Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-01 12:52:24 INFO
TEST-RUNNER
Test instance 2mD1aWP7KZ7SRd6 created
baseUrl
https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "id_token token",
  "request_type": "plain_http_request",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias

                                
description
test suite runner for openid-client
planId
2AWaC6uTX8byR
config
{
  "description": "test suite runner for openid-client",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-invalid-sig-rs256
2020-09-01 12:52:24 SUCCESS
OIDCCGenerateServerConfigurationIdTokenSigningAlgRS256Only
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/",
  "authorization_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/token",
  "jwks_uri": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:52:24
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/",
  "authorization_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/token",
  "jwks_uri": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2020-09-01 12:52:24
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "x18VQ2M38Ib6aWTHNNEktYvFq-HtUn0m8QICgkAo8ZYx6nJUt8Y8Ub-x6Mvjq2ptv1H0ImJpdw_SOms41t2inIcjyIdOO20VxYwWHXGtY1w9v3sb4KqwjiERoSvIje6woBbAwoQGPA7z_ISp-YN2NHsFijQTwhyVNtGJCIeKyMs",
      "kty": "RSA",
      "q": "xqCudu29gbqKCWH8Sab-XwbA2wkh97J0LOSPBB8cdnWK7qdYHwz2NNepZbYM5jtA6Ap1kkAFOFKnXhnzCbTBTKoDcCg6syZ5zmzZdXVeYVxRAdxON4iaP54j60X84RJY5_fycoCO2PqiP_YBmZWGSZd-o1zjVCbIlnEF7mpKKR0",
      "d": "gg4hRba_c6QnLgWZYfDwaubh_9TvEVdYfsjtLtK3_SYg0CEHaOszNywHzdjtXAwwt0vB6l_Rij_NO1DENgrcpSDZnY9315hsrIK9FFoE42jlLsmklDRjMm849OG7KpD23iJZMhIB9zDjKsGosyg7hYEXZY6iOlXMaFnrWv7TPDUS_z_Qz35u-eJMn29aAgHKkASG6v3zbjazK6yJVqEMveoohjCnNYJorbL74Mi1S99Hs0zKgzj5gjZvSlSDtICf5Jl_kcRyxDKtbNBdb6iEVLZZLWDnAX3QCLdm32ikv4t6dm3o_qrK0008Xpsn30rUFBCgLACGugRHUa8Di03toQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "82fabc2a-0390-4c67-aa29-19a4a1ece1fb",
      "qi": "mXrUqojHftV36Vuo2x0C1sUSj2FXvAm5vyME4lkR4dfFiH5SEpxMfdsL9kdv84-2b9IiyGEe2135w_rZPW7g_sVs62Pet2lBKxeeUuxdLsMTA30XYA0shl3ER7-i4jkWgmSIyH_DCJt7GGYaF88ck5sP7U2V6kJXLnXBpOIOv7Q",
      "dp": "K0oT_dvPS6SjPrspHejDhb_hnd6ifyS5jd8X2FxCB6LLF9LXXkfm1QFAigGrX47uYXpT_htMNxPyW8joQI9DPaWCOYpXjEO1VH2EV8RVF5vxtF_wv6mQSGwZvdsZ4ueO5lPKavHrwKKmi4_qsEjBI8gKfeWs3JsEMzDwBjAYDF0",
      "dq": "PAJfs16wWnlZKuyHpFjnkR4hNgvUT1mC7-09qCkeGEv65Y95eCgaWmytqSUPUJ-mRHSkgMMG0LVoC24bl1sc62SSFViSI34EXvFT4cDL-u5BKya8GtsSfxXwFCzY8cbxRWQLw7xDbBqM2nYglZ4vLByxDfoKVGpDP_B1sko6jaE",
      "n": "mrCtvqhJfmjBNqRIg6AdkSjQxWYBLm9dv-P0vJgNTkmMLIlpLZmB-L-jMsHjJJmQ_jfVSM2ZRmwoo9SotB2ZTXd5JO6mENa07GQHUWn-F6qNPWp8UdAfsxJlTdNJQtSAJ14NcD77kFu00xEYWW6zekBAHCCrnN74PeDVJg1o4sY2BaZ56wnYSSSVRvCpKfhbhHPwDEFnkZL7t2Zga0Ak5UgOdSvs_NV73lj0KvLrlGuGYrvgKMIKHCH-9f8PppyTmRVmWBhsrKzRnU30sZZ2tZi5qjLwFni7mgmrQHbvEem0qzgxv-49CnEoquA8VqStpKrQ6EvmdRM10yyorY9B_w"
