Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-10-22 15:36:28 INFO
TEST-RUNNER
Test instance uAaBPlmZlnymtS7 created
baseUrl
https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi
variant
{
  "client_auth_type": "mtls",
  "fapi_auth_request_method": "pushed",
  "fapi_jarm_type": "oidc",
  "fapi_profile": "plain_fapi",
  "fapi_response_mode": "plain_response"
}
alias
openid-client-19x_eSCK1zeMp5IBU8EXi
description
openid-client v5.x FAPI1 Adv. MTLS, PAR RP
planId
E1lVQvBJBSVet
config
{
  "alias": "openid-client-19x_eSCK1zeMp5IBU8EXi",
  "description": "openid-client v5.x FAPI1 Adv. MTLS, PAR RP",
  "server": {
    "jwks": {
      "keys": [
        {
          "e": "AQAB",
          "n": "wlkAv4Ub0vsZF0x5oaTCuZSO5h0SiMtjLGjpQhh_aYzav3-W46SiBicNknvaKOWrSvBszc4o1whOkqP-0ryAcrK5YJVei3GrtYUygeH0eCXFOnCZo8njKgrrXIa6PzhfhR692SJrI2hDTTdpOM6dninOfAdTHCeB1pESVUyaY6TUXeeFf7cNKAFG3TfH-ZPvQIylc_olmBKX4nUk8HcTJudTfUJ9NFd0DBLroC5cWgz1Q9LR7kJsuZ5aN-tfaZENQ7mUItW16cjgHHS3ChwFyuwY0AB3-2Ei1EW40DfhjDxEZpTAO9pDsWJUAbs9mb4rL8piYDGNDgWy82NXxXZr4w",
          "d": "qixWvFxoTagygzUid8iV_Pu42INyXDeDIjrGrGpY_moojG_DBpd8i9icSLyL_S2FfHvjOZ4gIpGSg1J36bzG2CforEp-W6lvyeTUoefhMWcZOJ-p2EIJ2CFxjzYlVQAem6icYcmCeKFt9OnlB6nbV8eRlwau3kM1rFSg8fG-aio67yByb-rsJQp8kA6gjyijRsbX3-J7-eMWB3J7fEZ7zZGLLWop1NQuV8q29yWwdp94P0fV1K46AUGf1O2niLIuCgargdF0psWVoD8F2B0gKvcuxCGsldAJ_QqqD4ztlMxAsMe8pHlWoSqbO2vYLcHmSHQgKoLxPqKXinY8-1t8GQ",
          "p": "_vbs_b5I30x9tVMrvLezYFNHjppgJo4JPmqwZZa5uMYyY0iTNYtuzcwtS-8ZUI1MzvvlIjikzh6EP_8MFs-SaBlsQ_Fgq5HT2zzdYQyyag7GK_MUZ8Jw_7PZrjjtyYjuZfj05KKyPjs2uOdnWY5JVmv3q4MSZEQLNlSUGwn-v2c",
          "q": "wyMOhuEsh4RJq3Jl3q7aGeWlNINXFt-JDsKMMKL-1k1kpgyXXy7l0yRIU54FgDunWve2j2LxQfE5nqNupvl2pBNosW31cAUWNA8l48tNGcYd_FZNV-IfUG7k7qHgK0AYpVN3leo9xe7vhIC361YBYdmYjDsN16pz31gbSbvV7iU",
          "dp": "BujKI1Y0w1hfT7qhRMv1oHahScwFLwZKWdaqURZ0kf1NAEPHOXw91HXkBFrGZNhvbGyHGRZP4QYSr2lJ-pRFc2y88lpoND4Pb7GGjkq5ywX7eNVtiCJMzaEiFQaV6xA65aiJemiuS-Fu6jPbKSIh-qWSYKN8rBrr8tz35oOu06E",
          "dq": "HsdLxkiD_ogGGq27lakcq5MGQMcqmGf_tT1IYW-EJIcmhe5cfd3m0Cvb4Jx_H5_JINcLi4g-p3kF7pi2nk2gwfZxv_KpENcsjl-JSWnKqnMOTbvLDT6UU9p5743GzuuYN5N3vESrI6oxS0QGPm9dXnK01gGGiGrRRfweqb2f26U",
          "qi": "FwLnMc8OOUA_OKV5sGLdcIbWrWzYg6L5Qz0cNMI4ifuXdOU9meSVIx0hk_vFdkMRCVVN5hWJgScDSwGAq6_fTWQB44j3AsSoizu74aMkrQplm3uWJswEDHkCtzVmI2RxDJ1XjkWwzETbKuSaLTT_qlPkt_pHkIzUmIB6940vDbk",
          "kty": "RSA",
          "kid": "8JhwzHIHy0b7khZhteCdMypvWERx3s9emYsXmPBgmCQ",
          "alg": "PS256",
          "use": "sig"
        }
      ]
    }
  },
  "waitTimeoutSeconds": 2,
  "client": {
    "client_id": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
    "scope": "openid",
    "redirect_uri": "https://openid-client.local/cb",
    "jwks": {
      "keys": [
        {
          "e": "AQAB",
          "n": "7OvMThFjpNroR-Ec8a_b9jvfZy2qfZa-pz8uKmdRKTp8EjMm_nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl-Izgd_SDR8nfqY_MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI-pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus_95rvi7dC7SJ46WS2NjL83_Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGw",
          "kty": "RSA",
          "kid": "jIODs9qk6MnlyOLp_kZZyLewyRT5fcuYd6Pys0eRlsw",
          "x5c": [
            "MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvfZy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIeCuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwko4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIVwA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3uQ+250YJ4f7wDTgvK1Y\u003d"
          ],
          "x5t": "2FzncZ0KUeSLhxcHMA9gFdtbCGQ",
          "x5t#S256": "yrwtej1ilpOSQRBiEHIKZhLJTgz0m6fBAA_4ykKC2G8"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNV\r\nBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWEx\r\nEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRl\r\nc3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtl\r\neGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYD\r\nVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIB\r\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvf\r\nZy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88w\r\nCt79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPo\r\nT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyN\r\nL78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VH\r\ngY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwID\r\nAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhto\r\ndHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2\r\nboMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIe\r\nCuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwk\r\no4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIV\r\nwA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt\r\n0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3\r\nuQ+250YJ4f7wDTgvK1Y\u003d\r\n-----END CERTIFICATE-----\r\n"
  },
  "client2": {
    "client_id": "client2-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
    "scope": "openid",
    "redirect_uri": "https://openid-client2.local/cb",
    "jwks": {
      "keys": [
        {
          "e": "AQAB",
          "n": "1_YcRpQa9LgXhb3E7Fy0M_2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3_4tI7YFqRb5Jlhw7au4cs47NY4qkQ-aZQ_sBhvwdDFyMwKbGPQFV-5A_kWdB2TqPSiSui99IL-9EvFrq_HgN34KO70-kSQjXMkYBw-VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf_SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX_NOgbi8fiB_s-fkn21TNE8Rf0pWsAV-MlUszJ2VTT0SJHdBpRwMDByPxJzr-xJRw",
          "kty": "RSA",
          "kid": "IXiEPUlVUmA5yKRHRDJBH64RjT3U3lFrD4dHvJDJgBk",
          "use": "sig",
          "x5c": [
            "MIIDmjCCAoKgAwIBAgIJBCkhWUrbep95MA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDUwWhcNMjIxMDIyMTUzNDUwWjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/YcRpQa9LgXhb3E7Fy0M/2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3/4tI7YFqRb5Jlhw7au4cs47NY4qkQ+aZQ/sBhvwdDFyMwKbGPQFV+5A/kWdB2TqPSiSui99IL+9EvFrq/HgN34KO70+kSQjXMkYBw+VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf/SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX/NOgbi8fiB/s+fkn21TNE8Rf0pWsAV+MlUszJ2VTT0SJHdBpRwMDByPxJzr+xJRwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAMNyYEuBlNW2R/qld0sjEdPNi0x19B1TyUQw/Ql1h+4FMcGAcQCo/KEtAKWWSq/c8H4Ia2CAztytWQLI+X/02npEjrBdJTEgTPROBSqL2ORXHw6rpmuJq1GBQH9HuyYFmAIhIOoef1ee7V+3YkeivvS5/jHipd0hR7E3gH+o535gstv563kyoqTGFOUiXYkuBEON+S7sEdf5nLeYiSZNtHlCUpWz2TxAuYMG7HJdmP37dexIR8DmhMKYxr6WbNdsD6y+xyVbM4+TExaNAwtPXWbGamJ5kM5/fnUj6Dyl7T+f3AxtRK5eof5hq/0JvAb81nAdwinxMEcYkV0E840v9E0\u003d"
          ],
          "x5t": "cWa8bD4VQXYYlMSfEJWqLmRdM0I",
          "x5t#S256": "lBDh5y9jfhCArwzI6P_XEWuxVaPFT2XAM9zjhWx4uZU"
        },
        {
          "e": "AQAB",
          "n": "s7VUd-v9_RSLaiLo_c22-Lb39wS9dmpAC_EE2XAnzHaBNoiA6K32QbcUDy8FghRPrJ-TIWN9IgLIO1rfGxp30PGQjcBc5x7yRcuOM0PlLiRH6gUCPitVZq2kvIf4B30Mxl6t320aWM2FHe1Tv8in4LjqBP6MrXzzCwqnDC3Zpgj652kCfOBFRXrurTezHaA23r54T2iInW-XfOD5bjKeFx6OWy9eBTibB3kqf4d_bxmB5qLMY_9A6G0px000icguFRqAUjOLUFKwaGep8qOOLCwXDq3_vft3ZiNGwTgQGUn28IAfjoHcc5gZGO176JnvsygDCzZuvkh32_6o4H-_jw",
