Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-04-29 10:54:14 INFO
TEST-RUNNER
Test instance iwgwKLJ8cpyjl7C created
baseUrl
https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
c652cf14-abb3-4246-acf5-6314dbc95d5d
description
oauth4webapi/0.6.0 (https://github.com/panva/oauth4webapi)
planId
VOKklrPVi0mdm
config
{
  "description": "oauth4webapi/0.6.0 (https://github.com/panva/oauth4webapi)",
  "alias": "c652cf14-abb3-4246-acf5-6314dbc95d5d",
  "client": {
    "client_id": "client-c652cf14-abb3-4246-acf5-6314dbc95d5d",
    "client_secret": "client-c652cf14-abb3-4246-acf5-6314dbc95d5d",
    "scope": "All your base are belong to us",
    "redirect_uri": "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "n": "4YtjGzaveYRd8ANMOb0qGEFHvhQ4zx_Jv_GFf6I2-Y3-GIYDwtBpVcSM4V9bV4GTd2oitqxQCG818jXDtLJAss5ReHsWRsMNYl6--6Yd914JUidE939nVp5iaGsGQvWILlXyFXBPxJA5zYLirkMVdwr_B6QFvpl9ccs0yziaDxtaEd5fqE5Vfhz0tU_AHK0_HT-OcwsDscozms95GY9L2RHr3ibHH2uHCq66zit-Vq_PpUYKgJKQkGJzvNRYn0D5vMVhQYeyPT13bI99sNxrXKgy3HaJTlrtQ5Nki5T2gzdpZkdl5B-2yo7zJuJsPXhh7ADX3-pUqdRrhW_bfikmGw",
          "e": "AQAB",
          "use": "sig",
          "alg": "RS256",
          "kid": "f056b9ad-0084-40a9-9401-3e25718e05fc"
        }
      ]
    },
    "id_token_signed_response_alg": "RS256"
  },
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-invalid-iss
2022-04-29 10:54:14 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-04-29 10:54:14
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-04-29 10:54:14
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "6LQfN32mn4TyMT6mZzlwfzlT--lGQvd-LAsvoSNoP4CUGf9huoXOvLtWvAB-P_ZZnul1kuvsIcP21J7aksOKqI81GV5F9-duu1xEff6kpjSIgm6NUs4_UCDVp1k5qEj0kFgKJnwacJSuYMKKiGVit_NA7oVaArMlWgA6MhkPxq0",
      "kty": "RSA",
      "q": "tHpJYnySynY4Kg7mdiNwUbJKaCsY_UzsrHbjdNxEBzNvo7GJm9qY2crlD_vjUtHmgoWKa3sqWTIDtH7C3UYkSdrFk_Er4zzf-sCemPCP6cWDQwHX4TW9N-I2466wXUZZOy-L1KGSpAUl2uhnjXR8IomTJNPms74faO6n1pN0KGE",
      "d": "IcLRnxelja2NHuPdTjvqOQgEIGgra-JwZ8IVKoqLl1U1niH_EsJuQdBbHV6svr1F0rfoytbm3sGUgmxUOmVbQfyoj5rN1hoD8-b97Tvwax84K0xHOiY7lwl7dtX9uijhYaOfEJqK9ZCettaPSxnOYQK_AHo7Yh5nxnLtSUGz6HdQ1oSaLo3XmOaOq9GRMVoJN5Fyz6ee28jb6OM2mSU6Z8IVbY3yCI9jSSL2BBrcwGJBtl03nlwIUlsVK4QK64E0WaHFaRVwlB9rhWcKalILkUp9CSht4UAVD95AidklRlBy_l7BPaZV5eK8wCxfIw2Vi4zeap7WDkUSPgfctuX3gQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "e6d4c54f-c5a4-4f03-b0e1-27aeeb70e04f",
      "qi": "z3KfahlrqbjkM-ZkKEZb_8usowr4lz0xezVcEbX9iLXkcrjgLrW3qiHBHfEIhxMJ62ZljN5AiREORJ-KRm5__953IoL2gjnRTh46HRCDCS8qhZQwYOFuYJ6ry4N3DGTfxSQ3pb4x8zeOATFk3euax1QiX80tpNCftL3DGVr1N2U",
      "dp": "m7L5OB3AgPdpPX3XxTVvihCHmwQIWQJTz5BkfAK-285iScrQTwb8vtbyP7RsxMtGR8eZPYbRZf5Chx0Kziw7-HBpbOHhGvAk7QPdaBgbfoGj3PGvaXpKboipq-FNbMXzrSjbEcjzv-QbkO5Z1s1Pchk2luFuymOnWELSrXaLUbk",
      "dq": "Nr5NGjGdOQpo-ODyKO2Q-UbyaOyBtPurYpjhX6YcgG6qs2V7zymcaZuwpYuLJakDmZ22IeoHK20PUKWOqB3JjhltCvYBkPj7G41nzg5SKN-_dAjQGcD6N0RH0AJB_tkC4gAHEyU7XMMu-1q5Zl_p83P1jRs1hFnsHyEdCepKNqE",
