Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:51:10 INFO
TEST-RUNNER
Test instance MRxlSevpPBlQlKI created
baseUrl
https://www.certification.openid.net/test/MRxlSevpPBlQlKI
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code id_token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
l0lJMpv444Mye
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-idtoken-sig-rs256
2020-09-01 12:51:10 SUCCESS
OIDCCGenerateServerConfigurationIdTokenSigningAlgRS256Only
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/",
  "authorization_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/token",
  "jwks_uri": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:10
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/",
  "authorization_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/token",
  "jwks_uri": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:51:11
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "y9a1KvoV2_RixoL0mrP84MpVX8qU-WpVDyTNN66WDVXN_0m9s87L8Qbxm4huQsPDrn8ibUZ_lfEZAYfzht6wcEQLmoC2cueB9m4NVZAfo3y-dWQe_Og5TTJFgqK4BLoDrlsAkM3y184R5mhefRP_0WlivMyfF2-GtOlSlAmEqGk",
      "kty": "RSA",
      "q": "o3jRXebM2XXFWE1uWgHQ0j1PJL77yvoPsn5WzVEHuAXji0gQxer_KHnyrZam5N_Nf-u4_GX0wWcpcJaW5UKGls-UqvZmgO7_KabWnhLt-Wj4Ko7t36AQI7FMQpvzAEoiF2Ta4AF0FWMI1XJgol0vKl9AgOlvntgAwHfkB4pmrIs",
      "d": "CBXgXauGq_JdPUWTwka62ue49EI404bgn1_YeaJtxcngSv-bEr-2mX8XTHPTgpsKPUOx3MluHp6i-6JxntyaLPKFzX6bSs6JmywqCth2YGIwa5uq7r06vNABaebsYSeG8xr7kvsywO6JhEqXrH13_wvK7gibvluZy2kJeJDC8iOhGYlEBW6tRmAfQNwjwetuiepasi2mr_525ME-ltLF1DCpWhVaMbmViQKyDDWsqTLIAcA1zmogl36rlHFNmCMj-SSl_1uYxp4VQCDPOcjVTx0rXLA49C3rCPd31mzm0gxsqVYYgOiMCXcOutHdoe4KbRCFsFRvSqmTv64qZaeWcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "21759f96-34d8-4607-b1ff-9b4d09010574",
      "qi": "E-P_Po0tI9FWsHbPCCBLEfxIVdJcZ3_vtJQ0YZ5qVLF26jHzyoevubnOsB4dAJxJ_D6aXPmwV9b-C-F2NNLBSYvT_nKYuCKNaWOpiDEEnPgXER9kbrgF0f3HzyncSV9nJ6L8Q7UfnfAaFSSQ2WZ463kpvZ4zR01GzhfPcQk92Bk",
      "dp": "kQeJzTM0fFQMN1uTd8LaCIJNbiNwDWmXbXfsv1Jrlr9XGu03mQho2GvtWZEfikdJIg14zDEds-xfs1Qsc-hbtvTjIKG1rlmDgXdZ62fo6uRlipaa6ay8oG1FQaZOsaY72kELTPwLbXpECCB4IhwpprCJvPUFuKH0QSHFTGjdRwk",
      "dq": "eAuePIXkAwGgdXMPSZuxvOJ2_zYc8_bkliB_H_GUaIgyjDLU1nL3A8Nh-iX603Kil4EEbJ12upxGaz66-wr6iT9RHqcpqR9ZVD4HtzeReKmkLKSffKwvjfaCWRvqvFi0ZleTABMxKw96Cj0fR7yEiWo_lStX498d1jl0xDDXq3c",
      "n": "ginotFgPDxgouc9kisCfErZ637BU4JozVDsZ8DXKj_taCq8SsuQZ-_S7HQ9neJU2qkkEHiPGZsy5hjiMcFMSZYnTWoP6zn_ugARaPSeheddtd8yYVIaqClwTfPipCV0jMRumEunpPoZZGHf66V7sGSPnt0b7WC9MV3X2aqpiaC1n1n9GdEQo_5f3ouIlUrXlK4rmStRLwjnMt_bDytEP76CIqsC4rWQs2KERBelhK2yIcAb2orQK-uTA63jBHQxGCowIF1DG88yj9lUqMc2aYO7PWthk060wLJvyAul6ivxgbbc1owJfM2_kB46q9-xJQ2I0JL2hiKsjtblJAAP9Aw"
    },
    {
      "kty": "EC",
      "d": "1KILei7oDqtGI0uGcRYOIMFfjIlliQ4oVg7pLU6Z5IA",
      "use": "sig",
      "crv": "P-256",
      "kid": "acd5081d-d361-4dc3-98ad-df77490fb7e2",
      "x": "dTG3SxbKiXm1gToenfcNOYEW5bS9nq7nWeP0-9oOECM",
      "y": "yzlnmhVolk2-ZrNPVLoIwHc3-04ZsedE-sUZeujpaRo"
    },
    {
      "kty": "EC",
      "d": "rljQpg3Wb3ejbI3kshJEDt1EhkFWjMA7q7CYlgLaDEc",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "60db3271-5013-4e07-b326-bd7eacc2b9c1",
      "x": "Q4ZG8AsFaIJYlmk7ZyS0oRHEVXyrT2sRN-vaCMAuFEQ",
      "y": "qZeo0wSi9vJSU6SJ0y9E7vofgTp0a7K8X0xc__6pH5Q"
    },
    {
      "kty": "OKP",
      "d": "bn9UYqAytwRc3tAlg7Dw9YyrBjzM2RvLiV78mdHXplQ",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "ad4bab95-4236-4ca2-b0e0-8a8519c1129b",
