Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:54:55 INFO
TEST-RUNNER
Test instance L3N6vIkiOsQ3EaI created
baseUrl
https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-nonce-invalid
2020-09-01 12:54:55 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/",
  "authorization_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/token",
  "jwks_uri": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:54:55
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/",
  "authorization_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/token",
  "jwks_uri": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:54:55
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "2pYmeyvIrdVu-jMEbfzkKNSpS9pH-XgNnVdoQsf5kKOs_6-7f_NMDu3P13hOO_sBR6XDNmxNmWkZ-obp4DuENLVO8-7WE8FydpdDWTaV0jr_qskOy_ms7tfysMEDwENAUMDrwaeHzXg8gEo2B5pO7bLqw6LENpea8CQ9Gbxu9SE",
      "kty": "RSA",
      "q": "nrUWiGZXJ3eKZpfKPjvCT8dqWrYHZ_uzekVe0z7RrdvH0FFOm28O2fji1L-Yc2FaHLceLG2e8_g69gXfVp3_0d-b8d8qXx-qF-Y-rMg7IZqJIzFdO7j6dH9dldlCY3_NNop7i8QjsjrNT07Mg7OA1s3VcL1iASXpzoymS1MyUmk",
      "d": "dbUnq-jN7Q2KZZ_W303JJSY6cbE7lnBgt5a__SkeWXCngQaa-dO67xj_CgN_izu62ZXzXOP4F3llAjgWa63nN2gHVzYD74ATGLgIK-c1dMw1G0woS_9V88vIz5zmHZnA1XxCEw7EL15yT7L_oDU9TY-0c2mzCwdf1rL6KRxjOol4PLO5PQabKFgg61mn3MkUOiLi2kXEZyloJ0DyHa-jFgxadie0PUdXQJPE6S9KbJiUKSciDs73tyLKuXdpbLWgcT0ruNLKpkMzTu2qYpQ-38fG1DepAybpMJBSuVKdvhtLsNNxblVDytyttUogySlV3KvkpAap90VZlhuONfU2AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "bce9dc8e-bea2-4040-a824-52af0ebe0977",
      "qi": "tWdyjE9N3BfFnXduXOsSOu5k2CTY84BAB8sc8BEdlze4xNK61Y2cNhcWOu30j9TQc2PonSo7RlmupQqWGW7BHHBSAilcueMGht3jPABor4aW18gxhhAdxa4wdsAWOxCzYzH9P7GiQbtzUy2pjMnAmkggMyvVONOu4PkNeZRNW0w",
      "dp": "BSPEsd68sEG1g1KRxxhMMR2XAX6XdKk7ALkebXuQRbNjjPuP2Blbb3puCa39gPGM_SdLqMrxJCtRfg-QDkK4ABlHSvsRs5M34sv5vG5JJZFXk6d4npk3VMJlJXzUXr_2EjAHGx2aVt195rJYBOO--V3coU8BeBsmfIENor5IiaE",
      "dq": "WqUFHJyPFKyS8KurSEYrYhN8bBjhPAOna6NpWG_dpFYN1q5Jnj8dFWOwcmCHuwaUSChSZH-rtJ5HVrLd74PIU99KGygh9DiKlqHblCW8mCHCR8ZvAKhS6-y-z9JJt7iLxaXskFRTKv2ou64-4s3IPWdMi9quugckdeMhK452BFk",
      "n": "h4NLJpiRFW49FZrfSNQVa1L8rklvESttyo3xiXr04sFum8B7wt6776X6dIV63PbvLYp4DGitmizUNLFLk59Fqlq-wxtY6e_78C80iNDixzEJG9xKnbOTneZZ-X71v7oy0Dywv-cQmpEnpZQxe24tCYeBctZ3ltn6CYdI3KM1hO7lOWlq70s7EIfFF6ouFJ-_gcPSuui5hJTY1horxvYhsn7X4E-B6ak0wd8ekvVoGYj8mKb5hU2HhDjpzjW90PCnLQP-4VwEASFGzr9ObR02FcOxIk3eiQ4_GfHFb7Faw6j9vSOx1s1acjza7h7k3US_-Ey5z-qPQw0lD0u6Z3kciQ"
    },
    {
      "kty": "EC",
      "d": "FzRrZrdfoq4taBHuz29ar5pVUl5bXJsZ0iDx5HCzsos",
      "use": "sig",
      "crv": "P-256",
      "kid": "d793ba5f-0de1-434f-adf3-1551b9b2dd1f",
      "x": "VcXU4oHFpFVmkFwAQPs6N8kZ3pkumEx24IgjGMFS5r0",
      "y": "MW-PBM2fzYt82DRrngPGb84WwEEmi92HOrZq2HORGzY"
    },
    {
      "kty": "EC",
      "d": "PKQg-Ufy5ubcTFmF3qAlZUkgRdPUz-vnLj_FMvRZf8I",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "31f61192-07bd-44f2-8bf3-3343cea60874",