      "n": "pA3OfsfifYZiJDJq-urOfvN5sl9SDpMvoK966lZA1m1jUPxSUSeE7iZ5Pzj3AsCrlxrF81pJyuYnED6wPFCDCLX27pUHtGA8ZZFMU-64cR8PD9uanD5KntFCO0l8sM2FKcv3gCxBhnlfERab8YTqbw_GDfSlheic8_-KF4416PLGxBpfw9MR7BjnnpEUKPzhlBIlT4G_7H2rWM_JpN0HzJEPUpIUbSYoHtQWEiZ7Zuo0UA8o0VaS7CxLoLjzIfZ3KmnQHoId1WcFA7Wp_SpPd0QrtAjIw_ZF_oS4lnnrvCuYwFqeg53F48-dHaHz02SDAXBxQhTcH0qA5jq_U2lPjQ"
    },
    {
      "kty": "EC",
      "d": "EopkBK3GFymL08wQE7m3-3_RjffLSKsW0P6M7cC5Ne0",
      "use": "sig",
      "crv": "P-256",
      "kid": "7fe5d010-eba0-48a3-b64a-38dc58b347e6",
      "x": "58_8UKpj_3ELBsMDywYuOM2ofTR2lbCVZ_bX7CtMkvE",
      "y": "EoLmO24eRggyz7AGaSMGzJ4imrLpiyxVhPs9PWHEkmw"
    },
    {
      "kty": "EC",
      "d": "E_wkqXd_pqNy0ziCnEbphbmXE2Fr9mm3DdgT3pTeXBw",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "de94a4cd-965e-4325-9927-829ed43ed44f",
      "x": "JY2Nf9AC1fKKJ_SQTKVQsetRDd_BJLRK30I_JRGt3RA",
      "y": "vMQHngjmurwN_x9MKV_s5XXpqShn8nMwDjdefHkf3Jo"
    },
    {
      "kty": "OKP",
      "d": "O8aDzde3r4btG7y-4QKBivR1JuRVrIjoNx5C0gPsLyk",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4e31e274-9a08-4caf-b4b7-2154fdf83cc2",
      "x": "Owt9Hk2G02v-pJlsl87eTQ-qwk7UAfYDMfJci6hiOns"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "-dayab3Q7NxywAexioR26gRUAbCa6zcJgzqEkf5975cqjxc9g4SBujf-2qKb87QElhfKnQe9KVExwJpApmoI28exDfJSMKElMw0tYOx7qb780WO53-40LhFeCB26PnsxXFAE4VFCcOb7tNj_o9gb507shW66IyjXk0FijVz3lT8",
      "kty": "RSA",
      "q": "o4ihqqVDBVrJl5hwys-reMEyXxzDRF6Yh_lix9HwwrKFfdNGFDi--ErScZiDuo-4o8UDoxwxkssYzsyvQJMpB8v1WmeeDS_x2EO3j_iw9aq4-1y8-Mv26to35lpfgrji6JV7-9mjeSfT3zHXoiLIDZYY2qUNJP5Eum96CdGwJKE",
      "d": "dFX_O2E_Y1PRvCvM73glTR8N3LYivJ_t6lBAXE3DgMfjybWxgeaw60EzCJv7Tywv0alKLWMTbeU0KATKcmPTRQNtKr75MVXYjzjxEp_eMOtcrzVYYlizcBY_MCwp8gxN87HTZlIV4KOL_uK73I7SocgfVeWM7szr9NkPwHngOw2C-FjBVMzCCyN0iVMFzb6Z_iLb2Xr12g9CKR5N_2G5BZPqKKlibYHdwvnug-0eEtaPLG9dEC7yRCIaIpk314zzjnhf6aj-fEDESeA6Q8dfYNgtCdnlv_d8WnO5NcmEt3geFAOGk7PrZLJGeGi92Pcmr0stWcn0orzqj6KNzO29AQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "6a0adcd7-dc00-4629-96d3-8b1485c53620",
      "qi": "lRclEi8aSXwp6Oy7T-TjGuW7CaZmLLDsu-Vace0agCt4XSSQSCBDAyDrqbLR_RvCRjGbIv7MMtOC_X4-PvPB9w7xyCrRx7gfZsvTRZcb3-IYArDju6lLRorGK1Ntq1gYBm_-ucQAYHmu8XUP7AFJR210_p8RioHUJhA5aBoCWfM",
      "dp": "vVrKuDgETDE8y2xJVInXMsB7BxjaIaICFLLaXWh7_IYe3Hqpxa89P21HPF_4QPnUbAm2J9QAu3rtcWO30ikVc7Xi7IYXYwIPlqTLGuXBSEMXjH_AFgeNBslk8lPNn6NxIt0HBdq3t6hpZ4T8JCsb4vE_dFYav6Ep2lK5JhkrELM",
      "alg": "RSA-OAEP",
      "dq": "KeVZNbS9JOQLfZEKZIsrrPYiB4gA5sUtYribfAHnIppF5OR5sbiQBGB25a9jICqt7RcORX11ndv2cRSzWWHaQysXop-lOE-uL--5WWMnQukIFy29JChtC-H4LEW-7mibiWayquUpImL3vtiwG9O5WPG5UFq0sWOLDBB_PYDBFcE",
      "n": "n5kLbqwYoc9Imc4wzc3-9NsKVJrCQpeEary6uX1fh1aZ3r2W9zDzmXcxEyLlX32rO9_TMYWcExSnLeXRyAuFAnVDD5ALO9ICpGpn2dm4oAsMNdshHZuV_GhtnGMrnGclXIjLVamuhKX5y_3UDdyKu0WxEK5pWwuGg9picD5AX_Ac8WLWBOGyKr8-uNiy6ysmwdI58S3-_xmRPR-SDDEuAf38vFGfXT8K-neJDWwLHxakj7ISREc7c6mzlqB6Cc2RU7VnT9jruhCNYJDv-TmWIfbdltpYrwHbmswIMw0ZlfpcwShvty7f7B3E7crEb2VWWhac1GQXzH22NixAUwG4nw"
    },
    {
      "kty": "EC",
      "d": "BTSEzQVmmc8Zdzy0eRxMxZ8h0WmEbsybNbl1xG0GKSY",
      "use": "enc",
      "crv": "P-256",
      "kid": "4c65a2a1-0c15-41f3-8657-7b3bf1cd87e6",
