Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-08-04 04:46:23 INFO
TEST-RUNNER
Test instance 31CIWzYr5jxQwrN created
baseUrl
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "server_metadata": "discovery",
  "response_mode": "form_post",
  "client_registration": "dynamic_client"
}
alias
isva_op_oidc_core_test_gh
description
isva_op_oidc_core_test_gh dynamic_client
planId
ivimxTzySgCH5
config
{
  "alias": "isva_op_oidc_core_test_gh",
  "description": "isva_op_oidc_core_test_gh dynamic_client",
  "server": {
    "discoveryUrl": "https://isamfed.com:8843/oauth2/.well-known/openid-configuration",
    "login_hint": "testuser"
  },
  "client": {
    "client_id": "client01",
    "client_secret": "secret"
  },
  "client2": {
    "client_id": "client01dup",
    "client_secret": "secret"
  },
  "consent": {},
  "client_secret_post": {
    "client_id": "client01",
    "client_secret": "secret"
  }
}
testName
oidcc-max-age-1
2022-08-04 04:46:23 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
2022-08-04 04:46:23
GetDynamicServerConfiguration
HTTP request
request_uri
https://isamfed.com:8843/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-08-04 04:46:24 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json",
  "date": "Thu, 04 Aug 2022 04:46:24 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "transfer-encoding": "chunked",
  "x-correlation-id": "CORR_ID-7b625b89-3d54-43ce-bd00-56b4c1059882",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"authorization_endpoint":"https://isamfed.com:8843/oauth2/authorize","backchannel_authentication_endpoint":"https://isamfed.com:8843/oauth2/ciba","backchannel_authentication_request_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"backchannel_token_delivery_modes_supported":["poll","ping"],"backchannel_user_code_parameter_supported":false,"claim_types_supported":["normal"],"claims_parameter_supported":true,"claims_supported":["iss","name","displayName"],"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"grant_types_supported":["authorization_code","implicit","password","client_credentials","refresh_token","urn:openid:params:grant-type:ciba"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256"],"introspection_endpoint":"https://isamfed.com:8843/oauth2/introspect","issuer":"https://isamfed.com:8843/oauth2/","jwks_uri":"https://isamfed.com:8843/oauth2/jwks","mtls_endpoint_aliases":{"backchannel_authentication_endpoint":"https://isamfed.com:8843/oauth2/ciba","introspection_endpoint":"https://isamfed.com:8843/oauth2/introspect","pushed_authorization_request_endpoint":"https://isamfed.com:8843/oauth2/par","registration_endpoint":"https://isamfed.com:8843/oauth2/register","revocation_endpoint":"https://isamfed.com:8843/oauth2/revoke","token_endpoint":"https://isamfed.com:8843/oauth2/token"},"pushed_authorization_request_endpoint":"https://isamfed.com:8843/oauth2/par","registration_endpoint":"https://isamfed.com:8843/oauth2/register","request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_pushed_authorization_requests":false,"require_request_uri_registration":false,"response_modes_supported":["query","fragment","form_post"],"response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"revocation_endpoint":"https://isamfed.com:8843/oauth2/revoke","scopes_supported":["openid","profile","email","phone","address"],"subject_types_supported":["public"],"tls_client_certificate_bound_access_tokens":true,"token_endpoint":"https://isamfed.com:8843/oauth2/token","token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_endpoint":"https://isamfed.com:8843/oauth2/userinfo","userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-08-04 04:46:24 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
authorization_endpoint
https://isamfed.com:8843/oauth2/authorize
backchannel_authentication_endpoint
https://isamfed.com:8843/oauth2/ciba
backchannel_authentication_request_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
backchannel_token_delivery_modes_supported
[
  "poll",
  "ping"
]
backchannel_user_code_parameter_supported
false
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
claims_supported
[
  "iss",
  "name",
  "displayName"
]
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "client_credentials",
  "refresh_token",
  "urn:openid:params:grant-type:ciba"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256"
]
introspection_endpoint
https://isamfed.com:8843/oauth2/introspect
issuer
https://isamfed.com:8843/oauth2/
jwks_uri
https://isamfed.com:8843/oauth2/jwks
mtls_endpoint_aliases
{
  "backchannel_authentication_endpoint": "https://isamfed.com:8843/oauth2/ciba",
  "introspection_endpoint": "https://isamfed.com:8843/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://isamfed.com:8843/oauth2/par",
  "registration_endpoint": "https://isamfed.com:8843/oauth2/register",
  "revocation_endpoint": "https://isamfed.com:8843/oauth2/revoke",
  "token_endpoint": "https://isamfed.com:8843/oauth2/token"
}
pushed_authorization_request_endpoint
https://isamfed.com:8843/oauth2/par
registration_endpoint
https://isamfed.com:8843/oauth2/register
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_parameter_supported
true
request_uri_parameter_supported
true
require_pushed_authorization_requests
false
require_request_uri_registration
false
response_modes_supported
[
  "query",
  "fragment",
  "form_post"
]
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
revocation_endpoint
https://isamfed.com:8843/oauth2/revoke
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
subject_types_supported
[
  "public"
]
tls_client_certificate_bound_access_tokens
true
token_endpoint
https://isamfed.com:8843/oauth2/token
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_endpoint
https://isamfed.com:8843/oauth2/userinfo
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-08-04 04:46:24 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-08-04 04:46:24 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "isamfed.com",
  "testPort": 8843
}
authorization_endpoint
{
  "testHost": "isamfed.com",
  "testPort": 8843
}
token_endpoint
{
  "testHost": "isamfed.com",
  "testPort": 8843
}
userinfo_endpoint
{
  "testHost": "isamfed.com",
  "testPort": 8843
}
2022-08-04 04:46:24
FetchServerKeys
Fetching server key
jwks_uri
https://isamfed.com:8843/oauth2/jwks
2022-08-04 04:46:24
FetchServerKeys
HTTP request
request_uri
https://isamfed.com:8843/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-08-04 04:46:25 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json",
  "date": "Thu, 04 Aug 2022 04:46:25 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "transfer-encoding": "chunked",
