Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-06-13 21:33:49 INFO
TEST-RUNNER
Test instance h1DUodFhCW3v1E8 created
baseUrl
https://www.certification.openid.net/test/a/MSTR_M2021_UP1
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
MSTR_M2021_UP1
description
planId
iEllghTC7G18K
config
{
  "alias": "MSTR_M2021_UP1",
  "client": {
    "client_id": "87654321",
    "client_secret": "12345678",
    "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
  }
}
testName
oidcc-client-test-client-secret-basic
2021-06-13 21:33:49 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-06-13 21:33:49
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-06-13 21:33:50
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "xKLHQz-9nOwNUoDU99I0R0j31I6CJTtwo24e2u1aDinu1JeG5y2GTttFmHMQakxLUMp4Pqp6Gp_CNhSOgbBnjkAJl0X8BdmLwXeq-hQ0fX7fmzmEzUx7H7bhYLTpJYYt7LsRKafnd-Kuj7mjCXsKFzGUsWIcmWfnhoyfzvBk040",
      "kty": "RSA",
      "q": "tdKKV7xL6vguEpKGYZf3DfiZinxQiBVrtE-ZRIL-R2mOVsL2RjZt6DjqAhQ9bhUEGg4s3ijjcXOvyLh7W2Yh8gcQBABFIBssyApwaA1F_rErU4-EalwVBm3px2G_bIC2X41Dh-DPYW7U4cqgnLuAhwE8M3exfzumfFojw8goD_8",
      "d": "Q4gK-Do8Pt5uAAhur5MLTsmI3zhe1KXLJJCMWNjkveGO2406FEGCRqPYbJWsyFduah4Khgv8F9c-ByI0X2nF42Bqd7GCIRAWnriO-RpNRXr6ZNPrVPJEhDXmafH4v4gsRB_TbJRqkgoLVG-81OlCGHxKRh88H7QOXOZd2KqA-w37EZIfTwiytUVyjJvegcTvrqWl6o_fqbr2T9yqQte-iKj8xoIJkW13N45RXs_-wPhf_N7Qsaj0-cM0ncz9fQjS--2lCPphkuoQMIqNNuBNuDQMOFI2YYkxUxTHRZFB4ZHZVJloiI4JsURlaPdB7wVRS0Yq0btABR7szvF0JFAfEQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "0a8e471d-ce18-469d-aa3c-6eb032f53188",
      "qi": "pFbhcNpnHYGiyem3b6bqCkqif-7NvtEy03H9q-dFEikOqgWDtw47RxHuh6ZbpjXjvyx6Opb-N3vJts35lgliqVezkw7sPqpbbG-0ikRqaCtNdBNRBvjG-BfPx9hlc5HOu6ssWNCpT_c1E_SIi3UXenfvYWqhynUHf_qufN3CjX4",
      "dp": "sjwJ-j7wlCiy-rGkWO3ETUkquxRhi3YRZ1INzcuO8X-46CJhOXLeZuQCdWj23CNDsXuU-thzzWY6F-MSOSO4-gu5pdDd3D-QmlDqPbvKyGYUMRM1-RD2GY0fRRU2r7isMARwTh3Pha-HIufVjGZmgxeB_Dc-TR8NkbwtrtnfypE",
      "dq": "Ea8GcX4IzDOTF49Uro0_JAa3uDZbBsE-lmzfdUBgRsXHaDzSAwYsLlfKuqUJTHmSyo3yYzEK3e_oetcmeD84sfdp4Vm9X2AFPPd280fHNPw6QIhG0qleCiAKiq_BFGZ4VlbA6Kg-wzUqU0OH13aNC5RdLIxJoRxGFvYVYGdJLjU",
      "n": "i6jOrSSZLDWt0McqzHViXAjJUPhoJzNkZkSsLNQExb31R_IWFO9-CcaSenu81mYRGymsPs3ywBA0NGnixQ_st-l-IoKXeNH3r5k51mxlp7DEdi_8c9rqnNWsyu3QOJ6wCzafHNaNOlBXXLb3dVyVwK-L83mIA1ysn7qtrLtty8_Uk2Ens3IwzsLhxaW6Cz7H8qdt8LZbQPObxEVAP66CEw6SzLCWhD43mqcjE429ofpL4mCvrRJX_j_ZOqAAGXKjx5kOkoZRmuuFFhMHRy8SQORe3bQkk1icHu36C5RSZKE1DZd6PwNJkXpSCeJQQzwE4MCwkUdt_yt44A-lktv8cw"
    },
    {
      "kty": "EC",
      "d": "WE-OUTdK2FvClZJf9l3tctINedPFWGgMfxztTpQdYLQ",
      "use": "sig",
      "crv": "P-256",
      "kid": "7bbc1ec0-3578-4197-88ef-10a25d2f7473",
      "x": "YIN7eykbJMfXd0WUP-wiD_OAb1BXb16Z1E_EUXMxyIQ",
      "y": "-0PdHYacw4EjZ9lI0wz0E76WgsRUAZOAjHZZa_ljF8E"
    },
    {
      "kty": "EC",
      "d": "qx1WfcgoNpFy775I_K2miboauo7LFfUBdzoV5KjYcRA",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "e72eb296-f0f9-4f49-ac3f-c751d7e38a44",
      "x": "CJjaph5wPsxU--M6mUAuTX7Yxq7Zl4TyjGBn1sxJo9I",
      "y": "rosO29ZjvCJWYY6qOy51CI_5YdkEa8rppfYygldpORM"
