Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-10-13 07:09:38 INFO
TEST-RUNNER
Test instance HC5j4lbJowHGNVi created
baseUrl
https://www.certification.openid.net/test/a/GC_broker
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
GC_broker
description
GC Broker OIDC RP TEST 0927
planId
FDN4myZlLP3tX
config
{
  "alias": "GC_broker",
  "description": "GC Broker OIDC RP TEST 0927",
  "publish": "everything",
  "consent": {},
  "client": {
    "client_id": "oidc-test-client",
    "client_secret": "123456",
    "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
  }
}
testName
oidcc-client-test-idtoken-sig-rs256
2022-10-13 07:09:38 SUCCESS
OIDCCGenerateServerConfigurationIdTokenSigningAlgRS256Only
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/GC_broker/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/GC_broker/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/GC_broker/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/GC_broker/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/GC_broker/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/GC_broker/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-10-13 07:09:38
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/GC_broker/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/GC_broker/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/GC_broker/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/GC_broker/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/GC_broker/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/GC_broker/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-10-13 07:09:39
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "xP-V7Qzhr71cQO5_Ts-djc0eUUkw1pxEfWGxugmEhcFX4e6KIqB_U1Du4i-2tSWiRB0kyE0mqJxOYZjotRL-FT1muXt6G_aqQFhYAE6tujWsRS-XPafubWJAK9ik19RoPr8l4UoDAgVZLDuNrNLqVbDfUeYMsUgBKx1w4YnUmWc",
      "kty": "RSA",
      "q": "uDCDgxdVCgZaX1JbkwFzxaVdO0WMswAcfKixynWbuxvZ_DQcVTSzm8xulYDwvuGqi56N9Z8R_b2_xphGKczY0kW0yAW5LyLEtxBXiLlhST2NnWgvshILRWFR4dQhxNH3_PpLxvvjiFpeo_kwjvTILqudUPRcYuIK8aGXlfjSTEE",
      "d": "O0qDZ8-zytZ8RGkvqka_C2qhqI4DI1XRBEDY_01TPzNDczxO7c_-ayLv9e7AsUhQayyjnIr9qC5g-4o_zsdszDKUL1KwOJgs1NDECcgCS1s0a8SlcdtT1p1T5mc61F5ADvg6j80NFzJDWgEyGKr-8uxxgXzyMlZIMBMLtREZbUMX7M_wF0nFXFnzP3kjGgQyK7PIvWXLEviXJ2Gc2Tke_dxGuLkTtA6W2269vmPCWR_IoLeGS5fsUMaVgBKJVSTXCzszLGaZKnRUDEOtjlkuDxB4M9B0rV5h8ARbEPOg7OgeFc1BR3tap_wgmVg7qYUFAggwJBgfwcS19wG1xVICgQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "8adca99c-1883-47b2-828e-712248e26596",
      "qi": "jvJDz4-I8uJv1KJ-NltqiTYQIcLJY9Xqfp4klDZfIxtRBS2XsIhrJG_gwXg9JRvSWz5narWuKl5AP-TR5EFFuQ7wgH69mUbOusVWowknuSC_DeyEkUwcVqiP5ivq9wx9U9hWQNOAoN74WWLEp0rqVU4LK556yzEHKovTjbbDhrc",
      "dp": "mW5C8_y7bie6yWu3xccX_BBM05yAqDXPdiP3y2CMUayzaOljtvJwGJEJbSsiT1X_WrOkKUlFmb8boRH59MXVFO_cqQwNn-fu0-y6pYqh7kzNXplhXwkDPzhtqHi0ctEhW_V-aEg_rXxC5pt_jaI8Fv-J_3yAWDcvicgFWfQCnHM",
      "dq": "Y38Ba60M6O9pnhhVE2Izcc7UQBJf4MnsmYJfGCjTyQ1QgaZ8r6Jaa4zRJ72RTuuEPwuVT9tv0ovPrq3PKQFZFq1E7M_6qvWzIdiYEGljnja76w2-xghtQjtCCiWXYES0G1nx2Tl0PdHjUdxoWLDt-hgGURbPWTMWClTqF79jioE",
      "n": "jb0I4igrDZIVfFRqcpllxp_k_K6UWvXosXBDYlKD6a_i7SAwgKEs3FncK0dbbaCs5ZL6NlCuiYxjaT2rzMiTRlF8jtw0D82zTqsio7tsOvSFhezxdys4-GaEUPh5zO51PXSsYP_BlmG3q7O6gXPyH4AmFFxny0OCS7lA7YcYxui5_IZKKCJpjXjca_Zs0qhs1g2DxbL_2IfhOrhFXtgql8UFR7Ep_i036eGXhjyKYeqx_LXhKk-2tYUFu1ts_rsk9N-_KzbgBYLJSPPn9hvPbj6c1OjUFaDB1G2i3GWDxO4a0RJ574fHvwAfXkbZDC3NN2rBbaKW_0_Wha0juwOHJw"
