Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:52:29 INFO
TEST-RUNNER
Test instance Qp2Aqe7ccJMyyXQ created
baseUrl
https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-kid-absent-single-jwks
2020-09-01 12:52:29 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/",
  "authorization_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/token",
  "jwks_uri": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:52:29
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/",
  "authorization_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/token",
  "jwks_uri": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:52:29
OIDCCGenerateServerJWKsSingleSigningKeyWithNoKeyId
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "-RBFHhH7ql88KI19Dcrzr0L7Fd3tnZRBT_5aG3gfI_1D9vF0elSw-wNpzi3J6et_zbGWvndJv7IrfskqLNCv_28jVS9N5kZ4twCVLNtXI7WydEvePTzlbcnOmc1K1QidXdYVOl9bOZ07Wasdyh2peCTAh45wMGg6C-jCy-IzhUM",
      "kty": "RSA",
      "q": "54-a49Z6czfZNPaoYQGQ0PBHjHwXTPPcCIkiXtRoW4ciWast8OYVteikKbiiR2H58syDPMd-YhyZjXrCp65kiyayCkjYtFOUj4M08bw1i8d3vOnP1xjMuxDMUn7Xg46o61A6ldhjOOUf4B38-Kb47fdKf4kzumkfOvYQ8-4Av1U",
      "d": "nuIwX_t0hemqURBmFPtJSIWrB1_WdwqxcZC-um64R0XTB0nioJcv6o4c5-j6BxapFvbMMXbcgE549OieOvEhHcP2ZLAEXYTEzkD0VyLDi7QD0LgpcFHnkEFWcV9TyUgAYfjEF4ZJkSglqjvCWAhicXJlGHZrkDA8EQDMOoCSRwnPpluvdxacvriNDvGiOKNSVmR8CbmXAs574thNSpRMo_0PYE0n25I1_n6H0nX-o1j6f9fUF529TgU5f-CkFvYe0ntTG_wFDTRIhE8KGU071t4pShl-jqUhvFetN1Cpd9GCqm-VAmxSLLZlYUcyh_l2gtsX9UBeNb9fR9wFZCyP4Q",
      "e": "AQAB",
      "use": "sig",
      "qi": "MnN2-z8SLl9pN3Efk74GyQsY-GBInI-_aQ9btVcyyW6D4iCxA5aNBdcOOk6_f_6CA-JMMaYInFIVdSZTE_nvqZjBO3uofl5bkC9WCBbkqGfpbvZn59NKWJhw2VQC58BpTq9JOrSYjUGz9LCDqsyEVzdYA4I3Rdc0K5unX8o7f_w",
      "dp": "pEr-PPLB30YJKfsDVfjdvGvjsy39E2h7mOgAyoP3jsb_cUMfgZ6iTEKZJd-AhOTLHoWaGbQYmvJNzMmoH33dyxKl7QhSS6eK87TXsopRtgWiXSK6zAyCj2SC-2O3jEWtgPu6bxH93EiCoQjGks_0PYOI2SK1kMkAGWEGNnXVZH8",
      "dq": "M6nopvjNbTOCtLxrqOkOhG93pzJwiGzIJOdj0cCWYAVwdo0ovNy471MufViCbGbBu5hBl6fy3LUA1X4UPBE-wYUqp_zEzMbxGGvvvhd94ufoITARfS49T2daDvXZ47JKoeXOjGwxBxqn1_sY2-l1FLLd3kKgVfDqVN9dvO7XH9k",
      "n": "4UllJjGyPmwpWy64UHlmOMFMkrnHdFeDvAp1cEoDLd9P5ZMCKalJ2hqr6UHgla6xRTvE77upuWL5FZDBY0XJzY8qeX0dV3OjrNFsLtSdBoiEEcpO9nhBlyr-1z6pFvOJN18ZrdzeTJ8FfEZYVJpBlrPNGpVNVche1HK_QmzDRXD6IDFNzdIOu0qw4eBcOTfW0DL776mZAPpbIPRQfIaQM5DZSwTJnREYkRE3Pxi9ule7ciDqYdz2eKrnB26RrMxN1wDC1I3Z_mYaoRNr2RosT20OfpAbg4K0tDJFmSewkhtXVBilAS8KuBt5uQugwXdX7qJn2EHEnL1ViF_z1Yg8Pw"
    },
    {
      "kty": "EC",
      "d": "m1Al7mDqwXpWN5OX_sPNSswZuyBKxOlZIAVYlICdjBk",
      "use": "sig",
      "crv": "P-256",
      "x": "KaXRgmJjKleex5S_xcp_DhNR2uAWecFsfPGQwj3YcGs",
      "y": "a3zqNExGv82NKZHz1f1vOojruf-ZeK8VdV-_OkqfokQ"
    },
    {
      "kty": "EC",
      "d": "iMKZcB1SrpNFdL2wMMU-ThbremU_WxDryOCH9TUhNBY",
      "use": "sig",
      "crv": "secp256k1",
      "x": "nq1nVSa0eRPShfg5NojiONWIGutUTEvYq7kp2A04BgI",
      "y": "yhJ1tU0KPEs2k7l7Oib_-QcARedMf1qgIA6TlE46FfU"
    },
    {
      "kty": "OKP",
