Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-10-13 07:13:10 INFO
TEST-RUNNER
Test instance P7A30Dz36B1bIBd created
baseUrl
https://www.certification.openid.net/test/a/GC_broker
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
GC_broker
description
GC Broker OIDC RP TEST 0927
planId
FDN4myZlLP3tX
config
{
  "alias": "GC_broker",
  "description": "GC Broker OIDC RP TEST 0927",
  "publish": "everything",
  "consent": {},
  "client": {
    "client_id": "oidc-test-client",
    "client_secret": "123456",
    "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
  }
}
testName
oidcc-client-test-userinfo-invalid-sub
2022-10-13 07:13:10 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/GC_broker/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/GC_broker/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/GC_broker/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/GC_broker/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/GC_broker/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/GC_broker/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-10-13 07:13:10
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/GC_broker/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/GC_broker/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/GC_broker/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/GC_broker/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/GC_broker/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/GC_broker/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-10-13 07:13:11
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "--Dz6tgnfR6hdafCNICYq8MnkCCNx4f4kE0I_1xrTqJ10o4_Qi3XGqmZiEHIL6AIfqso-Y-8_MuBuFvzJIbI_fu4JhRcpu2fkGJpcWOH6S0Y4mJQPewX1X_jBohUhqMirFABMtISfPKQKd39gmrwBoBh85rLORFAR6V3MALZrlU",
      "kty": "RSA",
      "q": "n_-7fPSuLD-O7nrNtguOrdm_v6-H7MnEyMM6c-JqYGKC9eDUZFuoS6vzRYIhZj-43WxrLU_ro7ea3N11EmfHrJgkeRoZl1Nxuw1ZzCfWVt7D5fP7Io4fpYDOtCSkxd4WAP3IJN88dqCDNqiSjj0cSMmde1nvjF32gDNkhnwlQR8",
      "d": "j_0Oq3P7Ohuro09CC7BMd4YAlduarMMp7VABfuEYlxYhTXXiVJ9ym3i8uIuMZd7T54j292oklVqfTkcuR_tB0tuyQuPMNqIcNobGF1WuI1NUrLMZC_SyOZN5ZeUeOyaXNQ45M5Mny3--kXtFw-XgYo58OjxI_E1FJ3gGanw9kEwbOriFwEXL8BCoKtZ6gxmwLfaIF59YpOCUtU5nWK9K_Y6nLrOYuTVzCpi3yVUugu95p645nBwLeIbrCcgrQmXJ2FWjmx50GIH9usNyRfGnMArZCFM3pUQo1A8Kwq12cEGM7KJ8ExQKmssiEKoEu7CNPNF8vrxe7q5fdgUMdfS5wQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "f1a63399-9f73-43ce-a75a-6178451af73d",
      "qi": "SYsryZo7DNKUIHPfhLZNKXCVlzjsvhMM1HMXFC3yCnsbm66itDH2O8xuxhYieGW-jFnWkbbByBjDsNMbZBidU668nI_FSuWV5bnnUJ0vjFSMOrnZ7eG6TiKHpGOGGnguw6olAcG5B6MMoSePBCzjO1BvnFkKcwEoBM_Rzy8-vpE",
      "dp": "Gr3hZ7eXSbNs1P8AoW5dxy6rDqRGKT8IZtmm8OWxBuI8vCQaFz6irdP_1vWU-Wl2PWySpxxZpkU8-oPYprIguMZ24KQcyiREYqHwK_ezQFBnafGiL1DXnvU690CWKM09Kyo7VlfzWoyuPaOx_Jy56xbKT4DJvr9UIccxhklnLxk",
      "dq": "SZAW79i_y_BdEyC7PBwMObqIAuX9pM0QAQ5h7a4IItCoTcxVWt8ZfdFNRIQUPyLFKGkUzfyU5u0f8rSPgyrcD2rUOinZ4k2nWM1GoCsgzUgW4b9PlA-sVTfn0cOXTrJRg5srTmilMBWUvqi62VMXkg_ArFopXWxGTaNTcNHbfxk",
      "n": "nWxVChcOTpwF3z93uj6gIbKMQ8R8iKbSu62FIxlHre3_IIWVyoE-Ze3b7VAR-hpq0-EbtalFhinWj7oD0qtYppQ7CA4BAEziR2sGcvtpO7FixZOViYFgPG2u3QrqlF2w7E9S_rhnclCaxhBLKPILcnuaxYLmlWWl0vVMGL85E0hYkTLgEKrwWqfMsgzhmlmnv01sXfh1x-NhbMvSzTrClSfzgUO38p3BsTJ7KZv-3UCtz8wNOb4L-zZtUn-Aq-EKgWkOxLH17AWrxMVP1CgnheAIaRG9cWsYkto-fhDgq2pXVh7K9KYHWehZgPojD8vYCowqqSBv3RPsl-3u--ixSw"
    },
    {
      "kty": "EC",
      "d": "LBgnXebK6rylPEU3gltdzAqhCb_tDvQJK2bOPRV8GA0",
