Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-20 20:09:56 INFO
TEST-RUNNER
Test instance UPShqT6oM14NSOS created
baseUrl
https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "request_type": "plain_http_request",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
77c1aa57-dd0d-49b2-b107-29103a4db242
description
oauth4webapi/2.0.0 (https://github.com/panva/oauth4webapi)
planId
XeujdsLfQfTiD
config
{
  "description": "oauth4webapi/2.0.0 (https://github.com/panva/oauth4webapi)",
  "alias": "77c1aa57-dd0d-49b2-b107-29103a4db242",
  "client": {
    "client_id": "client-77c1aa57-dd0d-49b2-b107-29103a4db242",
    "client_secret": "client-77c1aa57-dd0d-49b2-b107-29103a4db242",
    "scope": "openid email",
    "redirect_uri": "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb",
    "jwks": {
      "keys": [
        {
          "crv": "Ed25519",
          "x": "drsf-pg0BtaMF-mWYF4S7Ykt2tpce2JeFUR8mBptQSM",
          "kty": "OKP",
          "use": "sig",
          "alg": "EdDSA",
          "kid": "d040e499-36c2-4537-8cd7-8b5618d8ee28"
        }
      ]
    },
    "id_token_signed_response_alg": "EdDSA"
  },
  "waitTimeoutSeconds": 2
}
testName
oidcc-client-test-idtoken-sig-none
2022-11-20 20:09:56 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-11-20 20:09:56
SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly
Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2022-11-20 20:09:57
OIDCCGenerateServerJWKs
Generated server public private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "xXb8T6etug2qU-guxWSheTPyl26c3GdfnzoZymOJMoAF-q6vNWEzTD7WRUqdVic5J534I25LkKLpHsUloFUXpckpS8AtAp_MCpKdUpt2sRGro7JQV2BOT8Lr92Q43N7UAerVQ8HA_j08x-SD1qXNc8-Jb18tP0HjLk9FbCib6VE",
      "kty": "RSA",
      "q": "pyOQ_KfSffmtaIi0US2ZVAm6AzeMGUJeWx2mEJeALC4rNtaoMdhZgyNwqb-zPd0d72AMrKpu1vF92oBgMa6XlPgKBNqVv5GWHK5qZHzUmG_Afy27yTsWrNIlRX4sHsPxNvcvqQ_Yj86P6j57hHtKZ30HjLTlTIC2ItOcN2bFJt8",
      "d": "Tq5B6aQV5E_D3AmZJkkmtdwY2Yw4ASAnutenuHiPa_-K_x-zfTtPgF71BO2w4em-bfURLlY-L9S5227xnTPpHX_fHJwSsyKDRmEo19ZI9zxl08lkQPNxZ4msVM_dUNd9u5MjhcqAR3bNyl4DlHtS102oOMKisuSXosrd3YDrHLh9N0KJDdSC2X1TB7NmkoFjz78jTJHREHvSe-90TOgvp_2FG5ZmKpVj-sPw6mBKQ2od_bQ4JczFpYqlIMJd2mcBehletVo7eQU50aeu3sYOT-ulKy6AZte2JxG3LXzsXll161dN-SYd_1KusY_2kLq6vY96r34Ps7IFx9r3z8e94Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "373261a4-b4ff-47f2-8c0b-f301d124f36e",
      "qi": "GR_TK-wwUKQKcclp9yG04Hy1TsL34-wiTgekB7sKHFNCtWXj_cgHsxZlGJcAdMmVyqamZ1ZfkY5VpWZPRyk7izWQukNqCZQXnboJndXjksfbbP8s4yz0Quu-fCR8N-D80VmW9XuTqTxiZXjPNZldv4OTxkVut-GXFX3O5Ngf8Tg",
      "dp": "vCnf0D-mKi6vaflL6Ek2HXrE5kw_KT9QPThuLw-eQwL_r5sZ1jHjYfpWz_yD5P7HVdsQAyMs2oyCvBF9A0VSnWYM9eQQf_mpw0FmrLr75UtDVV-rczeQKC1EEZ_tF3s2ZwVRZ5mPwDS2YHx-rOGd34eaHQiC405zn0NmkeQ4faE",
      "dq": "bja11OWVmBycjOIYha9b_F6tmpF2gPGS5uKWLzq3-mo3dOH352aTIDauhEE1IQY-Rys_MFzy2ipEo2EkDZ7jtggaEzlQphKKuj8JSVpHln2aokK2Iewk97FbgofA8EilN2motAMO-0VrATxSlvn2BmgcIlznF5uIf06rJJ1QRGE",