  "x-correlation-id": "CORR_ID-f4c76963-7832-4a89-b03c-9086b53cfd5a",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"keys":[{"use":"sig","kty":"EC","kid":"es256","crv":"P-256","x":"2eFMhRrJ32E2iMUd8yqTH1S1R0iUNeJVkpxEtEcAK58","y":"GpCy6KiKO4cFyeuAz8wUpBUHQmx0SX0YnswvZaSKkEc"},{"use":"sig","kty":"RSA","kid":"httpserver","n":"p30DhlZ8sr5ZDi6prRvKL4M9ErQJ4ZYZST153m_xBP68ft-vuLOLLzl8pAXBW5IqR0YEchGQPJtUQjqE4j7ht-rqN2WQxLVzUdc9FGi2VDADdRvBncpBgSjueU-tSblcZ6LSF0UPeM2z5xTdMSgWRJ9xff_cvHJTpACdG2EWwe8u9a9yzVz_dqLbVugy415Cotp3DiZyIjHVEADvJY9Xlxk4E39lCKOMQlAFMPH76HnXCrVCi4MZeokCYHBzH_8ue29ImhLAZRE83F9r0mhfx37lAraut3rr6sRponY4wBRaEXpNrVlcTTNMyvL272TCkEZqtm4mwepVhNYj7Pxblw","e":"AQAB"},{"use":"sig","kty":"RSA","kid":"mtls01","n":"ppY9BFOF6YXRPSRv-p21I6l-9OiTF_JbjzQ3zbvkhwkQ8p30chePHLQVeBBev1oV5j_oGYzD2_hUkUcqueHETuOFTaZ8Z0VpN9c2HDXTZ4IeTUpPJPPWcqJ4ykWxtZdhgWbxjn5lROzupAUrsT9nJci4_8KgEu6vaTnIo-NLVwzFkNr9cMYRBcg7O20RL7V7LSgGyqw2vUK3jvBCgsCZSWRjjBQiYGQjEYkvGmAm22Omw2HmdJ0mFV4m7DpyY2WRhLqSAedzkwsYioTDPXqa-ts8DgBqUySPYp1ACSoeHxVO5gnKd6ukaCNyh5U7bui0zMRw_NKRGChA1nJN3cg1Mw","e":"AQAB"},{"use":"sig","kty":"RSA","kid":"rsa256","n":"toihHnUntP41DGJEpUQjHuzyWtb4NQEg5r38YoaCRVfnX7pmYOgn6zOU3jgUXuNqJefTHNLRq7_wxZT2zsCFrJvfg8ccl4Ds1Vp3Hur3mQVsqhXrKRqBvvsF_1pbJSbyLCk0_HkrcP9XRNP4Lq2MiofAtt89Lmya9ZlwbA4NLkEJFNtC-6wuq48kpA-TWXOcQXPUW-0RZS7t8DGgRlQpeUwj8-g6N_uUSk21hawGNlWmOYkrQ7w4kCIKO2U4Y6_2dygwNnESxiPA_61UuH9wVjWxo1XiyKJnpDGiYXGeihoGn6EcLMKeA8wACuR_1ah7BD3iKMQRW3DWEBfjp0LMyQ","e":"AQAB"},{"use":"enc","kty":"EC","kid":"es256_dup","crv":"P-256","x":"2eFMhRrJ32E2iMUd8yqTH1S1R0iUNeJVkpxEtEcAK58","y":"GpCy6KiKO4cFyeuAz8wUpBUHQmx0SX0YnswvZaSKkEc"},{"use":"enc","kty":"RSA","kid":"httpserver_dup","n":"p30DhlZ8sr5ZDi6prRvKL4M9ErQJ4ZYZST153m_xBP68ft-vuLOLLzl8pAXBW5IqR0YEchGQPJtUQjqE4j7ht-rqN2WQxLVzUdc9FGi2VDADdRvBncpBgSjueU-tSblcZ6LSF0UPeM2z5xTdMSgWRJ9xff_cvHJTpACdG2EWwe8u9a9yzVz_dqLbVugy415Cotp3DiZyIjHVEADvJY9Xlxk4E39lCKOMQlAFMPH76HnXCrVCi4MZeokCYHBzH_8ue29ImhLAZRE83F9r0mhfx37lAraut3rr6sRponY4wBRaEXpNrVlcTTNMyvL272TCkEZqtm4mwepVhNYj7Pxblw","e":"AQAB"},{"use":"enc","kty":"RSA","kid":"mtls01_dup","n":"ppY9BFOF6YXRPSRv-p21I6l-9OiTF_JbjzQ3zbvkhwkQ8p30chePHLQVeBBev1oV5j_oGYzD2_hUkUcqueHETuOFTaZ8Z0VpN9c2HDXTZ4IeTUpPJPPWcqJ4ykWxtZdhgWbxjn5lROzupAUrsT9nJci4_8KgEu6vaTnIo-NLVwzFkNr9cMYRBcg7O20RL7V7LSgGyqw2vUK3jvBCgsCZSWRjjBQiYGQjEYkvGmAm22Omw2HmdJ0mFV4m7DpyY2WRhLqSAedzkwsYioTDPXqa-ts8DgBqUySPYp1ACSoeHxVO5gnKd6ukaCNyh5U7bui0zMRw_NKRGChA1nJN3cg1Mw","e":"AQAB"},{"use":"enc","kty":"RSA","kid":"rsa256_dup","n":"toihHnUntP41DGJEpUQjHuzyWtb4NQEg5r38YoaCRVfnX7pmYOgn6zOU3jgUXuNqJefTHNLRq7_wxZT2zsCFrJvfg8ccl4Ds1Vp3Hur3mQVsqhXrKRqBvvsF_1pbJSbyLCk0_HkrcP9XRNP4Lq2MiofAtt89Lmya9ZlwbA4NLkEJFNtC-6wuq48kpA-TWXOcQXPUW-0RZS7t8DGgRlQpeUwj8-g6N_uUSk21hawGNlWmOYkrQ7w4kCIKO2U4Y6_2dygwNnESxiPA_61UuH9wVjWxo1XiyKJnpDGiYXGeihoGn6EcLMKeA8wACuR_1ah7BD3iKMQRW3DWEBfjp0LMyQ","e":"AQAB"}]}
2022-08-04 04:46:25
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"use":"sig","kty":"EC","kid":"es256","crv":"P-256","x":"2eFMhRrJ32E2iMUd8yqTH1S1R0iUNeJVkpxEtEcAK58","y":"GpCy6KiKO4cFyeuAz8wUpBUHQmx0SX0YnswvZaSKkEc"},{"use":"sig","kty":"RSA","kid":"httpserver","n":"p30DhlZ8sr5ZDi6prRvKL4M9ErQJ4ZYZST153m_xBP68ft-vuLOLLzl8pAXBW5IqR0YEchGQPJtUQjqE4j7ht-rqN2WQxLVzUdc9FGi2VDADdRvBncpBgSjueU-tSblcZ6LSF0UPeM2z5xTdMSgWRJ9xff_cvHJTpACdG2EWwe8u9a9yzVz_dqLbVugy415Cotp3DiZyIjHVEADvJY9Xlxk4E39lCKOMQlAFMPH76HnXCrVCi4MZeokCYHBzH_8ue29ImhLAZRE83F9r0mhfx37lAraut3rr6sRponY4wBRaEXpNrVlcTTNMyvL272TCkEZqtm4mwepVhNYj7Pxblw","e":"AQAB"},{"use":"sig","kty":"RSA","kid":"mtls01","n":"ppY9BFOF6YXRPSRv-p21I6l-9OiTF_JbjzQ3zbvkhwkQ8p30chePHLQVeBBev1oV5j_oGYzD2_hUkUcqueHETuOFTaZ8Z0VpN9c2HDXTZ4IeTUpPJPPWcqJ4ykWxtZdhgWbxjn5lROzupAUrsT9nJci4_8KgEu6vaTnIo-NLVwzFkNr9cMYRBcg7O20RL7V7LSgGyqw2vUK3jvBCgsCZSWRjjBQiYGQjEYkvGmAm22Omw2HmdJ0mFV4m7DpyY2WRhLqSAedzkwsYioTDPXqa-ts8DgBqUySPYp1ACSoeHxVO5gnKd6ukaCNyh5U7bui0zMRw_NKRGChA1nJN3cg1Mw","e":"AQAB"},{"use":"sig","kty":"RSA","kid":"rsa256","n":"toihHnUntP41DGJEpUQjHuzyWtb4NQEg5r38YoaCRVfnX7pmYOgn6zOU3jgUXuNqJefTHNLRq7_wxZT2zsCFrJvfg8ccl4Ds1Vp3Hur3mQVsqhXrKRqBvvsF_1pbJSbyLCk0_HkrcP9XRNP4Lq2MiofAtt89Lmya9ZlwbA4NLkEJFNtC-6wuq48kpA-TWXOcQXPUW-0RZS7t8DGgRlQpeUwj8-g6N_uUSk21hawGNlWmOYkrQ7w4kCIKO2U4Y6_2dygwNnESxiPA_61UuH9wVjWxo1XiyKJnpDGiYXGeihoGn6EcLMKeA8wACuR_1ah7BD3iKMQRW3DWEBfjp0LMyQ","e":"AQAB"},{"use":"enc","kty":"EC","kid":"es256_dup","crv":"P-256","x":"2eFMhRrJ32E2iMUd8yqTH1S1R0iUNeJVkpxEtEcAK58","y":"GpCy6KiKO4cFyeuAz8wUpBUHQmx0SX0YnswvZaSKkEc"},{"use":"enc","kty":"RSA","kid":"httpserver_dup","n":"p30DhlZ8sr5ZDi6prRvKL4M9ErQJ4ZYZST153m_xBP68ft-vuLOLLzl8pAXBW5IqR0YEchGQPJtUQjqE4j7ht-rqN2WQxLVzUdc9FGi2VDADdRvBncpBgSjueU-tSblcZ6LSF0UPeM2z5xTdMSgWRJ9xff_cvHJTpACdG2EWwe8u9a9yzVz_dqLbVugy415Cotp3DiZyIjHVEADvJY9Xlxk4E39lCKOMQlAFMPH76HnXCrVCi4MZeokCYHBzH_8ue29ImhLAZRE83F9r0mhfx37lAraut3rr6sRponY4wBRaEXpNrVlcTTNMyvL272TCkEZqtm4mwepVhNYj7Pxblw","e":"AQAB"},{"use":"enc","kty":"RSA","kid":"mtls01_dup","n":"ppY9BFOF6YXRPSRv-p21I6l-9OiTF_JbjzQ3zbvkhwkQ8p30chePHLQVeBBev1oV5j_oGYzD2_hUkUcqueHETuOFTaZ8Z0VpN9c2HDXTZ4IeTUpPJPPWcqJ4ykWxtZdhgWbxjn5lROzupAUrsT9nJci4_8KgEu6vaTnIo-NLVwzFkNr9cMYRBcg7O20RL7V7LSgGyqw2vUK3jvBCgsCZSWRjjBQiYGQjEYkvGmAm22Omw2HmdJ0mFV4m7DpyY2WRhLqSAedzkwsYioTDPXqa-ts8DgBqUySPYp1ACSoeHxVO5gnKd6ukaCNyh5U7bui0zMRw_NKRGChA1nJN3cg1Mw","e":"AQAB"},{"use":"enc","kty":"RSA","kid":"rsa256_dup","n":"toihHnUntP41DGJEpUQjHuzyWtb4NQEg5r38YoaCRVfnX7pmYOgn6zOU3jgUXuNqJefTHNLRq7_wxZT2zsCFrJvfg8ccl4Ds1Vp3Hur3mQVsqhXrKRqBvvsF_1pbJSbyLCk0_HkrcP9XRNP4Lq2MiofAtt89Lmya9ZlwbA4NLkEJFNtC-6wuq48kpA-TWXOcQXPUW-0RZS7t8DGgRlQpeUwj8-g6N_uUSk21hawGNlWmOYkrQ7w4kCIKO2U4Y6_2dygwNnESxiPA_61UuH9wVjWxo1XiyKJnpDGiYXGeihoGn6EcLMKeA8wACuR_1ah7BD3iKMQRW3DWEBfjp0LMyQ","e":"AQAB"}]}
2022-08-04 04:46:25 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "EC",
      "kid": "es256",
      "crv": "P-256",
      "x": "2eFMhRrJ32E2iMUd8yqTH1S1R0iUNeJVkpxEtEcAK58",
      "y": "GpCy6KiKO4cFyeuAz8wUpBUHQmx0SX0YnswvZaSKkEc"
    },
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "httpserver",
      "n": "p30DhlZ8sr5ZDi6prRvKL4M9ErQJ4ZYZST153m_xBP68ft-vuLOLLzl8pAXBW5IqR0YEchGQPJtUQjqE4j7ht-rqN2WQxLVzUdc9FGi2VDADdRvBncpBgSjueU-tSblcZ6LSF0UPeM2z5xTdMSgWRJ9xff_cvHJTpACdG2EWwe8u9a9yzVz_dqLbVugy415Cotp3DiZyIjHVEADvJY9Xlxk4E39lCKOMQlAFMPH76HnXCrVCi4MZeokCYHBzH_8ue29ImhLAZRE83F9r0mhfx37lAraut3rr6sRponY4wBRaEXpNrVlcTTNMyvL272TCkEZqtm4mwepVhNYj7Pxblw",
      "e": "AQAB"
    },
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "mtls01",
      "n": "ppY9BFOF6YXRPSRv-p21I6l-9OiTF_JbjzQ3zbvkhwkQ8p30chePHLQVeBBev1oV5j_oGYzD2_hUkUcqueHETuOFTaZ8Z0VpN9c2HDXTZ4IeTUpPJPPWcqJ4ykWxtZdhgWbxjn5lROzupAUrsT9nJci4_8KgEu6vaTnIo-NLVwzFkNr9cMYRBcg7O20RL7V7LSgGyqw2vUK3jvBCgsCZSWRjjBQiYGQjEYkvGmAm22Omw2HmdJ0mFV4m7DpyY2WRhLqSAedzkwsYioTDPXqa-ts8DgBqUySPYp1ACSoeHxVO5gnKd6ukaCNyh5U7bui0zMRw_NKRGChA1nJN3cg1Mw",
      "e": "AQAB"
    },
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "rsa256",
      "n": "toihHnUntP41DGJEpUQjHuzyWtb4NQEg5r38YoaCRVfnX7pmYOgn6zOU3jgUXuNqJefTHNLRq7_wxZT2zsCFrJvfg8ccl4Ds1Vp3Hur3mQVsqhXrKRqBvvsF_1pbJSbyLCk0_HkrcP9XRNP4Lq2MiofAtt89Lmya9ZlwbA4NLkEJFNtC-6wuq48kpA-TWXOcQXPUW-0RZS7t8DGgRlQpeUwj8-g6N_uUSk21hawGNlWmOYkrQ7w4kCIKO2U4Y6_2dygwNnESxiPA_61UuH9wVjWxo1XiyKJnpDGiYXGeihoGn6EcLMKeA8wACuR_1ah7BD3iKMQRW3DWEBfjp0LMyQ",
      "e": "AQAB"
    },
    {
      "use": "enc",
      "kty": "EC",
      "kid": "es256_dup",
      "crv": "P-256",
      "x": "2eFMhRrJ32E2iMUd8yqTH1S1R0iUNeJVkpxEtEcAK58",
      "y": "GpCy6KiKO4cFyeuAz8wUpBUHQmx0SX0YnswvZaSKkEc"
    },
    {
      "use": "enc",
      "kty": "RSA",
      "kid": "httpserver_dup",
      "n": "p30DhlZ8sr5ZDi6prRvKL4M9ErQJ4ZYZST153m_xBP68ft-vuLOLLzl8pAXBW5IqR0YEchGQPJtUQjqE4j7ht-rqN2WQxLVzUdc9FGi2VDADdRvBncpBgSjueU-tSblcZ6LSF0UPeM2z5xTdMSgWRJ9xff_cvHJTpACdG2EWwe8u9a9yzVz_dqLbVugy415Cotp3DiZyIjHVEADvJY9Xlxk4E39lCKOMQlAFMPH76HnXCrVCi4MZeokCYHBzH_8ue29ImhLAZRE83F9r0mhfx37lAraut3rr6sRponY4wBRaEXpNrVlcTTNMyvL272TCkEZqtm4mwepVhNYj7Pxblw",
      "e": "AQAB"
    },
    {
      "use": "enc",
      "kty": "RSA",
      "kid": "mtls01_dup",