      "d": "WCDcMWQ-kDFoanx9HQpKZ7cmXFaUVfVjJt6pYwy2YZM",
      "use": "sig",
      "crv": "Ed25519",
      "x": "TIHXfasCj48IHHwP5LK-h9PMHS4G1-ifSoYCP1NY6zM"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "8PN7xVBAoF0wF-wGJnGFeQzSrYh4sNxcHrpF-wRa8Lz8CZxnUZmxom-igRWh53hjoA8wrS8TtJe3lzIo5JbmdV_u5g2AvvFFuEj-ZmcNTGV8M9GMlbEQLS2Fw8S6OKJYOtErFMsHIHwQmy6wgSWXb-VbWLaVKYsK-VjS6GX0TxE",
      "kty": "RSA",
      "q": "r4-11RAcl8SU6qCbGiGeDC2bP2X0gcpdt2axRE0BAQS9ngNRdz0iFh_kjCBH4vQvzr0RWPKl0DFti9x1bIr__m9xJhtJBzucEoxBELcggO3-vlyfB89XN8IVYSusTIk4GW9FlY_eJ_WLCoMEa5ckclfsOXuD1BugfklzxYDJ5X8",
      "d": "Vjwfy8WLUZy2gobuqQcNwzU8KA4_zg1COuW7dPP5ocMqpf0f6LXZE2hF0BRxbn-3jcesAN8z6A2j8r8BaeSoZRa9zV_nsS8cmvHmIakEapmPJfofqM5HZ7Ujw-0Fuiz-h1Ed6u1ncnRS-gqkmNAukDsHQ7xqC5Nl9Y4lw1QR291r-886aaslu9NaPaUwTp9AgqFBponkFn2d4UUGQuD9xh9qQUoRsFxSzSItai_T0mUWIg68OTWD8Cuyu2jb3oDgTNQx4R1a4E_2kZBgjPh5r7slRFZA77b0iNRe_MmzjWfouP2hMjG8nO_XQtztP-xOjncHq77eMapbAD5gn0MwwQ",
      "e": "AQAB",
      "use": "enc",
      "qi": "2XAwmIH9vfoVrY6Jq9Pe1KDtk9ze0-UNbx5TxIXYY4jEgsSj5pItfevxlp0rWXnNlFLvqMd7cYEIRu1OacSU-XLSc9A7chlFcPr4UGj_FgZ8WzQdYZJ0OKtXUoYKWc7n5OIFA5dMMfadkhh-mSSbch4YM6P-oit8rvS_HSetiiM",
      "dp": "3LRKRPwzljCFowPgxknplm22dJmy412VS9gXzcu5eRXCTxNiWA5N9ZoH4fFssddGehAv6BJdHGh0FBwv9OJ8CjtrWnI34a6izCCgVjBCsB2tXNGu0lazmI5AHogOg13BL2705UDrMEgz9dEYf9NtGWOe_m2Px9PCo49G8PSiieE",
      "alg": "RSA-OAEP",
      "dq": "BEGywfC7EL72cV3lhNOt1lPAwN_C9uamMQ0vXR2U2aZ4xn0EG6UCz5CEZRVfSNRs2FFjO0ne1VZtdoeo3THdlRi0oJzmv2MlnJmD9ljKU_XxSEJMpM7VKYfuJsX9TnnBP3SgNkkftM5SSbX1hHpMqu0Q0C_7eUgWMxmq0e4Wdxc",
      "n": "pT20wrVWn9lCRBgFROOnJ9t3_kgQYRpGNb3ZyXm1pIKSBmAe8Qc-azly1i0SFzZAUmNxfaLkpPrOMrXLpF6vyhoZY8l8146w_Ud9P-4U5STS87_KnAAuZD4Pqp4f0enCkOA6aa6r4halKlynRPjazYxmFdqHW4048Acmh0_A4vHF0579WVrdUSCgS2MJe_J1JlK2XVXCfBq9QWW4uQzJ2vkswaGLKp0TGC4TIF2sM5t5v9q4CI7wHhEGMECwmwbxa49IZJojzzjCS--tOqjI2gVVyT1k3snHOgNc_reCg4mrIPIzhdYUYjFB_CsZDfE1xvCFr8nvNYgRizPts0Zubw"
    },
    {
      "kty": "EC",
      "d": "6igpFIWR_9Dw4UDK1E_I0YqkQE0No9NH7AiRqX-_RLU",
      "use": "enc",
      "crv": "P-256",
      "x": "Xyib9VK9wh-dOkYLs6aH1pe6fktW_wVuz4Z705iwIwQ",
      "y": "cdquPGbniNpZEymFXdbZ7y2ioPpCcJsBIdAKfYY5z3c",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "4UllJjGyPmwpWy64UHlmOMFMkrnHdFeDvAp1cEoDLd9P5ZMCKalJ2hqr6UHgla6xRTvE77upuWL5FZDBY0XJzY8qeX0dV3OjrNFsLtSdBoiEEcpO9nhBlyr-1z6pFvOJN18ZrdzeTJ8FfEZYVJpBlrPNGpVNVche1HK_QmzDRXD6IDFNzdIOu0qw4eBcOTfW0DL776mZAPpbIPRQfIaQM5DZSwTJnREYkRE3Pxi9ule7ciDqYdz2eKrnB26RrMxN1wDC1I3Z_mYaoRNr2RosT20OfpAbg4K0tDJFmSewkhtXVBilAS8KuBt5uQugwXdX7qJn2EHEnL1ViF_z1Yg8Pw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "KaXRgmJjKleex5S_xcp_DhNR2uAWecFsfPGQwj3YcGs",
      "y": "a3zqNExGv82NKZHz1f1vOojruf-ZeK8VdV-_OkqfokQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "nq1nVSa0eRPShfg5NojiONWIGutUTEvYq7kp2A04BgI",
