Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-15 14:11:06 INFO
TEST-RUNNER
Test instance sYj5f8PrnVDitpr created
baseUrl
https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "request_uri",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias
mod_auth_openidc-oidcc-client-dynamic-certification-test-plan
description
mod_auth_openidc certification
planId
1ylCv6ZzEJVW0
config
{
  "alias": "mod_auth_openidc-oidcc-client-dynamic-certification-test-plan",
  "description": "mod_auth_openidc certification",
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-discovery-issuer-mismatch
2022-11-15 14:11:06 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-11-15 14:11:06
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-11-15 14:11:06
SetRequestUriParameterSupportedToTrueInServerConfiguration
Enabled request_uri support in server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
2022-11-15 14:11:06
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "1SZoKHvqRfnxkMWtKki05IFsOzr4ey4PxX1QbXQg1kAfJzHxKtFiFB4izlG0QtK6nXrdVuYMTQFFHzS1wClA5zXWv6aGl62RhsarQb8IOcrY-D2sVtFLc-IQLsC1CHjxDm7M_F7tn8tBWVOBt_-NZvD2W6SfVI_8jmCAvd7qUCc",
      "kty": "RSA",
      "q": "wqJGadeDkfceX33GinrmxftJL8PwgG9XAwc3ZqQ9riZU_BYCa8SjMApHBAtK9aMTuNq6FLKC2s0N_hx6hwVlJQwB2T9-qMvvAgIuLqexLWLEEs57qd2pU9VG3-YojKM6FYImB9SUoznJ0w1idynG0hZEBzKF0tgBfjUmPEa-Sa0",
      "d": "LEtIl625mwTD6xFb421F8_kuCzJQUZZJNZZO5EcRxIq9NSbQp1VWDAIw6PGkMtL53Kdf5MtH5cNMTZoq1XHnfJ55hMSlnCMAzYH3O0pLNwtseoLOS9d_N-qfAWsuflZVRdydXJi4yB0wTkvV6CnQ3gj6Y0AO5eEO__ehEIro5XMpJjVWhn27hGQa1XIZu_xwsVxPqDa3lghf2OeGT80VD2BAlaSYbRwpbf9JPAX05dl7YOqeb_B1ZsPMQlovbv47ze_y_kLMZdZDUiIp2vBTgwzXasyVL-HMKn3_9CtSBdHnKuX6F1AfC_jrDw_KCW3eSlR9Mb2Vq0W86L8Rd01jSQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "88793f9b-d33a-4c18-9215-f4f576de50c6",
      "qi": "xp1Ve8kvjphnha7ulh-gsKESfyl8nL2R3AUwN33eNLAOPBAdKAagHkxceMVwZWQh_bziK29w1kVANJonCSCCjYtKZO4rHgDu41sFSdTWF6pt0LvSogk1NGC-y6iA50-VErnB5UlZVQHX1VRk06Yjgwg9ScwzVCBf6PvAaQPpkuA",
      "dp": "MC8JdrVkZUM2P3LgTWG4OrujGtSe3UGxYQSODOAmmChQooygpvxEPqX9WkSQClcWxojCxmUkvLefx4kj2Pe6a0n5bMOZQ2qCLkR07Fzh4Cah26QddFbFxsGAxQDdK7gjTg7wGdDfyLKq6CV_enezoGSyXE8fkX8nKYxZLhLZRxs",
      "dq": "g8DuAYAOZKTwPpwZ5mxEBAmTBW6SQ58bO8WKz0SnLFhudyc_BEzcWwzZ_fbXC2kVVLFb_d7Jjev5aOdGWlhgm6-BINtGlmVWqfln4dVKrvqI2GJGfDq9AS8DB1X6ZRmpnB26ONrCs6vO37vTx-7T1CuWaXjd9liayiCYfX02GxE",
