Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:51:25 INFO
TEST-RUNNER
Test instance xK6DMXD7n5MoFaC created
baseUrl
https://www.certification.openid.net/test/xK6DMXD7n5MoFaC
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-userinfo-invalid-sub
2020-09-01 12:51:25 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/",
  "authorization_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/token",
  "jwks_uri": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:25
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/",
  "authorization_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/token",
  "jwks_uri": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:25
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "yfU2nq7JTR4a1pnEydFahekq2eT89CFw20M0awiS3fYj62QM7zXMQj_7K2K8KnCYa7mjbUXFcwxr9xRU56DJFlaSXUsJGlIf6VOUE5QwtKHC25s-svJG5G5LPj1l67hNx3M9RXzxnzaxF9yjNyI9SUnrkCRfvQl2z2DvdI1XIJc",
      "kty": "RSA",
      "q": "tLGHOwr0mWMYQcT0YW0PlxiMaHcACIRCkF_X3icPCGRrst99tqqgSmBb2cGrYtFfQlT0Xdw1oPuS1t-ipw2vXGlwENMBi4nY1JnT17GPQ_4GSUZRXeaxt3ZLPujTQn7DBaiQQlnPpu6hSKhkd68U3RhuHGBhWEDIiQv7_ubfxlk",
      "d": "DOi9oLU8LjBbIlPZBB4jbqnJJ-qPANK1N353f6RhZZnDoC8pDa-jqg5-aGBSKDjq7QlhMaF8UBQ64t7ivjYT5tmBZfcy9wVaT2o2HygGo-aKnxUHhzRAYwlfwedbBdX8gaNbrsEVKe6MOUtfqhiQTlnNgzFsbgmL4mJEVMhb2dxTjPADaEP9O8PNthcWZGHG_nqU5ohQa4dhQoz_BLMRi3GO-2xtvnu1RZuZAQWB93lI2Wa-qRvXpzWPNj0-rIX09FCtZ3cLKpTgDozMRVH9CS4lqqxDpm7M5iuQUJFm5rD03ZqaWIFFR34U3U7FR8gJ3fPP91hFGyLwaIDpf_YjcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "9762dbe1-e489-4b26-90b5-39bdbe6c9ea3",
      "qi": "Pv5xyA44DISd_iq58G701FFw4olfyLsXb6UT3af3QjbJfnmFM28i1da6a8yUEWoKAX1HmligqTAKjlRUnqO0i1_vUBYV8YlZEtfOG4vw0koQLnuSJjO5X3AHdhgmVu_Qj_S90CSUh8dGTbh2fuBWl82GSzX3MCpvgi23tvZxGhI",
      "dp": "YSZqfe8KuuQueOlDduoUp7JAgMzcufuUNIWho5NeQxPyt3tLlY7FkWEBzB8U8T10tO16JkiX8P4auaK4LSx1Tx-aDPLZkCXNYApqgviYbWwbNlT51k8htyUvYONcMgZYtAdFhDXUbYh7rETg5ta7sJO0k4RL4b25v4yb4-9R6EU",
      "dq": "nodql5iDBNf1_i3oIlnm5a958GUHOHGhXL1ZzOQDwl8oRiTiTJLiUp67tw69aNM8ehvC0V5UBsrxB2fpchsFkVRIJ9qYbm4gOFZFj-WORh7mMP9qf7HYlZdJaQYn4x0HyT0cY7ob_t85zV8_1elbqqa2ZFsCzMT5q5NCIV85UPE",
      "n": "jox3oTqSMwHpbWMM5UN8N5vr4wBtiJe_OLUegBpFL6B30upxepLMyXE_JHrIQFDh7wS2J7ZpOmI26fLe4Jc7hY9uW2IrfQ8cdVjK9grcaUw9fibYzSK0hyvmx1OtO_Ti3k55eFVm1PumcnXMCzmD0Extbj9kAR7WX2s3_XEU19sUgpOYFnQpsl-3W2-7jBAb5XHfgFD3duRTQ2NPxb4In8uiysjEoJrzbZvYWk0GHkNv4y7D1jdTe8apigy7fNm8ZDRd_cv1VsaayqI6eLPHlpAdSCHfXB4mWgS3jvC8WHH2f4x7gdnO07pYYlWmu3c631axs5CTsKY-Ti3VlAgefw"
    },
    {
      "kty": "EC",
      "d": "JIAg4oDocF_dPulm_D1Lz3GV8Y0px9JFxJ7Xvuw4D60",
      "use": "sig",
      "crv": "P-256",
      "kid": "3de81504-b9a9-429d-a448-22622e855345",
      "x": "lIseTgB9DCG0tFz4HVuKLfno1VUBlIyeCqGXJiBzxRM",
      "y": "3YqlOkRaUSXJOPxykfNyxH_JZpm-Ix-anATvCOvJVUU"
    },
    {
      "kty": "EC",
      "d": "cf7VMyn4REv-7nFVjc3StcYFbcvuIkC1A9F31VkIkbQ",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "4b2a1bf5-a657-4b6f-83ae-6f73d8b06f9c",
      "x": "0K3C_op5eg4lE06VDstgvaEK3HuPyrJpuqSnoT2fSmA",
      "y": "lbPb6QEC7GyBOe9ohDSgewPHxHcinIWdrSEj7ZKp-cM"
    },
    {
      "kty": "OKP",
      "d": "_b3Brcfb-0vKULZ2sC57nwGh57DIuZqahadcY6KeeIQ",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "43a5eb87-40c1-428a-b9c9-4e1708c5fc45",
      "x": "s28s-coN9H84vnM6Z47xRfNnbmooE2nxgnABUc33W_E"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "7wTWgPL45l4dPn04kvBls50pKudU-YajoXluyCHdf_XSEQNRyugGnHFIRp5baUGmBWCIodHECc2Zfzxs8oAmaYaOIslkGJzLcO-h192cCJ_V1kUkqfAFf7_3PwKTXGVH39Vs6gPfo6alqnt8KgZgtpcG9lRCoZK6ZY5Ro2xm4I8",