    },
    {
      "kty": "EC",
      "d": "XlVDZJw0z-5oH912I8NDMnqR8o_aiyTQopslBF747fo",
      "use": "sig",
      "crv": "P-256",
      "kid": "c1dcc77f-a469-43a0-96ef-ae04c4e4bb9f",
      "x": "88Romf079tLnv9JBmcKatC58tQQ8nSX4FetZM2G0NdM",
      "y": "30438nZMFgGFTekQUGuYDJ0iunxLbftJCm-_LpIRv-A"
    },
    {
      "kty": "EC",
      "d": "gTMnMX-htfziHn-NDj6JG-7ncVl9ziB8Pvbs9twmml4",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "a2cc4604-6655-41ff-a367-21d35a21cd39",
      "x": "_E2kCfJCR3K3MFWEuaBP-PpK-g4ZioizN9tsCw6QGc0",
      "y": "Wc9iokP9GEw2--hD5T11dO8URoh1BZMbD9IXrnjlXD4"
    },
    {
      "kty": "OKP",
      "d": "q_JhXJfZFiz-T_Yoj9ayMiBn4TQZ07ju1gzHRjO7CrE",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "faf36231-d7eb-4d44-87b3-0d631c58a09c",
      "x": "cgrvYOLrmyFmqrNLdspo3VaMhdK_fZMEe_iACE7Wh1k"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "8q6XAS0OVEvwV2yCNi9VyE3_REejJMyMmXbbRk_aWoukE99xk0SZUUEcYnFyvPZaJqp7Ys6CCi-AeQty-xgtbkOH1poZDImf621JlDWk2Bdm3yAqJjH_NaxaavMGXHHTFFJ_FCbqCA8W-jqiDfRJ6z5pqzRJcsV7W109Kn20OSM",
      "kty": "RSA",
      "q": "2wtwGtAODjX3HckU9VRc830prQIufBk43ueq86GdwYrRQ8hcUi4RF5uDeDOZ6AgyxvQ6gTz0zcXTNDddGtPYnTEYT0Tud4w3aoJ8ZiDBJ2oaI41xLIxvJoOTLd3GaDFylAB23-xsghxZNqvwMmbDjJoGWCF4dXbA12lrNvR_Ro0",
      "d": "Db9wMjJriUwpIHU7HX1CzlOjpu11SSJJT87PoDMkHVMQ0pGxvK8WBnusiCYkh4MrmS0RA7v1N15nEhQnPU-L2SsWbwpgn1X3-zuRDJBqAy5NXvFCXTId5wRCQCCtUp-_nWmxtEwb_ccwFfzOs7fL-VVQijdH7kV4wcJAlQDHIzoDz_tz3jX00FU3Ss_jTtviAadltCp5STY_tITG5DlNc_zV0RyTG7YkWMKK7efzKowI-g8hmmKFdL7hsvaMtToanoR2YsLQf1ZPit3PFTwfz_OLdSZ_qGcVOFJQFVGwdVnJ4n7E7P-aFx0oVbFPUxwBch8gRWtbV-u0oSWAuEgOSQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "d68c8865-b3db-4386-8926-c3474e060691",
      "qi": "sIlcFf6FIY8uqw9ggsl3TH9lTA8DM41Xt9vTF3kxVqEm3ncKdCLkG5HE7HjYsphsV2zi4gxxnS6ldYx22OUltgm4iXEnr9upo-2w1TbeTCHxENz3_EbOE8dRuOIGZ5z3fTI--vgzl8Ruh8QA3SYXyfCFIYJDKAxgrES9fPbI-po",
      "dp": "7rdSjrOVTtJMHpL8GvTA-wHOQYn-LuqOuz6xPx65eSu3QF0hSW3HKqhTlXpnFP13fGVibbUZMY-8XlUmy1vjBH2lFzIJxc1y45BjOkjyWCXc6Uqoa13u3wsk_eMEtNa6fVkQ6-_Dch31yjr2wac1NxPzuZb7UMx1JVA4JJ32M-U",
      "alg": "RSA-OAEP",
      "dq": "kaJgLaOIxNACde48ngQyLL1Z2SprJ51JX4Kd-Y_JqGWYTr3HC-iO-qgt19xPBqN0xyyYPVb-2FUf4EazA2Q4UALVS9bjyd4S9iC9ftVmNsNnj5250kmomO3ADC24fYvqxxYr8yNo3XTlp-DXOVtzxmadszjFsyt6eX4gh5A1kv0",
      "n": "z6Yy9EufOUVZigWFUq5NgFnL4K14zrW-3qwgvtm6SixgYlL4w-2EEzdXuOLVy3j0wGDjjOPLkYeqmMN8KbNALMbseogImNgihtjIIorNLWOu48a6s73d9wqivoGH9Ab536CasmeAq_6xqJ1zusOBzqJcIUPq2gckAOKyfUcaX4ljLERXnhxi4OVAs4GzfnVdqWB7f8FP7mq5QVkOhPrkpSMGtGTy25T_Aqw5x2FQPbEvWexT4TpM6V6tT5JLIGeA18AAiZwIm5USZG_Gtxx8tTV0tOuNNPJC5nIiYaGCFqGX0iTS9oSuyrF4orNZ7WQ7BjI0VkQ5QiNVOSAGOEAKRw"
    },
    {
      "kty": "EC",
      "d": "L1Qa8TUPSwmlrWtmGXStby2G0vJPy1rIgof-ntVC39M",
      "use": "enc",
      "crv": "P-256",
      "kid": "d2c52b12-08a9-4515-a1ff-af7e29d2d31a",