      "n": "og433Tgyi25ilDgQaupeT9GcVn78TBEh4gKM-kwWZzgPqWUjAGK-dwzGdxU9KLuRm9XvKtG4al93gJ014w5u6G7ftIQHRWvtUHTp0tUtG7D9q2nz8ojeXTvvxAH_4PibF4lBvjQ9dureghTW8OsxOzw3HEnx_l7DjFXR13DhAeETEN_NIdPiLQ09nahfQrBTm4VQTp41O9k57FG9MN7AQjrM8iKFluaXLaPRsi0CPHmJM-goKczXcv3o_7S6Cz6MI1-e1Ri9hKxL6Mh1-fEEVKXladJIhKOxJ4PLnR9wgxQ-3PjchLcLcTMeM4OphtJA8s16yBfebs0EsDvWnCVJWw"
    },
    {
      "kty": "EC",
      "d": "zG6UJLeQM65wK04-GMXL66sAE1YLvTttk-_dBSLoPAw",
      "use": "sig",
      "crv": "P-256",
      "kid": "ed49cc8f-b684-461a-939d-607c6e4727d7",
      "x": "byc0HxYp7aCdTU7oa6yvdRk8PYDQJnf0DnCugsSBegw",
      "y": "YtGcW6o5_WWkuiDPaokmpmDJ3yaeLTg4JRjIewwJPPw"
    },
    {
      "kty": "EC",
      "d": "q1eEfDdjMATPk3CfyOas2_zsiBdhpqSyT2qtnjmOTQA",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "9abbe0e8-12b0-4485-b7f3-eb58e7ec62cc",
      "x": "YO4uO1OukkDjA9GsnYinvncrSUgB6LRqp7UXO-MRyzQ",
      "y": "lW_3a4_2MzBpqPl8vhrOekZEvcuXQLWSZhebNKv75bY"
    },
    {
      "kty": "OKP",
      "d": "8BoULHmAfF5L-qo0z-v9y9EcwhTpi2rTwYVxCg4pBwQ",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "5713e55f-3965-4a1b-a18d-bf84050bd88c",
      "x": "R_Dcbqm0rX27xPCpPf2pSwK6qOvT_oaNhuFcAJQ2btY"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "9v9GVWVfNN3-fHb-MdndSpk2vMfcjJKEO32UAF5eEekUzizsDbBuvfRXLW3nqPBWfp3RILViZhLMc67RGLyro6sFIosC0yTrxy2mz-LPafWOCBBpPXmBkRa2fJFCNvCMsEDcJczhZtRBnQKf_KIgTrpBOFfgz04vJBKgJ3hkVf0",
      "kty": "RSA",
      "q": "8N1AyHk52eP1EF9denV59Cs9cDxJPf0K2IC1F_z4Ck2wECxRxnP-Hime-FD2uUSOFbUhAUzVGozOv8NIUVJUp6kTfrxxVIpRlU7iiPDKdebOw1ge40MjbtKRFzHS6lUDHm8jaDJ_NNXZSUpB9GzdJHs-VAq0u3V1VOWltad7xnc",
      "d": "ShfwrimjbyoxwHpt6kZIXtxHmqtKPrldvH26x21ZdAP2DCzlcOtteAdd5ozZo9J2YzD0Ra_y4hnbCVepilprmcja-DB0Kr7xJ_zUTUQ0EzsI90jlKWuWqiYqFBucbY-JWDYQaqQIKdN3Anbsouq0cAB_8j0cgt_eAF6RtN3yGsnBvlN6bcX8RmXg2H6NDlIs_aoZwdO3UHYgtPwu30AhEq_TCI7TOCt7XQQH-GYbpAvgRNWWvtr-xudI23zEtH4FfgSv18gFJYCrfkdbblA1dKVSIj0JCy8pEc3t9hOwE6uaodlrbNpcLr98lGY6jTnHrecRxZnLDIwhIFcIAN922Q",
      "e": "AQAB",
      "use": "enc",
      "kid": "89015317-3c69-4733-bfc8-d13d3daa0276",
      "qi": "wP23FCR7LdR9YSjwoHJi-4jJocRe_VR6ycmp5NGD6B79Krr5CbhKpCkGtXjA4mJtSA78m0yvILvesfd_D3q6jhYxVVJfXvEpyE7oaXb1Tf4qR3tQvuek9hamMz1w2eS2edkUIYx3l_jxBtM4fp-_Ea5DoELY-I09Jkn_fETDVm8",
      "dp": "zPmN8cJdny73SW0qiE5H0eeSQFoQEmxo5kHRt_iYUn6-cFdhUf7v-B201xOVI2LINO1dJqrATPsexoX2KnQwcHO1oDQClRzXugSNoYmVHVbVlqWf4I9cUf6qVHfrnlJEPuSkjY4YJFDTXqxV_r7A1vTEuTBcdU1p26LFW9wSUDU",
      "alg": "RSA-OAEP",