      "x": "FF_ns4vkBIu-xMxa7aWxJUmGnkoqoYHDMIiavPHBw1E",
      "y": "yy3v0PVhuDKPN-ADsPpEXwotrc7-0z50PgsspMiOPD4"
    },
    {
      "kty": "OKP",
      "d": "7_Ib5QUt0__ZMgs-F1584L1v4AVGN90Rf-RPnYw0O0w",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "d4b32eb1-bdfc-4afe-b760-dd661e5e4d18",
      "x": "BAmP1BR1q5RgFPnbPC7ijap8qUqrXjWyfCC6h-G2Ue0"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "3MgNPme4oaiujuk-wip296akAj5c-P_MEvTIPFQSIt-afBC6tJ7n67EWHCUjcVOwMvCV_m7Yx24CLsM0ZuwN5A-lTtzyC9UyP5xWqhpMoi9hpy-pSEF3jbBGsfB4ijQFGIPNNr0eRtGqNFK6Cp38WzSw3a-RWYZLgKbnkw4m94c",
      "kty": "RSA",
      "q": "mfTiPY63DS-ryH6KlbIxn5TYFUZSam_YCMPDt0YUgIEAzBPPU06GgRtSmZSdxHG6IVuuieFfIn6q2iC9p1AiFbzhEVUfEZttJSZHlpeJruHE3xALBlAb2mmpvC2zjQHdQE19U7O-RQRfAescDVf8qTlmXvq9jE3k5G9Pzq5b1hk",
      "d": "VmjviXc3attcKuGh6AP8jqRubxjRB9Nuk_qGqJwH3NwjejDktxI84AdZOLNyS67018hytMMXMT6L7zDnN6ZtOslcdSurWntG2hbBhI8KuyUBIaRl4OG4lHyOoAkIJFcsGHu4uh8y3nzYMYeJtVFOaX4K3zghbXJ55gflKu95gE2oRe09nWzf_90KgFgI6OQnLkV6ONknWNO-z9bRaga18ZZgDsBFnBLaBsmXWvT2gcQ9jsjyEvTTlu77ae1EeUQqbE3TPYaiJg94JXOulJyC2dw0KDbcntX5gLPWiAJfgzBlMjJpm2ydxf6BSW8SkNR2tTZc7tPkrH3QddS5Q3-fMQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "3b4b8e7c-7e26-49d1-a7d6-454f9186067a",
      "qi": "h3N0Go1pBHaDvlbw0XsqMMizLGIel2TFWXps8GkGK7DPLTx3hK2SC1uZkdGQNkR4hQQsOOmH0ScSX5TZuvhMSU6EcplIqzLSql4Tm2uDoekySo9SnRFKTZcY7Q8qw4AbJnmBMgrs4dBEnVQKiTmhIwdymlh4SA3CPEh-XanIg9s",
      "dp": "Dqk6N-qrWBDbhqH2iO5I-CkYuw1pHx_dbWTT5y2uBqLSn2p8-4GR5RTdYwEUWXI1QSy4ySyTOKsVegV8dVk3ku13DMWfTSnbLF41YxZcAGklEvUXSLUQO1h5WVeeqY7Kx9X4yqnEWO-TXeYgdJQJLgVRuWbvQAKrAOAUgK9v5w",
      "alg": "RSA-OAEP",
      "dq": "iwGtiJEkPDavrw56SKEk5wZ4d_UPkuS7NWa0fvU6q7BOrPSx_HDpRwcJdHvYWzeoLFhgZkPkJvwhfWOUec4DiIcK3CB0NeyVBrbialkWyp00qYcNvTx1eaZvx-WnuYhWYanVn86p3B0PP2ct4-puych24wkYPedS5OKQN3f8mXk",
      "n": "hMbBtJ3pScD1gOuOItYN1TXQ869a61M_OsxXxWL5IgCjZNt1QLo8bom1xuxM_bVrdj7DER-BWwKFoamSGlwLBv8BTkBh_i3aU4xfBdTdKIgC-A5nBHsysJqKFxs-vL2-ibOTQEoGbrcF9mIC7BWzzQIMhzYvjxYBk1ve9PQsGladUt4ccQpL2u8gUcqowlt2fi3ePDd9VFl-IvOX2HRd1m6G-XzDI2Zh9NHPLypudE_iscGIlTaRCVPvIN86pgvN_FP0Wyg9UmGYnOAStSIH_5afJgPXU7oG4C0PT-fqLegcgs3TaJ8v2A3s4FFwWs3N_n4B8NtoB-5UDObqs7YGLw"
    },
    {
      "kty": "EC",
      "d": "uiY80IP17_wS_Pc3G-gUqQly5JN2-TvYZqb87KK6-sQ",
      "use": "enc",
      "crv": "P-256",
      "kid": "7998717b-08dc-440b-ae08-11f4b7852456",
      "x": "Ko7f9-QdunCMCF5gbXdsRI4pgricz4qhiO3co5O0AYc",
      "y": "C2AZVh0Uzh5mwNB5XZvJO631wGonBkyffXyB58zRt_A",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "bce9dc8e-bea2-4040-a824-52af0ebe0977",
      "n": "h4NLJpiRFW49FZrfSNQVa1L8rklvESttyo3xiXr04sFum8B7wt6776X6dIV63PbvLYp4DGitmizUNLFLk59Fqlq-wxtY6e_78C80iNDixzEJG9xKnbOTneZZ-X71v7oy0Dywv-cQmpEnpZQxe24tCYeBctZ3ltn6CYdI3KM1hO7lOWlq70s7EIfFF6ouFJ-_gcPSuui5hJTY1horxvYhsn7X4E-B6ak0wd8ekvVoGYj8mKb5hU2HhDjpzjW90PCnLQP-4VwEASFGzr9ObR02FcOxIk3eiQ4_GfHFb7Faw6j9vSOx1s1acjza7h7k3US_-Ey5z-qPQw0lD0u6Z3kciQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0ef39fc3-b752-4eb7-a029-7e3fad40d437",