      "n": "ppY9BFOF6YXRPSRv-p21I6l-9OiTF_JbjzQ3zbvkhwkQ8p30chePHLQVeBBev1oV5j_oGYzD2_hUkUcqueHETuOFTaZ8Z0VpN9c2HDXTZ4IeTUpPJPPWcqJ4ykWxtZdhgWbxjn5lROzupAUrsT9nJci4_8KgEu6vaTnIo-NLVwzFkNr9cMYRBcg7O20RL7V7LSgGyqw2vUK3jvBCgsCZSWRjjBQiYGQjEYkvGmAm22Omw2HmdJ0mFV4m7DpyY2WRhLqSAedzkwsYioTDPXqa-ts8DgBqUySPYp1ACSoeHxVO5gnKd6ukaCNyh5U7bui0zMRw_NKRGChA1nJN3cg1Mw",
      "e": "AQAB"
    },
    {
      "use": "enc",
      "kty": "RSA",
      "kid": "rsa256_dup",
      "n": "toihHnUntP41DGJEpUQjHuzyWtb4NQEg5r38YoaCRVfnX7pmYOgn6zOU3jgUXuNqJefTHNLRq7_wxZT2zsCFrJvfg8ccl4Ds1Vp3Hur3mQVsqhXrKRqBvvsF_1pbJSbyLCk0_HkrcP9XRNP4Lq2MiofAtt89Lmya9ZlwbA4NLkEJFNtC-6wuq48kpA-TWXOcQXPUW-0RZS7t8DGgRlQpeUwj8-g6N_uUSk21hawGNlWmOYkrQ7w4kCIKO2U4Y6_2dygwNnESxiPA_61UuH9wVjWxo1XiyKJnpDGiYXGeihoGn6EcLMKeA8wACuR_1ah7BD3iKMQRW3DWEBfjp0LMyQ",
      "e": "AQAB"
    }
  ]
}
2022-08-04 04:46:25 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "EC",
      "kid": "es256",
      "crv": "P-256",
      "x": "2eFMhRrJ32E2iMUd8yqTH1S1R0iUNeJVkpxEtEcAK58",
      "y": "GpCy6KiKO4cFyeuAz8wUpBUHQmx0SX0YnswvZaSKkEc"
    },
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "httpserver",
      "n": "p30DhlZ8sr5ZDi6prRvKL4M9ErQJ4ZYZST153m_xBP68ft-vuLOLLzl8pAXBW5IqR0YEchGQPJtUQjqE4j7ht-rqN2WQxLVzUdc9FGi2VDADdRvBncpBgSjueU-tSblcZ6LSF0UPeM2z5xTdMSgWRJ9xff_cvHJTpACdG2EWwe8u9a9yzVz_dqLbVugy415Cotp3DiZyIjHVEADvJY9Xlxk4E39lCKOMQlAFMPH76HnXCrVCi4MZeokCYHBzH_8ue29ImhLAZRE83F9r0mhfx37lAraut3rr6sRponY4wBRaEXpNrVlcTTNMyvL272TCkEZqtm4mwepVhNYj7Pxblw",
      "e": "AQAB"
    },
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "mtls01",
      "n": "ppY9BFOF6YXRPSRv-p21I6l-9OiTF_JbjzQ3zbvkhwkQ8p30chePHLQVeBBev1oV5j_oGYzD2_hUkUcqueHETuOFTaZ8Z0VpN9c2HDXTZ4IeTUpPJPPWcqJ4ykWxtZdhgWbxjn5lROzupAUrsT9nJci4_8KgEu6vaTnIo-NLVwzFkNr9cMYRBcg7O20RL7V7LSgGyqw2vUK3jvBCgsCZSWRjjBQiYGQjEYkvGmAm22Omw2HmdJ0mFV4m7DpyY2WRhLqSAedzkwsYioTDPXqa-ts8DgBqUySPYp1ACSoeHxVO5gnKd6ukaCNyh5U7bui0zMRw_NKRGChA1nJN3cg1Mw",
      "e": "AQAB"
    },
    {
      "use": "sig",
      "kty": "RSA",
      "kid": "rsa256",
      "n": "toihHnUntP41DGJEpUQjHuzyWtb4NQEg5r38YoaCRVfnX7pmYOgn6zOU3jgUXuNqJefTHNLRq7_wxZT2zsCFrJvfg8ccl4Ds1Vp3Hur3mQVsqhXrKRqBvvsF_1pbJSbyLCk0_HkrcP9XRNP4Lq2MiofAtt89Lmya9ZlwbA4NLkEJFNtC-6wuq48kpA-TWXOcQXPUW-0RZS7t8DGgRlQpeUwj8-g6N_uUSk21hawGNlWmOYkrQ7w4kCIKO2U4Y6_2dygwNnESxiPA_61UuH9wVjWxo1XiyKJnpDGiYXGeihoGn6EcLMKeA8wACuR_1ah7BD3iKMQRW3DWEBfjp0LMyQ",
      "e": "AQAB"
    },
    {
      "use": "enc",
      "kty": "EC",
      "kid": "es256_dup",
      "crv": "P-256",
      "x": "2eFMhRrJ32E2iMUd8yqTH1S1R0iUNeJVkpxEtEcAK58",
      "y": "GpCy6KiKO4cFyeuAz8wUpBUHQmx0SX0YnswvZaSKkEc"
    },
    {
      "use": "enc",
      "kty": "RSA",
      "kid": "httpserver_dup",
      "n": "p30DhlZ8sr5ZDi6prRvKL4M9ErQJ4ZYZST153m_xBP68ft-vuLOLLzl8pAXBW5IqR0YEchGQPJtUQjqE4j7ht-rqN2WQxLVzUdc9FGi2VDADdRvBncpBgSjueU-tSblcZ6LSF0UPeM2z5xTdMSgWRJ9xff_cvHJTpACdG2EWwe8u9a9yzVz_dqLbVugy415Cotp3DiZyIjHVEADvJY9Xlxk4E39lCKOMQlAFMPH76HnXCrVCi4MZeokCYHBzH_8ue29ImhLAZRE83F9r0mhfx37lAraut3rr6sRponY4wBRaEXpNrVlcTTNMyvL272TCkEZqtm4mwepVhNYj7Pxblw",
      "e": "AQAB"
    },
    {
      "use": "enc",
      "kty": "RSA",
      "kid": "mtls01_dup",
      "n": "ppY9BFOF6YXRPSRv-p21I6l-9OiTF_JbjzQ3zbvkhwkQ8p30chePHLQVeBBev1oV5j_oGYzD2_hUkUcqueHETuOFTaZ8Z0VpN9c2HDXTZ4IeTUpPJPPWcqJ4ykWxtZdhgWbxjn5lROzupAUrsT9nJci4_8KgEu6vaTnIo-NLVwzFkNr9cMYRBcg7O20RL7V7LSgGyqw2vUK3jvBCgsCZSWRjjBQiYGQjEYkvGmAm22Omw2HmdJ0mFV4m7DpyY2WRhLqSAedzkwsYioTDPXqa-ts8DgBqUySPYp1ACSoeHxVO5gnKd6ukaCNyh5U7bui0zMRw_NKRGChA1nJN3cg1Mw",
      "e": "AQAB"
    },
    {
      "use": "enc",
      "kty": "RSA",
      "kid": "rsa256_dup",
      "n": "toihHnUntP41DGJEpUQjHuzyWtb4NQEg5r38YoaCRVfnX7pmYOgn6zOU3jgUXuNqJefTHNLRq7_wxZT2zsCFrJvfg8ccl4Ds1Vp3Hur3mQVsqhXrKRqBvvsF_1pbJSbyLCk0_HkrcP9XRNP4Lq2MiofAtt89Lmya9ZlwbA4NLkEJFNtC-6wuq48kpA-TWXOcQXPUW-0RZS7t8DGgRlQpeUwj8-g6N_uUSk21hawGNlWmOYkrQ7w4kCIKO2U4Y6_2dygwNnESxiPA_61UuH9wVjWxo1XiyKJnpDGiYXGeihoGn6EcLMKeA8wACuR_1ah7BD3iKMQRW3DWEBfjp0LMyQ",
      "e": "AQAB"
    }
  ]
}
2022-08-04 04:46:25 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-08-04 04:46:25 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-08-04 04:46:25 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-08-04 04:46:25 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-08-04 04:46:25
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_id
client01
client_secret
secret
2022-08-04 04:46:25
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
2022-08-04 04:46:25 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "6oEMeiJK5gdqSFLEkZQXbPmK_KWqUP4qit8qYjVve488hmhh8sWy8vc0dvYqlid1qq1MGgmxoqKT56tC6okD1mBw6wZdSgcK8dhHuiwbRsL0yhwY8Yx2bC3SQpq28MJchrv7GOZ4YlLTbq9e4rFXiH-YL8aAebhrgzKxqsVXNls",
      "kty": "RSA",
      "q": "z5ep6qWRv1iemdmxqt1SWqYWTmLtZdOSY2S_f1xTBY7EEDJiCvc4Ez-hVlzGoMi-v5YUuyn3a3bi2_qPXyUhOIiu-7pPoowYTXS9l6ZJDsApKTTrRJ3KLinjcv_ghYw54N1YAWGr3inqGoWDH8fI3dq0Tjy9lMs_o0mrcL3SpXk",
      "d": "r2yQqy7iT1ZPx3AwLDsMQD6uqbGInTHbFpQeLv9XR6YY2ZmU1bXQy2KpdGeZ12TmWg4jNyObx8CWTF5nkxE6VpIqFySozUP155yDz16sPoEr7HaB0a37yarpPFR_Vk5mhpgHDCeJFvZHzL3EEa18Do4G-g1ZoZW4LecUxj_67LGYs6RsNkX9WxGEDUhZjlT5oiKTXV3_hKtjfvv8U99zWXbyOZqxMyP-5FCBOf12CgLCoy4GM5IOx23hBBxynTlJslTT-Wu4tOZEgpwF844M1fPLIxfA1t8WKS7Irv-0adXeYy12Ee22nRquoQbP9PPwbaRoACUl1VX6akAUWbGf4Q",
      "e": "AQAB",
      "use": "sig",
      "qi": "rFfYMr0PmQHbZvpVCiOefCRBGBUoan3LZXL9Yt4ESXBkSAaABkd20BMYFxgzxom9UwQ_Jftwr44FuIhM8mSx7XzFG5PBmwemhySXBjkSZeMvaB6X69czD_g2MTgFumX13zVXq0g2q3YKJ_i8f_iScuRA-Rh64Enpec-_gLlSzq0",
      "dp": "6U4uzawkfCrQcNf3vSZrD_5NawKfKilUxgk1L7QeD_33p3leSZyrZtLPHbPXtr_Xb1Eur5EJa9b387sNvi1G5hfY_9q7IZVULDyTUAPlt0brJ9FAd8DZaNNFpwIqE-orB9kp_iH9j0T8GdjcPAlYHvNiw9VnqLH0NPlQjaf8FpU",
      "alg": "RS256",
      "dq": "g1Lrf_Bb4lN6idNojLHULlpRVCdLDRapzcznQ_ew4ZwuNhzZXxyD0dF4C_1G_mHgIa0c0kY7KjWcUBMS7dq8SFpXcBGt3SOJID7QzYW5Q-aWY2YBy3eSdl-zboWmkHVkC_eae81A_5s-aKa7i7hEPuzjEXdlayKk0HSDSyAaiOk",
      "n": "vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw"
    }
  ]
}
2022-08-04 04:46:25 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-08-04 04:46:25
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-08-04 04:46:25
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
OIDF Conformance Test 31CIWzYr5jxQwrN
2022-08-04 04:46:25
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-08-04 04:46:25
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test 31CIWzYr5jxQwrN",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw"
      }
    ]
  }
}
2022-08-04 04:46:25
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test 31CIWzYr5jxQwrN",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-08-04 04:46:25
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test 31CIWzYr5jxQwrN",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ]
}
2022-08-04 04:46:25
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test 31CIWzYr5jxQwrN",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback"
  ]
}
2022-08-04 04:46:25
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "OIDF Conformance Test 31CIWzYr5jxQwrN",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-08-04 04:46:25
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://isamfed.com:8843/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "724"
}
request_body
{"client_name":"OIDF Conformance Test 31CIWzYr5jxQwrN","grant_types":["authorization_code"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code"],"redirect_uris":["https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback"],"contacts":["certification@oidf.org"]}
