Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-15 14:10:50 INFO
TEST-RUNNER
Test instance 51u3XcrlNbsf3yt created
baseUrl
https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "request_uri",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias
mod_auth_openidc-oidcc-client-dynamic-certification-test-plan
description
mod_auth_openidc certification
planId
1ylCv6ZzEJVW0
config
{
  "alias": "mod_auth_openidc-oidcc-client-dynamic-certification-test-plan",
  "description": "mod_auth_openidc certification",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-discovery-webfinger-acct
2022-11-15 14:10:50 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-11-15 14:10:50
AddRandomSuffixToIssuerInServerConfiguration
Added random suffix to issuer value in server configuration
issuer
https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/QNZf5VQhZz
2022-11-15 14:10:50
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/QNZf5VQhZz",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-11-15 14:10:50
SetRequestUriParameterSupportedToTrueInServerConfiguration
Enabled request_uri support in server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/QNZf5VQhZz",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
2022-11-15 14:10:50
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "8-NogBi3rBmMQA0gLD9AexSL3p7UkpzD-_Y9EqJVVcT30KpsYml1l4B8PupiqIt3yHeH7_Ar5IzUgm_7-ud6SNCcVuAgnzzN2RUupmIWOQEMEJ5Vn2MqQZlRex9_aLmRLL4dWKMf8MxtURBbyJ7LQceFXGoTiEozcqKSYM-6EGM",
      "kty": "RSA",
      "q": "wTrJUNS4AAlWrjZX5KeGaDloo8CgIfUlup9x4TKT77oLLmkQWxpdtgVDN6Xi9mASGM_KrmGldjhxTnx15x5x18fW-UryR4PuLMzd3KTGwtkalyVa1t_pyFr4L3Es3AdZFKwtQO5ymoC8_oSjJ8v0XNi654fz4hC2m14apqKopas",
      "d": "QtrcWAD367kFA-Ntoy3OymgrN9TZGvnRe4Q0MoZiyRfmYL-UqqhZEIIdyu4SExdQAUrizrBZGDGnWDT15077aUTPUt-wQt91ASFMxxhp0MkoZtkKW9pYiNQAUzzVTkiRVSW22t3relGzEsuH_bcdW9z2LWkZaPW0-PlDVaSTVSHuTveP4y6K0dIpcLk4lJSSfQiBjy5D29NblLg1aNMYY3NdkJUpJTD9Y2xtTsxxuy_B58c3mVrwyP-SiuEPYey48DOrUriC7PQNu3LcaNOEZaQzqcFd1m1q_X8chMG-y22osYVHtzV0go8ks1F0IqTJ5VeKYT7StRiTZMIXko72dQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "79d3da60-c1d2-4870-b324-4d8ed0650f40",
      "qi": "3Rts4UzKB2OlRvAsaCRtoun0_UjFDRU_3PxxWH7gq4Ppq5UtG58APCQ-3asGT044Ekadtmgad8ZOBAv-CIagAN2i9BZMwgCY0JVRaeAv6lmb6IhLYOCm5-UVj1UNNPwgHgQMCQeaP0RQKlnZ3eOq5Kw4jHf71WX2QnncWigNyXs",
      "dp": "CgpQoQVjelhK59AihO_NrcN4xp9vTOHbR6IpfXzlWnSTZym88Ig66RPHCagIi7vCIKSbGgufIveRQBVwIDIrXJgJ96Gedi_AobE3jG35UDt0zbJXAArLEIxJSHJRgnQxP9BL0PxWMkmYLoAn5yhyYbDfEqDjUPcNCykaMZYbqNU",
      "dq": "BVhv-0l3MaEQgc9FDTFJOZbk-yq4A1h5y7jfeKBikU4vQwBrEGohT4jDvEVdiv1LYt5UuBBBeIzFLaupw1QHSDXiD5FwNGRE8X5VYOY6DWfeIXJKGgmluQIzPXS_DfMyFq1QrywphXasQ8o9jTtKLktcmE0dhRJ7Sr8Gs7dqPPM",
