Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:53:07 INFO
TEST-RUNNER
Test instance vCn5M8RctWUfn1C created
baseUrl
https://www.certification.openid.net/test/vCn5M8RctWUfn1C
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-client-secret-basic
2020-09-01 12:53:07 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/",
  "authorization_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/token",
  "jwks_uri": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:53:07
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/",
  "authorization_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/token",
  "jwks_uri": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:53:07
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "92H4tawannf15Wi5aNYl249iJww9eh2fzVi3Rvgy2Ae342H85LQqL9i2OHss8Q8exHW3qGSg_6if8WaWr6XV3b81zvAlPpnzDHoGTbZYKXuVidleRVF6aIY-8FYPbQ3ArSKmiLX-zMMAVxT4lrySNmEyTDi3M-BkIZC9LyyEp9M",
      "kty": "RSA",
      "q": "2W2cUBj6PEqC4yQ_rgQ1VVwQKpr2737DhjQ4jfbCPloE-YqW_DVh9WsJ-yo_JpL8qHtaStfJHxOu55TSHxeNdL0r9WaaHATAZipZuCeBTfWzKQPF-uI2odRVSTezV6F_iUIIlhQtSg1YnaNxm46e9qwkVRaEC1Hp_ikdWgu7Z8M",
      "d": "m3AdRlY-pyp4guG8dAg857RGDjmih-20PIlEYM6bTEIQb9yBO7lSI2Gz_fW7w3ijxzMQ_hu8co2SAvr2AhkoaM0urrCk641wawrCKusazC5VGwYT-wksCjdDbo26kHq5W3e61usRmb8Oe-IT_qJL7IJwfUdwHARup7Bj8zsUFf_0quTfimzecCnVu_OPtYDzIdN3_Us4WwucjnMiiREbbn73JdZp5LvJ8MqDFBj9Y_1Zhg60aHNxG8TB_CRtiuw59JaGeia2eKaJb9lxf1C2_dMuA7cyQiIyxQ0_WMIfy2mwyg8BulRHJ4zMw9nohtS1xvAfIWAyXu7yMZolRxNuEQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "264876d9-9bf5-4c94-a69f-5a62c7d00820",
      "qi": "SCWWmCHB8Th35LPLO58hbpM7PebmxvAal9whTT7lZvNl6kikTijl7JgEHxzl9HNCNPwfzCwGlluaI7podJb4bbPYbG17y9jLq_jseL8pdvXZz6USSAbL9oH3gnu-sm7SAWBTP--cAHiGfHW20Ep9HSQsYaP94EM4IlmwHIdTcS4",
      "dp": "gx46ZJBDy5ppip5nJ1nZ1vW4YFnse70X5g8PlV4YFMiCftKA5_dWJOYILweaWmpZNGfwYCB19Qu7OofVdmO_ZzjhnD1MgFG4sPQ8QxRSxinqqJW9kaAN8Ti2Q0xaAMM5TIsBGZTc6Eqy83T6DWsFVC1QK3YkJCra569_lnFSHmE",
      "dq": "WsHiKZ0Ddv8zO1T6L80Z5hOTu_ULdlTXkMFjif6ifhxdTzyGYah2x1ZyyCCOU6-vPzSeL_d6wDobHBeGzeuq5DvCiaDWWzOwi_TJlpEG7F_O9SPaFCsw2sQjBXj2p3GGJuklZF_vt6Vyg_qhhWk2-YhJcir_2ynKHolS8y9Kfrk",
      "n": "0hv3lf6MRJAKChCufBX4WqekRCzHeBIPDK4fBAHsKXdrEb7_TeJgwZE90Up1WePyvE2Y5YTW6W7XufLpHHHaHtKxr1vfHdsEoL4nL-hgGAp7hOKS9h8rNYPtMPv4z0LQPL935KjBJmviUf4DmB752QDOzyXwhBGLRLMT5LUVGt9XFo4Al3awSsNTw7Plq1Ma-ByEOCZQFpyEqpEs7AUOm35VkWNdGHb0b_qu8IbRQ-y8hSVvptFy-wYz6PaDVi6cQ3x1SfRuyVkrVMmhwpLaLCshGziEAV037Xikyt6r1YH2FJg0G3Q5F2ADBbVYQDy1_qYNum9UDw_uLjUi8LK6uQ"
    },
    {
      "kty": "EC",
      "d": "uA6r1TVxJr6438qmGaqT1zB4dyJv93yZQ73-yJ92JOg",
      "use": "sig",
      "crv": "P-256",
      "kid": "06e6c0f9-227f-4e4e-9fb0-56355dd3347f",