      "n": "kwfMvumxLImw9ZGio1BEQGT_X_izSo80LEEkY-m15CMH4WP0bYt-NWCHe4W2PAaegHQctZP_QkCnBb0JVOzxtezdJpKxjgK6MkW9Qbl_mCLUWFK9WeLoieM2P0Ok4QStvozCxbIT44MBoO2J6P4l1jtwBuUnND6VswYfytjsPKDuJZ-Rjy80-JVDf98an_cDlNHCjCcbqhcuGNhs9HZyfRd4G8P9y5TSHQKo990hKugZXj5nTz8foL8d8lr-pHPhBF1QNae4Syn0hKPeZK10o4jT3bunLmuGpMQspidZaVZx3agnVL37fxBLI77xvWOEAhBnQKV1ycyj3hq19yd2wQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "d793ba5f-0de1-434f-adf3-1551b9b2dd1f",
      "x": "VcXU4oHFpFVmkFwAQPs6N8kZ3pkumEx24IgjGMFS5r0",
      "y": "MW-PBM2fzYt82DRrngPGb84WwEEmi92HOrZq2HORGzY"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "aa137b97-07b2-4368-b425-936660f88194",
      "x": "2WSVfrvnrKoDctrT5d9R8Q3N4JeLsaEzigB3yCOaqQU",
      "y": "2wr-u6VVBJ-3l6umUzcasNohct8oxzgT-UNvg02aEug"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "31f61192-07bd-44f2-8bf3-3343cea60874",
      "x": "FF_ns4vkBIu-xMxa7aWxJUmGnkoqoYHDMIiavPHBw1E",
      "y": "yy3v0PVhuDKPN-ADsPpEXwotrc7-0z50PgsspMiOPD4"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "d4b32eb1-bdfc-4afe-b760-dd661e5e4d18",
      "x": "BAmP1BR1q5RgFPnbPC7ijap8qUqrXjWyfCC6h-G2Ue0"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "3b4b8e7c-7e26-49d1-a7d6-454f9186067a",
      "alg": "RSA-OAEP",
      "n": "hMbBtJ3pScD1gOuOItYN1TXQ869a61M_OsxXxWL5IgCjZNt1QLo8bom1xuxM_bVrdj7DER-BWwKFoamSGlwLBv8BTkBh_i3aU4xfBdTdKIgC-A5nBHsysJqKFxs-vL2-ibOTQEoGbrcF9mIC7BWzzQIMhzYvjxYBk1ve9PQsGladUt4ccQpL2u8gUcqowlt2fi3ePDd9VFl-IvOX2HRd1m6G-XzDI2Zh9NHPLypudE_iscGIlTaRCVPvIN86pgvN_FP0Wyg9UmGYnOAStSIH_5afJgPXU7oG4C0PT-fqLegcgs3TaJ8v2A3s4FFwWs3N_n4B8NtoB-5UDObqs7YGLw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "7998717b-08dc-440b-ae08-11f4b7852456",
      "x": "Ko7f9-QdunCMCF5gbXdsRI4pgricz4qhiO3co5O0AYc",
      "y": "C2AZVh0Uzh5mwNB5XZvJO631wGonBkyffXyB58zRt_A",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:54:55 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:54:55 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:54:55 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:54:55 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:54:55
oidcc-client-test-nonce-invalid
Setup Done
2020-09-01 12:54:58 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance L3N6vIkiOsQ3EaI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:54:58 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance L3N6vIkiOsQ3EaI
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/",
  "authorization_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/token",
  "jwks_uri": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:54:58 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance L3N6vIkiOsQ3EaI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "187",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"]}
Registration endpoint
2020-09-01 12:54:58 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ]