      "x": "6CcsxclTBueASQo_4-z8u-78vRV9qHuBitF0g75Qqdc",
      "y": "g96NKc8fP52_ujJ6AT3BZybYG2Z45UtaKD-1QpgiyrM",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e6d4c54f-c5a4-4f03-b0e1-27aeeb70e04f",
      "n": "pA3OfsfifYZiJDJq-urOfvN5sl9SDpMvoK966lZA1m1jUPxSUSeE7iZ5Pzj3AsCrlxrF81pJyuYnED6wPFCDCLX27pUHtGA8ZZFMU-64cR8PD9uanD5KntFCO0l8sM2FKcv3gCxBhnlfERab8YTqbw_GDfSlheic8_-KF4416PLGxBpfw9MR7BjnnpEUKPzhlBIlT4G_7H2rWM_JpN0HzJEPUpIUbSYoHtQWEiZ7Zuo0UA8o0VaS7CxLoLjzIfZ3KmnQHoId1WcFA7Wp_SpPd0QrtAjIw_ZF_oS4lnnrvCuYwFqeg53F48-dHaHz02SDAXBxQhTcH0qA5jq_U2lPjQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "9318f156-439f-4825-b719-c53d0d41bea5",
      "n": "yx_A62zrO1BtcjjlXNfv1pP-4AO8eijSvdieDOpClqIs7q5D_x0MYkyEv4oi8BLGYTI_odRy3kLcIRoVUP0JRIQLL3Ht2C3So4AdU4IRmWKR1nP6f34WImxo1v_siG-is3TDiMP0maNmNAOo2Wr5xWftuCPWG1w1muSBpD8-OqrIKRIafLsrK8XxWYnk1nVyJZy0v9rG3N29vPrh1yPTa0qlxrzEQ2FOi0unkVhhggId7FEtmWb1Pcz7DN3lQOncy8J6C7kwaXJm9_g2J1WFN9zbxTrYcqEFVt1BdB98zTLFD0PUvB8dk-woqx4TQc46g6pJ6CPRgZve1LTCz2URJw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7fe5d010-eba0-48a3-b64a-38dc58b347e6",
      "x": "58_8UKpj_3ELBsMDywYuOM2ofTR2lbCVZ_bX7CtMkvE",
      "y": "EoLmO24eRggyz7AGaSMGzJ4imrLpiyxVhPs9PWHEkmw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "ad02714e-8092-452f-85c5-1f6bc271fff4",
      "x": "skorw_tCx_XP5k-3L5IgmBrP9d16Of_QgRV67WgTl04",
      "y": "hUMq3ct7zVLOOKJEk6COlFmhAMELX8UY8QW_hczghnc"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "de94a4cd-965e-4325-9927-829ed43ed44f",
      "x": "JY2Nf9AC1fKKJ_SQTKVQsetRDd_BJLRK30I_JRGt3RA",
      "y": "vMQHngjmurwN_x9MKV_s5XXpqShn8nMwDjdefHkf3Jo"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4e31e274-9a08-4caf-b4b7-2154fdf83cc2",
      "x": "Owt9Hk2G02v-pJlsl87eTQ-qwk7UAfYDMfJci6hiOns"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "6a0adcd7-dc00-4629-96d3-8b1485c53620",
      "alg": "RSA-OAEP",
      "n": "n5kLbqwYoc9Imc4wzc3-9NsKVJrCQpeEary6uX1fh1aZ3r2W9zDzmXcxEyLlX32rO9_TMYWcExSnLeXRyAuFAnVDD5ALO9ICpGpn2dm4oAsMNdshHZuV_GhtnGMrnGclXIjLVamuhKX5y_3UDdyKu0WxEK5pWwuGg9picD5AX_Ac8WLWBOGyKr8-uNiy6ysmwdI58S3-_xmRPR-SDDEuAf38vFGfXT8K-neJDWwLHxakj7ISREc7c6mzlqB6Cc2RU7VnT9jruhCNYJDv-TmWIfbdltpYrwHbmswIMw0ZlfpcwShvty7f7B3E7crEb2VWWhac1GQXzH22NixAUwG4nw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "4c65a2a1-0c15-41f3-8657-7b3bf1cd87e6",
      "x": "6CcsxclTBueASQo_4-z8u-78vRV9qHuBitF0g75Qqdc",
      "y": "g96NKc8fP52_ujJ6AT3BZybYG2Z45UtaKD-1QpgiyrM",
      "alg": "ECDH-ES"
    }
  ]
}
2022-04-29 10:54:14 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-04-29 10:54:14 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-04-29 10:54:14 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "updated_at": 1580000000
}
2022-04-29 10:54:14 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
client-c652cf14-abb3-4246-acf5-6314dbc95d5d
client_secret
client-c652cf14-abb3-4246-acf5-6314dbc95d5d
scope
All your base are belong to us