    },
    {
      "kty": "EC",
      "d": "9ehAIYOci7igk_FPvPOckOkpH8fYFcNRfot61s1yx1U",
      "use": "sig",
      "crv": "P-256",
      "kid": "11bade1b-b237-4181-91a9-318569e572e7",
      "x": "gf01XuN4XFspaSnmuDl1EqnWBQ06D--8AAMmMrs1UZE",
      "y": "_9EsAehHvEJ29AEon1oDJ71lKp_uNlgfwXfad-ljzhU"
    },
    {
      "kty": "EC",
      "d": "mM32Fejv2QWnQqarhl4998Ci6X1l49DfomCb2UqeJWI",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "98082591-3586-492f-b6e7-e45fc30aea61",
      "x": "id0M8kmu8XaMJYRZnxJD6ueWY5iUwdyhjI0mkXVKVYM",
      "y": "9UaGgrKBa6dpkhMtVN12i5c6CPucyxJ59EQghdkHhBE"
    },
    {
      "kty": "OKP",
      "d": "1JPX3CHWCqvEWhxFKLOj8ziF4dzUV7YLfLOpZfmkJhQ",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "52e687c6-c715-43a2-ba39-90b9f62b9689",
      "x": "IcrfaxkWBVWYvohPdLAFqp2r_DD6V6rlGoR7nLAlr7g"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "4txPNcz4RuRyfB4Z5YZv9V9i_thsZks7aXeVpBBofK-6bawLj7pGsfNKVuiUCGRyYwlxw-9M-zpWZvFYzIs7sO_Ss9OcSlPlw43Q8UneCU1BkQY4IWzUZmUFbsGSCQuiTRD1xHh3g2I-1JlAjyYdTyzuMzTY7cHrTsbqEwAXlUE",
      "kty": "RSA",
      "q": "q_F80EvDACdcdbWApbSIy-EzyCXy68dsgU64sUCmyCGpa9zFhgqtanARtyg1r0L66q4mDtIrBatPLJRVXAZuxTTGUp8r4RCUEG4hgQe4Bq0JM-H9E1lbxelM9EUzV_CzaqBcl6NAulUvSW_1zrHBBdveFZylvUPYytQnVCL1WUE",
      "d": "NOlmphMlGpALHFlGK-9uT8zXCFhANg8_5Tg4aLci1r-52lDKzik0NjyF-YrDMhFwZXPqG4Owd5QUaDCVYYno0F9Fp9jNeCPx10jTk045SiGv21Dfh6h-lvjD3Axb2nBVj-FPI4FtF54h5IJgaHLNRV7Vi2Y4Ut7qfIFvrAMX-j4NqYdPqlpBi7CfCDfMiC5xr3rI_q50T-VJMUT7_yoYQTcFHhk8Xky9AutK7TWMaX_qeSjxJmjvT6Y09fAikzJQIkHq8Yo3Pgo-3wUkUwzsbUnViyB1IYfJsJfqYnvPla2_V-iHreY-mIjvaIauuprS1B9vIVACQlG2vawDEzBgAQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "bdcc76cf-9a05-4416-8424-563d7064a78d",
      "qi": "DDeRWL-NwYhkxHtK5H3p7SFARl9ckOpvRE1cDecT6660P7_2Acx0FYNBH8WfyJfZ6oVDr_h-oDNA_WdE5PkuhWBxsWrRfZz0VqnKrk7nZaMzW4v2Y8S4e6n73QSH6ww49W321GhEL4QysmqS5501eeNHmHR8LwN54OPqOAbJCAo",
      "dp": "uTtXdb9ZjVDkZZGSZYWijsAGrbz6rX-KEDBzP5WiKwS0_O14Ny_Kn2vd7B5VGJEjkNfaSzhuK8dTWxR_A-w_ndYDvY7v0wSz2ztFOm6s2_13prlkRW598ulTST7GRZp5N-G8OmJ-ewlR8fb77qYZUleGWsswwNkQj6782uy9VME",
      "alg": "RSA-OAEP",
      "dq": "SOTwDT6RRRdq01xHVfjbpdOrqEauXdcF4SwGkN7f1iivMtM9yj3slxs753JckBjNV4DNEat4IccmobehGIqBm4lsKsrgR2JH409NVO54zhu9swkzyWgwyA7IWSadRcL9zU5-8qp7XoOOsIuOojopoto7pN3sRfjlh9e5dKn9agE",
      "n": "mF8o6s4RkTwcIFsZO7_FrXglfop01VxraKM3PfnJIImxJXz8l1GgG-e__r-ZA_G4IVhMTi1D0m0RcEvsrQseJmHAl4bAuZNy7nWawyoN_1vKPfdwHIb3PhBGbTSqbZw-59ju43T4vrnNUfYzjR5S1onDU57xOzpC8kDLh4i3uvYbAQ6ylPCYfJz2j32HybrXDTW0oS5ghS_FDWw_LkHE9NaL0WAbgEIlssHJiyhcR9ajEAZEc4P92A2FnszIkHYDGMO9Nm8Wfr9Pk9-WEcwM_Oeb8yREs8ulJQ6LjJD7lVVYuftbZKfvl1fjmow7QaWnhWpBCuYhLvs1YiKTshV-gQ"
    },
    {
      "kty": "EC",
      "d": "8GDau5mVBJFPy8aGx3s-SvwvlLU82tnilETV1tOBDOk",
      "use": "enc",
      "crv": "P-256",
      "kid": "570102de-236b-4ed6-ae2d-c22c116317b4",
      "x": "tVMuYkSdwVVx4ZLvJc354XEfFza_K7KdnqD4FBtvzaY",
      "y": "IUwQ5jLPd9fI8RpTaPeTPb4lvcCoV_fIRar--qKt22U",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "8adca99c-1883-47b2-828e-712248e26596",