}
2020-09-01 12:54:58 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:54:58 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code id_token token"
]
2020-09-01 12:54:58 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:54:58 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:54:58 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:54:58 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:54:58 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:54:58 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:54:58 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2020-09-01 12:54:58 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:54:58 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:54:58 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:54:58 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:54:58 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:54:58 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:54:58 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:54:58 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:54:58 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:54:58 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:54:58 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:54:58 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:54:58 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_qVLVsAwgNzjnNuj94740{!/:_"
}
2020-09-01 12:54:58
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_QFWTftjgHJXiHJqJsbcuvydXVsIrrYIaIZmSUPcMNXmwNZEbWP1663299139-)`\|
2020-09-01 12:54:58 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:54:58 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_qVLVsAwgNzjnNuj94740{!/:_",
  "client_secret": "secret_QFWTftjgHJXiHJqJsbcuvydXVsIrrYIaIZmSUPcMNXmwNZEbWP1663299139-)`\\|"
}
2020-09-01 12:54:58 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:54:58 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2020-09-01 12:54:58
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:54:58 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance L3N6vIkiOsQ3EaI
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "client_id": "client_qVLVsAwgNzjnNuj94740{!/:_",
  "client_secret": "secret_QFWTftjgHJXiHJqJsbcuvydXVsIrrYIaIZmSUPcMNXmwNZEbWP1663299139-)`\\|",
  "id_token_signed_response_alg": "RS256"
}
outgoing_path
register
2020-09-01 12:54:59 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance L3N6vIkiOsQ3EaI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_qVLVsAwgNzjnNuj94740{!/:_",
  "scope": "openid",
  "response_type": "code id_token token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "mwA8OXpq-emPwn0K9tESsLK7Gw5IJfWmkLYdGDFhDK4",
  "nonce": "QFiTZsFIeJ1fMtUyQPqWBQOh8Qo-IYJxtuPUg_FQtus",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:54:59 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:54:59 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:54:59 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_qVLVsAwgNzjnNuj94740{!/:_",