          "kty": "RSA",
          "kid": "OfS9_GtnbSk-T4Bi3vRr3D-ktAHHXGzDa-x-ZUWPst4",
          "alg": "RSA-OAEP-256",
          "use": "enc"
        }
      ]
    },
    "id_token_encrypted_response_alg": "RSA-OAEP-256",
    "certificate": "-----BEGIN CERTIFICATE-----\r\nMIIDmjCCAoKgAwIBAgIJBCkhWUrbep95MA0GCSqGSIb3DQEBBQUAMGkxFDASBgNV\r\nBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWEx\r\nEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRl\r\nc3QwHhcNMjExMDIyMTUzNDUwWhcNMjIxMDIyMTUzNDUwWjBpMRQwEgYDVQQDEwtl\r\neGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYD\r\nVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIB\r\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/YcRpQa9LgXhb3E7Fy0M/2Z\r\nlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIs\r\nW2XACTvY3/4tI7YFqRb5Jlhw7au4cs47NY4qkQ+aZQ/sBhvwdDFyMwKbGPQFV+5A\r\n/kWdB2TqPSiSui99IL+9EvFrq/HgN34KO70+kSQjXMkYBw+VDuUdQvGwB7ss9wn8\r\nsusKyjmilOukvUR2vHtGf/SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX/N\r\nOgbi8fiB/s+fkn21TNE8Rf0pWsAV+MlUszJ2VTT0SJHdBpRwMDByPxJzr+xJRwID\r\nAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhto\r\ndHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAMNy\r\nYEuBlNW2R/qld0sjEdPNi0x19B1TyUQw/Ql1h+4FMcGAcQCo/KEtAKWWSq/c8H4I\r\na2CAztytWQLI+X/02npEjrBdJTEgTPROBSqL2ORXHw6rpmuJq1GBQH9HuyYFmAIh\r\nIOoef1ee7V+3YkeivvS5/jHipd0hR7E3gH+o535gstv563kyoqTGFOUiXYkuBEON\r\n+S7sEdf5nLeYiSZNtHlCUpWz2TxAuYMG7HJdmP37dexIR8DmhMKYxr6WbNdsD6y+\r\nxyVbM4+TExaNAwtPXWbGamJ5kM5/fnUj6Dyl7T+f3AxtRK5eof5hq/0JvAb81nAd\r\nwinxMEcYkV0E840v9E0\u003d\r\n-----END CERTIFICATE-----\r\n"
  }
}
testName
fapi1-advanced-final-client-test-invalid-missing-exp
2021-10-22 15:36:28 SUCCESS
GenerateServerConfigurationMTLS
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/authorize",
  "token_endpoint": "https://www.certification.openid.net/test-mtls/a/openid-client-19x_eSCK1zeMp5IBU8EXi/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/userinfo"
}
issuer
https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/
discoveryUrl
https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/.well-known/openid-configuration
2021-10-22 15:36:28 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "_vbs_b5I30x9tVMrvLezYFNHjppgJo4JPmqwZZa5uMYyY0iTNYtuzcwtS-8ZUI1MzvvlIjikzh6EP_8MFs-SaBlsQ_Fgq5HT2zzdYQyyag7GK_MUZ8Jw_7PZrjjtyYjuZfj05KKyPjs2uOdnWY5JVmv3q4MSZEQLNlSUGwn-v2c",
      "kty": "RSA",
      "q": "wyMOhuEsh4RJq3Jl3q7aGeWlNINXFt-JDsKMMKL-1k1kpgyXXy7l0yRIU54FgDunWve2j2LxQfE5nqNupvl2pBNosW31cAUWNA8l48tNGcYd_FZNV-IfUG7k7qHgK0AYpVN3leo9xe7vhIC361YBYdmYjDsN16pz31gbSbvV7iU",
      "d": "qixWvFxoTagygzUid8iV_Pu42INyXDeDIjrGrGpY_moojG_DBpd8i9icSLyL_S2FfHvjOZ4gIpGSg1J36bzG2CforEp-W6lvyeTUoefhMWcZOJ-p2EIJ2CFxjzYlVQAem6icYcmCeKFt9OnlB6nbV8eRlwau3kM1rFSg8fG-aio67yByb-rsJQp8kA6gjyijRsbX3-J7-eMWB3J7fEZ7zZGLLWop1NQuV8q29yWwdp94P0fV1K46AUGf1O2niLIuCgargdF0psWVoD8F2B0gKvcuxCGsldAJ_QqqD4ztlMxAsMe8pHlWoSqbO2vYLcHmSHQgKoLxPqKXinY8-1t8GQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "8JhwzHIHy0b7khZhteCdMypvWERx3s9emYsXmPBgmCQ",
      "qi": "FwLnMc8OOUA_OKV5sGLdcIbWrWzYg6L5Qz0cNMI4ifuXdOU9meSVIx0hk_vFdkMRCVVN5hWJgScDSwGAq6_fTWQB44j3AsSoizu74aMkrQplm3uWJswEDHkCtzVmI2RxDJ1XjkWwzETbKuSaLTT_qlPkt_pHkIzUmIB6940vDbk",
      "dp": "BujKI1Y0w1hfT7qhRMv1oHahScwFLwZKWdaqURZ0kf1NAEPHOXw91HXkBFrGZNhvbGyHGRZP4QYSr2lJ-pRFc2y88lpoND4Pb7GGjkq5ywX7eNVtiCJMzaEiFQaV6xA65aiJemiuS-Fu6jPbKSIh-qWSYKN8rBrr8tz35oOu06E",
      "alg": "PS256",
      "dq": "HsdLxkiD_ogGGq27lakcq5MGQMcqmGf_tT1IYW-EJIcmhe5cfd3m0Cvb4Jx_H5_JINcLi4g-p3kF7pi2nk2gwfZxv_KpENcsjl-JSWnKqnMOTbvLDT6UU9p5743GzuuYN5N3vESrI6oxS0QGPm9dXnK01gGGiGrRRfweqb2f26U",
      "n": "wlkAv4Ub0vsZF0x5oaTCuZSO5h0SiMtjLGjpQhh_aYzav3-W46SiBicNknvaKOWrSvBszc4o1whOkqP-0ryAcrK5YJVei3GrtYUygeH0eCXFOnCZo8njKgrrXIa6PzhfhR692SJrI2hDTTdpOM6dninOfAdTHCeB1pESVUyaY6TUXeeFf7cNKAFG3TfH-ZPvQIylc_olmBKX4nUk8HcTJudTfUJ9NFd0DBLroC5cWgz1Q9LR7kJsuZ5aN-tfaZENQ7mUItW16cjgHHS3ChwFyuwY0AB3-2Ei1EW40DfhjDxEZpTAO9pDsWJUAbs9mb4rL8piYDGNDgWy82NXxXZr4w"
    }
  ]
}
server_encryption_keys
{}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "8JhwzHIHy0b7khZhteCdMypvWERx3s9emYsXmPBgmCQ",
      "alg": "PS256",
      "n": "wlkAv4Ub0vsZF0x5oaTCuZSO5h0SiMtjLGjpQhh_aYzav3-W46SiBicNknvaKOWrSvBszc4o1whOkqP-0ryAcrK5YJVei3GrtYUygeH0eCXFOnCZo8njKgrrXIa6PzhfhR692SJrI2hDTTdpOM6dninOfAdTHCeB1pESVUyaY6TUXeeFf7cNKAFG3TfH-ZPvQIylc_olmBKX4nUk8HcTJudTfUJ9NFd0DBLroC5cWgz1Q9LR7kJsuZ5aN-tfaZENQ7mUItW16cjgHHS3ChwFyuwY0AB3-2Ei1EW40DfhjDxEZpTAO9pDsWJUAbs9mb4rL8piYDGNDgWy82NXxXZr4w"
    }
  ]
}
2021-10-22 15:36:28 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-10-22 15:36:28 SUCCESS
ExtractServerSigningAlg
Successfully extracted algorithm
signing_algorithm
PS256
2021-10-22 15:36:28 SUCCESS
AddTLSClientAuthToServerConfiguration
Added tls_client_auth for token_endpoint_auth_methods_supported
2021-10-22 15:36:28
AddPushedAuthorizationRequestEndpointToServerConfig
Added pushed_authorization_request_endpoint to server configuration
endpoint
https://www.certification.openid.net/test-mtls/a/openid-client-19x_eSCK1zeMp5IBU8EXi/par
2021-10-22 15:36:28
AddRequirePushedAuthorizationRequestsToServerConfig
Added require_pushed_authorization_requests to server configuration
value
true
2021-10-22 15:36:28 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2021-10-22 15:36:28 SUCCESS
FAPIAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256",
  "ES256"
]
2021-10-22 15:36:28 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-10-22 15:36:28 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "p": "_vbs_b5I30x9tVMrvLezYFNHjppgJo4JPmqwZZa5uMYyY0iTNYtuzcwtS-8ZUI1MzvvlIjikzh6EP_8MFs-SaBlsQ_Fgq5HT2zzdYQyyag7GK_MUZ8Jw_7PZrjjtyYjuZfj05KKyPjs2uOdnWY5JVmv3q4MSZEQLNlSUGwn-v2c",
      "kty": "RSA",
      "q": "wyMOhuEsh4RJq3Jl3q7aGeWlNINXFt-JDsKMMKL-1k1kpgyXXy7l0yRIU54FgDunWve2j2LxQfE5nqNupvl2pBNosW31cAUWNA8l48tNGcYd_FZNV-IfUG7k7qHgK0AYpVN3leo9xe7vhIC361YBYdmYjDsN16pz31gbSbvV7iU",
      "d": "qixWvFxoTagygzUid8iV_Pu42INyXDeDIjrGrGpY_moojG_DBpd8i9icSLyL_S2FfHvjOZ4gIpGSg1J36bzG2CforEp-W6lvyeTUoefhMWcZOJ-p2EIJ2CFxjzYlVQAem6icYcmCeKFt9OnlB6nbV8eRlwau3kM1rFSg8fG-aio67yByb-rsJQp8kA6gjyijRsbX3-J7-eMWB3J7fEZ7zZGLLWop1NQuV8q29yWwdp94P0fV1K46AUGf1O2niLIuCgargdF0psWVoD8F2B0gKvcuxCGsldAJ_QqqD4ztlMxAsMe8pHlWoSqbO2vYLcHmSHQgKoLxPqKXinY8-1t8GQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "8JhwzHIHy0b7khZhteCdMypvWERx3s9emYsXmPBgmCQ",
      "qi": "FwLnMc8OOUA_OKV5sGLdcIbWrWzYg6L5Qz0cNMI4ifuXdOU9meSVIx0hk_vFdkMRCVVN5hWJgScDSwGAq6_fTWQB44j3AsSoizu74aMkrQplm3uWJswEDHkCtzVmI2RxDJ1XjkWwzETbKuSaLTT_qlPkt_pHkIzUmIB6940vDbk",
      "dp": "BujKI1Y0w1hfT7qhRMv1oHahScwFLwZKWdaqURZ0kf1NAEPHOXw91HXkBFrGZNhvbGyHGRZP4QYSr2lJ-pRFc2y88lpoND4Pb7GGjkq5ywX7eNVtiCJMzaEiFQaV6xA65aiJemiuS-Fu6jPbKSIh-qWSYKN8rBrr8tz35oOu06E",
      "alg": "PS256",
      "dq": "HsdLxkiD_ogGGq27lakcq5MGQMcqmGf_tT1IYW-EJIcmhe5cfd3m0Cvb4Jx_H5_JINcLi4g-p3kF7pi2nk2gwfZxv_KpENcsjl-JSWnKqnMOTbvLDT6UU9p5743GzuuYN5N3vESrI6oxS0QGPm9dXnK01gGGiGrRRfweqb2f26U",