      "x": "Ajvq9BUumTdkyuZKb0avP-41RUzDo25abhfAvG6PSlg"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "3bAVESre9hcpb2LujMcdkDCPisbNcisndfHuf65l94Hy6oBfRo34VBWVjDKyqQzAydc_f5i7eGdwB7Le4nXzbZpti4_u-l23QgiSnjdXTiynCHZFnBx9AU2IE32WWsG9RTWNb_dJxDpAACgFDzdJPFlFgUFPB5z8WMpY06Nn5dM",
      "kty": "RSA",
      "q": "xKJiUa-pldyBNHWKMGY8O-nGpulKL7nsonhenO4uxJyH9cvE4gJcMxHVc1anTudj5Vo9WRuWkDnQgoN1uYYZjxJbVgVEhFPQWky9B2mU9ePAlDR7s8L5G-8I3j05JfUhdYiGDh7EpuNioDGJRlQ6nccLc0ds9OU3VeRQlms0SV0",
      "d": "C9phGEn1top8ZtIOrr4ZWwswfK623AAJDRkzj1wg8qmycOCCQnoRREy5MC0d-lkSBayYxnDIJ_R3uLr1mZhy1xM7HHMIYZu-epbTQ8EkTBF93t57A2gSxu7mjfwPS2agmjInaAxTQvrMXBnFasnZGMOS6OZpibT-jZUfox2rdDfll9q-8a6Oy-Pl0rJAypLctV1DMR_ktLuJ1ccvaO7xVwC_MYvyTiKbO5b9Nt8cWb5Fi6mO9cP_2lfZSwoCWfUdSzYvv2xQr0PDG9dJ7xuKaLIlZpp7Tb_KuEsqlgcYjihUuVSixm0e0Hp-jOGKOVz4Gp8sx3nkceSvKKkWzcGccQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "f130b6de-801e-415d-ae01-cd68e11499d5",
      "qi": "ye5ki-U5DFo8RYo4aPq0vgOl4MOoCcywReoaw3U6fM3__sqnAnEoggxHmbmKYk_mp3z7QKc1KWzVHS5DSdzePoaua-Ith7PNOE_glfaUQYr3AtgS8HuwzTl0u8FqGuf6bz3eqC3vi6YgXV6wtZEoy2lwZMJJmmjfvvbxnBp0pL0",
      "dp": "ZE8GWUxCsqtsTkA_nGeEUvgGG081KtGn-1BLEG8DKGkeV0la0vvuP228y0EtYhypJytESiH7wdFb-b_P5jxkt1VG9_1aruK0xyZF4V09HdxKgCOz_51MWsiQJ_GNlOdREv3WT7FfKXEKAIgbMfVcJ_hk4MWCUvmPnUWBx9GKc40",
      "alg": "RSA-OAEP",
      "dq": "bp37OYDcohW-CcjlyHx6_ilxO4yZ02eAm5WjhBzp6mk0gy3ywEIbpA8wSQZCcLzzEZ9GS86dUN11UzapD4lE75ugDjBAb0DHQUVSQc0_o2RQfg9YV7Qjd3dtQbinYZcZD4mSAHeGoWvhm8TCOPJBV2kWI-_Wd55LFuKuAzCj5XE",
      "n": "qkdusp6VS8R1PjO1-Nxtmh_Y765-hmQrYo2sTotopOd7the-n9YC045H4O3TwDL5TtI8GiAE-sKXWvIaEZ-BYExwqZb_eY3A1RapnUJU6jcaK5DFoh-MHxHtpMpQGl65OmceUFe57bWqavbFHCD9Vz3SPHRomz75-MyN38AsGch_Z3kAkBiRBwJjkf6aNRNGj2R6jD04brAhBMn61izvoVjE0TMTsX1YQJH81cygH9YVGIWirt_8MQD_GFNXL09_jh3IMlQpCYtV1GEkePBkLPFTT0el2uvfEK1jX_9YmxYb6nvfrMb_IGb6GZbQQ8D9Adxs4f7773dqvtZG3SOopw"
    },
    {
      "kty": "EC",
      "d": "6KmXjrBG-c2KCsU70DZf6OqN6GT5ZN4y-SJiw5OnmQM",
      "use": "enc",
      "crv": "P-256",
      "kid": "c59dd46a-c5dd-47fb-9d39-d7223de0769d",
      "x": "xVq82wneKN2VeIPFr3hBtuUSNiyufoNPVwnpU7cNjm8",
      "y": "lW5wGa1jCToNxL_crqZOceypt9VZDeEFpmfMPinMF7E",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "21759f96-34d8-4607-b1ff-9b4d09010574",
      "n": "ginotFgPDxgouc9kisCfErZ637BU4JozVDsZ8DXKj_taCq8SsuQZ-_S7HQ9neJU2qkkEHiPGZsy5hjiMcFMSZYnTWoP6zn_ugARaPSeheddtd8yYVIaqClwTfPipCV0jMRumEunpPoZZGHf66V7sGSPnt0b7WC9MV3X2aqpiaC1n1n9GdEQo_5f3ouIlUrXlK4rmStRLwjnMt_bDytEP76CIqsC4rWQs2KERBelhK2yIcAb2orQK-uTA63jBHQxGCowIF1DG88yj9lUqMc2aYO7PWthk060wLJvyAul6ivxgbbc1owJfM2_kB46q9-xJQ2I0JL2hiKsjtblJAAP9Aw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "51c1c2d7-d86c-4737-a8f6-c8dd97ab6e9d",
      "n": "vJN8_yPErlLFEiJE1b5laiPXz8tgnfOU6hFfghd7V61i09ezD51kbTTfM2ow-KgvjpsgmZjVh4qQP89REnuVvaEcgN9Tsz2ylWO9DnZACwjTST7LA0oEMFNvl6G-p8R6qrB2t2rPwuBlIQGEcHUuBjdMbTJgB7SVT-HvTuhHLy0ePHi4IlWrZK_PDWPMbj8scSBKtkdbtexM2IdXapAjX68ulmczw1fZ79EqQ97CEKGgfh1y_ZUTD-O0lJ6LlNBM2I9NokXAOEwanQysPMt2cDxp-Ilv3IP8ZWQSb3tFsI_8d4zKfcMWaghvH0PdFt1HYsV2t5tTm5pyNp9iorbdqQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "acd5081d-d361-4dc3-98ad-df77490fb7e2",
      "x": "dTG3SxbKiXm1gToenfcNOYEW5bS9nq7nWeP0-9oOECM",
      "y": "yzlnmhVolk2-ZrNPVLoIwHc3-04ZsedE-sUZeujpaRo"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "adc5e506-39f9-43d5-9b36-d37892fb133f",
      "x": "UnpZwJWXSqjK1HLL249NaEU57LXrcMKA6tcT7AkwMCs",
      "y": "7PcHqKwvZokWjD6hqeZAltQDtVQFO3tPOfVCzTyK8Xs"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "60db3271-5013-4e07-b326-bd7eacc2b9c1",
      "x": "Q4ZG8AsFaIJYlmk7ZyS0oRHEVXyrT2sRN-vaCMAuFEQ",
