIHEg","access_token":"S9vJdhx8ioK5zITueTdlkM6PMQvsCdd9JQllsWlSjsuqbfEwha","token_type":"Bearer"}}]
outgoing_path
authorize
2020-09-01 12:54:43 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance INtYcIsWXnPmgVR
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:54:43 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance INtYcIsWXnPmgVR
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0c2c75e1-c9a5-45e8-ac39-8a334ff2664d",
      "n": "uoI0JeIEz_5j0cNwZwCYX0hmz-8CGBMrLMUAtyJWx8taZUzdqiUVEtJp2jChT6M-ZSIRMOCOG23ITIxjLbrXxaPpuoNZk6qatG5L-PJD-1Ohrt2ku0_kDiLWu5xiQkxDwVK9Qm82eGniBtX4NyA2IK0rQyQemGue-1x6KY99EEvBneZ73MbKRMNKW7heiq4qGgYKa0wQOYmOYjCXStzOSWlXkYJsDpGOxLiPHZsCMieA63vsNl1E_TCKI7PsxUZgCQedrZz14yIYZIsqP7gWdZJF5jz6Xdk5DgU8-Akr3-adVmdAn08z369ULLehEezPCGim9IlR92zxTCg2Y8L0Fw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e6809bec-f983-4b88-a3d4-79d1ed52d6c5",
      "n": "ihHL29zWlqaUUQKoPZiKOmvvN_q1um3_hDPLsdga-KguufSUyPK4EjXanrKIWITxXFwS-Y-V7RwDVjhpeyefgv_gcAmtegK3d-jLzjNJ2rqovuIFO9IgbXBvydmBt0_ES5C8-aQj8zDDOOBcpozDCySsh5b2VoCsMymvyFigQpWAooO6VudBost52zoyVSzlISquuHszb3b8p2H_ndCWpN83GQTLuizMpZjxFpeDnN-3XaJM-eDT5yJAWRlqKsCc2FWIK75HbIZLTkAO9Ibd7BV9KOLUwcX8vzfuCP4k__I6SRvccs_qvBeodQAbx70mMIulnwJoPU0e9N6fifkYmw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "5a800803-0954-474c-9cc7-3ea55f612665",
      "x": "p0gEbgOy_MfY7COvPJU9spgj2D8advIHiaFf7R2TnJE",
      "y": "CBNFfYunwLIpoKG2MaBR01VRb3RabJ2kbvzmE722Gyg"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7a29ad7a-6e23-41ba-a519-3f1d113daf71",
      "x": "GMEYMFsL3FL93d3Bo4VG-sPo-6h2NP0Mxvbk7AfBjgA",
      "y": "ahW0NGJefvjbNmxtBxzT2UbFDv0xRFkzSaU61nK7UB4"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "fcb46433-0c6d-49e4-bfc7-24d10a8e1943",
      "x": "jZ_7V3dQ_RpsGOb75h8sqzghGnOy-pDsIoxJGWncJJ4",
      "y": "yFye3Es4WUVG984DVXqmVMsjS3nat_YlPchVMu7An7Y"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "1e85ffa9-f3d9-41d6-b1bd-2a072f91c214",
      "x": "0CWXJhTbdm6WUSjODzaZ-fohE8ZeVakl6HcMaBAnIGI"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "78613d03-3544-48e4-897c-8be691b6c0fb",
      "alg": "RSA-OAEP",
      "n": "56RUFJYcPzPxE06_aw3XSnCdH9k7MfiGELgXvBy5QrxDVf0nQis2VrOl7LcaIZd_B_ffIEJySnrI7Zr8SKQDorQQXgEYLJi7p5eY_wr7GFU6rR9bkteRxZAgrI2UcUqrxXwFPV6GC3-NpOGqWEa21icU4Rd3uc_lUnyWuiubACtWAJ5uhIvQN8TQDEzSBSUfWSzudeJjGiVvd9FWMHGhVq0fpD6eD7TWm6rGFIvOSeDoJdHRqqt7SkM3ayS9BowOczneWfjz0FSueDdZSiEliNcquA6olZRyzizkOQMkHbhFubBuEW0-IDRiWv4Nifwboyi_MJhwj7zUT7MX11j6mQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "4a10ebc9-79db-411e-8c1e-f3e43d7bee41",
      "x": "GMVMbV4IcGcdqvDT5djhJDgveMzBSMZEaypOB3Whiho",
      "y": "NKHJfb7Rd89tEhDexlPzP9rS_LYlH0MNcfMigYi_gLo",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:54:45 FINISHED
oidcc-client-test-invalid-sig-rs256
Test has run to completion
testmodule_result
PASSED
Test Results