      "use": "sig",
      "crv": "P-256",
      "kid": "f86a336f-3888-414a-b09d-34b8b69e46df",
      "x": "cyKjctxIcILsk3Scqjj_q3gjIC5V-9FfewS1BYuDT5M",
      "y": "qCld4NfQjcGNLdds34MCxi0W0iotrDdSmUpfEV46keM"
    },
    {
      "kty": "EC",
      "d": "M-iNtspBmQKETw0rf7Hk-7ACKug3osOgL5Z-t5v8w3I",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "f9a61d39-fa0c-499f-a226-76a37bb509f7",
      "x": "Sk7fNLnIawYl8eYifsnJFdZI_5lBc3mCu_7T_eAjLe4",
      "y": "pHqNOEl5VEGyulEQGFkT8mUtp4mPkOctxPVrJ91nQ9c"
    },
    {
      "kty": "OKP",
      "d": "ULHlYwX_-nN92xztmMrcd_xSVOs30oHwRxWb8TJeyzw",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "fabb7861-d4c8-4cd5-8d3c-4c407c4b560f",
      "x": "Ua0DRbBDOKE7KthYHCagLiWx4wC_uHTNt1VLoq3LqHY"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "1ceS8LVNEjRyrWBbobgnx0LrWP-0L4EpysVkbtnAn91oiMCwsWQs4zVHtWejHAdTJHBXkpHjqAhoEJshssbCmyXPWWCOt7SfMX5UslklV_CxislM3ArGXzQe2oEOPLaJrg8GNvmqWseukGaUTIDIx05bOFsx5B6QkLrscLo67Ks",
      "kty": "RSA",
      "q": "wOISD8BrbmZQEif3ARK4n3sncK7Lp_mcGe00uw6MusiDBLdWXWefkQJlv7GmEMdGK8DomTRwJ9NcBH54mvBS2z6MSil2cfug0SxZNfi7c-gFV5p_IdlCYRbpgfmm1oel5fRsOB5bKb0L8DNKKZy5HW3D_X563tpwxOun27ljqyc",
      "d": "ayAAC-k8LvxWZiuqc2MUY5tDUyJBjMCYYQlNE2PWKbs-V0trdw2NOF4xTChOqldNFdEDcRRu9fZ5OknMZuBAHjllJnjTer8maNhjv43SsFpl4GTX6mUicmkkQ8ROIYgy0edKuYG_CcWRTLEaGCDXilr47Tfo3JFJCRQOKdLpGqMX2aVAXVm1VfrmuM7i69MTFHpKN4rYB3-EywjR2StI9Mj6p85_WXkCou-2xyjQEggCbHx09kaKkwYebmRy4XOz5ku4vRwOI5RXz5i_qE9YEEU36rn0uALHqdmHT7LXxHSo2CGkOcCVvx3L8l-TeZXFUB5uvE1dRDyiLAMK-gy0tQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "bf14c950-9779-4a97-80c9-59d10fe2ffa3",
      "qi": "GvqtSP3ncljYuDXqYwBNDkgkenRPYm6VnfojuvVI8ANAy3WVw-S_56wN-ucTBIXF7guTxrxGeyQoi5RbHTtT5suruWpFyUYMpXWvH441zF3Ms3k9fSJwDE6k__nhWeFMnSZx3jM4712en-8hpn58Y-KrLloApZxC1_C1_5FCCkg",
      "dp": "qfwCA_I1cUdQ9DlNQx8aSiAU4PSZwrgykfA49segmb1E1JBbLwJXiuafuUfJ84yDeNL3Xy0v1zmv_ZxMxEm1DgaXhBr6AGrXtlQcZp_pyK4zjgaYXdMXfzYDXn0F5BLFESkTKP2Gjp5-WIWoX9h7TbcpY3toBVqkWuC3Br-eAPc",
      "alg": "RSA-OAEP",
      "dq": "iJ6YVHfioGvvwyxzlFsCUlQU94eX0P7IRsTxWJ1RqOtlge2qSrafG0MrdsAJ9FBxr4QQPJQb7NmUj8pU-snGpmyDSfRcZRfqLL7Q4Z2wiMSLJCXWbs9IaSSleN6wAbxLEboy_PzjbYjt79Ekcp0DsYiSDfeMaFUpExIn70Y9Bnk",
      "n": "oRJ3eXAvyVuXNhx3OP9qz2h2WXu5rcxJSPZWzMK-nyPGVsha1uMNU3lSsUETQyxAhN3apXNPmnJ3UJ4CAzvxZtg9aRpOZ_wbXp4r959Em3AL52smDHgmPoxgR9h-2c7Lo9kxXq-4jeEW1MHV60jSPH-EYTJLK2ARQgc-QyNkY86BXVDKUr1dFjgYXVhxafME6HmZLEhWHzYZSl_GX1NZ-p5nRIB9Sl7gUkMhld48MbYi4fjWHeVB-u8N4nylHAUmAoel0qd5JvhYuNxcavyMw9GdaFALRRx3R6CUrq_hSUn2fXNFIyB6pMhJkbJIDUTmCD6RLcB7Td-8Wu6r1DFHDQ"
    },
    {
      "kty": "EC",
      "d": "w6Vt7_hVXZKg-LigJB0E1PD3_Jc0mYDf10EJJlgURW0",
      "use": "enc",
      "crv": "P-256",
      "kid": "8f736ebc-7aa0-4010-98ed-d6d6b85ee9a2",
      "x": "aQqaiWDIMb3g-Rc_xa30PVGw9x8y-XTDj_7ETtQaO6k",
      "y": "22JRrTEykFAr_qHUil4Iug6_gV4S4CiOfSUM1t4GncI",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "f1a63399-9f73-43ce-a75a-6178451af73d",
      "n": "nWxVChcOTpwF3z93uj6gIbKMQ8R8iKbSu62FIxlHre3_IIWVyoE-Ze3b7VAR-hpq0-EbtalFhinWj7oD0qtYppQ7CA4BAEziR2sGcvtpO7FixZOViYFgPG2u3QrqlF2w7E9S_rhnclCaxhBLKPILcnuaxYLmlWWl0vVMGL85E0hYkTLgEKrwWqfMsgzhmlmnv01sXfh1x-NhbMvSzTrClSfzgUO38p3BsTJ7KZv-3UCtz8wNOb4L-zZtUn-Aq-EKgWkOxLH17AWrxMVP1CgnheAIaRG9cWsYkto-fhDgq2pXVh7K9KYHWehZgPojD8vYCowqqSBv3RPsl-3u--ixSw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "347b1233-ae61-4248-aae5-1496a0bd0086",
