Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-28 04:38:13 INFO
TEST-RUNNER
Test instance 6iVWnSAX3dm1a6B created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "private_key_jwt",
  "response_type": "code",
  "server_metadata": "discovery",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
SoSRIsRewAttb
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-refresh-token-rp-key-rotation
2022-11-28 04:38:13 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 04:38:13
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:38:14 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK65eb1a11-b342-49f8-bde5-318fd7d9a4ba",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843b36082394cd",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 04:38:14 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:w3hCOmCbnuXMnvggHPZpCt3eErUGidIeaqEa34Bz+bY\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d5F8418D1E9BEB9A2C3424F73CC5AE430~-1~YAAQJHYGF8Y5+oSEAQAAfEyHvAgwIubv8YpitW9fkFQn9DW5S9Gl2+ymZTC0S22XQPbkFtP41E6njiRJO1MDp2ta7fZqaMCk8madbNvNAzB5NpAuiHbj2ulE+7BHATVoXFdFYnpiNDGs1j4bpCalSTM3j+PaQ5ahwtqvd16Mu55tdUxPlEB2/ObFdG2JvCWHRCaOr6fsAS6xnfHyqHL8f1wUx088zvMfCZrBaiwqORdzJv1P8f1rJjp26t7b1KU3CMrZG15/VCkW/+8LkARGlADX/nDLPPiB/e93CS7PStVB5tHRxTMDk6D5oxbJc6+Fmp7YSRLd9vDRU2rqj/yIkW/haGRKWGTAQgfcN6c3z8veLURCxaXVq9ptFfjFM7E4pUiSW3U\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:38:14 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d169B71FAF9BD355E27D2464FC9273B4B~YAAQJHYGF8c5+oSEAQAAfEyHvBEOG6kvLflxR83q2rVkBuVSi9qk54T4DqGcwLa9N2lzGQLCLMdGpvOBVwpqOvG1emEycaDQNRtsTOvyjYxhqZb4Qbuls2h16/vIG+u7bkj5Oq1gHbGnpU5zJvnmrEp9AWrGK2DybF5txjmjDas/Cb5MZQKRA2UZkQC/hlhjEJSDrXElTj1cRAIgeEvS8Cp00mZM29n+gnp2Vyu19yJgAEQu0t2HRP7soHXveWV0Utgwx2gicWz/2e4ccUY5lg2B142ljb21qbacykeTSxbhcJtFhHDunQ03pKvF~4277574~3158852; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:38:14 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d91",
    "origin; dur\u003d272"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["email","name","employee_id","mobile_number","department","upn","preferred_username","given_name","tenantId","job_title","realmName","groupIds","family_name","uid","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-28 04:38:14 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "email",
  "name",
  "employee_id",
  "mobile_number",
  "department",
  "upn",
  "preferred_username",
  "given_name",
  "tenantId",
  "job_title",
  "realmName",
  "groupIds",
  "family_name",
  "uid",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-28 04:38:14 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-28 04:38:14 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-28 04:38:14
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-28 04:38:14
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:38:14 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK1986039e-65e6-4554-9017-9de37d6c3ba1",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843b360823950d",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 04:38:14 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:PU0SO+aQDP+KqlwWFphH/ekkzKY3yfu/uWZwEk/LPe4\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d0B75798FFB62C359ABC12A4DA30D1B3D~-1~YAAQJHYGF9I5+oSEAQAATE6HvAjxrakxeO6z4FLRdBE7899ccjvvNFQ6A8Ei2zGPgCKlqaXsBkehSr9NmvkKKSPhT48N1NEFtgK1fOuuuDshK/pBc8DjsqOMibBRctI3B+AgCtOXg3tMcde1MFgCK+j17DqiXNjswF0nm5sNe1aBXsrUQ7Aeu1HXrFJ8gB7CQr5hfpaWo9K6Nzw++MVfCVqhWxf3XGTvqVtGjYX9L8JUFRZWtoypEfeYHogwrih/+bbxmbFB+toXxYTawhWI92H6abpkD/EMk8CjoMUM3GE1KaIPodtD0kux4SbLXzu/4MipVvlvZVtOEGuawSzf/iCtQjKKsAHqXQitKfvhO/B+eOHLlyVJuKNYKrMmL9+S/oZK86U\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:38:14 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA16B464D3B44EDF341A31C68ED533D18~YAAQJHYGF9M5+oSEAQAATE6HvBFWTyeMgdtUUAefYLD0O0Ae1CgQ+pvrH7Coq60cVvTDoapmuVr56lX5l+Nj2qWwrEiisAq6ScRn8/uT7QAhesB1blbxdHNqRan1hR3wlKok52kxt9Kr18bqicBOEhzCXgB+Nwin51QitIl590VhxTSMCOcAuaEWGZ9Q5u/62LkmJTbFkON23Fc3cCjJdN3c+84sztWU1lZxTvFMwziz90Q7epA6XOWkEhQPyOMENFiprDt7xA3Zsac0nZFVAf4bfaPUSUN+6xN7Q5YZe3d1giZAGWRv7SdJyJ70~4277574~3158852; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:38:14 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d91",