      "n": "uBZzGM5s69JGKM_91XckaS5XygyjL5VDjOM0GTJMNdnlp7ctNZt5C3e6Ax4jUC2jWwlODPZkh66uSUssf_YMPivTYZ7HgWwQDdXWCPCuxiIb25Me6UJK35Ot8jk0mOzh-jP-ahUg0ZRkVf0gOih0G_J4Nh2b4psDOSt9PXf99AnKNYXL1lOWwe7Z28SpZVI1jN2z1e3_32aByPnNxyCtWYkh_TK8s4dv8hQvICk7JROvWE66l5YG3RGJqQMceGMjq74B5vHKg1Q_RVeu1P-Q9lO3AUcSXsb_zMAWnfLPtdSl-TyDIx9YkPSnGLlzURWQjwkd_xl5WRE7lus5FNDBIQ"
    },
    {
      "kty": "EC",
      "d": "eAfPFWBM1W-ClfAxOBD4Tz11cXvqDIm_ZJmNovGZ-44",
      "use": "sig",
      "crv": "P-256",
      "kid": "72566069-b6f7-4110-8a13-86b766aefb81",
      "x": "x1yTYDJ5NFSctLclAlQLgrG4N5sqE3lbsB5CsTfgpU4",
      "y": "1r4bPPVvM7qNlQji4Y7wDIo9qid2Ru1a7f1dhNmUFU4"
    },
    {
      "kty": "EC",
      "d": "75fO_sAMglPw4mddN7IPvofmiNFyXv_RRqbR3aVsTa4",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "8a51fd2c-d70f-491c-88e1-ad8b1f827c05",
      "x": "a0IO0BTm289F_t0MD7RLXVpj0E7nqHSeejXnzyVQISc",
      "y": "lykptrQISDVNNLHv00LBnEQ42HwaTG9NHzVVF-OGHFw"
    },
    {
      "kty": "OKP",
      "d": "K1dm-RO7P8UyF_i9rUk78EGlODDUoCVes0RCESiumkc",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "1a170a2b-e2ad-4fc2-ba2d-dd38a17903ee",
      "x": "gIYnGVujAnMHSxH64I0PY4zegxHxfO5d6qKDtFdytWs"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "1zFfPM84bDn0F2HC-JOkYTN4CKTBXieGrAb8xmlVPGTdhdFbT-nEeF8NDwUH1FDAu9C9zkvvSOUmrpz-YsMWnGEEwPXcn0TLeKsmpyU7CO5EB95JABt2xrmKf4A37FGrUVEpIxYdtgkIOU_zRJkx2nWZ3_zySMeLl2rumMY6EVk",
      "kty": "RSA",
      "q": "uiDoq6BlQjxgUNk80bLpM7v-_OPou4a1jLrS9v_Ly9qx3wz_idFsyRdiRvE1NpUlJUtL7r_B3-QKNF2Owf5RwYJ-J5MkK1Ro1tsfBeR3fZkgzEVvYMGPxyUIrVU_qJYKuNkhhyuERnJy7iFXuBLxqUQ9kQwQEv2RWBo4ffWqZDk",
      "d": "f-bZgJmOC8D95oMP3_rgPRuLrnQ2Ol-O6JOEKtavXnocxzqgwDP8k1SyaLASJ-x68NizkqbWmRv8EnTzgcEFpksQTej-s-MqKJr6km0BgAynK9DiRoDNPusfDfPCKU0y16t6_pt75BYLpoYlGnQ0Jue2QnmH9khTHjsNQ9hBe5lqgsM3UJVAJnjRtqk1fN9Tqoq6X6RerSpPHZJuXD_NWiMWnk6G61l_0Bcc5N1pTmU6mZGYkg7t6ygHmD1GnZL93AX6_tGs07VAaYax-4AT3l2zAcxZOBeomW_4PjrxfMjiXadYdxr17aBM3WADEiWCDg0It20ZO0z81u9DYIA-wQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "b7c36766-fd59-4d0a-bc9b-a29f4e1ed84d",
      "qi": "tfzMgTZdb5CBAPY3OwbA57tfGlZUhw_g0g9goCq5bst3EE3kPV0tBbi2uWGvOPHKXnxxmn73ww7QpUjihNEcq8yYsx06gLwWpZYDgVwjgWVlmaeRZ_-Mrx6RpwqNMOAPO-ccORtFj4Cp9lxuHP2tegbf0qKDwOa9vUPrjf9gqug",
      "dp": "Y5lxaBbNGaJ1LIFOGXlUYrzMuMtwyGBo_6Q4SKkmD07sDOzKY6FiEwiDZclBR26c1hEWWK5isQ2Gqtj1EMcU5woshhcFpx3TQyWMPV6JBWgqSq4Cga80eWQVC1BQEev27CsxbBDnbYKesNAlW0HAhklaEAbmKPNa05lll4ZgB_k",
      "alg": "RSA-OAEP",
      "dq": "tSWoLLj7M96dArKajaBpdG9IOIn7jN8LPH7rKXdEug8LRAFbhp8rF_9JJ7BD0O6Q613_9cns_2DqSZKwiL9ihEnjS9LZxc3uBwXViJ-VZ8ircgM15d4cd33klwW74fC9WLACAJLqtsFWd8o9nCnbxphirxMlZcYhObSzPGvmvIk",
      "n": "nHWI8xlGmMc-884zsAYKdum2eITcRmwaFyX6IkY-IjXi-5PCwU6LoS8-BlkSi3RQW-oi426mDB7klER5OuVKfISBpppy3bvcaOZU4TYJuWVXG1Pf8aQ07HQaqxZ-ApY47vKXIUiSNyRPNWgYM058vUKZ9ZKY1t_G2BPlBpZJD24eMB6COx-rn2AmAAUIXuD0-_7iTNG23yfpCNggJOZXt3mR9ETisd8xcZMxQ5i5vdzc0U48m1dThhuERLN9N2IauqakEycytMaZsCyMjQLtgSCcJ2zWabClxqXMswB0wocbhJil9UC-BI8CrSfNJwplT0U_MwAdpM_8W_MRg86g0Q"
    },
    {
      "kty": "EC",