      "n": "gOwNskXGaTjBEBS4NH-oVSuCM-OeDj-dCssuMW0iRzSCbul3w-4icgIe_YpVFd_b5j3CVX5x4LhlVVsD34vo_i6jR4Hhadb2dmypkWGebZJ4D7busFtc26iYHe4NyokaGgEbn7_ugDiqQqCz8j6oB4e4GYSOj6-tZ34Znfmq3w9LLcYxp6bh0hQ7yp4_EQKZ5Adenfl6gCNkr2j2x7vEg2FnCTUVD82jRDG_Abhg_Y09j3bzoda13A0TrReR0o9VzCGpPjWe1pjZzrU98xTLQyiEBucPPQHgDCxLUzxOlnlW_vHG34pn5uykCBgU89MROZjDSWmUtn5rNGKWVcdDjw"
    },
    {
      "kty": "EC",
      "d": "elqjgH3RdFJLohbhAfgJvhmbkQBD3VA487fAgzsT9L8",
      "use": "sig",
      "crv": "P-256",
      "kid": "aa9842b7-6118-4925-bfe9-aa5d472297e8",
      "x": "YYUJpVfvv91PuiI77zHk6RGYTfnSOD8M3OiO28pubWE",
      "y": "or4lzptA9D1FWUe14gdGQ_rlGs7XE-wEg_f23Lmnhu0"
    },
    {
      "kty": "EC",
      "d": "-ioFfqdye3pPJeAz23crh8jxpU4iBu6yagpx5-dKaec",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "26857c36-46b1-44f5-a654-ee03e697ab14",
      "x": "W0YdxqU6JkTO7--lGRuasmR-_dKY2R74PNcbXB7HJTY",
      "y": "LBOh4X6D30hGEJlnQlKg5y-TjTkVXDPHL2jbNAW_cOA"
    },
    {
      "kty": "OKP",
      "d": "bOgOs7_aPMO8M17PUKG-PGdzL35nAE0t88ZCtTUURF8",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "ff7fe5c7-f058-43ef-962c-e2e5505ec9c3",
      "x": "3XomafpDxKZ3xgYYcxmU2fvQdPaPrUQpBwbusrLFdgE"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "8fB3VW5Tw3bamzhlkf5b7nPm214PhkkmdUbEqQoMJ-0w9zh-HRRr3fTJYuE6lq5qwVVu7lk2N_2bPkHF8HFSptdUjpJwFNF0a3ttBIZdDcWQqafwJZNr8uypC0BRprMu5LRPcZYa8-235EQrWvWcGELrZyd3Y8ASz5dNJq1EDH0",
      "kty": "RSA",
      "q": "xrpvj-xL8uZ5pFxtBrmC_zs0EOnmYeBO-HtQ7NcniYwRNcbRGqOnrY22k2xW7PkmUKUp1-hk2sJ8eqwtBAU7PmYT0YfFriVtgssHOKhdqKQ8Y8VV_JBaYLmJ-iTR45CuEG3pjXrG5uxq6yK5H_Jdajl90WdroqzWLq74lBpHvNE",
      "d": "KkjFnDKHoXFwMRh30lWGpqXH-9w2JWTwnhi_S6rzta6haOl8aJ55MkNF5mBp-s7wIxdB_scnMevK4NglAkrOMpcEOVdRCKenISrj4KQpTOxSCoxG4zzN_9lzuDq9UBaI0YgSRkMvuwRR3THIGzm4iR7E7fDEBSKdKtdLsqFMR_X5lQM4ytOil_QJ6mq7JqycEXMzy3tUA4r56LOwlCYsdTW8nlV49TPjwkptwu7a3fz5DJtH0sdE7DHcOZ0WCBh2BRkwtOWxVV2mq-7G3_g-Ckr8dXgVFp4dFRA1p_saDjgBuK-yo1jCc_8Y2OEd8mXWS-8sTBvzlVfXWyEBuspWQQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "1a37059d-bb8a-4c0b-bfa9-3d603aed46b2",
      "qi": "0bIRlGYk2qPs-dNx4muio6hiXTJRWv7zYb0WpiiZZuaXqnqGPtM2nr7gps7uVJEEwJPHOUxh7MG0NHYlAmtnB7CalmsXnxdDthQgi6m_8Buflmt_Fl7aNBj6kMZPLf4FoyAcrA-7o5WT1g7XSi4NXo0dHJ3w34Fpky_Cfy1ww4U",
      "dp": "2FlNjULMetVU5UsIYQZRVSmlvnMddNsDHgp7oCHQ_v83M0v8UqrJTsEwOVDpYId2BY8NVOzH9Ee_xGtywvHDlFioT5oZyjQHZHoJ4er5WXBbTatUr3VmKeSBwgLxQR2oiHHJPOybC5h_QgvHrV5HCNcGxMbhF31SFPrazgRQ_s0",
      "alg": "RSA-OAEP",
      "dq": "KcathzLkcGaU8cFgRgafjCoU8u1IuhCeaUv7Ih7Et_yS7Zwi_xeiOzDMTcd7qothy5g86J94_CfgZSVmvS6gWqi4x9Zj7wz9LX6iwP1b2wTTkSG9xr9N0IGQiN5OpSkX_mosq8pAn_DZNR7yjc20Z404btnv3Z251MyBgxjXNdE",
      "n": "u9Aucg_JGp29hhwoXsExS2S6XjbThmUdxfhswd-u85nB-6SxNxoKCoWzyuEs1h2UtTGEvvCcK0nE2O2Wy_-pV-YpnJOEQkoC9rfTFwYxZaW6IQo-fIiIGuryaM1hyCo2B3nYliNTF8msx93O6rVfj7LLCuhrrDXTOjerFmqLjQy7D8oBM6DdYLBJwaG2xot4YZ_hcv2nUpQB4yWEht-OWLIh9sHoE6FCbzop7PlZ0iQT7qGGvR9T1qTa39lOLvEa5VwfdSYHcjBn223rlLKXyEoxrdNWdljcLgm0qyjQrVo9wXOKglLjEmCFhmZKSGt6FaeiEZbNDc3056s5lmT-DQ"