      "n": "wlkAv4Ub0vsZF0x5oaTCuZSO5h0SiMtjLGjpQhh_aYzav3-W46SiBicNknvaKOWrSvBszc4o1whOkqP-0ryAcrK5YJVei3GrtYUygeH0eCXFOnCZo8njKgrrXIa6PzhfhR692SJrI2hDTTdpOM6dninOfAdTHCeB1pESVUyaY6TUXeeFf7cNKAFG3TfH-ZPvQIylc_olmBKX4nUk8HcTJudTfUJ9NFd0DBLroC5cWgz1Q9LR7kJsuZ5aN-tfaZENQ7mUItW16cjgHHS3ChwFyuwY0AB3-2Ei1EW40DfhjDxEZpTAO9pDsWJUAbs9mb4rL8piYDGNDgWy82NXxXZr4w"
    }
  ]
}
2021-10-22 15:36:28 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2021-10-22 15:36:28 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
client-id-openid-client-19x_eSCK1zeMp5IBU8EXi
scope
openid
redirect_uri
https://openid-client.local/cb
jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "7OvMThFjpNroR-Ec8a_b9jvfZy2qfZa-pz8uKmdRKTp8EjMm_nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl-Izgd_SDR8nfqY_MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI-pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus_95rvi7dC7SJ46WS2NjL83_Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGw",
      "kty": "RSA",
      "kid": "jIODs9qk6MnlyOLp_kZZyLewyRT5fcuYd6Pys0eRlsw",
      "x5c": [
        "MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvfZy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIeCuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwko4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIVwA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3uQ+250YJ4f7wDTgvK1Y\u003d"
      ],
      "x5t": "2FzncZ0KUeSLhxcHMA9gFdtbCGQ",
      "x5t#S256": "yrwtej1ilpOSQRBiEHIKZhLJTgz0m6fBAA_4ykKC2G8"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNV
BAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWEx
EzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRl
c3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtl
eGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYD
VQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvf
Zy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88w
Ct79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPo
T1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyN
L78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VH
gY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwID
AQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhto
dHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2
boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIe
CuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwk
o4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIV
wA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt
0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3
uQ+250YJ4f7wDTgvK1Y=
-----END CERTIFICATE-----
2021-10-22 15:36:28 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-10-22 15:36:28 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "7OvMThFjpNroR-Ec8a_b9jvfZy2qfZa-pz8uKmdRKTp8EjMm_nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl-Izgd_SDR8nfqY_MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI-pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus_95rvi7dC7SJ46WS2NjL83_Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGw",
      "kty": "RSA",
      "kid": "jIODs9qk6MnlyOLp_kZZyLewyRT5fcuYd6Pys0eRlsw",
      "x5c": [
        "MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvfZy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIeCuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwko4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIVwA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3uQ+250YJ4f7wDTgvK1Y\u003d"
      ],
      "x5t": "2FzncZ0KUeSLhxcHMA9gFdtbCGQ",
      "x5t#S256": "yrwtej1ilpOSQRBiEHIKZhLJTgz0m6fBAA_4ykKC2G8"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "x5t#S256": "yrwtej1ilpOSQRBiEHIKZhLJTgz0m6fBAA_4ykKC2G8",
      "e": "AQAB",
      "x5t": "2FzncZ0KUeSLhxcHMA9gFdtbCGQ",
      "kid": "jIODs9qk6MnlyOLp_kZZyLewyRT5fcuYd6Pys0eRlsw",
      "x5c": [
        "MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvfZy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIeCuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwko4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIVwA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3uQ+250YJ4f7wDTgvK1Y\u003d"
      ],
      "n": "7OvMThFjpNroR-Ec8a_b9jvfZy2qfZa-pz8uKmdRKTp8EjMm_nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl-Izgd_SDR8nfqY_MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI-pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus_95rvi7dC7SJ46WS2NjL83_Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGw"
    }
  ]
}
2021-10-22 15:36:28 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-10-22 15:36:28 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-10-22 15:36:28 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "7OvMThFjpNroR-Ec8a_b9jvfZy2qfZa-pz8uKmdRKTp8EjMm_nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl-Izgd_SDR8nfqY_MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI-pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus_95rvi7dC7SJ46WS2NjL83_Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGw",
      "kty": "RSA",
      "kid": "jIODs9qk6MnlyOLp_kZZyLewyRT5fcuYd6Pys0eRlsw",
      "x5c": [
        "MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvfZy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88wCt79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPoT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyNL78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VHgY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIeCuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwko4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIVwA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3uQ+250YJ4f7wDTgvK1Y\u003d"
      ],
      "x5t": "2FzncZ0KUeSLhxcHMA9gFdtbCGQ",
      "x5t#S256": "yrwtej1ilpOSQRBiEHIKZhLJTgz0m6fBAA_4ykKC2G8"
    }
  ]
}
Verify configuration of second client
2021-10-22 15:36:28 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
client2-id-openid-client-19x_eSCK1zeMp5IBU8EXi
scope
openid
redirect_uri
https://openid-client2.local/cb
jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "1_YcRpQa9LgXhb3E7Fy0M_2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3_4tI7YFqRb5Jlhw7au4cs47NY4qkQ-aZQ_sBhvwdDFyMwKbGPQFV-5A_kWdB2TqPSiSui99IL-9EvFrq_HgN34KO70-kSQjXMkYBw-VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf_SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX_NOgbi8fiB_s-fkn21TNE8Rf0pWsAV-MlUszJ2VTT0SJHdBpRwMDByPxJzr-xJRw",
      "kty": "RSA",
      "kid": "IXiEPUlVUmA5yKRHRDJBH64RjT3U3lFrD4dHvJDJgBk",
      "use": "sig",
      "x5c": [