    "origin; dur\u003d296"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"},{"kid":"isvconformancetest2","kty":"RSA","use":"sig","x5c":["MIIDsTCCApmgAwIBAgIUXFszgN3OzKDaUQqIM1yGuRhIdOEwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UEBhMCU0cxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDSUJNMRMwEQYDVQQDDAp2LXNvb24ubmV0MR8wHQYJKoZIhvcNAQkBFhBsaW5xaUBzZy5pYm0uY29tMB4XDTIyMTExNTEwMzkwN1oXDTIzMTExNTEwMzkwN1owaDELMAkGA1UEBhMCU0cxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDSUJNMRMwEQYDVQQDDAp2LXNvb24ubmV0MR8wHQYJKoZIhvcNAQkBFhBsaW5xaUBzZy5pYm0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznY+E9t97lr1P/loC88JSj+Ukb4SdNXA/QjFbkEPj7ZxpIj8HcDMVRmn69uYkgvxDhx9uwnGEE17nXyN5SXZy5QtfIfpYu4IcKzmNxQ0K3bESn1/xCz3B/Rc/dKvz8exJ1cmFilu1C7jWViwCpJ+h3JA/MOeIfNxG3uixckK7VI3G29Z6GCEDOTLRqROrrlH92woEDhlAE7t4rt8mmuoxzo6PgPD3VY88h0jvUfGJAHNdZAAk84VKT/RsXIS4wdSpJOKxqTR3OHftRbIqkBBIZuP8Ck8beisXAQbOZEJ50IkxwL4SNNes4/kcxdSB+lGdChQU75H9s0uZtgT9DsHVwIDAQABo1MwUTAdBgNVHQ4EFgQUmzwRlyHIqFYXs9kwkMdUe6RZ7u0wHwYDVR0jBBgwFoAUmzwRlyHIqFYXs9kwkMdUe6RZ7u0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAFosXBDAJT49+e3f7fTeyZgTm0SvrMcOznTMhXLz/CT+cLDVVeTIWkguSM0NT37oa6/N//iFtGF0sf+LQT7tDBR3iSNyibrQLFwx2J90y1U3iSSS528MUwJWz/UYXq5AAUzgoaKCHUh1CkpUEn7TzowGpvezwxwzSFdO3CEartIjguukVbKfzHCxVDfA71U1mJvLO+ILaSYhtoRRb7OlL8ZLhA5XX6P45X32VT90Fqn+9v2xT5pwPQ2GnlsNGvC0cFl/h1fcc3tjRcv27FLhCaL8Y5u0axhLp7QiDFL2vXTwnU1IG0w7J0fblb0xzBLvPzWQLY6EUBWBkVcsB2sVMTQ=="],"x5t#S256":"2qNkJn0repplxX6OTRy5uJgfERoOGdybpOHV1IZIs50","n":"znY-E9t97lr1P_loC88JSj-Ukb4SdNXA_QjFbkEPj7ZxpIj8HcDMVRmn69uYkgvxDhx9uwnGEE17nXyN5SXZy5QtfIfpYu4IcKzmNxQ0K3bESn1_xCz3B_Rc_dKvz8exJ1cmFilu1C7jWViwCpJ-h3JA_MOeIfNxG3uixckK7VI3G29Z6GCEDOTLRqROrrlH92woEDhlAE7t4rt8mmuoxzo6PgPD3VY88h0jvUfGJAHNdZAAk84VKT_RsXIS4wdSpJOKxqTR3OHftRbIqkBBIZuP8Ck8beisXAQbOZEJ50IkxwL4SNNes4_kcxdSB-lGdChQU75H9s0uZtgT9DsHVw","e":"AQAB"}]}
2022-11-28 04:38:14
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"},{"kid":"isvconformancetest2","kty":"RSA","use":"sig","x5c":["MIIDsTCCApmgAwIBAgIUXFszgN3OzKDaUQqIM1yGuRhIdOEwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UEBhMCU0cxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDSUJNMRMwEQYDVQQDDAp2LXNvb24ubmV0MR8wHQYJKoZIhvcNAQkBFhBsaW5xaUBzZy5pYm0uY29tMB4XDTIyMTExNTEwMzkwN1oXDTIzMTExNTEwMzkwN1owaDELMAkGA1UEBhMCU0cxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDSUJNMRMwEQYDVQQDDAp2LXNvb24ubmV0MR8wHQYJKoZIhvcNAQkBFhBsaW5xaUBzZy5pYm0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznY+E9t97lr1P/loC88JSj+Ukb4SdNXA/QjFbkEPj7ZxpIj8HcDMVRmn69uYkgvxDhx9uwnGEE17nXyN5SXZy5QtfIfpYu4IcKzmNxQ0K3bESn1/xCz3B/Rc/dKvz8exJ1cmFilu1C7jWViwCpJ+h3JA/MOeIfNxG3uixckK7VI3G29Z6GCEDOTLRqROrrlH92woEDhlAE7t4rt8mmuoxzo6PgPD3VY88h0jvUfGJAHNdZAAk84VKT/RsXIS4wdSpJOKxqTR3OHftRbIqkBBIZuP8Ck8beisXAQbOZEJ50IkxwL4SNNes4/kcxdSB+lGdChQU75H9s0uZtgT9DsHVwIDAQABo1MwUTAdBgNVHQ4EFgQUmzwRlyHIqFYXs9kwkMdUe6RZ7u0wHwYDVR0jBBgwFoAUmzwRlyHIqFYXs9kwkMdUe6RZ7u0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAFosXBDAJT49+e3f7fTeyZgTm0SvrMcOznTMhXLz/CT+cLDVVeTIWkguSM0NT37oa6/N//iFtGF0sf+LQT7tDBR3iSNyibrQLFwx2J90y1U3iSSS528MUwJWz/UYXq5AAUzgoaKCHUh1CkpUEn7TzowGpvezwxwzSFdO3CEartIjguukVbKfzHCxVDfA71U1mJvLO+ILaSYhtoRRb7OlL8ZLhA5XX6P45X32VT90Fqn+9v2xT5pwPQ2GnlsNGvC0cFl/h1fcc3tjRcv27FLhCaL8Y5u0axhLp7QiDFL2vXTwnU1IG0w7J0fblb0xzBLvPzWQLY6EUBWBkVcsB2sVMTQ=="],"x5t#S256":"2qNkJn0repplxX6OTRy5uJgfERoOGdybpOHV1IZIs50","n":"znY-E9t97lr1P_loC88JSj-Ukb4SdNXA_QjFbkEPj7ZxpIj8HcDMVRmn69uYkgvxDhx9uwnGEE17nXyN5SXZy5QtfIfpYu4IcKzmNxQ0K3bESn1_xCz3B_Rc_dKvz8exJ1cmFilu1C7jWViwCpJ-h3JA_MOeIfNxG3uixckK7VI3G29Z6GCEDOTLRqROrrlH92woEDhlAE7t4rt8mmuoxzo6PgPD3VY88h0jvUfGJAHNdZAAk84VKT_RsXIS4wdSpJOKxqTR3OHftRbIqkBBIZuP8Ck8beisXAQbOZEJ50IkxwL4SNNes4_kcxdSB-lGdChQU75H9s0uZtgT9DsHVw","e":"AQAB"}]}
2022-11-28 04:38:14 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    },
    {
      "kid": "isvconformancetest2",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDsTCCApmgAwIBAgIUXFszgN3OzKDaUQqIM1yGuRhIdOEwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UEBhMCU0cxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDSUJNMRMwEQYDVQQDDAp2LXNvb24ubmV0MR8wHQYJKoZIhvcNAQkBFhBsaW5xaUBzZy5pYm0uY29tMB4XDTIyMTExNTEwMzkwN1oXDTIzMTExNTEwMzkwN1owaDELMAkGA1UEBhMCU0cxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDSUJNMRMwEQYDVQQDDAp2LXNvb24ubmV0MR8wHQYJKoZIhvcNAQkBFhBsaW5xaUBzZy5pYm0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznY+E9t97lr1P/loC88JSj+Ukb4SdNXA/QjFbkEPj7ZxpIj8HcDMVRmn69uYkgvxDhx9uwnGEE17nXyN5SXZy5QtfIfpYu4IcKzmNxQ0K3bESn1/xCz3B/Rc/dKvz8exJ1cmFilu1C7jWViwCpJ+h3JA/MOeIfNxG3uixckK7VI3G29Z6GCEDOTLRqROrrlH92woEDhlAE7t4rt8mmuoxzo6PgPD3VY88h0jvUfGJAHNdZAAk84VKT/RsXIS4wdSpJOKxqTR3OHftRbIqkBBIZuP8Ck8beisXAQbOZEJ50IkxwL4SNNes4/kcxdSB+lGdChQU75H9s0uZtgT9DsHVwIDAQABo1MwUTAdBgNVHQ4EFgQUmzwRlyHIqFYXs9kwkMdUe6RZ7u0wHwYDVR0jBBgwFoAUmzwRlyHIqFYXs9kwkMdUe6RZ7u0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAFosXBDAJT49+e3f7fTeyZgTm0SvrMcOznTMhXLz/CT+cLDVVeTIWkguSM0NT37oa6/N//iFtGF0sf+LQT7tDBR3iSNyibrQLFwx2J90y1U3iSSS528MUwJWz/UYXq5AAUzgoaKCHUh1CkpUEn7TzowGpvezwxwzSFdO3CEartIjguukVbKfzHCxVDfA71U1mJvLO+ILaSYhtoRRb7OlL8ZLhA5XX6P45X32VT90Fqn+9v2xT5pwPQ2GnlsNGvC0cFl/h1fcc3tjRcv27FLhCaL8Y5u0axhLp7QiDFL2vXTwnU1IG0w7J0fblb0xzBLvPzWQLY6EUBWBkVcsB2sVMTQ\u003d\u003d"