  "scope": "openid",
  "response_type": "code id_token token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "mwA8OXpq-emPwn0K9tESsLK7Gw5IJfWmkLYdGDFhDK4",
  "nonce": "QFiTZsFIeJ1fMtUyQPqWBQOh8Qo-IYJxtuPUg_FQtus",
  "response_mode": "form_post"
}
2020-09-01 12:54:59 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:54:59 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
QFiTZsFIeJ1fMtUyQPqWBQOh8Qo-IYJxtuPUg_FQtus
2020-09-01 12:54:59 SUCCESS
EnsureResponseTypeIsCodeIdTokenToken
Response type is expected value
expected
code id_token token
2020-09-01 12:54:59 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_qVLVsAwgNzjnNuj94740{!/:_
2020-09-01 12:54:59 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:54:59 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:54:59 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:54:59 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
DLZ5ekPX7c
2020-09-01 12:54:59 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
McSZDIb99MhEeQxIkNsmbg
2020-09-01 12:54:59 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
gks7XR3fW4ZaFoFExsfIIYX0qAY21FAIRKnWJ98psw6qiIlKOV
2020-09-01 12:54:59 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
HLtP8Ewg02bKKYHZTeInug
2020-09-01 12:54:59 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/
sub
user-subject-1234531
aud
client_qVLVsAwgNzjnNuj94740{!/:_
nonce
QFiTZsFIeJ1fMtUyQPqWBQOh8Qo-IYJxtuPUg_FQtus
iat
1598964899
exp
1598965199
2020-09-01 12:54:59 SUCCESS
AddInvalidNonceValueToIdToken
Added invalid nonce to ID token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/",
  "sub": "user-subject-1234531",
  "aud": "client_qVLVsAwgNzjnNuj94740{!/:_",
  "nonce": "QFiTZsFIeJ1fMtUyQPqWBQOh8Qo-IYJxtuPUg_FQtus1",
  "iat": 1598964899,
  "exp": 1598965199
}
nonce
QFiTZsFIeJ1fMtUyQPqWBQOh8Qo-IYJxtuPUg_FQtus1
2020-09-01 12:54:59 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
McSZDIb99MhEeQxIkNsmbg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/",
  "sub": "user-subject-1234531",
  "aud": "client_qVLVsAwgNzjnNuj94740{!/:_",
  "nonce": "QFiTZsFIeJ1fMtUyQPqWBQOh8Qo-IYJxtuPUg_FQtus1",
  "iat": 1598964899,
  "exp": 1598965199,
  "c_hash": "McSZDIb99MhEeQxIkNsmbg"
}
2020-09-01 12:54:59 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
HLtP8Ewg02bKKYHZTeInug
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/L3N6vIkiOsQ3EaI/",
  "sub": "user-subject-1234531",
  "aud": "client_qVLVsAwgNzjnNuj94740{!/:_",
  "nonce": "QFiTZsFIeJ1fMtUyQPqWBQOh8Qo-IYJxtuPUg_FQtus1",
  "iat": 1598964899,
  "exp": 1598965199,
  "c_hash": "McSZDIb99MhEeQxIkNsmbg",
  "at_hash": "HLtP8Ewg02bKKYHZTeInug"
}