      "n": "jb0I4igrDZIVfFRqcpllxp_k_K6UWvXosXBDYlKD6a_i7SAwgKEs3FncK0dbbaCs5ZL6NlCuiYxjaT2rzMiTRlF8jtw0D82zTqsio7tsOvSFhezxdys4-GaEUPh5zO51PXSsYP_BlmG3q7O6gXPyH4AmFFxny0OCS7lA7YcYxui5_IZKKCJpjXjca_Zs0qhs1g2DxbL_2IfhOrhFXtgql8UFR7Ep_i036eGXhjyKYeqx_LXhKk-2tYUFu1ts_rsk9N-_KzbgBYLJSPPn9hvPbj6c1OjUFaDB1G2i3GWDxO4a0RJ574fHvwAfXkbZDC3NN2rBbaKW_0_Wha0juwOHJw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "71d57986-fad5-4d45-853b-134a809e4eea",
      "n": "gmh7-uvPJp9aFex6xPNfnktpOzZbw_p6IIoeunTApsxEJV2sKWEjXvsxRIlTplWjpKphfAhifhDQV_DdNg11wmlq2i8jBIGxxQz3hSTjRvkj30oCN7ID6kAMZ0G65LFN7RgH3hDOouevzcZGFEy9DBOjyZgpnLBAsUoV5gPcVxoY8chEH9X1yv_iYq3tq2bryy3x8mb3f84-NA_8JipRCCiY-CrAtUNNlXKLPTf9x2iPXi5Z1s9v4zgrf7Tp384RxuPMipzUM_nb49MbiT28iVO0CcJROGUDK7yBolaaetoI807d57yIX2t-rc-d6TX0xAJK5ogqbpg3Cmq5aFnZ-w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "11bade1b-b237-4181-91a9-318569e572e7",
      "x": "gf01XuN4XFspaSnmuDl1EqnWBQ06D--8AAMmMrs1UZE",
      "y": "_9EsAehHvEJ29AEon1oDJ71lKp_uNlgfwXfad-ljzhU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "bb0651c5-170d-408a-9c1a-e6dd6ce9ca5d",
      "x": "K1pQrHMEbWoVeibvF0pLCXWICCxQV4VWfeKUdtNrj6k",
      "y": "Ui1dfwWuSMKQ1VptjX4dgmRz40Pa_eDY3EqdktENmZ0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "98082591-3586-492f-b6e7-e45fc30aea61",
      "x": "id0M8kmu8XaMJYRZnxJD6ueWY5iUwdyhjI0mkXVKVYM",
      "y": "9UaGgrKBa6dpkhMtVN12i5c6CPucyxJ59EQghdkHhBE"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "52e687c6-c715-43a2-ba39-90b9f62b9689",
      "x": "IcrfaxkWBVWYvohPdLAFqp2r_DD6V6rlGoR7nLAlr7g"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "bdcc76cf-9a05-4416-8424-563d7064a78d",
      "alg": "RSA-OAEP",
      "n": "mF8o6s4RkTwcIFsZO7_FrXglfop01VxraKM3PfnJIImxJXz8l1GgG-e__r-ZA_G4IVhMTi1D0m0RcEvsrQseJmHAl4bAuZNy7nWawyoN_1vKPfdwHIb3PhBGbTSqbZw-59ju43T4vrnNUfYzjR5S1onDU57xOzpC8kDLh4i3uvYbAQ6ylPCYfJz2j32HybrXDTW0oS5ghS_FDWw_LkHE9NaL0WAbgEIlssHJiyhcR9ajEAZEc4P92A2FnszIkHYDGMO9Nm8Wfr9Pk9-WEcwM_Oeb8yREs8ulJQ6LjJD7lVVYuftbZKfvl1fjmow7QaWnhWpBCuYhLvs1YiKTshV-gQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "570102de-236b-4ed6-ae2d-c22c116317b4",
      "x": "tVMuYkSdwVVx4ZLvJc354XEfFza_K7KdnqD4FBtvzaY",
      "y": "IUwQ5jLPd9fI8RpTaPeTPb4lvcCoV_fIRar--qKt22U",
      "alg": "ECDH-ES"
    }
  ]
}
2022-10-13 07:09:39 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-10-13 07:09:39 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-10-13 07:09:39 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "profile": "https://example.com/user",
  "updated_at": 1580000000
}
2022-10-13 07:09:39 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
oidc-test-client
client_secret
123456
redirect_uris
[
  "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
]
2022-10-13 07:09:39 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "oidc-test-client",
  "client_secret": "123456",
  "redirect_uris": [
    "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
  ]
}
2022-10-13 07:09:39 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2022-10-13 07:09:39 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2022-10-13 07:09:39 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
]