    },
    {
      "kty": "EC",
      "d": "TBPWfrJkCwthr0Fml0Rng1IDh2iRGmt0IleQT2qfi34",
      "use": "enc",
      "crv": "P-256",
      "kid": "9bbd4c0c-c0ce-46fc-8f13-b9ff6de57505",
      "x": "QGC3_RTBghaOSB6OMa3G1jhur77KvnSiFD3y7gHCNNM",
      "y": "JjxjADHf0cle6mP7x5JN4dAM8H0mxXZUePrDFH_ee8k",
      "alg": "ECDH-ES"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "373261a4-b4ff-47f2-8c0b-f301d124f36e",
      "n": "gOwNskXGaTjBEBS4NH-oVSuCM-OeDj-dCssuMW0iRzSCbul3w-4icgIe_YpVFd_b5j3CVX5x4LhlVVsD34vo_i6jR4Hhadb2dmypkWGebZJ4D7busFtc26iYHe4NyokaGgEbn7_ugDiqQqCz8j6oB4e4GYSOj6-tZ34Znfmq3w9LLcYxp6bh0hQ7yp4_EQKZ5Adenfl6gCNkr2j2x7vEg2FnCTUVD82jRDG_Abhg_Y09j3bzoda13A0TrReR0o9VzCGpPjWe1pjZzrU98xTLQyiEBucPPQHgDCxLUzxOlnlW_vHG34pn5uykCBgU89MROZjDSWmUtn5rNGKWVcdDjw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "451da661-7499-496d-93c5-04a11a9e7078",
      "n": "u6FUFN9Tp_JVzYiVPsx69PBlh20S9TonEpAk-VDUec28lNYNRjq2gECT_2LwKxudtut5A9bAbye19QDv88hJBu9mWwQwge45aU4w-h7tXy_MFcPBT3MdBUhYpZEU6ING9BCY5fl5BSS6xdZXJ8hbc9EYzzRuzhILYElg30KWp_3xBIMWMYhrJGolu9I-BS-jf1nanhkNMa1Ys7aNZhFjKHFSnb4dU7K041zm8N33Ha9r37b2KdQT90qmQ4YYImol-bJeMOvHx7mgP9__towtdR4ugMFHNgghOfhI5Iv4n83AgFHptb1hVlj7s0On4EFOsgR6KCLcWO9rP1chmFFWlQ"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "aa9842b7-6118-4925-bfe9-aa5d472297e8",
      "x": "YYUJpVfvv91PuiI77zHk6RGYTfnSOD8M3OiO28pubWE",
      "y": "or4lzptA9D1FWUe14gdGQ_rlGs7XE-wEg_f23Lmnhu0"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "3a995e76-e288-41bc-b640-e8ec9373cf1e",
      "x": "mocL91EAeV2WldTuIw-LDbIkuuPt-dkEf2hwRoWt_3M",
      "y": "DWCYzP9cqhQw7BU4gTelbI3bXjj1NVYQBsHiTqYhO24"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "kid": "26857c36-46b1-44f5-a654-ee03e697ab14",
      "x": "W0YdxqU6JkTO7--lGRuasmR-_dKY2R74PNcbXB7HJTY",
      "y": "LBOh4X6D30hGEJlnQlKg5y-TjTkVXDPHL2jbNAW_cOA"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "ff7fe5c7-f058-43ef-962c-e2e5505ec9c3",
      "x": "3XomafpDxKZ3xgYYcxmU2fvQdPaPrUQpBwbusrLFdgE"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "1a37059d-bb8a-4c0b-bfa9-3d603aed46b2",
      "alg": "RSA-OAEP",
      "n": "u9Aucg_JGp29hhwoXsExS2S6XjbThmUdxfhswd-u85nB-6SxNxoKCoWzyuEs1h2UtTGEvvCcK0nE2O2Wy_-pV-YpnJOEQkoC9rfTFwYxZaW6IQo-fIiIGuryaM1hyCo2B3nYliNTF8msx93O6rVfj7LLCuhrrDXTOjerFmqLjQy7D8oBM6DdYLBJwaG2xot4YZ_hcv2nUpQB4yWEht-OWLIh9sHoE6FCbzop7PlZ0iQT7qGGvR9T1qTa39lOLvEa5VwfdSYHcjBn223rlLKXyEoxrdNWdljcLgm0qyjQrVo9wXOKglLjEmCFhmZKSGt6FaeiEZbNDc3056s5lmT-DQ"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "9bbd4c0c-c0ce-46fc-8f13-b9ff6de57505",
      "x": "QGC3_RTBghaOSB6OMa3G1jhur77KvnSiFD3y7gHCNNM",
      "y": "JjxjADHf0cle6mP7x5JN4dAM8H0mxXZUePrDFH_ee8k",
      "alg": "ECDH-ES"
    }