      "dq": "pIHpEkNB0ODR6wnHVbFQxwSVZMe4Gn9uXeqiRS0A2ECxRIqQm6NzZ3Rz4BOkP2tkQ80_Kp0oW4baWrzs8qXxrcVbzE62dNA34mtLa85R6W7nvyG7juq3E6T7dcUQ0f2YMLwlibAbk6GPU3BFVcTY0WbfbhUV1YbmyUJECKrIbgc",
      "n": "6GTK0QS8ih8bK5ssTHQIJi8zCkQCIckX5sE_-wC7z7JM3nqDPQMUd0sKf6waOhlW0uSvLuPdYJCiJ3WKrXWnIOCCkTmZiotAhEtHOHMuyE4SCdlD9thLDQij6DQNS5ScxSXN5ieCawCJfPRi97KPpeNBvVbJyTC8YrT7ym5gItmErCLblBaA9fMZjZZwbAAdWt6WWxE1xyNgCoxUttHxRPSMgv5i76plAwM1JrpEF_9UK52zdFaqlZwOPyPE9Rj-WfFGldOO8tSMMbBXN7F-M09v_iPHAgQvvdjhQRyhQfr2-gxityzekpDAyLunhFdaI1aM0nYvgVaYtSKk7LSmmw"
    },
    {
      "kty": "EC",
      "d": "w6N6HNqLr9t8VTZKJ3ToxxIf2dhQQf_BSpr-X4petbc",
      "use": "enc",
      "crv": "P-256",
      "kid": "8ba236ab-262a-4054-91ef-1b94728bbd90",
      "x": "7ruYeeAAAQt4nPha3klud8KNEPSgV177N6MKfcfFLpk",
      "y": "IwUIMRNSH8XIhi4Ne4Vh1jG9Nu4wEhrwR7GU68OaS_E",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "88793f9b-d33a-4c18-9215-f4f576de50c6",
      "n": "og433Tgyi25ilDgQaupeT9GcVn78TBEh4gKM-kwWZzgPqWUjAGK-dwzGdxU9KLuRm9XvKtG4al93gJ014w5u6G7ftIQHRWvtUHTp0tUtG7D9q2nz8ojeXTvvxAH_4PibF4lBvjQ9dureghTW8OsxOzw3HEnx_l7DjFXR13DhAeETEN_NIdPiLQ09nahfQrBTm4VQTp41O9k57FG9MN7AQjrM8iKFluaXLaPRsi0CPHmJM-goKczXcv3o_7S6Cz6MI1-e1Ri9hKxL6Mh1-fEEVKXladJIhKOxJ4PLnR9wgxQ-3PjchLcLcTMeM4OphtJA8s16yBfebs0EsDvWnCVJWw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "176a680f-d722-4355-a37a-c9d3024d1072",
      "n": "wah5H4e3K5EXrfuR3Acf-TOb1gTUTEwt-vfhOCuWE7M0qgAjgxq-RlZMVZ8aa4s1Z7t09krvs8E4Dfvec__OgWJV8UOr26GhVQHJ0E_1_LyX_VzQOfR0UvufR1dJI6Lxbl4-1DKa0KINzgaf1JqmCGFaomgvcyJqfOo07kpL515coDMjqWTUMZZLLRNyTO6PjbMFoldfpG6jrzdsPK4y5TvGEJdbmMJME7rp5Ekbj9sWMLxGsCGxN0S32TN0gug8AD_fjk0IACuEPvut28Rc__hl68e_xiqUhhSH6zw4rDdaGYdfB1pL5vZsAGYxNFuySpttpKlqJtgNCElbXerFew"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "ed49cc8f-b684-461a-939d-607c6e4727d7",
      "x": "byc0HxYp7aCdTU7oa6yvdRk8PYDQJnf0DnCugsSBegw",
      "y": "YtGcW6o5_WWkuiDPaokmpmDJ3yaeLTg4JRjIewwJPPw"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "080ed714-0c08-42d1-bcd6-f785d1f8b629",
      "x": "tY8yl3UG937Erf2ZLLM43uZuiiIz-Wf9URglN9oq2e8",
      "y": "_WAJaQLCdNzm7MbJQ6RFm7FMn3inx4ALfTBhNu_q5qc"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "9abbe0e8-12b0-4485-b7f3-eb58e7ec62cc",
      "x": "YO4uO1OukkDjA9GsnYinvncrSUgB6LRqp7UXO-MRyzQ",
      "y": "lW_3a4_2MzBpqPl8vhrOekZEvcuXQLWSZhebNKv75bY"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "5713e55f-3965-4a1b-a18d-bf84050bd88c",
      "x": "R_Dcbqm0rX27xPCpPf2pSwK6qOvT_oaNhuFcAJQ2btY"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "89015317-3c69-4733-bfc8-d13d3daa0276",