      "y": "yhJ1tU0KPEs2k7l7Oib_-QcARedMf1qgIA6TlE46FfU"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "TIHXfasCj48IHHwP5LK-h9PMHS4G1-ifSoYCP1NY6zM"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "pT20wrVWn9lCRBgFROOnJ9t3_kgQYRpGNb3ZyXm1pIKSBmAe8Qc-azly1i0SFzZAUmNxfaLkpPrOMrXLpF6vyhoZY8l8146w_Ud9P-4U5STS87_KnAAuZD4Pqp4f0enCkOA6aa6r4halKlynRPjazYxmFdqHW4048Acmh0_A4vHF0579WVrdUSCgS2MJe_J1JlK2XVXCfBq9QWW4uQzJ2vkswaGLKp0TGC4TIF2sM5t5v9q4CI7wHhEGMECwmwbxa49IZJojzzjCS--tOqjI2gVVyT1k3snHOgNc_reCg4mrIPIzhdYUYjFB_CsZDfE1xvCFr8nvNYgRizPts0Zubw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "x": "Xyib9VK9wh-dOkYLs6aH1pe6fktW_wVuz4Z705iwIwQ",
      "y": "cdquPGbniNpZEymFXdbZ7y2ioPpCcJsBIdAKfYY5z3c",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:52:29 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:52:29 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:52:29 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:52:29
oidcc-client-test-kid-absent-single-jwks
Setup Done
2020-09-01 12:52:30 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance Qp2Aqe7ccJMyyXQ
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:52:30 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance Qp2Aqe7ccJMyyXQ
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/",
  "authorization_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/token",
  "jwks_uri": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:52:31 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance Qp2Aqe7ccJMyyXQ
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "178",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:52:31 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:52:31 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:52:31 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code token"
]
2020-09-01 12:52:31 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:52:31 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:52:31 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:52:31 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:52:31 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:52:31 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:52:31 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:52:31 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:52:31 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:52:31 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:52:31 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:52:31 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:52:31 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:52:31 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:52:31 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:52:31 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:52:31 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:52:31 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:52:31 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:52:31 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_lmgvYvAfVpnDpXe15952\u0027.+_@"
}
2020-09-01 12:52:31
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_LmaqsxkqIyqjoJvJUoJPzhBENSlqxpRzlgoqBMHueREleETplE8159840448%<--:
2020-09-01 12:52:31 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:52:31 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_lmgvYvAfVpnDpXe15952\u0027.+_@",
  "client_secret": "secret_LmaqsxkqIyqjoJvJUoJPzhBENSlqxpRzlgoqBMHueREleETplE8159840448%\u003c--:"
}
2020-09-01 12:52:31 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:52:31
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2020-09-01 12:52:31
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:52:31 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance Qp2Aqe7ccJMyyXQ
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_lmgvYvAfVpnDpXe15952\u0027.+_@",
  "client_secret": "secret_LmaqsxkqIyqjoJvJUoJPzhBENSlqxpRzlgoqBMHueREleETplE8159840448%\u003c--:",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:52:31 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance Qp2Aqe7ccJMyyXQ
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_lmgvYvAfVpnDpXe15952\u0027.+_@",
  "scope": "openid",
  "response_type": "code token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "OhoXkU8NhqIHV3sPg0TyWFNH4eL_UgOEflxjCa7-pXA",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:52:31 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:52:31 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:52:31 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_lmgvYvAfVpnDpXe15952\u0027.+_@",
  "scope": "openid",
  "response_type": "code token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "OhoXkU8NhqIHV3sPg0TyWFNH4eL_UgOEflxjCa7-pXA",
  "response_mode": "form_post"
}
2020-09-01 12:52:31 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:52:31 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2020-09-01 12:52:31 SUCCESS
EnsureResponseTypeIsCodeToken
Response type is expected value
expected
code token
2020-09-01 12:52:31 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_lmgvYvAfVpnDpXe15952'.+_@
2020-09-01 12:52:31 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:52:31 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:52:31 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:52:31 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
e07QyQF8kH
2020-09-01 12:52:31 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
KQ4z3Wg3BZQ1yRLLfGbSjA
2020-09-01 12:52:31 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
3cZWw8tRcSkCvQcILR7eMdYuScWInLF8yvinrZH4AQ5SflCbBH
2020-09-01 12:52:31 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
5cvfgRbPYX_tKX7XACdm9g
2020-09-01 12:52:31 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "OhoXkU8NhqIHV3sPg0TyWFNH4eL_UgOEflxjCa7-pXA"
}
2020-09-01 12:52:31 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "OhoXkU8NhqIHV3sPg0TyWFNH4eL_UgOEflxjCa7-pXA",
  "code": "e07QyQF8kH"
}
2020-09-01 12:52:31
AddTokenToAuthorizationEndpointResponseParams
Added token and token_type to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "OhoXkU8NhqIHV3sPg0TyWFNH4eL_UgOEflxjCa7-pXA",