  ]
}
2022-11-20 20:09:57 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-20 20:09:57 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-20 20:09:57 SUCCESS
OIDCCLoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "profile": "https://example.com/user",
  "updated_at": 1580000000
}
2022-11-20 20:09:57 SUCCESS
OIDCCGetStaticClientConfigurationForRPTests
Found a static client object
client_id
client-77c1aa57-dd0d-49b2-b107-29103a4db242
client_secret
client-77c1aa57-dd0d-49b2-b107-29103a4db242
scope
openid email
jwks
{
  "keys": [
    {
      "crv": "Ed25519",
      "x": "drsf-pg0BtaMF-mWYF4S7Ykt2tpce2JeFUR8mBptQSM",
      "kty": "OKP",
      "use": "sig",
      "alg": "EdDSA",
      "kid": "d040e499-36c2-4537-8cd7-8b5618d8ee28"
    }
  ]
}
id_token_signed_response_alg
EdDSA
redirect_uris
[
  "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb"
]
2022-11-20 20:09:57 SUCCESS
EnsureClientDoesNotHaveBothJwksAndJwksUri
Client does not have both jwks and jwks_uri set
client
{
  "client_id": "client-77c1aa57-dd0d-49b2-b107-29103a4db242",
  "client_secret": "client-77c1aa57-dd0d-49b2-b107-29103a4db242",
  "scope": "openid email",
  "jwks": {
    "keys": [
      {
        "crv": "Ed25519",
        "x": "drsf-pg0BtaMF-mWYF4S7Ykt2tpce2JeFUR8mBptQSM",
        "kty": "OKP",
        "use": "sig",
        "alg": "EdDSA",
        "kid": "d040e499-36c2-4537-8cd7-8b5618d8ee28"
      }
    ]
  },
  "id_token_signed_response_alg": "EdDSA",
  "redirect_uris": [
    "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb"
  ]
}
2022-11-20 20:09:57 INFO
FetchClientKeys
Skipped evaluation due to missing required element: client jwks_uri
path
jwks_uri
mapped
object
client
2022-11-20 20:09:57 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "crv": "Ed25519",
      "x": "drsf-pg0BtaMF-mWYF4S7Ykt2tpce2JeFUR8mBptQSM",
      "kty": "OKP",
      "use": "sig",
      "alg": "EdDSA",
      "kid": "d040e499-36c2-4537-8cd7-8b5618d8ee28"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "kid": "d040e499-36c2-4537-8cd7-8b5618d8ee28",
      "x": "drsf-pg0BtaMF-mWYF4S7Ykt2tpce2JeFUR8mBptQSM",
      "alg": "EdDSA"
    }
  ]
}
2022-11-20 20:09:57 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-20 20:09:57 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-20 20:09:57 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-20 20:09:57 SUCCESS
ValidateClientGrantTypes
grant_types match response_types
grant_types
[
  "authorization_code"
]
response_types
[
  "code"
]
2022-11-20 20:09:57 SUCCESS
OIDCCValidateClientRedirectUris
Valid redirect_uri(s) provided in registration request
redirect_uris
[
  "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb"
]
2022-11-20 20:09:57 SUCCESS
ValidateClientLogoUris
Client does not contain any logo_uri
2022-11-20 20:09:57 SUCCESS
ValidateClientUris
Client does not contain any client_uri
2022-11-20 20:09:57 SUCCESS