      "x": "YXMH8P5uBlXrpGSXjY_ViZyBLh_drXWzdjT903YmV54",
      "y": "an4vI2WhzgQK6ZBnw88OsztPR8RspZj-FN5gfIvXcwM"
    },
    {
      "kty": "EC",
      "d": "qMr8C-n-nS8MMoxuir3HbFDuUdVwP5VgTHEgbM4HdNE",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "0b4955b9-8712-4e80-bb25-ad2af3feb669",
      "x": "d2wQhviyTkpK6w-WHf_0BJO-hPFbEud-mm4cRk_dTFc",
      "y": "BoiVutj59lMPmda9E827InoYQ6MwRyiveCtnW_cN9Dc"
    },
    {
      "kty": "OKP",
      "d": "9M0kiXdbdoyulhdyRe1rDtV6MBqSZy84QeBJppcSXo0",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4cfada78-0559-4164-8001-005d01ed79ef",
      "x": "aSKfFpXqcbm9BqrURXT_WxtfD6S8gmCItto4j7C5TxI"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "72emK14Tj64s6CzIbJu0gtaJ6KeHmn3i-Nn3hAxT7fb857-lyTcaBMfEzDyAW90Te5E9uijiLSlKW8j_5K2xXP6qgMPma8A_TfkYSKutTpLrh9Cf4fNaSiwrhasTUptDFiq-OqSlvpn7mEPAL-fROP_ZouWCBpoRxvJOVUWVryE",
      "kty": "RSA",
      "q": "vusbQVLszLXYHCCXxLX1BQ8tOmW9IMWOGgeI6Gle12LdeNZcav8aPq2xxY8XQEtoND738tejpdtFzRIMn-Md7K4jlnUulHKYg6w0bvhYfwhnKRcVxNaZ96pr7OqRukt61kSSWZDm8jzeMhGXi3LO4p8L-S7UzqPZoNJxEkH3uK8",
      "d": "ehNgFzohiTXYEntFYK7ic_JhUXVytWhc8YjFkZKYIZ9V1ndyJWkKFLZyI_exqR91NtO3slNHUZIaLZUC1eQCtsQlo0Oyc6EVitwiECEg8QJpvRAnxRrwI_WtoUy8HRmmVzfAUAt_LYPyEReEox-iWJ7EUnSnfJdaohwK0gm8H9bwW3anEgc6R26qhrXlhmV5SLuX_6ricj4tMfaaxYROe1Y9mIHqi0xWLrQGHb8Ngsdia2aTAqJcUNN7D3-3lXxT6aCq160mF1WMeckQLUfLbxjyEphJAwtIM-QQ6v67tuXYvuaLlYIakhhtSG_Rn7WtU_f2t12QqZwnBUf_-qONgQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "ae7f7215-afef-4906-8095-608d382c3a32",
      "qi": "5Whe8CS2o55Lv8IWRCmwe6LNGVAA0kd3NbMKVVCX4tR9CIBnd7_OWNdNdDdNv-B9DgOoRyvm5Q7T12npZpzLmNaFn_Xm2FyrrrJwXyXT57vx0EF0SgGn8d2EoM0vZHCmC3ZwQVzU6_kSXGceGlTgr8Og-z54LMv4vp64NqRpoys",
      "dp": "0SxBntCizL4FFJLURzjAPjUO581AiPaG0qE3RxOyXU-Y5y-mvak8PYMB6uTNzfXaaPOc-ENyYr0Z8BotovMz7anA9aK0d97QMON8mToOwYFS8yaQG06RzA7NtAumZV2s_vg3n2tuOZu2nPJNQE4OmvvIfzCCLBx_fdEGKjETOKE",
      "alg": "RSA-OAEP",
      "dq": "fwiC9yFNTR0GMhkBwzLrWLVze7LseBzbY7h1wWczYw92nAvOLKeXd_MtIW4Ho5FJQdJQOzZ-vkI7nKsQ2WZOqAhqx5crKj1h--MedGQsxkH6Gl4w7ut4QVIVQ-wEkTfeASpZUt1WvgIAOsJ32qLGxAXd-qzNjr15dkfwUpywTyM",
      "n": "sorK9r8GSr7YQDAIwIeq6kitPYuAUbDUw2rofLo1Ss2Yw8fg_qK5-tx-KDUMhCMLp_qwnLx-N3hTdC_DXgSkdYtdkHeAzTtGAcTo7q9ZjtU_g6Zm4xihVEEjLMTskyeE-DU-GWkOzW9SQwi6WcOt01SjTsPgPiajbF5FHdBMGzfOoH4YFerwWZq-Pumu7UpT0ZZ2cjYD82fuAoh7s-hhvKWDsOQo1p58_qsCGa8wZfutLas0yMthQXZwYHDSVolYfotdjVZj_Bw_j2qM67iFiVczFy_OC3vp_YKZh85KfEh8Ifq6AbsUtC2wJl19rHRgAN75ntXp0L-ix9yDgQlvjw"
    },
    {
      "kty": "EC",
      "d": "ELEomCy0FkBNwGeJ7FuGmUa9OetlOwRutSfYhpgKs20",
      "use": "enc",
      "crv": "P-256",