      "y": "qZeo0wSi9vJSU6SJ0y9E7vofgTp0a7K8X0xc__6pH5Q"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "ad4bab95-4236-4ca2-b0e0-8a8519c1129b",
      "x": "Ajvq9BUumTdkyuZKb0avP-41RUzDo25abhfAvG6PSlg"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "f130b6de-801e-415d-ae01-cd68e11499d5",
      "alg": "RSA-OAEP",
      "n": "qkdusp6VS8R1PjO1-Nxtmh_Y765-hmQrYo2sTotopOd7the-n9YC045H4O3TwDL5TtI8GiAE-sKXWvIaEZ-BYExwqZb_eY3A1RapnUJU6jcaK5DFoh-MHxHtpMpQGl65OmceUFe57bWqavbFHCD9Vz3SPHRomz75-MyN38AsGch_Z3kAkBiRBwJjkf6aNRNGj2R6jD04brAhBMn61izvoVjE0TMTsX1YQJH81cygH9YVGIWirt_8MQD_GFNXL09_jh3IMlQpCYtV1GEkePBkLPFTT0el2uvfEK1jX_9YmxYb6nvfrMb_IGb6GZbQQ8D9Adxs4f7773dqvtZG3SOopw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "c59dd46a-c5dd-47fb-9d39-d7223de0769d",
      "x": "xVq82wneKN2VeIPFr3hBtuUSNiyufoNPVwnpU7cNjm8",
      "y": "lW5wGa1jCToNxL_crqZOceypt9VZDeEFpmfMPinMF7E",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:51:11 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:51:11 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:51:11 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:51:11 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:51:11
oidcc-client-test-idtoken-sig-rs256
Setup Done
2020-09-01 12:51:13 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance MRxlSevpPBlQlKI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:51:13 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance MRxlSevpPBlQlKI
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/",
  "authorization_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/token",
  "jwks_uri": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:51:14 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance MRxlSevpPBlQlKI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "220",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["code id_token"],"grant_types":["authorization_code","implicit"],"redirect_uris":["https://rp.example.com/cb"],"id_token_signed_response_alg":"RS256"}
Registration endpoint
2020-09-01 12:51:14 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
2020-09-01 12:51:14 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:51:14 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code",
  "implicit"
]
response_types
[
  "code id_token"
]
2020-09-01 12:51:14 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:14 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:51:14 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:51:14 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:51:14 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:51:14 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:51:14 SUCCESS
ValidateIdTokenSignedResponseAlg
id_token_signed_response_alg is one of the known algorithms
alg
RS256
2020-09-01 12:51:14 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:51:14 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:14 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:51:14 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:51:14 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:51:14 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:51:14 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:51:14 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:51:14 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:51:14 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:51:14 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:51:14 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:51:14 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_pVXcBDAakCEIZFa57302:\u0027,.)"