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "n": "4YtjGzaveYRd8ANMOb0qGEFHvhQ4zx_Jv_GFf6I2-Y3-GIYDwtBpVcSM4V9bV4GTd2oitqxQCG818jXDtLJAss5ReHsWRsMNYl6--6Yd914JUidE939nVp5iaGsGQvWILlXyFXBPxJA5zYLirkMVdwr_B6QFvpl9ccs0yziaDxtaEd5fqE5Vfhz0tU_AHK0_HT-OcwsDscozms95GY9L2RHr3ibHH2uHCq66zit-Vq_PpUYKgJKQkGJzvNRYn0D5vMVhQYeyPT13bI99sNxrXKgy3HaJTlrtQ5Nki5T2gzdpZkdl5B-2yo7zJuJsPXhh7ADX3-pUqdRrhW_bfikmGw",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "kid": "f056b9ad-0084-40a9-9401-3e25718e05fc"
    }
  ]
}
id_token_signed_response_alg
RS256
redirect_uris
[
  "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb"
]
2022-04-29 10:54:14 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "client-c652cf14-abb3-4246-acf5-6314dbc95d5d",
  "client_secret": "client-c652cf14-abb3-4246-acf5-6314dbc95d5d",
  "scope": "All your base are belong to us",
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "n": "4YtjGzaveYRd8ANMOb0qGEFHvhQ4zx_Jv_GFf6I2-Y3-GIYDwtBpVcSM4V9bV4GTd2oitqxQCG818jXDtLJAss5ReHsWRsMNYl6--6Yd914JUidE939nVp5iaGsGQvWILlXyFXBPxJA5zYLirkMVdwr_B6QFvpl9ccs0yziaDxtaEd5fqE5Vfhz0tU_AHK0_HT-OcwsDscozms95GY9L2RHr3ibHH2uHCq66zit-Vq_PpUYKgJKQkGJzvNRYn0D5vMVhQYeyPT13bI99sNxrXKgy3HaJTlrtQ5Nki5T2gzdpZkdl5B-2yo7zJuJsPXhh7ADX3-pUqdRrhW_bfikmGw",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "kid": "f056b9ad-0084-40a9-9401-3e25718e05fc"
      }
    ]
  },
  "id_token_signed_response_alg": "RS256",
  "redirect_uris": [
    "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb"
  ]
}
2022-04-29 10:54:14 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2022-04-29 10:54:14 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2022-04-29 10:54:14 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb"
]
2022-04-29 10:54:14 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2022-04-29 10:54:14 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2022-04-29 10:54:14 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2022-04-29 10:54:14 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2022-04-29 10:54:14 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2022-04-29 10:54:14 SUCCESS
ValidateIdTokenSignedResponseAlg
id_token_signed_response_alg is one of the known algorithms
alg
RS256
2022-04-29 10:54:14 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2022-04-29 10:54:14 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-04-29 10:54:14 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2022-04-29 10:54:14 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2022-04-29 10:54:14 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2022-04-29 10:54:14 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2022-04-29 10:54:14 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2022-04-29 10:54:14 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2022-04-29 10:54:14 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2022-04-29 10:54:14 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2022-04-29 10:54:14 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2022-04-29 10:54:14 SUCCESS
OIDCCExtractServerSigningAlg
Selected signing algorithm based on client id_token_signed_response_alg.