      "d": "mdi_wClW_xvfdpNbDtBVpHq34J632zvgoUY65KgoJPs",
      "use": "enc",
      "crv": "P-256",
      "kid": "47957b4d-b8d1-478f-823d-996cf544d54d",
      "x": "CFuM1cJZgCWyuO0Yngzs7cjhIzZVFjQnrNkB2C0a-_8",
      "y": "FmaIJyKkgRD3AGSkiqXCDBNx_8wSpuZN0xZF3F7icUg",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "79d3da60-c1d2-4870-b324-4d8ed0650f40",
      "n": "uBZzGM5s69JGKM_91XckaS5XygyjL5VDjOM0GTJMNdnlp7ctNZt5C3e6Ax4jUC2jWwlODPZkh66uSUssf_YMPivTYZ7HgWwQDdXWCPCuxiIb25Me6UJK35Ot8jk0mOzh-jP-ahUg0ZRkVf0gOih0G_J4Nh2b4psDOSt9PXf99AnKNYXL1lOWwe7Z28SpZVI1jN2z1e3_32aByPnNxyCtWYkh_TK8s4dv8hQvICk7JROvWE66l5YG3RGJqQMceGMjq74B5vHKg1Q_RVeu1P-Q9lO3AUcSXsb_zMAWnfLPtdSl-TyDIx9YkPSnGLlzURWQjwkd_xl5WRE7lus5FNDBIQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "cbe7084b-f731-496c-9b49-8fbd824b62b7",
      "n": "pDZkJx1vcIoqg2GGUv4tt5hhrAps4jfqK8uh-xuLjXg8dlw5V1-XhjDisk8gohywyeHnQ4r1Ii39IUu9Q4VWGxAMvTrKpsnmmMF19o-_9zQtOYWrDdCC3s50-74XUnxfJKgb17cgJf666qAvBfZeKG8epPH1LcNyWLS1JRBDMFofHMWxstQID0puurDCFiJgbS_xPN7XKKO66fudzhJWWNrHYzmR21ehjZAAvkVpEGR0CG_OucSKD4zwnUiJe3dkKk07kNXj03Uyj736ynr6d3_Y9S7q71InlNYX3B1Q6kyewsUH7obnr2AeDqKRzS8Dx8QaUVY-MlPyHkhJXSRLCw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "72566069-b6f7-4110-8a13-86b766aefb81",
      "x": "x1yTYDJ5NFSctLclAlQLgrG4N5sqE3lbsB5CsTfgpU4",
      "y": "1r4bPPVvM7qNlQji4Y7wDIo9qid2Ru1a7f1dhNmUFU4"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "cc62d45c-0cba-4cec-a6bb-27cfeea37007",
      "x": "ZPqrQBoQd8bkwK4r2QhfSOzFNMgakbEBbeoEu7NOFz8",
      "y": "ctUzW6xPh2_ATOl64nSBpjkb36vQ2uZBY71k9wrpfOs"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "8a51fd2c-d70f-491c-88e1-ad8b1f827c05",
      "x": "a0IO0BTm289F_t0MD7RLXVpj0E7nqHSeejXnzyVQISc",
      "y": "lykptrQISDVNNLHv00LBnEQ42HwaTG9NHzVVF-OGHFw"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "1a170a2b-e2ad-4fc2-ba2d-dd38a17903ee",
      "x": "gIYnGVujAnMHSxH64I0PY4zegxHxfO5d6qKDtFdytWs"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "b7c36766-fd59-4d0a-bc9b-a29f4e1ed84d",
      "alg": "RSA-OAEP",
      "n": "nHWI8xlGmMc-884zsAYKdum2eITcRmwaFyX6IkY-IjXi-5PCwU6LoS8-BlkSi3RQW-oi426mDB7klER5OuVKfISBpppy3bvcaOZU4TYJuWVXG1Pf8aQ07HQaqxZ-ApY47vKXIUiSNyRPNWgYM058vUKZ9ZKY1t_G2BPlBpZJD24eMB6COx-rn2AmAAUIXuD0-_7iTNG23yfpCNggJOZXt3mR9ETisd8xcZMxQ5i5vdzc0U48m1dThhuERLN9N2IauqakEycytMaZsCyMjQLtgSCcJ2zWabClxqXMswB0wocbhJil9UC-BI8CrSfNJwplT0U_MwAdpM_8W_MRg86g0Q"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "47957b4d-b8d1-478f-823d-996cf544d54d",
      "x": "CFuM1cJZgCWyuO0Yngzs7cjhIzZVFjQnrNkB2C0a-_8",
      "y": "FmaIJyKkgRD3AGSkiqXCDBNx_8wSpuZN0xZF3F7icUg",
      "alg": "ECDH-ES"
    }
  ]
}
2022-11-15 14:10:50 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-15 14:10:50 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-15 14:10:50 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "profile": "https://example.com/user",