      "kid": "f821c2bb-7c96-481e-a1b5-76d6a83c0c60",
      "x": "QBs3pnxTeL6dsO3MtbKzj4pd5tB3rZns3lLUSGSM4Ns",
      "y": "SKF2vcBNm7747OrGuVPCo6H1mgkV5DiRCubEKLChE-M",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "264876d9-9bf5-4c94-a69f-5a62c7d00820",
      "n": "0hv3lf6MRJAKChCufBX4WqekRCzHeBIPDK4fBAHsKXdrEb7_TeJgwZE90Up1WePyvE2Y5YTW6W7XufLpHHHaHtKxr1vfHdsEoL4nL-hgGAp7hOKS9h8rNYPtMPv4z0LQPL935KjBJmviUf4DmB752QDOzyXwhBGLRLMT5LUVGt9XFo4Al3awSsNTw7Plq1Ma-ByEOCZQFpyEqpEs7AUOm35VkWNdGHb0b_qu8IbRQ-y8hSVvptFy-wYz6PaDVi6cQ3x1SfRuyVkrVMmhwpLaLCshGziEAV037Xikyt6r1YH2FJg0G3Q5F2ADBbVYQDy1_qYNum9UDw_uLjUi8LK6uQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "f1c41d59-b019-427d-a2c7-f6f7de781d2c",
      "n": "htSH1doJ3gq8PcC9oNWgg6MUgi6KiGyuXpMAfMIWevkiRD5emin3LD8pqzJUKL7xl07jRYB4KwM_ev6DnZyXLWDdKo85RnJQ29oYODdA0q8BRAkplHhCA-5gKqHzPgmptk8whgpoiwirzcKX6gJYV0k4kMwGw6XUcJYa0e4rPqbzWgxRgDGHowq05jSsHoFBAHBcS1jKr8Z-5FvQ2sIyHS-NRtqQ_ouNn8hA62lPWW-klNAjMQjEnKFi2XwmjpxH1REeJ5JZogn7CRhrhH2nxk8Egkg7CALdcKj9FHuJQjvFEwytnXvONvKBC2oX9c5BKrfeUY1DSGSbF5ZXjDejTw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "06e6c0f9-227f-4e4e-9fb0-56355dd3347f",
      "x": "YXMH8P5uBlXrpGSXjY_ViZyBLh_drXWzdjT903YmV54",
      "y": "an4vI2WhzgQK6ZBnw88OsztPR8RspZj-FN5gfIvXcwM"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "2a049fdd-211e-4917-879a-2501de140fdd",
      "x": "Nh_c4S8-Th5GJ9RbzPc-qjH-SmRWEaJcME1mBtrYekM",
      "y": "k_hw2wso7A3mR2oBS6RKqmEKjru1PrhyrnjrBvapjCU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "0b4955b9-8712-4e80-bb25-ad2af3feb669",
      "x": "d2wQhviyTkpK6w-WHf_0BJO-hPFbEud-mm4cRk_dTFc",
      "y": "BoiVutj59lMPmda9E827InoYQ6MwRyiveCtnW_cN9Dc"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4cfada78-0559-4164-8001-005d01ed79ef",
      "x": "aSKfFpXqcbm9BqrURXT_WxtfD6S8gmCItto4j7C5TxI"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "ae7f7215-afef-4906-8095-608d382c3a32",
      "alg": "RSA-OAEP",
      "n": "sorK9r8GSr7YQDAIwIeq6kitPYuAUbDUw2rofLo1Ss2Yw8fg_qK5-tx-KDUMhCMLp_qwnLx-N3hTdC_DXgSkdYtdkHeAzTtGAcTo7q9ZjtU_g6Zm4xihVEEjLMTskyeE-DU-GWkOzW9SQwi6WcOt01SjTsPgPiajbF5FHdBMGzfOoH4YFerwWZq-Pumu7UpT0ZZ2cjYD82fuAoh7s-hhvKWDsOQo1p58_qsCGa8wZfutLas0yMthQXZwYHDSVolYfotdjVZj_Bw_j2qM67iFiVczFy_OC3vp_YKZh85KfEh8Ifq6AbsUtC2wJl19rHRgAN75ntXp0L-ix9yDgQlvjw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "f821c2bb-7c96-481e-a1b5-76d6a83c0c60",
      "x": "QBs3pnxTeL6dsO3MtbKzj4pd5tB3rZns3lLUSGSM4Ns",
      "y": "SKF2vcBNm7747OrGuVPCo6H1mgkV5DiRCubEKLChE-M",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:53:07 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:53:07 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:53:07 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:53:07 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:53:07
oidcc-client-test-client-secret-basic
Setup Done
2020-09-01 12:53:10 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance vCn5M8RctWUfn1C
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:53:10 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance vCn5M8RctWUfn1C
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/",
  "authorization_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/token",
  "jwks_uri": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:53:10 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance vCn5M8RctWUfn1C
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "178",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:53:10 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:53:10 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:53:10 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code token"
]
2020-09-01 12:53:10 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:53:10 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:53:10 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:53:10 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:53:10 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:53:10 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:53:10 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:53:10 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:53:10 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:53:10 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:53:10 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:53:10 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:53:10 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:53:10 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:53:10 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:53:10 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:53:10 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:53:10 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:53:10 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:53:10 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_WbkkoAHCtBGyCcr70520:] $;"
}
2020-09-01 12:53:10
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_YsSpkpGLOTLxPaXgzleVAnIDPTJDtlECgJJUWoSEvqxEFDGuvI7622887096@</"?
2020-09-01 12:53:10 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:53:10 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_WbkkoAHCtBGyCcr70520:] $;",
  "client_secret": "secret_YsSpkpGLOTLxPaXgzleVAnIDPTJDtlECgJJUWoSEvqxEFDGuvI7622887096@\u003c/\"?"