selected_algorithm
RS256
id_token_signed_response_alg
RS256
2022-04-29 10:54:14
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2022-04-29 10:54:14
oidcc-client-test-invalid-iss
Setup Done
2022-04-29 10:54:16 INCOMING
oidcc-client-test-invalid-iss
Incoming HTTP request to /test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "accept-encoding": "br, gzip, deflate",
  "accept-language": "*",
  "sec-fetch-mode": "cors",
  "user-agent": "oauth4webapi/v0.6.0 (https://github.com/panva/oauth4webapi)",
  "connection": "close"
}
incoming_path
/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
Discovery endpoint
2022-04-29 10:54:16 OUTGOING
oidcc-client-test-invalid-iss
Response to HTTP request to test instance iwgwKLJ8cpyjl7C
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "gender",
    "birthdate",
    "preferred_username",
    "profile",
    "website",
    "locale",
    "updated_at",
    "address",
    "zoneinfo",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-04-29 10:54:17 INCOMING
oidcc-client-test-invalid-iss
Incoming HTTP request to /test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "*/*",
  "accept-encoding": "br, gzip, deflate",
  "accept-language": "*",
  "sec-fetch-mode": "cors",
  "user-agent": "undici",
  "connection": "close"
}
incoming_path
/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "client_id": "client-c652cf14-abb3-4246-acf5-6314dbc95d5d",
  "code_challenge": "5oulWDa8Ktip-BQOh2E7WVkOASCDkpdflskT8kbdgEw",
  "code_challenge_method": "S256",
  "redirect_uri": "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb",
  "response_type": "code",
  "scope": "openid email"
}
incoming_body
Authorization endpoint
2022-04-29 10:54:17 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2022-04-29 10:54:17 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "email"
]
expected
openid
2022-04-29 10:54:17 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client-c652cf14-abb3-4246-acf5-6314dbc95d5d",
  "code_challenge": "5oulWDa8Ktip-BQOh2E7WVkOASCDkpdflskT8kbdgEw",
  "code_challenge_method": "S256",
  "redirect_uri": "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb",
  "response_type": "code",
  "scope": "openid email"
}
2022-04-29 10:54:17 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid email
2022-04-29 10:54:17 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2022-04-29 10:54:17 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2022-04-29 10:54:17 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client-c652cf14-abb3-4246-acf5-6314dbc95d5d
2022-04-29 10:54:17 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb
expected
[
  "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb"
]
2022-04-29 10:54:17 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "email"
]
expected
openid
2022-04-29 10:54:17 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2022-04-29 10:54:17 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
ABaQ5pOB83wEwZ5aQEpeCwA98VEVfzfr
2022-04-29 10:54:17 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
qzezuLq7ONqU1Y-tIVtaMw
2022-04-29 10:54:17 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb"
}
2022-04-29 10:54:17 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb",
  "code": "ABaQ5pOB83wEwZ5aQEpeCwA98VEVfzfr"
}
2022-04-29 10:54:17
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb?code=ABaQ5pOB83wEwZ5aQEpeCwA98VEVfzfr
2022-04-29 10:54:17 OUTGOING
oidcc-client-test-invalid-iss
Response to HTTP request to test instance iwgwKLJ8cpyjl7C
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb?code=ABaQ5pOB83wEwZ5aQEpeCwA98VEVfzfr]