2022-10-13 07:09:39 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2022-10-13 07:09:39 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2022-10-13 07:09:39 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2022-10-13 07:09:39 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2022-10-13 07:09:39 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2022-10-13 07:09:39 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2022-10-13 07:09:39 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2022-10-13 07:09:39 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-10-13 07:09:39 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2022-10-13 07:09:39 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2022-10-13 07:09:39 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2022-10-13 07:09:39 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2022-10-13 07:09:39 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2022-10-13 07:09:39 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2022-10-13 07:09:39 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2022-10-13 07:09:39 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2022-10-13 07:09:39 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2022-10-13 07:09:39
SetServerSigningAlgToRS256
Successfully set signing algorithm to RS256
2022-10-13 07:09:39
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2022-10-13 07:09:39
oidcc-client-test-idtoken-sig-rs256
Setup Done
2022-10-13 07:09:56 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to /test/a/GC_broker/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "text/plain, application/json, */*",
  "user-agent": "Java/11.0.13",
  "connection": "close"
}
incoming_path
/test/a/GC_broker/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Discovery endpoint
2022-10-13 07:09:56 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance HC5j4lbJowHGNVi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/GC_broker/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/GC_broker/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/GC_broker/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/GC_broker/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/GC_broker/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/GC_broker/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-10-13 07:09:56 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to /test/a/GC_broker/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Chromium\";v\u003d\"106\", \"Google Chrome\";v\u003d\"106\", \"Not;A\u003dBrand\";v\u003d\"99\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://gkidp.ipanda.co.jp/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en",
  "connection": "close"
}
incoming_path
/test/a/GC_broker/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "client_id": "oidc-test-client",
  "response_type": "code",
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01",
  "scope": "openid email phone profile",
  "code_challenge_method": "S256",
  "code_challenge": "78edGG7wvlFvmld1JyZy89pjcwxZXsq5849nJKaEZ2M",
  "state": "g4lqll7ljb79m44ldo0a7ssnou2h9vat"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
Authorization endpoint
2022-10-13 07:09:56 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2022-10-13 07:09:56 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "email",
  "phone",
  "profile"
]
expected
openid
2022-10-13 07:09:56 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "oidc-test-client",
  "response_type": "code",
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01",
  "scope": "openid email phone profile",
  "code_challenge_method": "S256",