      "x": "v0XZ8sYgml__gJ1Mn7qUKmX4EESFOygdg3hOgmDjUJ0",
      "y": "Dv4n6UqL_KKO6Rxvi061farm-d1yzgG2QPVglx3MhGg",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "82fabc2a-0390-4c67-aa29-19a4a1ece1fb",
      "n": "mrCtvqhJfmjBNqRIg6AdkSjQxWYBLm9dv-P0vJgNTkmMLIlpLZmB-L-jMsHjJJmQ_jfVSM2ZRmwoo9SotB2ZTXd5JO6mENa07GQHUWn-F6qNPWp8UdAfsxJlTdNJQtSAJ14NcD77kFu00xEYWW6zekBAHCCrnN74PeDVJg1o4sY2BaZ56wnYSSSVRvCpKfhbhHPwDEFnkZL7t2Zga0Ak5UgOdSvs_NV73lj0KvLrlGuGYrvgKMIKHCH-9f8PppyTmRVmWBhsrKzRnU30sZZ2tZi5qjLwFni7mgmrQHbvEem0qzgxv-49CnEoquA8VqStpKrQ6EvmdRM10yyorY9B_w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "9486649b-18fb-417f-b533-81ed28954121",
      "n": "wpTFKVa7f37kdVpOZMsdb8lr7BYLGAKlt6CjIMHjIg48KkFvGnbMv5Z1eAthwQY0Qb4apKCnVFktSW_evCVjlsyxu_cR_K3OqFSREU62BANsISU7zQu434ruqfnos0c4dpgr5w-R-04tPZvItxxD7tigoDqtofx3OMUJ5G3vb9JsyCnUB9nyoS4vko84XBTwaMKRebfGNoOMUpK6HQsZXcqoLf3IWKNA5WpJ1SJPxX1aklFzk4TYc8c54beR-m21tw0z0Rw5LcB7utuHdUwNXMqS_RlfV5tNmws8Bfq9EkscHJv5cr4dGAbm6yRXEvVpv7bDBdVrVy_Lg1MCacv-ww"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "c1dcc77f-a469-43a0-96ef-ae04c4e4bb9f",
      "x": "88Romf079tLnv9JBmcKatC58tQQ8nSX4FetZM2G0NdM",
      "y": "30438nZMFgGFTekQUGuYDJ0iunxLbftJCm-_LpIRv-A"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e49f0b37-12ad-4a3b-bca4-b032652f6375",
      "x": "Fqh8lgE7M0yWePUjvdp5MMxteScC5zToe4msBJ-SmnM",
      "y": "UUNv9Z-nAnlLYtCfbteKhFgTmUbcYlG2DdCxxqggoqQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "a2cc4604-6655-41ff-a367-21d35a21cd39",
      "x": "_E2kCfJCR3K3MFWEuaBP-PpK-g4ZioizN9tsCw6QGc0",
      "y": "Wc9iokP9GEw2--hD5T11dO8URoh1BZMbD9IXrnjlXD4"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "faf36231-d7eb-4d44-87b3-0d631c58a09c",
      "x": "cgrvYOLrmyFmqrNLdspo3VaMhdK_fZMEe_iACE7Wh1k"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d68c8865-b3db-4386-8926-c3474e060691",
      "alg": "RSA-OAEP",
      "n": "z6Yy9EufOUVZigWFUq5NgFnL4K14zrW-3qwgvtm6SixgYlL4w-2EEzdXuOLVy3j0wGDjjOPLkYeqmMN8KbNALMbseogImNgihtjIIorNLWOu48a6s73d9wqivoGH9Ab536CasmeAq_6xqJ1zusOBzqJcIUPq2gckAOKyfUcaX4ljLERXnhxi4OVAs4GzfnVdqWB7f8FP7mq5QVkOhPrkpSMGtGTy25T_Aqw5x2FQPbEvWexT4TpM6V6tT5JLIGeA18AAiZwIm5USZG_Gtxx8tTV0tOuNNPJC5nIiYaGCFqGX0iTS9oSuyrF4orNZ7WQ7BjI0VkQ5QiNVOSAGOEAKRw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "d2c52b12-08a9-4515-a1ff-af7e29d2d31a",
      "x": "v0XZ8sYgml__gJ1Mn7qUKmX4EESFOygdg3hOgmDjUJ0",
      "y": "Dv4n6UqL_KKO6Rxvi061farm-d1yzgG2QPVglx3MhGg",
      "alg": "ECDH-ES"
    }
  ]
}
2020-09-01 12:52:24 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-01 12:52:24 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-01 12:52:24 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": "1580000000"
}
2020-09-01 12:52:24 SUCCESS
GetDynamicClientConfiguration
No client details on configuration, created an empty dynamic_client_registration_template object.
