Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-05-27 15:23:28 INFO
TEST-RUNNER
Test instance zJQRclPbofOmyqi created
baseUrl
https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
Intuit_pauth_openid_core_basic_plan_1
description
Test Core OpenId on Intuit PartnerAuth
planId
c3dY1ClOWenWa
config
{
  "alias": "Intuit_pauth_openid_core_basic_plan_1",
  "description": "Test Core OpenId on Intuit PartnerAuth",
  "client": {
    "client_secret_jwt_alg": "RS256",
    "client_id": "12345678-openid-core-clientid",
    "client_secret": "abcdefgh-openid-core-clientsecret",
    "redirect_uri": "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback",
    "scope": "openid accounts",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "e": "AQAB",
          "n": "nXe9vqDEtjUQ3bYdMv67vtZ1Nr95Fnn1lQKO6ASiaIhL133AUSNmsC2De7_Fs2rEQ6r3KpzwEg6H4e7dFzCo0MTK11ZMHXyIcQsKRnviG_G8bV5EECoylY959TKvqgLd16rnqK70doAG34dglR1cn-gXpoVdM1tmTWgmQryT3y-jdNvtba9SE3-79e1FsfhbtsZ0YIS8gx7OVypPuVml7MvOkDbP8M-EaNB9YbwIdq4MK9DugaCxXI1U4naoXp47f8sl2iBeaAUuG4JWQ1Ct1sgiJOzRA1ts9WYYdu3pImXCviTb2C-6xD3DgeG5OPFQNcHG0ODQCHmEAX-DL72SHw"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIGDjCCBPagAwIBAgIEWf/FWTANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJH\nQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElz\nc3VpbmcgQ0EwHhcNMjAxMDE0MTA1NjI3WhcNMjIxMDE0MTEyNjI3WjBeMQswCQYD\nVQQGEwJHQjEXMBUGA1UEChMOSW50dWl0IExpbWl0ZWQxGTAXBgNVBGETEFBTREdC\nLUZDQS03OTI5MzQxGzAZBgNVBAMTEjAwMTU4MDAwMDE2aTQ0akFBQTCCASIwDQYJ\nKoZIhvcNAQEBBQADggEPADCCAQoCggEBANlFM55UI2IKAavSLUBp5Nq62uDUeIox\nyFqKNT9tpFhBvT2I5JSEcg4bttQSloXl6TNi7B3UwCP959iPCNJatXwXlk4W9fQt\n9lP5cXHwwGLtQG2fnu72p0/SZXDe/iLCIV9n7AQJ9TZh8sYYfEhroVT59Pb8cnhb\nz9GpmboNEY5Hy9NpAU5h75fGX1tVk51Se48jzB6f0uMPjcLCJHrlIw2c2aVWYzvt\ncHnGuGGz+O6lhlR/sPDHMiv9bdLQVNsH7uISrV+i48vpRrmtOo+qDpeIlfsv/Gzn\nsbf0sp5eS7PRSIiZAWxqLi0eY0385updRl/4vY/DBF5rbs/vxGLdigUCAwEAAaOC\nAuwwggLoMA4GA1UdDwEB/wQEAwIHgDBpBggrBgEFBQcBAwRdMFswEwYGBACORgEG\nMAkGBwQAjkYBBgMwRAYGBACBmCcCMDowEzARBgcEAIGYJwEDDAZQU1BfQUkMG0Zp\nbmFuY2lhbCBDb25kdWN0IEF1dGhvcml0eQwGR0ItRkNBMCAGA1UdJQEB/wQWMBQG\nCCsGAQUFBwMBBggrBgEFBQcDAjCCAVIGA1UdIASCAUkwggFFMIIBQQYLKwYBBAGo\ndYEGAQEwggEwMDUGCCsGAQUFBwIBFilodHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJv\nZHVjdGlvbi9wb2xpY2llczCB9gYIKwYBBQUHAgIwgekMgeZUaGlzIENlcnRpZmlj\nYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggT3BlbiBCYW5raW5nIExpbWl0ZWQg\nYW5kIGFzc29jaWF0ZWQgT3BlbiBCYW5raW5nIFNlcnZpY2VzLiBJdHMgcmVjZWlw\ndCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0\naGUgT3BlbiBCYW5raW5nIExpbWl0ZWQgQ2VydGlmaWNhdGUgUG9saWN5IGFuZCBy\nZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjByBggrBgEFBQcBAQRmMGQwJgYIKwYB\nBQUHMAGGGmh0dHA6Ly9vYi50cnVzdGlzLmNvbS9vY3NwMDoGCCsGAQUFBzAChi5o\ndHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3J0MD8G\nA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9vYi50cnVzdGlzLmNvbS9wcm9kdWN0aW9u\nL2lzc3VpbmdjYS5jcmwwHwYDVR0jBBgwFoAUn0m/TjanrMMPK8hH9B8pG8B5CwUw\nHQYDVR0OBBYEFMxf816ceEWTyPJGrWKxbQt7sHXMMA0GCSqGSIb3DQEBCwUAA4IB\nAQCFutiV+po2Vla80sD5Dpvy9A5zM/CHT2Pk+Vcn19fD2KMpFc+K87IDEqZTl7gi\nLum22+abRMLwbzBPUXBg+y+j909wBWUr4iiif7W55OwrlJkN6grbruGKvXkOPc76\n6e4zjMCoonUcBy7D1zJoe9naPVrJ1wHWeHde8DZSR/Rp336s9ubp5eQCDyvBtM0a\naOtrmQPhclzfSgLgA+3RZWqxE4MbTrKO65pxK1+LfKgWVAdpxU7krxtb9QUw2qdr\nx8mCl8ErY7UvGgc0l8UGP1yrgi2VLpe3RN9UADnnPy4ME8BViDK9nh6toNzDBKJJ\nJJ4ExCQnVkS6U4yaNsKp4HET\n-----END CERTIFICATE-----"
  },
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "0X5a2vAXxfvavrqVOd9EaRGuZzbyQx4GjkI70K8CmW_SpGlNnfiMi-j9pfltfhOezBtbAnLzxikdlMiaIZGX0sfGs7z6l6Iq4fCbKgwGYjDjDj_oRGuZjB7NM_AHIsknjoxaoZrJAZz5xrdttimdkmA5psiSCDGAYLXQr8KAsL0",
          "kty": "RSA",
          "q": "wGy6Gz0YO3bWMpAdxG_iZkFkgvfAgRExE0zUnPKcOgjq3Ue1VeIdUV1639bTpXI80KNaAwKHeFp5M05lrZEzfSeM5HH9yYG0GgfmXx-RFrGa8DZpFQXmcunPu3Opl0cdxADPETZpfSYJ8npo5cBEJTokR7kXtU2eOCG5UGKuggs",
          "d": "RmA_szTS9cQdt5kuz529dvsOA9vrWDpFocU07Uk09JcFnlebXif-Ovr8apA44Yj0EnIUaT0eplNMM5O3yCd9K2Dobvkop30C1dLjUsEHOwn89rxMmxTg6qrnDMkMbWU-lKbTRjZ7F4L8j2ZHqh0nSmhGOawdDVjqDepgPy9cv0AtonAEDRVZiaUiOwie4vFYVy7ksoNvAsCs6Pl4bLaYXDoP7SmWUWeenODHyoMsUt0Z45-3ti_-di0qm7yQNgZ8NWLZNAd5T73qZm5zOwkRO6Tu8ZiWBeAV7t-wteKAaQ-KVLnLik4fRUUVWtS80prbz4b-I9kvNagmtef-GveqcQ",
          "e": "AQAB",
          "qi": "Sbg51OpF8E4zYaRAUjMrQ_DB6My9fZiJhQXF9nrJML1TF30k7SN8pHJ-N86WUweyvRTOm9wRb6CWHrwlpgBX1syaMAMOQPnHxv84e8emQQLl_mO0OUldb4Z53RM9z0DXoyKrgCsGS6B3D9GAX8AUFrsYJQDGNg5ib85aTqGhQG0",
          "dp": "cJyogDpBvUZ2PsKThulyn7xGcOtDbTrNsVj_SF1bW1mV9JU6iOlbu7XB659Z8UTgvr0Rvg5G5kWhxiHTYKof38lOEb5LQomE3bF15zNRlyTKWRWXaHgisQS5r-qeG1_gKKtf6LEIzhow1lYx3pMeRdn-A56biVX6uYHirSgz_00",