}
2020-09-01 12:51:14
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_sygbJPgaCRnLKfxyeLxOZtrdLxsPLzhEcyDttlMJyYTmbDRWZT7968287919'/:+>
2020-09-01 12:51:14 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:51:14
SetClientIdTokenSignedResponseAlgToRS256
Set id_token_signed_response_alg to RS256 for the registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_pVXcBDAakCEIZFa57302:\u0027,.)",
  "client_secret": "secret_sygbJPgaCRnLKfxyeLxOZtrdLxsPLzhEcyDttlMJyYTmbDRWZT7968287919\u0027/:+\u003e"
}
2020-09-01 12:51:14 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_pVXcBDAakCEIZFa57302:\u0027,.)",
  "client_secret": "secret_sygbJPgaCRnLKfxyeLxOZtrdLxsPLzhEcyDttlMJyYTmbDRWZT7968287919\u0027/:+\u003e"
}
2020-09-01 12:51:14 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:51:14
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2020-09-01 12:51:14
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:51:14 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance MRxlSevpPBlQlKI
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code id_token"
  ],
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_pVXcBDAakCEIZFa57302:\u0027,.)",
  "client_secret": "secret_sygbJPgaCRnLKfxyeLxOZtrdLxsPLzhEcyDttlMJyYTmbDRWZT7968287919\u0027/:+\u003e"
}
outgoing_path
register
2020-09-01 12:51:14 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance MRxlSevpPBlQlKI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_pVXcBDAakCEIZFa57302:\u0027,.)",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ytPKhQy4NUrPvotluBUECfsC5FJ4-xcNUcww5W0P_Vs",
  "nonce": "2atohHZ8-MGQrsuwXqsC6uFsG1Q55D7hmjHiF_LmmG8",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:51:14 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:51:14 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:14 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_pVXcBDAakCEIZFa57302:\u0027,.)",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ytPKhQy4NUrPvotluBUECfsC5FJ4-xcNUcww5W0P_Vs",
  "nonce": "2atohHZ8-MGQrsuwXqsC6uFsG1Q55D7hmjHiF_LmmG8",
  "response_mode": "form_post"
}
2020-09-01 12:51:14 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:51:14 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
2atohHZ8-MGQrsuwXqsC6uFsG1Q55D7hmjHiF_LmmG8
2020-09-01 12:51:14 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2020-09-01 12:51:14 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_pVXcBDAakCEIZFa57302:',.)
2020-09-01 12:51:14 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:51:14 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:51:14 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:51:14 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
NwYCfHjEiY
2020-09-01 12:51:14 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
b0RFcD6b_ItAsnJmK3NKeA
2020-09-01 12:51:14 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/MRxlSevpPBlQlKI/
sub
user-subject-1234531
aud
client_pVXcBDAakCEIZFa57302:',.)
nonce
2atohHZ8-MGQrsuwXqsC6uFsG1Q55D7hmjHiF_LmmG8
iat
1598964674
exp
1598964974
2020-09-01 12:51:14 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
b0RFcD6b_ItAsnJmK3NKeA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/",
  "sub": "user-subject-1234531",
  "aud": "client_pVXcBDAakCEIZFa57302:\u0027,.)",
  "nonce": "2atohHZ8-MGQrsuwXqsC6uFsG1Q55D7hmjHiF_LmmG8",
  "iat": 1598964674,
  "exp": 1598964974,
  "c_hash": "b0RFcD6b_ItAsnJmK3NKeA"
}
