Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:50:47 INFO
TEST-RUNNER
Test instance SIQk2AXSsJ8SE7F created
baseUrl
https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "id_token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
2AWaC6uTX8byR
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-idtoken-sig-rs256
2020-09-01 12:50:47 SUCCESS
OIDCCGenerateServerConfigurationIdTokenSigningAlgRS256Only
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/",
  "authorization_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/token",
  "jwks_uri": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:50:47
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/",
  "authorization_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/token",
  "jwks_uri": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:50:47
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "7Ppx6TkW6yamWasqOgqrzYMMZfvh9KbT27oFXrWTkijzJVDSohD6fZO58tdcsvC9XBzICcnVVnWIp9xP8SR9RzYK9q4n-wNl0heD1ugQh1Jy6iH8FP99YpNpUId-ULW1phCNj_5Oc-kJLD8fw-GVAw-t132g_B54bEnTzNnf7sE",
      "kty": "RSA",
      "q": "jWVp-dcUOLxg9gpVvi0Q4Al1O0e-mNG2bmasasfnzIWXKVJOcrzG6NlO4NZVRkjcFEaMdGyHqfduxLdWjHC3N136fpYkIk6VH423tw_GcGmub6mRG8QWXV26swuKWaBe2n6CxxU6wkpFDygghRbDFeswMov34oFj8_BnT2KPcZs",
      "d": "cwtQ42K4Xi67Kx1guKkkBVhoAlgu9eVCgDLtUsYDSBfJWSCvueL9ktjMaTqQGo7P7ogC7lp-onsNjtu0U--8Dx8DzFez2C0FiRec3w5gERP-OLZcECwWmV7cvOsS0nw05CoZQBppfjpcSHgaSriLzjRvKwEy09uqFK8x0LidlOmR36axXvDLg4d-BaUopa6EDQB6Xgg09vcQ1efFEHk1lP5YyuEtyd_4JHMYMvGn9wBBK90fnIA37qytcXlPtTeRTRH0lxJV4_CWNTOqA11OUXFpBfcLC0LEPehwAseE9_SxBt6u3QCogQVN8Le19wBcKTW6l5JEtOssvMBEYHeegQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "1785177b-9199-4588-b759-3c84edd82c4b",
      "qi": "MuOQrtZDJrRmkqYz_KecVQl5MTykcEI0U4rclSr5f8JMscJHoIITWKjw78dH4tMPhvvMTQ_pjJjBkvRiRyUiPDDfcxY2L7oSPzBaK_gjQy7KAcEr7Z4IfBClAzqRtfnVaWr9t4f59EPax_rWHGX0iSwDLekTj0qaWjmLST79QyE",
      "dp": "bRmwL8tUvdYBZ-7hde9LwUXAA4O_Nz9G8jXmGwBFfFjV-CwJjQt8Byxnw2FbEBa9Vxb5EWiWi0N5Mq6_Lym5c3tx-LedOHcL_XlN_TbBxUs0FI6o25H0S9nJ9oUqpkXB5z5frhdKTxrOWkyFd0z3qX0ib78qymfM0S38EKeN7QE",
      "dq": "YrkSO0y-Y7azhFZG85eHlsVDwvYez5hs5bxuWcflwljr5__9ogLIZr-DYVyFAaPRdZ6kZo14U2XdQyA3H6t7YP8O7N9rr0BqwjMyuHAdP1OqZXBhTp-kdeABgQ1ntZhRYgC-0r2x3wH4IdMEkagI4f7qEgDEPLPW0_VgTH8mZE0",
      "n": "guPRpmTfp5LtX6V2NjgCTeQkC8BYzfs6iozclS4uGIlr5W7CDf5abhyJlYVfT6YYguiSeVec-DCsVlkIIHqEnn6KKvARfev21idpPxLII2TbuZszJpuIeZUXKq1L5peyLLIGEBPhsXzl4pJ3hHanaG-FMexovvPGERkd0NuSd0INLl3CovUIrkjf9blYfxbvK4JjGKm-ROKfMbtZ03FuzmnxhwvOKuseNZXITAq4OPArKTkopXDx3IqKm2L6tSItfe9J8LXR6XxPqW1qRtrUDRpF8Kbwtx-lnhBG38CQ14eUn10pYATNl1Jeky48VXuiXKuvdhj4ihw_IGs_Ase_2w"
    },
    {
      "kty": "EC",