          "dq": "qENrSj5WXklAbN6Q6SFdPEWaetvivfomi9X3ZXbRHf6GQhFehEdBk9DGjc3xLQ-EFn2BTHh9tcSHj1HSn8AE4kAfd_QmFHsS3mBiFnQoD0wnTD6IDRYnufyy5hvyBJLveGGssESAYitNL3fTGnTSIiuBZiZ4kNXasQLsZVqldpk",
          "n": "nXe9vqDEtjUQ3bYdMv67vtZ1Nr95Fnn1lQKO6ASiaIhL133AUSNmsC2De7_Fs2rEQ6r3KpzwEg6H4e7dFzCo0MTK11ZMHXyIcQsKRnviG_G8bV5EECoylY959TKvqgLd16rnqK70doAG34dglR1cn-gXpoVdM1tmTWgmQryT3y-jdNvtba9SE3-79e1FsfhbtsZ0YIS8gx7OVypPuVml7MvOkDbP8M-EaNB9YbwIdq4MK9DugaCxXI1U4naoXp47f8sl2iBeaAUuG4JWQ1Ct1sgiJOzRA1ts9WYYdu3pImXCviTb2C-6xD3DgeG5OPFQNcHG0ODQCHmEAX-DL72SHw"
        }
      ]
    }
  }
}
testName
oidcc-client-test
2021-05-27 15:23:28 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-05-27 15:23:28
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2021-05-27 15:23:28
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "_3hWU3JLTmr4EZwKV3WXKFvTzw1OpElFwpbKK1Hd1r-3pXstP7UbXUVmBQxWwtcKAb0mN5Ygcm1reR1OVdRgPv8ekNy9jxfQtnjujqYXsOzIKPwxJWSG-fhpfe984VjPoyEp-qSJP4AGcWLq-VTeEwsURtkPPvCqFojZJIPu8Gk",
      "kty": "RSA",
      "q": "4YPlKddmQ1cP0MmNsYolsloTJphioxjcm7J4WL-ENOg4leGQvCx7kMhaZyQQJ7LpSL7lHg8spCG2Uo4JX1DE1w2zkDNh3ESfF53hInhy3IPGD7ihhlQm1LCeANJj-VHU43hueGDLOcqdERzk0PXdL0LrqkBNApv9GEd6g6UGA38",
      "d": "O5Fu0HvxlwTE-o2rpe9ifz6KV2jKrwR-xjHWN2z2k1oMKklZ1sLe_2BqJL0x6-TZ-wHYzv3wcaoOMaA3stwiCwFgUUIzvLA-IngpXUi26z9HZTMzyiX2Jy0WklikRkrgc3KuKObyZyQJ5YdqVGDoA8kq0xd5toTSpTFX8dbXISXL4kLO1YA2C0jPVrm4Sj9c2zrCv67X1qpRX2a41NOJOasezj1AR41FnQQOzT0s9LCWh0ekCH01xQ6QwuQ6i6QXk7NpKwP3CO-oqebtvUP7A7o9yIGnHTU0h4XGFWS9H0sv6L5tuaN6gxhYUDECPEzDrEqwvOtt2MgALmW9OReVkQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "bcef1b8d-8d42-450d-9ef9-109caf301170",
      "qi": "BLsxCCDVvkEz_eq8q5CsHH0dYsT66giuw_FweNITupjvpZKI5lf8KggDr3xW6dEqlp4npZOO19-KQo2g3MIWZVEtW67PCFH2z8Rah3x3sWJ8JlrgYs8HHGUHsn4gqFF9AqTJ2PUBraNkX6kmH-U0Mn55hhitawYFk60e9zAGs9c",
      "dp": "p1V8PfZcS0YXrPkncPgOBZp4V2PhAg0Yi4fXbp6WDybOtK7FCbin7uUZGO9nGQJfhJoPoVNNd4YiYleGywNr83eJ3tsnssWnqQ33PCqg0_uUc_wUeOiq3KsQ9jNa-gQBJVoAtDL3z0cdcUGYpa4oNBMKuglNSi27Sz1h9eARLxk",
      "dq": "Ik2-4TN7wciPhlHydMwv2cZr3VYWwvp4LFLkjZNsV-PvH5V1P7qAfVCMt927e15yr_chwQXL45ehNUOX12Dg4FmcM9YtD6V8kcoZQfYSesqsqR2LrHRGh9np3vQh8v3opUVfgH4wy7SvWbgMcmDD6XmDgZ1QWZJC2Jue3kGO_Z8",
      "n": "4QxjI-qaQrWqfAhL914G6nRXv3eNem6AddVqZ_hL6u9zGXMgN60WmPfzNRpSke87x-so2L23HwNZDrCb4rfsJzAGpnksrzOtsVEeu10UQvkPA_qGV_ObqkbVLgv-CUjmE2Dv1ZLQJHUwzAdCNtuCoTMscF5mxZUkhniWGil7runLf8Mkgr9Fv7YyDS6XpTlo8_eL-YJ177EAQupbgeKz-CpxXZlRpkHmKaN-up8Oky6PiIvkgErsLeJotiyuT3bcdn_xMhT4xFNgQbDbo4hUBz_HFXoTScP76vS3uWAWReHkDw5iWIG80Oa1Bb3Z7L2IAXFW73sUyvFPSU7xj9B_Fw"
    },
    {
      "kty": "EC",
      "d": "bn-dH6R5vgsibYRPi4CzUSvpIHcfm32ZGA5xBLgbPNY",
      "use": "sig",
      "crv": "P-256",
      "kid": "eb1618b8-7bf1-4857-9402-3a14363660c2",
      "x": "tazSbXFE4SmndjJzSN4P3TbWyiElcefhB8rIQDI6n-c",
      "y": "WhVqZIsaJdl_5ilwW6vT8FEdjQzIgI-tm4mRYMQTkQE"
    },
    {
      "kty": "EC",
      "d": "okrLT3tfhKl0wKDbA_kthJKlL7Y_GYBgMDM1u-6pdVw",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "8553166a-4834-4994-92ef-3570c121ebd8",
      "x": "QVorm9h4wkDJRxDfFeIgjXC-qQPPVJJXjG0UqChN8_4",
      "y": "o7MJtzglHez6Vxkv2cL_aMKjrQo4ZM5zGnBcDvQ9GkA"
    },
    {
      "kty": "OKP",
      "d": "D0GpxONOCd3lUhDrlWQGG5cWiglB1NAW9s38r092V-A",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "99a3ee2a-e0e7-4e31-9b70-4c87a543dc4e",
      "x": "k-bPUhbrKeACCtQVHt6yTtgLMaiTTVblVU2c3uBfBcg"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6iMx8hwNfReejJ6uyu8InYEjinKzLMQFpEIJWYimEed8OmodG15ZyWeRVvfo4Wa0lzK2V_u4AEdUo914KtElEZ_7QD81iZB-Ix1gbvdEBqm5-UcuAJQ_QV-lCJCMnwvoqfWax2YE_hQcfKnleF3wH27fpWc5TNiYvFg6RsCV6Lc",
      "kty": "RSA",
      "q": "0ymAP-vxpddswgKUhZUMkSGpbij9hsIAGRE2OQJS7rldfIVdUfKUY9l8b9fs3QvLyg7tp330TE-A9J1eFudNEWVvEhUj0V06fiUnArP3LfYR9-QgYv3rfa_AIDqtl-U4SBZxc48i4-6j0a7IxqbbKKt_DrKe5Nig4rpp962MEZc",
      "d": "ECDRoejlJ3G83IXwLOtEUhJDr1QM5_ZGxK1UKpXKEsLMjTUo0kOYl4IY31uMdKPONcg4BG0Bc5qcKzz45t02rZvUZuwiBvrIU6A6ySqGFXFBcL8zfff-bNNK7SfOO09s8sk-95AkVccwkZ0ShnmjGX9Vh9u2Kq7GhjjOVlXAwHCxRWpitCUW42D-eNxjwp_-L3QOvZsiCTOZlvLGCbcvQqoq3bB0NTT2FBbqeHn2Qiqcd22Fd5Yy7V47Mm2oH0uWdzCSRDIAt77R5aiVEsyG4rZ-u7sSg8ua-dzls0Hf2bINU5Oo6F92UKSuTVfgCB4j4mqcMNimHaoe7nUJXdUiJQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "d96e8ecf-03a3-4997-bc26-80225fc09b36",
      "qi": "DPz1N_MlFoELilUnjm8kbmALlihf44kPYsM8ybCEMiMBpEKzoNA1MsEpsZ-dEzXmm4I7DTBno_EUWdz0iHR0ChekHs6URLCeri_81lZe33imtBZ0fHCG0nghbsYZdr8GI3sUWt3TQAtubL03uIdndHg7OZIM7K2mMD5xJaabUMY",
      "dp": "eYzx9fX4TrO_XNNYfQPhHhuXvt1TBW9yWlbqEbAuPudFB_Jkz_uIc1WwD00-eh3erQvnu_9zA7oER9nG87uGGgNK5YyrF5KK2WH72T_G8gqVAMOiLyzHNgIYZDzetAbzr6BQzSm6d8krDNEKzxU9fqQJuQ3AopNjn4vSHT8H1Ds",