2020-09-01 12:51:14 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2020-09-01 12:51:14 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIyMTc1OWY5Ni0zNGQ4LTQ2MDctYjFmZi05YjRkMDkwMTA1NzQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9wVlhjQkRBYWtDRUlaRmE1NzMwMjonLC4pIiwiY19oYXNoIjoiYjBSRmNENmJfSXRBc25KbUszTktlQSIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9NUnhsU2V2cFBCbFFsS0lcLyIsImV4cCI6MTU5ODk2NDk3NCwibm9uY2UiOiIyYXRvaEhaOC1NR1Fyc3V3WHFzQzZ1RnNHMVE1NUQ3aG1qSGlGX0xtbUc4IiwiaWF0IjoxNTk4OTY0Njc0fQ.M68PHlUiXef0Z4B0kENzGe5up_QW0VIefB4qqzsSEWiujRwPKzEydHQDgmI_HoKmw3hBwO3B2VaqKVH768VCWSGeykj1pfLUeeCQyBX7EBa5ugRK2ldWfmJ8Z_vWkzRpKCB_k4kI7nXLkwK7nVhAnSxjAWCnixqeJBsa9qzu2ASSuH5Z_E76Q78gPZdRGPWYJHyOlhUH2cTw5QuN25KeCLFxXrQa9kB7hNJKJEXnZG_nn9-CTqHpzyFygWb_DnQiVsadPN3Bk73dF5dkcvhsDf-o06X6xYJdAVxrLpiedqlp1K3kLkykQTYqwynNKEtJOeK_JGVbc4qewAAZTInH7A
key
{"p":"y9a1KvoV2_RixoL0mrP84MpVX8qU-WpVDyTNN66WDVXN_0m9s87L8Qbxm4huQsPDrn8ibUZ_lfEZAYfzht6wcEQLmoC2cueB9m4NVZAfo3y-dWQe_Og5TTJFgqK4BLoDrlsAkM3y184R5mhefRP_0WlivMyfF2-GtOlSlAmEqGk","kty":"RSA","q":"o3jRXebM2XXFWE1uWgHQ0j1PJL77yvoPsn5WzVEHuAXji0gQxer_KHnyrZam5N_Nf-u4_GX0wWcpcJaW5UKGls-UqvZmgO7_KabWnhLt-Wj4Ko7t36AQI7FMQpvzAEoiF2Ta4AF0FWMI1XJgol0vKl9AgOlvntgAwHfkB4pmrIs","d":"CBXgXauGq_JdPUWTwka62ue49EI404bgn1_YeaJtxcngSv-bEr-2mX8XTHPTgpsKPUOx3MluHp6i-6JxntyaLPKFzX6bSs6JmywqCth2YGIwa5uq7r06vNABaebsYSeG8xr7kvsywO6JhEqXrH13_wvK7gibvluZy2kJeJDC8iOhGYlEBW6tRmAfQNwjwetuiepasi2mr_525ME-ltLF1DCpWhVaMbmViQKyDDWsqTLIAcA1zmogl36rlHFNmCMj-SSl_1uYxp4VQCDPOcjVTx0rXLA49C3rCPd31mzm0gxsqVYYgOiMCXcOutHdoe4KbRCFsFRvSqmTv64qZaeWcQ","e":"AQAB","use":"sig","kid":"21759f96-34d8-4607-b1ff-9b4d09010574","qi":"E-P_Po0tI9FWsHbPCCBLEfxIVdJcZ3_vtJQ0YZ5qVLF26jHzyoevubnOsB4dAJxJ_D6aXPmwV9b-C-F2NNLBSYvT_nKYuCKNaWOpiDEEnPgXER9kbrgF0f3HzyncSV9nJ6L8Q7UfnfAaFSSQ2WZ463kpvZ4zR01GzhfPcQk92Bk","dp":"kQeJzTM0fFQMN1uTd8LaCIJNbiNwDWmXbXfsv1Jrlr9XGu03mQho2GvtWZEfikdJIg14zDEds-xfs1Qsc-hbtvTjIKG1rlmDgXdZ62fo6uRlipaa6ay8oG1FQaZOsaY72kELTPwLbXpECCB4IhwpprCJvPUFuKH0QSHFTGjdRwk","dq":"eAuePIXkAwGgdXMPSZuxvOJ2_zYc8_bkliB_H_GUaIgyjDLU1nL3A8Nh-iX603Kil4EEbJ12upxGaz66-wr6iT9RHqcpqR9ZVD4HtzeReKmkLKSffKwvjfaCWRvqvFi0ZleTABMxKw96Cj0fR7yEiWo_lStX498d1jl0xDDXq3c","n":"ginotFgPDxgouc9kisCfErZ637BU4JozVDsZ8DXKj_taCq8SsuQZ-_S7HQ9neJU2qkkEHiPGZsy5hjiMcFMSZYnTWoP6zn_ugARaPSeheddtd8yYVIaqClwTfPipCV0jMRumEunpPoZZGHf66V7sGSPnt0b7WC9MV3X2aqpiaC1n1n9GdEQo_5f3ouIlUrXlK4rmStRLwjnMt_bDytEP76CIqsC4rWQs2KERBelhK2yIcAb2orQK-uTA63jBHQxGCowIF1DG88yj9lUqMc2aYO7PWthk060wLJvyAul6ivxgbbc1owJfM2_kB46q9-xJQ2I0JL2hiKsjtblJAAP9Aw"}
algorithm
RS256
2020-09-01 12:51:14 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:14 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ytPKhQy4NUrPvotluBUECfsC5FJ4-xcNUcww5W0P_Vs"
}
2020-09-01 12:51:14 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ytPKhQy4NUrPvotluBUECfsC5FJ4-xcNUcww5W0P_Vs",
  "code": "NwYCfHjEiY"
}
2020-09-01 12:51:14 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "ytPKhQy4NUrPvotluBUECfsC5FJ4-xcNUcww5W0P_Vs",
  "code": "NwYCfHjEiY",
  "id_token": "eyJraWQiOiIyMTc1OWY5Ni0zNGQ4LTQ2MDctYjFmZi05YjRkMDkwMTA1NzQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9wVlhjQkRBYWtDRUlaRmE1NzMwMjonLC4pIiwiY19oYXNoIjoiYjBSRmNENmJfSXRBc25KbUszTktlQSIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9NUnhsU2V2cFBCbFFsS0lcLyIsImV4cCI6MTU5ODk2NDk3NCwibm9uY2UiOiIyYXRvaEhaOC1NR1Fyc3V3WHFzQzZ1RnNHMVE1NUQ3aG1qSGlGX0xtbUc4IiwiaWF0IjoxNTk4OTY0Njc0fQ.M68PHlUiXef0Z4B0kENzGe5up_QW0VIefB4qqzsSEWiujRwPKzEydHQDgmI_HoKmw3hBwO3B2VaqKVH768VCWSGeykj1pfLUeeCQyBX7EBa5ugRK2ldWfmJ8Z_vWkzRpKCB_k4kI7nXLkwK7nVhAnSxjAWCnixqeJBsa9qzu2ASSuH5Z_E76Q78gPZdRGPWYJHyOlhUH2cTw5QuN25KeCLFxXrQa9kB7hNJKJEXnZG_nn9-CTqHpzyFygWb_DnQiVsadPN3Bk73dF5dkcvhsDf-o06X6xYJdAVxrLpiedqlp1K3kLkykQTYqwynNKEtJOeK_JGVbc4qewAAZTInH7A"
}
2020-09-01 12:51:14 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance MRxlSevpPBlQlKI