      "d": "VNU7hWWfB73h_izJSocxOF1KHObd-n5laq2i-AdRilY",
      "use": "sig",
      "crv": "P-256",
      "kid": "1afd820f-4933-42e4-90ef-b24e7a9e57c6",
      "x": "7dWw4ZTVdgtkzRByOAeQkv9dcQcCILnF1lt5QcSJGDk",
      "y": "TjRSCR4xnESKrEAFhfmz7Mr1myk46saSjFvDoVDeU4Y"
    },
    {
      "kty": "EC",
      "d": "vUm0pRdJXA04x8FzmSfeJrqxLqtd7rGRZXUZwBJdYDo",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "6fea95f9-b9e1-4d85-988d-61c9dd5e189e",
      "x": "Vqr0a-EfW6lgXZEK97U32yOCF40TeqQJpwumDhYGH2g",
      "y": "KqhDCoD2n947JEtq1d-SXww_gfpDBOmcdd4fRlIZP-8"
    },
    {
      "kty": "OKP",
      "d": "uJoHJf6ax9X9061n-F61XCF0NEfk_WiVNzwPeGfQq20",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "a2070041-e20a-4f0c-bf37-c147ef4a6f53",
      "x": "zVC3d-jhzFa0e88l92nbqJg0dSaTQYIlKyQn87ARJN8"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "yHWe92DfBnKcdNbceHn_8Nsd5kqqxtcve2mpB-iG-OTqf5xjxlawJWfYbrTlBR0z4zL_u3cRARGSWZ5IeThXGyXmGowl2O1yPpk0A4m7_UmPmpvqACpwIVcPz7gy3AKwG_0qB4f4EGXmTEXczFl8UO9ysKyUuYCPYUnpO08yAsk",
      "kty": "RSA",
      "q": "pfBztj4kYNbmGm1l-A1aHrkegeZhKLpLvT63pt58fxp2HWWS6j3W_fL2hwtxXBHrv3dkxXY8F0qpY--u0iTRvGpuAO2pr2ZT-ixUcO_wtGiU8iQPB1aODS7eunRz8ifB8OV-zjlNoDd9qIagz7w_hXsxvt1YdwCCqdZmlxAaw40",
      "d": "ekrvjJ04JG3V4O4UU3x_6jjcNzDBdY2xljtRlfl1Scs3aJSXQbkAWja95RZ1bxJ9kI8L-ckJ83z3VGfU8IZV7VdQvob2vwI9NGK9JjVtzRafqQu6yqQED9mA-MgtAv3HqyRS6aT55Wv2UY1ytZS53LSUzaT0DeePytDwlF-tJlNFazJ4W2zb8K1j9FNVQwhcpo4pFSQMQ9NUsIRNFkERQVTP-hHB_k2GESRhkcvHgGi6xcQ4wGm471ehZ6EOknmG0-akvN_JDWm8al4G1URF7prR3-n8msiPhHpwLIpxSkCcruHzACRGphnGCO5ADSp5xG9O02XP_EL3Bi3y81BnYQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "c03dac1f-fab6-4acb-a752-1922ba0d67ac",
      "qi": "B4Cy2iWobOXkVdx8gmtwHKTfbPCxeT-9-kSZBVwk-YwMINvWaK8YiwULkUxeLpm6-fnF1IgUkTHqvUjUEGat1Bq2SsV3g2T8Pm-3YT9i0MVMrDWArtJ9QtAKZow6kkihEWyFibXVwj4R3da2pGhsL72bndayGhZoqp02UeJfCPY",
      "dp": "k0JU1UXEkOgBJ5PvwlFdQ4K0JEkVy5yotPCZy8V14cHIwpYQddOY8uGmjS02UNtzEqSUWRLO2wodiNhORT6uPrNIppft9b34_yNsomy8PQWdCOcgr559YQCkDOQz-IvA88624XFxOhqhY8auvS-_s3Uzu7YMS3m12rKBM6CqDIE",
      "alg": "RSA-OAEP",
      "dq": "doMywRfEt30DviAf0XcHxCWGSlQVVBcpfLFMTNtdoxFtBjXDJZSg9aIOvAhKH-2Up5xH1ldJN4FVVVCbVO6C9MQ2aGdU5zZ4B5adgEN9b_u5VO635Q_GSFgPLq95F5uZgckGNZbrf9_h2Pi95V-XJmgD8UL4qZUtvMqpXn5b_wk",
      "n": "gfAYVgQLrX-fG7ZC2kWy-MkjSnuTiPrhBn2l5oVdjx6wVR26gdmeFtCoMIcdJW6ZFlPU7CUFNf8GHoS6BZVagZJp3g6SuW9gYxPqcEMWPntPo_Ef1LK-U--EoHVuIIaVSxFpPcDN5v9bCWZP8NLnW1bi5O8vfxZfnCDNWZhwBNrgktrsmUMCeOrGOZG_YiibkS0k_4IWKHZhRMSydPpHGoAds859SBrUxij47EZdURMfbJOjN0eUqzWSaZCbOlR0n96aruRjTn5_i2AgYrHAB-Jz5oIvZX0tL9kzf2aAsHPp4QGR2_KqKZrO7e-Hib5OiFSSJcr0W2nv-IjNjxSjtQ"
    },
    {
      "kty": "EC",
      "d": "6rpJIcBcWHzrg0cRCHOEowjSLuGeqgCB9a2c2CxAAso",