      "alg": "RSA-OAEP",
      "dq": "mkEv6gIvRcoILfX6j1bhlkez4MBa7A1eSvGS3bR_5tpMm8FE-a8ujX5786wV4ShT16huHbPaOcC-YHNxH2QanYGu0NPWlYP4TdxQEh5rjAy89YyVyBrb47X2sNSMqXCOW8LhX9yJTV6wF2YKT2vmn2Agchk0D9LcPKSW8pK5xsM",
      "n": "wSD3GZxTRoghOPZxnCfpDJwfsceZqB5AOFJdFBB-4TdNgbGbODJGxouwLRxiPIoGt2DcnxVG5IvA2LctgSbBUCZDNEXVNMDeM2KTCFcnVhT_HIQan3qdq5rEYfszRVn16A9smlDqhsiWd1psN2OoZYWvOnrtExTfEfoh6yR9FesWOVymPs6t1LRMbLpi2jsbno41Qnv4EI2cg8VlMaSGic9y6vS9MS2SAo_iYXdK6zjL_7vlJV5lXBefJxpLHrq4dQW60Gi9eM8Eud_uD8dsKE3beeEWStcyAibhnALud5o7-ylM38AHD8ElO3RbLU8v_jwGWlb_5DiSzEpVe_Rq8Q"
    },
    {
      "kty": "EC",
      "d": "d208vCcuaYQVKPdL69ltUAz5xCY93MCwkrE4HJ9_LXk",
      "use": "enc",
      "crv": "P-256",
      "kid": "2964940f-a1e8-4626-817b-c69dc7d370bd",
      "x": "eafSlDhr8MXk7IEmjfuEa0qVCCw33CO6lhfDkheiiK0",
      "y": "I9JHZssXSOCPu9YeNDxiJbiYuBvnJoueLRdtlvPjZ_M",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "bcef1b8d-8d42-450d-9ef9-109caf301170",
      "n": "4QxjI-qaQrWqfAhL914G6nRXv3eNem6AddVqZ_hL6u9zGXMgN60WmPfzNRpSke87x-so2L23HwNZDrCb4rfsJzAGpnksrzOtsVEeu10UQvkPA_qGV_ObqkbVLgv-CUjmE2Dv1ZLQJHUwzAdCNtuCoTMscF5mxZUkhniWGil7runLf8Mkgr9Fv7YyDS6XpTlo8_eL-YJ177EAQupbgeKz-CpxXZlRpkHmKaN-up8Oky6PiIvkgErsLeJotiyuT3bcdn_xMhT4xFNgQbDbo4hUBz_HFXoTScP76vS3uWAWReHkDw5iWIG80Oa1Bb3Z7L2IAXFW73sUyvFPSU7xj9B_Fw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "824383cb-74ac-483d-9e3d-ca1b00eda4a1",
      "n": "mSdomNsPZ-8LrAO7OZZsRlOD91hnMHOYFS4wrxc-SMZlLm4605M0NRZwq1dUAYxZnPTjsh0EaFxPqQ8u3G8JP5gQ6EpwQ3kDlfP2hWeUcYbAVIiDaAe27_QM4LPCEpm65TsLJSN_urNrXWBwbU6PSX5NBKoJZMBl-k6Wv569gvUdMWD1saA_KRvWiGWVE64fIgIlLXjn33Hl8edzN9VEo7bF1Erv078LKJOB2usGDam-afxvPVw3iHb1GrgU4_E5IFVzowhTIlPTH2gUoX_xsMWZsvv_at1Z_4k3DQpHrqX8fhrOO3_ukmOJFR0mM7St7kQdmj29Ib2_dgK5qLp6Lw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "eb1618b8-7bf1-4857-9402-3a14363660c2",
      "x": "tazSbXFE4SmndjJzSN4P3TbWyiElcefhB8rIQDI6n-c",
      "y": "WhVqZIsaJdl_5ilwW6vT8FEdjQzIgI-tm4mRYMQTkQE"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "4bfa15d1-9bf2-4668-a49c-0ffcd12d3f3d",
      "x": "-DgKYp34FGGbU1W4Yvw9dX7tgpUwNFPAudbh0seDmgM",
      "y": "Bm-Rl8-QmxZMEXtyUnRFBklxgC3wdixd6L04R-_yqcw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "8553166a-4834-4994-92ef-3570c121ebd8",
      "x": "QVorm9h4wkDJRxDfFeIgjXC-qQPPVJJXjG0UqChN8_4",
      "y": "o7MJtzglHez6Vxkv2cL_aMKjrQo4ZM5zGnBcDvQ9GkA"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "99a3ee2a-e0e7-4e31-9b70-4c87a543dc4e",
      "x": "k-bPUhbrKeACCtQVHt6yTtgLMaiTTVblVU2c3uBfBcg"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d96e8ecf-03a3-4997-bc26-80225fc09b36",
      "alg": "RSA-OAEP",
      "n": "wSD3GZxTRoghOPZxnCfpDJwfsceZqB5AOFJdFBB-4TdNgbGbODJGxouwLRxiPIoGt2DcnxVG5IvA2LctgSbBUCZDNEXVNMDeM2KTCFcnVhT_HIQan3qdq5rEYfszRVn16A9smlDqhsiWd1psN2OoZYWvOnrtExTfEfoh6yR9FesWOVymPs6t1LRMbLpi2jsbno41Qnv4EI2cg8VlMaSGic9y6vS9MS2SAo_iYXdK6zjL_7vlJV5lXBefJxpLHrq4dQW60Gi9eM8Eud_uD8dsKE3beeEWStcyAibhnALud5o7-ylM38AHD8ElO3RbLU8v_jwGWlb_5DiSzEpVe_Rq8Q"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "2964940f-a1e8-4626-817b-c69dc7d370bd",
      "x": "eafSlDhr8MXk7IEmjfuEa0qVCCw33CO6lhfDkheiiK0",
      "y": "I9JHZssXSOCPu9YeNDxiJbiYuBvnJoueLRdtlvPjZ_M",
      "alg": "ECDH-ES"
    }
  ]
}
2021-05-27 15:23:28 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-05-27 15:23:28 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-05-27 15:23:28 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": 1580000000
}
2021-05-27 15:23:28 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_secret_jwt_alg
RS256
client_id
12345678-openid-core-clientid
client_secret
abcdefgh-openid-core-clientsecret
scope
openid accounts
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "n": "nXe9vqDEtjUQ3bYdMv67vtZ1Nr95Fnn1lQKO6ASiaIhL133AUSNmsC2De7_Fs2rEQ6r3KpzwEg6H4e7dFzCo0MTK11ZMHXyIcQsKRnviG_G8bV5EECoylY959TKvqgLd16rnqK70doAG34dglR1cn-gXpoVdM1tmTWgmQryT3y-jdNvtba9SE3-79e1FsfhbtsZ0YIS8gx7OVypPuVml7MvOkDbP8M-EaNB9YbwIdq4MK9DugaCxXI1U4naoXp47f8sl2iBeaAUuG4JWQ1Ct1sgiJOzRA1ts9WYYdu3pImXCviTb2C-6xD3DgeG5OPFQNcHG0ODQCHmEAX-DL72SHw"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgIEWf/FWTANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJH
QjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElz
c3VpbmcgQ0EwHhcNMjAxMDE0MTA1NjI3WhcNMjIxMDE0MTEyNjI3WjBeMQswCQYD
VQQGEwJHQjEXMBUGA1UEChMOSW50dWl0IExpbWl0ZWQxGTAXBgNVBGETEFBTREdC
LUZDQS03OTI5MzQxGzAZBgNVBAMTEjAwMTU4MDAwMDE2aTQ0akFBQTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBANlFM55UI2IKAavSLUBp5Nq62uDUeIox