      "n": "-mWdzoOdN4iCMp_EUmyBfaWlovIFCZ3ua47F4G2Vf_7UexTFSmFfmpPHQFRINWhAWGMUh6stC1KxvefOaGNJhKppbqqyOvWO7iEW8GqEMbcOwI4eJitqMLIg1niRo2RfhhR5N6T7Z7hBmPJl5K4uv77TY5lgRgOpBNsJ2neiZ0ah4VOOwo7uuwSLHAzBQv-Krq_F--IcK7TniKXkQmhRMPXkE9u_wwar_3lsK6G3x_7RBMmzZ9gQMGX79zQ8PGFH7vicGDq-BkxasCRkXzQktOB7lE-Lt2ZlW5SGGVT0ejDTzw1h26ukHz93Bj58MNqYxLU_TZnrviO1RCut24eQQw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "f86a336f-3888-414a-b09d-34b8b69e46df",
      "x": "cyKjctxIcILsk3Scqjj_q3gjIC5V-9FfewS1BYuDT5M",
      "y": "qCld4NfQjcGNLdds34MCxi0W0iotrDdSmUpfEV46keM"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "cd756a91-52af-4f0c-9b82-25313fe7e284",
      "x": "-uEvaYOQWHhJQgqe4CMxIjzyeCUIX4jml4AdU8nmw24",
      "y": "FdGNxvh9IzyJbA-Ooa4pTxsT-C89aqajyT6Mbo8n6Dc"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "f9a61d39-fa0c-499f-a226-76a37bb509f7",
      "x": "Sk7fNLnIawYl8eYifsnJFdZI_5lBc3mCu_7T_eAjLe4",
      "y": "pHqNOEl5VEGyulEQGFkT8mUtp4mPkOctxPVrJ91nQ9c"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "fabb7861-d4c8-4cd5-8d3c-4c407c4b560f",
      "x": "Ua0DRbBDOKE7KthYHCagLiWx4wC_uHTNt1VLoq3LqHY"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "bf14c950-9779-4a97-80c9-59d10fe2ffa3",
      "alg": "RSA-OAEP",
      "n": "oRJ3eXAvyVuXNhx3OP9qz2h2WXu5rcxJSPZWzMK-nyPGVsha1uMNU3lSsUETQyxAhN3apXNPmnJ3UJ4CAzvxZtg9aRpOZ_wbXp4r959Em3AL52smDHgmPoxgR9h-2c7Lo9kxXq-4jeEW1MHV60jSPH-EYTJLK2ARQgc-QyNkY86BXVDKUr1dFjgYXVhxafME6HmZLEhWHzYZSl_GX1NZ-p5nRIB9Sl7gUkMhld48MbYi4fjWHeVB-u8N4nylHAUmAoel0qd5JvhYuNxcavyMw9GdaFALRRx3R6CUrq_hSUn2fXNFIyB6pMhJkbJIDUTmCD6RLcB7Td-8Wu6r1DFHDQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "8f736ebc-7aa0-4010-98ed-d6d6b85ee9a2",
      "x": "aQqaiWDIMb3g-Rc_xa30PVGw9x8y-XTDj_7ETtQaO6k",
      "y": "22JRrTEykFAr_qHUil4Iug6_gV4S4CiOfSUM1t4GncI",
      "alg": "ECDH-ES"
    }
  ]
}
2022-10-13 07:13:11 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-10-13 07:13:11 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-10-13 07:13:11 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "profile": "https://example.com/user",
  "updated_at": 1580000000
}
2022-10-13 07:13:11 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
oidc-test-client
client_secret
123456
redirect_uris
[
  "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
]
2022-10-13 07:13:11 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "oidc-test-client",
  "client_secret": "123456",
  "redirect_uris": [
    "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
  ]
}
2022-10-13 07:13:11 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2022-10-13 07:13:11 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2022-10-13 07:13:11 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
]
2022-10-13 07:13:11 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2022-10-13 07:13:11 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2022-10-13 07:13:11 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2022-10-13 07:13:11 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2022-10-13 07:13:11 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2022-10-13 07:13:11 INFO
ValidateIdTokenSignedResponseAlg
Skipped evaluation due to missing required element: client id_token_signed_response_alg
path
id_token_signed_response_alg
mapped
object
client