2022-08-04 04:46:26 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "content-length": "1139",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Thu, 04 Aug 2022 04:46:26 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-store",
  "x-correlation-id": "CORR_ID-ce7497f6-5f23-4449-9c91-bfca2d5f6b4e",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache"
}
response_body
{"client_id":"a4c8ad91-93fb-4584-8994-793fed47c062","client_id_issued_at":1659588386,"client_name":"OIDF Conformance Test 31CIWzYr5jxQwrN","client_secret":"43K3JN9XbNlK5uiH","client_secret_expires_at":0,"contacts":["certification@oidf.org"],"grant_types":["authorization_code"],"jwks":{"keys":[{"alg":"RS256","e":"AQAB","kty":"RSA","n":"vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw","use":"sig"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback"],"registration_access_token":"JNGh0jpPYpum9EXB0l5KjOGTFtApSlyxfeDM4hCYt5E.cx8EwC1dlfWKweKtBXxgnVet_dzlLoZY1ddy6kjYkamS4khipHLhiTAadVUMYHu5sIORzFHWbDdaHvf0bNwJFQ","registration_client_uri":"https://isamfed.com:8843/oauth2/register/a4c8ad91-93fb-4584-8994-793fed47c062","response_types":["code"],"token_endpoint_auth_method":"client_secret_basic"}
2022-08-04 04:46:26
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "content-length": "1139",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Thu, 04 Aug 2022 04:46:26 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-store",
  "x-correlation-id": "CORR_ID-ce7497f6-5f23-4449-9c91-bfca2d5f6b4e",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache"
}
body
{"client_id":"a4c8ad91-93fb-4584-8994-793fed47c062","client_id_issued_at":1659588386,"client_name":"OIDF Conformance Test 31CIWzYr5jxQwrN","client_secret":"43K3JN9XbNlK5uiH","client_secret_expires_at":0,"contacts":["certification@oidf.org"],"grant_types":["authorization_code"],"jwks":{"keys":[{"alg":"RS256","e":"AQAB","kty":"RSA","n":"vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw","use":"sig"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback"],"registration_access_token":"JNGh0jpPYpum9EXB0l5KjOGTFtApSlyxfeDM4hCYt5E.cx8EwC1dlfWKweKtBXxgnVet_dzlLoZY1ddy6kjYkamS4khipHLhiTAadVUMYHu5sIORzFHWbDdaHvf0bNwJFQ","registration_client_uri":"https://isamfed.com:8843/oauth2/register/a4c8ad91-93fb-4584-8994-793fed47c062","response_types":["code"],"token_endpoint_auth_method":"client_secret_basic"}
body_json
{
  "client_id": "a4c8ad91-93fb-4584-8994-793fed47c062",
  "client_id_issued_at": 1659588386,
  "client_name": "OIDF Conformance Test 31CIWzYr5jxQwrN",
  "client_secret": "43K3JN9XbNlK5uiH",
  "client_secret_expires_at": 0,
  "contacts": [
    "certification@oidf.org"
  ],
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "alg": "RS256",
        "e": "AQAB",
        "kty": "RSA",
        "n": "vilG20Chgd623QQFXvTDm1YuZKA0GA_AwfanXxWc_yrcta48lP4N6SHaWCEwmPka_DvHAtlV-tpDhDUqi2GOiSCMR-krDfN_J9JRQ9pqERzc9HwCGdzPcpFAFFC0h8tYX_6z6NuH1wJF2HmLylCpw3UruWOzVkA3kedmvULu2pGh__jDHctm9PgAbV4amLf4lfODc6SDmn370RfJd4XZK4cuC0JSbr-oAFhWI0Q1N4gLz8iQK_r5ZC-ajsAd-NI9BWMIsjoDVS9UX-qryG7JOnVTl5-pnOSG96dJYa8HK6FFXUxD5x-WhAMSPLj1JqHzgc8LRdHTpoiJqeBkQedYAw",
        "use": "sig"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback"
  ],
  "registration_access_token": "JNGh0jpPYpum9EXB0l5KjOGTFtApSlyxfeDM4hCYt5E.cx8EwC1dlfWKweKtBXxgnVet_dzlLoZY1ddy6kjYkamS4khipHLhiTAadVUMYHu5sIORzFHWbDdaHvf0bNwJFQ",
  "registration_client_uri": "https://isamfed.com:8843/oauth2/register/a4c8ad91-93fb-4584-8994-793fed47c062",
  "response_types": [
    "code"
  ],
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-08-04 04:46:26 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-08-04 04:46:26 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-08-04 04:46:26 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-08-04 04:46:26 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
2022-08-04 04:46:26 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://isamfed.com:8843/oauth2/register/a4c8ad91-93fb-4584-8994-793fed47c062
registration_access_token
JNGh0jpPYpum9EXB0l5KjOGTFtApSlyxfeDM4hCYt5E.cx8EwC1dlfWKweKtBXxgnVet_dzlLoZY1ddy6kjYkamS4khipHLhiTAadVUMYHu5sIORzFHWbDdaHvf0bNwJFQ
2022-08-04 04:46:26
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-08-04 04:46:26 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-08-04 04:46:26 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://isamfed.com:8843/oauth2/userinfo
2022-08-04 04:46:26
oidcc-max-age-1
Setup Done
Make request to authorization endpoint
2022-08-04 04:46:26 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
2022-08-04 04:46:26
CreateRandomStateValue
Created state value
requested_state_length
10
state
M7I8ZT1DvM
2022-08-04 04:46:26 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
M7I8ZT1DvM
2022-08-04 04:46:26
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
LV1ujc6awq
2022-08-04 04:46:26 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
M7I8ZT1DvM
nonce
LV1ujc6awq
2022-08-04 04:46:26 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
M7I8ZT1DvM
nonce
LV1ujc6awq
response_type
code
2022-08-04 04:46:26
SetAuthorizationEndpointRequestResponseModeToFormPost
Added response_mode parameter to request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
M7I8ZT1DvM
nonce
LV1ujc6awq
response_type
code
response_mode
form_post
2022-08-04 04:46:26 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "a4c8ad91-93fb-4584-8994-793fed47c062",
  "redirect_uri": "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback",
  "scope": "openid",
  "state": "M7I8ZT1DvM",
  "nonce": "LV1ujc6awq",
  "response_type": "code",
  "response_mode": "form_post"
}
redirect_to_authorization_endpoint
https://isamfed.com:8843/oauth2/authorize?client_id=a4c8ad91-93fb-4584-8994-793fed47c062&redirect_uri=https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback&scope=openid&state=M7I8ZT1DvM&nonce=LV1ujc6awq&response_type=code&response_mode=form_post
2022-08-04 04:46:26 REDIRECT
oidcc-max-age-1
Redirecting to authorization endpoint
redirect_to
https://isamfed.com:8843/oauth2/authorize?client_id=a4c8ad91-93fb-4584-8994-793fed47c062&redirect_uri=https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback&scope=openid&state=M7I8ZT1DvM&nonce=LV1ujc6awq&response_type=code&response_mode=form_post
2022-08-04 04:46:35 INCOMING
oidcc-max-age-1
Incoming HTTP request to /test/a/isva_op_oidc_core_test_gh/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "sec-ch-ua": "\".Not/A)Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"103\", \"Chromium\";v\u003d\"103\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"macOS\"",
  "upgrade-insecure-requests": "1",
  "origin": "https://isamfed.com:8843",
  "content-type": "application/x-www-form-urlencoded",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-dest": "document",
  "referer": "https://isamfed.com:8843/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-TW;q\u003d0.8,zh;q\u003d0.7",
  "connection": "close",
  "content-length": "152"
}
incoming_path
/test/a/isva_op_oidc_core_test_gh/callback
incoming_body_form_params
{
  "code": "8W3oOzx1GAphH3fHRWYQTjSzP_xawqgS9JsLwup46Rk.10Nvh5L6zAwrm-SzqZ9pueA3Laev3XYOk61CapLFX3XKDcjosSwKynB41TqN_Wwbp_9oWLG3opwMuqJIqbHwkA",
  "state": "M7I8ZT1DvM"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
code=8W3oOzx1GAphH3fHRWYQTjSzP_xawqgS9JsLwup46Rk.10Nvh5L6zAwrm-SzqZ9pueA3Laev3XYOk61CapLFX3XKDcjosSwKynB41TqN_Wwbp_9oWLG3opwMuqJIqbHwkA&state=M7I8ZT1DvM