yFqKNT9tpFhBvT2I5JSEcg4bttQSloXl6TNi7B3UwCP959iPCNJatXwXlk4W9fQt
9lP5cXHwwGLtQG2fnu72p0/SZXDe/iLCIV9n7AQJ9TZh8sYYfEhroVT59Pb8cnhb
z9GpmboNEY5Hy9NpAU5h75fGX1tVk51Se48jzB6f0uMPjcLCJHrlIw2c2aVWYzvt
cHnGuGGz+O6lhlR/sPDHMiv9bdLQVNsH7uISrV+i48vpRrmtOo+qDpeIlfsv/Gzn
sbf0sp5eS7PRSIiZAWxqLi0eY0385updRl/4vY/DBF5rbs/vxGLdigUCAwEAAaOC
AuwwggLoMA4GA1UdDwEB/wQEAwIHgDBpBggrBgEFBQcBAwRdMFswEwYGBACORgEG
MAkGBwQAjkYBBgMwRAYGBACBmCcCMDowEzARBgcEAIGYJwEDDAZQU1BfQUkMG0Zp
bmFuY2lhbCBDb25kdWN0IEF1dGhvcml0eQwGR0ItRkNBMCAGA1UdJQEB/wQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjCCAVIGA1UdIASCAUkwggFFMIIBQQYLKwYBBAGo
dYEGAQEwggEwMDUGCCsGAQUFBwIBFilodHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJv
ZHVjdGlvbi9wb2xpY2llczCB9gYIKwYBBQUHAgIwgekMgeZUaGlzIENlcnRpZmlj
YXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggT3BlbiBCYW5raW5nIExpbWl0ZWQg
YW5kIGFzc29jaWF0ZWQgT3BlbiBCYW5raW5nIFNlcnZpY2VzLiBJdHMgcmVjZWlw
dCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0
aGUgT3BlbiBCYW5raW5nIExpbWl0ZWQgQ2VydGlmaWNhdGUgUG9saWN5IGFuZCBy
ZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjByBggrBgEFBQcBAQRmMGQwJgYIKwYB
BQUHMAGGGmh0dHA6Ly9vYi50cnVzdGlzLmNvbS9vY3NwMDoGCCsGAQUFBzAChi5o
dHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3J0MD8G
A1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9vYi50cnVzdGlzLmNvbS9wcm9kdWN0aW9u
L2lzc3VpbmdjYS5jcmwwHwYDVR0jBBgwFoAUn0m/TjanrMMPK8hH9B8pG8B5CwUw
HQYDVR0OBBYEFMxf816ceEWTyPJGrWKxbQt7sHXMMA0GCSqGSIb3DQEBCwUAA4IB
AQCFutiV+po2Vla80sD5Dpvy9A5zM/CHT2Pk+Vcn19fD2KMpFc+K87IDEqZTl7gi
Lum22+abRMLwbzBPUXBg+y+j909wBWUr4iiif7W55OwrlJkN6grbruGKvXkOPc76
6e4zjMCoonUcBy7D1zJoe9naPVrJ1wHWeHde8DZSR/Rp336s9ubp5eQCDyvBtM0a
aOtrmQPhclzfSgLgA+3RZWqxE4MbTrKO65pxK1+LfKgWVAdpxU7krxtb9QUw2qdr
x8mCl8ErY7UvGgc0l8UGP1yrgi2VLpe3RN9UADnnPy4ME8BViDK9nh6toNzDBKJJ
JJ4ExCQnVkS6U4yaNsKp4HET
-----END CERTIFICATE-----
redirect_uris
[
  "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback"
]
2021-05-27 15:23:28 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_secret_jwt_alg": "RS256",
  "client_id": "12345678-openid-core-clientid",
  "client_secret": "abcdefgh-openid-core-clientsecret",
  "scope": "openid accounts",
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "n": "nXe9vqDEtjUQ3bYdMv67vtZ1Nr95Fnn1lQKO6ASiaIhL133AUSNmsC2De7_Fs2rEQ6r3KpzwEg6H4e7dFzCo0MTK11ZMHXyIcQsKRnviG_G8bV5EECoylY959TKvqgLd16rnqK70doAG34dglR1cn-gXpoVdM1tmTWgmQryT3y-jdNvtba9SE3-79e1FsfhbtsZ0YIS8gx7OVypPuVml7MvOkDbP8M-EaNB9YbwIdq4MK9DugaCxXI1U4naoXp47f8sl2iBeaAUuG4JWQ1Ct1sgiJOzRA1ts9WYYdu3pImXCviTb2C-6xD3DgeG5OPFQNcHG0ODQCHmEAX-DL72SHw"
      }
    ]
  },
  "certificate": "-----BEGIN CERTIFICATE-----\nMIIGDjCCBPagAwIBAgIEWf/FWTANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJH\nQjEUMBIGA1UEChMLT3BlbkJhbmtpbmcxHzAdBgNVBAMTFk9wZW5CYW5raW5nIElz\nc3VpbmcgQ0EwHhcNMjAxMDE0MTA1NjI3WhcNMjIxMDE0MTEyNjI3WjBeMQswCQYD\nVQQGEwJHQjEXMBUGA1UEChMOSW50dWl0IExpbWl0ZWQxGTAXBgNVBGETEFBTREdC\nLUZDQS03OTI5MzQxGzAZBgNVBAMTEjAwMTU4MDAwMDE2aTQ0akFBQTCCASIwDQYJ\nKoZIhvcNAQEBBQADggEPADCCAQoCggEBANlFM55UI2IKAavSLUBp5Nq62uDUeIox\nyFqKNT9tpFhBvT2I5JSEcg4bttQSloXl6TNi7B3UwCP959iPCNJatXwXlk4W9fQt\n9lP5cXHwwGLtQG2fnu72p0/SZXDe/iLCIV9n7AQJ9TZh8sYYfEhroVT59Pb8cnhb\nz9GpmboNEY5Hy9NpAU5h75fGX1tVk51Se48jzB6f0uMPjcLCJHrlIw2c2aVWYzvt\ncHnGuGGz+O6lhlR/sPDHMiv9bdLQVNsH7uISrV+i48vpRrmtOo+qDpeIlfsv/Gzn\nsbf0sp5eS7PRSIiZAWxqLi0eY0385updRl/4vY/DBF5rbs/vxGLdigUCAwEAAaOC\nAuwwggLoMA4GA1UdDwEB/wQEAwIHgDBpBggrBgEFBQcBAwRdMFswEwYGBACORgEG\nMAkGBwQAjkYBBgMwRAYGBACBmCcCMDowEzARBgcEAIGYJwEDDAZQU1BfQUkMG0Zp\nbmFuY2lhbCBDb25kdWN0IEF1dGhvcml0eQwGR0ItRkNBMCAGA1UdJQEB/wQWMBQG\nCCsGAQUFBwMBBggrBgEFBQcDAjCCAVIGA1UdIASCAUkwggFFMIIBQQYLKwYBBAGo\ndYEGAQEwggEwMDUGCCsGAQUFBwIBFilodHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJv\nZHVjdGlvbi9wb2xpY2llczCB9gYIKwYBBQUHAgIwgekMgeZUaGlzIENlcnRpZmlj\nYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggT3BlbiBCYW5raW5nIExpbWl0ZWQg\nYW5kIGFzc29jaWF0ZWQgT3BlbiBCYW5raW5nIFNlcnZpY2VzLiBJdHMgcmVjZWlw\ndCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0\naGUgT3BlbiBCYW5raW5nIExpbWl0ZWQgQ2VydGlmaWNhdGUgUG9saWN5IGFuZCBy\nZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjByBggrBgEFBQcBAQRmMGQwJgYIKwYB\nBQUHMAGGGmh0dHA6Ly9vYi50cnVzdGlzLmNvbS9vY3NwMDoGCCsGAQUFBzAChi5o\ndHRwOi8vb2IudHJ1c3Rpcy5jb20vcHJvZHVjdGlvbi9pc3N1aW5nY2EuY3J0MD8G\nA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9vYi50cnVzdGlzLmNvbS9wcm9kdWN0aW9u\nL2lzc3VpbmdjYS5jcmwwHwYDVR0jBBgwFoAUn0m/TjanrMMPK8hH9B8pG8B5CwUw\nHQYDVR0OBBYEFMxf816ceEWTyPJGrWKxbQt7sHXMMA0GCSqGSIb3DQEBCwUAA4IB\nAQCFutiV+po2Vla80sD5Dpvy9A5zM/CHT2Pk+Vcn19fD2KMpFc+K87IDEqZTl7gi\nLum22+abRMLwbzBPUXBg+y+j909wBWUr4iiif7W55OwrlJkN6grbruGKvXkOPc76\n6e4zjMCoonUcBy7D1zJoe9naPVrJ1wHWeHde8DZSR/Rp336s9ubp5eQCDyvBtM0a\naOtrmQPhclzfSgLgA+3RZWqxE4MbTrKO65pxK1+LfKgWVAdpxU7krxtb9QUw2qdr\nx8mCl8ErY7UvGgc0l8UGP1yrgi2VLpe3RN9UADnnPy4ME8BViDK9nh6toNzDBKJJ\nJJ4ExCQnVkS6U4yaNsKp4HET\n-----END CERTIFICATE-----",