  "code_challenge": "78edGG7wvlFvmld1JyZy89pjcwxZXsq5849nJKaEZ2M",
  "state": "g4lqll7ljb79m44ldo0a7ssnou2h9vat"
}
2022-10-13 07:09:56 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid email phone profile
2022-10-13 07:09:56 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2022-10-13 07:09:56 SUCCESS
EnsureAuthorizationRequestContainsPkceCodeChallenge
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
78edGG7wvlFvmld1JyZy89pjcwxZXsq5849nJKaEZ2M
2022-10-13 07:09:56 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2022-10-13 07:09:56 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
oidc-test-client
2022-10-13 07:09:56 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01
expected
[
  "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
]
2022-10-13 07:09:56 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "email",
  "phone",
  "profile"
]
expected
openid
2022-10-13 07:09:56 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2022-10-13 07:09:56 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
NxJxHEGkV8JS1d83pYjJY3xN0arzp2Kl
2022-10-13 07:09:56 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
7Oox3dZ2u8oPB5D3WSy1iA
2022-10-13 07:09:56 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01",
  "state": "g4lqll7ljb79m44ldo0a7ssnou2h9vat"
}
2022-10-13 07:09:56 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01",
  "state": "g4lqll7ljb79m44ldo0a7ssnou2h9vat",
  "code": "NxJxHEGkV8JS1d83pYjJY3xN0arzp2Kl"
}
2022-10-13 07:09:56
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01?state=g4lqll7ljb79m44ldo0a7ssnou2h9vat&code=NxJxHEGkV8JS1d83pYjJY3xN0arzp2Kl
2022-10-13 07:09:57 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance HC5j4lbJowHGNVi
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01?state=g4lqll7ljb79m44ldo0a7ssnou2h9vat&code=NxJxHEGkV8JS1d83pYjJY3xN0arzp2Kl]
outgoing_path
authorize
2022-10-13 07:09:57 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to /test/a/GC_broker/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "authorization": "Basic b2lkYy10ZXN0LWNsaWVudDoxMjM0NTY\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "user-agent": "Java/11.0.13",
  "connection": "close",
  "content-length": "241"
}
incoming_path
/test/a/GC_broker/token
incoming_body_form_params
{
  "client_id": "oidc-test-client",
  "grant_type": "authorization_code",
  "code": "NxJxHEGkV8JS1d83pYjJY3xN0arzp2Kl",
  "code_verifier": "912274c1-49eb-4efa-8dab-8d5aa6675ca5",
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
client_id=oidc-test-client&grant_type=authorization_code&code=NxJxHEGkV8JS1d83pYjJY3xN0arzp2Kl&code_verifier=912274c1-49eb-4efa-8dab-8d5aa6675ca5&redirect_uri=https%3A%2F%2Fgkidp.ipanda.co.jp%2Fgkidp%2Fglobal_login%2FDM001003%2Fcallback%2F01
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Token endpoint
2022-10-13 07:09:57 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
oidc-test-client
2022-10-13 07:09:57 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
oidc-test-client
client_secret
123456
method
client_secret_basic
2022-10-13 07:09:57 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2022-10-13 07:09:57 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
NxJxHEGkV8JS1d83pYjJY3xN0arzp2Kl
2022-10-13 07:09:57 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01