    },
    {
      "kty": "OKP",
      "d": "1lb8PO3RVH7EeFLaWT3_F75kQbROfNy963jrQIkZ9VE",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "6f23d226-f10b-4405-9bf8-093213847dbc",
      "x": "lCliHnh15TqtvxRI6eaNb-gK2GBqIyHQUI2YDctA1RI"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "9t9lruoFbKMFJusjFGrm0jayCcx0Hw_13JwH-5Oghb6qr_CcKdSPYBKVx2mSwQGhknYjPLKL_V9QCrfpaG18n4Qn3PS09TSyQhfvIUJhjyA47U8OzcukmPqT0p7nurChcwIDt1yBkvNC1kf6h3n123As35XNsx1kvdiv_bTJ6yk",
      "kty": "RSA",
      "q": "ndpaADLkfUOsASIszgkxzna3NiXVtYfNNBbeqQqqrP4SQUrYRNR391d16iqaN6x6eMrsahoS3oyiSTbS9zhIut4_3x5C1molcZUCcBHM-QPjBBLwrjccC8MenpIuDLwZWNktQyItefEo0kXh3oatCa6KChZb7aaUOhIbVXTQTXc",
      "d": "I2X_7LjaMDSuv15plGI4Pd2n2OdyLLhhgZhFO2EctlFGTQrvXrYPPF5HOwjmUA5JqZYd1iDuw5QYc7g3Uo19VOvtRM7GtYj4MmNmU43_UKtGdwgYcM_zWsxejVF2DUrfIoW6jyneo5u2M7Pf0eZzkloJD9DrdZW8O86EsxgeGOeWzXdBtIGPlz_qZFRZ_9zmcgBC0fh69UdyrE0le3em7ufQzm2AcONOmX0PAadyrRb99ucMmsateh2qqbBkSHcTH2iIRXpN6I-c7ZkgjpM0bZZjptLWwxbUd8P0y7FMGghpwEUzL0aS_NLYmBzpRYj1GO7syLllJ-K3uiPJHZ5rgQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "d0851dd4-6f96-4a1b-8a54-4bbd987ac775",
      "qi": "i1rU-qIvy_GHnXZrOD2hZJyYWXScHi9QQDxN3B5umwsa2fjDTeZcK7uxenjftVBh4urqbWWkeCueNj1Yx0uTQuNZHUBUIXcE7RfLe46VwkTfV3alIQQY9-aVNkkcm2HoywxqOVRYHVK-4mB3-cAdtkBSBlOgG-oZ3l5d6lEBad0",
      "dp": "Cbnncaq6p_sMOupMqYNEsMeC4Cvz7z1bvGNRVTINwvcuFlxuap97Ppe82uxn4b7EtNZ-sOd_6G2W47U3NuwJWueEAoqJjpeS5lO3EiJhYZgtZfwVYzpAs947cLLeAlbvJW7Q4qp8WGPJIFQZpLjDXO_gdLacMhBYZbphxKcYxXE",
      "alg": "RSA-OAEP",
      "dq": "kGOJjcL_o-FBtau4BiL87xlCTwJesHTu7CW7OC7snd6tfhHjL1qV_aZ_0llzxVc8k78yb384IV_MlmHSqZZPWLcw_3sjshNX-sRNfYuazXCTuEdG5mS8f7nUCUI3YyivmsjVESJzLKa-K1EG4VCZeVCxLbb0EbccwN2NKSb33tM",
      "n": "mDmSY5dMFCN1p0JmtzpmZsSQcBBP5MNdBr--wEZIsRVPZGeu_pzs0vCbPBJMeudNZxF1yn6r0UhdqXfrwTCCqTWn22GfDDk1inmg-TgWBDWatryqR10ykwK12UxAe6XnOs6h4SqQBDSTAWDzD9QDpE96Ud9mX_g8f5NtR9dvsIv9oR_BDJLm9VTc3mQl_BLSHKigEWLolAonNCyvyE67g995VTpcFp0rjS5fcvUBoClmMjqUJpP6cKK4CYeG5t5omoEgsZVZcWEiOeEB79xW-Fj5Q7yFYf1glcrXlfmOGVqB0pK7rb9ZR2ywqrYfW6azst9S4392lziGceiKauelDw"
    },
    {
      "kty": "EC",
      "d": "vC9G7W_cCEZEjRAIMHc11NOMzN8XmleZ7hWuUtUWtIs",
      "use": "enc",
      "crv": "P-256",
      "kid": "b5dc3ef3-a7f5-4581-bc33-956d1593192f",
      "x": "27XXJPmqF-FqG4PoBjZvinCYe-nJ58k0ncNElG2aCaQ",
      "y": "Avj7LXUNfOyXdGkoJvkSe32QUC9X9a89R9O48JVBtUU",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0a8e471d-ce18-469d-aa3c-6eb032f53188",
      "n": "i6jOrSSZLDWt0McqzHViXAjJUPhoJzNkZkSsLNQExb31R_IWFO9-CcaSenu81mYRGymsPs3ywBA0NGnixQ_st-l-IoKXeNH3r5k51mxlp7DEdi_8c9rqnNWsyu3QOJ6wCzafHNaNOlBXXLb3dVyVwK-L83mIA1ysn7qtrLtty8_Uk2Ens3IwzsLhxaW6Cz7H8qdt8LZbQPObxEVAP66CEw6SzLCWhD43mqcjE429ofpL4mCvrRJX_j_ZOqAAGXKjx5kOkoZRmuuFFhMHRy8SQORe3bQkk1icHu36C5RSZKE1DZd6PwNJkXpSCeJQQzwE4MCwkUdt_yt44A-lktv8cw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "741ba80b-e4bc-46d2-b5a7-b5f3e1ae0377",