      "alg": "RSA-OAEP",
      "n": "6GTK0QS8ih8bK5ssTHQIJi8zCkQCIckX5sE_-wC7z7JM3nqDPQMUd0sKf6waOhlW0uSvLuPdYJCiJ3WKrXWnIOCCkTmZiotAhEtHOHMuyE4SCdlD9thLDQij6DQNS5ScxSXN5ieCawCJfPRi97KPpeNBvVbJyTC8YrT7ym5gItmErCLblBaA9fMZjZZwbAAdWt6WWxE1xyNgCoxUttHxRPSMgv5i76plAwM1JrpEF_9UK52zdFaqlZwOPyPE9Rj-WfFGldOO8tSMMbBXN7F-M09v_iPHAgQvvdjhQRyhQfr2-gxityzekpDAyLunhFdaI1aM0nYvgVaYtSKk7LSmmw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "8ba236ab-262a-4054-91ef-1b94728bbd90",
      "x": "7ruYeeAAAQt4nPha3klud8KNEPSgV177N6MKfcfFLpk",
      "y": "IwUIMRNSH8XIhi4Ne4Vh1jG9Nu4wEhrwR7GU68OaS_E",
      "alg": "ECDH-ES"
    }
  ]
}
2022-11-15 14:11:06 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-15 14:11:06 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-15 14:11:06 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "profile": "https://example.com/user",
  "updated_at": 1580000000
}
2022-11-15 14:11:06
StoreOriginalClientConfiguration
No client details on configuration, created an empty original_client_config object.
2022-11-15 14:11:06
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
2022-11-15 14:11:06
oidcc-client-test-discovery-issuer-mismatch
Setup Done
2022-11-15 14:11:08 INCOMING
oidcc-client-test-discovery-issuer-mismatch
Incoming HTTP request to /test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "mod_auth_openidc",
  "accept": "*/*",
  "connection": "close"
}
incoming_path
/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
2022-11-15 14:11:08
ChangeIssuerInServerConfigurationToBeInvalid
Added invalid issuer to server configuration
issuer
https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/INVALID
Discovery endpoint
2022-11-15 14:11:08 OUTGOING
oidcc-client-test-discovery-issuer-mismatch
Response to HTTP request to test instance sYj5f8PrnVDitpr
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/INVALID",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mod_auth_openidc-oidcc-client-dynamic-certification-test-plan/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
outgoing_path
.well-known/openid-configuration
2022-11-15 14:11:10 FINISHED
oidcc-client-test-discovery-issuer-mismatch
Test has run to completion
testmodule_result
PASSED
2022-11-15 14:11:11
TEST-RUNNER
Alias has now been claimed by another test
alias
mod_auth_openidc-oidcc-client-dynamic-certification-test-plan
new_test_id
NCbkSDF725I8Mze
Test Results