}
2020-09-01 12:53:10 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:53:10 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:53:10
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:53:10 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance vCn5M8RctWUfn1C
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_WbkkoAHCtBGyCcr70520:] $;",
  "client_secret": "secret_YsSpkpGLOTLxPaXgzleVAnIDPTJDtlECgJJUWoSEvqxEFDGuvI7622887096@\u003c/\"?",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:53:11 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance vCn5M8RctWUfn1C
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_WbkkoAHCtBGyCcr70520:] $;",
  "scope": "openid",
  "response_type": "code token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "QhkeF6WcGfg7Qj-z_roB6x8r68URMQJ2ncuQYmSkBIs",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:53:11 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:53:11 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:53:11 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_WbkkoAHCtBGyCcr70520:] $;",
  "scope": "openid",
  "response_type": "code token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "QhkeF6WcGfg7Qj-z_roB6x8r68URMQJ2ncuQYmSkBIs",
  "response_mode": "form_post"
}
2020-09-01 12:53:11 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:53:11 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2020-09-01 12:53:11 SUCCESS
EnsureResponseTypeIsCodeToken
Response type is expected value
expected
code token
2020-09-01 12:53:11 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_WbkkoAHCtBGyCcr70520:] $;
2020-09-01 12:53:11 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:53:11 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:53:11 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:53:11 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
0xK0utPJel
2020-09-01 12:53:11 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
r73prxwN1iUlVAImDvO4Yg
2020-09-01 12:53:11 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
UuHxY8CH8WxmPynX30NJMyU54zmjIGo8Kt8XLLjeVwB6o8VDPB
2020-09-01 12:53:11 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
Q6ASmi0vI42ZwmwpkEufGQ
2020-09-01 12:53:11 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "QhkeF6WcGfg7Qj-z_roB6x8r68URMQJ2ncuQYmSkBIs"
}
2020-09-01 12:53:11 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "QhkeF6WcGfg7Qj-z_roB6x8r68URMQJ2ncuQYmSkBIs",
  "code": "0xK0utPJel"
}
2020-09-01 12:53:11
AddTokenToAuthorizationEndpointResponseParams
Added token and token_type to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "QhkeF6WcGfg7Qj-z_roB6x8r68URMQJ2ncuQYmSkBIs",
  "code": "0xK0utPJel",
  "access_token": "UuHxY8CH8WxmPynX30NJMyU54zmjIGo8Kt8XLLjeVwB6o8VDPB",
  "token_type": "Bearer"
}
2020-09-01 12:53:11 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance vCn5M8RctWUfn1C
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"QhkeF6WcGfg7Qj-z_roB6x8r68URMQJ2ncuQYmSkBIs","code":"0xK0utPJel","access_token":"UuHxY8CH8WxmPynX30NJMyU54zmjIGo8Kt8XLLjeVwB6o8VDPB","token_type":"Bearer"}}]
outgoing_path
authorize
2020-09-01 12:53:11 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance vCn5M8RctWUfn1C