2022-10-13 07:13:11 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2022-10-13 07:13:11 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-10-13 07:13:11 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2022-10-13 07:13:11 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2022-10-13 07:13:11 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2022-10-13 07:13:11 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2022-10-13 07:13:11 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2022-10-13 07:13:11 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2022-10-13 07:13:11 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2022-10-13 07:13:11 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2022-10-13 07:13:11 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2022-10-13 07:13:11 SUCCESS
OIDCCExtractServerSigningAlg
Using the default algorithm for the first key in server jwks
signing_algorithm
RS256
2022-10-13 07:13:11
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
RS256
2022-10-13 07:13:11
oidcc-client-test-userinfo-invalid-sub
Setup Done
2022-10-13 07:13:30 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to /test/a/GC_broker/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "text/plain, application/json, */*",
  "user-agent": "Java/11.0.13",
  "connection": "close"
}
incoming_path
/test/a/GC_broker/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Discovery endpoint
2022-10-13 07:13:30 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance P7A30Dz36B1bIBd
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/GC_broker/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/GC_broker/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/GC_broker/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/GC_broker/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/GC_broker/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/GC_broker/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-10-13 07:13:31 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to /test/a/GC_broker/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Chromium\";v\u003d\"106\", \"Google Chrome\";v\u003d\"106\", \"Not;A\u003dBrand\";v\u003d\"99\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://gkidp.ipanda.co.jp/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en",
  "connection": "close"
}
incoming_path
/test/a/GC_broker/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "client_id": "oidc-test-client",
  "response_type": "code",
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01",
  "scope": "openid email phone profile",
  "code_challenge_method": "S256",
  "code_challenge": "OO96p78SYgLbNYft2TOzDvotmvn1K7mi-Uv_kKtQUpQ",
  "state": "q69auivjg81gdngq43chbcovpn53vr3v"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
Authorization endpoint
2022-10-13 07:13:31 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2022-10-13 07:13:31 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "email",
  "phone",
  "profile"
]
expected
openid
2022-10-13 07:13:31 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "oidc-test-client",
  "response_type": "code",
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01",
  "scope": "openid email phone profile",
  "code_challenge_method": "S256",
  "code_challenge": "OO96p78SYgLbNYft2TOzDvotmvn1K7mi-Uv_kKtQUpQ",
  "state": "q69auivjg81gdngq43chbcovpn53vr3v"
}
2022-10-13 07:13:31 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid email phone profile
2022-10-13 07:13:31 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2022-10-13 07:13:31 SUCCESS
EnsureAuthorizationRequestContainsPkceCodeChallenge