      ],
      "x5t#S256": "2qNkJn0repplxX6OTRy5uJgfERoOGdybpOHV1IZIs50",
      "n": "znY-E9t97lr1P_loC88JSj-Ukb4SdNXA_QjFbkEPj7ZxpIj8HcDMVRmn69uYkgvxDhx9uwnGEE17nXyN5SXZy5QtfIfpYu4IcKzmNxQ0K3bESn1_xCz3B_Rc_dKvz8exJ1cmFilu1C7jWViwCpJ-h3JA_MOeIfNxG3uixckK7VI3G29Z6GCEDOTLRqROrrlH92woEDhlAE7t4rt8mmuoxzo6PgPD3VY88h0jvUfGJAHNdZAAk84VKT_RsXIS4wdSpJOKxqTR3OHftRbIqkBBIZuP8Ck8beisXAQbOZEJ50IkxwL4SNNes4_kcxdSB-lGdChQU75H9s0uZtgT9DsHVw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 04:38:14 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    },
    {
      "kid": "isvconformancetest2",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDsTCCApmgAwIBAgIUXFszgN3OzKDaUQqIM1yGuRhIdOEwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UEBhMCU0cxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDSUJNMRMwEQYDVQQDDAp2LXNvb24ubmV0MR8wHQYJKoZIhvcNAQkBFhBsaW5xaUBzZy5pYm0uY29tMB4XDTIyMTExNTEwMzkwN1oXDTIzMTExNTEwMzkwN1owaDELMAkGA1UEBhMCU0cxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEMMAoGA1UECgwDSUJNMRMwEQYDVQQDDAp2LXNvb24ubmV0MR8wHQYJKoZIhvcNAQkBFhBsaW5xaUBzZy5pYm0uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznY+E9t97lr1P/loC88JSj+Ukb4SdNXA/QjFbkEPj7ZxpIj8HcDMVRmn69uYkgvxDhx9uwnGEE17nXyN5SXZy5QtfIfpYu4IcKzmNxQ0K3bESn1/xCz3B/Rc/dKvz8exJ1cmFilu1C7jWViwCpJ+h3JA/MOeIfNxG3uixckK7VI3G29Z6GCEDOTLRqROrrlH92woEDhlAE7t4rt8mmuoxzo6PgPD3VY88h0jvUfGJAHNdZAAk84VKT/RsXIS4wdSpJOKxqTR3OHftRbIqkBBIZuP8Ck8beisXAQbOZEJ50IkxwL4SNNes4/kcxdSB+lGdChQU75H9s0uZtgT9DsHVwIDAQABo1MwUTAdBgNVHQ4EFgQUmzwRlyHIqFYXs9kwkMdUe6RZ7u0wHwYDVR0jBBgwFoAUmzwRlyHIqFYXs9kwkMdUe6RZ7u0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAFosXBDAJT49+e3f7fTeyZgTm0SvrMcOznTMhXLz/CT+cLDVVeTIWkguSM0NT37oa6/N//iFtGF0sf+LQT7tDBR3iSNyibrQLFwx2J90y1U3iSSS528MUwJWz/UYXq5AAUzgoaKCHUh1CkpUEn7TzowGpvezwxwzSFdO3CEartIjguukVbKfzHCxVDfA71U1mJvLO+ILaSYhtoRRb7OlL8ZLhA5XX6P45X32VT90Fqn+9v2xT5pwPQ2GnlsNGvC0cFl/h1fcc3tjRcv27FLhCaL8Y5u0axhLp7QiDFL2vXTwnU1IG0w7J0fblb0xzBLvPzWQLY6EUBWBkVcsB2sVMTQ\u003d\u003d"
      ],
      "x5t#S256": "2qNkJn0repplxX6OTRy5uJgfERoOGdybpOHV1IZIs50",
      "n": "znY-E9t97lr1P_loC88JSj-Ukb4SdNXA_QjFbkEPj7ZxpIj8HcDMVRmn69uYkgvxDhx9uwnGEE17nXyN5SXZy5QtfIfpYu4IcKzmNxQ0K3bESn1_xCz3B_Rc_dKvz8exJ1cmFilu1C7jWViwCpJ-h3JA_MOeIfNxG3uixckK7VI3G29Z6GCEDOTLRqROrrlH92woEDhlAE7t4rt8mmuoxzo6PgPD3VY88h0jvUfGJAHNdZAAk84VKT_RsXIS4wdSpJOKxqTR3OHftRbIqkBBIZuP8Ck8beisXAQbOZEJ50IkxwL4SNNes4_kcxdSB-lGdChQU75H9s0uZtgT9DsHVw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 04:38:14 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-28 04:38:14 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-28 04:38:14 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 04:38:14 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-28 04:38:14
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 04:38:14
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 04:38:14 SUCCESS
CreateJwksUri
Created JWKs URI
jwks_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/client1_jwks
2022-11-28 04:38:14 SUCCESS
GenerateRS256ClientJWKsWithKeyID
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "78SbNbbMGh9cGow_Jh63HPfYnyJ5HlSrSYgtB-4z_xCc2wjWJz87ggq68OqUK8nEvfKVGyfD-tWVfjyzi84ikV03zYOiONjfUsrMdE64eKUp7FJAZNOo7rOVWVcznA3OxZ5WfaJnahOn7bQluQWgzvtdqVpKh3XT4XC9CRp5jM8",
      "kty": "RSA",
      "q": "oOvBQ2b9QHx8ULDeyDwShyA2NaeWPfDcjgTTE-iFOhljmUPJIIWBVtTE51RLeB2dpDD4AXSOUwB60NttD0RgVgFIANBCGNAvY0ZV6xdZmdJsvKj5R9gOw3Memr4mTHicnHWtWdrcjcBhrJvuidSmPS8GyEZnTue-8xDdfyVR4HE",
      "d": "Ptz4lskaOpR12tn878ZkhWYXPE34lzSy-QTWM1BeQr74O9ZV4Uy98pGk0fby8rlSFwunDv3BBKXpBMpQLSwEcOApIg4Nc4f2FdW3FXcH_O6tsW3RO2TgCVsZM9Lyz2McQcvNpRGKKI6gwGVh45KjNf2TWcIRbnFsnLu1oa4Xjlgh6DlKUrsL1qtIBVuTXb3n6WfvfaaVFgw1vzzwp7t2Q9FkyQi3xB4qZZ-CAzmZauzeya4Opgp1FOPGvV90cm7s4tZ4o3cmsaSSmdDd5y1_bP1DfaRXvZh_rznva0RIYKbP6xIVRx661KJQxVVtkR7UE1XsnVK9VYqYl_U8RkLO4Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "KvWruacFIRQR7L_5MhEPpJzyOxawGlaDzO7AJKP3T3A",
      "qi": "MSw56DxswecihGiprQoLbtxTQmxSEq3GZfg8A15w8tP3MGreOptk_ZuGEygGB4aAO8OCmwY-19KlI7C8fboxceVQNBqG1FR3alth2yw0PJhnsQpLgYQPDs5g0NkIzq-enUdAWUbMdY8PXV9y1pU_fPPe7VlUZqJ25_pvzXDpq7E",