2022-10-13 07:09:57 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
sgYEK7nDvJzxMmVLMOV5S0cOdUFbDqgvnurAXQFuXawNvKX9B3
2022-10-13 07:09:57 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
3SDbKPBtEuK-fSJ5FtjWUA
2022-10-13 07:09:57 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/GC_broker/
sub
user-subject-1234531
aud
oidc-test-client
iat
1665644997
exp
1665645297
2022-10-13 07:09:57 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
3SDbKPBtEuK-fSJ5FtjWUA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/GC_broker/",
  "sub": "user-subject-1234531",
  "aud": "oidc-test-client",
  "iat": 1665644997,
  "exp": 1665645297,
  "at_hash": "3SDbKPBtEuK-fSJ5FtjWUA"
}
2022-10-13 07:09:57 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiI4YWRjYTk5Yy0xODgzLTQ3YjItODI4ZS03MTIyNDhlMjY1OTYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiM1NEYktQQnRFdUstZlNKNUZ0aldVQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoib2lkYy10ZXN0LWNsaWVudCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9HQ19icm9rZXJcLyIsImV4cCI6MTY2NTY0NTI5NywiaWF0IjoxNjY1NjQ0OTk3fQ.JMIkSu7MlPBvowp9NaUV3d5Iaw0hZBzwMujZVkpnXFFttz8riom1Xxk7fkG3tD4tL_PjGAOvS8w5vnBhi71YtbbTCfOPWFcXLrGrno-ciOaXp84iWhvkDIikCHmYHwC0KclUpvVo-FAhE58KioDQpA-AStuFYCtUhxBYetXl9jiQUkzqRfsqgDfnWt0Sj3FvYfE-R02ql5uA-B5s6pOWxXBZ88DMPND1-NWrI-tTISKASzZs9k7kxB51e_832uQaRuvCbndxpggxwcEQLFcRooFhkooTHJZORSdyalg9rQ108XA9aWfUcFfFBWQTIHZiO6L-9hj7IBs3DcR-mV_ZZg
key
{"p":"xP-V7Qzhr71cQO5_Ts-djc0eUUkw1pxEfWGxugmEhcFX4e6KIqB_U1Du4i-2tSWiRB0kyE0mqJxOYZjotRL-FT1muXt6G_aqQFhYAE6tujWsRS-XPafubWJAK9ik19RoPr8l4UoDAgVZLDuNrNLqVbDfUeYMsUgBKx1w4YnUmWc","kty":"RSA","q":"uDCDgxdVCgZaX1JbkwFzxaVdO0WMswAcfKixynWbuxvZ_DQcVTSzm8xulYDwvuGqi56N9Z8R_b2_xphGKczY0kW0yAW5LyLEtxBXiLlhST2NnWgvshILRWFR4dQhxNH3_PpLxvvjiFpeo_kwjvTILqudUPRcYuIK8aGXlfjSTEE","d":"O0qDZ8-zytZ8RGkvqka_C2qhqI4DI1XRBEDY_01TPzNDczxO7c_-ayLv9e7AsUhQayyjnIr9qC5g-4o_zsdszDKUL1KwOJgs1NDECcgCS1s0a8SlcdtT1p1T5mc61F5ADvg6j80NFzJDWgEyGKr-8uxxgXzyMlZIMBMLtREZbUMX7M_wF0nFXFnzP3kjGgQyK7PIvWXLEviXJ2Gc2Tke_dxGuLkTtA6W2269vmPCWR_IoLeGS5fsUMaVgBKJVSTXCzszLGaZKnRUDEOtjlkuDxB4M9B0rV5h8ARbEPOg7OgeFc1BR3tap_wgmVg7qYUFAggwJBgfwcS19wG1xVICgQ","e":"AQAB","use":"sig","kid":"8adca99c-1883-47b2-828e-712248e26596","qi":"jvJDz4-I8uJv1KJ-NltqiTYQIcLJY9Xqfp4klDZfIxtRBS2XsIhrJG_gwXg9JRvSWz5narWuKl5AP-TR5EFFuQ7wgH69mUbOusVWowknuSC_DeyEkUwcVqiP5ivq9wx9U9hWQNOAoN74WWLEp0rqVU4LK556yzEHKovTjbbDhrc","dp":"mW5C8_y7bie6yWu3xccX_BBM05yAqDXPdiP3y2CMUayzaOljtvJwGJEJbSsiT1X_WrOkKUlFmb8boRH59MXVFO_cqQwNn-fu0-y6pYqh7kzNXplhXwkDPzhtqHi0ctEhW_V-aEg_rXxC5pt_jaI8Fv-J_3yAWDcvicgFWfQCnHM","dq":"Y38Ba60M6O9pnhhVE2Izcc7UQBJf4MnsmYJfGCjTyQ1QgaZ8r6Jaa4zRJ72RTuuEPwuVT9tv0ovPrq3PKQFZFq1E7M_6qvWzIdiYEGljnja76w2-xghtQjtCCiWXYES0G1nx2Tl0PdHjUdxoWLDt-hgGURbPWTMWClTqF79jioE","n":"jb0I4igrDZIVfFRqcpllxp_k_K6UWvXosXBDYlKD6a_i7SAwgKEs3FncK0dbbaCs5ZL6NlCuiYxjaT2rzMiTRlF8jtw0D82zTqsio7tsOvSFhezxdys4-GaEUPh5zO51PXSsYP_BlmG3q7O6gXPyH4AmFFxny0OCS7lA7YcYxui5_IZKKCJpjXjca_Zs0qhs1g2DxbL_2IfhOrhFXtgql8UFR7Ep_i036eGXhjyKYeqx_LXhKk-2tYUFu1ts_rsk9N-_KzbgBYLJSPPn9hvPbj6c1OjUFaDB1G2i3GWDxO4a0RJ574fHvwAfXkbZDC3NN2rBbaKW_0_Wha0juwOHJw"}
algorithm
RS256
2022-10-13 07:09:57 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2022-10-13 07:09:57 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
sgYEK7nDvJzxMmVLMOV5S0cOdUFbDqgvnurAXQFuXawNvKX9B3
token_type
Bearer
id_token