  "redirect_uris": [
    "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback"
  ]
}
2021-05-27 15:23:28 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2021-05-27 15:23:28 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2021-05-27 15:23:28 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback"
]
2021-05-27 15:23:28 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2021-05-27 15:23:28 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2021-05-27 15:23:28 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2021-05-27 15:23:28 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2021-05-27 15:23:28 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2021-05-27 15:23:28 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2021-05-27 15:23:28 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2021-05-27 15:23:28 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-05-27 15:23:28 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2021-05-27 15:23:28 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2021-05-27 15:23:28 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2021-05-27 15:23:28 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2021-05-27 15:23:28 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2021-05-27 15:23:28 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2021-05-27 15:23:28 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2021-05-27 15:23:28 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2021-05-27 15:23:28 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2021-05-27 15:23:28 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2021-05-27 15:23:28
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2021-05-27 15:23:28
oidcc-client-test
Setup Done
2021-05-27 15:24:48 INCOMING
oidcc-client-test
Incoming HTTP request to test instance zJQRclPbofOmyqi
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Apache-HttpClient/4.5.6 (Java/1.8.0_241)",
  "accept-encoding": "gzip,deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2021-05-27 15:24:48 OUTGOING
oidcc-client-test
Response to HTTP request to test instance zJQRclPbofOmyqi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-05-27 15:24:49 INCOMING
oidcc-client-test
Incoming HTTP request to test instance zJQRclPbofOmyqi
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Apache-HttpClient/4.5.6 (Java/1.8.0_241)",
  "accept-encoding": "gzip,deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2021-05-27 15:24:49 OUTGOING
oidcc-client-test
Response to HTTP request to test instance zJQRclPbofOmyqi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-05-27 15:24:49 INCOMING
oidcc-client-test
Incoming HTTP request to test instance zJQRclPbofOmyqi
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "none",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"90\", \"Google Chrome\";v\u003d\"90\"",
  "sec-ch-ua-mobile": "?0",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,hi;q\u003d0.8",
  "cookie": "__utmz\u003d201319536.1621283291.13.3.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); __utma\u003d201319536.30309185.1617009267.1621283291.1621288066.14; JSESSIONID\u003dE2235002E33C55C6D18638CE4FD23E81",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
authorize
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "scope": "openid phone profile email address offline_access",
  "response_type": "code",
  "redirect_uri": "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback",
  "client_id": "12345678-openid-core-clientid",
  "nonce": "awb.834e183c-5fcb-44a8-81b4-655f755e644c",
  "state": "awb.834e183c-5fcb-44a8-81b4-655f755e644c"
}
incoming_body
Authorization endpoint
2021-05-27 15:24:49 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2021-05-27 15:24:49 SUCCESS
OIDCCEnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "phone",
  "profile",
  "email",
  "address",
  "offline_access"
]
expected
openid
2021-05-27 15:24:49 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "scope": "openid phone profile email address offline_access",
  "response_type": "code",
  "redirect_uri": "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback",
  "client_id": "12345678-openid-core-clientid",
  "nonce": "awb.834e183c-5fcb-44a8-81b4-655f755e644c",
  "state": "awb.834e183c-5fcb-44a8-81b4-655f755e644c"
}