      "use": "enc",
      "crv": "P-256",
      "kid": "835d6c59-a080-4b51-83c8-503d9ae8656f",
      "x": "HSOcY6M-fevotk3JxP2BxClATe7hq1RvDeKbpa1ijQI",
      "y": "zG_a8qQMxXEM_R9gnL3RvbNN-HDih7A-H123aU_Utoo",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "1785177b-9199-4588-b759-3c84edd82c4b",
      "n": "guPRpmTfp5LtX6V2NjgCTeQkC8BYzfs6iozclS4uGIlr5W7CDf5abhyJlYVfT6YYguiSeVec-DCsVlkIIHqEnn6KKvARfev21idpPxLII2TbuZszJpuIeZUXKq1L5peyLLIGEBPhsXzl4pJ3hHanaG-FMexovvPGERkd0NuSd0INLl3CovUIrkjf9blYfxbvK4JjGKm-ROKfMbtZ03FuzmnxhwvOKuseNZXITAq4OPArKTkopXDx3IqKm2L6tSItfe9J8LXR6XxPqW1qRtrUDRpF8Kbwtx-lnhBG38CQ14eUn10pYATNl1Jeky48VXuiXKuvdhj4ihw_IGs_Ase_2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "3ab035c4-e4b3-42e9-ab6f-09c772f52c24",
      "n": "omPisSDYWOOZLuYgRFimFMtp6qdPzSgVHRspyghqRBcYFpDDRmKJN4oVbs7vh6DOjrxzAPiPd-aJKYMhNga_G84UIygfHmPGJxXBInuPsxGOSsrlKU_0dhmwb4om-8ZlFQBs0SCQpYgi5IQrFY09rDrZbESpE9WixPnsW7EbZmPTRLlhSY-3bd3MAQxGOgtRqfMhykgnmgU8TwGV6aNuFYAOPfPGiQUjISFXbkwN3yS6JPVqqaEeyhCRymEQtmP5YZ-s3SfWyav1O5pZDbVBeeXk-bilzao_qot8pZ1_hD5IMzq9dTUSj5BRCNqG2qui0DItlyg39L5pH2Nw50fLLQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "1afd820f-4933-42e4-90ef-b24e7a9e57c6",
      "x": "7dWw4ZTVdgtkzRByOAeQkv9dcQcCILnF1lt5QcSJGDk",
      "y": "TjRSCR4xnESKrEAFhfmz7Mr1myk46saSjFvDoVDeU4Y"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "afb8cf3e-9f4c-4d6c-a133-ff255037a152",
      "x": "9HEH6KYxeRRPqGQ0yk_-2ses3Xm5zIgHv7NnPvqQkxM",
      "y": "3AOWjjF8CwwVXJ2iMnn6sA1PiuuS6wYpEMSoq5uiRew"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "6fea95f9-b9e1-4d85-988d-61c9dd5e189e",
      "x": "Vqr0a-EfW6lgXZEK97U32yOCF40TeqQJpwumDhYGH2g",
      "y": "KqhDCoD2n947JEtq1d-SXww_gfpDBOmcdd4fRlIZP-8"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "a2070041-e20a-4f0c-bf37-c147ef4a6f53",
      "x": "zVC3d-jhzFa0e88l92nbqJg0dSaTQYIlKyQn87ARJN8"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "c03dac1f-fab6-4acb-a752-1922ba0d67ac",
      "alg": "RSA-OAEP",
      "n": "gfAYVgQLrX-fG7ZC2kWy-MkjSnuTiPrhBn2l5oVdjx6wVR26gdmeFtCoMIcdJW6ZFlPU7CUFNf8GHoS6BZVagZJp3g6SuW9gYxPqcEMWPntPo_Ef1LK-U--EoHVuIIaVSxFpPcDN5v9bCWZP8NLnW1bi5O8vfxZfnCDNWZhwBNrgktrsmUMCeOrGOZG_YiibkS0k_4IWKHZhRMSydPpHGoAds859SBrUxij47EZdURMfbJOjN0eUqzWSaZCbOlR0n96aruRjTn5_i2AgYrHAB-Jz5oIvZX0tL9kzf2aAsHPp4QGR2_KqKZrO7e-Hib5OiFSSJcr0W2nv-IjNjxSjtQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "835d6c59-a080-4b51-83c8-503d9ae8656f",
      "x": "HSOcY6M-fevotk3JxP2BxClATe7hq1RvDeKbpa1ijQI",
      "y": "zG_a8qQMxXEM_R9gnL3RvbNN-HDih7A-H123aU_Utoo",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:50:47 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:50:48 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:50:48 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:50:48 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:50:48