  "code": "e07QyQF8kH",
  "access_token": "3cZWw8tRcSkCvQcILR7eMdYuScWInLF8yvinrZH4AQ5SflCbBH",
  "token_type": "Bearer"
}
2020-09-01 12:52:31 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance Qp2Aqe7ccJMyyXQ
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"OhoXkU8NhqIHV3sPg0TyWFNH4eL_UgOEflxjCa7-pXA","code":"e07QyQF8kH","access_token":"3cZWw8tRcSkCvQcILR7eMdYuScWInLF8yvinrZH4AQ5SflCbBH","token_type":"Bearer"}}]
outgoing_path
authorize
2020-09-01 12:52:31 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance Qp2Aqe7ccJMyyXQ
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X2xtZ3ZZdkFmVnBuRHBYZTE1OTUyJy4lMkJfJTQwOnNlY3JldF9MbWFxc3hrcUl5cWpvSnZKVW9KUHpoQkVOU2xxeHBSemxnb3FCTUh1ZVJFbGVFVHBsRTgxNTk4NDA0NDglMjUlM0MtLSUzQQ\u003d\u003d",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "e07QyQF8kH",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=e07QyQF8kH&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:52:31 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_lmgvYvAfVpnDpXe15952'.+_@
client_secret
secret_LmaqsxkqIyqjoJvJUoJPzhBENSlqxpRzlgoqBMHueREleETplE8159840448%<--:
method
client_secret_basic
2020-09-01 12:52:31 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:52:31 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
e07QyQF8kH
2020-09-01 12:52:31 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:52:31 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
cVEhNwXA6QLHipsLaYWQrNVr0E7HVS4Tb6XDks91oY0nyTSsgB
2020-09-01 12:52:31 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
9U8NZiUJ2yLOUxosgghyLA
2020-09-01 12:52:31 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/
sub
user-subject-1234531
aud
client_lmgvYvAfVpnDpXe15952'.+_@
iat
1598964751
exp
1598965051
2020-09-01 12:52:31 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
9U8NZiUJ2yLOUxosgghyLA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/Qp2Aqe7ccJMyyXQ/",
  "sub": "user-subject-1234531",
  "aud": "client_lmgvYvAfVpnDpXe15952\u0027.+_@",
  "iat": 1598964751,
  "exp": 1598965051,
  "at_hash": "9U8NZiUJ2yLOUxosgghyLA"
}
2020-09-01 12:52:31 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOVU4TlppVUoyeUxPVXhvc2dnaHlMQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2xtZ3ZZdkFmVnBuRHBYZTE1OTUyJy4rX0AiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvUXAyQXFlN2NjSk15eVhRXC8iLCJleHAiOjE1OTg5NjUwNTEsImlhdCI6MTU5ODk2NDc1MX0.3hy4VMzUMz8x4rvdh5q-kg_glWQH_BNzM4WBipreNmmeknmRjyhdoV33w_2YHVpWc0kzTyVfz2nuP0vrgcx9XI8Tcxst8pEW2pHlmCQ-UXXGId1YY64tYJcZJBhVbAzPIJt7amDUZfDLZF_7twMSsxUxVccIKGXRM9BxVr_yiAoPAu-SwgKinhkdKYcWpkQkix9XV_PKzDxB1rYEMXUPSILInsZnEpgv52p9fGMJ_eM8Led1D48qh9nr9BF0Z-jaYWLuk7nkckaOXki-8f1-_R2mP2t1Ph3114_SpMSWIKJ5gQgjyk-aWIRYvUc9a0JtwsUi2bc1bIxX1NPc0G2bnw
key