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X1dia2tvQUhDdEJHeUNjcjcwNTIwJTNBJTVEKyUyNCUzQjpzZWNyZXRfWXNTcGtwR0xPVEx4UGFYZ3psZVZBbklEUFRKRHRsRUNnSkpVV29TRXZxeEVGREd1dkk3NjIyODg3MDk2JTQwJTNDJTJGJTIyJTNG",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "0xK0utPJel",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=0xK0utPJel&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:53:11 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_WbkkoAHCtBGyCcr70520:] $;
client_secret
secret_YsSpkpGLOTLxPaXgzleVAnIDPTJDtlECgJJUWoSEvqxEFDGuvI7622887096@</"?
method
client_secret_basic
2020-09-01 12:53:11 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:53:11 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
0xK0utPJel
2020-09-01 12:53:11 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:53:11 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
Xp90ad2VFcgfPdlZ2EKQmdfQ1ZKdg7QfLzH9tfDPgWsM7l4P0c
2020-09-01 12:53:11 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
qQC9Z0sRLURi5ONfuTwmLA
2020-09-01 12:53:11 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/vCn5M8RctWUfn1C/
sub
user-subject-1234531
aud
client_WbkkoAHCtBGyCcr70520:] $;
iat
1598964791
exp
1598965091
2020-09-01 12:53:11 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
qQC9Z0sRLURi5ONfuTwmLA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/vCn5M8RctWUfn1C/",
  "sub": "user-subject-1234531",
  "aud": "client_WbkkoAHCtBGyCcr70520:] $;",
  "iat": 1598964791,
  "exp": 1598965091,
  "at_hash": "qQC9Z0sRLURi5ONfuTwmLA"
}
2020-09-01 12:53:11 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIyNjQ4NzZkOS05YmY1LTRjOTQtYTY5Zi01YTYyYzdkMDA4MjAiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoicVFDOVowc1JMVVJpNU9OZnVUd21MQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1dia2tvQUhDdEJHeUNjcjcwNTIwOl0gJDsiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvdkNuNU04UmN0V1VmbjFDXC8iLCJleHAiOjE1OTg5NjUwOTEsImlhdCI6MTU5ODk2NDc5MX0.QR3u33wNfIflTMcY1lv-q_sBhj9yKrBHOgwRM_Q7PrF2rr1AOzrO6PGIHXSAdktY7Ul3OYq_rycxGnDXfrxp7dn8eZFql4h4jtUMEUEvvX3KO-U_2LsjJD_cSBR8FRivbVClgnX3iPxoA9NAJixocMR5k0bQqMi6qejgVtlwknTD7K0iUCNRTqbd5J8C_p3xAOg3SkYMsUijukWz8g6NHtpTsPliCPjjsInz5iLwE6MIoGgjm6qGD8jWfk4XvjIeluv3Qe4YQWmp8eEv7looUQjv5wqgf7gPYPWjD-E-9yvH9C06Xmv1SDoM39zNBsbvdfXNxtHXS4ocf0ypgUzU9Q
key
{"p":"92H4tawannf15Wi5aNYl249iJww9eh2fzVi3Rvgy2Ae342H85LQqL9i2OHss8Q8exHW3qGSg_6if8WaWr6XV3b81zvAlPpnzDHoGTbZYKXuVidleRVF6aIY-8FYPbQ3ArSKmiLX-zMMAVxT4lrySNmEyTDi3M-BkIZC9LyyEp9M","kty":"RSA","q":"2W2cUBj6PEqC4yQ_rgQ1VVwQKpr2737DhjQ4jfbCPloE-YqW_DVh9WsJ-yo_JpL8qHtaStfJHxOu55TSHxeNdL0r9WaaHATAZipZuCeBTfWzKQPF-uI2odRVSTezV6F_iUIIlhQtSg1YnaNxm46e9qwkVRaEC1Hp_ikdWgu7Z8M","d":"m3AdRlY-pyp4guG8dAg857RGDjmih-20PIlEYM6bTEIQb9yBO7lSI2Gz_fW7w3ijxzMQ_hu8co2SAvr2AhkoaM0urrCk641wawrCKusazC5VGwYT-wksCjdDbo26kHq5W3e61usRmb8Oe-IT_qJL7IJwfUdwHARup7Bj8zsUFf_0quTfimzecCnVu_OPtYDzIdN3_Us4WwucjnMiiREbbn73JdZp5LvJ8MqDFBj9Y_1Zhg60aHNxG8TB_CRtiuw59JaGeia2eKaJb9lxf1C2_dMuA7cyQiIyxQ0_WMIfy2mwyg8BulRHJ4zMw9nohtS1xvAfIWAyXu7yMZolRxNuEQ","e":"AQAB","use":"sig","kid":"264876d9-9bf5-4c94-a69f-5a62c7d00820","qi":"SCWWmCHB8Th35LPLO58hbpM7PebmxvAal9whTT7lZvNl6kikTijl7JgEHxzl9HNCNPwfzCwGlluaI7podJb4bbPYbG17y9jLq_jseL8pdvXZz6