oidcc-client-test-idtoken-sig-rs256
Setup Done
2020-09-01 12:50:50 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance SIQk2AXSsJ8SE7F
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:50:50 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance SIQk2AXSsJ8SE7F
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/",
  "authorization_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/token",
  "jwks_uri": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:50:50 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance SIQk2AXSsJ8SE7F
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "194",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["id_token"],"grant_types":["implicit"],"redirect_uris":["https://rp.example.com/cb"],"id_token_signed_response_alg":"RS256"}
Registration endpoint
2020-09-01 12:50:50 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
2020-09-01 12:50:50 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:50:50 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "implicit"
]
response_types
[
  "id_token"
]
2020-09-01 12:50:50 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:50:50 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:50:50 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:50:50 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:50:50 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:50:50 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:50:50 SUCCESS
ValidateIdTokenSignedResponseAlg
id_token_signed_response_alg is one of the known algorithms
alg
RS256
2020-09-01 12:50:50 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:50:50 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:50:50 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:50:50 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:50:50 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:50:50 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:50:50 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:50:50 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:50:50 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:50:50 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:50:50 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:50:50 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:50:50 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_KozEksnSHjroGIO27895#[.]("
}
2020-09-01 12:50:50
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_cnoTQuvEZWxNcDFipCxIkuPZbQsSprGULRlQyukaYAufUzsTJR4309855316-*{%?