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
OO96p78SYgLbNYft2TOzDvotmvn1K7mi-Uv_kKtQUpQ
2022-10-13 07:13:31 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2022-10-13 07:13:31 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
oidc-test-client
2022-10-13 07:13:31 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01
expected
[
  "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
]
2022-10-13 07:13:31 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "email",
  "phone",
  "profile"
]
expected
openid
2022-10-13 07:13:31 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2022-10-13 07:13:31 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
1URi5fBP0Aw2FDoXReDvalXJm4MPwwfi
2022-10-13 07:13:31 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
7mPqi1g6SDUjQh1VHLeTIg
2022-10-13 07:13:31 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01",
  "state": "q69auivjg81gdngq43chbcovpn53vr3v"
}
2022-10-13 07:13:31 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01",
  "state": "q69auivjg81gdngq43chbcovpn53vr3v",
  "code": "1URi5fBP0Aw2FDoXReDvalXJm4MPwwfi"
}
2022-10-13 07:13:31
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01?state=q69auivjg81gdngq43chbcovpn53vr3v&code=1URi5fBP0Aw2FDoXReDvalXJm4MPwwfi
2022-10-13 07:13:31 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance P7A30Dz36B1bIBd
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01?state=q69auivjg81gdngq43chbcovpn53vr3v&code=1URi5fBP0Aw2FDoXReDvalXJm4MPwwfi]
outgoing_path
authorize
2022-10-13 07:13:31 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to /test/a/GC_broker/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "authorization": "Basic b2lkYy10ZXN0LWNsaWVudDoxMjM0NTY\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "user-agent": "Java/11.0.13",
  "connection": "close",
  "content-length": "241"
}
incoming_path
/test/a/GC_broker/token
incoming_body_form_params
{
  "client_id": "oidc-test-client",
  "grant_type": "authorization_code",
  "code": "1URi5fBP0Aw2FDoXReDvalXJm4MPwwfi",
  "code_verifier": "995f51b0-a6a4-4a68-88bc-0e22aadfd296",
  "redirect_uri": "https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
client_id=oidc-test-client&grant_type=authorization_code&code=1URi5fBP0Aw2FDoXReDvalXJm4MPwwfi&code_verifier=995f51b0-a6a4-4a68-88bc-0e22aadfd296&redirect_uri=https%3A%2F%2Fgkidp.ipanda.co.jp%2Fgkidp%2Fglobal_login%2FDM001003%2Fcallback%2F01
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Token endpoint
2022-10-13 07:13:31 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
oidc-test-client
2022-10-13 07:13:31 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
oidc-test-client
client_secret
123456
method
client_secret_basic
2022-10-13 07:13:31 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2022-10-13 07:13:31 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
1URi5fBP0Aw2FDoXReDvalXJm4MPwwfi
2022-10-13 07:13:31 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://gkidp.ipanda.co.jp/gkidp/global_login/DM001003/callback/01
2022-10-13 07:13:31 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
BbYgVzCZn6ZaD8BRR6E60lgJWPqLU4G7uGqlrlAteHeZubPzi3
2022-10-13 07:13:31 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
VkyjiJGtVufFWSM-gdiBEA
2022-10-13 07:13:31 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/GC_broker/
sub
user-subject-1234531
aud
oidc-test-client
iat
1665645211
exp
1665645511