      "kty": "RSA",
      "q": "51oSgR3RCLkNas4tel9sBLq5h5mYnXosWvz-KHNfzUFcLv1zOxt-cCV_NGwoc-tqN3Qrx-vebLe69HSTVSG8-b3Iqor5Sm22-wvV6M85XWhQwk1OfWt-ngmvkiG0YPgHUh4a7kcARMci4RA8R2J2YsfNWRMzf59lulBJne3IWzE",
      "d": "lbv95SHmmIDjEcASVQQEJntiEJF9b9aYP6-a8HJzD46q_ahHXIkN4qJ51HblKu5i9ym-qETeGXT0Qn0mAsvSZiGVpxsXMBtvd1a0ozmuIdu2Em0vKyWPbDNb-Yged3zwZ-Cu-8bdMxuUUvCJYeKMG55-9Udxg-A8xyIS2n_uJXXu_uke_aV5VbuVV6z6vlQ4Rbn7OF2NVfv5dj0sxSKdDkbMsbYyBtxZhx2-qzYN2RQhJLSif2QZadTM3WNX4PlzRZsnD2YFfLF3hD9kbDajm8elIfxRBmstFt14kvreO7XHY9KHbknIEbi-zLT0PA_Kdb9FMOk1kuUZbTGPss4hwQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "954148c0-e8df-4e42-82aa-291bded6ec7c",
      "qi": "VFfnhpTq8x77oXP6mQ8dDVE9omR207JGJ-yXlTPhlZwdeXrgh4uRWYpmsgZDzJV43n8HCMZT7UmOfPZEAVI5xOk4KIHV2YXuWfrKK8stHwAey884AiO-kZS8Cf4oX7lNeDAx49zKtxpLKkj2OxgLgBMk0_ZhPDaFiTWCySUz67o",
      "dp": "s9DX7zrbtbOoHJLoNONWH8JkbjqK2w5Hm_tXNIkFsnalCteMeTIFhzxSO453BsC0vebZ46OD8DwU9nvnGqj-PPVViSYpf7q18sjU4Sl_cZ2Nqh1qb8561Jj-0RCG_EPVxrcxsPwpC10b1R4BUzxpFfSY8EiDuDpCsJRZJrEu1FE",
      "alg": "RSA-OAEP",
      "dq": "king-PwafbVUWb8rEl5JA2_pGVecCRoP_ehKtsm1pBsAH5v2-kfziOzXwgn3QM1hzOkzY9qMKwmlLx6bmrR3DR2vMrgcqb5JVbBzk-OgLXhjVW68ARcx5qzd5KgwqvbowSPOBe6Lp-hcC-9S9hKqEtyCyx0Lcz0Ea0KgUAvTgnE",
      "n": "2AF2iKjv4tSBnu_rBW8kESxIgu7v5wxXWyPuvAm2SEvLXtsvtfr8t_mUI6mioFkoNYly7rKfJY7QHDptTAbtM4P10NPeNS_iWk7j9arIg8e9RUXlEPz11UHI06FUziBjvq9J2v_b5tl8pms_ebpRKCW_LFa6UC9tnt4wjgTOAKOFRqV3RHzAKy0c6-LwLLrHD82x9vEGimTN9qM7xHgK2d0Q1zAiBp8BoaaX4vjxjwi-iB-NotlXcAISTsLMIBNayVncKgGyzbCvyvSHDIirunke5eybGvwVagz3Qnsdl3xQwu7-629jr91OurQ-nBXgXR1hIg0eJGb-GyTHJDvQXw"
    },
    {
      "kty": "EC",
      "d": "Q9-kMEW3lfhbITbzfqbaKklvdJNjC2gKl08iKfke1Ys",
      "use": "enc",
      "crv": "P-256",
      "kid": "21aaa1f5-b4dd-45a9-b12f-fad9bf97e187",
      "x": "-dhnNgYoyF85hGdYSt-sZ31X2ZZuxhpFMNgmqCaOkh4",
      "y": "rD4ttZ7CyTOx3g4mIN9oNXOiKFKSgba6DuDC9nnGI6M",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "9762dbe1-e489-4b26-90b5-39bdbe6c9ea3",
      "n": "jox3oTqSMwHpbWMM5UN8N5vr4wBtiJe_OLUegBpFL6B30upxepLMyXE_JHrIQFDh7wS2J7ZpOmI26fLe4Jc7hY9uW2IrfQ8cdVjK9grcaUw9fibYzSK0hyvmx1OtO_Ti3k55eFVm1PumcnXMCzmD0Extbj9kAR7WX2s3_XEU19sUgpOYFnQpsl-3W2-7jBAb5XHfgFD3duRTQ2NPxb4In8uiysjEoJrzbZvYWk0GHkNv4y7D1jdTe8apigy7fNm8ZDRd_cv1VsaayqI6eLPHlpAdSCHfXB4mWgS3jvC8WHH2f4x7gdnO07pYYlWmu3c631axs5CTsKY-Ti3VlAgefw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "090ba673-62de-40cb-8c5e-80a0fc069e9e",
      "n": "rlw1-7SzTYyME9-NDAZqsrYaOizB7-HAna5Bog4r29bf_GFGJ_d0snB70baH3Hoig_jAGYIHdIJOsRPmEp643-7OOEkDT34wVAYokUrYuhMkEBEtZk2ibEEwv3Mfv9DKOPuAVwc7IZOXMjLNCN5SheWISvpycD0W4goBZTzZlgOduzTagrLm755_6tRR0SOG3MktG3nzI-xLfIiY8yFidD0tT3KkUKnagIUCEXwHvDfQ_Dc39IP5opCcCtDlhpNVKmpz3qVyRZF6b75VjS3cOomNiXrCadB4OvEw9ICoJMuE6_Fa6cZfEWSPY74l9IdauFeiaAMGyRB1J86b8G39EQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "3de81504-b9a9-429d-a448-22622e855345",
      "x": "lIseTgB9DCG0tFz4HVuKLfno1VUBlIyeCqGXJiBzxRM",
      "y": "3YqlOkRaUSXJOPxykfNyxH_JZpm-Ix-anATvCOvJVUU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "6c75a84a-b6bf-4c91-840a-6282a8c1e2f7",
      "x": "moffpEugDz4Mj2OdCcAKgRSHIUSF2BrkJNPDRz9Bfsc",
      "y": "MdXq_KwI3fHSP0DKJLhYL2xOgdagkks3F2EpN7w7Pm0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "4b2a1bf5-a657-4b6f-83ae-6f73d8b06f9c",
      "x": "0K3C_op5eg4lE06VDstgvaEK3HuPyrJpuqSnoT2fSmA",
      "y": "lbPb6QEC7GyBOe9ohDSgewPHxHcinIWdrSEj7ZKp-cM"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "43a5eb87-40c1-428a-b9c9-4e1708c5fc45",