2020-09-01 12:52:24
oidcc-client-test-invalid-sig-rs256
Setup Done
2020-09-01 12:52:25 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance 2mD1aWP7KZ7SRd6
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2020-09-01 12:52:25 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance 2mD1aWP7KZ7SRd6
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/",
  "authorization_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/token",
  "jwks_uri": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2020-09-01 12:52:25 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance 2mD1aWP7KZ7SRd6
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "content-type": "application/json",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "200",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
register
incoming_body_form_params
incoming_method
POST
incoming_body_json
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
incoming_query_string_params
{}
incoming_body
{"token_endpoint_auth_method":"client_secret_basic","response_types":["id_token token"],"grant_types":["implicit"],"redirect_uris":["https://rp.example.com/cb"],"id_token_signed_response_alg":"RS256"}
Registration endpoint
2020-09-01 12:52:25 SUCCESS
OIDCCExtractDynamicRegistrationRequest
Extracted dynamic client registration request
request
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256"
}
2020-09-01 12:52:25 INFO
EnsureRegistrationRequestContainsAtLeastOneContact
This application requires that registration requests contain at least one contact.
2020-09-01 12:52:25 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "implicit"
]
response_types
[
  "id_token token"
]
2020-09-01 12:52:25 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://rp.example.com/cb"
]
2020-09-01 12:52:25 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2020-09-01 12:52:25 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2020-09-01 12:52:25 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2020-09-01 12:52:25 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2020-09-01 12:52:25 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2020-09-01 12:52:25 SUCCESS
ValidateIdTokenSignedResponseAlg
id_token_signed_response_alg is one of the known algorithms
alg
RS256
2020-09-01 12:52:25 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2020-09-01 12:52:25 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2020-09-01 12:52:25 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2020-09-01 12:52:25 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2020-09-01 12:52:25 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2020-09-01 12:52:25 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2020-09-01 12:52:25 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2020-09-01 12:52:25 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2020-09-01 12:52:25 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2020-09-01 12:52:25 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2020-09-01 12:52:25 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2020-09-01 12:52:25 SUCCESS
ValidateClientRegistrationRequestSectorIdentifierUri
A sector_identifier_uri was not provided
2020-09-01 12:52:25 SUCCESS
OIDCCRegisterClient
Registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_cAagjrRSoQBSEQR50872{@_!~"
}
2020-09-01 12:52:25
OIDCCCreateClientSecretForDynamicClient
Set the secret for registered client
client_secret