      "dp": "gSVBBLmlThy-G36XNQ0uTGgjQfPrkS7B5CV5O-BOGYD1O_WShClHAFCPSNzRWpSfaECVl77fjOgmUYyYmSE69VlkiUnxwvTttUaOwcb1DebIogXbsXNgdtI8C5cwsUmuqjsTEzC6yyQzO5HhD7u8VkCGvoVnx3br3W5AI_sipXk",
      "alg": "RS256",
      "dq": "IJ2H70RZgg95FtWyYb0jODYEJr3PysAdw78glQFkt1DcCf1eL3Q_sbywJ_7CyRafk97E9W6NRi9rtRc0NIr0R5o84MVVEDhp0mI4Gc0CwRWQKnDJDZGx9FVJ161Aj_FGNMP5HaQpXaWnZle4ckEibHYylrcGS0zXO-aoLhP_U1E",
      "n": "lrevfmZ8AxjU2QLHjZ_4nkKhbHh7vsE55ySLnnmrde4HIAtBIdLokitkm4lU6XXVDeLkx_mhts9E8cSTtFSQm7tHEzzvbc1sg3yYTyzYYAmwhvfGK940aQhss71rNSDlm5YEaOvF6txNbErBoHXXYRjlZ91qcPQM6CZOszrttrXi_o3G7sRUgmHeyMJFPUVVm0E3KImj9ZnIsTjvsBCSwUanGcEzFD0qbIfBRSKlP3x4657L5suThGNDXsyzU8za5HHiXmqeXpZVBwr5vS5LnmBpV-cOu-v3Vt1ynDoqgLyMSVJ8PGRrFxgkOQFEdZElwMoYG3es_gmjq-evg1tHXw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "KvWruacFIRQR7L_5MhEPpJzyOxawGlaDzO7AJKP3T3A",
      "alg": "RS256",
      "n": "lrevfmZ8AxjU2QLHjZ_4nkKhbHh7vsE55ySLnnmrde4HIAtBIdLokitkm4lU6XXVDeLkx_mhts9E8cSTtFSQm7tHEzzvbc1sg3yYTyzYYAmwhvfGK940aQhss71rNSDlm5YEaOvF6txNbErBoHXXYRjlZ91qcPQM6CZOszrttrXi_o3G7sRUgmHeyMJFPUVVm0E3KImj9ZnIsTjvsBCSwUanGcEzFD0qbIfBRSKlP3x4657L5suThGNDXsyzU8za5HHiXmqeXpZVBwr5vS5LnmBpV-cOu-v3Vt1ynDoqgLyMSVJ8PGRrFxgkOQFEdZElwMoYG3es_gmjq-evg1tHXw"
    }
  ]
}
2022-11-28 04:38:14 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 04:38:14
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 04:38:14
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B
2022-11-28 04:38:14
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 04:38:14
AddJwksUriToDynamicRegistrationRequest
Added jwks_uri to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B",
  "grant_types": [
    "authorization_code"
  ],
  "jwks_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/client1_jwks"
}
2022-11-28 04:38:14
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B",
  "grant_types": [
    "authorization_code"
  ],
  "jwks_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/client1_jwks",
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 04:38:14
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B",
  "grant_types": [
    "authorization_code"
  ],
  "jwks_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/client1_jwks",
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ]
}
2022-11-28 04:38:14
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B",
  "grant_types": [
    "authorization_code"
  ],
  "jwks_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/client1_jwks",
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 04:38:14
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B",
  "grant_types": [
    "authorization_code"
  ],
  "jwks_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/client1_jwks",
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 04:38:14
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "refresh_token"
]
2022-11-28 04:38:14
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "435"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B","grant_types":["authorization_code","refresh_token"],"jwks_uri":"https://www.certification.openid.net/test/a/isv_op_oidc_core_test/client1_jwks","token_endpoint_auth_method":"private_key_jwt","response_types":["code"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"]}
2022-11-28 04:38:15 INCOMING
oidcc-refresh-token-rp-key-rotation
Incoming HTTP request to /test/a/isv_op_oidc_core_test/client1_jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-newrelic-id": "VgIHU1RWCxABVVNUAgAHU1UB",
  "x-newrelic-transaction": "PxQCBAJaXFcBVgNVAghWAgEEFB8EBw8RVU4aUg4PAwBRXQ5VCFMLUFBSAUNKQQgDAFRRUgcBFTs\u003d",
  "user-agent": "Apache-HttpClient/4.5.13 (Java/1.8.0_331)",
  "accept-encoding": "gzip,deflate",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/client1_jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
2022-11-28 04:38:15 OUTGOING
oidcc-refresh-token-rp-key-rotation
Response to HTTP request to test instance 6iVWnSAX3dm1a6B
outgoing_status_code
200
outgoing_headers
{
  "Content-Type": [
    "application/json"
  ]
}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "KvWruacFIRQR7L_5MhEPpJzyOxawGlaDzO7AJKP3T3A",
      "alg": "RS256",
      "n": "lrevfmZ8AxjU2QLHjZ_4nkKhbHh7vsE55ySLnnmrde4HIAtBIdLokitkm4lU6XXVDeLkx_mhts9E8cSTtFSQm7tHEzzvbc1sg3yYTyzYYAmwhvfGK940aQhss71rNSDlm5YEaOvF6txNbErBoHXXYRjlZ91qcPQM6CZOszrttrXi_o3G7sRUgmHeyMJFPUVVm0E3KImj9ZnIsTjvsBCSwUanGcEzFD0qbIfBRSKlP3x4657L5suThGNDXsyzU8za5HHiXmqeXpZVBwr5vS5LnmBpV-cOu-v3Vt1ynDoqgLyMSVJ8PGRrFxgkOQFEdZElwMoYG3es_gmjq-evg1tHXw"
    }
  ]
}
outgoing_path
client1_jwks
2022-11-28 04:38:20 INCOMING
oidcc-refresh-token-rp-key-rotation