      "x": "s28s-coN9H84vnM6Z47xRfNnbmooE2nxgnABUc33W_E"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "954148c0-e8df-4e42-82aa-291bded6ec7c",
      "alg": "RSA-OAEP",
      "n": "2AF2iKjv4tSBnu_rBW8kESxIgu7v5wxXWyPuvAm2SEvLXtsvtfr8t_mUI6mioFkoNYly7rKfJY7QHDptTAbtM4P10NPeNS_iWk7j9arIg8e9RUXlEPz11UHI06FUziBjvq9J2v_b5tl8pms_ebpRKCW_LFa6UC9tnt4wjgTOAKOFRqV3RHzAKy0c6-LwLLrHD82x9vEGimTN9qM7xHgK2d0Q1zAiBp8BoaaX4vjxjwi-iB-NotlXcAISTsLMIBNayVncKgGyzbCvyvSHDIirunke5eybGvwVagz3Qnsdl3xQwu7-629jr91OurQ-nBXgXR1hIg0eJGb-GyTHJDvQXw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "21aaa1f5-b4dd-45a9-b12f-fad9bf97e187",
      "x": "-dhnNgYoyF85hGdYSt-sZ31X2ZZuxhpFMNgmqCaOkh4",
      "y": "rD4ttZ7CyTOx3g4mIN9oNXOiKFKSgba6DuDC9nnGI6M",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:51:25 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:51:25 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:51:25 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:51:25 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:51:25
oidcc-client-test-userinfo-invalid-sub
Setup Done
2020-09-01 12:51:26 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance xK6DMXD7n5MoFaC
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:51:26 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance xK6DMXD7n5MoFaC
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/",
  "authorization_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/token",
  "jwks_uri": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:51:26 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance xK6DMXD7n5MoFaC
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "181",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:51:26 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:51:26 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:51:26 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code id_token"
]
2020-09-01 12:51:26 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:26 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:51:26 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:51:26 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:51:26 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:51:26 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:51:26 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:51:26 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:51:26 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:26 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:51:26 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:51:26 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:51:26 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:51:26 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:51:26 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:51:26 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:51:26 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:51:26 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:51:26 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:51:26 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_JOAOccBGiKnSkIY83743:{_/\u0026"
}
2020-09-01 12:51:26
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_NRPLPdOrHDXcrVdxlQkjozqdhJzEahUZyDYxHOHwTGyPRXzcns3989387979!`,>`
2020-09-01 12:51:26 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:51:26 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_JOAOccBGiKnSkIY83743:{_/\u0026",
  "client_secret": "secret_NRPLPdOrHDXcrVdxlQkjozqdhJzEahUZyDYxHOHwTGyPRXzcns3989387979!`,\u003e`"