  "updated_at": 1580000000
}
2022-11-15 14:10:50
StoreOriginalClientConfiguration
No client details on configuration, created an empty original_client_config object.
2022-11-15 14:10:50
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
2022-11-15 14:10:50
oidcc-client-test-discovery-webfinger-acct
Setup Done
2022-11-15 14:10:51 INCOMING
oidcc-client-test-discovery-webfinger-acct
Incoming HTTP request to /.well-known/webfinger
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "mod_auth_openidc",
  "accept": "*/*",
  "connection": "close"
}
incoming_path
/.well-known/webfinger
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "resource": "acct:mod_auth_openidc-oidcc-client-dynamic-certification-test-plan.oidcc-client-test-discovery-webfinger-acct@www.certification.openid.net",
  "rel": "http://openid.net/specs/connect/1.0/issuer"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Webfinger Request
2022-11-15 14:10:51
CreateWebfingerResponse
Created webfinger response
webfinger_response
{
  "subject": "acct:mod_auth_openidc-oidcc-client-dynamic-certification-test-plan.oidcc-client-test-discovery-webfinger-acct@www.certification.openid.net",
  "links": [
    {
      "rel": "http://openid.net/specs/connect/1.0/issuer",
      "href": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/QNZf5VQhZz"
    }
  ]
}
2022-11-15 14:10:51 OUTGOING
oidcc-client-test-discovery-webfinger-acct
Response to HTTP request to test instance 51u3XcrlNbsf3yt
outgoing
{"subject":"acct:mod_auth_openidc-oidcc-client-dynamic-certification-test-plan.oidcc-client-test-discovery-webfinger-acct@www.certification.openid.net","links":[{"rel":"http://openid.net/specs/connect/1.0/issuer","href":"https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/QNZf5VQhZz"}]}
outgoing_path
/.well-known/webfinger
2022-11-15 14:10:52 INCOMING
oidcc-client-test-discovery-webfinger-acct
Incoming HTTP request to /test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/QNZf5VQhZz/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "mod_auth_openidc",
  "accept": "*/*",
  "connection": "close"
}
incoming_path
/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/QNZf5VQhZz/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
Discovery endpoint
2022-11-15 14:10:52 OUTGOING
oidcc-client-test-discovery-webfinger-acct
Response to HTTP request to test instance 51u3XcrlNbsf3yt
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/QNZf5VQhZz",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
outgoing_path
QNZf5VQhZz/.well-known/openid-configuration
2022-11-15 14:10:52 FINISHED
oidcc-client-test-discovery-webfinger-acct
Test has run to completion
testmodule_result
PASSED
2022-11-15 14:10:54
TEST-RUNNER
Alias has now been claimed by another test
alias
mod_auth_openidc-oidcc-client-dynamic-certification-test-plan
new_test_id
5i6xS3OnZyCm5Bn
Test Results