secret_NWnDYsIvHfevpGdmPyupKFKtLHgjEdcvrGFWQUoFEnKOTnaQxP7220427797:#]%<
2020-09-01 12:52:25 SUCCESS
EnsureTokenEndPointAuthMethodIsClientSecretBasic
token_endpoint_auth_method is 'client_secret_basic' as expected
2020-09-01 12:52:25
SetClientIdTokenSignedResponseAlgToRS256
Set id_token_signed_response_alg to RS256 for the registered client
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_cAagjrRSoQBSEQR50872{@_!~",
  "client_secret": "secret_NWnDYsIvHfevpGdmPyupKFKtLHgjEdcvrGFWQUoFEnKOTnaQxP7220427797:#]%\u003c"
}
2020-09-01 12:52:25 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_cAagjrRSoQBSEQR50872{@_!~",
  "client_secret": "secret_NWnDYsIvHfevpGdmPyupKFKtLHgjEdcvrGFWQUoFEnKOTnaQxP7220427797:#]%\u003c"
}
2020-09-01 12:52:25 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2020-09-01 12:52:25
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2020-09-01 12:52:25
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2020-09-01 12:52:25 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance 2mD1aWP7KZ7SRd6
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "id_token token"
  ],
  "grant_types": [
    "implicit"
  ],
  "redirect_uris": [
    "https://rp.example.com/cb"
  ],
  "id_token_signed_response_alg": "RS256",
  "client_id": "client_cAagjrRSoQBSEQR50872{@_!~",
  "client_secret": "secret_NWnDYsIvHfevpGdmPyupKFKtLHgjEdcvrGFWQUoFEnKOTnaQxP7220427797:#]%\u003c"
}
outgoing_path
register
2020-09-01 12:52:26 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance 2mD1aWP7KZ7SRd6
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got/9.6.0 (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client_cAagjrRSoQBSEQR50872{@_!~",
  "scope": "openid",
  "response_type": "id_token token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "Cb-YC97Pu_0wzAgxCJ3WZyK_PAjjdsGJj21-ZRxBZMc",
  "nonce": "IoBpKDq5rWMxdrBYtzFmxxEhaAp8xdkEEq7R9zMQhYI",
  "response_mode": "form_post"
}
incoming_body
Authorization endpoint
2020-09-01 12:52:26 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2020-09-01 12:52:26 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid"
]
expected
openid
2020-09-01 12:52:26 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_cAagjrRSoQBSEQR50872{@_!~",
  "scope": "openid",
  "response_type": "id_token token",
  "redirect_uri": "https://rp.example.com/cb",
  "state": "Cb-YC97Pu_0wzAgxCJ3WZyK_PAjjdsGJj21-ZRxBZMc",
  "nonce": "IoBpKDq5rWMxdrBYtzFmxxEhaAp8xdkEEq7R9zMQhYI",
  "response_mode": "form_post"
}
2020-09-01 12:52:26 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2020-09-01 12:52:26 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
IoBpKDq5rWMxdrBYtzFmxxEhaAp8xdkEEq7R9zMQhYI
2020-09-01 12:52:26 SUCCESS
EnsureResponseTypeIsIdTokenToken
Response type is expected value
expected
id_token token
2020-09-01 12:52:26 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_cAagjrRSoQBSEQR50872{@_!~
2020-09-01 12:52:26 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://rp.example.com/cb
expected
[
  "https://rp.example.com/cb"
]
2020-09-01 12:52:26 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2020-09-01 12:52:26 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2020-09-01 12:52:26 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
9zulmJRwSTSM0ef5RsQ1mOHOIqCywiLEgfxn94Sb0kXIHRNG0U
2020-09-01 12:52:26 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
IJ2cOF2UK5fUulBvBr7Rjg
2020-09-01 12:52:26 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/