USSAbL9oH3gnu-sm7SAWBTP--cAHiGfHW20Ep9HSQsYaP94EM4IlmwHIdTcS4","dp":"gx46ZJBDy5ppip5nJ1nZ1vW4YFnse70X5g8PlV4YFMiCftKA5_dWJOYILweaWmpZNGfwYCB19Qu7OofVdmO_ZzjhnD1MgFG4sPQ8QxRSxinqqJW9kaAN8Ti2Q0xaAMM5TIsBGZTc6Eqy83T6DWsFVC1QK3YkJCra569_lnFSHmE","dq":"WsHiKZ0Ddv8zO1T6L80Z5hOTu_ULdlTXkMFjif6ifhxdTzyGYah2x1ZyyCCOU6-vPzSeL_d6wDobHBeGzeuq5DvCiaDWWzOwi_TJlpEG7F_O9SPaFCsw2sQjBXj2p3GGJuklZF_vt6Vyg_qhhWk2-YhJcir_2ynKHolS8y9Kfrk","n":"0hv3lf6MRJAKChCufBX4WqekRCzHeBIPDK4fBAHsKXdrEb7_TeJgwZE90Up1WePyvE2Y5YTW6W7XufLpHHHaHtKxr1vfHdsEoL4nL-hgGAp7hOKS9h8rNYPtMPv4z0LQPL935KjBJmviUf4DmB752QDOzyXwhBGLRLMT5LUVGt9XFo4Al3awSsNTw7Plq1Ma-ByEOCZQFpyEqpEs7AUOm35VkWNdGHb0b_qu8IbRQ-y8hSVvptFy-wYz6PaDVi6cQ3x1SfRuyVkrVMmhwpLaLCshGziEAV037Xikyt6r1YH2FJg0G3Q5F2ADBbVYQDy1_qYNum9UDw_uLjUi8LK6uQ"}
algorithm
RS256
2020-09-01 12:53:11 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:53:11 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
Xp90ad2VFcgfPdlZ2EKQmdfQ1ZKdg7QfLzH9tfDPgWsM7l4P0c
token_type
Bearer
id_token
eyJraWQiOiIyNjQ4NzZkOS05YmY1LTRjOTQtYTY5Zi01YTYyYzdkMDA4MjAiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoicVFDOVowc1JMVVJpNU9OZnVUd21MQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1dia2tvQUhDdEJHeUNjcjcwNTIwOl0gJDsiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvdkNuNU04UmN0V1VmbjFDXC8iLCJleHAiOjE1OTg5NjUwOTEsImlhdCI6MTU5ODk2NDc5MX0.QR3u33wNfIflTMcY1lv-q_sBhj9yKrBHOgwRM_Q7PrF2rr1AOzrO6PGIHXSAdktY7Ul3OYq_rycxGnDXfrxp7dn8eZFql4h4jtUMEUEvvX3KO-U_2LsjJD_cSBR8FRivbVClgnX3iPxoA9NAJixocMR5k0bQqMi6qejgVtlwknTD7K0iUCNRTqbd5J8C_p3xAOg3SkYMsUijukWz8g6NHtpTsPliCPjjsInz5iLwE6MIoGgjm6qGD8jWfk4XvjIeluv3Qe4YQWmp8eEv7looUQjv5wqgf7gPYPWjD-E-9yvH9C06Xmv1SDoM39zNBsbvdfXNxtHXS4ocf0ypgUzU9Q
scope
openid
2020-09-01 12:53:11 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance vCn5M8RctWUfn1C
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "Xp90ad2VFcgfPdlZ2EKQmdfQ1ZKdg7QfLzH9tfDPgWsM7l4P0c",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiIyNjQ4NzZkOS05YmY1LTRjOTQtYTY5Zi01YTYyYzdkMDA4MjAiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoicVFDOVowc1JMVVJpNU9OZnVUd21MQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1dia2tvQUhDdEJHeUNjcjcwNTIwOl0gJDsiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvdkNuNU04UmN0V1VmbjFDXC8iLCJleHAiOjE1OTg5NjUwOTEsImlhdCI6MTU5ODk2NDc5MX0.QR3u33wNfIflTMcY1lv-q_sBhj9yKrBHOgwRM_Q7PrF2rr1AOzrO6PGIHXSAdktY7Ul3OYq_rycxGnDXfrxp7dn8eZFql4h4jtUMEUEvvX3KO-U_2LsjJD_cSBR8FRivbVClgnX3iPxoA9NAJixocMR5k0bQqMi6qejgVtlwknTD7K0iUCNRTqbd5J8C_p3xAOg3SkYMsUijukWz8g6NHtpTsPliCPjjsInz5iLwE6MIoGgjm6qGD8jWfk4XvjIeluv3Qe4YQWmp8eEv7looUQjv5wqgf7gPYPWjD-E-9yvH9C06Xmv1SDoM39zNBsbvdfXNxtHXS4ocf0ypgUzU9Q",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:53:12 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance vCn5M8RctWUfn1C
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:53:12 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance vCn5M8RctWUfn1C
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "264876d9-9bf5-4c94-a69f-5a62c7d00820",