        "MIIDmjCCAoKgAwIBAgIJBCkhWUrbep95MA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDUwWhcNMjIxMDIyMTUzNDUwWjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/YcRpQa9LgXhb3E7Fy0M/2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3/4tI7YFqRb5Jlhw7au4cs47NY4qkQ+aZQ/sBhvwdDFyMwKbGPQFV+5A/kWdB2TqPSiSui99IL+9EvFrq/HgN34KO70+kSQjXMkYBw+VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf/SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX/NOgbi8fiB/s+fkn21TNE8Rf0pWsAV+MlUszJ2VTT0SJHdBpRwMDByPxJzr+xJRwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAMNyYEuBlNW2R/qld0sjEdPNi0x19B1TyUQw/Ql1h+4FMcGAcQCo/KEtAKWWSq/c8H4Ia2CAztytWQLI+X/02npEjrBdJTEgTPROBSqL2ORXHw6rpmuJq1GBQH9HuyYFmAIhIOoef1ee7V+3YkeivvS5/jHipd0hR7E3gH+o535gstv563kyoqTGFOUiXYkuBEON+S7sEdf5nLeYiSZNtHlCUpWz2TxAuYMG7HJdmP37dexIR8DmhMKYxr6WbNdsD6y+xyVbM4+TExaNAwtPXWbGamJ5kM5/fnUj6Dyl7T+f3AxtRK5eof5hq/0JvAb81nAdwinxMEcYkV0E840v9E0\u003d"
      ],
      "x5t": "cWa8bD4VQXYYlMSfEJWqLmRdM0I",
      "x5t#S256": "lBDh5y9jfhCArwzI6P_XEWuxVaPFT2XAM9zjhWx4uZU"
    },
    {
      "e": "AQAB",
      "n": "s7VUd-v9_RSLaiLo_c22-Lb39wS9dmpAC_EE2XAnzHaBNoiA6K32QbcUDy8FghRPrJ-TIWN9IgLIO1rfGxp30PGQjcBc5x7yRcuOM0PlLiRH6gUCPitVZq2kvIf4B30Mxl6t320aWM2FHe1Tv8in4LjqBP6MrXzzCwqnDC3Zpgj652kCfOBFRXrurTezHaA23r54T2iInW-XfOD5bjKeFx6OWy9eBTibB3kqf4d_bxmB5qLMY_9A6G0px000icguFRqAUjOLUFKwaGep8qOOLCwXDq3_vft3ZiNGwTgQGUn28IAfjoHcc5gZGO176JnvsygDCzZuvkh32_6o4H-_jw",
      "kty": "RSA",
      "kid": "OfS9_GtnbSk-T4Bi3vRr3D-ktAHHXGzDa-x-ZUWPst4",
      "alg": "RSA-OAEP-256",
      "use": "enc"
    }
  ]
}
id_token_encrypted_response_alg
RSA-OAEP-256
certificate
-----BEGIN CERTIFICATE-----
MIIDmjCCAoKgAwIBAgIJBCkhWUrbep95MA0GCSqGSIb3DQEBBQUAMGkxFDASBgNV
BAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWEx
EzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRl
c3QwHhcNMjExMDIyMTUzNDUwWhcNMjIxMDIyMTUzNDUwWjBpMRQwEgYDVQQDEwtl
eGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYD
VQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/YcRpQa9LgXhb3E7Fy0M/2Z
lX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIs
W2XACTvY3/4tI7YFqRb5Jlhw7au4cs47NY4qkQ+aZQ/sBhvwdDFyMwKbGPQFV+5A
/kWdB2TqPSiSui99IL+9EvFrq/HgN34KO70+kSQjXMkYBw+VDuUdQvGwB7ss9wn8
susKyjmilOukvUR2vHtGf/SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX/N
Ogbi8fiB/s+fkn21TNE8Rf0pWsAV+MlUszJ2VTT0SJHdBpRwMDByPxJzr+xJRwID
AQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhto
dHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAMNy
YEuBlNW2R/qld0sjEdPNi0x19B1TyUQw/Ql1h+4FMcGAcQCo/KEtAKWWSq/c8H4I
a2CAztytWQLI+X/02npEjrBdJTEgTPROBSqL2ORXHw6rpmuJq1GBQH9HuyYFmAIh
IOoef1ee7V+3YkeivvS5/jHipd0hR7E3gH+o535gstv563kyoqTGFOUiXYkuBEON
+S7sEdf5nLeYiSZNtHlCUpWz2TxAuYMG7HJdmP37dexIR8DmhMKYxr6WbNdsD6y+
xyVbM4+TExaNAwtPXWbGamJ5kM5/fnUj6Dyl7T+f3AxtRK5eof5hq/0JvAb81nAd
winxMEcYkV0E840v9E0=
-----END CERTIFICATE-----
2021-10-22 15:36:28 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-10-22 15:36:28 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "1_YcRpQa9LgXhb3E7Fy0M_2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3_4tI7YFqRb5Jlhw7au4cs47NY4qkQ-aZQ_sBhvwdDFyMwKbGPQFV-5A_kWdB2TqPSiSui99IL-9EvFrq_HgN34KO70-kSQjXMkYBw-VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf_SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX_NOgbi8fiB_s-fkn21TNE8Rf0pWsAV-MlUszJ2VTT0SJHdBpRwMDByPxJzr-xJRw",
      "kty": "RSA",
      "kid": "IXiEPUlVUmA5yKRHRDJBH64RjT3U3lFrD4dHvJDJgBk",
      "use": "sig",
      "x5c": [
        "MIIDmjCCAoKgAwIBAgIJBCkhWUrbep95MA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDUwWhcNMjIxMDIyMTUzNDUwWjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/YcRpQa9LgXhb3E7Fy0M/2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3/4tI7YFqRb5Jlhw7au4cs47NY4qkQ+aZQ/sBhvwdDFyMwKbGPQFV+5A/kWdB2TqPSiSui99IL+9EvFrq/HgN34KO70+kSQjXMkYBw+VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf/SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX/NOgbi8fiB/s+fkn21TNE8Rf0pWsAV+MlUszJ2VTT0SJHdBpRwMDByPxJzr+xJRwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAMNyYEuBlNW2R/qld0sjEdPNi0x19B1TyUQw/Ql1h+4FMcGAcQCo/KEtAKWWSq/c8H4Ia2CAztytWQLI+X/02npEjrBdJTEgTPROBSqL2ORXHw6rpmuJq1GBQH9HuyYFmAIhIOoef1ee7V+3YkeivvS5/jHipd0hR7E3gH+o535gstv563kyoqTGFOUiXYkuBEON+S7sEdf5nLeYiSZNtHlCUpWz2TxAuYMG7HJdmP37dexIR8DmhMKYxr6WbNdsD6y+xyVbM4+TExaNAwtPXWbGamJ5kM5/fnUj6Dyl7T+f3AxtRK5eof5hq/0JvAb81nAdwinxMEcYkV0E840v9E0\u003d"
      ],
      "x5t": "cWa8bD4VQXYYlMSfEJWqLmRdM0I",
      "x5t#S256": "lBDh5y9jfhCArwzI6P_XEWuxVaPFT2XAM9zjhWx4uZU"
    },
    {
      "e": "AQAB",
      "n": "s7VUd-v9_RSLaiLo_c22-Lb39wS9dmpAC_EE2XAnzHaBNoiA6K32QbcUDy8FghRPrJ-TIWN9IgLIO1rfGxp30PGQjcBc5x7yRcuOM0PlLiRH6gUCPitVZq2kvIf4B30Mxl6t320aWM2FHe1Tv8in4LjqBP6MrXzzCwqnDC3Zpgj652kCfOBFRXrurTezHaA23r54T2iInW-XfOD5bjKeFx6OWy9eBTibB3kqf4d_bxmB5qLMY_9A6G0px000icguFRqAUjOLUFKwaGep8qOOLCwXDq3_vft3ZiNGwTgQGUn28IAfjoHcc5gZGO176JnvsygDCzZuvkh32_6o4H-_jw",
      "kty": "RSA",
      "kid": "OfS9_GtnbSk-T4Bi3vRr3D-ktAHHXGzDa-x-ZUWPst4",
      "alg": "RSA-OAEP-256",
      "use": "enc"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "x5t#S256": "lBDh5y9jfhCArwzI6P_XEWuxVaPFT2XAM9zjhWx4uZU",
      "e": "AQAB",
      "use": "sig",
      "x5t": "cWa8bD4VQXYYlMSfEJWqLmRdM0I",
      "kid": "IXiEPUlVUmA5yKRHRDJBH64RjT3U3lFrD4dHvJDJgBk",
      "x5c": [
        "MIIDmjCCAoKgAwIBAgIJBCkhWUrbep95MA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDUwWhcNMjIxMDIyMTUzNDUwWjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/YcRpQa9LgXhb3E7Fy0M/2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3/4tI7YFqRb5Jlhw7au4cs47NY4qkQ+aZQ/sBhvwdDFyMwKbGPQFV+5A/kWdB2TqPSiSui99IL+9EvFrq/HgN34KO70+kSQjXMkYBw+VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf/SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX/NOgbi8fiB/s+fkn21TNE8Rf0pWsAV+MlUszJ2VTT0SJHdBpRwMDByPxJzr+xJRwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAMNyYEuBlNW2R/qld0sjEdPNi0x19B1TyUQw/Ql1h+4FMcGAcQCo/KEtAKWWSq/c8H4Ia2CAztytWQLI+X/02npEjrBdJTEgTPROBSqL2ORXHw6rpmuJq1GBQH9HuyYFmAIhIOoef1ee7V+3YkeivvS5/jHipd0hR7E3gH+o535gstv563kyoqTGFOUiXYkuBEON+S7sEdf5nLeYiSZNtHlCUpWz2TxAuYMG7HJdmP37dexIR8DmhMKYxr6WbNdsD6y+xyVbM4+TExaNAwtPXWbGamJ5kM5/fnUj6Dyl7T+f3AxtRK5eof5hq/0JvAb81nAdwinxMEcYkV0E840v9E0\u003d"
      ],
      "n": "1_YcRpQa9LgXhb3E7Fy0M_2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3_4tI7YFqRb5Jlhw7au4cs47NY4qkQ-aZQ_sBhvwdDFyMwKbGPQFV-5A_kWdB2TqPSiSui99IL-9EvFrq_HgN34KO70-kSQjXMkYBw-VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf_SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX_NOgbi8fiB_s-fkn21TNE8Rf0pWsAV-MlUszJ2VTT0SJHdBpRwMDByPxJzr-xJRw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "OfS9_GtnbSk-T4Bi3vRr3D-ktAHHXGzDa-x-ZUWPst4",
      "alg": "RSA-OAEP-256",
      "n": "s7VUd-v9_RSLaiLo_c22-Lb39wS9dmpAC_EE2XAnzHaBNoiA6K32QbcUDy8FghRPrJ-TIWN9IgLIO1rfGxp30PGQjcBc5x7yRcuOM0PlLiRH6gUCPitVZq2kvIf4B30Mxl6t320aWM2FHe1Tv8in4LjqBP6MrXzzCwqnDC3Zpgj652kCfOBFRXrurTezHaA23r54T2iInW-XfOD5bjKeFx6OWy9eBTibB3kqf4d_bxmB5qLMY_9A6G0px000icguFRqAUjOLUFKwaGep8qOOLCwXDq3_vft3ZiNGwTgQGUn28IAfjoHcc5gZGO176JnvsygDCzZuvkh32_6o4H-_jw"
    }
  ]
}