ValidateClientPolicyUris
Client does not contain any policy_uri
2022-11-20 20:09:57 SUCCESS
ValidateClientTosUris
Client does not contain any tos_uri
2022-11-20 20:09:57 SUCCESS
ValidateClientSubjectType
A subject_type was not provided
2022-11-20 20:09:57 SUCCESS
ValidateIdTokenSignedResponseAlg
id_token_signed_response_alg is one of the known algorithms
alg
EdDSA
2022-11-20 20:09:57 SUCCESS
EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet
id_token_encrypted_response_enc is not set
2022-11-20 20:09:57 INFO
ValidateUserinfoSignedResponseAlg
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-11-20 20:09:57 SUCCESS
EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet
userinfo_encrypted_response_enc is not set
2022-11-20 20:09:57 INFO
ValidateRequestObjectSigningAlg
Skipped evaluation due to missing required element: client request_object_signing_alg
path
request_object_signing_alg
mapped
object
client
2022-11-20 20:09:57 SUCCESS
EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet
request_object_encryption_enc is not set
2022-11-20 20:09:57 INFO
ValidateTokenEndpointAuthSigningAlg
Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg
path
token_endpoint_auth_signing_alg
mapped
object
client
2022-11-20 20:09:57 SUCCESS
ValidateDefaultMaxAge
default_max_age is not set
2022-11-20 20:09:57 INFO
ValidateRequireAuthTime
Skipped evaluation due to missing required element: client require_auth_time
path
require_auth_time
mapped
object
client
2022-11-20 20:09:57 INFO
ValidateDefaultAcrValues
Skipped evaluation due to missing required element: client default_acr_values
path
default_acr_values
mapped
object
client
2022-11-20 20:09:57 INFO
ValidateInitiateLoginUri
Skipped evaluation due to missing required element: client initiate_login_uri
path
initiate_login_uri
mapped
object
client
2022-11-20 20:09:57 INFO
ValidateRequestUris
Skipped evaluation due to missing required element: client request_uris
path
request_uris
mapped
object
client
2022-11-20 20:09:57
SetServerSigningAlgToNone
Successfully set signing algorithm to none
signing_algorithm
none
2022-11-20 20:09:57
SetClientIdTokenSignedResponseAlgToServerSigningAlg
Set id_token_signed_response_alg for the registered client
id_token_signed_response_alg
none
2022-11-20 20:09:57
oidcc-client-test-idtoken-sig-none
Setup Done
2022-11-20 20:09:58 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to /test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "user-agent": "oauth4webapi/v2.0.0",
  "accept-language": "*",
  "sec-fetch-mode": "cors",
  "accept-encoding": "br, gzip, deflate",
  "connection": "close"
}
incoming_path
/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_body_json
Discovery endpoint
2022-11-20 20:09:58 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance UPShqT6oM14NSOS