{"p":"-RBFHhH7ql88KI19Dcrzr0L7Fd3tnZRBT_5aG3gfI_1D9vF0elSw-wNpzi3J6et_zbGWvndJv7IrfskqLNCv_28jVS9N5kZ4twCVLNtXI7WydEvePTzlbcnOmc1K1QidXdYVOl9bOZ07Wasdyh2peCTAh45wMGg6C-jCy-IzhUM","kty":"RSA","q":"54-a49Z6czfZNPaoYQGQ0PBHjHwXTPPcCIkiXtRoW4ciWast8OYVteikKbiiR2H58syDPMd-YhyZjXrCp65kiyayCkjYtFOUj4M08bw1i8d3vOnP1xjMuxDMUn7Xg46o61A6ldhjOOUf4B38-Kb47fdKf4kzumkfOvYQ8-4Av1U","d":"nuIwX_t0hemqURBmFPtJSIWrB1_WdwqxcZC-um64R0XTB0nioJcv6o4c5-j6BxapFvbMMXbcgE549OieOvEhHcP2ZLAEXYTEzkD0VyLDi7QD0LgpcFHnkEFWcV9TyUgAYfjEF4ZJkSglqjvCWAhicXJlGHZrkDA8EQDMOoCSRwnPpluvdxacvriNDvGiOKNSVmR8CbmXAs574thNSpRMo_0PYE0n25I1_n6H0nX-o1j6f9fUF529TgU5f-CkFvYe0ntTG_wFDTRIhE8KGU071t4pShl-jqUhvFetN1Cpd9GCqm-VAmxSLLZlYUcyh_l2gtsX9UBeNb9fR9wFZCyP4Q","e":"AQAB","use":"sig","qi":"MnN2-z8SLl9pN3Efk74GyQsY-GBInI-_aQ9btVcyyW6D4iCxA5aNBdcOOk6_f_6CA-JMMaYInFIVdSZTE_nvqZjBO3uofl5bkC9WCBbkqGfpbvZn59NKWJhw2VQC58BpTq9JOrSYjUGz9LCDqsyEVzdYA4I3Rdc0K5unX8o7f_w","dp":"pEr-PPLB30YJKfsDVfjdvGvjsy39E2h7mOgAyoP3jsb_cUMfgZ6iTEKZJd-AhOTLHoWaGbQYmvJNzMmoH33dyxKl7QhSS6eK87TXsopRtgWiXSK6zAyCj2SC-2O3jEWtgPu6bxH93EiCoQjGks_0PYOI2SK1kMkAGWEGNnXVZH8","dq":"M6nopvjNbTOCtLxrqOkOhG93pzJwiGzIJOdj0cCWYAVwdo0ovNy471MufViCbGbBu5hBl6fy3LUA1X4UPBE-wYUqp_zEzMbxGGvvvhd94ufoITARfS49T2daDvXZ47JKoeXOjGwxBxqn1_sY2-l1FLLd3kKgVfDqVN9dvO7XH9k","n":"4UllJjGyPmwpWy64UHlmOMFMkrnHdFeDvAp1cEoDLd9P5ZMCKalJ2hqr6UHgla6xRTvE77upuWL5FZDBY0XJzY8qeX0dV3OjrNFsLtSdBoiEEcpO9nhBlyr-1z6pFvOJN18ZrdzeTJ8FfEZYVJpBlrPNGpVNVche1HK_QmzDRXD6IDFNzdIOu0qw4eBcOTfW0DL776mZAPpbIPRQfIaQM5DZSwTJnREYkRE3Pxi9ule7ciDqYdz2eKrnB26RrMxN1wDC1I3Z_mYaoRNr2RosT20OfpAbg4K0tDJFmSewkhtXVBilAS8KuBt5uQugwXdX7qJn2EHEnL1ViF_z1Yg8Pw"}
algorithm
RS256
2020-09-01 12:52:31 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:52:31 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
cVEhNwXA6QLHipsLaYWQrNVr0E7HVS4Tb6XDks91oY0nyTSsgB
token_type
Bearer
id_token
eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOVU4TlppVUoyeUxPVXhvc2dnaHlMQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2xtZ3ZZdkFmVnBuRHBYZTE1OTUyJy4rX0AiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvUXAyQXFlN2NjSk15eVhRXC8iLCJleHAiOjE1OTg5NjUwNTEsImlhdCI6MTU5ODk2NDc1MX0.3hy4VMzUMz8x4rvdh5q-kg_glWQH_BNzM4WBipreNmmeknmRjyhdoV33w_2YHVpWc0kzTyVfz2nuP0vrgcx9XI8Tcxst8pEW2pHlmCQ-UXXGId1YY64tYJcZJBhVbAzPIJt7amDUZfDLZF_7twMSsxUxVccIKGXRM9BxVr_yiAoPAu-SwgKinhkdKYcWpkQkix9XV_PKzDxB1rYEMXUPSILInsZnEpgv52p9fGMJ_eM8Led1D48qh9nr9BF0Z-jaYWLuk7nkckaOXki-8f1-_R2mP2t1Ph3114_SpMSWIKJ5gQgjyk-aWIRYvUc9a0JtwsUi2bc1bIxX1NPc0G2bnw
scope
openid
2020-09-01 12:52:31 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance Qp2Aqe7ccJMyyXQ
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "cVEhNwXA6QLHipsLaYWQrNVr0E7HVS4Tb6XDks91oY0nyTSsgB",
  "token_type": "Bearer",
  "id_token": "eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOVU4TlppVUoyeUxPVXhvc2dnaHlMQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2xtZ3ZZdkFmVnBuRHBYZTE1OTUyJy4rX0AiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvUXAyQXFlN2NjSk15eVhRXC8iLCJleHAiOjE1OTg5NjUwNTEsImlhdCI6MTU5ODk2NDc1MX0.3hy4VMzUMz8x4rvdh5q-kg_glWQH_BNzM4WBipreNmmeknmRjyhdoV33w_2YHVpWc0kzTyVfz2nuP0vrgcx9XI8Tcxst8pEW2pHlmCQ-UXXGId1YY64tYJcZJBhVbAzPIJt7amDUZfDLZF_7twMSsxUxVccIKGXRM9BxVr_yiAoPAu-SwgKinhkdKYcWpkQkix9XV_PKzDxB1rYEMXUPSILInsZnEpgv52p9fGMJ_eM8Led1D48qh9nr9BF0Z-jaYWLuk7nkckaOXki-8f1-_R2mP2t1Ph3114_SpMSWIKJ5gQgjyk-aWIRYvUc9a0JtwsUi2bc1bIxX1NPc0G2bnw",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:52:32 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance Qp2Aqe7ccJMyyXQ