}
2020-09-01 12:51:26 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:51:26 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:51:26
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:51:26 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance xK6DMXD7n5MoFaC
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_JOAOccBGiKnSkIY83743:{_/\u0026",
  "client_secret": "secret_NRPLPdOrHDXcrVdxlQkjozqdhJzEahUZyDYxHOHwTGyPRXzcns3989387979!`,\u003e`",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:51:27 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance xK6DMXD7n5MoFaC
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_JOAOccBGiKnSkIY83743:{_/\u0026",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "kK2f9IyykdTnbY0IPh-1ybmwxmQ0-UOOjPTtnKec6F0",
  "nonce": "HlgoG6owlZ7o4dHnvO74HUxMn0S11sfQX8LucEmWM2E",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:51:27 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:51:27 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:27 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_JOAOccBGiKnSkIY83743:{_/\u0026",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "kK2f9IyykdTnbY0IPh-1ybmwxmQ0-UOOjPTtnKec6F0",
  "nonce": "HlgoG6owlZ7o4dHnvO74HUxMn0S11sfQX8LucEmWM2E",
  "response_mode": "form_post"
}
2020-09-01 12:51:27 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:51:27 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
HlgoG6owlZ7o4dHnvO74HUxMn0S11sfQX8LucEmWM2E
2020-09-01 12:51:27 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2020-09-01 12:51:27 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_JOAOccBGiKnSkIY83743:{_/&
2020-09-01 12:51:27 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:27 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:27 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:51:27 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
ycAhW1MBh6
2020-09-01 12:51:27 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
P_57Me9F1OhNa7sG8Hc_Rg
2020-09-01 12:51:27 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/
sub
user-subject-1234531
aud
client_JOAOccBGiKnSkIY83743:{_/&
nonce
HlgoG6owlZ7o4dHnvO74HUxMn0S11sfQX8LucEmWM2E
iat
1598964687
exp
1598964987
2020-09-01 12:51:27 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
P_57Me9F1OhNa7sG8Hc_Rg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/",
  "sub": "user-subject-1234531",
  "aud": "client_JOAOccBGiKnSkIY83743:{_/\u0026",
  "nonce": "HlgoG6owlZ7o4dHnvO74HUxMn0S11sfQX8LucEmWM2E",
  "iat": 1598964687,
  "exp": 1598964987,
  "c_hash": "P_57Me9F1OhNa7sG8Hc_Rg"
}
2020-09-01 12:51:27 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-09-01 12:51:27 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI5NzYyZGJlMS1lNDg5LTRiMjYtOTBiNS0zOWJkYmU2YzllYTMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9KT0FPY2NCR2lLblNrSVk4Mzc0Mzp7X1wvJiIsImNfaGFzaCI6IlBfNTdNZTlGMU9oTmE3c0c4SGNfUmciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwveEs2RE1YRDduNU1vRmFDXC8iLCJleHAiOjE1OTg5NjQ5ODcsIm5vbmNlIjoiSGxnb0c2b3dsWjdvNGRIbnZPNzRIVXhNbjBTMTFzZlFYOEx1Y0VtV00yRSIsImlhdCI6MTU5ODk2NDY4N30.I_8keexaohy85N1yxXO6aH-4zc5XRP7pElPdAROvNVklxxY6LNY6A_mFPRgBOzHpkPrmQdSuoJQe0_7YI7dZMQxiJ50oIh0HLPkn9TgJpA7du9-aTy-akvicamPlLS-PLQQXVuQ8RQWTQfehiOylt8W8PQoqh_4ujD8mz_YzvBexDSYAD3ILvapZvIy8YAI_kiMkbBemGTIDsMzQVWTM57-ld6HFFmRbelIrMQqvLgtwCBND7pBNvkljphqLDv0orSyhQhAE64CbMFiBV5ZGW1J9-RR_ld4oHFY9A8cyTe77uMA44N-SOkjg0iMJMKIJ7UQL7z_CeOMC0jDDjEMP6w
key