2020-09-01 12:50:50 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:50:50
SetClientIdTokenSignedResponseAlgToRS256
Set id_token_signed_response_alg to RS256 for the registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_KozEksnSHjroGIO27895#[.](",
  "client_secret": "secret_cnoTQuvEZWxNcDFipCxIkuPZbQsSprGULRlQyukaYAufUzsTJR4309855316-*{%?"
}
2020-09-01 12:50:50 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_KozEksnSHjroGIO27895#[.](",
  "client_secret": "secret_cnoTQuvEZWxNcDFipCxIkuPZbQsSprGULRlQyukaYAufUzsTJR4309855316-*{%?"
}
2020-09-01 12:50:50 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:50:50
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2020-09-01 12:50:50
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:50:50 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance SIQk2AXSsJ8SE7F
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_KozEksnSHjroGIO27895#[.](",
  "client_secret": "secret_cnoTQuvEZWxNcDFipCxIkuPZbQsSprGULRlQyukaYAufUzsTJR4309855316-*{%?"
}
outgoing_path
register
2020-09-01 12:50:51 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance SIQk2AXSsJ8SE7F
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_KozEksnSHjroGIO27895#[.](",
  "scope": "openid",
  "response_type": "id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "29VinMkClslpGV2syKG2kQpCAYltVFDFVU7deUdjpB0",
  "nonce": "PVA7dxz8B7370E1yQ_5awP1odgcyDZbqOySTobfE4ZQ",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:50:51 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:50:51 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:50:51 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_KozEksnSHjroGIO27895#[.](",
  "scope": "openid",
  "response_type": "id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "29VinMkClslpGV2syKG2kQpCAYltVFDFVU7deUdjpB0",
  "nonce": "PVA7dxz8B7370E1yQ_5awP1odgcyDZbqOySTobfE4ZQ",
  "response_mode": "form_post"
}
2020-09-01 12:50:51 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:50:51 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
PVA7dxz8B7370E1yQ_5awP1odgcyDZbqOySTobfE4ZQ
2020-09-01 12:50:51 SUCCESS
EnsureResponseTypeIsIdToken
Response type is expected value
expected
id_token
2020-09-01 12:50:51 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_KozEksnSHjroGIO27895#[.](
2020-09-01 12:50:51 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:50:51 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:50:51 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:50:51 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/SIQk2AXSsJ8SE7F/