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-08-04 04:46:35 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/UClqrIKedFYoop13ocav",
  "fullUrl": "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/implicit/UClqrIKedFYoop13ocav"
}
2022-08-04 04:46:35 OUTGOING
oidcc-max-age-1
Response to HTTP request to test instance 31CIWzYr5jxQwrN
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/implicit/UClqrIKedFYoop13ocav, returnUrl=/log-detail.html?log=31CIWzYr5jxQwrN}]
outgoing_path
callback
2022-08-04 04:46:36 INCOMING
oidcc-max-age-1
Incoming HTTP request to /test/a/isva_op_oidc_core_test_gh/implicit/UClqrIKedFYoop13ocav
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\".Not/A)Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"103\", \"Chromium\";v\u003d\"103\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"macOS\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-TW;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utma\u003d201319536.1003316269.1659326830.1659326830.1659326830.1; __utmc\u003d201319536; __utmz\u003d201319536.1659326830.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); JSESSIONID\u003dEC39B6D3D9CB3307875F8C9EA934BA87",
  "connection": "close",
  "content-length": "0"
}
incoming_path
/test/a/isva_op_oidc_core_test_gh/implicit/UClqrIKedFYoop13ocav
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-08-04 04:46:36 OUTGOING
oidcc-max-age-1
Response to HTTP request to test instance 31CIWzYr5jxQwrN
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/UClqrIKedFYoop13ocav
2022-08-04 04:46:36 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2022-08-04 04:46:36 REDIRECT-IN
oidcc-max-age-1
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "sec-ch-ua": "\".Not/A)Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"103\", \"Chromium\";v\u003d\"103\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"macOS\"",
  "upgrade-insecure-requests": "1",
  "origin": "https://isamfed.com:8843",
  "content-type": "application/x-www-form-urlencoded",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-dest": "document",
  "referer": "https://isamfed.com:8843/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-TW;q\u003d0.8,zh;q\u003d0.7",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "content-length": "152"
}
http_method
POST
url_fragment
{}
post_body
{
  "code": "8W3oOzx1GAphH3fHRWYQTjSzP_xawqgS9JsLwup46Rk.10Nvh5L6zAwrm-SzqZ9pueA3Laev3XYOk61CapLFX3XKDcjosSwKynB41TqN_Wwbp_9oWLG3opwMuqJIqbHwkA",
  "state": "M7I8ZT1DvM"
}
Verify authorization endpoint response
2022-08-04 04:46:36 SUCCESS
CheckCallbackHttpMethodIsPost
HTTP method used at redirect_uri is 'POST'
2022-08-04 04:46:36 SUCCESS
CheckCallbackContentTypeIsFormUrlEncoded
content-type header to redirect_uri has the expected value
content_type
application/x-www-form-urlencoded
expected
application/x-www-form-urlencoded
2022-08-04 04:46:36 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-08-04 04:46:36 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-08-04 04:46:36 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-08-04 04:46:36
ValidateIssInAuthorizationResponse
No 'iss' value in authorization response.
2022-08-04 04:46:36 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-08-04 04:46:36 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
M7I8ZT1DvM
2022-08-04 04:46:36 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
8W3oOzx1GAphH3fHRWYQTjSzP_xawqgS9JsLwup46Rk.10Nvh5L6zAwrm-SzqZ9pueA3Laev3XYOk61CapLFX3XKDcjosSwKynB41TqN_Wwbp_9oWLG3opwMuqJIqbHwkA
2022-08-04 04:46:36 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
8W3oOzx1GAphH3fHRWYQTjSzP_xawqgS9JsLwup46Rk.10Nvh5L6zAwrm-SzqZ9pueA3Laev3XYOk61CapLFX3XKDcjosSwKynB41TqN_Wwbp_9oWLG3opwMuqJIqbHwkA
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
2022-08-04 04:46:36 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic YTRjOGFkOTEtOTNmYi00NTg0LTg5OTQtNzkzZmVkNDdjMDYyOjQzSzNKTjlYYk5sSzV1aUg=
2022-08-04 04:46:36
CallTokenEndpoint
HTTP request
request_uri
https://isamfed.com:8843/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic YTRjOGFkOTEtOTNmYi00NTg0LTg5OTQtNzkzZmVkNDdjMDYyOjQzSzNKTjlYYk5sSzV1aUg\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "271"
}
request_body
grant_type=authorization_code&code=8W3oOzx1GAphH3fHRWYQTjSzP_xawqgS9JsLwup46Rk.10Nvh5L6zAwrm-SzqZ9pueA3Laev3XYOk61CapLFX3XKDcjosSwKynB41TqN_Wwbp_9oWLG3opwMuqJIqbHwkA&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisva_op_oidc_core_test_gh%2Fcallback
2022-08-04 04:46:37 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "1040",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Thu, 04 Aug 2022 04:46:37 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-store",
  "x-correlation-id": "CORR_ID-14fb769e-e3d9-45d1-a79f-29c432afb020",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache"
}
response_body
{"access_token":"d4ElK9SCNLKuOb6VMlf5zK22B-jwA8gTaS3KEy0eF34.tF7l8UXAAtmElb3xKOAr4VDiLyzd68o8C2ezW3axZOMpwv71MZlsCrnswM0N-38oqECxsoLwCpNAHWivx9qw9g","expires_in":7199,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiMmhKZVBXQW9rbmFMYnBuY3VIejV0QSIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4MzgyLCJleHAiOjE2NTk1OTE5OTcsImlhdCI6MTY1OTU4ODM5NywiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiIzNTcyNmU0Zi1jOTdmLTRkYmYtOTNiMS0xNzliYzQ3NGIzYmMiLCJub25jZSI6IkxWMXVqYzZhd3EiLCJyYXQiOjE2NTk1ODgzOTAsInNfaGFzaCI6IjZzRG1fQm5JSWRxNWpSVWpGdDVPMGciLCJzdWIiOiJ0ZXN0dXNlciJ9.YIX-75rrNPA7vTRs7SZyS1bxCSqSZIeF6iTPzLgj9CUVB6YtC4kTegp78ZWK6lwLekSG04Ba8kBzUMtXzRUxfE5CZGoNBOheVv9REWwho9OLv53n_05N8iwxXvb9P3QPeDy4WdZsY2fw95ZrjGlSDKpeYeJ7FbuNIhrflSmU3SmVOq6wXa8O6dQvUKZJMvfWp8gkvjjZ90nabi-acdKKQbnhhrgLj6dJb3DcO3u-ZWNHhrMcGMxaMuHeoCXbOyIeFBfLwF0xht9FQm1-Z56XgP1TSxtmWEDRR0aWxeHXgufyXBqaF4D9e7cfBCpQHQZcnXSHFWn2lLp9NTwcl0enEw","scope":"openid","token_type":"bearer"}
2022-08-04 04:46:37 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
d4ElK9SCNLKuOb6VMlf5zK22B-jwA8gTaS3KEy0eF34.tF7l8UXAAtmElb3xKOAr4VDiLyzd68o8C2ezW3axZOMpwv71MZlsCrnswM0N-38oqECxsoLwCpNAHWivx9qw9g
expires_in
7199
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiMmhKZVBXQW9rbmFMYnBuY3VIejV0QSIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4MzgyLCJleHAiOjE2NTk1OTE5OTcsImlhdCI6MTY1OTU4ODM5NywiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiIzNTcyNmU0Zi1jOTdmLTRkYmYtOTNiMS0xNzliYzQ3NGIzYmMiLCJub25jZSI6IkxWMXVqYzZhd3EiLCJyYXQiOjE2NTk1ODgzOTAsInNfaGFzaCI6IjZzRG1fQm5JSWRxNWpSVWpGdDVPMGciLCJzdWIiOiJ0ZXN0dXNlciJ9.YIX-75rrNPA7vTRs7SZyS1bxCSqSZIeF6iTPzLgj9CUVB6YtC4kTegp78ZWK6lwLekSG04Ba8kBzUMtXzRUxfE5CZGoNBOheVv9REWwho9OLv53n_05N8iwxXvb9P3QPeDy4WdZsY2fw95ZrjGlSDKpeYeJ7FbuNIhrflSmU3SmVOq6wXa8O6dQvUKZJMvfWp8gkvjjZ90nabi-acdKKQbnhhrgLj6dJb3DcO3u-ZWNHhrMcGMxaMuHeoCXbOyIeFBfLwF0xht9FQm1-Z56XgP1TSxtmWEDRR0aWxeHXgufyXBqaF4D9e7cfBCpQHQZcnXSHFWn2lLp9NTwcl0enEw
scope
openid
token_type
bearer
2022-08-04 04:46:37 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-08-04 04:46:37 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
d4ElK9SCNLKuOb6VMlf5zK22B-jwA8gTaS3KEy0eF34.tF7l8UXAAtmElb3xKOAr4VDiLyzd68o8C2ezW3axZOMpwv71MZlsCrnswM0N-38oqECxsoLwCpNAHWivx9qw9g
2022-08-04 04:46:37 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
d4ElK9SCNLKuOb6VMlf5zK22B-jwA8gTaS3KEy0eF34.tF7l8UXAAtmElb3xKOAr4VDiLyzd68o8C2ezW3axZOMpwv71MZlsCrnswM0N-38oqECxsoLwCpNAHWivx9qw9g
type
bearer
2022-08-04 04:46:37 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2022-08-04 04:46:37 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2022-08-04 04:46:37 INFO