{"p":"yfU2nq7JTR4a1pnEydFahekq2eT89CFw20M0awiS3fYj62QM7zXMQj_7K2K8KnCYa7mjbUXFcwxr9xRU56DJFlaSXUsJGlIf6VOUE5QwtKHC25s-svJG5G5LPj1l67hNx3M9RXzxnzaxF9yjNyI9SUnrkCRfvQl2z2DvdI1XIJc","kty":"RSA","q":"tLGHOwr0mWMYQcT0YW0PlxiMaHcACIRCkF_X3icPCGRrst99tqqgSmBb2cGrYtFfQlT0Xdw1oPuS1t-ipw2vXGlwENMBi4nY1JnT17GPQ_4GSUZRXeaxt3ZLPujTQn7DBaiQQlnPpu6hSKhkd68U3RhuHGBhWEDIiQv7_ubfxlk","d":"DOi9oLU8LjBbIlPZBB4jbqnJJ-qPANK1N353f6RhZZnDoC8pDa-jqg5-aGBSKDjq7QlhMaF8UBQ64t7ivjYT5tmBZfcy9wVaT2o2HygGo-aKnxUHhzRAYwlfwedbBdX8gaNbrsEVKe6MOUtfqhiQTlnNgzFsbgmL4mJEVMhb2dxTjPADaEP9O8PNthcWZGHG_nqU5ohQa4dhQoz_BLMRi3GO-2xtvnu1RZuZAQWB93lI2Wa-qRvXpzWPNj0-rIX09FCtZ3cLKpTgDozMRVH9CS4lqqxDpm7M5iuQUJFm5rD03ZqaWIFFR34U3U7FR8gJ3fPP91hFGyLwaIDpf_YjcQ","e":"AQAB","use":"sig","kid":"9762dbe1-e489-4b26-90b5-39bdbe6c9ea3","qi":"Pv5xyA44DISd_iq58G701FFw4olfyLsXb6UT3af3QjbJfnmFM28i1da6a8yUEWoKAX1HmligqTAKjlRUnqO0i1_vUBYV8YlZEtfOG4vw0koQLnuSJjO5X3AHdhgmVu_Qj_S90CSUh8dGTbh2fuBWl82GSzX3MCpvgi23tvZxGhI","dp":"YSZqfe8KuuQueOlDduoUp7JAgMzcufuUNIWho5NeQxPyt3tLlY7FkWEBzB8U8T10tO16JkiX8P4auaK4LSx1Tx-aDPLZkCXNYApqgviYbWwbNlT51k8htyUvYONcMgZYtAdFhDXUbYh7rETg5ta7sJO0k4RL4b25v4yb4-9R6EU","dq":"nodql5iDBNf1_i3oIlnm5a958GUHOHGhXL1ZzOQDwl8oRiTiTJLiUp67tw69aNM8ehvC0V5UBsrxB2fpchsFkVRIJ9qYbm4gOFZFj-WORh7mMP9qf7HYlZdJaQYn4x0HyT0cY7ob_t85zV8_1elbqqa2ZFsCzMT5q5NCIV85UPE","n":"jox3oTqSMwHpbWMM5UN8N5vr4wBtiJe_OLUegBpFL6B30upxepLMyXE_JHrIQFDh7wS2J7ZpOmI26fLe4Jc7hY9uW2IrfQ8cdVjK9grcaUw9fibYzSK0hyvmx1OtO_Ti3k55eFVm1PumcnXMCzmD0Extbj9kAR7WX2s3_XEU19sUgpOYFnQpsl-3W2-7jBAb5XHfgFD3duRTQ2NPxb4In8uiysjEoJrzbZvYWk0GHkNv4y7D1jdTe8apigy7fNm8ZDRd_cv1VsaayqI6eLPHlpAdSCHfXB4mWgS3jvC8WHH2f4x7gdnO07pYYlWmu3c631axs5CTsKY-Ti3VlAgefw"}
algorithm
RS256
2020-09-01 12:51:27 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:27 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "kK2f9IyykdTnbY0IPh-1ybmwxmQ0-UOOjPTtnKec6F0"
}
2020-09-01 12:51:27 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "kK2f9IyykdTnbY0IPh-1ybmwxmQ0-UOOjPTtnKec6F0",
  "code": "ycAhW1MBh6"
}
2020-09-01 12:51:27 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "kK2f9IyykdTnbY0IPh-1ybmwxmQ0-UOOjPTtnKec6F0",
  "code": "ycAhW1MBh6",
  "id_token": "eyJraWQiOiI5NzYyZGJlMS1lNDg5LTRiMjYtOTBiNS0zOWJkYmU2YzllYTMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9KT0FPY2NCR2lLblNrSVk4Mzc0Mzp7X1wvJiIsImNfaGFzaCI6IlBfNTdNZTlGMU9oTmE3c0c4SGNfUmciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwveEs2RE1YRDduNU1vRmFDXC8iLCJleHAiOjE1OTg5NjQ5ODcsIm5vbmNlIjoiSGxnb0c2b3dsWjdvNGRIbnZPNzRIVXhNbjBTMTFzZlFYOEx1Y0VtV00yRSIsImlhdCI6MTU5ODk2NDY4N30.I_8keexaohy85N1yxXO6aH-4zc5XRP7pElPdAROvNVklxxY6LNY6A_mFPRgBOzHpkPrmQdSuoJQe0_7YI7dZMQxiJ50oIh0HLPkn9TgJpA7du9-aTy-akvicamPlLS-PLQQXVuQ8RQWTQfehiOylt8W8PQoqh_4ujD8mz_YzvBexDSYAD3ILvapZvIy8YAI_kiMkbBemGTIDsMzQVWTM57-ld6HFFmRbelIrMQqvLgtwCBND7pBNvkljphqLDv0orSyhQhAE64CbMFiBV5ZGW1J9-RR_ld4oHFY9A8cyTe77uMA44N-SOkjg0iMJMKIJ7UQL7z_CeOMC0jDDjEMP6w"
}
2020-09-01 12:51:27 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance xK6DMXD7n5MoFaC
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"kK2f9IyykdTnbY0IPh-1ybmwxmQ0-UOOjPTtnKec6F0","code":"ycAhW1MBh6","id_token":"eyJraWQiOiI5NzYyZGJlMS1lNDg5LTRiMjYtOTBiNS0zOWJkYmU2YzllYTMiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9KT0FPY2NCR2lLblNrSVk4Mzc0Mzp7X1wvJiIsImNfaGFzaCI6IlBfNTdNZTlGMU9oTmE3c0c4SGNfUmciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwveEs2RE1YRDduNU1vRmFDXC8iLCJleHAiOjE1OTg5NjQ5ODcsIm5vbmNlIjoiSGxnb0c2b3dsWjdvNGRIbnZPNzRIVXhNbjBTMTFzZlFYOEx1Y0VtV00yRSIsImlhdCI6MTU5ODk2NDY4N30.I_8keexaohy85N1yxXO6aH-4zc5XRP7pElPdAROvNVklxxY6LNY6A_mFPRgBOzHpkPrmQdSuoJQe0_7YI7dZMQxiJ50oIh0HLPkn9TgJpA7du9-aTy-akvicamPlLS-PLQQXVuQ8RQWTQfehiOylt8W8PQoqh_4ujD8mz_YzvBexDSYAD3ILvapZvIy8YAI_kiMkbBemGTIDsMzQVWTM57-ld6HFFmRbelIrMQqvLgtwCBND7pBNvkljphqLDv0orSyhQhAE64CbMFiBV5ZGW1J9-RR_ld4oHFY9A8cyTe77uMA44N-SOkjg0iMJMKIJ7UQL7z_CeOMC0jDDjEMP6w"}}]