Incoming HTTP request to /test/a/isv_op_oidc_core_test/client1_jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-newrelic-id": "VgIHU1RWCxABVVNUAgAHU1UB",
  "x-newrelic-transaction": "PxRSV15TWwEBAQVaBAlRAAcHFB8EBw8RVU4aVAFbAVZSVlgFAAUKVVxUVENKQQgDAFRRUgcBFTs\u003d",
  "user-agent": "Apache-HttpClient/4.5.13 (Java/1.8.0_331)",
  "accept-encoding": "gzip,deflate",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/client1_jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
2022-11-28 04:38:20 OUTGOING
oidcc-refresh-token-rp-key-rotation
Response to HTTP request to test instance 6iVWnSAX3dm1a6B
outgoing_status_code
200
outgoing_headers
{
  "Content-Type": [
    "application/json"
  ]
}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "KvWruacFIRQR7L_5MhEPpJzyOxawGlaDzO7AJKP3T3A",
      "alg": "RS256",
      "n": "lrevfmZ8AxjU2QLHjZ_4nkKhbHh7vsE55ySLnnmrde4HIAtBIdLokitkm4lU6XXVDeLkx_mhts9E8cSTtFSQm7tHEzzvbc1sg3yYTyzYYAmwhvfGK940aQhss71rNSDlm5YEaOvF6txNbErBoHXXYRjlZ91qcPQM6CZOszrttrXi_o3G7sRUgmHeyMJFPUVVm0E3KImj9ZnIsTjvsBCSwUanGcEzFD0qbIfBRSKlP3x4657L5suThGNDXsyzU8za5HHiXmqeXpZVBwr5vS5LnmBpV-cOu-v3Vt1ynDoqgLyMSVJ8PGRrFxgkOQFEdZElwMoYG3es_gmjq-evg1tHXw"
    }
  ]
}
outgoing_path
client1_jwks
2022-11-28 04:38:22 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa92681b3-d5df-47fa-af05-708c407c9bbe",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843b3711916bc9",
  "content-length": "1011",
  "date": "Mon, 28 Nov 2022 04:38:22 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:9yx6TWRAWZHmZm8qi/ySReohOCt4ogwJXhIgA4KJqQg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d76AD8A790DEC2332FB3AF4DD5E06A79D~-1~YAAQJHYGFzE7+oSEAQAAOmyHvAgUBY6BC5FFLleHl4N0unRytu+L9jQbmEGsNrHfFX8lzNNcRAgWQDvr1bjAZxD1TNLnSBGgKzvH5aws/FYsOEaO6HnLE+t+mf3x8OQmCugKea7DgegBijtS3keisIh4c3nTHN0g8Rds2vrEZjkVVq1RndmgX14TbzNsiNGe2SPdXDfLpS8NzD+0T51uRdIB4AbyuGW6Rpr0uPhSztjPQpru9xXGbtVpkBOsah1GJ67/xMPBG9xUVtfKmP9xIP/zpcsTmXyMGYt+moPlDN7OLjsE91ZVI/ZhNrWcvCp6oq7tu9B7fKRy+UcZ4Y2BVVduxD/2TCzIGNM76ut78NOY6VWhD608Dk6SKJQjjIaqvCTv5u8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:38:22 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d1EB8C727B063D4281E1C62C4FB3C3010~YAAQJHYGFzI7+oSEAQAAOmyHvBFx6LRUax14l+yStvRhhw4J/YjxDESTTqosudVmfI+8os8e+1CnAtrU25oGX8YWyiEmZx9mih1YXQQoo3Wv7ct29RvxQkwvT1FjRZyl+0AakN097i34oD3s2XRz/iMzcsUonf9W2BcOiwCz6vEh3V8mI/6976RHWk8kLN8BJ3jF1R71GGjRWbSgc9rx5QXxbBvuHg0xC0k1wFPDJXhbxGgcOmI7QJc5XjVejUZZsTK4XAIOo5cFH2QWwLRgi9xeOqrlyF3HJcGTvu7PjB4gBXC3kdlZsszArgG4~4277574~3158852; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:38:14 GMT; Max-Age\u003d14392; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d938",
    "origin; dur\u003d6597"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"76925193-5959-4d09-b7b9-72c026bdc758","client_id_issued_at":"2022-11-28T04:38:15Z","client_name":"Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B","client_secret":"OnYFmgxLtp","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"YxJvyNklmXSw1CIU842ci_el7QY1ebAvNq51P7pux_M.edOD5XuuNnbuEd2wo6IKiIgrG_hX8-lOXa_871Sois2KRnDnRdZUENxzWP6k6uQC319peK8Ogo2_3h_PIxG1YQ.M18xNjY5NjEwMzAxXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/76925193-5959-4d09-b7b9-72c026bdc758","response_types":["code"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
2022-11-28 04:38:22
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa92681b3-d5df-47fa-af05-708c407c9bbe",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843b3711916bc9",
  "content-length": "1011",
  "date": "Mon, 28 Nov 2022 04:38:22 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:9yx6TWRAWZHmZm8qi/ySReohOCt4ogwJXhIgA4KJqQg\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d76AD8A790DEC2332FB3AF4DD5E06A79D~-1~YAAQJHYGFzE7+oSEAQAAOmyHvAgUBY6BC5FFLleHl4N0unRytu+L9jQbmEGsNrHfFX8lzNNcRAgWQDvr1bjAZxD1TNLnSBGgKzvH5aws/FYsOEaO6HnLE+t+mf3x8OQmCugKea7DgegBijtS3keisIh4c3nTHN0g8Rds2vrEZjkVVq1RndmgX14TbzNsiNGe2SPdXDfLpS8NzD+0T51uRdIB4AbyuGW6Rpr0uPhSztjPQpru9xXGbtVpkBOsah1GJ67/xMPBG9xUVtfKmP9xIP/zpcsTmXyMGYt+moPlDN7OLjsE91ZVI/ZhNrWcvCp6oq7tu9B7fKRy+UcZ4Y2BVVduxD/2TCzIGNM76ut78NOY6VWhD608Dk6SKJQjjIaqvCTv5u8\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:38:22 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d1EB8C727B063D4281E1C62C4FB3C3010~YAAQJHYGFzI7+oSEAQAAOmyHvBFx6LRUax14l+yStvRhhw4J/YjxDESTTqosudVmfI+8os8e+1CnAtrU25oGX8YWyiEmZx9mih1YXQQoo3Wv7ct29RvxQkwvT1FjRZyl+0AakN097i34oD3s2XRz/iMzcsUonf9W2BcOiwCz6vEh3V8mI/6976RHWk8kLN8BJ3jF1R71GGjRWbSgc9rx5QXxbBvuHg0xC0k1wFPDJXhbxGgcOmI7QJc5XjVejUZZsTK4XAIOo5cFH2QWwLRgi9xeOqrlyF3HJcGTvu7PjB4gBXC3kdlZsszArgG4~4277574~3158852; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:38:14 GMT; Max-Age\u003d14392; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d938",