eyJraWQiOiI4YWRjYTk5Yy0xODgzLTQ3YjItODI4ZS03MTIyNDhlMjY1OTYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiM1NEYktQQnRFdUstZlNKNUZ0aldVQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoib2lkYy10ZXN0LWNsaWVudCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9HQ19icm9rZXJcLyIsImV4cCI6MTY2NTY0NTI5NywiaWF0IjoxNjY1NjQ0OTk3fQ.JMIkSu7MlPBvowp9NaUV3d5Iaw0hZBzwMujZVkpnXFFttz8riom1Xxk7fkG3tD4tL_PjGAOvS8w5vnBhi71YtbbTCfOPWFcXLrGrno-ciOaXp84iWhvkDIikCHmYHwC0KclUpvVo-FAhE58KioDQpA-AStuFYCtUhxBYetXl9jiQUkzqRfsqgDfnWt0Sj3FvYfE-R02ql5uA-B5s6pOWxXBZ88DMPND1-NWrI-tTISKASzZs9k7kxB51e_832uQaRuvCbndxpggxwcEQLFcRooFhkooTHJZORSdyalg9rQ108XA9aWfUcFfFBWQTIHZiO6L-9hj7IBs3DcR-mV_ZZg
scope
openid email phone profile
2022-10-13 07:09:57 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance HC5j4lbJowHGNVi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "sgYEK7nDvJzxMmVLMOV5S0cOdUFbDqgvnurAXQFuXawNvKX9B3",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiI4YWRjYTk5Yy0xODgzLTQ3YjItODI4ZS03MTIyNDhlMjY1OTYiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiM1NEYktQQnRFdUstZlNKNUZ0aldVQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoib2lkYy10ZXN0LWNsaWVudCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9HQ19icm9rZXJcLyIsImV4cCI6MTY2NTY0NTI5NywiaWF0IjoxNjY1NjQ0OTk3fQ.JMIkSu7MlPBvowp9NaUV3d5Iaw0hZBzwMujZVkpnXFFttz8riom1Xxk7fkG3tD4tL_PjGAOvS8w5vnBhi71YtbbTCfOPWFcXLrGrno-ciOaXp84iWhvkDIikCHmYHwC0KclUpvVo-FAhE58KioDQpA-AStuFYCtUhxBYetXl9jiQUkzqRfsqgDfnWt0Sj3FvYfE-R02ql5uA-B5s6pOWxXBZ88DMPND1-NWrI-tTISKASzZs9k7kxB51e_832uQaRuvCbndxpggxwcEQLFcRooFhkooTHJZORSdyalg9rQ108XA9aWfUcFfFBWQTIHZiO6L-9hj7IBs3DcR-mV_ZZg",
  "scope": "openid email phone profile"
}
outgoing_path
token
2022-10-13 07:09:57 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to /test/a/GC_broker/jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Java/11.0.13",
  "accept": "text/html, image/gif, image/jpeg, *; q\u003d.2, */*; q\u003d.2",
  "connection": "close"
}
incoming_path
/test/a/GC_broker/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Jwks endpoint
2022-10-13 07:09:57 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance HC5j4lbJowHGNVi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "8adca99c-1883-47b2-828e-712248e26596",
      "n": "jb0I4igrDZIVfFRqcpllxp_k_K6UWvXosXBDYlKD6a_i7SAwgKEs3FncK0dbbaCs5ZL6NlCuiYxjaT2rzMiTRlF8jtw0D82zTqsio7tsOvSFhezxdys4-GaEUPh5zO51PXSsYP_BlmG3q7O6gXPyH4AmFFxny0OCS7lA7YcYxui5_IZKKCJpjXjca_Zs0qhs1g2DxbL_2IfhOrhFXtgql8UFR7Ep_i036eGXhjyKYeqx_LXhKk-2tYUFu1ts_rsk9N-_KzbgBYLJSPPn9hvPbj6c1OjUFaDB1G2i3GWDxO4a0RJ574fHvwAfXkbZDC3NN2rBbaKW_0_Wha0juwOHJw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "71d57986-fad5-4d45-853b-134a809e4eea",
      "n": "gmh7-uvPJp9aFex6xPNfnktpOzZbw_p6IIoeunTApsxEJV2sKWEjXvsxRIlTplWjpKphfAhifhDQV_DdNg11wmlq2i8jBIGxxQz3hSTjRvkj30oCN7ID6kAMZ0G65LFN7RgH3hDOouevzcZGFEy9DBOjyZgpnLBAsUoV5gPcVxoY8chEH9X1yv_iYq3tq2bryy3x8mb3f84-NA_8JipRCCiY-CrAtUNNlXKLPTf9x2iPXi5Z1s9v4zgrf7Tp384RxuPMipzUM_nb49MbiT28iVO0CcJROGUDK7yBolaaetoI807d57yIX2t-rc-d6TX0xAJK5ogqbpg3Cmq5aFnZ-w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "11bade1b-b237-4181-91a9-318569e572e7",
      "x": "gf01XuN4XFspaSnmuDl1EqnWBQ06D--8AAMmMrs1UZE",
      "y": "_9EsAehHvEJ29AEon1oDJ71lKp_uNlgfwXfad-ljzhU"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "bb0651c5-170d-408a-9c1a-e6dd6ce9ca5d",