sub
user-subject-1234531
aud
client_KozEksnSHjroGIO27895#[.](
nonce
PVA7dxz8B7370E1yQ_5awP1odgcyDZbqOySTobfE4ZQ
iat
1598964651
exp
1598964951
2020-09-01 12:50:51 INFO
AddCHashToIdTokenClaims
Skipped evaluation due to missing required string: c_hash
expected
c_hash
2020-09-01 12:50:51 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-09-01 12:50:51 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIxNzg1MTc3Yi05MTk5LTQ1ODgtYjc1OS0zYzg0ZWRkODJjNGIiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9Lb3pFa3NuU0hqcm9HSU8yNzg5NSNbLl0oIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL1NJUWsyQVhTc0o4U0U3RlwvIiwiZXhwIjoxNTk4OTY0OTUxLCJub25jZSI6IlBWQTdkeHo4QjczNzBFMXlRXzVhd1Axb2RnY3lEWmJxT3lTVG9iZkU0WlEiLCJpYXQiOjE1OTg5NjQ2NTF9.btJD9MZXtCoTdSyZYbBS5tRtF6sm9rwQ7bPbPrD386SPTdPhuF0-l8szWZC8Rlky12at41qwzzhupa7YezMIKh38-S8SwuhStbigOTkaUKtk2noaktfzVj985qmNhvLA15ydX0kndTUE9URZYCFRn6FAA1e23pAriwt3PWdfXiXTtPG_-6w9Lj-fScxN1nUSsuowXozIfyk-fr1gUam7o-jB4b--ZlUerLe53QBdQHF-JP9cFd02CR0nM8sBJ8D0OvG00ZqdqrM6cMxKeWa-4rrlEDcn7fj7EEYptr7M0_mIvdnPEfQDBT1pB55KNw3eNnnMjaovvXfaiPzZ2SclSA
key
{"p":"7Ppx6TkW6yamWasqOgqrzYMMZfvh9KbT27oFXrWTkijzJVDSohD6fZO58tdcsvC9XBzICcnVVnWIp9xP8SR9RzYK9q4n-wNl0heD1ugQh1Jy6iH8FP99YpNpUId-ULW1phCNj_5Oc-kJLD8fw-GVAw-t132g_B54bEnTzNnf7sE","kty":"RSA","q":"jWVp-dcUOLxg9gpVvi0Q4Al1O0e-mNG2bmasasfnzIWXKVJOcrzG6NlO4NZVRkjcFEaMdGyHqfduxLdWjHC3N136fpYkIk6VH423tw_GcGmub6mRG8QWXV26swuKWaBe2n6CxxU6wkpFDygghRbDFeswMov34oFj8_BnT2KPcZs","d":"cwtQ42K4Xi67Kx1guKkkBVhoAlgu9eVCgDLtUsYDSBfJWSCvueL9ktjMaTqQGo7P7ogC7lp-onsNjtu0U--8Dx8DzFez2C0FiRec3w5gERP-OLZcECwWmV7cvOsS0nw05CoZQBppfjpcSHgaSriLzjRvKwEy09uqFK8x0LidlOmR36axXvDLg4d-BaUopa6EDQB6Xgg09vcQ1efFEHk1lP5YyuEtyd_4JHMYMvGn9wBBK90fnIA37qytcXlPtTeRTRH0lxJV4_CWNTOqA11OUXFpBfcLC0LEPehwAseE9_SxBt6u3QCogQVN8Le19wBcKTW6l5JEtOssvMBEYHeegQ","e":"AQAB","use":"sig","kid":"1785177b-9199-4588-b759-3c84edd82c4b","qi":"MuOQrtZDJrRmkqYz_KecVQl5MTykcEI0U4rclSr5f8JMscJHoIITWKjw78dH4tMPhvvMTQ_pjJjBkvRiRyUiPDDfcxY2L7oSPzBaK_gjQy7KAcEr7Z4IfBClAzqRtfnVaWr9t4f59EPax_rWHGX0iSwDLekTj0qaWjmLST79QyE","dp":"bRmwL8tUvdYBZ-7hde9LwUXAA4O_Nz9G8jXmGwBFfFjV-CwJjQt8Byxnw2FbEBa9Vxb5EWiWi0N5Mq6_Lym5c3tx-LedOHcL_XlN_TbBxUs0FI6o25H0S9nJ9oUqpkXB5z5frhdKTxrOWkyFd0z3qX0ib78qymfM0S38EKeN7QE","dq":"YrkSO0y-Y7azhFZG85eHlsVDwvYez5hs5bxuWcflwljr5__9ogLIZr-DYVyFAaPRdZ6kZo14U2XdQyA3H6t7YP8O7N9rr0BqwjMyuHAdP1OqZXBhTp-kdeABgQ1ntZhRYgC-0r2x3wH4IdMEkagI4f7qEgDEPLPW0_VgTH8mZE0","n":"guPRpmTfp5LtX6V2NjgCTeQkC8BYzfs6iozclS4uGIlr5W7CDf5abhyJlYVfT6YYguiSeVec-DCsVlkIIHqEnn6KKvARfev21idpPxLII2TbuZszJpuIeZUXKq1L5peyLLIGEBPhsXzl4pJ3hHanaG-FMexovvPGERkd0NuSd0INLl3CovUIrkjf9blYfxbvK4JjGKm-ROKfMbtZ03FuzmnxhwvOKuseNZXITAq4OPArKTkopXDx3IqKm2L6tSItfe9J8LXR6XxPqW1qRtrUDRpF8Kbwtx-lnhBG38CQ14eUn10pYATNl1Jeky48VXuiXKuvdhj4ihw_IGs_Ase_2w"}