outgoing_path
authorize
2020-09-01 12:51:27 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance xK6DMXD7n5MoFaC
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:51:27 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance xK6DMXD7n5MoFaC
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "9762dbe1-e489-4b26-90b5-39bdbe6c9ea3",
      "n": "jox3oTqSMwHpbWMM5UN8N5vr4wBtiJe_OLUegBpFL6B30upxepLMyXE_JHrIQFDh7wS2J7ZpOmI26fLe4Jc7hY9uW2IrfQ8cdVjK9grcaUw9fibYzSK0hyvmx1OtO_Ti3k55eFVm1PumcnXMCzmD0Extbj9kAR7WX2s3_XEU19sUgpOYFnQpsl-3W2-7jBAb5XHfgFD3duRTQ2NPxb4In8uiysjEoJrzbZvYWk0GHkNv4y7D1jdTe8apigy7fNm8ZDRd_cv1VsaayqI6eLPHlpAdSCHfXB4mWgS3jvC8WHH2f4x7gdnO07pYYlWmu3c631axs5CTsKY-Ti3VlAgefw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "090ba673-62de-40cb-8c5e-80a0fc069e9e",
      "n": "rlw1-7SzTYyME9-NDAZqsrYaOizB7-HAna5Bog4r29bf_GFGJ_d0snB70baH3Hoig_jAGYIHdIJOsRPmEp643-7OOEkDT34wVAYokUrYuhMkEBEtZk2ibEEwv3Mfv9DKOPuAVwc7IZOXMjLNCN5SheWISvpycD0W4goBZTzZlgOduzTagrLm755_6tRR0SOG3MktG3nzI-xLfIiY8yFidD0tT3KkUKnagIUCEXwHvDfQ_Dc39IP5opCcCtDlhpNVKmpz3qVyRZF6b75VjS3cOomNiXrCadB4OvEw9ICoJMuE6_Fa6cZfEWSPY74l9IdauFeiaAMGyRB1J86b8G39EQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "3de81504-b9a9-429d-a448-22622e855345",
      "x": "lIseTgB9DCG0tFz4HVuKLfno1VUBlIyeCqGXJiBzxRM",
      "y": "3YqlOkRaUSXJOPxykfNyxH_JZpm-Ix-anATvCOvJVUU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "6c75a84a-b6bf-4c91-840a-6282a8c1e2f7",
      "x": "moffpEugDz4Mj2OdCcAKgRSHIUSF2BrkJNPDRz9Bfsc",
      "y": "MdXq_KwI3fHSP0DKJLhYL2xOgdagkks3F2EpN7w7Pm0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "4b2a1bf5-a657-4b6f-83ae-6f73d8b06f9c",
      "x": "0K3C_op5eg4lE06VDstgvaEK3HuPyrJpuqSnoT2fSmA",
      "y": "lbPb6QEC7GyBOe9ohDSgewPHxHcinIWdrSEj7ZKp-cM"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "43a5eb87-40c1-428a-b9c9-4e1708c5fc45",
      "x": "s28s-coN9H84vnM6Z47xRfNnbmooE2nxgnABUc33W_E"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "954148c0-e8df-4e42-82aa-291bded6ec7c",
      "alg": "RSA-OAEP",
      "n": "2AF2iKjv4tSBnu_rBW8kESxIgu7v5wxXWyPuvAm2SEvLXtsvtfr8t_mUI6mioFkoNYly7rKfJY7QHDptTAbtM4P10NPeNS_iWk7j9arIg8e9RUXlEPz11UHI06FUziBjvq9J2v_b5tl8pms_ebpRKCW_LFa6UC9tnt4wjgTOAKOFRqV3RHzAKy0c6-LwLLrHD82x9vEGimTN9qM7xHgK2d0Q1zAiBp8BoaaX4vjxjwi-iB-NotlXcAISTsLMIBNayVncKgGyzbCvyvSHDIirunke5eybGvwVagz3Qnsdl3xQwu7-629jr91OurQ-nBXgXR1hIg0eJGb-GyTHJDvQXw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "21aaa1f5-b4dd-45a9-b12f-fad9bf97e187",
      "x": "-dhnNgYoyF85hGdYSt-sZ31X2ZZuxhpFMNgmqCaOkh4",
      "y": "rD4ttZ7CyTOx3g4mIN9oNXOiKFKSgba6DuDC9nnGI6M",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:51:27 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance xK6DMXD7n5MoFaC
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X0pPQU9jY0JHaUtuU2tJWTgzNzQzJTNBJTdCXyUyRiUyNjpzZWNyZXRfTlJQTFBkT3JIRFhjclZkeGxRa2pvenFkaEp6RWFoVVp5RFl4SE9Id1RHeVBSWHpjbnMzOTg5Mzg3OTc5ISU2MCUyQyUzRSU2MA\u003d\u003d",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "ycAhW1MBh6",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=ycAhW1MBh6&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:51:27 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_JOAOccBGiKnSkIY83743:{_/&