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:52:32 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance Qp2Aqe7ccJMyyXQ
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "4UllJjGyPmwpWy64UHlmOMFMkrnHdFeDvAp1cEoDLd9P5ZMCKalJ2hqr6UHgla6xRTvE77upuWL5FZDBY0XJzY8qeX0dV3OjrNFsLtSdBoiEEcpO9nhBlyr-1z6pFvOJN18ZrdzeTJ8FfEZYVJpBlrPNGpVNVche1HK_QmzDRXD6IDFNzdIOu0qw4eBcOTfW0DL776mZAPpbIPRQfIaQM5DZSwTJnREYkRE3Pxi9ule7ciDqYdz2eKrnB26RrMxN1wDC1I3Z_mYaoRNr2RosT20OfpAbg4K0tDJFmSewkhtXVBilAS8KuBt5uQugwXdX7qJn2EHEnL1ViF_z1Yg8Pw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "KaXRgmJjKleex5S_xcp_DhNR2uAWecFsfPGQwj3YcGs",
      "y": "a3zqNExGv82NKZHz1f1vOojruf-ZeK8VdV-_OkqfokQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "nq1nVSa0eRPShfg5NojiONWIGutUTEvYq7kp2A04BgI",
      "y": "yhJ1tU0KPEs2k7l7Oib_-QcARedMf1qgIA6TlE46FfU"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "TIHXfasCj48IHHwP5LK-h9PMHS4G1-ifSoYCP1NY6zM"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "pT20wrVWn9lCRBgFROOnJ9t3_kgQYRpGNb3ZyXm1pIKSBmAe8Qc-azly1i0SFzZAUmNxfaLkpPrOMrXLpF6vyhoZY8l8146w_Ud9P-4U5STS87_KnAAuZD4Pqp4f0enCkOA6aa6r4halKlynRPjazYxmFdqHW4048Acmh0_A4vHF0579WVrdUSCgS2MJe_J1JlK2XVXCfBq9QWW4uQzJ2vkswaGLKp0TGC4TIF2sM5t5v9q4CI7wHhEGMECwmwbxa49IZJojzzjCS--tOqjI2gVVyT1k3snHOgNc_reCg4mrIPIzhdYUYjFB_CsZDfE1xvCFr8nvNYgRizPts0Zubw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "x": "Xyib9VK9wh-dOkYLs6aH1pe6fktW_wVuz4Z705iwIwQ",
      "y": "cdquPGbniNpZEymFXdbZ7y2ioPpCcJsBIdAKfYY5z3c",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:52:32 INCOMING
oidcc-client-test-kid-absent-single-jwks
Incoming HTTP request to test instance Qp2Aqe7ccJMyyXQ
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer cVEhNwXA6QLHipsLaYWQrNVr0E7HVS4Tb6XDks91oY0nyTSsgB",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:52:32 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
cVEhNwXA6QLHipsLaYWQrNVr0E7HVS4Tb6XDks91oY0nyTSsgB
2020-09-01 12:52:32 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
cVEhNwXA6QLHipsLaYWQrNVr0E7HVS4Tb6XDks91oY0nyTSsgB
2020-09-01 12:52:32 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:52:32
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:52:32 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:52:32 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:52:32 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:52:32 OUTGOING
oidcc-client-test-kid-absent-single-jwks
Response to HTTP request to test instance Qp2Aqe7ccJMyyXQ
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531"
}
outgoing_path
userinfo
2020-09-01 12:52:32 FINISHED
oidcc-client-test-kid-absent-single-jwks
Test has run to completion
testmodule_result
PASSED
Test Results