2021-05-27 15:24:49 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid phone profile email address offline_access
2021-05-27 15:24:49 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
awb.834e183c-5fcb-44a8-81b4-655f755e644c
2021-05-27 15:24:49 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2021-05-27 15:24:49 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
12345678-openid-core-clientid
2021-05-27 15:24:49 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback
expected
[
  "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback"
]
2021-05-27 15:24:49 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "phone",
  "profile",
  "email",
  "address",
  "offline_access"
]
expected
openid
2021-05-27 15:24:49 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2021-05-27 15:24:49 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
e46tAFBQZ9
2021-05-27 15:24:49 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
6keB_zuBLBO0BOhTVYRQdg
2021-05-27 15:24:49 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback",
  "state": "awb.834e183c-5fcb-44a8-81b4-655f755e644c"
}
2021-05-27 15:24:49 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback",
  "state": "awb.834e183c-5fcb-44a8-81b4-655f755e644c",
  "code": "e46tAFBQZ9"
}
2021-05-27 15:24:49
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback?state=awb.834e183c-5fcb-44a8-81b4-655f755e644c&code=e46tAFBQZ9
2021-05-27 15:24:49 OUTGOING
oidcc-client-test
Response to HTTP request to test instance zJQRclPbofOmyqi
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback?state=awb.834e183c-5fcb-44a8-81b4-655f755e644c&code=e46tAFBQZ9]
outgoing_path
authorize
2021-05-27 15:24:51 INCOMING
oidcc-client-test
Incoming HTTP request to test instance zJQRclPbofOmyqi
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Basic MTIzNDU2Nzgtb3BlbmlkLWNvcmUtY2xpZW50aWQ6YWJjZGVmZ2gtb3BlbmlkLWNvcmUtY2xpZW50c2VjcmV0",
  "content-type": "application/x-www-form-urlencoded; charset\u003dUTF-8",
  "user-agent": "Apache-HttpClient/4.5.6 (Java/1.8.0_241)",
  "accept-encoding": "gzip,deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "245",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
token
incoming_body_form_params
{
  "code": "e46tAFBQZ9",
  "grant_type": "authorization_code",
  "redirect_uri": "https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback",
  "client_id": "12345678-openid-core-clientid",
  "client_secret": "abcdefgh-openid-core-clientsecret"
}
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
code=e46tAFBQZ9&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fpartnerauth-e2e.platform.intuit.com%2Fexternal_partner%2Fopenid_core_cert%2Fcallback&client_id=12345678-openid-core-clientid&client_secret=abcdefgh-openid-core-clientsecret
Token endpoint
2021-05-27 15:24:51 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
12345678-openid-core-clientid
client_secret
abcdefgh-openid-core-clientsecret
method
client_secret_basic
2021-05-27 15:24:51 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2021-05-27 15:24:51 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
e46tAFBQZ9
2021-05-27 15:24:51 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://partnerauth-e2e.platform.intuit.com/external_partner/openid_core_cert/callback
2021-05-27 15:24:51 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
CLbne35dpCtD49PBhBBGDcRhmQisOw0af5cEE8TtWUF6GICvo1
2021-05-27 15:24:51 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
KEsq0XrhO9SVbd1u2njJag
2021-05-27 15:24:51 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/
sub
user-subject-1234531
aud
12345678-openid-core-clientid
nonce
awb.834e183c-5fcb-44a8-81b4-655f755e644c
iat
1622129091
exp
1622129391
2021-05-27 15:24:51 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
KEsq0XrhO9SVbd1u2njJag
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/Intuit_pauth_openid_core_basic_plan_1/",
  "sub": "user-subject-1234531",
  "aud": "12345678-openid-core-clientid",
  "nonce": "awb.834e183c-5fcb-44a8-81b4-655f755e644c",
  "iat": 1622129091,
  "exp": 1622129391,
  "at_hash": "KEsq0XrhO9SVbd1u2njJag"
}
2021-05-27 15:24:51 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJiY2VmMWI4ZC04ZDQyLTQ1MGQtOWVmOS0xMDljYWYzMDExNzAiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiS0VzcTBYcmhPOVNWYmQxdTJuakphZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiMTIzNDU2Nzgtb3BlbmlkLWNvcmUtY2xpZW50aWQiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvSW50dWl0X3BhdXRoX29wZW5pZF9jb3JlX2Jhc2ljX3BsYW5fMVwvIiwiZXhwIjoxNjIyMTI5MzkxLCJub25jZSI6ImF3Yi44MzRlMTgzYy01ZmNiLTQ0YTgtODFiNC02NTVmNzU1ZTY0NGMiLCJpYXQiOjE2MjIxMjkwOTF9.H7tdIoJzcyr2v3IWhUYX_uHsFnpbWDajHUCVwTaKqeoqExPRBlAK304ps-oveKasDP0JfSEXlsqH1BkrSEuOAucGDhlc8JOC58N9-kTyJcF2hr9paetApbdoFqKZw8p8Pr55HHK3oInurGYQM4a3EbDBDJrNz4LHUQMrYPKTMKlw3zEztAutfAUHppY6oQOFzMUA3qPnYij8w9OrbmsftW82-FZktw6PexHP1wrpFoSffyig8vdm7KCUpb9W7YrvgdlNooXQammW8sbDA9gnMsyJzI6r79EVn-NHJ4Hl6MB-WctyjznoMIiM0TnHXSvNruhWg3gWGsXq_xIUFgnIdA