2021-10-22 15:36:28 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-10-22 15:36:28 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-10-22 15:36:28 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "1_YcRpQa9LgXhb3E7Fy0M_2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3_4tI7YFqRb5Jlhw7au4cs47NY4qkQ-aZQ_sBhvwdDFyMwKbGPQFV-5A_kWdB2TqPSiSui99IL-9EvFrq_HgN34KO70-kSQjXMkYBw-VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf_SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX_NOgbi8fiB_s-fkn21TNE8Rf0pWsAV-MlUszJ2VTT0SJHdBpRwMDByPxJzr-xJRw",
      "kty": "RSA",
      "kid": "IXiEPUlVUmA5yKRHRDJBH64RjT3U3lFrD4dHvJDJgBk",
      "use": "sig",
      "x5c": [
        "MIIDmjCCAoKgAwIBAgIJBCkhWUrbep95MA0GCSqGSIb3DQEBBQUAMGkxFDASBgNVBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRlc3QwHhcNMjExMDIyMTUzNDUwWhcNMjIxMDIyMTUzNDUwWjBpMRQwEgYDVQQDEwtleGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/YcRpQa9LgXhb3E7Fy0M/2ZlX8lrtDfL5kJwDxnjLP1OcoULPC9D7sD12zZdrbQdFn9J5MyCByZ6KNfsXwdnKIsW2XACTvY3/4tI7YFqRb5Jlhw7au4cs47NY4qkQ+aZQ/sBhvwdDFyMwKbGPQFV+5A/kWdB2TqPSiSui99IL+9EvFrq/HgN34KO70+kSQjXMkYBw+VDuUdQvGwB7ss9wn8susKyjmilOukvUR2vHtGf/SE3oiRYM25EKJhC9OglCSyEhNV6BnXZY6FqdfQcX/NOgbi8fiB/s+fkn21TNE8Rf0pWsAV+MlUszJ2VTT0SJHdBpRwMDByPxJzr+xJRwIDAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhtodHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAMNyYEuBlNW2R/qld0sjEdPNi0x19B1TyUQw/Ql1h+4FMcGAcQCo/KEtAKWWSq/c8H4Ia2CAztytWQLI+X/02npEjrBdJTEgTPROBSqL2ORXHw6rpmuJq1GBQH9HuyYFmAIhIOoef1ee7V+3YkeivvS5/jHipd0hR7E3gH+o535gstv563kyoqTGFOUiXYkuBEON+S7sEdf5nLeYiSZNtHlCUpWz2TxAuYMG7HJdmP37dexIR8DmhMKYxr6WbNdsD6y+xyVbM4+TExaNAwtPXWbGamJ5kM5/fnUj6Dyl7T+f3AxtRK5eof5hq/0JvAb81nAdwinxMEcYkV0E840v9E0\u003d"
      ],
      "x5t": "cWa8bD4VQXYYlMSfEJWqLmRdM0I",
      "x5t#S256": "lBDh5y9jfhCArwzI6P_XEWuxVaPFT2XAM9zjhWx4uZU"
    },
    {
      "e": "AQAB",
      "n": "s7VUd-v9_RSLaiLo_c22-Lb39wS9dmpAC_EE2XAnzHaBNoiA6K32QbcUDy8FghRPrJ-TIWN9IgLIO1rfGxp30PGQjcBc5x7yRcuOM0PlLiRH6gUCPitVZq2kvIf4B30Mxl6t320aWM2FHe1Tv8in4LjqBP6MrXzzCwqnDC3Zpgj652kCfOBFRXrurTezHaA23r54T2iInW-XfOD5bjKeFx6OWy9eBTibB3kqf4d_bxmB5qLMY_9A6G0px000icguFRqAUjOLUFKwaGep8qOOLCwXDq3_vft3ZiNGwTgQGUn28IAfjoHcc5gZGO176JnvsygDCzZuvkh32_6o4H-_jw",
      "kty": "RSA",
      "kid": "OfS9_GtnbSk-T4Bi3vRr3D-ktAHHXGzDa-x-ZUWPst4",
      "alg": "RSA-OAEP-256",
      "use": "enc"
    }
  ]
}
2021-10-22 15:36:28
fapi1-advanced-final-client-test-invalid-missing-exp
Setup Done
2021-10-22 15:36:29 INCOMING
fapi1-advanced-final-client-test-invalid-missing-exp
Incoming HTTP request to test instance uAaBPlmZlnymtS7
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-10-22 15:36:29 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-10-22 15:36:29 OUTGOING
fapi1-advanced-final-client-test-invalid-missing-exp
Response to HTTP request to test instance uAaBPlmZlnymtS7
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/authorize",
  "token_endpoint": "https://www.certification.openid.net/test-mtls/a/openid-client-19x_eSCK1zeMp5IBU8EXi/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/userinfo",
  "token_endpoint_auth_methods_supported": [
    "tls_client_auth"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/openid-client-19x_eSCK1zeMp5IBU8EXi/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256",
    "ES256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-10-22 15:36:30 INCOMING
fapi1-advanced-final-client-test-invalid-missing-exp
Incoming HTTP request to test instance uAaBPlmZlnymtS7
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "content-type": "application/x-www-form-urlencoded",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-ssl-cert": "-----BEGIN CERTIFICATE----- MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNV BAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWEx EzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRl c3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtl eGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYD VQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvf Zy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88w Ct79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPo T1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyN L78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VH gY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwID AQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhto dHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2 boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIe CuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwk o4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIV wA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt 0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3 uQ+250YJ4f7wDTgvK1Y\u003d -----END CERTIFICATE-----",
  "x-ssl-verify": "FAILED:self signed certificate",
  "content-length": "1494",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
par
incoming_body_form_params
{
  "request": "eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJqSU9EczlxazZNbmx5T0xwX2taWnlMZXd5UlQ1ZmN1WWQ2UHlzMGVSbHN3In0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL29wZW5pZC1jbGllbnQubG9jYWwvY2IiLCJzY29wZSI6Im9wZW5pZCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwic3RhdGUiOiJ1V2c3YnRLM2RTTlVnRFl3T1pDWGlYTVIzNF8yX2NzR1BhTVdKcGdIUVVZIiwibm9uY2UiOiJLak5vaEdQYXB1U3FVZ2FIckx1bGltU1owWjdsRjRIc3plMkJiTmtGdy1ZIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJlc3NlbnRpYWwiOnRydWUsInZhbHVlcyI6WyJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSJdfX19LCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiY29kZV9jaGFsbGVuZ2UiOiJjOG9uR1NaajMtU1Y0R25tOUt1UE9uOHJkQmh3Sk1ncjBNODM1M29uejE4IiwiaXNzIjoiY2xpZW50LWlkLW9wZW5pZC1jbGllbnQtMTl4X2VTQ0sxemVNcDVJQlU4RVhpIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9vcGVuaWQtY2xpZW50LTE5eF9lU0NLMXplTXA1SUJVOEVYaS8iLCJjbGllbnRfaWQiOiJjbGllbnQtaWQtb3BlbmlkLWNsaWVudC0xOXhfZVNDSzF6ZU1wNUlCVThFWGkiLCJqdGkiOiJMR21SRm9XdFZZcmpNdGpVZTVURlppZFd4NkVFNnQxcXJrVjNMZGdrUWRJIiwiaWF0IjoxNjM0OTE2OTg5LCJleHAiOjE2MzQ5MTcyODksIm5iZiI6MTYzNDkxNjk4OX0.ty06Z4ibxJw4S2q_wrsdu5ma1USzH3Jf4IFjZ3wjRW2fyYoiHEBsLOfxzPOzFDvwvW-w4jjKHRtCTZqNzWG_v7n3Qk1drGUjje7K6X4XkV99M4wnJ4jidNoDWfhKw17p7-BfLxNsJkL__B94eVHjWrcJc_jI3Oyfz4aOMkzNUSbKSTgDdbkPL__vilMU4PSsqJ1pY2IZnTaU-WSA087sobotWAsFV_epToWp_BPyo8MMVASeOvq0OzN9RgydY0m67nSVaCA2bXbXGmFILf698xW-DiCYhyyHscjq6NTfNL1031-41RfU_1XNAsrmRdq94fiu1g8gw0tTT6mpJhxL5A",
  "client_id": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
request=eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJqSU9EczlxazZNbmx5T0xwX2taWnlMZXd5UlQ1ZmN1WWQ2UHlzMGVSbHN3In0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL29wZW5pZC1jbGllbnQubG9jYWwvY2IiLCJzY29wZSI6Im9wZW5pZCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwic3RhdGUiOiJ1V2c3YnRLM2RTTlVnRFl3T1pDWGlYTVIzNF8yX2NzR1BhTVdKcGdIUVVZIiwibm9uY2UiOiJLak5vaEdQYXB1U3FVZ2FIckx1bGltU1owWjdsRjRIc3plMkJiTmtGdy1ZIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJlc3NlbnRpYWwiOnRydWUsInZhbHVlcyI6WyJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSJdfX19LCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiY29kZV9jaGFsbGVuZ2UiOiJjOG9uR1NaajMtU1Y0R25tOUt1UE9uOHJkQmh3Sk1ncjBNODM1M29uejE4IiwiaXNzIjoiY2xpZW50LWlkLW9wZW5pZC1jbGllbnQtMTl4X2VTQ0sxemVNcDVJQlU4RVhpIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9vcGVuaWQtY2xpZW50LTE5eF9lU0NLMXplTXA1SUJVOEVYaS8iLCJjbGllbnRfaWQiOiJjbGllbnQtaWQtb3BlbmlkLWNsaWVudC0xOXhfZVNDSzF6ZU1wNUlCVThFWGkiLCJqdGkiOiJMR21SRm9XdFZZcmpNdGpVZTVURlppZFd4NkVFNnQxcXJrVjNMZGdrUWRJIiwiaWF0IjoxNjM0OTE2OTg5LCJleHAiOjE2MzQ5MTcyODksIm5iZiI6MTYzNDkxNjk4OX0.ty06Z4ibxJw4S2q_wrsdu5ma1USzH3Jf4IFjZ3wjRW2fyYoiHEBsLOfxzPOzFDvwvW-w4jjKHRtCTZqNzWG_v7n3Qk1drGUjje7K6X4XkV99M4wnJ4jidNoDWfhKw17p7-BfLxNsJkL__B94eVHjWrcJc_jI3Oyfz4aOMkzNUSbKSTgDdbkPL__vilMU4PSsqJ1pY2IZnTaU-WSA087sobotWAsFV_epToWp_BPyo8MMVASeOvq0OzN9RgydY0m67nSVaCA2bXbXGmFILf698xW-DiCYhyyHscjq6NTfNL1031-41RfU_1XNAsrmRdq94fiu1g8gw0tTT6mpJhxL5A&client_id=client-id-openid-client-19x_eSCK1zeMp5IBU8EXi