sub
user-subject-1234531
aud
client_cAagjrRSoQBSEQR50872{@_!~
nonce
IoBpKDq5rWMxdrBYtzFmxxEhaAp8xdkEEq7R9zMQhYI
iat
1598964746
exp
1598965046
2020-09-01 12:52:26 INFO
AddCHashToIdTokenClaims
Skipped evaluation due to missing required string: c_hash
expected
c_hash
2020-09-01 12:52:26 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
IJ2cOF2UK5fUulBvBr7Rjg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/2mD1aWP7KZ7SRd6/",
  "sub": "user-subject-1234531",
  "aud": "client_cAagjrRSoQBSEQR50872{@_!~",
  "nonce": "IoBpKDq5rWMxdrBYtzFmxxEhaAp8xdkEEq7R9zMQhYI",
  "iat": 1598964746,
  "exp": 1598965046,
  "at_hash": "IJ2cOF2UK5fUulBvBr7Rjg"
}
2020-09-01 12:52:26 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI4MmZhYmMyYS0wMzkwLTRjNjctYWEyOS0xOWE0YTFlY2UxZmIiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSUoyY09GMlVLNWZVdWxCdkJyN1JqZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2NBYWdqclJTb1FCU0VRUjUwODcye0BfIX4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvMm1EMWFXUDdLWjdTUmQ2XC8iLCJleHAiOjE1OTg5NjUwNDYsIm5vbmNlIjoiSW9CcEtEcTVyV014ZHJCWXR6Rm14eEVoYUFwOHhka0VFcTdSOXpNUWhZSSIsImlhdCI6MTU5ODk2NDc0Nn0.AjtREtR7EaXWa5clzNO--f8_GdgQUa9NHKUFUt0o2vt2jyKRxNuqIRG1dGqSFZDynC07e462lndnYbTY_E-nmJMp80Z1JPHUa0REqiUPysjsFGKrPKvpkJQwIQ8FA0Bds00FoSvW8E_1zc125toFxVl6sShatpZW24J2Iio7DPMX3AmnTY-3D_kufBEi5ejvtNU6Fprc-J0eKo7aJhvaoknFnjgx5Mz4F1SWCeS9zPWu89WWiL0ZhiwMHVJ1Q_T4h1II1DPlJ9aPoyIpP1T9a3UfB1Xtph-sWMNAKIY4ZF4xuwRWdoWnmJUKJ7OZxUSlDJFZI7_DOHG3T7DHN3-a5Q
key
{"p":"x18VQ2M38Ib6aWTHNNEktYvFq-HtUn0m8QICgkAo8ZYx6nJUt8Y8Ub-x6Mvjq2ptv1H0ImJpdw_SOms41t2inIcjyIdOO20VxYwWHXGtY1w9v3sb4KqwjiERoSvIje6woBbAwoQGPA7z_ISp-YN2NHsFijQTwhyVNtGJCIeKyMs","kty":"RSA","q":"xqCudu29gbqKCWH8Sab-XwbA2wkh97J0LOSPBB8cdnWK7qdYHwz2NNepZbYM5jtA6Ap1kkAFOFKnXhnzCbTBTKoDcCg6syZ5zmzZdXVeYVxRAdxON4iaP54j60X84RJY5_fycoCO2PqiP_YBmZWGSZd-o1zjVCbIlnEF7mpKKR0","d":"gg4hRba_c6QnLgWZYfDwaubh_9TvEVdYfsjtLtK3_SYg0CEHaOszNywHzdjtXAwwt0vB6l_Rij_NO1DENgrcpSDZnY9315hsrIK9FFoE42jlLsmklDRjMm849OG7KpD23iJZMhIB9zDjKsGosyg7hYEXZY6iOlXMaFnrWv7TPDUS_z_Qz35u-eJMn29aAgHKkASG6v3zbjazK6yJVqEMveoohjCnNYJorbL74Mi1S99Hs0zKgzj5gjZvSlSDtICf5Jl_kcRyxDKtbNBdb6iEVLZZLWDnAX3QCLdm32ikv4t6dm3o_qrK0008Xpsn30rUFBCgLACGugRHUa8Di03toQ","e":"AQAB","use":"sig","kid":"82fabc2a-0390-4c67-aa29-19a4a1ece1fb","qi":"mXrUqojHftV36Vuo2x0C1sUSj2FXvAm5vyME4lkR4dfFiH5SEpxMfdsL9kdv84-2b9IiyGEe2135w_rZPW7g_sVs62Pet2lBKxeeUuxdLsMTA30XYA0shl3ER7-i4jkWgmSIyH_DCJt7GGYaF88ck5sP7U2V6kJXLnXBpOIOv7Q","dp":"K0oT_dvPS6SjPrspHejDhb_hnd6ifyS5jd8X2FxCB6LLF9LXXkfm1QFAigGrX47uYXpT_htMNxPyW8joQI9DPaWCOYpXjEO1VH2EV8RVF5vxtF_wv6mQSGwZvdsZ4ueO5lPKavHrwKKmi4_qsEjBI8gKfeWs3JsEMzDwBjAYDF0","dq":"PAJfs16wWnlZKuyHpFjnkR4hNgvUT1mC7-09qCkeGEv65Y95eCgaWmytqSUPUJ-mRHSkgMMG0LVoC24bl1sc62SSFViSI34EXvFT4cDL-u5BKya8GtsSfxXwFCzY8cbxRWQLw7xDbBqM2nYglZ4vLByxDfoKVGpDP_B1sko6jaE","n":"mrCtvqhJfmjBNqRIg6AdkSjQxWYBLm9dv-P0vJgNTkmMLIlpLZmB-L-jMsHjJJmQ_jfVSM2ZRmwoo9SotB2ZTXd5JO6mENa07GQHUWn-F6qNPWp8UdAfsxJlTdNJQtSAJ14NcD77kFu00xEYWW6zekBAHCCrnN74PeDVJg1o4sY2BaZ56wnYSSSVRvCpKfhbhHPwDEFnkZL7t2Zga0Ak5UgOdSvs_NV73lj0KvLrlGuGYrvgKMIKHCH-9f8PppyTmRVmWBhsrKzRnU30sZZ2tZi5qjLwFni7mgmrQHbvEem0qzgxv-49CnEoquA8VqStpKrQ6EvmdRM10yyorY9B_w"}
algorithm
RS256
2020-09-01 12:52:26 SUCCESS
SignIdTokenInvalid
Made the id_token signature invalid
id_token