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"ytPKhQy4NUrPvotluBUECfsC5FJ4-xcNUcww5W0P_Vs","code":"NwYCfHjEiY","id_token":"eyJraWQiOiIyMTc1OWY5Ni0zNGQ4LTQ2MDctYjFmZi05YjRkMDkwMTA1NzQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9wVlhjQkRBYWtDRUlaRmE1NzMwMjonLC4pIiwiY19oYXNoIjoiYjBSRmNENmJfSXRBc25KbUszTktlQSIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9NUnhsU2V2cFBCbFFsS0lcLyIsImV4cCI6MTU5ODk2NDk3NCwibm9uY2UiOiIyYXRvaEhaOC1NR1Fyc3V3WHFzQzZ1RnNHMVE1NUQ3aG1qSGlGX0xtbUc4IiwiaWF0IjoxNTk4OTY0Njc0fQ.M68PHlUiXef0Z4B0kENzGe5up_QW0VIefB4qqzsSEWiujRwPKzEydHQDgmI_HoKmw3hBwO3B2VaqKVH768VCWSGeykj1pfLUeeCQyBX7EBa5ugRK2ldWfmJ8Z_vWkzRpKCB_k4kI7nXLkwK7nVhAnSxjAWCnixqeJBsa9qzu2ASSuH5Z_E76Q78gPZdRGPWYJHyOlhUH2cTw5QuN25KeCLFxXrQa9kB7hNJKJEXnZG_nn9-CTqHpzyFygWb_DnQiVsadPN3Bk73dF5dkcvhsDf-o06X6xYJdAVxrLpiedqlp1K3kLkykQTYqwynNKEtJOeK_JGVbc4qewAAZTInH7A"}}]
outgoing_path
authorize
2020-09-01 12:51:14 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance MRxlSevpPBlQlKI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:51:15 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance MRxlSevpPBlQlKI
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "21759f96-34d8-4607-b1ff-9b4d09010574",
      "n": "ginotFgPDxgouc9kisCfErZ637BU4JozVDsZ8DXKj_taCq8SsuQZ-_S7HQ9neJU2qkkEHiPGZsy5hjiMcFMSZYnTWoP6zn_ugARaPSeheddtd8yYVIaqClwTfPipCV0jMRumEunpPoZZGHf66V7sGSPnt0b7WC9MV3X2aqpiaC1n1n9GdEQo_5f3ouIlUrXlK4rmStRLwjnMt_bDytEP76CIqsC4rWQs2KERBelhK2yIcAb2orQK-uTA63jBHQxGCowIF1DG88yj9lUqMc2aYO7PWthk060wLJvyAul6ivxgbbc1owJfM2_kB46q9-xJQ2I0JL2hiKsjtblJAAP9Aw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "51c1c2d7-d86c-4737-a8f6-c8dd97ab6e9d",
      "n": "vJN8_yPErlLFEiJE1b5laiPXz8tgnfOU6hFfghd7V61i09ezD51kbTTfM2ow-KgvjpsgmZjVh4qQP89REnuVvaEcgN9Tsz2ylWO9DnZACwjTST7LA0oEMFNvl6G-p8R6qrB2t2rPwuBlIQGEcHUuBjdMbTJgB7SVT-HvTuhHLy0ePHi4IlWrZK_PDWPMbj8scSBKtkdbtexM2IdXapAjX68ulmczw1fZ79EqQ97CEKGgfh1y_ZUTD-O0lJ6LlNBM2I9NokXAOEwanQysPMt2cDxp-Ilv3IP8ZWQSb3tFsI_8d4zKfcMWaghvH0PdFt1HYsV2t5tTm5pyNp9iorbdqQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "acd5081d-d361-4dc3-98ad-df77490fb7e2",
      "x": "dTG3SxbKiXm1gToenfcNOYEW5bS9nq7nWeP0-9oOECM",
      "y": "yzlnmhVolk2-ZrNPVLoIwHc3-04ZsedE-sUZeujpaRo"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "adc5e506-39f9-43d5-9b36-d37892fb133f",
      "x": "UnpZwJWXSqjK1HLL249NaEU57LXrcMKA6tcT7AkwMCs",
      "y": "7PcHqKwvZokWjD6hqeZAltQDtVQFO3tPOfVCzTyK8Xs"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "60db3271-5013-4e07-b326-bd7eacc2b9c1",
      "x": "Q4ZG8AsFaIJYlmk7ZyS0oRHEVXyrT2sRN-vaCMAuFEQ",
      "y": "qZeo0wSi9vJSU6SJ0y9E7vofgTp0a7K8X0xc__6pH5Q"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "ad4bab95-4236-4ca2-b0e0-8a8519c1129b",
      "x": "Ajvq9BUumTdkyuZKb0avP-41RUzDo25abhfAvG6PSlg"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "f130b6de-801e-415d-ae01-cd68e11499d5",
      "alg": "RSA-OAEP",
      "n": "qkdusp6VS8R1PjO1-Nxtmh_Y765-hmQrYo2sTotopOd7the-n9YC045H4O3TwDL5TtI8GiAE-sKXWvIaEZ-BYExwqZb_eY3A1RapnUJU6jcaK5DFoh-MHxHtpMpQGl65OmceUFe57bWqavbFHCD9Vz3SPHRomz75-MyN38AsGch_Z3kAkBiRBwJjkf6aNRNGj2R6jD04brAhBMn61izvoVjE0TMTsX1YQJH81cygH9YVGIWirt_8MQD_GFNXL09_jh3IMlQpCYtV1GEkePBkLPFTT0el2uvfEK1jX_9YmxYb6nvfrMb_IGb6GZbQQ8D9Adxs4f7773dqvtZG3SOopw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "c59dd46a-c5dd-47fb-9d39-d7223de0769d",
      "x": "xVq82wneKN2VeIPFr3hBtuUSNiyufoNPVwnpU7cNjm8",
      "y": "lW5wGa1jCToNxL_crqZOceypt9VZDeEFpmfMPinMF7E",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:51:15 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance MRxlSevpPBlQlKI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Basic Y2xpZW50X3BWWGNCREFha0NFSVpGYTU3MzAyJTNBJyUyQy4pOnNlY3JldF9zeWdiSlBnYUNSbkxLZnh5ZUx4T1p0cmRMeHNQTHpoRWN5RHR0bE1KeVlUbWJEUldaVDc5NjgyODc5MTknJTJGJTNBJTJCJTNF",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "92",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "NwYCfHjEiY",
  "redirect_uri": "https://rp.example.com/cb"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=NwYCfHjEiY&redirect_uri=https%3A%2F%2Frp.example.com%2Fcb
Token endpoint
2020-09-01 12:51:15 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client_pVXcBDAakCEIZFa57302:',.)