2021-10-22 15:36:30 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
PAR endpoint
2021-10-22 15:36:30 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNV BAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWEx EzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRl c3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtl eGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYD VQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvf Zy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88w Ct79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPo T1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyN L78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VH gY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwID AQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhto dHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2 boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIe CuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwk o4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIV wA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt 0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3 uQ+250YJ4f7wDTgvK1Y\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNV\nBAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWEx\nEzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRl\nc3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtl\neGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYD\nVQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIB\nIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvf\nZy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88w\nCt79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPo\nT1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyN\nL78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VH\ngY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwID\nAQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhto\ndHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2\nboMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIe\nCuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwk\no4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIV\nwA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt\n0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3\nuQ+250YJ4f7wDTgvK1Y\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "OU\u003dTest,O\u003dTest,L\u003dBlacksburg,ST\u003dVirginia,C\u003dUS,CN\u003dexample.org"
  },
  "sanDnsNames": [],
  "sanUris": [
    "http://example.org/webid#me"
  ],
  "sanIPs": [],
  "sanEmails": []
}
2021-10-22 15:36:30 SUCCESS
CheckForClientCertificate
Found client certificate
2021-10-22 15:36:30 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIDmjCCAoKgAwIBAgIJLrVLoLdKhCyuMA0GCSqGSIb3DQEBBQUAMGkxFDASBgNV
BAMTC2V4YW1wbGUub3JnMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWEx
EzARBgNVBAcTCkJsYWNrc2J1cmcxDTALBgNVBAoTBFRlc3QxDTALBgNVBAsTBFRl
c3QwHhcNMjExMDIyMTUzNDQ5WhcNMjIxMDIyMTUzNDQ5WjBpMRQwEgYDVQQDEwtl
eGFtcGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYD
VQQHEwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OvMThFjpNroR+Ec8a/b9jvf
Zy2qfZa+pz8uKmdRKTp8EjMm/nvMHbmP6WCGZBtOidYcV8ooZmJsSwee7NFIj88w
Ct79qL4C4Rl+Izgd/SDR8nfqY/MiiNK5eUU2sylQTwt5sbFg9qvXofPWMbrynOPo
T1xgbN1OBSmhxPZw3xlkalbVZli7HNio55VOg5aghxTI+pvfzOVt2cGOQzw1ZKyN
L78AR7omMpsnovn33orRfCtxQqerS9urcus/95rvi7dC7SJ46WS2NjL83/Fcy3VH
gY1wAEXMFgrR69ULJwPCoL5v0vtblm2qtK6PWRkgwENigjP96scs3hswYu3XGwID
AQABo0UwQzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DAmBgNVHREEHzAdhhto
dHRwOi8vZXhhbXBsZS5vcmcvd2ViaWQjbWUwDQYJKoZIhvcNAQEFBQADggEBAM/2
boMRuw4hWFcC2SHpPO4zEUkGg7aRlKajstg1nEB4KlxhrmIdn5egIxbWOIKvyVIe
CuYfLif8R4mVqWOkNta7wal1slK2Dq0FPW37wkE3RuBD0uqTYke1ahwcx7xThTwk
o4XjgP5TDtogsROj2yweJBS9cCW4ZUmAmiHHIAqPAWBPHwJzFHy3D8Ha8UX/yBIV
wA2NtxO56c+DK29ibWLtXcKPPB637tKHoKfJYCMvwoPhuKbaU+KJh1ra9LCXVkxt
0RBlRDXmLnXliS1hOeLYJrmA69mYwJX+LUZXv9Ty6PmREZkcnXwFOefMut23iBr3
uQ+250YJ4f7wDTgvK1Y=
-----END CERTIFICATE-----
2021-10-22 15:36:30 SUCCESS
EnsureNoClientAssertionSentToTokenEndpoint
Client did not send a client_assertion to token endpoint
2021-10-22 15:36:30 SUCCESS
ExtractRequestObjectFromPAREndpointRequest
Parsed request object
request_object
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJqSU9EczlxazZNbmx5T0xwX2taWnlMZXd5UlQ1ZmN1WWQ2UHlzMGVSbHN3In0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL29wZW5pZC1jbGllbnQubG9jYWwvY2IiLCJzY29wZSI6Im9wZW5pZCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwic3RhdGUiOiJ1V2c3YnRLM2RTTlVnRFl3T1pDWGlYTVIzNF8yX2NzR1BhTVdKcGdIUVVZIiwibm9uY2UiOiJLak5vaEdQYXB1U3FVZ2FIckx1bGltU1owWjdsRjRIc3plMkJiTmtGdy1ZIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJlc3NlbnRpYWwiOnRydWUsInZhbHVlcyI6WyJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSJdfX19LCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiY29kZV9jaGFsbGVuZ2UiOiJjOG9uR1NaajMtU1Y0R25tOUt1UE9uOHJkQmh3Sk1ncjBNODM1M29uejE4IiwiaXNzIjoiY2xpZW50LWlkLW9wZW5pZC1jbGllbnQtMTl4X2VTQ0sxemVNcDVJQlU4RVhpIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9vcGVuaWQtY2xpZW50LTE5eF9lU0NLMXplTXA1SUJVOEVYaS8iLCJjbGllbnRfaWQiOiJjbGllbnQtaWQtb3BlbmlkLWNsaWVudC0xOXhfZVNDSzF6ZU1wNUlCVThFWGkiLCJqdGkiOiJMR21SRm9XdFZZcmpNdGpVZTVURlppZFd4NkVFNnQxcXJrVjNMZGdrUWRJIiwiaWF0IjoxNjM0OTE2OTg5LCJleHAiOjE2MzQ5MTcyODksIm5iZiI6MTYzNDkxNjk4OX0.ty06Z4ibxJw4S2q_wrsdu5ma1USzH3Jf4IFjZ3wjRW2fyYoiHEBsLOfxzPOzFDvwvW-w4jjKHRtCTZqNzWG_v7n3Qk1drGUjje7K6X4XkV99M4wnJ4jidNoDWfhKw17p7-BfLxNsJkL__B94eVHjWrcJc_jI3Oyfz4aOMkzNUSbKSTgDdbkPL__vilMU4PSsqJ1pY2IZnTaU-WSA087sobotWAsFV_epToWp_BPyo8MMVASeOvq0OzN9RgydY0m67nSVaCA2bXbXGmFILf698xW-DiCYhyyHscjq6NTfNL1031-41RfU_1XNAsrmRdq94fiu1g8gw0tTT6mpJhxL5A",
  "header": {
    "kid": "jIODs9qk6MnlyOLp_kZZyLewyRT5fcuYd6Pys0eRlsw",
    "typ": "oauth-authz-req+jwt",
    "alg": "PS256"
  },
  "claims": {
    "iss": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
    "response_type": "code id_token",
    "code_challenge_method": "S256",
    "nonce": "KjNohGPapuSqUgaHrLulimSZ0Z7lF4Hsze2BbNkFw-Y",
    "client_id": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
    "aud": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/",
    "nbf": 1634916989,
    "scope": "openid",
    "claims": {
      "id_token": {
        "acr": {
          "values": [