2022-10-13 07:13:31 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
VkyjiJGtVufFWSM-gdiBEA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/GC_broker/",
  "sub": "user-subject-1234531",
  "aud": "oidc-test-client",
  "iat": 1665645211,
  "exp": 1665645511,
  "at_hash": "VkyjiJGtVufFWSM-gdiBEA"
}
2022-10-13 07:13:31 SUCCESS
OIDCCSignIdToken
Signed the ID token
id_token
eyJraWQiOiJmMWE2MzM5OS05ZjczLTQzY2UtYTc1YS02MTc4NDUxYWY3M2QiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiVmt5amlKR3RWdWZGV1NNLWdkaUJFQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoib2lkYy10ZXN0LWNsaWVudCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9HQ19icm9rZXJcLyIsImV4cCI6MTY2NTY0NTUxMSwiaWF0IjoxNjY1NjQ1MjExfQ.BDX0huf66lzoXOCLR6y9BQCeERZK1y55ruiXsVQPUVaxS6TU-GXMTMw84n7cMRaSb_J2GlG327UxZUkgxuUqAaASz59H4dW49Kbjyg0oCwMebPp9D-iELZbjQT0oDECuM11d47EPZ1NXhcqkr9rESTP900pxrlpVKmZZ6ZdFcPZv0g5gN19M2LgqGr2cZZLaudVQJnRVXWj4opPboLN-WmGZqb3qE1JRT2Nf8EawV1WF-trym2Lj9IakAddMtubCVUepuH-LOOG1elZSYd6uC52_lucTH1JvVktZitzhMIH5gR1ONk_jzhmr4I4GFL2qjyboDCAIV4mDCcWOAVDZLQ
key
{"p":"--Dz6tgnfR6hdafCNICYq8MnkCCNx4f4kE0I_1xrTqJ10o4_Qi3XGqmZiEHIL6AIfqso-Y-8_MuBuFvzJIbI_fu4JhRcpu2fkGJpcWOH6S0Y4mJQPewX1X_jBohUhqMirFABMtISfPKQKd39gmrwBoBh85rLORFAR6V3MALZrlU","kty":"RSA","q":"n_-7fPSuLD-O7nrNtguOrdm_v6-H7MnEyMM6c-JqYGKC9eDUZFuoS6vzRYIhZj-43WxrLU_ro7ea3N11EmfHrJgkeRoZl1Nxuw1ZzCfWVt7D5fP7Io4fpYDOtCSkxd4WAP3IJN88dqCDNqiSjj0cSMmde1nvjF32gDNkhnwlQR8","d":"j_0Oq3P7Ohuro09CC7BMd4YAlduarMMp7VABfuEYlxYhTXXiVJ9ym3i8uIuMZd7T54j292oklVqfTkcuR_tB0tuyQuPMNqIcNobGF1WuI1NUrLMZC_SyOZN5ZeUeOyaXNQ45M5Mny3--kXtFw-XgYo58OjxI_E1FJ3gGanw9kEwbOriFwEXL8BCoKtZ6gxmwLfaIF59YpOCUtU5nWK9K_Y6nLrOYuTVzCpi3yVUugu95p645nBwLeIbrCcgrQmXJ2FWjmx50GIH9usNyRfGnMArZCFM3pUQo1A8Kwq12cEGM7KJ8ExQKmssiEKoEu7CNPNF8vrxe7q5fdgUMdfS5wQ","e":"AQAB","use":"sig","kid":"f1a63399-9f73-43ce-a75a-6178451af73d","qi":"SYsryZo7DNKUIHPfhLZNKXCVlzjsvhMM1HMXFC3yCnsbm66itDH2O8xuxhYieGW-jFnWkbbByBjDsNMbZBidU668nI_FSuWV5bnnUJ0vjFSMOrnZ7eG6TiKHpGOGGnguw6olAcG5B6MMoSePBCzjO1BvnFkKcwEoBM_Rzy8-vpE","dp":"Gr3hZ7eXSbNs1P8AoW5dxy6rDqRGKT8IZtmm8OWxBuI8vCQaFz6irdP_1vWU-Wl2PWySpxxZpkU8-oPYprIguMZ24KQcyiREYqHwK_ezQFBnafGiL1DXnvU690CWKM09Kyo7VlfzWoyuPaOx_Jy56xbKT4DJvr9UIccxhklnLxk","dq":"SZAW79i_y_BdEyC7PBwMObqIAuX9pM0QAQ5h7a4IItCoTcxVWt8ZfdFNRIQUPyLFKGkUzfyU5u0f8rSPgyrcD2rUOinZ4k2nWM1GoCsgzUgW4b9PlA-sVTfn0cOXTrJRg5srTmilMBWUvqi62VMXkg_ArFopXWxGTaNTcNHbfxk","n":"nWxVChcOTpwF3z93uj6gIbKMQ8R8iKbSu62FIxlHre3_IIWVyoE-Ze3b7VAR-hpq0-EbtalFhinWj7oD0qtYppQ7CA4BAEziR2sGcvtpO7FixZOViYFgPG2u3QrqlF2w7E9S_rhnclCaxhBLKPILcnuaxYLmlWWl0vVMGL85E0hYkTLgEKrwWqfMsgzhmlmnv01sXfh1x-NhbMvSzTrClSfzgUO38p3BsTJ7KZv-3UCtz8wNOb4L-zZtUn-Aq-EKgWkOxLH17AWrxMVP1CgnheAIaRG9cWsYkto-fhDgq2pXVh7K9KYHWehZgPojD8vYCowqqSBv3RPsl-3u--ixSw"}
algorithm
RS256
2022-10-13 07:13:31 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2022-10-13 07:13:31 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
BbYgVzCZn6ZaD8BRR6E60lgJWPqLU4G7uGqlrlAteHeZubPzi3
token_type
Bearer
id_token
eyJraWQiOiJmMWE2MzM5OS05ZjczLTQzY2UtYTc1YS02MTc4NDUxYWY3M2QiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiVmt5amlKR3RWdWZGV1NNLWdkaUJFQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoib2lkYy10ZXN0LWNsaWVudCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9HQ19icm9rZXJcLyIsImV4cCI6MTY2NTY0NTUxMSwiaWF0IjoxNjY1NjQ1MjExfQ.BDX0huf66lzoXOCLR6y9BQCeERZK1y55ruiXsVQPUVaxS6TU-GXMTMw84n7cMRaSb_J2GlG327UxZUkgxuUqAaASz59H4dW49Kbjyg0oCwMebPp9D-iELZbjQT0oDECuM11d47EPZ1NXhcqkr9rESTP900pxrlpVKmZZ6ZdFcPZv0g5gN19M2LgqGr2cZZLaudVQJnRVXWj4opPboLN-WmGZqb3qE1JRT2Nf8EawV1WF-trym2Lj9IakAddMtubCVUepuH-LOOG1elZSYd6uC52_lucTH1JvVktZitzhMIH5gR1ONk_jzhmr4I4GFL2qjyboDCAIV4mDCcWOAVDZLQ