client_secret
secret_sygbJPgaCRnLKfxyeLxOZtrdLxsPLzhEcyDttlMJyYTmbDRWZT7968287919'/:+>
method
client_secret_basic
2020-09-01 12:51:15 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2020-09-01 12:51:15 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
NwYCfHjEiY
2020-09-01 12:51:15 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://rp.example.com/cb
2020-09-01 12:51:15 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
zWkPtoNl0js89XklSGC3N350Bavl2JD9S9qmTRFb892wfLAH5H
2020-09-01 12:51:15 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
lU5KZYcD-hBT0bqf2c_ZBQ
2020-09-01 12:51:15 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/MRxlSevpPBlQlKI/
sub
user-subject-1234531
aud
client_pVXcBDAakCEIZFa57302:',.)
nonce
2atohHZ8-MGQrsuwXqsC6uFsG1Q55D7hmjHiF_LmmG8
iat
1598964675
exp
1598964975
2020-09-01 12:51:15 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
lU5KZYcD-hBT0bqf2c_ZBQ
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/MRxlSevpPBlQlKI/",
  "sub": "user-subject-1234531",
  "aud": "client_pVXcBDAakCEIZFa57302:\u0027,.)",
  "nonce": "2atohHZ8-MGQrsuwXqsC6uFsG1Q55D7hmjHiF_LmmG8",
  "iat": 1598964675,
  "exp": 1598964975,
  "at_hash": "lU5KZYcD-hBT0bqf2c_ZBQ"
}
2020-09-01 12:51:15 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIyMTc1OWY5Ni0zNGQ4LTQ2MDctYjFmZi05YjRkMDkwMTA1NzQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoibFU1S1pZY0QtaEJUMGJxZjJjX1pCUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3BWWGNCREFha0NFSVpGYTU3MzAyOicsLikiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvTVJ4bFNldnBQQmxRbEtJXC8iLCJleHAiOjE1OTg5NjQ5NzUsIm5vbmNlIjoiMmF0b2hIWjgtTUdRcnN1d1hxc0M2dUZzRzFRNTVEN2htakhpRl9MbW1HOCIsImlhdCI6MTU5ODk2NDY3NX0.NRo15ZbQ6SyzyMKQxQP1M-1Hu29D8xJ0rqlAApW-6w2pD_RmPaJNTVSeQeIajjP7nKSdSmjM_yqmi6vhmDXbEOcGJ1qO4iZORhVX3jjOkX_Q3Oa1_9f4ha-1WQzPMnCpWEsCnWSfCLj6unltTrN6CTZDkPOuwOqh3-Y5M2RkGBekr_jHY7Y6ha28aPDmlSuUGv4vTtiL_NAf4xHXCAgitYv8iaLqR-GcU2Dg0rA_efcIEF8tJoSw4XSc4GqmfUi40MZAWTtqnBftcCmrUk1gs0AIJBgS7J_uOp0hJWSbWTr3qO_nopGthbQ1E2C4_5xzBGq5mHpFfYvTFktwXpM1CA
key
{"p":"y9a1KvoV2_RixoL0mrP84MpVX8qU-WpVDyTNN66WDVXN_0m9s87L8Qbxm4huQsPDrn8ibUZ_lfEZAYfzht6wcEQLmoC2cueB9m4NVZAfo3y-dWQe_Og5TTJFgqK4BLoDrlsAkM3y184R5mhefRP_0WlivMyfF2-GtOlSlAmEqGk","kty":"RSA","q":"o3jRXebM2XXFWE1uWgHQ0j1PJL77yvoPsn5WzVEHuAXji0gQxer_KHnyrZam5N_Nf-u4_GX0wWcpcJaW5UKGls-UqvZmgO7_KabWnhLt-Wj4Ko7t36AQI7FMQpvzAEoiF2Ta4AF0FWMI1XJgol0vKl9AgOlvntgAwHfkB4pmrIs","d":"CBXgXauGq_JdPUWTwka62ue49EI404bgn1_YeaJtxcngSv-bEr-2mX8XTHPTgpsKPUOx3MluHp6i-6JxntyaLPKFzX6bSs6JmywqCth2YGIwa5uq7r06vNABaebsYSeG8xr7kvsywO6JhEqXrH13_wvK7gibvluZy2kJeJDC8iOhGYlEBW6tRmAfQNwjwetuiepasi2mr_525ME-ltLF1DCpWhVaMbmViQKyDDWsqTLIAcA1zmogl36rlHFNmCMj-SSl_1uYxp4VQCDPOcjVTx0rXLA49C3rCPd31mzm0gxsqVYYgOiMCXcOutHdoe4KbRCFsFRvSqmTv64qZaeWcQ","e":"AQAB","use":"sig","kid":"21759f96-34d8-4607-b1ff-9b4d09010574","qi":"E-P_Po0tI9FWsHbPCCBLEfxIVdJcZ3_vtJQ0YZ5qVLF26jHzyoevubnOsB4dAJxJ_D6aXPmwV9b-C-F2NNLBSYvT_nKYuCKNaWOpiDEEnPgXER9kbrgF0f3HzyncSV9nJ6L8Q7UfnfAaFSSQ2WZ463kpvZ4zR01GzhfPcQk92Bk","dp":"kQeJzTM0fFQMN1uTd8LaCIJNbiNwDWmXbXfsv1Jrlr9XGu03mQho2GvtWZEfikdJIg14zDEds-xfs1Qsc-hbtvTjIKG1rlmDgXdZ62fo6uRlipaa6ay8oG1FQaZOsaY72kELTPwLbXpECCB4IhwpprCJvPUFuKH0QSHFTGjdRwk","dq":"eAuePIXkAwGgdXMPSZuxvOJ2_zYc8_bkliB_H_GUaIgyjDLU1nL3A8Nh-iX603Kil4EEbJ12upxGaz66-wr6iT9RHqcpqR9ZVD4HtzeReKmkLKSffKwvjfaCWRvqvFi0ZleTABMxKw96Cj0fR7yEiWo_lStX498d1jl0xDDXq3c","n":"ginotFgPDxgouc9kisCfErZ637BU4JozVDsZ8DXKj_taCq8SsuQZ-_S7HQ9neJU2qkkEHiPGZsy5hjiMcFMSZYnTWoP6zn_ugARaPSeheddtd8yYVIaqClwTfPipCV0jMRumEunpPoZZGHf66V7sGSPnt0b7WC9MV3X2aqpiaC1n1n9GdEQo_5f3ouIlUrXlK4rmStRLwjnMt_bDytEP76CIqsC4rWQs2KERBelhK2yIcAb2orQK-uTA63jBHQxGCowIF1DG88yj9lUqMc2aYO7PWthk060wLJvyAul6ivxgbbc1owJfM2_kB46q9-xJQ2I0JL2hiKsjtblJAAP9Aw"}