2020-09-01 12:54:59 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJiY2U5ZGM4ZS1iZWEyLTQwNDAtYTgyNC01MmFmMGViZTA5NzciLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSEx0UDhFd2cwMmJLS1lIWlRlSW51ZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FWTFZzQXdnTnpqbk51ajk0NzQweyFcLzpfIiwiY19oYXNoIjoiTWNTWkRJYjk5TWhFZVF4SWtOc21iZyIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9MM042dklraU9zUTNFYUlcLyIsImV4cCI6MTU5ODk2NTE5OSwibm9uY2UiOiJRRmlUWnNGSWVKMWZNdFV5UVBxV0JRT2g4UW8tSVlKeHR1UFVnX0ZRdHVzMSIsImlhdCI6MTU5ODk2NDg5OX0.MMcUfrahyd-wRrYO9rxKSAj7KWpQ_5y4RZONzvm683Tn6nicJRzMS8O5Fn7dcOZlMy1m-MRilj0rfkurb_dIMkRPVVuWW1NiLbNxB0Unka0LbG5c95IvhrWa3bvYX3fFw-4UqPNQovMocDo3PAXsdb9PlJcKEjQgXkUPU8dREHG66RFln1pmx97bRC54L0aSkmQ3VlE9-dr38bbWsVwWWvrLGCa3z1Kl7V6Q_aiOYxjCWvniO-906KsVHuMPvmqbq4y4c1zGVVip-05yOub509sYAr6SdH2kRP2QeJAO2wZMO7YgXA9zV08WRgoUdPvtzrTNIq7cYE-ka0uQw0KAwg
key
{"p":"2pYmeyvIrdVu-jMEbfzkKNSpS9pH-XgNnVdoQsf5kKOs_6-7f_NMDu3P13hOO_sBR6XDNmxNmWkZ-obp4DuENLVO8-7WE8FydpdDWTaV0jr_qskOy_ms7tfysMEDwENAUMDrwaeHzXg8gEo2B5pO7bLqw6LENpea8CQ9Gbxu9SE","kty":"RSA","q":"nrUWiGZXJ3eKZpfKPjvCT8dqWrYHZ_uzekVe0z7RrdvH0FFOm28O2fji1L-Yc2FaHLceLG2e8_g69gXfVp3_0d-b8d8qXx-qF-Y-rMg7IZqJIzFdO7j6dH9dldlCY3_NNop7i8QjsjrNT07Mg7OA1s3VcL1iASXpzoymS1MyUmk","d":"dbUnq-jN7Q2KZZ_W303JJSY6cbE7lnBgt5a__SkeWXCngQaa-dO67xj_CgN_izu62ZXzXOP4F3llAjgWa63nN2gHVzYD74ATGLgIK-c1dMw1G0woS_9V88vIz5zmHZnA1XxCEw7EL15yT7L_oDU9TY-0c2mzCwdf1rL6KRxjOol4PLO5PQabKFgg61mn3MkUOiLi2kXEZyloJ0DyHa-jFgxadie0PUdXQJPE6S9KbJiUKSciDs73tyLKuXdpbLWgcT0ruNLKpkMzTu2qYpQ-38fG1DepAybpMJBSuVKdvhtLsNNxblVDytyttUogySlV3KvkpAap90VZlhuONfU2AQ","e":"AQAB","use":"sig","kid":"bce9dc8e-bea2-4040-a824-52af0ebe0977","qi":"tWdyjE9N3BfFnXduXOsSOu5k2CTY84BAB8sc8BEdlze4xNK61Y2cNhcWOu30j9TQc2PonSo7RlmupQqWGW7BHHBSAilcueMGht3jPABor4aW18gxhhAdxa4wdsAWOxCzYzH9P7GiQbtzUy2pjMnAmkggMyvVONOu4PkNeZRNW0w","dp":"BSPEsd68sEG1g1KRxxhMMR2XAX6XdKk7ALkebXuQRbNjjPuP2Blbb3puCa39gPGM_SdLqMrxJCtRfg-QDkK4ABlHSvsRs5M34sv5vG5JJZFXk6d4npk3VMJlJXzUXr_2EjAHGx2aVt195rJYBOO--V3coU8BeBsmfIENor5IiaE","dq":"WqUFHJyPFKyS8KurSEYrYhN8bBjhPAOna6NpWG_dpFYN1q5Jnj8dFWOwcmCHuwaUSChSZH-rtJ5HVrLd74PIU99KGygh9DiKlqHblCW8mCHCR8ZvAKhS6-y-z9JJt7iLxaXskFRTKv2ou64-4s3IPWdMi9quugckdeMhK452BFk","n":"h4NLJpiRFW49FZrfSNQVa1L8rklvESttyo3xiXr04sFum8B7wt6776X6dIV63PbvLYp4DGitmizUNLFLk59Fqlq-wxtY6e_78C80iNDixzEJG9xKnbOTneZZ-X71v7oy0Dywv-cQmpEnpZQxe24tCYeBctZ3ltn6CYdI3KM1hO7lOWlq70s7EIfFF6ouFJ-_gcPSuui5hJTY1horxvYhsn7X4E-B6ak0wd8ekvVoGYj8mKb5hU2HhDjpzjW90PCnLQP-4VwEASFGzr9ObR02FcOxIk3eiQ4_GfHFb7Faw6j9vSOx1s1acjza7h7k3US_-Ey5z-qPQw0lD0u6Z3kciQ"}
algorithm
RS256
2020-09-01 12:54:59 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:54:59 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "mwA8OXpq-emPwn0K9tESsLK7Gw5IJfWmkLYdGDFhDK4"
}
2020-09-01 12:54:59 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "mwA8OXpq-emPwn0K9tESsLK7Gw5IJfWmkLYdGDFhDK4",
  "code": "DLZ5ekPX7c"
}
2020-09-01 12:54:59 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "mwA8OXpq-emPwn0K9tESsLK7Gw5IJfWmkLYdGDFhDK4",
  "code": "DLZ5ekPX7c",