scope
openid email phone profile
2022-10-13 07:13:31 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance P7A30Dz36B1bIBd
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "BbYgVzCZn6ZaD8BRR6E60lgJWPqLU4G7uGqlrlAteHeZubPzi3",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJmMWE2MzM5OS05ZjczLTQzY2UtYTc1YS02MTc4NDUxYWY3M2QiLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiVmt5amlKR3RWdWZGV1NNLWdkaUJFQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoib2lkYy10ZXN0LWNsaWVudCIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9HQ19icm9rZXJcLyIsImV4cCI6MTY2NTY0NTUxMSwiaWF0IjoxNjY1NjQ1MjExfQ.BDX0huf66lzoXOCLR6y9BQCeERZK1y55ruiXsVQPUVaxS6TU-GXMTMw84n7cMRaSb_J2GlG327UxZUkgxuUqAaASz59H4dW49Kbjyg0oCwMebPp9D-iELZbjQT0oDECuM11d47EPZ1NXhcqkr9rESTP900pxrlpVKmZZ6ZdFcPZv0g5gN19M2LgqGr2cZZLaudVQJnRVXWj4opPboLN-WmGZqb3qE1JRT2Nf8EawV1WF-trym2Lj9IakAddMtubCVUepuH-LOOG1elZSYd6uC52_lucTH1JvVktZitzhMIH5gR1ONk_jzhmr4I4GFL2qjyboDCAIV4mDCcWOAVDZLQ",
  "scope": "openid email phone profile"
}
outgoing_path
token
2022-10-13 07:13:31 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to /test/a/GC_broker/jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Java/11.0.13",
  "accept": "text/html, image/gif, image/jpeg, *; q\u003d.2, */*; q\u003d.2",
  "connection": "close"
}
incoming_path
/test/a/GC_broker/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Jwks endpoint
2022-10-13 07:13:31 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance P7A30Dz36B1bIBd
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "f1a63399-9f73-43ce-a75a-6178451af73d",
      "n": "nWxVChcOTpwF3z93uj6gIbKMQ8R8iKbSu62FIxlHre3_IIWVyoE-Ze3b7VAR-hpq0-EbtalFhinWj7oD0qtYppQ7CA4BAEziR2sGcvtpO7FixZOViYFgPG2u3QrqlF2w7E9S_rhnclCaxhBLKPILcnuaxYLmlWWl0vVMGL85E0hYkTLgEKrwWqfMsgzhmlmnv01sXfh1x-NhbMvSzTrClSfzgUO38p3BsTJ7KZv-3UCtz8wNOb4L-zZtUn-Aq-EKgWkOxLH17AWrxMVP1CgnheAIaRG9cWsYkto-fhDgq2pXVh7K9KYHWehZgPojD8vYCowqqSBv3RPsl-3u--ixSw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "347b1233-ae61-4248-aae5-1496a0bd0086",
      "n": "-mWdzoOdN4iCMp_EUmyBfaWlovIFCZ3ua47F4G2Vf_7UexTFSmFfmpPHQFRINWhAWGMUh6stC1KxvefOaGNJhKppbqqyOvWO7iEW8GqEMbcOwI4eJitqMLIg1niRo2RfhhR5N6T7Z7hBmPJl5K4uv77TY5lgRgOpBNsJ2neiZ0ah4VOOwo7uuwSLHAzBQv-Krq_F--IcK7TniKXkQmhRMPXkE9u_wwar_3lsK6G3x_7RBMmzZ9gQMGX79zQ8PGFH7vicGDq-BkxasCRkXzQktOB7lE-Lt2ZlW5SGGVT0ejDTzw1h26ukHz93Bj58MNqYxLU_TZnrviO1RCut24eQQw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "f86a336f-3888-414a-b09d-34b8b69e46df",
      "x": "cyKjctxIcILsk3Scqjj_q3gjIC5V-9FfewS1BYuDT5M",
      "y": "qCld4NfQjcGNLdds34MCxi0W0iotrDdSmUpfEV46keM"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "cd756a91-52af-4f0c-9b82-25313fe7e284",
      "x": "-uEvaYOQWHhJQgqe4CMxIjzyeCUIX4jml4AdU8nmw24",
      "y": "FdGNxvh9IzyJbA-Ooa4pTxsT-C89aqajyT6Mbo8n6Dc"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "f9a61d39-fa0c-499f-a226-76a37bb509f7",
      "x": "Sk7fNLnIawYl8eYifsnJFdZI_5lBc3mCu_7T_eAjLe4",
      "y": "pHqNOEl5VEGyulEQGFkT8mUtp4mPkOctxPVrJ91nQ9c"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "fabb7861-d4c8-4cd5-8d3c-4c407c4b560f",
      "x": "Ua0DRbBDOKE7KthYHCagLiWx4wC_uHTNt1VLoq3LqHY"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "bf14c950-9779-4a97-80c9-59d10fe2ffa3",