algorithm
RS256
2020-09-01 12:50:51 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:50:51 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "29VinMkClslpGV2syKG2kQpCAYltVFDFVU7deUdjpB0"
}
2020-09-01 12:50:51 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "29VinMkClslpGV2syKG2kQpCAYltVFDFVU7deUdjpB0",
  "id_token": "eyJraWQiOiIxNzg1MTc3Yi05MTk5LTQ1ODgtYjc1OS0zYzg0ZWRkODJjNGIiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9Lb3pFa3NuU0hqcm9HSU8yNzg5NSNbLl0oIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL1NJUWsyQVhTc0o4U0U3RlwvIiwiZXhwIjoxNTk4OTY0OTUxLCJub25jZSI6IlBWQTdkeHo4QjczNzBFMXlRXzVhd1Axb2RnY3lEWmJxT3lTVG9iZkU0WlEiLCJpYXQiOjE1OTg5NjQ2NTF9.btJD9MZXtCoTdSyZYbBS5tRtF6sm9rwQ7bPbPrD386SPTdPhuF0-l8szWZC8Rlky12at41qwzzhupa7YezMIKh38-S8SwuhStbigOTkaUKtk2noaktfzVj985qmNhvLA15ydX0kndTUE9URZYCFRn6FAA1e23pAriwt3PWdfXiXTtPG_-6w9Lj-fScxN1nUSsuowXozIfyk-fr1gUam7o-jB4b--ZlUerLe53QBdQHF-JP9cFd02CR0nM8sBJ8D0OvG00ZqdqrM6cMxKeWa-4rrlEDcn7fj7EEYptr7M0_mIvdnPEfQDBT1pB55KNw3eNnnMjaovvXfaiPzZ2SclSA"
}
2020-09-01 12:50:51 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance SIQk2AXSsJ8SE7F
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"29VinMkClslpGV2syKG2kQpCAYltVFDFVU7deUdjpB0","id_token":"eyJraWQiOiIxNzg1MTc3Yi05MTk5LTQ1ODgtYjc1OS0zYzg0ZWRkODJjNGIiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9Lb3pFa3NuU0hqcm9HSU8yNzg5NSNbLl0oIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL1NJUWsyQVhTc0o4U0U3RlwvIiwiZXhwIjoxNTk4OTY0OTUxLCJub25jZSI6IlBWQTdkeHo4QjczNzBFMXlRXzVhd1Axb2RnY3lEWmJxT3lTVG9iZkU0WlEiLCJpYXQiOjE1OTg5NjQ2NTF9.btJD9MZXtCoTdSyZYbBS5tRtF6sm9rwQ7bPbPrD386SPTdPhuF0-l8szWZC8Rlky12at41qwzzhupa7YezMIKh38-S8SwuhStbigOTkaUKtk2noaktfzVj985qmNhvLA15ydX0kndTUE9URZYCFRn6FAA1e23pAriwt3PWdfXiXTtPG_-6w9Lj-fScxN1nUSsuowXozIfyk-fr1gUam7o-jB4b--ZlUerLe53QBdQHF-JP9cFd02CR0nM8sBJ8D0OvG00ZqdqrM6cMxKeWa-4rrlEDcn7fj7EEYptr7M0_mIvdnPEfQDBT1pB55KNw3eNnnMjaovvXfaiPzZ2SclSA"}}]
outgoing_path
authorize
2020-09-01 12:50:51 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance SIQk2AXSsJ8SE7F
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:50:51 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance SIQk2AXSsJ8SE7F