  "id_token": "eyJraWQiOiJiY2U5ZGM4ZS1iZWEyLTQwNDAtYTgyNC01MmFmMGViZTA5NzciLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSEx0UDhFd2cwMmJLS1lIWlRlSW51ZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FWTFZzQXdnTnpqbk51ajk0NzQweyFcLzpfIiwiY19oYXNoIjoiTWNTWkRJYjk5TWhFZVF4SWtOc21iZyIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9MM042dklraU9zUTNFYUlcLyIsImV4cCI6MTU5ODk2NTE5OSwibm9uY2UiOiJRRmlUWnNGSWVKMWZNdFV5UVBxV0JRT2g4UW8tSVlKeHR1UFVnX0ZRdHVzMSIsImlhdCI6MTU5ODk2NDg5OX0.MMcUfrahyd-wRrYO9rxKSAj7KWpQ_5y4RZONzvm683Tn6nicJRzMS8O5Fn7dcOZlMy1m-MRilj0rfkurb_dIMkRPVVuWW1NiLbNxB0Unka0LbG5c95IvhrWa3bvYX3fFw-4UqPNQovMocDo3PAXsdb9PlJcKEjQgXkUPU8dREHG66RFln1pmx97bRC54L0aSkmQ3VlE9-dr38bbWsVwWWvrLGCa3z1Kl7V6Q_aiOYxjCWvniO-906KsVHuMPvmqbq4y4c1zGVVip-05yOub509sYAr6SdH2kRP2QeJAO2wZMO7YgXA9zV08WRgoUdPvtzrTNIq7cYE-ka0uQw0KAwg"
}
2020-09-01 12:54:59
AddTokenToAuthorizationEndpointResponseParams
Added token and token_type to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "mwA8OXpq-emPwn0K9tESsLK7Gw5IJfWmkLYdGDFhDK4",
  "code": "DLZ5ekPX7c",
  "id_token": "eyJraWQiOiJiY2U5ZGM4ZS1iZWEyLTQwNDAtYTgyNC01MmFmMGViZTA5NzciLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSEx0UDhFd2cwMmJLS1lIWlRlSW51ZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FWTFZzQXdnTnpqbk51ajk0NzQweyFcLzpfIiwiY19oYXNoIjoiTWNTWkRJYjk5TWhFZVF4SWtOc21iZyIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9MM042dklraU9zUTNFYUlcLyIsImV4cCI6MTU5ODk2NTE5OSwibm9uY2UiOiJRRmlUWnNGSWVKMWZNdFV5UVBxV0JRT2g4UW8tSVlKeHR1UFVnX0ZRdHVzMSIsImlhdCI6MTU5ODk2NDg5OX0.MMcUfrahyd-wRrYO9rxKSAj7KWpQ_5y4RZONzvm683Tn6nicJRzMS8O5Fn7dcOZlMy1m-MRilj0rfkurb_dIMkRPVVuWW1NiLbNxB0Unka0LbG5c95IvhrWa3bvYX3fFw-4UqPNQovMocDo3PAXsdb9PlJcKEjQgXkUPU8dREHG66RFln1pmx97bRC54L0aSkmQ3VlE9-dr38bbWsVwWWvrLGCa3z1Kl7V6Q_aiOYxjCWvniO-906KsVHuMPvmqbq4y4c1zGVVip-05yOub509sYAr6SdH2kRP2QeJAO2wZMO7YgXA9zV08WRgoUdPvtzrTNIq7cYE-ka0uQw0KAwg",
  "access_token": "gks7XR3fW4ZaFoFExsfIIYX0qAY21FAIRKnWJ98psw6qiIlKOV",
  "token_type": "Bearer"
}
2020-09-01 12:54:59 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance L3N6vIkiOsQ3EaI
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"mwA8OXpq-emPwn0K9tESsLK7Gw5IJfWmkLYdGDFhDK4","code":"DLZ5ekPX7c","id_token":"eyJraWQiOiJiY2U5ZGM4ZS1iZWEyLTQwNDAtYTgyNC01MmFmMGViZTA5NzciLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSEx0UDhFd2cwMmJLS1lIWlRlSW51ZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3FWTFZzQXdnTnpqbk51ajk0NzQweyFcLzpfIiwiY19oYXNoIjoiTWNTWkRJYjk5TWhFZVF4SWtOc21iZyIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9MM042dklraU9zUTNFYUlcLyIsImV4cCI6MTU5ODk2NTE5OSwibm9uY2UiOiJRRmlUWnNGSWVKMWZNdFV5UVBxV0JRT2g4UW8tSVlKeHR1UFVnX0ZRdHVzMSIsImlhdCI6MTU5ODk2NDg5OX0.MMcUfrahyd-wRrYO9rxKSAj7KWpQ_5y4RZONzvm683Tn6nicJRzMS8O5Fn7dcOZlMy1m-MRilj0rfkurb_dIMkRPVVuWW1NiLbNxB0Unka0LbG5c95IvhrWa3bvYX3fFw-4UqPNQovMocDo3PAXsdb9PlJcKEjQgXkUPU8dREHG66RFln1pmx97bRC54L0aSkmQ3VlE9-dr38bbWsVwWWvrLGCa3z1Kl7V6Q_aiOYxjCWvniO-906KsVHuMPvmqbq4y4c1zGVVip-05yOub509sYAr6SdH2kRP2QeJAO2wZMO7YgXA9zV08WRgoUdPvtzrTNIq7cYE-ka0uQw0KAwg","access_token":"gks7XR3fW4ZaFoFExsfIIYX0qAY21FAIRKnWJ98psw6qiIlKOV","token_type":"Bearer"}}]