    "origin; dur\u003d6597"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"76925193-5959-4d09-b7b9-72c026bdc758","client_id_issued_at":"2022-11-28T04:38:15Z","client_name":"Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B","client_secret":"OnYFmgxLtp","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","refresh_token"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"YxJvyNklmXSw1CIU842ci_el7QY1ebAvNq51P7pux_M.edOD5XuuNnbuEd2wo6IKiIgrG_hX8-lOXa_871Sois2KRnDnRdZUENxzWP6k6uQC319peK8Ogo2_3h_PIxG1YQ.M18xNjY5NjEwMzAxXzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/76925193-5959-4d09-b7b9-72c026bdc758","response_types":["code"],"token_endpoint_auth_method":"private_key_jwt","token_map":[]}
body_json
{
  "all_users_entitled": true,
  "client_id": "76925193-5959-4d09-b7b9-72c026bdc758",
  "client_id_issued_at": "2022-11-28T04:38:15Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 6iVWnSAX3dm1a6B",
  "client_secret": "OnYFmgxLtp",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "refresh_token"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "YxJvyNklmXSw1CIU842ci_el7QY1ebAvNq51P7pux_M.edOD5XuuNnbuEd2wo6IKiIgrG_hX8-lOXa_871Sois2KRnDnRdZUENxzWP6k6uQC319peK8Ogo2_3h_PIxG1YQ.M18xNjY5NjEwMzAxXzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/76925193-5959-4d09-b7b9-72c026bdc758",
  "response_types": [
    "code"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": []
}
2022-11-28 04:38:22 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 04:38:22 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 04:38:22 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 04:38:22 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
76925193-5959-4d09-b7b9-72c026bdc758
2022-11-28 04:38:22 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/76925193-5959-4d09-b7b9-72c026bdc758
registration_access_token
YxJvyNklmXSw1CIU842ci_el7QY1ebAvNq51P7pux_M.edOD5XuuNnbuEd2wo6IKiIgrG_hX8-lOXa_871Sois2KRnDnRdZUENxzWP6k6uQC319peK8Ogo2_3h_PIxG1YQ.M18xNjY5NjEwMzAxXzE4
2022-11-28 04:38:22
SetScopeInClientConfigurationToOpenIdOfflineAccess
Set scope in client configuration to "openid offline_access" so that a refresh token is issued
scope
openid offline_access
2022-11-28 04:38:22 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 04:38:22 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-28 04:38:22
oidcc-refresh-token-rp-key-rotation
Setup Done
Make request to authorization endpoint
2022-11-28 04:38:22 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
76925193-5959-4d09-b7b9-72c026bdc758
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid offline_access
2022-11-28 04:38:22
CreateRandomStateValue
Created state value
requested_state_length
10
state
9qvVNzB5um
2022-11-28 04:38:22 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
76925193-5959-4d09-b7b9-72c026bdc758
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid offline_access
state
9qvVNzB5um
2022-11-28 04:38:22
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
XCifBeSdo1
2022-11-28 04:38:22 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
76925193-5959-4d09-b7b9-72c026bdc758
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid offline_access
state
9qvVNzB5um
nonce
XCifBeSdo1
2022-11-28 04:38:22 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
76925193-5959-4d09-b7b9-72c026bdc758
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid offline_access
state
9qvVNzB5um
nonce
XCifBeSdo1
response_type
code
2022-11-28 04:38:22 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Added prompt=consent to authorization endpoint request
client_id
76925193-5959-4d09-b7b9-72c026bdc758
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid offline_access
state
9qvVNzB5um
nonce
XCifBeSdo1
response_type
code
prompt
consent
2022-11-28 04:38:22 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "76925193-5959-4d09-b7b9-72c026bdc758",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid offline_access",
  "state": "9qvVNzB5um",
  "nonce": "XCifBeSdo1",
  "response_type": "code",
  "prompt": "consent"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=76925193-5959-4d09-b7b9-72c026bdc758&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid%20offline_access&state=9qvVNzB5um&nonce=XCifBeSdo1&response_type=code&prompt=consent
2022-11-28 04:38:22 REDIRECT
oidcc-refresh-token-rp-key-rotation