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-11-20 20:09:58 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to /test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "*/*",
  "accept-language": "*",
  "sec-fetch-mode": "cors",
  "user-agent": "undici",
  "accept-encoding": "br, gzip, deflate",
  "connection": "close"
}
incoming_path
/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "client_id": "client-77c1aa57-dd0d-49b2-b107-29103a4db242",
  "code_challenge": "tn8CK8XuwbsKJ28EhcjZQeVAL_iCpL-IudgdHoYqr7U",
  "code_challenge_method": "S256",
  "redirect_uri": "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb",
  "response_type": "code",
  "scope": "openid email"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_body_json
Authorization endpoint
2022-11-20 20:09:58 SUCCESS
EnsureRequestDoesNotContainRequestObject
Request does not contain a request parameter
2022-11-20 20:09:58 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "email"
]
expected
openid
2022-11-20 20:09:58 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client-77c1aa57-dd0d-49b2-b107-29103a4db242",
  "code_challenge": "tn8CK8XuwbsKJ28EhcjZQeVAL_iCpL-IudgdHoYqr7U",
  "code_challenge_method": "S256",
  "redirect_uri": "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb",
  "response_type": "code",
  "scope": "openid email"
}
2022-11-20 20:09:58 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid email
2022-11-20 20:09:58 INFO
ExtractNonceFromAuthorizationRequest
Couldn't find 'nonce' in authorization endpoint parameters
2022-11-20 20:09:58 SUCCESS
EnsureAuthorizationRequestContainsPkceCodeChallenge
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
tn8CK8XuwbsKJ28EhcjZQeVAL_iCpL-IudgdHoYqr7U
2022-11-20 20:09:58 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2022-11-20 20:09:58 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client-77c1aa57-dd0d-49b2-b107-29103a4db242
2022-11-20 20:09:58 SUCCESS
EnsureValidRedirectUriForAuthorizationEndpointRequest
redirect_uri is one of the allowed redirect uris
actual
https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb
expected
[
  "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb"
]
2022-11-20 20:09:58 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "email"
]
expected
openid
2022-11-20 20:09:58 SUCCESS
DisallowMaxAgeEqualsZeroAndPromptNone
The client did not send max_age=0 and prompt=none parameters as expected
2022-11-20 20:09:58 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
KQAqWKFPLFOl6KNPsU4zkO7idvfx2yQ7
2022-11-20 20:09:58 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb"
}
2022-11-20 20:09:58 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb",
  "code": "KQAqWKFPLFOl6KNPsU4zkO7idvfx2yQ7"
}
2022-11-20 20:09:58
SendAuthorizationResponseWithResponseModeQuery
Redirecting back to client
uri
https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb?code=KQAqWKFPLFOl6KNPsU4zkO7idvfx2yQ7