      "n": "l2BgbYfURyPjGbRQmFGt4oMOTvGP0sgsnmwYgKMOFTtd85QzTFYU6ROP7d6i7QxWOHwjVnIHe8ykuYB3KUkdjjeQuyo86WkAZ39MAzaXQq5y9Qz92b6pRZvGJdx46qYj2aic4WelnKT8GRVbaJeidXHrofHMsZozXJdpDnXd_ItR_YHUF65xxIatBFhrelADJCCJ0mB7uPoRDoPP_kIxNyn_VTDQwexrs5LE279zqucLj0EJ7nYQ8pN2HkbP1uDbDyN1mXYkWAQH7_8kXOIRy8_2mmD-SDWcw2pzvnQbbsdu_pQySWsG9UgpRWR0YGGZZsyy56ZMbOoiBqQYkJtnMw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7bbc1ec0-3578-4197-88ef-10a25d2f7473",
      "x": "YIN7eykbJMfXd0WUP-wiD_OAb1BXb16Z1E_EUXMxyIQ",
      "y": "-0PdHYacw4EjZ9lI0wz0E76WgsRUAZOAjHZZa_ljF8E"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "21922172-2f0a-40ab-aaf3-bb166fbdb7a4",
      "x": "ZoHwsZmklt-KyuVbHQJ8z3zNrRJ6LY-tWi0LCbF0_hY",
      "y": "sbc0DhH3llG0muB1K2HqxTsVW8JWyvr-JotV0xr-618"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "e72eb296-f0f9-4f49-ac3f-c751d7e38a44",
      "x": "CJjaph5wPsxU--M6mUAuTX7Yxq7Zl4TyjGBn1sxJo9I",
      "y": "rosO29ZjvCJWYY6qOy51CI_5YdkEa8rppfYygldpORM"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "6f23d226-f10b-4405-9bf8-093213847dbc",
      "x": "lCliHnh15TqtvxRI6eaNb-gK2GBqIyHQUI2YDctA1RI"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d0851dd4-6f96-4a1b-8a54-4bbd987ac775",
      "alg": "RSA-OAEP",
      "n": "mDmSY5dMFCN1p0JmtzpmZsSQcBBP5MNdBr--wEZIsRVPZGeu_pzs0vCbPBJMeudNZxF1yn6r0UhdqXfrwTCCqTWn22GfDDk1inmg-TgWBDWatryqR10ykwK12UxAe6XnOs6h4SqQBDSTAWDzD9QDpE96Ud9mX_g8f5NtR9dvsIv9oR_BDJLm9VTc3mQl_BLSHKigEWLolAonNCyvyE67g995VTpcFp0rjS5fcvUBoClmMjqUJpP6cKK4CYeG5t5omoEgsZVZcWEiOeEB79xW-Fj5Q7yFYf1glcrXlfmOGVqB0pK7rb9ZR2ywqrYfW6azst9S4392lziGceiKauelDw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "b5dc3ef3-a7f5-4581-bc33-956d1593192f",
      "x": "27XXJPmqF-FqG4PoBjZvinCYe-nJ58k0ncNElG2aCaQ",
      "y": "Avj7LXUNfOyXdGkoJvkSe32QUC9X9a89R9O48JVBtUU",
      "alg": "ECDH-ES"
    }
  ]
}
2021-06-13 21:33:50 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-06-13 21:33:50 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-06-13 21:33:50 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": 1580000000
}
2021-06-13 21:33:50 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
87654321
client_secret
12345678
redirect_uris
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 21:33:50 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "87654321",
  "client_secret": "12345678",
  "redirect_uris": [
    "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
  ]
}
2021-06-13 21:33:50 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2021-06-13 21:33:50 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2021-06-13 21:33:50 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 21:33:50 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2021-06-13 21:33:50 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2021-06-13 21:33:50 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2021-06-13 21:33:50 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2021-06-13 21:33:50 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2021-06-13 21:33:50 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2021-06-13 21:33:50 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2021-06-13 21:33:50 