outgoing_path
authorize
2022-04-29 10:54:17 INCOMING
oidcc-client-test-invalid-iss
Incoming HTTP request to /test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "accept-encoding": "br, gzip, deflate",
  "accept-language": "*",
  "authorization": "Basic Y2xpZW50LWM2NTJjZjE0LWFiYjMtNDI0Ni1hY2Y1LTYzMTRkYmM5NWQ1ZDpjbGllbnQtYzY1MmNmMTQtYWJiMy00MjQ2LWFjZjUtNjMxNGRiYzk1ZDVk",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "sec-fetch-mode": "cors",
  "user-agent": "oauth4webapi/v0.6.0 (https://github.com/panva/oauth4webapi)",
  "connection": "close",
  "content-length": "207"
}
incoming_path
/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/token
incoming_body_form_params
{
  "redirect_uri": "https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb",
  "code_verifier": "uoWtimIGHJHDMPMqamYTN9nxIpg2uT119UZnhwAHLx0",
  "code": "ABaQ5pOB83wEwZ5aQEpeCwA98VEVfzfr",
  "grant_type": "authorization_code"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
redirect_uri=https%3A%2F%2Fclient-c652cf14-abb3-4246-acf5-6314dbc95d5d.local%2Fcb&code_verifier=uoWtimIGHJHDMPMqamYTN9nxIpg2uT119UZnhwAHLx0&code=ABaQ5pOB83wEwZ5aQEpeCwA98VEVfzfr&grant_type=authorization_code
Token endpoint
2022-04-29 10:54:17
CheckClientIdMatchesOnTokenRequestIfPresent
Condition ran but did not log anything
2022-04-29 10:54:17 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client-c652cf14-abb3-4246-acf5-6314dbc95d5d
client_secret
client-c652cf14-abb3-4246-acf5-6314dbc95d5d
method
client_secret_basic
2022-04-29 10:54:17 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2022-04-29 10:54:17 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
ABaQ5pOB83wEwZ5aQEpeCwA98VEVfzfr
2022-04-29 10:54:17 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://client-c652cf14-abb3-4246-acf5-6314dbc95d5d.local/cb
2022-04-29 10:54:17 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
3IPqOLFgl4LFTQkkApG6LUO0TnVvhwUIJIkyEC6LGleigd1Ey0
2022-04-29 10:54:17 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
McajlSdyRnO2uMZfWhWQsA
2022-04-29 10:54:17 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/
sub
user-subject-1234531
aud
client-c652cf14-abb3-4246-acf5-6314dbc95d5d
iat
1651229657
exp
1651229957
2022-04-29 10:54:17 SUCCESS
AddInvalidIssValueToIdToken
Added invalid iss to ID token claims
iss
https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/1
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/1",
  "sub": "user-subject-1234531",
  "aud": "client-c652cf14-abb3-4246-acf5-6314dbc95d5d",
  "iat": 1651229657,
  "exp": 1651229957
}
2022-04-29 10:54:17 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
McajlSdyRnO2uMZfWhWQsA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/1",
  "sub": "user-subject-1234531",
  "aud": "client-c652cf14-abb3-4246-acf5-6314dbc95d5d",
  "iat": 1651229657,
  "exp": 1651229957,
  "at_hash": "McajlSdyRnO2uMZfWhWQsA"
}
2022-04-29 10:54:17 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJlNmQ0YzU0Zi1jNWE0LTRmMDMtYjBlMS0yN2FlZWI3MGUwNGYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTWNhamxTZHlSbk8ydU1aZldoV1FzQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50LWM2NTJjZjE0LWFiYjMtNDI0Ni1hY2Y1LTYzMTRkYmM5NWQ1ZCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9jNjUyY2YxNC1hYmIzLTQyNDYtYWNmNS02MzE0ZGJjOTVkNWRcLzEiLCJleHAiOjE2NTEyMjk5NTcsImlhdCI6MTY1MTIyOTY1N30.HZ9Awe_Qe30iZwL6V9-o95FfAP7OWqCN8Fpe8E8DmEx5DduUDtA_bLURY0-EZjV8NR0TaIoJECyrz7dE-zl5mXuxgWfSHt6YbD1HSsmS67dFe9rY2pU9N_fg13lV1XWAzsOytht9PxD_B6TucJNFzeMMFvYS2fj1WCyPvRWobG3b75GCNBJ-3B9h0XXwmWUVQng6HopeKO38k-tE4RHiv2-Za7OyWOYrBDfLG7405Qb6DSTgkvtcq3nPsObXoiYCJeLsZDKSddRCFrItraG1msu4g0sEYLXwUVcbC5L15HTDmwciWqGwtOgEr8qJb3Psn2Ut_p0Ghse6K_opvuYg3g