            "urn:openbanking:psd2:sca",
            "urn:openbanking:psd2:ca"
          ],
          "essential": true
        }
      }
    },
    "redirect_uri": "https://openid-client.local/cb",
    "state": "uWg7btK3dSNUgDYwOZCXiXMR34_2_csGPaMWJpgHQUY",
    "exp": 1634917289,
    "iat": 1634916989,
    "code_challenge": "c8onGSZj3-SV4Gnm9KuPOn8rdBhwJMgr0M8353onz18",
    "jti": "LGmRFoWtVYrjMtjUe5TFZidWx6EE6t1qrkV3LdgkQdI"
  }
}
2021-10-22 15:36:30 SUCCESS
EnsurePAREndpointRequestDoesNotContainRequestUriParameter
PAR endpoint request does not contain a request_uri parameter
2021-10-22 15:36:30 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2021-10-22 15:36:30 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2021-10-22 15:36:30 SUCCESS
FAPIValidateRequestObjectIdTokenACRClaims
Acr value in request object is as expected
received
[
  "urn:openbanking:psd2:sca",
  "urn:openbanking:psd2:ca"
]
2021-10-22 15:36:30 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Oct 22, 2021, 3:41:29 PM"
2021-10-22 15:36:30 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Oct 22, 2021, 3:36:29 PM"
now
"Oct 22, 2021, 3:36:30 PM"
2021-10-22 15:36:30
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2021-10-22 15:36:30 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2021-10-22 15:36:30 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2021-10-22 15:36:30 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2021-10-22 15:36:30 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2021-10-22 15:36:30 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJqSU9EczlxazZNbmx5T0xwX2taWnlMZXd5UlQ1ZmN1WWQ2UHlzMGVSbHN3In0.eyJyZWRpcmVjdF91cmkiOiJodHRwczovL29wZW5pZC1jbGllbnQubG9jYWwvY2IiLCJzY29wZSI6Im9wZW5pZCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwic3RhdGUiOiJ1V2c3YnRLM2RTTlVnRFl3T1pDWGlYTVIzNF8yX2NzR1BhTVdKcGdIUVVZIiwibm9uY2UiOiJLak5vaEdQYXB1U3FVZ2FIckx1bGltU1owWjdsRjRIc3plMkJiTmtGdy1ZIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJlc3NlbnRpYWwiOnRydWUsInZhbHVlcyI6WyJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJ1cm46b3BlbmJhbmtpbmc6cHNkMjpjYSJdfX19LCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiY29kZV9jaGFsbGVuZ2UiOiJjOG9uR1NaajMtU1Y0R25tOUt1UE9uOHJkQmh3Sk1ncjBNODM1M29uejE4IiwiaXNzIjoiY2xpZW50LWlkLW9wZW5pZC1jbGllbnQtMTl4X2VTQ0sxemVNcDVJQlU4RVhpIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9vcGVuaWQtY2xpZW50LTE5eF9lU0NLMXplTXA1SUJVOEVYaS8iLCJjbGllbnRfaWQiOiJjbGllbnQtaWQtb3BlbmlkLWNsaWVudC0xOXhfZVNDSzF6ZU1wNUlCVThFWGkiLCJqdGkiOiJMR21SRm9XdFZZcmpNdGpVZTVURlppZFd4NkVFNnQxcXJrVjNMZGdrUWRJIiwiaWF0IjoxNjM0OTE2OTg5LCJleHAiOjE2MzQ5MTcyODksIm5iZiI6MTYzNDkxNjk4OX0.ty06Z4ibxJw4S2q_wrsdu5ma1USzH3Jf4IFjZ3wjRW2fyYoiHEBsLOfxzPOzFDvwvW-w4jjKHRtCTZqNzWG_v7n3Qk1drGUjje7K6X4XkV99M4wnJ4jidNoDWfhKw17p7-BfLxNsJkL__B94eVHjWrcJc_jI3Oyfz4aOMkzNUSbKSTgDdbkPL__vilMU4PSsqJ1pY2IZnTaU-WSA087sobotWAsFV_epToWp_BPyo8MMVASeOvq0OzN9RgydY0m67nSVaCA2bXbXGmFILf698xW-DiCYhyyHscjq6NTfNL1031-41RfU_1XNAsrmRdq94fiu1g8gw0tTT6mpJhxL5A
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 29908516332123205969688291305230315826988437362605469958451994267266847360375060581230125089200465971587636062708306163086203124908074784277248864548920679196900287964205812251683208415838449531626866641418352308905202598031055667752917768869858558624655055722235894710443596849420366557017363518312208783360140134884252974869725945732741367670300192594760955635004856320853322753240767474071010058344339059130128790629276915120796132533249907520525082818645852133215272997190278235038901622230100253487476424952149006396918208156710029395677690951428921517439387969679020940127329257839530532609704276910563857913627
  public exponent: 65537
2021-10-22 15:36:30 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://openid-client.local/cb
2021-10-22 15:36:30 SUCCESS
EnsureRequestObjectContainsCodeChallengeWhenUsingPAR
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
c8onGSZj3-SV4Gnm9KuPOn8rdBhwJMgr0M8353onz18
2021-10-22 15:36:30 SUCCESS
CreatePAREndpointResponse
Created PAR endpoint response
request_uri
urn:ietf:params:oauth:request_uri:e709167e-b370-4d6e-ad45-821de8df4ec8
expires_in
600
2021-10-22 15:36:30 OUTGOING
fapi1-advanced-final-client-test-invalid-missing-exp
Response to HTTP request to test instance uAaBPlmZlnymtS7
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "request_uri": "urn:ietf:params:oauth:request_uri:e709167e-b370-4d6e-ad45-821de8df4ec8",
  "expires_in": 600
}
outgoing_path
par
2021-10-22 15:36:30 INCOMING
fapi1-advanced-final-client-test-invalid-missing-exp
Incoming HTTP request to test instance uAaBPlmZlnymtS7
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate, br",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "client_id": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://openid-client.local/cb",
  "request_uri": "urn:ietf:params:oauth:request_uri:e709167e-b370-4d6e-ad45-821de8df4ec8"
}
incoming_body
2021-10-22 15:36:30 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2021-10-22 15:36:30 SUCCESS
EnsureAuthorizationRequestDoesNotContainRequestWhenUsingPAR
Request does not contain a request parameter
2021-10-22 15:36:30 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2021-10-22 15:36:30 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
  "scope": "openid",
  "response_type": "code id_token",
  "redirect_uri": "https://openid-client.local/cb",
  "iss": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
  "code_challenge_method": "S256",
  "nonce": "KjNohGPapuSqUgaHrLulimSZ0Z7lF4Hsze2BbNkFw-Y",
  "aud": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/",
  "nbf": 1634916989,
  "claims": {
    "id_token": {
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      }
    }
  },
  "state": "uWg7btK3dSNUgDYwOZCXiXMR34_2_csGPaMWJpgHQUY",
  "exp": 1634917289,
  "iat": 1634916989,
  "code_challenge": "c8onGSZj3-SV4Gnm9KuPOn8rdBhwJMgr0M8353onz18",
  "jti": "LGmRFoWtVYrjMtjUe5TFZidWx6EE6t1qrkV3LdgkQdI"
}
2021-10-22 15:36:30 SUCCESS
EnsureClientIdInAuthorizationRequestParametersMatchRequestObject
client_id http request parameter value matches client_id in request object
2021-10-22 15:36:30 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid
2021-10-22 15:36:30 SUCCESS
EnsureRequestedScopeIsEqualToConfiguredScope
Requested scopes match configured scopes
scope
openid
2021-10-22 15:36:30 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2021-10-22 15:36:30 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid"
]
expected
openid
2021-10-22 15:36:30 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client-id-openid-client-19x_eSCK1zeMp5IBU8EXi
2021-10-22 15:36:30 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
BuqjroVoAK8581aQ57tmQStrjlhxthiN
2021-10-22 15:36:30 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
KjNohGPapuSqUgaHrLulimSZ0Z7lF4Hsze2BbNkFw-Y
2021-10-22 15:36:30 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
xFzt1vCvm9UDaiFfIf9D7w
2021-10-22 15:36:30 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