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 21:33:50 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2021-06-13 21:33:50 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2021-06-13 21:33:50 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2021-06-13 21:33:50 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2021-06-13 21:33:50 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2021-06-13 21:33:50 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2021-06-13 21:33:50 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2021-06-13 21:33:50 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2021-06-13 21:33:50 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2021-06-13 21:33:50 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2021-06-13 21:33:50
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2021-06-13 21:33:50
oidcc-client-test-client-secret-basic
Setup Done
2021-06-13 21:34:53 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance h1DUodFhCW3v1E8
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/xml, text/xml, application/json, application/*+xml, application/*+json",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2021-06-13 21:34:53 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance h1DUodFhCW3v1E8
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-06-13 21:37:39 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance h1DUodFhCW3v1E8
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/xml, text/xml, application/json, application/*+xml, application/*+json",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2021-06-13 21:37:39 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance h1DUodFhCW3v1E8
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-06-13 21:38:14 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance h1DUodFhCW3v1E8
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"90\", \"Google Chrome\";v\u003d\"90\"",
  "sec-ch-ua-mobile": "?0",
  "referer": "https://env-239211.customer.cloud.microstrategy.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-GB,en-GB-oxendict;q\u003d0.9,en;q\u003d0.8,tr;q\u003d0.7,eu;q\u003d0.6",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1623336640.30.8.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; __utma\u003d201319536.763838286.1615572732.1623353581.1623411213.32; JSESSIONID\u003d32A224047A3267CDD9D4EE876688B2EF",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "response_type": "code",
  "client_id": "87654321",
  "scope": "openid profile email offline_access",
  "state": "U78eC1ng-mFH351Z15vtVqWmS6oL8Sq-bJqmILb8Z9Y\u003d",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "nonce": "LX5fGbfMwXKsqNwJovJEW2eGzGC8Pt3CNvdVhvp92AU"
}
incoming_body
Authorization endpoint
2021-06-13 21:38:14 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2021-06-13 21:38:14 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "profile",
  "email",
  "offline_access"
]
expected
openid
2021-06-13 21:38:14 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "response_type": "code",