client_secret
secret_NRPLPdOrHDXcrVdxlQkjozqdhJzEahUZyDYxHOHwTGyPRXzcns3989387979!`,>`
method
client_secret_basic
2020-09-01 12:51:27 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:51:27 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
ycAhW1MBh6
2020-09-01 12:51:27 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:51:27 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
46iC09h9ebINRLMQ6HGgQUlk9m3A6YhAYPuYUWncTmvGLYajuT
2020-09-01 12:51:27 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
0v5jCNuKfWksSN0vQBlU_A
2020-09-01 12:51:27 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/
sub
user-subject-1234531
aud
client_JOAOccBGiKnSkIY83743:{_/&
nonce
HlgoG6owlZ7o4dHnvO74HUxMn0S11sfQX8LucEmWM2E
iat
1598964687
exp
1598964987
2020-09-01 12:51:27 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
0v5jCNuKfWksSN0vQBlU_A
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/xK6DMXD7n5MoFaC/",
  "sub": "user-subject-1234531",
  "aud": "client_JOAOccBGiKnSkIY83743:{_/\u0026",
  "nonce": "HlgoG6owlZ7o4dHnvO74HUxMn0S11sfQX8LucEmWM2E",
  "iat": 1598964687,
  "exp": 1598964987,
  "at_hash": "0v5jCNuKfWksSN0vQBlU_A"
}
2020-09-01 12:51:27 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI5NzYyZGJlMS1lNDg5LTRiMjYtOTBiNS0zOWJkYmU2YzllYTMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiMHY1akNOdUtmV2tzU04wdlFCbFVfQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X0pPQU9jY0JHaUtuU2tJWTgzNzQzOntfXC8mIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL3hLNkRNWEQ3bjVNb0ZhQ1wvIiwiZXhwIjoxNTk4OTY0OTg3LCJub25jZSI6IkhsZ29HNm93bFo3bzRkSG52Tzc0SFV4TW4wUzExc2ZRWDhMdWNFbVdNMkUiLCJpYXQiOjE1OTg5NjQ2ODd9.ItSogSf6nysSc5MX506S3G3Y4j2nJ1pVfyPeusV2RDOXlVqel9HWM1zgooVsLBmmyGuBNLecTbd1WhcKPR1jvqLEbIzxM65nCjU6xPVTaXrZJCgJ67KEqljvNLc6cez5EIvXTq3WlrM-aOtGO3sOMEYxQ9mwCWvZa8e8QbYRul2VR6ejIdiF8JcmOY9z7PmoS5lWKYFTHh3rLfmcwCCmB6gbII37pSaYiJGqWUVDRUIP9JKh3kbqexlE1A7-erCH8QOp1SSA5wdfIb9dA-vPuNs7bRSWrvvlZea6r821Y1pcxnaH9cGo0DsBRhL1jerw8veNRxW5ZmcZEDATqopR5w
key
{"p":"yfU2nq7JTR4a1pnEydFahekq2eT89CFw20M0awiS3fYj62QM7zXMQj_7K2K8KnCYa7mjbUXFcwxr9xRU56DJFlaSXUsJGlIf6VOUE5QwtKHC25s-svJG5G5LPj1l67hNx3M9RXzxnzaxF9yjNyI9SUnrkCRfvQl2z2DvdI1XIJc","kty":"RSA","q":"tLGHOwr0mWMYQcT0YW0PlxiMaHcACIRCkF_X3icPCGRrst99tqqgSmBb2cGrYtFfQlT0Xdw1oPuS1t-ipw2vXGlwENMBi4nY1JnT17GPQ_4GSUZRXeaxt3ZLPujTQn7DBaiQQlnPpu6hSKhkd68U3RhuHGBhWEDIiQv7_ubfxlk","d":"DOi9oLU8LjBbIlPZBB4jbqnJJ-qPANK1N353f6RhZZnDoC8pDa-jqg5-aGBSKDjq7QlhMaF8UBQ64t7ivjYT5tmBZfcy9wVaT2o2HygGo-aKnxUHhzRAYwlfwedbBdX8gaNbrsEVKe6MOUtfqhiQTlnNgzFsbgmL4mJEVMhb2dxTjPADaEP9O8PNthcWZGHG_nqU5ohQa4dhQoz_BLMRi3GO-2xtvnu1RZuZAQWB93lI2Wa-qRvXpzWPNj0-rIX09FCtZ3cLKpTgDozMRVH9CS4lqqxDpm7M5iuQUJFm5rD03ZqaWIFFR34U3U7FR8gJ3fPP91hFGyLwaIDpf_YjcQ","e":"AQAB","use":"sig","kid":"9762dbe1-e489-4b26-90b5-39bdbe6c9ea3","qi":"Pv5xyA44DISd_iq58G701FFw4olfyLsXb6UT3af3QjbJfnmFM28i1da6a8yUEWoKAX1HmligqTAKjlRUnqO0i1_vUBYV8YlZEtfOG4vw0koQLnuSJjO5X3AHdhgmVu_Qj_S90CSUh8dGTbh2fuBWl82GSzX3MCpvgi23tvZxGhI","dp":"YSZqfe8KuuQueOlDduoUp7JAgMzcufuUNIWho5NeQxPyt3tLlY7FkWEBzB8U8T10tO16JkiX8P4auaK4LSx1Tx-aDPLZkCXNYApqgviYbWwbNlT51k8htyUvYONcMgZYtAdFhDXUbYh7rETg5ta7sJO0k4RL4b25v4yb4-9R6EU","dq":"nodql5iDBNf1_i3oIlnm5a958GUHOHGhXL1ZzOQDwl8oRiTiTJLiUp67tw69aNM8ehvC0V5UBsrxB2fpchsFkVRIJ9qYbm4gOFZFj-WORh7mMP9qf7HYlZdJaQYn4x0HyT0cY7ob_t85zV8_1elbqqa2ZFsCzMT5q5NCIV85UPE","n":"jox3oTqSMwHpbWMM5UN8N5vr4wBtiJe_OLUegBpFL6B30upxepLMyXE_JHrIQFDh7wS2J7ZpOmI26fLe4Jc7hY9uW2IrfQ8cdVjK9grcaUw9fibYzSK0hyvmx1OtO_Ti3k55eFVm1PumcnXMCzmD0Extbj9kAR7WX2s3_XEU19sUgpOYFnQpsl-3W2-7jBAb5XHfgFD3duRTQ2NPxb4In8uiysjEoJrzbZvYWk0GHkNv4y7D1jdTe8apigy7fNm8ZDRd_cv1VsaayqI6eLPHlpAdSCHfXB4mWgS3jvC8WHH2f4x7gdnO07pYYlWmu3c631axs5CTsKY-Ti3VlAgefw"}