CheckForRefreshTokenValue
Couldn't find refresh token
2022-08-04 04:46:37 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiMmhKZVBXQW9rbmFMYnBuY3VIejV0QSIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4MzgyLCJleHAiOjE2NTk1OTE5OTcsImlhdCI6MTY1OTU4ODM5NywiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiIzNTcyNmU0Zi1jOTdmLTRkYmYtOTNiMS0xNzliYzQ3NGIzYmMiLCJub25jZSI6IkxWMXVqYzZhd3EiLCJyYXQiOjE2NTk1ODgzOTAsInNfaGFzaCI6IjZzRG1fQm5JSWRxNWpSVWpGdDVPMGciLCJzdWIiOiJ0ZXN0dXNlciJ9.YIX-75rrNPA7vTRs7SZyS1bxCSqSZIeF6iTPzLgj9CUVB6YtC4kTegp78ZWK6lwLekSG04Ba8kBzUMtXzRUxfE5CZGoNBOheVv9REWwho9OLv53n_05N8iwxXvb9P3QPeDy4WdZsY2fw95ZrjGlSDKpeYeJ7FbuNIhrflSmU3SmVOq6wXa8O6dQvUKZJMvfWp8gkvjjZ90nabi-acdKKQbnhhrgLj6dJb3DcO3u-ZWNHhrMcGMxaMuHeoCXbOyIeFBfLwF0xht9FQm1-Z56XgP1TSxtmWEDRR0aWxeHXgufyXBqaF4D9e7cfBCpQHQZcnXSHFWn2lLp9NTwcl0enEw
header
{
  "kid": "rsa256",
  "typ": "JWT",
  "alg": "RS256"
}
claims
{
  "at_hash": "2hJePWAoknaLbpncuHz5tA",
  "aud": "a4c8ad91-93fb-4584-8994-793fed47c062",
  "sub": "testuser",
  "s_hash": "6sDm_BnIIdq5jRUjFt5O0g",
  "rat": 1659588390,
  "auth_time": 1659588382,
  "iss": "https://isamfed.com:8843/oauth2/",
  "exp": 1659591997,
  "iat": 1659588397,
  "nonce": "LV1ujc6awq",
  "jti": "35726e4f-c97f-4dbf-93b1-179bc474b3bc"
}
2022-08-04 04:46:37 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-08-04 04:46:37
ValidateIdTokenStandardClaims
sub is a string with content
2022-08-04 04:46:37
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-08-04 04:46:37 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-08-04 04:46:37 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
LV1ujc6awq
2022-08-04 04:46:37 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-08-04 04:46:37 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiMmhKZVBXQW9rbmFMYnBuY3VIejV0QSIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4MzgyLCJleHAiOjE2NTk1OTE5OTcsImlhdCI6MTY1OTU4ODM5NywiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiIzNTcyNmU0Zi1jOTdmLTRkYmYtOTNiMS0xNzliYzQ3NGIzYmMiLCJub25jZSI6IkxWMXVqYzZhd3EiLCJyYXQiOjE2NTk1ODgzOTAsInNfaGFzaCI6IjZzRG1fQm5JSWRxNWpSVWpGdDVPMGciLCJzdWIiOiJ0ZXN0dXNlciJ9.YIX-75rrNPA7vTRs7SZyS1bxCSqSZIeF6iTPzLgj9CUVB6YtC4kTegp78ZWK6lwLekSG04Ba8kBzUMtXzRUxfE5CZGoNBOheVv9REWwho9OLv53n_05N8iwxXvb9P3QPeDy4WdZsY2fw95ZrjGlSDKpeYeJ7FbuNIhrflSmU3SmVOq6wXa8O6dQvUKZJMvfWp8gkvjjZ90nabi-acdKKQbnhhrgLj6dJb3DcO3u-ZWNHhrMcGMxaMuHeoCXbOyIeFBfLwF0xht9FQm1-Z56XgP1TSxtmWEDRR0aWxeHXgufyXBqaF4D9e7cfBCpQHQZcnXSHFWn2lLp9NTwcl0enEw
2022-08-04 04:46:37 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiMmhKZVBXQW9rbmFMYnBuY3VIejV0QSIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4MzgyLCJleHAiOjE2NTk1OTE5OTcsImlhdCI6MTY1OTU4ODM5NywiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiIzNTcyNmU0Zi1jOTdmLTRkYmYtOTNiMS0xNzliYzQ3NGIzYmMiLCJub25jZSI6IkxWMXVqYzZhd3EiLCJyYXQiOjE2NTk1ODgzOTAsInNfaGFzaCI6IjZzRG1fQm5JSWRxNWpSVWpGdDVPMGciLCJzdWIiOiJ0ZXN0dXNlciJ9.YIX-75rrNPA7vTRs7SZyS1bxCSqSZIeF6iTPzLgj9CUVB6YtC4kTegp78ZWK6lwLekSG04Ba8kBzUMtXzRUxfE5CZGoNBOheVv9REWwho9OLv53n_05N8iwxXvb9P3QPeDy4WdZsY2fw95ZrjGlSDKpeYeJ7FbuNIhrflSmU3SmVOq6wXa8O6dQvUKZJMvfWp8gkvjjZ90nabi-acdKKQbnhhrgLj6dJb3DcO3u-ZWNHhrMcGMxaMuHeoCXbOyIeFBfLwF0xht9FQm1-Z56XgP1TSxtmWEDRR0aWxeHXgufyXBqaF4D9e7cfBCpQHQZcnXSHFWn2lLp9NTwcl0enEw
2022-08-04 04:46:37 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
testuser
2022-08-04 04:46:37
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-08-04 04:46:37 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
Userinfo endpoint tests
2022-08-04 04:46:37
CallProtectedResource
HTTP request
request_uri
https://isamfed.com:8843/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer d4ElK9SCNLKuOb6VMlf5zK22B-jwA8gTaS3KEy0eF34.tF7l8UXAAtmElb3xKOAr4VDiLyzd68o8C2ezW3axZOMpwv71MZlsCrnswM0N-38oqECxsoLwCpNAHWivx9qw9g",
  "content-length": "0"
}
request_body

                                
2022-08-04 04:46:38 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "147",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Thu, 04 Aug 2022 04:46:38 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-4daccd3d-534d-4f98-a816-abd41f583624",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"aud":["a4c8ad91-93fb-4584-8994-793fed47c062"],"auth_time":1659588382,"iss":"https://isamfed.com:8843/oauth2/","rat":1659588390,"sub":"testuser"}
2022-08-04 04:46:38 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "content-length": "147",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Thu, 04 Aug 2022 04:46:38 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-4daccd3d-534d-4f98-a816-abd41f583624",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
body
{"aud":["a4c8ad91-93fb-4584-8994-793fed47c062"],"auth_time":1659588382,"iss":"https://isamfed.com:8843/oauth2/","rat":1659588390,"sub":"testuser"}
2022-08-04 04:46:38 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Second authorization: Make request to authorization endpoint
2022-08-04 04:46:38 SUCCESS
WaitFor2Seconds
Pausing for 2 seconds
2022-08-04 04:46:40 SUCCESS
WaitFor2Seconds
Woke up after 2 seconds sleep
2022-08-04 04:46:40 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
2022-08-04 04:46:40
CreateRandomStateValue
Created state value
requested_state_length
10
state
9cZ6FcKDQ3
2022-08-04 04:46:40 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
9cZ6FcKDQ3
2022-08-04 04:46:40
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
bhO5qJ4FLp
2022-08-04 04:46:40 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
9cZ6FcKDQ3
nonce
bhO5qJ4FLp
2022-08-04 04:46:40 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
9cZ6FcKDQ3
nonce
bhO5qJ4FLp
response_type
code
2022-08-04 04:46:40
SetAuthorizationEndpointRequestResponseModeToFormPost
Added response_mode parameter to request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
9cZ6FcKDQ3
nonce
bhO5qJ4FLp
response_type
code
response_mode
form_post
2022-08-04 04:46:40 SUCCESS
AddMaxAge1ToAuthorizationEndpointRequest
Added max_age=1 to authorization endpoint request
client_id
a4c8ad91-93fb-4584-8994-793fed47c062
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
scope
openid
state
9cZ6FcKDQ3
nonce
bhO5qJ4FLp
response_type
code
response_mode
form_post
max_age
1
2022-08-04 04:46:40 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "a4c8ad91-93fb-4584-8994-793fed47c062",
  "redirect_uri": "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback",
  "scope": "openid",
  "state": "9cZ6FcKDQ3",
  "nonce": "bhO5qJ4FLp",
  "response_type": "code",
  "response_mode": "form_post",
  "max_age": 1
}
redirect_to_authorization_endpoint
https://isamfed.com:8843/oauth2/authorize?client_id=a4c8ad91-93fb-4584-8994-793fed47c062&redirect_uri=https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback&scope=openid&state=9cZ6FcKDQ3&nonce=bhO5qJ4FLp&response_type=code&response_mode=form_post&max_age=1
2022-08-04 04:46:40 REDIRECT
oidcc-max-age-1
Redirecting to authorization endpoint
redirect_to
https://isamfed.com:8843/oauth2/authorize?client_id=a4c8ad91-93fb-4584-8994-793fed47c062&redirect_uri=https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback&scope=openid&state=9cZ6FcKDQ3&nonce=bhO5qJ4FLp&response_type=code&response_mode=form_post&max_age=1
2022-08-04 04:46:40 REVIEW IMAGE
ExpectSecondLoginPage
The server must ask the user to login for a second time; a screenshot of this must be uploaded.