  "client_id": "87654321",
  "scope": "openid profile email offline_access",
  "state": "U78eC1ng-mFH351Z15vtVqWmS6oL8Sq-bJqmILb8Z9Y\u003d",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "nonce": "LX5fGbfMwXKsqNwJovJEW2eGzGC8Pt3CNvdVhvp92AU"
}
2021-06-13 21:38:14 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid profile email offline_access
2021-06-13 21:38:14 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
LX5fGbfMwXKsqNwJovJEW2eGzGC8Pt3CNvdVhvp92AU
2021-06-13 21:38:14 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2021-06-13 21:38:14 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
87654321
2021-06-13 21:38:14 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login
expected
[
  "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
]
2021-06-13 21:38:14 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "profile",
  "email",
  "offline_access"
]
expected
openid
2021-06-13 21:38:14 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2021-06-13 21:38:14 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
QIGpfyrghg
2021-06-13 21:38:14 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
0nkpKEBA3AMgBM0sdbH08A
2021-06-13 21:38:14 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "state": "U78eC1ng-mFH351Z15vtVqWmS6oL8Sq-bJqmILb8Z9Y\u003d"
}
2021-06-13 21:38:14 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login",
  "state": "U78eC1ng-mFH351Z15vtVqWmS6oL8Sq-bJqmILb8Z9Y\u003d",
  "code": "QIGpfyrghg"
}
2021-06-13 21:38:14
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login?state=U78eC1ng-mFH351Z15vtVqWmS6oL8Sq-bJqmILb8Z9Y%3D&code=QIGpfyrghg
2021-06-13 21:38:14 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance h1DUodFhCW3v1E8
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login?state=U78eC1ng-mFH351Z15vtVqWmS6oL8Sq-bJqmILb8Z9Y%3D&code=QIGpfyrghg]
outgoing_path
authorize
2021-06-13 21:38:14 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance h1DUodFhCW3v1E8
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "authorization": "Basic ODc2NTQzMjE6MTIzNDU2Nzg\u003d",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "161",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "QIGpfyrghg",
  "redirect_uri": "https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=QIGpfyrghg&redirect_uri=https%3A%2F%2Fenv-239211.customer.cloud.microstrategy.com%2FMicroStrategyLibrary%2Fauth%2Foidc%2Flogin
Token endpoint
2021-06-13 21:38:14 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
87654321
client_secret
12345678
method
client_secret_basic
2021-06-13 21:38:14 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2021-06-13 21:38:14 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
QIGpfyrghg
2021-06-13 21:38:14 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://env-239211.customer.cloud.microstrategy.com/MicroStrategyLibrary/auth/oidc/login
2021-06-13 21:38:14 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
PsY230EVOesIYZkR73wuWTFQE4D936AqJ6zL7RV7DNrO2KeQ1a
2021-06-13 21:38:14 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