      "alg": "RSA-OAEP",
      "n": "oRJ3eXAvyVuXNhx3OP9qz2h2WXu5rcxJSPZWzMK-nyPGVsha1uMNU3lSsUETQyxAhN3apXNPmnJ3UJ4CAzvxZtg9aRpOZ_wbXp4r959Em3AL52smDHgmPoxgR9h-2c7Lo9kxXq-4jeEW1MHV60jSPH-EYTJLK2ARQgc-QyNkY86BXVDKUr1dFjgYXVhxafME6HmZLEhWHzYZSl_GX1NZ-p5nRIB9Sl7gUkMhld48MbYi4fjWHeVB-u8N4nylHAUmAoel0qd5JvhYuNxcavyMw9GdaFALRRx3R6CUrq_hSUn2fXNFIyB6pMhJkbJIDUTmCD6RLcB7Td-8Wu6r1DFHDQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "8f736ebc-7aa0-4010-98ed-d6d6b85ee9a2",
      "x": "aQqaiWDIMb3g-Rc_xa30PVGw9x8y-XTDj_7ETtQaO6k",
      "y": "22JRrTEykFAr_qHUil4Iug6_gV4S4CiOfSUM1t4GncI",
      "alg": "ECDH-ES"
    }
  ]
}
outgoing_path
jwks
2022-10-13 07:13:32 INCOMING
oidcc-client-test-userinfo-invalid-sub
Incoming HTTP request to /test/a/GC_broker/userinfo
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "text/plain, application/json, */*",
  "authorization": "Bearer BbYgVzCZn6ZaD8BRR6E60lgJWPqLU4G7uGqlrlAteHeZubPzi3",
  "user-agent": "Java/11.0.13",
  "connection": "close"
}
incoming_path
/test/a/GC_broker/userinfo
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Userinfo endpoint
2022-10-13 07:13:32 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
BbYgVzCZn6ZaD8BRR6E60lgJWPqLU4G7uGqlrlAteHeZubPzi3
2022-10-13 07:13:32 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
BbYgVzCZn6ZaD8BRR6E60lgJWPqLU4G7uGqlrlAteHeZubPzi3
2022-10-13 07:13:32 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
email
user@example.com
email_verified
false
phone_number_verified
false
phone_number
+1 555 5550000
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
profile
https://example.com/user
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
2022-10-13 07:13:32
ChangeSubInUserInfoResponseToBeInvalid
Added invalid sub to userinfo endpoint output
sub
user-subject-1234531invalid
email
user@example.com
email_verified
false
phone_number_verified
false
phone_number
+1 555 5550000
website
https://openid.net/
zoneinfo
America/Los_Angeles
birthdate
2000-02-03
gender
female
profile
https://example.com/user
preferred_username
d.tu
given_name
Demo
middle_name
Theresa
locale
en-US
updated_at
1580000000
name
Demo T. User
nickname
Dee
family_name
User
2022-10-13 07:13:32
ClearAccessTokenFromRequest
Removed incoming access token from environment
2022-10-13 07:13:32 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-10-13 07:13:32 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-10-13 07:13:32 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2022-10-13 07:13:32 OUTGOING
oidcc-client-test-userinfo-invalid-sub
Response to HTTP request to test instance P7A30Dz36B1bIBd
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531invalid",
  "email": "user@example.com",
  "email_verified": false,
  "phone_number_verified": false,
  "phone_number": "+1 555 5550000",
  "website": "https://openid.net/",
  "zoneinfo": "America/Los_Angeles",
  "birthdate": "2000-02-03",
  "gender": "female",
  "profile": "https://example.com/user",
  "preferred_username": "d.tu",
  "given_name": "Demo",
  "middle_name": "Theresa",
  "locale": "en-US",
  "updated_at": 1580000000,
  "name": "Demo T. User",
  "nickname": "Dee",
  "family_name": "User"
}
outgoing_path
userinfo
2022-10-13 07:13:32 FINISHED
oidcc-client-test-userinfo-invalid-sub
Test has run to completion
testmodule_result
PASSED
2022-10-13 07:15:03
TEST-RUNNER
Alias has now been claimed by another test
alias
GC_broker
new_test_id
8TrHvk9KfKI7vHD
Test Results