eyJraWQiOiI4MmZhYmMyYS0wMzkwLTRjNjctYWEyOS0xOWE0YTFlY2UxZmIiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSUoyY09GMlVLNWZVdWxCdkJyN1JqZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2NBYWdqclJTb1FCU0VRUjUwODcye0BfIX4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvMm1EMWFXUDdLWjdTUmQ2XC8iLCJleHAiOjE1OTg5NjUwNDYsIm5vbmNlIjoiSW9CcEtEcTVyV014ZHJCWXR6Rm14eEVoYUFwOHhka0VFcTdSOXpNUWhZSSIsImlhdCI6MTU5ODk2NDc0Nn0.WGELSI4hS_-MMc1_lonko6VlQ4JKC_UXRv9fCIdygKEs1XjLnoHwe0vvLjDIT8qoxndhIdTszC09O-6CphX9wslzqRwvfquOMR4e8H9VkJK2TjjxZvGzys5qe1VfWRoH6Rdf-3GMqhWvl5csvIBfnwMg63IA7MwMgdgseHBhVqlNhlP9F9XtVaN0Jkt4v7K17o9gTMCGosdEcNSAfEGA-BOfxGJrvpaiTQ7MU77nlq_0qY_M0udD3HZWRwgvGa6i3QhSjmm_fYzV-XhzZQ6nMS9FXQ-3_EX2ApkactxiPgRr4V4MLN_9ws9QfenDnx7_VssDeeWZYivtFeqdbSXAvw
2020-09-01 12:52:26 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2020-09-01 12:52:26 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "Cb-YC97Pu_0wzAgxCJ3WZyK_PAjjdsGJj21-ZRxBZMc"
}
2020-09-01 12:52:26 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "Cb-YC97Pu_0wzAgxCJ3WZyK_PAjjdsGJj21-ZRxBZMc",
  "id_token": "eyJraWQiOiI4MmZhYmMyYS0wMzkwLTRjNjctYWEyOS0xOWE0YTFlY2UxZmIiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSUoyY09GMlVLNWZVdWxCdkJyN1JqZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2NBYWdqclJTb1FCU0VRUjUwODcye0BfIX4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvMm1EMWFXUDdLWjdTUmQ2XC8iLCJleHAiOjE1OTg5NjUwNDYsIm5vbmNlIjoiSW9CcEtEcTVyV014ZHJCWXR6Rm14eEVoYUFwOHhka0VFcTdSOXpNUWhZSSIsImlhdCI6MTU5ODk2NDc0Nn0.WGELSI4hS_-MMc1_lonko6VlQ4JKC_UXRv9fCIdygKEs1XjLnoHwe0vvLjDIT8qoxndhIdTszC09O-6CphX9wslzqRwvfquOMR4e8H9VkJK2TjjxZvGzys5qe1VfWRoH6Rdf-3GMqhWvl5csvIBfnwMg63IA7MwMgdgseHBhVqlNhlP9F9XtVaN0Jkt4v7K17o9gTMCGosdEcNSAfEGA-BOfxGJrvpaiTQ7MU77nlq_0qY_M0udD3HZWRwgvGa6i3QhSjmm_fYzV-XhzZQ6nMS9FXQ-3_EX2ApkactxiPgRr4V4MLN_9ws9QfenDnx7_VssDeeWZYivtFeqdbSXAvw"
}
2020-09-01 12:52:26
AddTokenToAuthorizationEndpointResponseParams
Added token and token_type to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://rp.example.com/cb",
  "state": "Cb-YC97Pu_0wzAgxCJ3WZyK_PAjjdsGJj21-ZRxBZMc",
  "id_token": "eyJraWQiOiI4MmZhYmMyYS0wMzkwLTRjNjctYWEyOS0xOWE0YTFlY2UxZmIiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSUoyY09GMlVLNWZVdWxCdkJyN1JqZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2NBYWdqclJTb1FCU0VRUjUwODcye0BfIX4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvMm1EMWFXUDdLWjdTUmQ2XC8iLCJleHAiOjE1OTg5NjUwNDYsIm5vbmNlIjoiSW9CcEtEcTVyV014ZHJCWXR6Rm14eEVoYUFwOHhka0VFcTdSOXpNUWhZSSIsImlhdCI6MTU5ODk2NDc0Nn0.WGELSI4hS_-MMc1_lonko6VlQ4JKC_UXRv9fCIdygKEs1XjLnoHwe0vvLjDIT8qoxndhIdTszC09O-6CphX9wslzqRwvfquOMR4e8H9VkJK2TjjxZvGzys5qe1VfWRoH6Rdf-3GMqhWvl5csvIBfnwMg63IA7MwMgdgseHBhVqlNhlP9F9XtVaN0Jkt4v7K17o9gTMCGosdEcNSAfEGA-BOfxGJrvpaiTQ7MU77nlq_0qY_M0udD3HZWRwgvGa6i3QhSjmm_fYzV-XhzZQ6nMS9FXQ-3_EX2ApkactxiPgRr4V4MLN_9ws9QfenDnx7_VssDeeWZYivtFeqdbSXAvw",
  "access_token": "9zulmJRwSTSM0ef5RsQ1mOHOIqCywiLEgfxn94Sb0kXIHRNG0U",
  "token_type": "Bearer"
}
2020-09-01 12:52:26 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance 2mD1aWP7KZ7SRd6
outgoing