8-LiDEI110RTpNN_37p9EA
2021-06-13 21:38:14 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/MSTR_M2021_UP1/
sub
user-subject-1234531
aud
87654321
nonce
LX5fGbfMwXKsqNwJovJEW2eGzGC8Pt3CNvdVhvp92AU
iat
1623620294
exp
1623620594
2021-06-13 21:38:14 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
8-LiDEI110RTpNN_37p9EA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/MSTR_M2021_UP1/",
  "sub": "user-subject-1234531",
  "aud": "87654321",
  "nonce": "LX5fGbfMwXKsqNwJovJEW2eGzGC8Pt3CNvdVhvp92AU",
  "iat": 1623620294,
  "exp": 1623620594,
  "at_hash": "8-LiDEI110RTpNN_37p9EA"
}
2021-06-13 21:38:14 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiIwYThlNDcxZC1jZTE4LTQ2OWQtYWEzYy02ZWIwMzJmNTMxODgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOC1MaURFSTExMFJUcE5OXzM3cDlFQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYyMDU5NCwibm9uY2UiOiJMWDVmR2JmTXdYS3NxTndKb3ZKRVcyZUd6R0M4UHQzQ052ZFZodnA5MkFVIiwiaWF0IjoxNjIzNjIwMjk0fQ.cFB6DGcaXNTQVw4Is5cSXQkmdIA9Tb9hli_-uNKftqap7wHHzgY1p5s25qBhpVC28MEIgypRamtMK-U-E11RgUsdlRJN2CPbiNyLdbMD0SNQLnITeU0WhPyq0paYDpWLo53oC0qsTxoKKQRhVnZvfqiWDkzX06CsEqZlrHBw2PzOoOpTg_6x_NTdzjAZUAc-dZnG9Ed2WCVcM2TT9cK2cNeWu7cz5zvknQILL4-LRirkARAUxhE3X5r_thCRGNNvLSkQo_SzC6dNquBbSf4T1GSqIVgpqhedPvRvu9be-em7YGGTwbb-2dhf0pD1ugUO6IYTK4gzJMLZcKZlWFRKWA
key
{"p":"xKLHQz-9nOwNUoDU99I0R0j31I6CJTtwo24e2u1aDinu1JeG5y2GTttFmHMQakxLUMp4Pqp6Gp_CNhSOgbBnjkAJl0X8BdmLwXeq-hQ0fX7fmzmEzUx7H7bhYLTpJYYt7LsRKafnd-Kuj7mjCXsKFzGUsWIcmWfnhoyfzvBk040","kty":"RSA","q":"tdKKV7xL6vguEpKGYZf3DfiZinxQiBVrtE-ZRIL-R2mOVsL2RjZt6DjqAhQ9bhUEGg4s3ijjcXOvyLh7W2Yh8gcQBABFIBssyApwaA1F_rErU4-EalwVBm3px2G_bIC2X41Dh-DPYW7U4cqgnLuAhwE8M3exfzumfFojw8goD_8","d":"Q4gK-Do8Pt5uAAhur5MLTsmI3zhe1KXLJJCMWNjkveGO2406FEGCRqPYbJWsyFduah4Khgv8F9c-ByI0X2nF42Bqd7GCIRAWnriO-RpNRXr6ZNPrVPJEhDXmafH4v4gsRB_TbJRqkgoLVG-81OlCGHxKRh88H7QOXOZd2KqA-w37EZIfTwiytUVyjJvegcTvrqWl6o_fqbr2T9yqQte-iKj8xoIJkW13N45RXs_-wPhf_N7Qsaj0-cM0ncz9fQjS--2lCPphkuoQMIqNNuBNuDQMOFI2YYkxUxTHRZFB4ZHZVJloiI4JsURlaPdB7wVRS0Yq0btABR7szvF0JFAfEQ","e":"AQAB","use":"sig","kid":"0a8e471d-ce18-469d-aa3c-6eb032f53188","qi":"pFbhcNpnHYGiyem3b6bqCkqif-7NvtEy03H9q-dFEikOqgWDtw47RxHuh6ZbpjXjvyx6Opb-N3vJts35lgliqVezkw7sPqpbbG-0ikRqaCtNdBNRBvjG-BfPx9hlc5HOu6ssWNCpT_c1E_SIi3UXenfvYWqhynUHf_qufN3CjX4","dp":"sjwJ-j7wlCiy-rGkWO3ETUkquxRhi3YRZ1INzcuO8X-46CJhOXLeZuQCdWj23CNDsXuU-thzzWY6F-MSOSO4-gu5pdDd3D-QmlDqPbvKyGYUMRM1-RD2GY0fRRU2r7isMARwTh3Pha-HIufVjGZmgxeB_Dc-TR8NkbwtrtnfypE","dq":"Ea8GcX4IzDOTF49Uro0_JAa3uDZbBsE-lmzfdUBgRsXHaDzSAwYsLlfKuqUJTHmSyo3yYzEK3e_oetcmeD84sfdp4Vm9X2AFPPd280fHNPw6QIhG0qleCiAKiq_BFGZ4VlbA6Kg-wzUqU0OH13aNC5RdLIxJoRxGFvYVYGdJLjU","n":"i6jOrSSZLDWt0McqzHViXAjJUPhoJzNkZkSsLNQExb31R_IWFO9-CcaSenu81mYRGymsPs3ywBA0NGnixQ_st-l-IoKXeNH3r5k51mxlp7DEdi_8c9rqnNWsyu3QOJ6wCzafHNaNOlBXXLb3dVyVwK-L83mIA1ysn7qtrLtty8_Uk2Ens3IwzsLhxaW6Cz7H8qdt8LZbQPObxEVAP66CEw6SzLCWhD43mqcjE429ofpL4mCvrRJX_j_ZOqAAGXKjx5kOkoZRmuuFFhMHRy8SQORe3bQkk1icHu36C5RSZKE1DZd6PwNJkXpSCeJQQzwE4MCwkUdt_yt44A-lktv8cw"}
algorithm
RS256