key
{"p":"_3hWU3JLTmr4EZwKV3WXKFvTzw1OpElFwpbKK1Hd1r-3pXstP7UbXUVmBQxWwtcKAb0mN5Ygcm1reR1OVdRgPv8ekNy9jxfQtnjujqYXsOzIKPwxJWSG-fhpfe984VjPoyEp-qSJP4AGcWLq-VTeEwsURtkPPvCqFojZJIPu8Gk","kty":"RSA","q":"4YPlKddmQ1cP0MmNsYolsloTJphioxjcm7J4WL-ENOg4leGQvCx7kMhaZyQQJ7LpSL7lHg8spCG2Uo4JX1DE1w2zkDNh3ESfF53hInhy3IPGD7ihhlQm1LCeANJj-VHU43hueGDLOcqdERzk0PXdL0LrqkBNApv9GEd6g6UGA38","d":"O5Fu0HvxlwTE-o2rpe9ifz6KV2jKrwR-xjHWN2z2k1oMKklZ1sLe_2BqJL0x6-TZ-wHYzv3wcaoOMaA3stwiCwFgUUIzvLA-IngpXUi26z9HZTMzyiX2Jy0WklikRkrgc3KuKObyZyQJ5YdqVGDoA8kq0xd5toTSpTFX8dbXISXL4kLO1YA2C0jPVrm4Sj9c2zrCv67X1qpRX2a41NOJOasezj1AR41FnQQOzT0s9LCWh0ekCH01xQ6QwuQ6i6QXk7NpKwP3CO-oqebtvUP7A7o9yIGnHTU0h4XGFWS9H0sv6L5tuaN6gxhYUDECPEzDrEqwvOtt2MgALmW9OReVkQ","e":"AQAB","use":"sig","kid":"bcef1b8d-8d42-450d-9ef9-109caf301170","qi":"BLsxCCDVvkEz_eq8q5CsHH0dYsT66giuw_FweNITupjvpZKI5lf8KggDr3xW6dEqlp4npZOO19-KQo2g3MIWZVEtW67PCFH2z8Rah3x3sWJ8JlrgYs8HHGUHsn4gqFF9AqTJ2PUBraNkX6kmH-U0Mn55hhitawYFk60e9zAGs9c","dp":"p1V8PfZcS0YXrPkncPgOBZp4V2PhAg0Yi4fXbp6WDybOtK7FCbin7uUZGO9nGQJfhJoPoVNNd4YiYleGywNr83eJ3tsnssWnqQ33PCqg0_uUc_wUeOiq3KsQ9jNa-gQBJVoAtDL3z0cdcUGYpa4oNBMKuglNSi27Sz1h9eARLxk","dq":"Ik2-4TN7wciPhlHydMwv2cZr3VYWwvp4LFLkjZNsV-PvH5V1P7qAfVCMt927e15yr_chwQXL45ehNUOX12Dg4FmcM9YtD6V8kcoZQfYSesqsqR2LrHRGh9np3vQh8v3opUVfgH4wy7SvWbgMcmDD6XmDgZ1QWZJC2Jue3kGO_Z8","n":"4QxjI-qaQrWqfAhL914G6nRXv3eNem6AddVqZ_hL6u9zGXMgN60WmPfzNRpSke87x-so2L23HwNZDrCb4rfsJzAGpnksrzOtsVEeu10UQvkPA_qGV_ObqkbVLgv-CUjmE2Dv1ZLQJHUwzAdCNtuCoTMscF5mxZUkhniWGil7runLf8Mkgr9Fv7YyDS6XpTlo8_eL-YJ177EAQupbgeKz-CpxXZlRpkHmKaN-up8Oky6PiIvkgErsLeJotiyuT3bcdn_xMhT4xFNgQbDbo4hUBz_HFXoTScP76vS3uWAWReHkDw5iWIG80Oa1Bb3Z7L2IAXFW73sUyvFPSU7xj9B_Fw"}
algorithm
RS256
2021-05-27 15:24:51 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2021-05-27 15:24:51 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
CLbne35dpCtD49PBhBBGDcRhmQisOw0af5cEE8TtWUF6GICvo1
token_type
Bearer
id_token
eyJraWQiOiJiY2VmMWI4ZC04ZDQyLTQ1MGQtOWVmOS0xMDljYWYzMDExNzAiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiS0VzcTBYcmhPOVNWYmQxdTJuakphZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiMTIzNDU2Nzgtb3BlbmlkLWNvcmUtY2xpZW50aWQiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvSW50dWl0X3BhdXRoX29wZW5pZF9jb3JlX2Jhc2ljX3BsYW5fMVwvIiwiZXhwIjoxNjIyMTI5MzkxLCJub25jZSI6ImF3Yi44MzRlMTgzYy01ZmNiLTQ0YTgtODFiNC02NTVmNzU1ZTY0NGMiLCJpYXQiOjE2MjIxMjkwOTF9.H7tdIoJzcyr2v3IWhUYX_uHsFnpbWDajHUCVwTaKqeoqExPRBlAK304ps-oveKasDP0JfSEXlsqH1BkrSEuOAucGDhlc8JOC58N9-kTyJcF2hr9paetApbdoFqKZw8p8Pr55HHK3oInurGYQM4a3EbDBDJrNz4LHUQMrYPKTMKlw3zEztAutfAUHppY6oQOFzMUA3qPnYij8w9OrbmsftW82-FZktw6PexHP1wrpFoSffyig8vdm7KCUpb9W7YrvgdlNooXQammW8sbDA9gnMsyJzI6r79EVn-NHJ4Hl6MB-WctyjznoMIiM0TnHXSvNruhWg3gWGsXq_xIUFgnIdA
scope
openid phone profile email address offline_access
2021-05-27 15:24:51 OUTGOING
oidcc-client-test
Response to HTTP request to test instance zJQRclPbofOmyqi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "CLbne35dpCtD49PBhBBGDcRhmQisOw0af5cEE8TtWUF6GICvo1",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJiY2VmMWI4ZC04ZDQyLTQ1MGQtOWVmOS0xMDljYWYzMDExNzAiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiS0VzcTBYcmhPOVNWYmQxdTJuakphZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiMTIzNDU2Nzgtb3BlbmlkLWNvcmUtY2xpZW50aWQiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvSW50dWl0X3BhdXRoX29wZW5pZF9jb3JlX2Jhc2ljX3BsYW5fMVwvIiwiZXhwIjoxNjIyMTI5MzkxLCJub25jZSI6ImF3Yi44MzRlMTgzYy01ZmNiLTQ0YTgtODFiNC02NTVmNzU1ZTY0NGMiLCJpYXQiOjE2MjIxMjkwOTF9.H7tdIoJzcyr2v3IWhUYX_uHsFnpbWDajHUCVwTaKqeoqExPRBlAK304ps-oveKasDP0JfSEXlsqH1BkrSEuOAucGDhlc8JOC58N9-kTyJcF2hr9paetApbdoFqKZw8p8Pr55HHK3oInurGYQM4a3EbDBDJrNz4LHUQMrYPKTMKlw3zEztAutfAUHppY6oQOFzMUA3qPnYij8w9OrbmsftW82-FZktw6PexHP1wrpFoSffyig8vdm7KCUpb9W7YrvgdlNooXQammW8sbDA9gnMsyJzI6r79EVn-NHJ4Hl6MB-WctyjznoMIiM0TnHXSvNruhWg3gWGsXq_xIUFgnIdA",
  "scope": "openid phone profile email address offline_access"
}
outgoing_path
token
2021-05-27 15:24:51 INCOMING
oidcc-client-test
Incoming HTTP request to test instance zJQRclPbofOmyqi
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Apache-HttpClient/4.5.6 (Java/1.8.0_241)",
  "accept-encoding": "gzip,deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
jwks
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2021-05-27 15:24:51 OUTGOING