algorithm
RS256
2020-09-01 12:51:27 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:27 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
46iC09h9ebINRLMQ6HGgQUlk9m3A6YhAYPuYUWncTmvGLYajuT
token_type
Bearer
id_token
eyJraWQiOiI5NzYyZGJlMS1lNDg5LTRiMjYtOTBiNS0zOWJkYmU2YzllYTMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiMHY1akNOdUtmV2tzU04wdlFCbFVfQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X0pPQU9jY0JHaUtuU2tJWTgzNzQzOntfXC8mIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL3hLNkRNWEQ3bjVNb0ZhQ1wvIiwiZXhwIjoxNTk4OTY0OTg3LCJub25jZSI6IkhsZ29HNm93bFo3bzRkSG52Tzc0SFV4TW4wUzExc2ZRWDhMdWNFbVdNMkUiLCJpYXQiOjE1OTg5NjQ2ODd9.ItSogSf6nysSc5MX506S3G3Y4j2nJ1pVfyPeusV2RDOXlVqel9HWM1zgooVsLBmmyGuBNLecTbd1WhcKPR1jvqLEbIzxM65nCjU6xPVTaXrZJCgJ67KEqljvNLc6cez5EIvXTq3WlrM-aOtGO3sOMEYxQ9mwCWvZa8e8QbYRul2VR6ejIdiF8JcmOY9z7PmoS5lWKYFTHh3rLfmcwCCmB6gbII37pSaYiJGqWUVDRUIP9JKh3kbqexlE1A7-erCH8QOp1SSA5wdfIb9dA-vPuNs7bRSWrvvlZea6r821Y1pcxnaH9cGo0DsBRhL1jerw8veNRxW5ZmcZEDATqopR5w
scope
openid
2020-09-01 12:51:27 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance xK6DMXD7n5MoFaC
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "46iC09h9ebINRLMQ6HGgQUlk9m3A6YhAYPuYUWncTmvGLYajuT",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiI5NzYyZGJlMS1lNDg5LTRiMjYtOTBiNS0zOWJkYmU2YzllYTMiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiMHY1akNOdUtmV2tzU04wdlFCbFVfQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X0pPQU9jY0JHaUtuU2tJWTgzNzQzOntfXC8mIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL3hLNkRNWEQ3bjVNb0ZhQ1wvIiwiZXhwIjoxNTk4OTY0OTg3LCJub25jZSI6IkhsZ29HNm93bFo3bzRkSG52Tzc0SFV4TW4wUzExc2ZRWDhMdWNFbVdNMkUiLCJpYXQiOjE1OTg5NjQ2ODd9.ItSogSf6nysSc5MX506S3G3Y4j2nJ1pVfyPeusV2RDOXlVqel9HWM1zgooVsLBmmyGuBNLecTbd1WhcKPR1jvqLEbIzxM65nCjU6xPVTaXrZJCgJ67KEqljvNLc6cez5EIvXTq3WlrM-aOtGO3sOMEYxQ9mwCWvZa8e8QbYRul2VR6ejIdiF8JcmOY9z7PmoS5lWKYFTHh3rLfmcwCCmB6gbII37pSaYiJGqWUVDRUIP9JKh3kbqexlE1A7-erCH8QOp1SSA5wdfIb9dA-vPuNs7bRSWrvvlZea6r821Y1pcxnaH9cGo0DsBRhL1jerw8veNRxW5ZmcZEDATqopR5w",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:51:28 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to test instance xK6DMXD7n5MoFaC
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer 46iC09h9ebINRLMQ6HGgQUlk9m3A6YhAYPuYUWncTmvGLYajuT",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:51:28 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
46iC09h9ebINRLMQ6HGgQUlk9m3A6YhAYPuYUWncTmvGLYajuT
2020-09-01 12:51:28 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
46iC09h9ebINRLMQ6HGgQUlk9m3A6YhAYPuYUWncTmvGLYajuT
2020-09-01 12:51:28 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:51:28
ChangeSubInUserInfoResponseToBeInvalid
Added invalid sub to userinfo endpoint output
sub
user-subject-1234531invalid
2020-09-01 12:51:28
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:51:28 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:28 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:28 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:28 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance xK6DMXD7n5MoFaC
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531invalid"
}
outgoing_path
userinfo
2020-09-01 12:51:28 FINISHED
oidcc-client-test-userinfo-invalid-sub
Test has run to completion
testmodule_result
PASSED
Test Results