2021-06-13 21:38:14 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2021-06-13 21:38:14 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
PsY230EVOesIYZkR73wuWTFQE4D936AqJ6zL7RV7DNrO2KeQ1a
token_type
Bearer
id_token
eyJraWQiOiIwYThlNDcxZC1jZTE4LTQ2OWQtYWEzYy02ZWIwMzJmNTMxODgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOC1MaURFSTExMFJUcE5OXzM3cDlFQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYyMDU5NCwibm9uY2UiOiJMWDVmR2JmTXdYS3NxTndKb3ZKRVcyZUd6R0M4UHQzQ052ZFZodnA5MkFVIiwiaWF0IjoxNjIzNjIwMjk0fQ.cFB6DGcaXNTQVw4Is5cSXQkmdIA9Tb9hli_-uNKftqap7wHHzgY1p5s25qBhpVC28MEIgypRamtMK-U-E11RgUsdlRJN2CPbiNyLdbMD0SNQLnITeU0WhPyq0paYDpWLo53oC0qsTxoKKQRhVnZvfqiWDkzX06CsEqZlrHBw2PzOoOpTg_6x_NTdzjAZUAc-dZnG9Ed2WCVcM2TT9cK2cNeWu7cz5zvknQILL4-LRirkARAUxhE3X5r_thCRGNNvLSkQo_SzC6dNquBbSf4T1GSqIVgpqhedPvRvu9be-em7YGGTwbb-2dhf0pD1ugUO6IYTK4gzJMLZcKZlWFRKWA
scope
openid profile email offline_access
2021-06-13 21:38:14 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance h1DUodFhCW3v1E8
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "PsY230EVOesIYZkR73wuWTFQE4D936AqJ6zL7RV7DNrO2KeQ1a",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiIwYThlNDcxZC1jZTE4LTQ2OWQtYWEzYy02ZWIwMzJmNTMxODgiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOC1MaURFSTExMFJUcE5OXzM3cDlFQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiODc2NTQzMjEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvTVNUUl9NMjAyMV9VUDFcLyIsImV4cCI6MTYyMzYyMDU5NCwibm9uY2UiOiJMWDVmR2JmTXdYS3NxTndKb3ZKRVcyZUd6R0M4UHQzQ052ZFZodnA5MkFVIiwiaWF0IjoxNjIzNjIwMjk0fQ.cFB6DGcaXNTQVw4Is5cSXQkmdIA9Tb9hli_-uNKftqap7wHHzgY1p5s25qBhpVC28MEIgypRamtMK-U-E11RgUsdlRJN2CPbiNyLdbMD0SNQLnITeU0WhPyq0paYDpWLo53oC0qsTxoKKQRhVnZvfqiWDkzX06CsEqZlrHBw2PzOoOpTg_6x_NTdzjAZUAc-dZnG9Ed2WCVcM2TT9cK2cNeWu7cz5zvknQILL4-LRirkARAUxhE3X5r_thCRGNNvLSkQo_SzC6dNquBbSf4T1GSqIVgpqhedPvRvu9be-em7YGGTwbb-2dhf0pD1ugUO6IYTK4gzJMLZcKZlWFRKWA",
  "scope": "openid profile email offline_access"
}
outgoing_path
token
2021-06-13 21:38:14 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance h1DUodFhCW3v1E8
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/jwk-set+json",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2021-06-13 21:38:14 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance h1DUodFhCW3v1E8
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0a8e471d-ce18-469d-aa3c-6eb032f53188",
      "n": "i6jOrSSZLDWt0McqzHViXAjJUPhoJzNkZkSsLNQExb31R_IWFO9-CcaSenu81mYRGymsPs3ywBA0NGnixQ_st-l-IoKXeNH3r5k51mxlp7DEdi_8c9rqnNWsyu3QOJ6wCzafHNaNOlBXXLb3dVyVwK-L83mIA1ysn7qtrLtty8_Uk2Ens3IwzsLhxaW6Cz7H8qdt8LZbQPObxEVAP66CEw6SzLCWhD43mqcjE429ofpL4mCvrRJX_j_ZOqAAGXKjx5kOkoZRmuuFFhMHRy8SQORe3bQkk1icHu36C5RSZKE1DZd6PwNJkXpSCeJQQzwE4MCwkUdt_yt44A-lktv8cw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "741ba80b-e4bc-46d2-b5a7-b5f3e1ae0377",
      "n": "l2BgbYfURyPjGbRQmFGt4oMOTvGP0sgsnmwYgKMOFTtd85QzTFYU6ROP7d6i7QxWOHwjVnIHe8ykuYB3KUkdjjeQuyo86WkAZ39MAzaXQq5y9Qz92b6pRZvGJdx46qYj2aic4WelnKT8GRVbaJeidXHrofHMsZozXJdpDnXd_ItR_YHUF65xxIatBFhrelADJCCJ0mB7uPoRDoPP_kIxNyn_VTDQwexrs5LE279zqucLj0EJ7nYQ8pN2HkbP1uDbDyN1mXYkWAQH7_8kXOIRy8_2mmD-SDWcw2pzvnQbbsdu_pQySWsG9UgpRWR0YGGZZsyy56ZMbOoiBqQYkJtnMw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7bbc1ec0-3578-4197-88ef-10a25d2f7473",