      "n": "0hv3lf6MRJAKChCufBX4WqekRCzHeBIPDK4fBAHsKXdrEb7_TeJgwZE90Up1WePyvE2Y5YTW6W7XufLpHHHaHtKxr1vfHdsEoL4nL-hgGAp7hOKS9h8rNYPtMPv4z0LQPL935KjBJmviUf4DmB752QDOzyXwhBGLRLMT5LUVGt9XFo4Al3awSsNTw7Plq1Ma-ByEOCZQFpyEqpEs7AUOm35VkWNdGHb0b_qu8IbRQ-y8hSVvptFy-wYz6PaDVi6cQ3x1SfRuyVkrVMmhwpLaLCshGziEAV037Xikyt6r1YH2FJg0G3Q5F2ADBbVYQDy1_qYNum9UDw_uLjUi8LK6uQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "f1c41d59-b019-427d-a2c7-f6f7de781d2c",
      "n": "htSH1doJ3gq8PcC9oNWgg6MUgi6KiGyuXpMAfMIWevkiRD5emin3LD8pqzJUKL7xl07jRYB4KwM_ev6DnZyXLWDdKo85RnJQ29oYODdA0q8BRAkplHhCA-5gKqHzPgmptk8whgpoiwirzcKX6gJYV0k4kMwGw6XUcJYa0e4rPqbzWgxRgDGHowq05jSsHoFBAHBcS1jKr8Z-5FvQ2sIyHS-NRtqQ_ouNn8hA62lPWW-klNAjMQjEnKFi2XwmjpxH1REeJ5JZogn7CRhrhH2nxk8Egkg7CALdcKj9FHuJQjvFEwytnXvONvKBC2oX9c5BKrfeUY1DSGSbF5ZXjDejTw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "06e6c0f9-227f-4e4e-9fb0-56355dd3347f",
      "x": "YXMH8P5uBlXrpGSXjY_ViZyBLh_drXWzdjT903YmV54",
      "y": "an4vI2WhzgQK6ZBnw88OsztPR8RspZj-FN5gfIvXcwM"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "2a049fdd-211e-4917-879a-2501de140fdd",
      "x": "Nh_c4S8-Th5GJ9RbzPc-qjH-SmRWEaJcME1mBtrYekM",
      "y": "k_hw2wso7A3mR2oBS6RKqmEKjru1PrhyrnjrBvapjCU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "0b4955b9-8712-4e80-bb25-ad2af3feb669",
      "x": "d2wQhviyTkpK6w-WHf_0BJO-hPFbEud-mm4cRk_dTFc",
      "y": "BoiVutj59lMPmda9E827InoYQ6MwRyiveCtnW_cN9Dc"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4cfada78-0559-4164-8001-005d01ed79ef",
      "x": "aSKfFpXqcbm9BqrURXT_WxtfD6S8gmCItto4j7C5TxI"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "ae7f7215-afef-4906-8095-608d382c3a32",
      "alg": "RSA-OAEP",
      "n": "sorK9r8GSr7YQDAIwIeq6kitPYuAUbDUw2rofLo1Ss2Yw8fg_qK5-tx-KDUMhCMLp_qwnLx-N3hTdC_DXgSkdYtdkHeAzTtGAcTo7q9ZjtU_g6Zm4xihVEEjLMTskyeE-DU-GWkOzW9SQwi6WcOt01SjTsPgPiajbF5FHdBMGzfOoH4YFerwWZq-Pumu7UpT0ZZ2cjYD82fuAoh7s-hhvKWDsOQo1p58_qsCGa8wZfutLas0yMthQXZwYHDSVolYfotdjVZj_Bw_j2qM67iFiVczFy_OC3vp_YKZh85KfEh8Ifq6AbsUtC2wJl19rHRgAN75ntXp0L-ix9yDgQlvjw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "f821c2bb-7c96-481e-a1b5-76d6a83c0c60",
      "x": "QBs3pnxTeL6dsO3MtbKzj4pd5tB3rZns3lLUSGSM4Ns",
      "y": "SKF2vcBNm7747OrGuVPCo6H1mgkV5DiRCubEKLChE-M",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:53:12 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance vCn5M8RctWUfn1C
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer Xp90ad2VFcgfPdlZ2EKQmdfQ1ZKdg7QfLzH9tfDPgWsM7l4P0c",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:53:12 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
Xp90ad2VFcgfPdlZ2EKQmdfQ1ZKdg7QfLzH9tfDPgWsM7l4P0c
2020-09-01 12:53:12 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
Xp90ad2VFcgfPdlZ2EKQmdfQ1ZKdg7QfLzH9tfDPgWsM7l4P0c
2020-09-01 12:53:12 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:53:12
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:53:12 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:53:12 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:53:12 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:53:12 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance vCn5M8RctWUfn1C
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531"
}
outgoing_path
userinfo
2020-09-01 12:53:12 FINISHED
oidcc-client-test-client-secret-basic
Test has run to completion
testmodule_result
PASSED
Test Results