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "1785177b-9199-4588-b759-3c84edd82c4b",
      "n": "guPRpmTfp5LtX6V2NjgCTeQkC8BYzfs6iozclS4uGIlr5W7CDf5abhyJlYVfT6YYguiSeVec-DCsVlkIIHqEnn6KKvARfev21idpPxLII2TbuZszJpuIeZUXKq1L5peyLLIGEBPhsXzl4pJ3hHanaG-FMexovvPGERkd0NuSd0INLl3CovUIrkjf9blYfxbvK4JjGKm-ROKfMbtZ03FuzmnxhwvOKuseNZXITAq4OPArKTkopXDx3IqKm2L6tSItfe9J8LXR6XxPqW1qRtrUDRpF8Kbwtx-lnhBG38CQ14eUn10pYATNl1Jeky48VXuiXKuvdhj4ihw_IGs_Ase_2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "3ab035c4-e4b3-42e9-ab6f-09c772f52c24",
      "n": "omPisSDYWOOZLuYgRFimFMtp6qdPzSgVHRspyghqRBcYFpDDRmKJN4oVbs7vh6DOjrxzAPiPd-aJKYMhNga_G84UIygfHmPGJxXBInuPsxGOSsrlKU_0dhmwb4om-8ZlFQBs0SCQpYgi5IQrFY09rDrZbESpE9WixPnsW7EbZmPTRLlhSY-3bd3MAQxGOgtRqfMhykgnmgU8TwGV6aNuFYAOPfPGiQUjISFXbkwN3yS6JPVqqaEeyhCRymEQtmP5YZ-s3SfWyav1O5pZDbVBeeXk-bilzao_qot8pZ1_hD5IMzq9dTUSj5BRCNqG2qui0DItlyg39L5pH2Nw50fLLQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "1afd820f-4933-42e4-90ef-b24e7a9e57c6",
      "x": "7dWw4ZTVdgtkzRByOAeQkv9dcQcCILnF1lt5QcSJGDk",
      "y": "TjRSCR4xnESKrEAFhfmz7Mr1myk46saSjFvDoVDeU4Y"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "afb8cf3e-9f4c-4d6c-a133-ff255037a152",
      "x": "9HEH6KYxeRRPqGQ0yk_-2ses3Xm5zIgHv7NnPvqQkxM",
      "y": "3AOWjjF8CwwVXJ2iMnn6sA1PiuuS6wYpEMSoq5uiRew"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "6fea95f9-b9e1-4d85-988d-61c9dd5e189e",
      "x": "Vqr0a-EfW6lgXZEK97U32yOCF40TeqQJpwumDhYGH2g",
      "y": "KqhDCoD2n947JEtq1d-SXww_gfpDBOmcdd4fRlIZP-8"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "a2070041-e20a-4f0c-bf37-c147ef4a6f53",
      "x": "zVC3d-jhzFa0e88l92nbqJg0dSaTQYIlKyQn87ARJN8"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "c03dac1f-fab6-4acb-a752-1922ba0d67ac",
      "alg": "RSA-OAEP",
      "n": "gfAYVgQLrX-fG7ZC2kWy-MkjSnuTiPrhBn2l5oVdjx6wVR26gdmeFtCoMIcdJW6ZFlPU7CUFNf8GHoS6BZVagZJp3g6SuW9gYxPqcEMWPntPo_Ef1LK-U--EoHVuIIaVSxFpPcDN5v9bCWZP8NLnW1bi5O8vfxZfnCDNWZhwBNrgktrsmUMCeOrGOZG_YiibkS0k_4IWKHZhRMSydPpHGoAds859SBrUxij47EZdURMfbJOjN0eUqzWSaZCbOlR0n96aruRjTn5_i2AgYrHAB-Jz5oIvZX0tL9kzf2aAsHPp4QGR2_KqKZrO7e-Hib5OiFSSJcr0W2nv-IjNjxSjtQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "835d6c59-a080-4b51-83c8-503d9ae8656f",
      "x": "HSOcY6M-fevotk3JxP2BxClATe7hq1RvDeKbpa1ijQI",
      "y": "zG_a8qQMxXEM_R9gnL3RvbNN-HDih7A-H123aU_Utoo",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:50:51 FINISHED
oidcc-client-test-idtoken-sig-rs256
Test has run to completion
testmodule_result
PASSED
Test Results