ModelAndView [view="formPostResponseMode"; model={formAction=https://rp.example.com/cb, formParameters={"state":"Cb-YC97Pu_0wzAgxCJ3WZyK_PAjjdsGJj21-ZRxBZMc","id_token":"eyJraWQiOiI4MmZhYmMyYS0wMzkwLTRjNjctYWEyOS0xOWE0YTFlY2UxZmIiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiSUoyY09GMlVLNWZVdWxCdkJyN1JqZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X2NBYWdqclJTb1FCU0VRUjUwODcye0BfIX4iLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvMm1EMWFXUDdLWjdTUmQ2XC8iLCJleHAiOjE1OTg5NjUwNDYsIm5vbmNlIjoiSW9CcEtEcTVyV014ZHJCWXR6Rm14eEVoYUFwOHhka0VFcTdSOXpNUWhZSSIsImlhdCI6MTU5ODk2NDc0Nn0.WGELSI4hS_-MMc1_lonko6VlQ4JKC_UXRv9fCIdygKEs1XjLnoHwe0vvLjDIT8qoxndhIdTszC09O-6CphX9wslzqRwvfquOMR4e8H9VkJK2TjjxZvGzys5qe1VfWRoH6Rdf-3GMqhWvl5csvIBfnwMg63IA7MwMgdgseHBhVqlNhlP9F9XtVaN0Jkt4v7K17o9gTMCGosdEcNSAfEGA-BOfxGJrvpaiTQ7MU77nlq_0qY_M0udD3HZWRwgvGa6i3QhSjmm_fYzV-XhzZQ6nMS9FXQ-3_EX2ApkactxiPgRr4V4MLN_9ws9QfenDnx7_VssDeeWZYivtFeqdbSXAvw","access_token":"9zulmJRwSTSM0ef5RsQ1mOHOIqCywiLEgfxn94Sb0kXIHRNG0U","token_type":"Bearer"}}]
outgoing_path
authorize
2020-09-01 12:52:26 INCOMING
oidcc-client-test-invalid-sig-rs256
Incoming HTTP request to test instance 2mD1aWP7KZ7SRd6
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/3.15.9 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2020-09-01 12:52:26 OUTGOING
oidcc-client-test-invalid-sig-rs256
Response to HTTP request to test instance 2mD1aWP7KZ7SRd6
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "82fabc2a-0390-4c67-aa29-19a4a1ece1fb",
      "n": "mrCtvqhJfmjBNqRIg6AdkSjQxWYBLm9dv-P0vJgNTkmMLIlpLZmB-L-jMsHjJJmQ_jfVSM2ZRmwoo9SotB2ZTXd5JO6mENa07GQHUWn-F6qNPWp8UdAfsxJlTdNJQtSAJ14NcD77kFu00xEYWW6zekBAHCCrnN74PeDVJg1o4sY2BaZ56wnYSSSVRvCpKfhbhHPwDEFnkZL7t2Zga0Ak5UgOdSvs_NV73lj0KvLrlGuGYrvgKMIKHCH-9f8PppyTmRVmWBhsrKzRnU30sZZ2tZi5qjLwFni7mgmrQHbvEem0qzgxv-49CnEoquA8VqStpKrQ6EvmdRM10yyorY9B_w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "9486649b-18fb-417f-b533-81ed28954121",
      "n": "wpTFKVa7f37kdVpOZMsdb8lr7BYLGAKlt6CjIMHjIg48KkFvGnbMv5Z1eAthwQY0Qb4apKCnVFktSW_evCVjlsyxu_cR_K3OqFSREU62BANsISU7zQu434ruqfnos0c4dpgr5w-R-04tPZvItxxD7tigoDqtofx3OMUJ5G3vb9JsyCnUB9nyoS4vko84XBTwaMKRebfGNoOMUpK6HQsZXcqoLf3IWKNA5WpJ1SJPxX1aklFzk4TYc8c54beR-m21tw0z0Rw5LcB7utuHdUwNXMqS_RlfV5tNmws8Bfq9EkscHJv5cr4dGAbm6yRXEvVpv7bDBdVrVy_Lg1MCacv-ww"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "c1dcc77f-a469-43a0-96ef-ae04c4e4bb9f",
      "x": "88Romf079tLnv9JBmcKatC58tQQ8nSX4FetZM2G0NdM",
      "y": "30438nZMFgGFTekQUGuYDJ0iunxLbftJCm-_LpIRv-A"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "e49f0b37-12ad-4a3b-bca4-b032652f6375",
      "x": "Fqh8lgE7M0yWePUjvdp5MMxteScC5zToe4msBJ-SmnM",
      "y": "UUNv9Z-nAnlLYtCfbteKhFgTmUbcYlG2DdCxxqggoqQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "a2cc4604-6655-41ff-a367-21d35a21cd39",
      "x": "_E2kCfJCR3K3MFWEuaBP-PpK-g4ZioizN9tsCw6QGc0",
      "y": "Wc9iokP9GEw2--hD5T11dO8URoh1BZMbD9IXrnjlXD4"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "faf36231-d7eb-4d44-87b3-0d631c58a09c",
      "x": "cgrvYOLrmyFmqrNLdspo3VaMhdK_fZMEe_iACE7Wh1k"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d68c8865-b3db-4386-8926-c3474e060691",
      "alg": "RSA-OAEP",
      "n": "z6Yy9EufOUVZigWFUq5NgFnL4K14zrW-3qwgvtm6SixgYlL4w-2EEzdXuOLVy3j0wGDjjOPLkYeqmMN8KbNALMbseogImNgihtjIIorNLWOu48a6s73d9wqivoGH9Ab536CasmeAq_6xqJ1zusOBzqJcIUPq2gckAOKyfUcaX4ljLERXnhxi4OVAs4GzfnVdqWB7f8FP7mq5QVkOhPrkpSMGtGTy25T_Aqw5x2FQPbEvWexT4TpM6V6tT5JLIGeA18AAiZwIm5USZG_Gtxx8tTV0tOuNNPJC5nIiYaGCFqGX0iTS9oSuyrF4orNZ7WQ7BjI0VkQ5QiNVOSAGOEAKRw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "d2c52b12-08a9-4515-a1ff-af7e29d2d31a",
      "x": "v0XZ8sYgml__gJ1Mn7qUKmX4EESFOygdg3hOgmDjUJ0",
      "y": "Dv4n6UqL_KKO6Rxvi061farm-d1yzgG2QPVglx3MhGg",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2020-09-01 12:52:28 FINISHED
oidcc-client-test-invalid-sig-rs256
Test has run to completion
testmodule_result
PASSED
Test Results