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=76925193-5959-4d09-b7b9-72c026bdc758&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid%20offline_access&state=9qvVNzB5um&nonce=XCifBeSdo1&response_type=code&prompt=consent
2022-11-28 04:38:52 INCOMING
oidcc-refresh-token-rp-key-rotation
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "code": "vHRL0gUMdtdTLyd1pRtES68TRti41eMqReesZeONSP0.EZC-0Bcmouv764gQdFrw7HmXgF7ZB2CHBW15uVEKFoMWl9zgHVNRBchIrdx4wFCyPJjfnyuB9S50Fy8uoTvuWQ",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "9qvVNzB5um"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 04:38:52 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/qindaMQ37pcteT48Jh1a",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/qindaMQ37pcteT48Jh1a"
}
2022-11-28 04:38:52 OUTGOING
oidcc-refresh-token-rp-key-rotation
Response to HTTP request to test instance 6iVWnSAX3dm1a6B
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/qindaMQ37pcteT48Jh1a, returnUrl=/log-detail.html?log=6iVWnSAX3dm1a6B}]
outgoing_path
callback
2022-11-28 04:38:53 INCOMING
oidcc-refresh-token-rp-key-rotation
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/qindaMQ37pcteT48Jh1a
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback?code\u003dvHRL0gUMdtdTLyd1pRtES68TRti41eMqReesZeONSP0.EZC-0Bcmouv764gQdFrw7HmXgF7ZB2CHBW15uVEKFoMWl9zgHVNRBchIrdx4wFCyPJjfnyuB9S50Fy8uoTvuWQ\u0026iss\u003dhttps%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2\u0026state\u003d9qvVNzB5um",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "0"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/qindaMQ37pcteT48Jh1a
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 04:38:53 OUTGOING
oidcc-refresh-token-rp-key-rotation
Response to HTTP request to test instance 6iVWnSAX3dm1a6B
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/qindaMQ37pcteT48Jh1a
2022-11-28 04:38:53 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2022-11-28 04:38:53 REDIRECT-IN
oidcc-refresh-token-rp-key-rotation
Authorization endpoint response captured
url_query
{
  "code": "vHRL0gUMdtdTLyd1pRtES68TRti41eMqReesZeONSP0.EZC-0Bcmouv764gQdFrw7HmXgF7ZB2CHBW15uVEKFoMWl9zgHVNRBchIrdx4wFCyPJjfnyuB9S50Fy8uoTvuWQ",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "9qvVNzB5um"
}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{}
post_body
Verify authorization endpoint response
2022-11-28 04:38:53 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 04:38:53 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 04:38:53 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 04:38:53 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
9qvVNzB5um
2022-11-28 04:38:53 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
vHRL0gUMdtdTLyd1pRtES68TRti41eMqReesZeONSP0.EZC-0Bcmouv764gQdFrw7HmXgF7ZB2CHBW15uVEKFoMWl9zgHVNRBchIrdx4wFCyPJjfnyuB9S50Fy8uoTvuWQ
2022-11-28 04:38:53 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
vHRL0gUMdtdTLyd1pRtES68TRti41eMqReesZeONSP0.EZC-0Bcmouv764gQdFrw7HmXgF7ZB2CHBW15uVEKFoMWl9zgHVNRBchIrdx4wFCyPJjfnyuB9S50Fy8uoTvuWQ
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 04:38:53 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
76925193-5959-4d09-b7b9-72c026bdc758
sub
76925193-5959-4d09-b7b9-72c026bdc758
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
zsT6DZ2jbUBtt0aCwjMy
iat
1669610333
exp
1669610393
2022-11-28 04:38:53 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJLdldydWFjRklSUVI3TF81TWhFUHBKenlPeGF3R2xhRHpPN0FKS1AzVDNBIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI3NjkyNTE5My01OTU5LTRkMDktYjdiOS03MmMwMjZiZGM3NTgiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzY5MjUxOTMtNTk1OS00ZDA5LWI3YjktNzJjMDI2YmRjNzU4IiwiZXhwIjoxNjY5NjEwMzkzLCJpYXQiOjE2Njk2MTAzMzMsImp0aSI6InpzVDZEWjJqYlVCdHQwYUN3ak15In0.GBcIRA8JkKNf_rs9R8PgP0pvbFesprwmq43MtOfAAwOzJuYMBSMAkzQ7jApaXYp_f0NB5e0kRGZsFr02mcreDnocTshZgiTHxx3_JguoHuYDt0X9Ow6yKPeEZvJb9YQaarpigpOKehXQZlKZRaX_bwmTM9o8dvNcILFwPYPnQY_JppyZ2L-qk0kxKO0bdhB3QBvxoJV6TjHU3dXrwzElCTU_C0jYHtp_IbLYpmnuDImJPgLTytbaQ2z-yeTMgG8O_Lm_G2cp1brVpioVi4F5zlQS4BomYvPI1ZvxEMSXX6swGPGoZxxRLYpz5vDfMpzpIPhguD5Mws-dqXeZ1SDKZg
2022-11-28 04:38:53
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
vHRL0gUMdtdTLyd1pRtES68TRti41eMqReesZeONSP0.EZC-0Bcmouv764gQdFrw7HmXgF7ZB2CHBW15uVEKFoMWl9zgHVNRBchIrdx4wFCyPJjfnyuB9S50Fy8uoTvuWQ