img
updatedAt
1659588456025
2022-08-04 04:47:17 INCOMING
oidcc-max-age-1
Incoming HTTP request to /test/a/isva_op_oidc_core_test_gh/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "sec-ch-ua": "\".Not/A)Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"103\", \"Chromium\";v\u003d\"103\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"macOS\"",
  "upgrade-insecure-requests": "1",
  "origin": "https://isamfed.com:8843",
  "content-type": "application/x-www-form-urlencoded",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-dest": "document",
  "referer": "https://isamfed.com:8843/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-TW;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "JSESSIONID\u003dEC39B6D3D9CB3307875F8C9EA934BA87",
  "connection": "close",
  "content-length": "152"
}
incoming_path
/test/a/isva_op_oidc_core_test_gh/callback
incoming_body_form_params
{
  "code": "193fDqbplLvXTcVc0Vf9QQS95hFqMmO0qu6m0plMApM.UCWFlD75FJZjO2BFl4tU3Y0VFzl5izjbCfxAswpBCTaExAyuyGQlronMMXz9zz4lN1Th9lj0295DHke0jWq0Xw",
  "state": "9cZ6FcKDQ3"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
code=193fDqbplLvXTcVc0Vf9QQS95hFqMmO0qu6m0plMApM.UCWFlD75FJZjO2BFl4tU3Y0VFzl5izjbCfxAswpBCTaExAyuyGQlronMMXz9zz4lN1Th9lj0295DHke0jWq0Xw&state=9cZ6FcKDQ3
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-08-04 04:47:17 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/m0Ad0p45E5wfeN8pnWCN",
  "fullUrl": "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/implicit/m0Ad0p45E5wfeN8pnWCN"
}
2022-08-04 04:47:17 OUTGOING
oidcc-max-age-1
Response to HTTP request to test instance 31CIWzYr5jxQwrN
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/implicit/m0Ad0p45E5wfeN8pnWCN, returnUrl=/log-detail.html?log=31CIWzYr5jxQwrN}]
outgoing_path
callback
2022-08-04 04:47:17 INCOMING
oidcc-max-age-1
Incoming HTTP request to /test/a/isva_op_oidc_core_test_gh/implicit/m0Ad0p45E5wfeN8pnWCN
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\".Not/A)Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"103\", \"Chromium\";v\u003d\"103\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"macOS\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-TW;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utma\u003d201319536.1003316269.1659326830.1659326830.1659326830.1; __utmc\u003d201319536; __utmz\u003d201319536.1659326830.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); JSESSIONID\u003dEC39B6D3D9CB3307875F8C9EA934BA87",
  "connection": "close",
  "content-length": "0"
}
incoming_path
/test/a/isva_op_oidc_core_test_gh/implicit/m0Ad0p45E5wfeN8pnWCN
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-08-04 04:47:17 OUTGOING
oidcc-max-age-1
Response to HTTP request to test instance 31CIWzYr5jxQwrN
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/m0Ad0p45E5wfeN8pnWCN
2022-08-04 04:47:17 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2022-08-04 04:47:17 REDIRECT-IN
oidcc-max-age-1
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "sec-ch-ua": "\".Not/A)Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"103\", \"Chromium\";v\u003d\"103\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"macOS\"",
  "upgrade-insecure-requests": "1",
  "origin": "https://isamfed.com:8843",
  "content-type": "application/x-www-form-urlencoded",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-dest": "document",
  "referer": "https://isamfed.com:8843/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-TW;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "JSESSIONID\u003dEC39B6D3D9CB3307875F8C9EA934BA87",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "content-length": "152"
}
http_method
POST
url_fragment
{}
post_body
{
  "code": "193fDqbplLvXTcVc0Vf9QQS95hFqMmO0qu6m0plMApM.UCWFlD75FJZjO2BFl4tU3Y0VFzl5izjbCfxAswpBCTaExAyuyGQlronMMXz9zz4lN1Th9lj0295DHke0jWq0Xw",
  "state": "9cZ6FcKDQ3"
}
Second authorization: Verify authorization endpoint response
2022-08-04 04:47:17 SUCCESS
CheckCallbackHttpMethodIsPost
HTTP method used at redirect_uri is 'POST'
2022-08-04 04:47:17 SUCCESS
CheckCallbackContentTypeIsFormUrlEncoded
content-type header to redirect_uri has the expected value
content_type
application/x-www-form-urlencoded
expected
application/x-www-form-urlencoded
2022-08-04 04:47:17 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-08-04 04:47:17 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-08-04 04:47:17 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-08-04 04:47:17
ValidateIssInAuthorizationResponse
No 'iss' value in authorization response.
2022-08-04 04:47:17 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-08-04 04:47:17 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
9cZ6FcKDQ3
2022-08-04 04:47:17 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
193fDqbplLvXTcVc0Vf9QQS95hFqMmO0qu6m0plMApM.UCWFlD75FJZjO2BFl4tU3Y0VFzl5izjbCfxAswpBCTaExAyuyGQlronMMXz9zz4lN1Th9lj0295DHke0jWq0Xw
2022-08-04 04:47:17 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
193fDqbplLvXTcVc0Vf9QQS95hFqMmO0qu6m0plMApM.UCWFlD75FJZjO2BFl4tU3Y0VFzl5izjbCfxAswpBCTaExAyuyGQlronMMXz9zz4lN1Th9lj0295DHke0jWq0Xw
redirect_uri
https://www.certification.openid.net/test/a/isva_op_oidc_core_test_gh/callback
2022-08-04 04:47:17 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic YTRjOGFkOTEtOTNmYi00NTg0LTg5OTQtNzkzZmVkNDdjMDYyOjQzSzNKTjlYYk5sSzV1aUg=
2022-08-04 04:47:17
CallTokenEndpoint
HTTP request
request_uri
https://isamfed.com:8843/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic YTRjOGFkOTEtOTNmYi00NTg0LTg5OTQtNzkzZmVkNDdjMDYyOjQzSzNKTjlYYk5sSzV1aUg\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "271"
}
request_body
grant_type=authorization_code&code=193fDqbplLvXTcVc0Vf9QQS95hFqMmO0qu6m0plMApM.UCWFlD75FJZjO2BFl4tU3Y0VFzl5izjbCfxAswpBCTaExAyuyGQlronMMXz9zz4lN1Th9lj0295DHke0jWq0Xw&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisva_op_oidc_core_test_gh%2Fcallback
2022-08-04 04:47:18 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "1040",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Thu, 04 Aug 2022 04:47:18 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-store",
  "x-correlation-id": "CORR_ID-6532de34-51c7-4bac-bcb9-d22fe9bbbc31",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache"
}
response_body
{"access_token":"U9S63LBn0opFy3t6WeS94RcRITq2z8tvoUnkyLhicRw.BLc6Ji0iAUpsQEw41dEsPZkjhNucQyQ4HaPXCNU9XfSA9MiOokHoZfKEPzVboJjj5bKVWAUikGZSgFIBplAA6w","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiRnhjTlc3NWVmanNnOV8tMnUxMTZUZyIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4NDIyLCJleHAiOjE2NTk1OTIwMzgsImlhdCI6MTY1OTU4ODQzOCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiI3ODI5ZTc0Ni02MTYxLTQwNGYtOGMyZS03YjVmMTZjNzFmZmYiLCJub25jZSI6ImJoTzVxSjRGTHAiLCJyYXQiOjE2NTk1ODg0MTcsInNfaGFzaCI6ImZQVmlJVjhZdmgtMG0wd2h6Umh3RWciLCJzdWIiOiJ0ZXN0dXNlciJ9.WawkyBzjeJK4WWcqgp-U5kgJ56_7CgVhnNIwQPRIbSN2I5WN3F69pWtuJHUxb0-xZpcBLoMh3PMcoCkIFXMg1M_eG0dUIVqnZHBL1SaNkaht8ks8svEs8cm3B0kYSystm9osuwe0mIPuhczZ8gGbN5RU0mGRFmEz1tBCmPubwqji6jVt1hGv9geNtNZYp13bJ5NSU1zOe1FbW9uVxWZCQJisgDPPEEzY3mAtROF5qEwwhc6EZ8dpNjUvWT3wYgSvDlUM8z0ir1arEE9qfZvBxRmAxJSF4AsTuSXMBqUTxJIZQw9Hn0w6dPDkbBK4vep6t2YoHP0jc-fVNA-r9gpCLA","scope":"openid","token_type":"bearer"}
2022-08-04 04:47:18 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
U9S63LBn0opFy3t6WeS94RcRITq2z8tvoUnkyLhicRw.BLc6Ji0iAUpsQEw41dEsPZkjhNucQyQ4HaPXCNU9XfSA9MiOokHoZfKEPzVboJjj5bKVWAUikGZSgFIBplAA6w
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiRnhjTlc3NWVmanNnOV8tMnUxMTZUZyIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4NDIyLCJleHAiOjE2NTk1OTIwMzgsImlhdCI6MTY1OTU4ODQzOCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiI3ODI5ZTc0Ni02MTYxLTQwNGYtOGMyZS03YjVmMTZjNzFmZmYiLCJub25jZSI6ImJoTzVxSjRGTHAiLCJyYXQiOjE2NTk1ODg0MTcsInNfaGFzaCI6ImZQVmlJVjhZdmgtMG0wd2h6Umh3RWciLCJzdWIiOiJ0ZXN0dXNlciJ9.WawkyBzjeJK4WWcqgp-U5kgJ56_7CgVhnNIwQPRIbSN2I5WN3F69pWtuJHUxb0-xZpcBLoMh3PMcoCkIFXMg1M_eG0dUIVqnZHBL1SaNkaht8ks8svEs8cm3B0kYSystm9osuwe0mIPuhczZ8gGbN5RU0mGRFmEz1tBCmPubwqji6jVt1hGv9geNtNZYp13bJ5NSU1zOe1FbW9uVxWZCQJisgDPPEEzY3mAtROF5qEwwhc6EZ8dpNjUvWT3wYgSvDlUM8z0ir1arEE9qfZvBxRmAxJSF4AsTuSXMBqUTxJIZQw9Hn0w6dPDkbBK4vep6t2YoHP0jc-fVNA-r9gpCLA
scope
openid
token_type
bearer
2022-08-04 04:47:18 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-08-04 04:47:18 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
U9S63LBn0opFy3t6WeS94RcRITq2z8tvoUnkyLhicRw.BLc6Ji0iAUpsQEw41dEsPZkjhNucQyQ4HaPXCNU9XfSA9MiOokHoZfKEPzVboJjj5bKVWAUikGZSgFIBplAA6w