2022-11-20 20:09:58 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance UPShqT6oM14NSOS
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb?code=KQAqWKFPLFOl6KNPsU4zkO7idvfx2yQ7]
outgoing_path
authorize
2022-11-20 20:09:58 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to /test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json",
  "authorization": "Basic Y2xpZW50LTc3YzFhYTU3LWRkMGQtNDliMi1iMTA3LTI5MTAzYTRkYjI0MjpjbGllbnQtNzdjMWFhNTctZGQwZC00OWIyLWIxMDctMjkxMDNhNGRiMjQy",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "user-agent": "oauth4webapi/v2.0.0",
  "accept-language": "*",
  "sec-fetch-mode": "cors",
  "accept-encoding": "br, gzip, deflate",
  "connection": "close",
  "content-length": "207"
}
incoming_path
/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/token
incoming_body_form_params
{
  "redirect_uri": "https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb",
  "code_verifier": "b6RUmLP4vYQqG39AFGiPxG77EURdxglwuu8RU-Q9pQ4",
  "code": "KQAqWKFPLFOl6KNPsU4zkO7idvfx2yQ7",
  "grant_type": "authorization_code"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
redirect_uri=https%3A%2F%2Fclient-77c1aa57-dd0d-49b2-b107-29103a4db242.local%2Fcb&code_verifier=b6RUmLP4vYQqG39AFGiPxG77EURdxglwuu8RU-Q9pQ4&code=KQAqWKFPLFOl6KNPsU4zkO7idvfx2yQ7&grant_type=authorization_code
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_body_json
Token endpoint
2022-11-20 20:09:58
CheckClientIdMatchesOnTokenRequestIfPresent
client_id not present, nothing to check
2022-11-20 20:09:58 SUCCESS
ExtractClientCredentialsFromBasicAuthorizationHeader
Extracted client authentication
client_id
client-77c1aa57-dd0d-49b2-b107-29103a4db242
client_secret
client-77c1aa57-dd0d-49b2-b107-29103a4db242
method
client_secret_basic
2022-11-20 20:09:58 SUCCESS
ValidateClientIdAndSecret
Client id and secret match
2022-11-20 20:09:58 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
KQAqWKFPLFOl6KNPsU4zkO7idvfx2yQ7
2022-11-20 20:09:58 SUCCESS
ValidateRedirectUriForTokenEndpointRequest
redirect_uri is the same as the one used in the authorization request
actual
https://client-77c1aa57-dd0d-49b2-b107-29103a4db242.local/cb
2022-11-20 20:09:58 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
E05PS7g9ZF11hjlUK7rD0ZR09zg77W1lrohlNTb9C0K1NTsr1p
2022-11-20 20:09:58 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/
sub
user-subject-1234531
aud
client-77c1aa57-dd0d-49b2-b107-29103a4db242
iat
1668974998
exp
1668975298
2022-11-20 20:09:58 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2022-11-20 20:09:58 SUCCESS
SignIdTokenWithAlgNone
Created id_token with alg none
id_token
eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hLzc3YzFhYTU3LWRkMGQtNDliMi1iMTA3LTI5MTAzYTRkYjI0Mi8iLCJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudC03N2MxYWE1Ny1kZDBkLTQ5YjItYjEwNy0yOTEwM2E0ZGIyNDIiLCJpYXQiOjE2Njg5NzQ5OTgsImV4cCI6MTY2ODk3NTI5OH0.