      "x": "YIN7eykbJMfXd0WUP-wiD_OAb1BXb16Z1E_EUXMxyIQ",
      "y": "-0PdHYacw4EjZ9lI0wz0E76WgsRUAZOAjHZZa_ljF8E"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "21922172-2f0a-40ab-aaf3-bb166fbdb7a4",
      "x": "ZoHwsZmklt-KyuVbHQJ8z3zNrRJ6LY-tWi0LCbF0_hY",
      "y": "sbc0DhH3llG0muB1K2HqxTsVW8JWyvr-JotV0xr-618"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "e72eb296-f0f9-4f49-ac3f-c751d7e38a44",
      "x": "CJjaph5wPsxU--M6mUAuTX7Yxq7Zl4TyjGBn1sxJo9I",
      "y": "rosO29ZjvCJWYY6qOy51CI_5YdkEa8rppfYygldpORM"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "6f23d226-f10b-4405-9bf8-093213847dbc",
      "x": "lCliHnh15TqtvxRI6eaNb-gK2GBqIyHQUI2YDctA1RI"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d0851dd4-6f96-4a1b-8a54-4bbd987ac775",
      "alg": "RSA-OAEP",
      "n": "mDmSY5dMFCN1p0JmtzpmZsSQcBBP5MNdBr--wEZIsRVPZGeu_pzs0vCbPBJMeudNZxF1yn6r0UhdqXfrwTCCqTWn22GfDDk1inmg-TgWBDWatryqR10ykwK12UxAe6XnOs6h4SqQBDSTAWDzD9QDpE96Ud9mX_g8f5NtR9dvsIv9oR_BDJLm9VTc3mQl_BLSHKigEWLolAonNCyvyE67g995VTpcFp0rjS5fcvUBoClmMjqUJpP6cKK4CYeG5t5omoEgsZVZcWEiOeEB79xW-Fj5Q7yFYf1glcrXlfmOGVqB0pK7rb9ZR2ywqrYfW6azst9S4392lziGceiKauelDw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "b5dc3ef3-a7f5-4581-bc33-956d1593192f",
      "x": "27XXJPmqF-FqG4PoBjZvinCYe-nJ58k0ncNElG2aCaQ",
      "y": "Avj7LXUNfOyXdGkoJvkSe32QUC9X9a89R9O48JVBtUU",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2021-06-13 21:38:14 INCOMING
oidcc-client-test-client-secret-basic
Incoming HTTP request to test instance h1DUodFhCW3v1E8
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "authorization": "Bearer PsY230EVOesIYZkR73wuWTFQE4D936AqJ6zL7RV7DNrO2KeQ1a",
  "user-agent": "Java/11.0.8",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2021-06-13 21:38:14 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
PsY230EVOesIYZkR73wuWTFQE4D936AqJ6zL7RV7DNrO2KeQ1a
2021-06-13 21:38:14 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
PsY230EVOesIYZkR73wuWTFQE4D936AqJ6zL7RV7DNrO2KeQ1a
2021-06-13 21:38:14 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
email
user@example.com
email_verified
false
2021-06-13 21:38:14
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-06-13 21:38:14 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 21:38:14 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-06-13 21:38:14 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2021-06-13 21:38:14 OUTGOING
oidcc-client-test-client-secret-basic
Response to HTTP request to test instance h1DUodFhCW3v1E8
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": 1580000000,
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User",
  "email": "user@example.com",
  "email_verified": false
}
outgoing_path
userinfo
2021-06-13 21:38:14 FINISHED
oidcc-client-test-client-secret-basic
Test has run to completion
testmodule_result
PASSED
Test Results