oidcc-client-test
Response to HTTP request to test instance zJQRclPbofOmyqi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "bcef1b8d-8d42-450d-9ef9-109caf301170",
      "n": "4QxjI-qaQrWqfAhL914G6nRXv3eNem6AddVqZ_hL6u9zGXMgN60WmPfzNRpSke87x-so2L23HwNZDrCb4rfsJzAGpnksrzOtsVEeu10UQvkPA_qGV_ObqkbVLgv-CUjmE2Dv1ZLQJHUwzAdCNtuCoTMscF5mxZUkhniWGil7runLf8Mkgr9Fv7YyDS6XpTlo8_eL-YJ177EAQupbgeKz-CpxXZlRpkHmKaN-up8Oky6PiIvkgErsLeJotiyuT3bcdn_xMhT4xFNgQbDbo4hUBz_HFXoTScP76vS3uWAWReHkDw5iWIG80Oa1Bb3Z7L2IAXFW73sUyvFPSU7xj9B_Fw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "824383cb-74ac-483d-9e3d-ca1b00eda4a1",
      "n": "mSdomNsPZ-8LrAO7OZZsRlOD91hnMHOYFS4wrxc-SMZlLm4605M0NRZwq1dUAYxZnPTjsh0EaFxPqQ8u3G8JP5gQ6EpwQ3kDlfP2hWeUcYbAVIiDaAe27_QM4LPCEpm65TsLJSN_urNrXWBwbU6PSX5NBKoJZMBl-k6Wv569gvUdMWD1saA_KRvWiGWVE64fIgIlLXjn33Hl8edzN9VEo7bF1Erv078LKJOB2usGDam-afxvPVw3iHb1GrgU4_E5IFVzowhTIlPTH2gUoX_xsMWZsvv_at1Z_4k3DQpHrqX8fhrOO3_ukmOJFR0mM7St7kQdmj29Ib2_dgK5qLp6Lw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "eb1618b8-7bf1-4857-9402-3a14363660c2",
      "x": "tazSbXFE4SmndjJzSN4P3TbWyiElcefhB8rIQDI6n-c",
      "y": "WhVqZIsaJdl_5ilwW6vT8FEdjQzIgI-tm4mRYMQTkQE"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "4bfa15d1-9bf2-4668-a49c-0ffcd12d3f3d",
      "x": "-DgKYp34FGGbU1W4Yvw9dX7tgpUwNFPAudbh0seDmgM",
      "y": "Bm-Rl8-QmxZMEXtyUnRFBklxgC3wdixd6L04R-_yqcw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "8553166a-4834-4994-92ef-3570c121ebd8",
      "x": "QVorm9h4wkDJRxDfFeIgjXC-qQPPVJJXjG0UqChN8_4",
      "y": "o7MJtzglHez6Vxkv2cL_aMKjrQo4ZM5zGnBcDvQ9GkA"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "99a3ee2a-e0e7-4e31-9b70-4c87a543dc4e",
      "x": "k-bPUhbrKeACCtQVHt6yTtgLMaiTTVblVU2c3uBfBcg"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "d96e8ecf-03a3-4997-bc26-80225fc09b36",
      "alg": "RSA-OAEP",
      "n": "wSD3GZxTRoghOPZxnCfpDJwfsceZqB5AOFJdFBB-4TdNgbGbODJGxouwLRxiPIoGt2DcnxVG5IvA2LctgSbBUCZDNEXVNMDeM2KTCFcnVhT_HIQan3qdq5rEYfszRVn16A9smlDqhsiWd1psN2OoZYWvOnrtExTfEfoh6yR9FesWOVymPs6t1LRMbLpi2jsbno41Qnv4EI2cg8VlMaSGic9y6vS9MS2SAo_iYXdK6zjL_7vlJV5lXBefJxpLHrq4dQW60Gi9eM8Eud_uD8dsKE3beeEWStcyAibhnALud5o7-ylM38AHD8ElO3RbLU8v_jwGWlb_5DiSzEpVe_Rq8Q"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "2964940f-a1e8-4626-817b-c69dc7d370bd",
      "x": "eafSlDhr8MXk7IEmjfuEa0qVCCw33CO6lhfDkheiiK0",
      "y": "I9JHZssXSOCPu9YeNDxiJbiYuBvnJoueLRdtlvPjZ_M",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2021-05-27 15:24:51 INCOMING
oidcc-client-test
Incoming HTTP request to test instance zJQRclPbofOmyqi
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Bearer CLbne35dpCtD49PBhBBGDcRhmQisOw0af5cEE8TtWUF6GICvo1",
  "user-agent": "Apache-HttpClient/4.5.6 (Java/1.8.0_241)",
  "accept-encoding": "gzip,deflate",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
userinfo
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
Userinfo endpoint
2021-05-27 15:24:51 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
CLbne35dpCtD49PBhBBGDcRhmQisOw0af5cEE8TtWUF6GICvo1
2021-05-27 15:24:51 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
CLbne35dpCtD49PBhBBGDcRhmQisOw0af5cEE8TtWUF6GICvo1
2021-05-27 15:24:51 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
phone_number_verified
false
phone_number
+1 555 5550000
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
email
user@example.com
email_verified
false
address
{
  "street_address": "100 Universal City Plaza",
  "locality": "Hollywood",
  "region": "CA",
  "postal_code": "91608",
  "country": "USA"
}
2021-05-27 15:24:51
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-05-27 15:24:51 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-05-27 15:24:51 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2021-05-27 15:24:51 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2021-05-27 15:24:51 OUTGOING
oidcc-client-test
Response to HTTP request to test instance zJQRclPbofOmyqi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "phone_number_verified": false,
  "phone_number": "+1 555 5550000",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": 1580000000,
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User",
  "email": "user@example.com",
  "email_verified": false,
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  }
}
outgoing_path
userinfo
2021-05-27 15:24:51 FINISHED
oidcc-client-test
Test has run to completion
testmodule_result
PASSED
2021-05-27 15:33:33
TEST-RUNNER
Alias has now been claimed by another test
alias
Intuit_pauth_openid_core_basic_plan_1
new_test_id
CZh7Jpv0Oieaglc
Test Results