algorithm
RS256
2020-09-01 12:51:15 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:15 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
zWkPtoNl0js89XklSGC3N350Bavl2JD9S9qmTRFb892wfLAH5H
token_type
Bearer
id_token
eyJraWQiOiIyMTc1OWY5Ni0zNGQ4LTQ2MDctYjFmZi05YjRkMDkwMTA1NzQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoibFU1S1pZY0QtaEJUMGJxZjJjX1pCUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3BWWGNCREFha0NFSVpGYTU3MzAyOicsLikiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvTVJ4bFNldnBQQmxRbEtJXC8iLCJleHAiOjE1OTg5NjQ5NzUsIm5vbmNlIjoiMmF0b2hIWjgtTUdRcnN1d1hxc0M2dUZzRzFRNTVEN2htakhpRl9MbW1HOCIsImlhdCI6MTU5ODk2NDY3NX0.NRo15ZbQ6SyzyMKQxQP1M-1Hu29D8xJ0rqlAApW-6w2pD_RmPaJNTVSeQeIajjP7nKSdSmjM_yqmi6vhmDXbEOcGJ1qO4iZORhVX3jjOkX_Q3Oa1_9f4ha-1WQzPMnCpWEsCnWSfCLj6unltTrN6CTZDkPOuwOqh3-Y5M2RkGBekr_jHY7Y6ha28aPDmlSuUGv4vTtiL_NAf4xHXCAgitYv8iaLqR-GcU2Dg0rA_efcIEF8tJoSw4XSc4GqmfUi40MZAWTtqnBftcCmrUk1gs0AIJBgS7J_uOp0hJWSbWTr3qO_nopGthbQ1E2C4_5xzBGq5mHpFfYvTFktwXpM1CA
scope
openid
2020-09-01 12:51:15 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance MRxlSevpPBlQlKI
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "zWkPtoNl0js89XklSGC3N350Bavl2JD9S9qmTRFb892wfLAH5H",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiIyMTc1OWY5Ni0zNGQ4LTQ2MDctYjFmZi05YjRkMDkwMTA1NzQiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoibFU1S1pZY0QtaEJUMGJxZjJjX1pCUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X3BWWGNCREFha0NFSVpGYTU3MzAyOicsLikiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvTVJ4bFNldnBQQmxRbEtJXC8iLCJleHAiOjE1OTg5NjQ5NzUsIm5vbmNlIjoiMmF0b2hIWjgtTUdRcnN1d1hxc0M2dUZzRzFRNTVEN2htakhpRl9MbW1HOCIsImlhdCI6MTU5ODk2NDY3NX0.NRo15ZbQ6SyzyMKQxQP1M-1Hu29D8xJ0rqlAApW-6w2pD_RmPaJNTVSeQeIajjP7nKSdSmjM_yqmi6vhmDXbEOcGJ1qO4iZORhVX3jjOkX_Q3Oa1_9f4ha-1WQzPMnCpWEsCnWSfCLj6unltTrN6CTZDkPOuwOqh3-Y5M2RkGBekr_jHY7Y6ha28aPDmlSuUGv4vTtiL_NAf4xHXCAgitYv8iaLqR-GcU2Dg0rA_efcIEF8tJoSw4XSc4GqmfUi40MZAWTtqnBftcCmrUk1gs0AIJBgS7J_uOp0hJWSbWTr3qO_nopGthbQ1E2C4_5xzBGq5mHpFfYvTFktwXpM1CA",
  "scope": "openid"
}
outgoing_path
token
2020-09-01 12:51:15 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to test instance MRxlSevpPBlQlKI
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "authorization": "Bearer zWkPtoNl0js89XklSGC3N350Bavl2JD9S9qmTRFb892wfLAH5H",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2020-09-01 12:51:15 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
zWkPtoNl0js89XklSGC3N350Bavl2JD9S9qmTRFb892wfLAH5H
2020-09-01 12:51:15 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
zWkPtoNl0js89XklSGC3N350Bavl2JD9S9qmTRFb892wfLAH5H
2020-09-01 12:51:15 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
2020-09-01 12:51:15
ClearAccessTokenFromRequest
Condition ran but did not log anything
2020-09-01 12:51:15 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:15 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:51:15 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2020-09-01 12:51:15 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance MRxlSevpPBlQlKI
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531"
}
outgoing_path
userinfo
2020-09-01 12:51:15 FINISHED
oidcc-client-test-idtoken-sig-rs256
Test has run to completion
testmodule_result
PASSED
Test Results