2022-11-20 20:09:58 INFO
EncryptIdToken
Skipped evaluation due to missing required element: client id_token_encrypted_response_alg
path
id_token_encrypted_response_alg
mapped
object
client
2022-11-20 20:09:58 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
E05PS7g9ZF11hjlUK7rD0ZR09zg77W1lrohlNTb9C0K1NTsr1p
token_type
Bearer
id_token
eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hLzc3YzFhYTU3LWRkMGQtNDliMi1iMTA3LTI5MTAzYTRkYjI0Mi8iLCJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudC03N2MxYWE1Ny1kZDBkLTQ5YjItYjEwNy0yOTEwM2E0ZGIyNDIiLCJpYXQiOjE2Njg5NzQ5OTgsImV4cCI6MTY2ODk3NTI5OH0.
scope
openid email
2022-11-20 20:09:58 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance UPShqT6oM14NSOS
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "E05PS7g9ZF11hjlUK7rD0ZR09zg77W1lrohlNTb9C0K1NTsr1p",
  "token_type": "Bearer",
  "id_token": "eyJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hLzc3YzFhYTU3LWRkMGQtNDliMi1iMTA3LTI5MTAzYTRkYjI0Mi8iLCJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudC03N2MxYWE1Ny1kZDBkLTQ5YjItYjEwNy0yOTEwM2E0ZGIyNDIiLCJpYXQiOjE2Njg5NzQ5OTgsImV4cCI6MTY2ODk3NTI5OH0.",
  "scope": "openid email"
}
outgoing_path
token
2022-11-20 20:09:59 INCOMING
oidcc-client-test-idtoken-sig-none
Incoming HTTP request to /test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/userinfo
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/jwt",
  "authorization": "Bearer E05PS7g9ZF11hjlUK7rD0ZR09zg77W1lrohlNTb9C0K1NTsr1p",
  "user-agent": "oauth4webapi/v2.0.0",
  "accept-language": "*",
  "sec-fetch-mode": "cors",
  "accept-encoding": "br, gzip, deflate",
  "connection": "close"
}
incoming_path
/test/a/77c1aa57-dd0d-49b2-b107-29103a4db242/userinfo
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_body_json
Userinfo endpoint
2022-11-20 20:09:59 SUCCESS
OIDCCExtractBearerAccessTokenFromRequest
Found access token on incoming request
access_token
E05PS7g9ZF11hjlUK7rD0ZR09zg77W1lrohlNTb9C0K1NTsr1p
2022-11-20 20:09:59 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
E05PS7g9ZF11hjlUK7rD0ZR09zg77W1lrohlNTb9C0K1NTsr1p
2022-11-20 20:09:59 SUCCESS
FilterUserInfoForScopes
User info endpoint output
sub
user-subject-1234531
email
user@example.com
email_verified
false
2022-11-20 20:09:59
ClearAccessTokenFromRequest
Removed incoming access token from environment
2022-11-20 20:09:59 INFO
AddIssAndAudToUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-11-20 20:09:59 INFO
SignUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_signed_response_alg
path
userinfo_signed_response_alg
mapped
object
client
2022-11-20 20:09:59 INFO
EncryptUserInfoResponse
Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg
path
userinfo_encrypted_response_alg
mapped
object
client
2022-11-20 20:09:59 OUTGOING
oidcc-client-test-idtoken-sig-none
Response to HTTP request to test instance UPShqT6oM14NSOS
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "sub": "user-subject-1234531",
  "email": "user@example.com",
  "email_verified": false
}
outgoing_path
userinfo
2022-11-20 20:09:59 FINISHED
oidcc-client-test-idtoken-sig-none
Test has run to completion
testmodule_result
PASSED
2022-11-20 20:10:00
TEST-RUNNER
Alias has now been claimed by another test
alias
77c1aa57-dd0d-49b2-b107-29103a4db242
new_test_id
21E2GXWwBhHLByF
Test Results