key
{"p":"6LQfN32mn4TyMT6mZzlwfzlT--lGQvd-LAsvoSNoP4CUGf9huoXOvLtWvAB-P_ZZnul1kuvsIcP21J7aksOKqI81GV5F9-duu1xEff6kpjSIgm6NUs4_UCDVp1k5qEj0kFgKJnwacJSuYMKKiGVit_NA7oVaArMlWgA6MhkPxq0","kty":"RSA","q":"tHpJYnySynY4Kg7mdiNwUbJKaCsY_UzsrHbjdNxEBzNvo7GJm9qY2crlD_vjUtHmgoWKa3sqWTIDtH7C3UYkSdrFk_Er4zzf-sCemPCP6cWDQwHX4TW9N-I2466wXUZZOy-L1KGSpAUl2uhnjXR8IomTJNPms74faO6n1pN0KGE","d":"IcLRnxelja2NHuPdTjvqOQgEIGgra-JwZ8IVKoqLl1U1niH_EsJuQdBbHV6svr1F0rfoytbm3sGUgmxUOmVbQfyoj5rN1hoD8-b97Tvwax84K0xHOiY7lwl7dtX9uijhYaOfEJqK9ZCettaPSxnOYQK_AHo7Yh5nxnLtSUGz6HdQ1oSaLo3XmOaOq9GRMVoJN5Fyz6ee28jb6OM2mSU6Z8IVbY3yCI9jSSL2BBrcwGJBtl03nlwIUlsVK4QK64E0WaHFaRVwlB9rhWcKalILkUp9CSht4UAVD95AidklRlBy_l7BPaZV5eK8wCxfIw2Vi4zeap7WDkUSPgfctuX3gQ","e":"AQAB","use":"sig","kid":"e6d4c54f-c5a4-4f03-b0e1-27aeeb70e04f","qi":"z3KfahlrqbjkM-ZkKEZb_8usowr4lz0xezVcEbX9iLXkcrjgLrW3qiHBHfEIhxMJ62ZljN5AiREORJ-KRm5__953IoL2gjnRTh46HRCDCS8qhZQwYOFuYJ6ry4N3DGTfxSQ3pb4x8zeOATFk3euax1QiX80tpNCftL3DGVr1N2U","dp":"m7L5OB3AgPdpPX3XxTVvihCHmwQIWQJTz5BkfAK-285iScrQTwb8vtbyP7RsxMtGR8eZPYbRZf5Chx0Kziw7-HBpbOHhGvAk7QPdaBgbfoGj3PGvaXpKboipq-FNbMXzrSjbEcjzv-QbkO5Z1s1Pchk2luFuymOnWELSrXaLUbk","dq":"Nr5NGjGdOQpo-ODyKO2Q-UbyaOyBtPurYpjhX6YcgG6qs2V7zymcaZuwpYuLJakDmZ22IeoHK20PUKWOqB3JjhltCvYBkPj7G41nzg5SKN-_dAjQGcD6N0RH0AJB_tkC4gAHEyU7XMMu-1q5Zl_p83P1jRs1hFnsHyEdCepKNqE","n":"pA3OfsfifYZiJDJq-urOfvN5sl9SDpMvoK966lZA1m1jUPxSUSeE7iZ5Pzj3AsCrlxrF81pJyuYnED6wPFCDCLX27pUHtGA8ZZFMU-64cR8PD9uanD5KntFCO0l8sM2FKcv3gCxBhnlfERab8YTqbw_GDfSlheic8_-KF4416PLGxBpfw9MR7BjnnpEUKPzhlBIlT4G_7H2rWM_JpN0HzJEPUpIUbSYoHtQWEiZ7Zuo0UA8o0VaS7CxLoLjzIfZ3KmnQHoId1WcFA7Wp_SpPd0QrtAjIw_ZF_oS4lnnrvCuYwFqeg53F48-dHaHz02SDAXBxQhTcH0qA5jq_U2lPjQ"}
algorithm
RS256
2022-04-29 10:54:17 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2022-04-29 10:54:17 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
3IPqOLFgl4LFTQkkApG6LUO0TnVvhwUIJIkyEC6LGleigd1Ey0
token_type
Bearer
id_token
eyJraWQiOiJlNmQ0YzU0Zi1jNWE0LTRmMDMtYjBlMS0yN2FlZWI3MGUwNGYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTWNhamxTZHlSbk8ydU1aZldoV1FzQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50LWM2NTJjZjE0LWFiYjMtNDI0Ni1hY2Y1LTYzMTRkYmM5NWQ1ZCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9jNjUyY2YxNC1hYmIzLTQyNDYtYWNmNS02MzE0ZGJjOTVkNWRcLzEiLCJleHAiOjE2NTEyMjk5NTcsImlhdCI6MTY1MTIyOTY1N30.HZ9Awe_Qe30iZwL6V9-o95FfAP7OWqCN8Fpe8E8DmEx5DduUDtA_bLURY0-EZjV8NR0TaIoJECyrz7dE-zl5mXuxgWfSHt6YbD1HSsmS67dFe9rY2pU9N_fg13lV1XWAzsOytht9PxD_B6TucJNFzeMMFvYS2fj1WCyPvRWobG3b75GCNBJ-3B9h0XXwmWUVQng6HopeKO38k-tE4RHiv2-Za7OyWOYrBDfLG7405Qb6DSTgkvtcq3nPsObXoiYCJeLsZDKSddRCFrItraG1msu4g0sEYLXwUVcbC5L15HTDmwciWqGwtOgEr8qJb3Psn2Ut_p0Ghse6K_opvuYg3g
scope
openid email
2022-04-29 10:54:17 OUTGOING
oidcc-client-test-invalid-iss
Response to HTTP request to test instance iwgwKLJ8cpyjl7C
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "3IPqOLFgl4LFTQkkApG6LUO0TnVvhwUIJIkyEC6LGleigd1Ey0",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJlNmQ0YzU0Zi1jNWE0LTRmMDMtYjBlMS0yN2FlZWI3MGUwNGYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiTWNhamxTZHlSbk8ydU1aZldoV1FzQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50LWM2NTJjZjE0LWFiYjMtNDI0Ni1hY2Y1LTYzMTRkYmM5NWQ1ZCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9jNjUyY2YxNC1hYmIzLTQyNDYtYWNmNS02MzE0ZGJjOTVkNWRcLzEiLCJleHAiOjE2NTEyMjk5NTcsImlhdCI6MTY1MTIyOTY1N30.HZ9Awe_Qe30iZwL6V9-o95FfAP7OWqCN8Fpe8E8DmEx5DduUDtA_bLURY0-EZjV8NR0TaIoJECyrz7dE-zl5mXuxgWfSHt6YbD1HSsmS67dFe9rY2pU9N_fg13lV1XWAzsOytht9PxD_B6TucJNFzeMMFvYS2fj1WCyPvRWobG3b75GCNBJ-3B9h0XXwmWUVQng6HopeKO38k-tE4RHiv2-Za7OyWOYrBDfLG7405Qb6DSTgkvtcq3nPsObXoiYCJeLsZDKSddRCFrItraG1msu4g0sEYLXwUVcbC5L15HTDmwciWqGwtOgEr8qJb3Psn2Ut_p0Ghse6K_opvuYg3g",