      "x": "K1pQrHMEbWoVeibvF0pLCXWICCxQV4VWfeKUdtNrj6k",
      "y": "Ui1dfwWuSMKQ1VptjX4dgmRz40Pa_eDY3EqdktENmZ0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "98082591-3586-492f-b6e7-e45fc30aea61",
      "x": "id0M8kmu8XaMJYRZnxJD6ueWY5iUwdyhjI0mkXVKVYM",
      "y": "9UaGgrKBa6dpkhMtVN12i5c6CPucyxJ59EQghdkHhBE"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "52e687c6-c715-43a2-ba39-90b9f62b9689",
      "x": "IcrfaxkWBVWYvohPdLAFqp2r_DD6V6rlGoR7nLAlr7g"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "bdcc76cf-9a05-4416-8424-563d7064a78d",
      "alg": "RSA-OAEP",
      "n": "mF8o6s4RkTwcIFsZO7_FrXglfop01VxraKM3PfnJIImxJXz8l1GgG-e__r-ZA_G4IVhMTi1D0m0RcEvsrQseJmHAl4bAuZNy7nWawyoN_1vKPfdwHIb3PhBGbTSqbZw-59ju43T4vrnNUfYzjR5S1onDU57xOzpC8kDLh4i3uvYbAQ6ylPCYfJz2j32HybrXDTW0oS5ghS_FDWw_LkHE9NaL0WAbgEIlssHJiyhcR9ajEAZEc4P92A2FnszIkHYDGMO9Nm8Wfr9Pk9-WEcwM_Oeb8yREs8ulJQ6LjJD7lVVYuftbZKfvl1fjmow7QaWnhWpBCuYhLvs1YiKTshV-gQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "570102de-236b-4ed6-ae2d-c22c116317b4",
      "x": "tVMuYkSdwVVx4ZLvJc354XEfFza_K7KdnqD4FBtvzaY",
      "y": "IUwQ5jLPd9fI8RpTaPeTPb4lvcCoV_fIRar--qKt22U",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2022-10-13 07:09:58 INCOMING
oidcc-client-test-idtoken-sig-rs256
Incoming HTTP request to /test/a/GC_broker/userinfo
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "text/plain, application/json, */*",
  "authorization": "Bearer sgYEK7nDvJzxMmVLMOV5S0cOdUFbDqgvnurAXQFuXawNvKX9B3",
  "user-agent": "Java/11.0.13",
  "connection": "close"
}
incoming_path
/test/a/GC_broker/userinfo
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Userinfo endpoint
2022-10-13 07:09:58 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
sgYEK7nDvJzxMmVLMOV5S0cOdUFbDqgvnurAXQFuXawNvKX9B3
2022-10-13 07:09:58 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
sgYEK7nDvJzxMmVLMOV5S0cOdUFbDqgvnurAXQFuXawNvKX9B3
2022-10-13 07:09:58 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
email
user@example.com
email_verified
false
phone_number_verified
false
phone_number
+1 555 5550000
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
profile
https://example.com/user
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
2022-10-13 07:09:58
ClearAccessTokenFromRequest
Removed incoming access token from environment
2022-10-13 07:09:58 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-10-13 07:09:58 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-10-13 07:09:58 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2022-10-13 07:09:58 OUTGOING
oidcc-client-test-idtoken-sig-rs256
Response to HTTP request to test instance HC5j4lbJowHGNVi
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "email": "user@example.com",
  "email_verified": false,
  "phone_number_verified": false,
  "phone_number": "+1 555 5550000",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "profile": "https://example.com/user",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": 1580000000,
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User"
}
outgoing_path
userinfo
2022-10-13 07:09:58 FINISHED
oidcc-client-test-idtoken-sig-rs256
Test has run to completion
testmodule_result
PASSED
2022-10-13 07:10:32
TEST-RUNNER
Alias has now been claimed by another test
alias
GC_broker
new_test_id
MOSbsirYih7lIo7
Test Results