2022-08-04 04:47:18 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
U9S63LBn0opFy3t6WeS94RcRITq2z8tvoUnkyLhicRw.BLc6Ji0iAUpsQEw41dEsPZkjhNucQyQ4HaPXCNU9XfSA9MiOokHoZfKEPzVboJjj5bKVWAUikGZSgFIBplAA6w
type
bearer
2022-08-04 04:47:18 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-08-04 04:47:18 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-08-04 04:47:18 INFO
CheckForRefreshTokenValue
Couldn't find refresh token
2022-08-04 04:47:18 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiRnhjTlc3NWVmanNnOV8tMnUxMTZUZyIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4NDIyLCJleHAiOjE2NTk1OTIwMzgsImlhdCI6MTY1OTU4ODQzOCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiI3ODI5ZTc0Ni02MTYxLTQwNGYtOGMyZS03YjVmMTZjNzFmZmYiLCJub25jZSI6ImJoTzVxSjRGTHAiLCJyYXQiOjE2NTk1ODg0MTcsInNfaGFzaCI6ImZQVmlJVjhZdmgtMG0wd2h6Umh3RWciLCJzdWIiOiJ0ZXN0dXNlciJ9.WawkyBzjeJK4WWcqgp-U5kgJ56_7CgVhnNIwQPRIbSN2I5WN3F69pWtuJHUxb0-xZpcBLoMh3PMcoCkIFXMg1M_eG0dUIVqnZHBL1SaNkaht8ks8svEs8cm3B0kYSystm9osuwe0mIPuhczZ8gGbN5RU0mGRFmEz1tBCmPubwqji6jVt1hGv9geNtNZYp13bJ5NSU1zOe1FbW9uVxWZCQJisgDPPEEzY3mAtROF5qEwwhc6EZ8dpNjUvWT3wYgSvDlUM8z0ir1arEE9qfZvBxRmAxJSF4AsTuSXMBqUTxJIZQw9Hn0w6dPDkbBK4vep6t2YoHP0jc-fVNA-r9gpCLA
header
{
  "kid": "rsa256",
  "typ": "JWT",
  "alg": "RS256"
}
claims
{
  "at_hash": "FxcNW75efjsg9_-2u116Tg",
  "aud": "a4c8ad91-93fb-4584-8994-793fed47c062",
  "sub": "testuser",
  "s_hash": "fPViIV8Yvh-0m0whzRhwEg",
  "rat": 1659588417,
  "auth_time": 1659588422,
  "iss": "https://isamfed.com:8843/oauth2/",
  "exp": 1659592038,
  "iat": 1659588438,
  "nonce": "bhO5qJ4FLp",
  "jti": "7829e746-6161-404f-8c2e-7b5f16c71fff"
}
2022-08-04 04:47:18 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-08-04 04:47:18
ValidateIdTokenStandardClaims
sub is a string with content
2022-08-04 04:47:18
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-08-04 04:47:18 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-08-04 04:47:18 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
bhO5qJ4FLp
2022-08-04 04:47:18 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-08-04 04:47:18 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiRnhjTlc3NWVmanNnOV8tMnUxMTZUZyIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4NDIyLCJleHAiOjE2NTk1OTIwMzgsImlhdCI6MTY1OTU4ODQzOCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiI3ODI5ZTc0Ni02MTYxLTQwNGYtOGMyZS03YjVmMTZjNzFmZmYiLCJub25jZSI6ImJoTzVxSjRGTHAiLCJyYXQiOjE2NTk1ODg0MTcsInNfaGFzaCI6ImZQVmlJVjhZdmgtMG0wd2h6Umh3RWciLCJzdWIiOiJ0ZXN0dXNlciJ9.WawkyBzjeJK4WWcqgp-U5kgJ56_7CgVhnNIwQPRIbSN2I5WN3F69pWtuJHUxb0-xZpcBLoMh3PMcoCkIFXMg1M_eG0dUIVqnZHBL1SaNkaht8ks8svEs8cm3B0kYSystm9osuwe0mIPuhczZ8gGbN5RU0mGRFmEz1tBCmPubwqji6jVt1hGv9geNtNZYp13bJ5NSU1zOe1FbW9uVxWZCQJisgDPPEEzY3mAtROF5qEwwhc6EZ8dpNjUvWT3wYgSvDlUM8z0ir1arEE9qfZvBxRmAxJSF4AsTuSXMBqUTxJIZQw9Hn0w6dPDkbBK4vep6t2YoHP0jc-fVNA-r9gpCLA
2022-08-04 04:47:18 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTI1NiIsInR5cCI6IkpXVCJ9.eyJhdF9oYXNoIjoiRnhjTlc3NWVmanNnOV8tMnUxMTZUZyIsImF1ZCI6WyJhNGM4YWQ5MS05M2ZiLTQ1ODQtODk5NC03OTNmZWQ0N2MwNjIiXSwiYXV0aF90aW1lIjoxNjU5NTg4NDIyLCJleHAiOjE2NTk1OTIwMzgsImlhdCI6MTY1OTU4ODQzOCwiaXNzIjoiaHR0cHM6Ly9pc2FtZmVkLmNvbTo4ODQzL29hdXRoMi8iLCJqdGkiOiI3ODI5ZTc0Ni02MTYxLTQwNGYtOGMyZS03YjVmMTZjNzFmZmYiLCJub25jZSI6ImJoTzVxSjRGTHAiLCJyYXQiOjE2NTk1ODg0MTcsInNfaGFzaCI6ImZQVmlJVjhZdmgtMG0wd2h6Umh3RWciLCJzdWIiOiJ0ZXN0dXNlciJ9.WawkyBzjeJK4WWcqgp-U5kgJ56_7CgVhnNIwQPRIbSN2I5WN3F69pWtuJHUxb0-xZpcBLoMh3PMcoCkIFXMg1M_eG0dUIVqnZHBL1SaNkaht8ks8svEs8cm3B0kYSystm9osuwe0mIPuhczZ8gGbN5RU0mGRFmEz1tBCmPubwqji6jVt1hGv9geNtNZYp13bJ5NSU1zOe1FbW9uVxWZCQJisgDPPEEzY3mAtROF5qEwwhc6EZ8dpNjUvWT3wYgSvDlUM8z0ir1arEE9qfZvBxRmAxJSF4AsTuSXMBqUTxJIZQw9Hn0w6dPDkbBK4vep6t2YoHP0jc-fVNA-r9gpCLA
2022-08-04 04:47:18 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
testuser
2022-08-04 04:47:18
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-08-04 04:47:18 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-08-04 04:47:18 SUCCESS
CheckIdTokenAuthTimeClaimPresentDueToMaxAge
auth_time is present in the id_token, as required for a authentication where the max_age parameter was used
id_token
{
  "at_hash": "FxcNW75efjsg9_-2u116Tg",
  "aud": "a4c8ad91-93fb-4584-8994-793fed47c062",
  "sub": "testuser",
  "s_hash": "fPViIV8Yvh-0m0whzRhwEg",
  "rat": 1659588417,
  "auth_time": 1659588422,
  "iss": "https://isamfed.com:8843/oauth2/",
  "exp": 1659592038,
  "iat": 1659588438,
  "nonce": "bhO5qJ4FLp",
  "jti": "7829e746-6161-404f-8c2e-7b5f16c71fff"
}
2022-08-04 04:47:18 SUCCESS
CheckSecondIdTokenAuthTimeIsLaterIfPresent
auth_time is later in the second id_token
first_id_token
{
  "at_hash": "2hJePWAoknaLbpncuHz5tA",
  "aud": "a4c8ad91-93fb-4584-8994-793fed47c062",
  "sub": "testuser",
  "s_hash": "6sDm_BnIIdq5jRUjFt5O0g",
  "rat": 1659588390,
  "auth_time": 1659588382,
  "iss": "https://isamfed.com:8843/oauth2/",
  "exp": 1659591997,
  "iat": 1659588397,
  "nonce": "LV1ujc6awq",
  "jti": "35726e4f-c97f-4dbf-93b1-179bc474b3bc"
}
second_id_token
{
  "at_hash": "FxcNW75efjsg9_-2u116Tg",
  "aud": "a4c8ad91-93fb-4584-8994-793fed47c062",
  "sub": "testuser",
  "s_hash": "fPViIV8Yvh-0m0whzRhwEg",
  "rat": 1659588417,
  "auth_time": 1659588422,
  "iss": "https://isamfed.com:8843/oauth2/",
  "exp": 1659592038,
  "iat": 1659588438,
  "nonce": "bhO5qJ4FLp",
  "jti": "7829e746-6161-404f-8c2e-7b5f16c71fff"
}
2022-08-04 04:47:18 SUCCESS
CheckIdTokenAuthTimeIsRecentIfPresent
auth_time in id_token is recent
auth_time
"Aug 4, 2022, 4:47:02 AM"
now
"Aug 4, 2022, 4:47:18 AM"
Second authorization: Userinfo endpoint tests
2022-08-04 04:47:18
CallProtectedResource
HTTP request
request_uri
https://isamfed.com:8843/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer U9S63LBn0opFy3t6WeS94RcRITq2z8tvoUnkyLhicRw.BLc6Ji0iAUpsQEw41dEsPZkjhNucQyQ4HaPXCNU9XfSA9MiOokHoZfKEPzVboJjj5bKVWAUikGZSgFIBplAA6w",
  "content-length": "0"
}
request_body

                                
2022-08-04 04:47:20 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "147",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Thu, 04 Aug 2022 04:47:19 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-60c3d51c-185f-40df-b4d6-182133fcc25b",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
response_body
{"aud":["a4c8ad91-93fb-4584-8994-793fed47c062"],"auth_time":1659588422,"iss":"https://isamfed.com:8843/oauth2/","rat":1659588417,"sub":"testuser"}
2022-08-04 04:47:20 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "content-length": "147",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Thu, 04 Aug 2022 04:47:19 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-correlation-id": "CORR_ID-60c3d51c-185f-40df-b4d6-182133fcc25b",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains"
}
body
{"aud":["a4c8ad91-93fb-4584-8994-793fed47c062"],"auth_time":1659588422,"iss":"https://isamfed.com:8843/oauth2/","rat":1659588417,"sub":"testuser"}
2022-08-04 04:47:20 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-08-04 04:47:51 FINISHED
oidcc-max-age-1
Test has run to completion
testmodule_result
REVIEW
Unregister dynamically registered client
2022-08-04 04:47:51
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://isamfed.com:8843/oauth2/register/a4c8ad91-93fb-4584-8994-793fed47c062
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer JNGh0jpPYpum9EXB0l5KjOGTFtApSlyxfeDM4hCYt5E.cx8EwC1dlfWKweKtBXxgnVet_dzlLoZY1ddy6kjYkamS4khipHLhiTAadVUMYHu5sIORzFHWbDdaHvf0bNwJFQ",
  "content-length": "0"
}
request_body

                                
2022-08-04 04:47:51
TEST-RUNNER
Stopping test due to alias conflict - before this test finished, you have started another test using the same alias. You will need to rerun this test and ensure you complete all steps in this test before you move onto the next test. Please check that the alias in your test configuration is unique, for example include your company name in it.
alias
isva_op_oidc_core_test_gh
new_test_id
6np7hNNdDMMg1QR
2022-08-04 04:47:52 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "date": "Thu, 04 Aug 2022 04:47:52 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-store",
  "x-correlation-id": "CORR_ID-ec15ad28-894c-4cc9-bd3d-9173442df161",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache"
}
response_body

                                
2022-08-04 04:47:52 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-08-04 04:48:12
TEST-RUNNER
Alias has now been claimed by another test
alias
isva_op_oidc_core_test_gh
new_test_id
hRYeU4LXknAcBvR
Test Results