  "scope": "openid email"
}
outgoing_path
token
2022-04-29 10:54:17 INCOMING
oidcc-client-test-invalid-iss
Incoming HTTP request to /test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/jwk-set+json",
  "accept-encoding": "br, gzip, deflate",
  "accept-language": "*",
  "sec-fetch-mode": "cors",
  "user-agent": "oauth4webapi/v0.6.0 (https://github.com/panva/oauth4webapi)",
  "connection": "close"
}
incoming_path
/test/a/c652cf14-abb3-4246-acf5-6314dbc95d5d/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
Jwks endpoint
2022-04-29 10:54:17 OUTGOING
oidcc-client-test-invalid-iss
Response to HTTP request to test instance iwgwKLJ8cpyjl7C
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e6d4c54f-c5a4-4f03-b0e1-27aeeb70e04f",
      "n": "pA3OfsfifYZiJDJq-urOfvN5sl9SDpMvoK966lZA1m1jUPxSUSeE7iZ5Pzj3AsCrlxrF81pJyuYnED6wPFCDCLX27pUHtGA8ZZFMU-64cR8PD9uanD5KntFCO0l8sM2FKcv3gCxBhnlfERab8YTqbw_GDfSlheic8_-KF4416PLGxBpfw9MR7BjnnpEUKPzhlBIlT4G_7H2rWM_JpN0HzJEPUpIUbSYoHtQWEiZ7Zuo0UA8o0VaS7CxLoLjzIfZ3KmnQHoId1WcFA7Wp_SpPd0QrtAjIw_ZF_oS4lnnrvCuYwFqeg53F48-dHaHz02SDAXBxQhTcH0qA5jq_U2lPjQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "9318f156-439f-4825-b719-c53d0d41bea5",
      "n": "yx_A62zrO1BtcjjlXNfv1pP-4AO8eijSvdieDOpClqIs7q5D_x0MYkyEv4oi8BLGYTI_odRy3kLcIRoVUP0JRIQLL3Ht2C3So4AdU4IRmWKR1nP6f34WImxo1v_siG-is3TDiMP0maNmNAOo2Wr5xWftuCPWG1w1muSBpD8-OqrIKRIafLsrK8XxWYnk1nVyJZy0v9rG3N29vPrh1yPTa0qlxrzEQ2FOi0unkVhhggId7FEtmWb1Pcz7DN3lQOncy8J6C7kwaXJm9_g2J1WFN9zbxTrYcqEFVt1BdB98zTLFD0PUvB8dk-woqx4TQc46g6pJ6CPRgZve1LTCz2URJw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "7fe5d010-eba0-48a3-b64a-38dc58b347e6",
      "x": "58_8UKpj_3ELBsMDywYuOM2ofTR2lbCVZ_bX7CtMkvE",
      "y": "EoLmO24eRggyz7AGaSMGzJ4imrLpiyxVhPs9PWHEkmw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "ad02714e-8092-452f-85c5-1f6bc271fff4",
      "x": "skorw_tCx_XP5k-3L5IgmBrP9d16Of_QgRV67WgTl04",
      "y": "hUMq3ct7zVLOOKJEk6COlFmhAMELX8UY8QW_hczghnc"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "de94a4cd-965e-4325-9927-829ed43ed44f",
      "x": "JY2Nf9AC1fKKJ_SQTKVQsetRDd_BJLRK30I_JRGt3RA",
      "y": "vMQHngjmurwN_x9MKV_s5XXpqShn8nMwDjdefHkf3Jo"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "4e31e274-9a08-4caf-b4b7-2154fdf83cc2",
      "x": "Owt9Hk2G02v-pJlsl87eTQ-qwk7UAfYDMfJci6hiOns"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "6a0adcd7-dc00-4629-96d3-8b1485c53620",
      "alg": "RSA-OAEP",
      "n": "n5kLbqwYoc9Imc4wzc3-9NsKVJrCQpeEary6uX1fh1aZ3r2W9zDzmXcxEyLlX32rO9_TMYWcExSnLeXRyAuFAnVDD5ALO9ICpGpn2dm4oAsMNdshHZuV_GhtnGMrnGclXIjLVamuhKX5y_3UDdyKu0WxEK5pWwuGg9picD5AX_Ac8WLWBOGyKr8-uNiy6ysmwdI58S3-_xmRPR-SDDEuAf38vFGfXT8K-neJDWwLHxakj7ISREc7c6mzlqB6Cc2RU7VnT9jruhCNYJDv-TmWIfbdltpYrwHbmswIMw0ZlfpcwShvty7f7B3E7crEb2VWWhac1GQXzH22NixAUwG4nw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "4c65a2a1-0c15-41f3-8657-7b3bf1cd87e6",
      "x": "6CcsxclTBueASQo_4-z8u-78vRV9qHuBitF0g75Qqdc",
      "y": "g96NKc8fP52_ujJ6AT3BZybYG2Z45UtaKD-1QpgiyrM",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2022-04-29 10:54:19 FINISHED
oidcc-client-test-invalid-iss
Test has run to completion
testmodule_result
PASSED
2022-04-29 10:54:21
TEST-RUNNER
Alias has now been claimed by another test
alias
c652cf14-abb3-4246-acf5-6314dbc95d5d
new_test_id
CG9f1RddQ9R5btM
Test Results