outgoing_path
authorize
2020-09-01 12:54:59 INCOMING
oidcc-client-test-nonce-invalid
Incoming HTTP request to test instance L3N6vIkiOsQ3EaI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:54:59 OUTGOING
oidcc-client-test-nonce-invalid
Response to HTTP request to test instance L3N6vIkiOsQ3EaI
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "bce9dc8e-bea2-4040-a824-52af0ebe0977",
      "n": "h4NLJpiRFW49FZrfSNQVa1L8rklvESttyo3xiXr04sFum8B7wt6776X6dIV63PbvLYp4DGitmizUNLFLk59Fqlq-wxtY6e_78C80iNDixzEJG9xKnbOTneZZ-X71v7oy0Dywv-cQmpEnpZQxe24tCYeBctZ3ltn6CYdI3KM1hO7lOWlq70s7EIfFF6ouFJ-_gcPSuui5hJTY1horxvYhsn7X4E-B6ak0wd8ekvVoGYj8mKb5hU2HhDjpzjW90PCnLQP-4VwEASFGzr9ObR02FcOxIk3eiQ4_GfHFb7Faw6j9vSOx1s1acjza7h7k3US_-Ey5z-qPQw0lD0u6Z3kciQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0ef39fc3-b752-4eb7-a029-7e3fad40d437",
      "n": "kwfMvumxLImw9ZGio1BEQGT_X_izSo80LEEkY-m15CMH4WP0bYt-NWCHe4W2PAaegHQctZP_QkCnBb0JVOzxtezdJpKxjgK6MkW9Qbl_mCLUWFK9WeLoieM2P0Ok4QStvozCxbIT44MBoO2J6P4l1jtwBuUnND6VswYfytjsPKDuJZ-Rjy80-JVDf98an_cDlNHCjCcbqhcuGNhs9HZyfRd4G8P9y5TSHQKo990hKugZXj5nTz8foL8d8lr-pHPhBF1QNae4Syn0hKPeZK10o4jT3bunLmuGpMQspidZaVZx3agnVL37fxBLI77xvWOEAhBnQKV1ycyj3hq19yd2wQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "d793ba5f-0de1-434f-adf3-1551b9b2dd1f",
      "x": "VcXU4oHFpFVmkFwAQPs6N8kZ3pkumEx24IgjGMFS5r0",
      "y": "MW-PBM2fzYt82DRrngPGb84WwEEmi92HOrZq2HORGzY"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "aa137b97-07b2-4368-b425-936660f88194",
      "x": "2WSVfrvnrKoDctrT5d9R8Q3N4JeLsaEzigB3yCOaqQU",
      "y": "2wr-u6VVBJ-3l6umUzcasNohct8oxzgT-UNvg02aEug"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "31f61192-07bd-44f2-8bf3-3343cea60874",
      "x": "FF_ns4vkBIu-xMxa7aWxJUmGnkoqoYHDMIiavPHBw1E",
      "y": "yy3v0PVhuDKPN-ADsPpEXwotrc7-0z50PgsspMiOPD4"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "d4b32eb1-bdfc-4afe-b760-dd661e5e4d18",
      "x": "BAmP1BR1q5RgFPnbPC7ijap8qUqrXjWyfCC6h-G2Ue0"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "3b4b8e7c-7e26-49d1-a7d6-454f9186067a",
      "alg": "RSA-OAEP",
      "n": "hMbBtJ3pScD1gOuOItYN1TXQ869a61M_OsxXxWL5IgCjZNt1QLo8bom1xuxM_bVrdj7DER-BWwKFoamSGlwLBv8BTkBh_i3aU4xfBdTdKIgC-A5nBHsysJqKFxs-vL2-ibOTQEoGbrcF9mIC7BWzzQIMhzYvjxYBk1ve9PQsGladUt4ccQpL2u8gUcqowlt2fi3ePDd9VFl-IvOX2HRd1m6G-XzDI2Zh9NHPLypudE_iscGIlTaRCVPvIN86pgvN_FP0Wyg9UmGYnOAStSIH_5afJgPXU7oG4C0PT-fqLegcgs3TaJ8v2A3s4FFwWs3N_n4B8NtoB-5UDObqs7YGLw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "7998717b-08dc-440b-ae08-11f4b7852456",
      "x": "Ko7f9-QdunCMCF5gbXdsRI4pgricz4qhiO3co5O0AYc",
      "y": "C2AZVh0Uzh5mwNB5XZvJO631wGonBkyffXyB58zRt_A",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:55:01 FINISHED
oidcc-client-test-nonce-invalid
Test has run to completion
testmodule_result
PASSED
Test Results