A6BRDyQ-MGf6CzHU_jDYrg
2021-10-22 15:36:30 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/
sub
user-subject-1234531
aud
client-id-openid-client-19x_eSCK1zeMp5IBU8EXi
nonce
KjNohGPapuSqUgaHrLulimSZ0Z7lF4Hsze2BbNkFw-Y
iat
1634916990
exp
1634917290
2021-10-22 15:36:30 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
xFzt1vCvm9UDaiFfIf9D7w
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/",
  "sub": "user-subject-1234531",
  "aud": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
  "nonce": "KjNohGPapuSqUgaHrLulimSZ0Z7lF4Hsze2BbNkFw-Y",
  "iat": 1634916990,
  "exp": 1634917290,
  "c_hash": "xFzt1vCvm9UDaiFfIf9D7w"
}
2021-10-22 15:36:30 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
A6BRDyQ-MGf6CzHU_jDYrg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/",
  "sub": "user-subject-1234531",
  "aud": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
  "nonce": "KjNohGPapuSqUgaHrLulimSZ0Z7lF4Hsze2BbNkFw-Y",
  "iat": 1634916990,
  "exp": 1634917290,
  "c_hash": "xFzt1vCvm9UDaiFfIf9D7w",
  "s_hash": "A6BRDyQ-MGf6CzHU_jDYrg"
}
2021-10-22 15:36:30 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2021-10-22 15:36:30 SUCCESS
RemoveExpFromIdToken
Removed exp value from ID token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/",
  "sub": "user-subject-1234531",
  "aud": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
  "nonce": "KjNohGPapuSqUgaHrLulimSZ0Z7lF4Hsze2BbNkFw-Y",
  "iat": 1634916990,
  "c_hash": "xFzt1vCvm9UDaiFfIf9D7w",
  "s_hash": "A6BRDyQ-MGf6CzHU_jDYrg"
}
2021-10-22 15:36:30 SUCCESS
AddACRClaimToIdTokenClaims
Added acr value to id_token_claims
acr_value
urn:openbanking:psd2:sca
claims
{
  "iss": "https://www.certification.openid.net/test/a/openid-client-19x_eSCK1zeMp5IBU8EXi/",
  "sub": "user-subject-1234531",
  "aud": "client-id-openid-client-19x_eSCK1zeMp5IBU8EXi",
  "nonce": "KjNohGPapuSqUgaHrLulimSZ0Z7lF4Hsze2BbNkFw-Y",
  "iat": 1634916990,
  "c_hash": "xFzt1vCvm9UDaiFfIf9D7w",
  "s_hash": "A6BRDyQ-MGf6CzHU_jDYrg",
  "acr": "urn:openbanking:psd2:sca"
}
2021-10-22 15:36:30 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiI4Smh3ekhJSHkwYjdraFpodGVDZE15cHZXRVJ4M3M5ZW1Zc1htUEJnbUNRIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudC1pZC1vcGVuaWQtY2xpZW50LTE5eF9lU0NLMXplTXA1SUJVOEVYaSIsImNfaGFzaCI6InhGenQxdkN2bTlVRGFpRmZJZjlEN3ciLCJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJzX2hhc2giOiJBNkJSRHlRLU1HZjZDekhVX2pEWXJnIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL29wZW5pZC1jbGllbnQtMTl4X2VTQ0sxemVNcDVJQlU4RVhpXC8iLCJub25jZSI6IktqTm9oR1BhcHVTcVVnYUhyTHVsaW1TWjBaN2xGNEhzemUyQmJOa0Z3LVkiLCJpYXQiOjE2MzQ5MTY5OTB9.ruRRCpkNqp5NiqKBP-XUmdNOSlI-bURL7qNfZ99lNedyZV-o_AbGDBu46tykY2kQY_Tf2f0unj2Bmk-44oQKQN11l70bHelqXFCYiJBbk8UMNLKN1LYduHjF2aWGMLesQy9YR-Y6zW1DR7EJakVkFQzVb6EenVHSAcwmzb5_bQF6XnhNGSHvVNuxCHFisujvEc4NPZiWHp01AtbVEqu8yuqL9g8pu_WeN8uLdEnK3NcfbA-uBwu-0gGFeNc6OLHZHEfS80Bi6OVf38xrTQPja-y7ZpLaZGfWAdqfnrVlylWrQXI9fWfvrSr629RIlcrihE0PTjYk1snxYmK6Vh9_2w
2021-10-22 15:36:30 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://openid-client.local/cb",
  "state": "uWg7btK3dSNUgDYwOZCXiXMR34_2_csGPaMWJpgHQUY"
}
2021-10-22 15:36:30 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://openid-client.local/cb",
  "state": "uWg7btK3dSNUgDYwOZCXiXMR34_2_csGPaMWJpgHQUY",
  "code": "BuqjroVoAK8581aQ57tmQStrjlhxthiN"
}
2021-10-22 15:36:30 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://openid-client.local/cb",
  "state": "uWg7btK3dSNUgDYwOZCXiXMR34_2_csGPaMWJpgHQUY",
  "code": "BuqjroVoAK8581aQ57tmQStrjlhxthiN",
  "id_token": "eyJraWQiOiI4Smh3ekhJSHkwYjdraFpodGVDZE15cHZXRVJ4M3M5ZW1Zc1htUEJnbUNRIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudC1pZC1vcGVuaWQtY2xpZW50LTE5eF9lU0NLMXplTXA1SUJVOEVYaSIsImNfaGFzaCI6InhGenQxdkN2bTlVRGFpRmZJZjlEN3ciLCJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJzX2hhc2giOiJBNkJSRHlRLU1HZjZDekhVX2pEWXJnIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL29wZW5pZC1jbGllbnQtMTl4X2VTQ0sxemVNcDVJQlU4RVhpXC8iLCJub25jZSI6IktqTm9oR1BhcHVTcVVnYUhyTHVsaW1TWjBaN2xGNEhzemUyQmJOa0Z3LVkiLCJpYXQiOjE2MzQ5MTY5OTB9.ruRRCpkNqp5NiqKBP-XUmdNOSlI-bURL7qNfZ99lNedyZV-o_AbGDBu46tykY2kQY_Tf2f0unj2Bmk-44oQKQN11l70bHelqXFCYiJBbk8UMNLKN1LYduHjF2aWGMLesQy9YR-Y6zW1DR7EJakVkFQzVb6EenVHSAcwmzb5_bQF6XnhNGSHvVNuxCHFisujvEc4NPZiWHp01AtbVEqu8yuqL9g8pu_WeN8uLdEnK3NcfbA-uBwu-0gGFeNc6OLHZHEfS80Bi6OVf38xrTQPja-y7ZpLaZGfWAdqfnrVlylWrQXI9fWfvrSr629RIlcrihE0PTjYk1snxYmK6Vh9_2w"
}
2021-10-22 15:36:30
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://openid-client.local/cb#state=uWg7btK3dSNUgDYwOZCXiXMR34_2_csGPaMWJpgHQUY&code=BuqjroVoAK8581aQ57tmQStrjlhxthiN&id_token=eyJraWQiOiI4Smh3ekhJSHkwYjdraFpodGVDZE15cHZXRVJ4M3M5ZW1Zc1htUEJnbUNRIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudC1pZC1vcGVuaWQtY2xpZW50LTE5eF9lU0NLMXplTXA1SUJVOEVYaSIsImNfaGFzaCI6InhGenQxdkN2bTlVRGFpRmZJZjlEN3ciLCJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJzX2hhc2giOiJBNkJSRHlRLU1HZjZDekhVX2pEWXJnIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL29wZW5pZC1jbGllbnQtMTl4X2VTQ0sxemVNcDVJQlU4RVhpXC8iLCJub25jZSI6IktqTm9oR1BhcHVTcVVnYUhyTHVsaW1TWjBaN2xGNEhzemUyQmJOa0Z3LVkiLCJpYXQiOjE2MzQ5MTY5OTB9.ruRRCpkNqp5NiqKBP-XUmdNOSlI-bURL7qNfZ99lNedyZV-o_AbGDBu46tykY2kQY_Tf2f0unj2Bmk-44oQKQN11l70bHelqXFCYiJBbk8UMNLKN1LYduHjF2aWGMLesQy9YR-Y6zW1DR7EJakVkFQzVb6EenVHSAcwmzb5_bQF6XnhNGSHvVNuxCHFisujvEc4NPZiWHp01AtbVEqu8yuqL9g8pu_WeN8uLdEnK3NcfbA-uBwu-0gGFeNc6OLHZHEfS80Bi6OVf38xrTQPja-y7ZpLaZGfWAdqfnrVlylWrQXI9fWfvrSr629RIlcrihE0PTjYk1snxYmK6Vh9_2w
2021-10-22 15:36:30 OUTGOING
fapi1-advanced-final-client-test-invalid-missing-exp
Response to HTTP request to test instance uAaBPlmZlnymtS7
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://openid-client.local/cb#state=uWg7btK3dSNUgDYwOZCXiXMR34_2_csGPaMWJpgHQUY&code=BuqjroVoAK8581aQ57tmQStrjlhxthiN&id_token=eyJraWQiOiI4Smh3ekhJSHkwYjdraFpodGVDZE15cHZXRVJ4M3M5ZW1Zc1htUEJnbUNRIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudC1pZC1vcGVuaWQtY2xpZW50LTE5eF9lU0NLMXplTXA1SUJVOEVYaSIsImNfaGFzaCI6InhGenQxdkN2bTlVRGFpRmZJZjlEN3ciLCJhY3IiOiJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2EiLCJzX2hhc2giOiJBNkJSRHlRLU1HZjZDekhVX2pEWXJnIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL29wZW5pZC1jbGllbnQtMTl4X2VTQ0sxemVNcDVJQlU4RVhpXC8iLCJub25jZSI6IktqTm9oR1BhcHVTcVVnYUhyTHVsaW1TWjBaN2xGNEhzemUyQmJOa0Z3LVkiLCJpYXQiOjE2MzQ5MTY5OTB9.ruRRCpkNqp5NiqKBP-XUmdNOSlI-bURL7qNfZ99lNedyZV-o_AbGDBu46tykY2kQY_Tf2f0unj2Bmk-44oQKQN11l70bHelqXFCYiJBbk8UMNLKN1LYduHjF2aWGMLesQy9YR-Y6zW1DR7EJakVkFQzVb6EenVHSAcwmzb5_bQF6XnhNGSHvVNuxCHFisujvEc4NPZiWHp01AtbVEqu8yuqL9g8pu_WeN8uLdEnK3NcfbA-uBwu-0gGFeNc6OLHZHEfS80Bi6OVf38xrTQPja-y7ZpLaZGfWAdqfnrVlylWrQXI9fWfvrSr629RIlcrihE0PTjYk1snxYmK6Vh9_2w]
outgoing_path
authorize
2021-10-22 15:36:35 FINISHED
fapi1-advanced-final-client-test-invalid-missing-exp
Test has run to completion
testmodule_result
PASSED
2021-10-22 15:36:36
TEST-RUNNER
Alias has now been claimed by another test
alias
openid-client-19x_eSCK1zeMp5IBU8EXi
new_test_id
DIMofCIXoyfGktI
Test Results