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJraWQiOiJLdldydWFjRklSUVI3TF81TWhFUHBKenlPeGF3R2xhRHpPN0FKS1AzVDNBIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI3NjkyNTE5My01OTU5LTRkMDktYjdiOS03MmMwMjZiZGM3NTgiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzY5MjUxOTMtNTk1OS00ZDA5LWI3YjktNzJjMDI2YmRjNzU4IiwiZXhwIjoxNjY5NjEwMzkzLCJpYXQiOjE2Njk2MTAzMzMsImp0aSI6InpzVDZEWjJqYlVCdHQwYUN3ak15In0.GBcIRA8JkKNf_rs9R8PgP0pvbFesprwmq43MtOfAAwOzJuYMBSMAkzQ7jApaXYp_f0NB5e0kRGZsFr02mcreDnocTshZgiTHxx3_JguoHuYDt0X9Ow6yKPeEZvJb9YQaarpigpOKehXQZlKZRaX_bwmTM9o8dvNcILFwPYPnQY_JppyZ2L-qk0kxKO0bdhB3QBvxoJV6TjHU3dXrwzElCTU_C0jYHtp_IbLYpmnuDImJPgLTytbaQ2z-yeTMgG8O_Lm_G2cp1brVpioVi4F5zlQS4BomYvPI1ZvxEMSXX6swGPGoZxxRLYpz5vDfMpzpIPhguD5Mws-dqXeZ1SDKZg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 04:38:53
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1121"
}
request_body
grant_type=authorization_code&code=vHRL0gUMdtdTLyd1pRtES68TRti41eMqReesZeONSP0.EZC-0Bcmouv764gQdFrw7HmXgF7ZB2CHBW15uVEKFoMWl9zgHVNRBchIrdx4wFCyPJjfnyuB9S50Fy8uoTvuWQ&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJraWQiOiJLdldydWFjRklSUVI3TF81TWhFUHBKenlPeGF3R2xhRHpPN0FKS1AzVDNBIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI3NjkyNTE5My01OTU5LTRkMDktYjdiOS03MmMwMjZiZGM3NTgiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzY5MjUxOTMtNTk1OS00ZDA5LWI3YjktNzJjMDI2YmRjNzU4IiwiZXhwIjoxNjY5NjEwMzkzLCJpYXQiOjE2Njk2MTAzMzMsImp0aSI6InpzVDZEWjJqYlVCdHQwYUN3ak15In0.GBcIRA8JkKNf_rs9R8PgP0pvbFesprwmq43MtOfAAwOzJuYMBSMAkzQ7jApaXYp_f0NB5e0kRGZsFr02mcreDnocTshZgiTHxx3_JguoHuYDt0X9Ow6yKPeEZvJb9YQaarpigpOKehXQZlKZRaX_bwmTM9o8dvNcILFwPYPnQY_JppyZ2L-qk0kxKO0bdhB3QBvxoJV6TjHU3dXrwzElCTU_C0jYHtp_IbLYpmnuDImJPgLTytbaQ2z-yeTMgG8O_Lm_G2cp1brVpioVi4F5zlQS4BomYvPI1ZvxEMSXX6swGPGoZxxRLYpz5vDfMpzpIPhguD5Mws-dqXeZ1SDKZg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 04:38:54 INCOMING
oidcc-refresh-token-rp-key-rotation
Incoming HTTP request to /test/a/isv_op_oidc_core_test/client1_jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Go-http-client/1.1",
  "accept-encoding": "gzip",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/client1_jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 04:38:54 OUTGOING
oidcc-refresh-token-rp-key-rotation
Response to HTTP request to test instance 6iVWnSAX3dm1a6B
outgoing_status_code
200
outgoing_headers
{
  "Content-Type": [
    "application/json"
  ]
}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "KvWruacFIRQR7L_5MhEPpJzyOxawGlaDzO7AJKP3T3A",
      "alg": "RS256",
      "n": "lrevfmZ8AxjU2QLHjZ_4nkKhbHh7vsE55ySLnnmrde4HIAtBIdLokitkm4lU6XXVDeLkx_mhts9E8cSTtFSQm7tHEzzvbc1sg3yYTyzYYAmwhvfGK940aQhss71rNSDlm5YEaOvF6txNbErBoHXXYRjlZ91qcPQM6CZOszrttrXi_o3G7sRUgmHeyMJFPUVVm0E3KImj9ZnIsTjvsBCSwUanGcEzFD0qbIfBRSKlP3x4657L5suThGNDXsyzU8za5HHiXmqeXpZVBwr5vS5LnmBpV-cOu-v3Vt1ynDoqgLyMSVJ8PGRrFxgkOQFEdZElwMoYG3es_gmjq-evg1tHXw"
    }
  ]
}
outgoing_path
client1_jwks
2022-11-28 04:38:54 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKe1170fd0-475e-43d3-a3fe-e74db5cac4e8",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843b5d21893525",
  "content-length": "1513",
  "date": "Mon, 28 Nov 2022 04:38:54 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:iLOZH4/l3B1iL8nyqS6tJ5+z9EA0sZ3ujByKdT1ag0o\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dF48CED2FC0C4105E9F0DBCC22B61C0F5~-1~YAAQXXYGFx7h4YSEAQAA9eqHvAjp9YZA4KcMx+d5sadVGkxTZ4SSZnxBoPST1x6qL/ZuiBdXbZ8FD1GWJTRHxMdIlr+HKxp0mrN8q3fu6RJJkbitiMKO1YH2QIHKAGUIPvd8TJxDzv55Z2oeJwinZsv657pblqvIePm3W6q4fwa8MsJu6jrhpKgUt0Qb2gzohOoxiFetafIWr9gyth2rpL45Fshm6D4V7IkEF0OJoBxaFHas1nQsBgjsKb/eoXwXxoNEyc+8K7iFmOhYcYMX9hPBKgn+bMavQVrFAVC7r4KLSvtFCfXDrtttWVXkBowK8p2BPOY9JYmh1EisEritI0lbCrIGygdtUMy+A4LA4Ttirqy4Z6SmUTTQ9vMXtjaSL0MV0JE\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:38:54 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d14F6A9110E2E3BC931E6F6826C7C3420~YAAQXXYGFx/h4YSEAQAA9eqHvBFRPOujQ2E00JyRGm2xhSkXUCGkJcqAzz34YqJXLViaNs7h6Ot8TIqskCUMb6vu8wkB6/DBQhuS0KUSWPmR8jSNkBCAi0VclYUTXXvo+CmUn5NldwPzeDBHY0OovGKobKpZmJs3kwYNsSA9EMFviGo6XGIPMU0P3L6rotuvzuRlJC86POdqKVdQsKwBR/saDO99UvEsf9SJSXASJK3SFYScUSNG3LlriuhxBvHBGwhOESuYo4nXcQkWZODY1nY08nnLjMK80duN/n6OY/yVFQh9Dzghq0WU4WCT~3753282~3159875; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:38:53 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d139",
    "origin; dur\u003d1220"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"dCebG-PJatq9Wrvut-oGNNUHwrzpyTDNGChdqtQA15A.paS30vKElGrh0Ote2z8X8gUjA2QO8oDDpRLyPt02h4nhomVLkBgbktNhq9brkJ9sCJdTNFv4rcAbwhzeWTJLOQ.M18xNjY5NjEwMzM0XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ3cmxNM1JvYTV1Y01LS1RTbHJTeXV3IiwiYXVkIjpbIjc2OTI1MTkzLTU5NTktNGQwOS1iN2I5LTcyYzAyNmJkYzc1OCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzUzNCwiaWF0IjoxNjY5NjEwMzM0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiZTRlODRhNS03NmY5LTQ2ODItYTU3Yi1jOTZmZGIzYTJjMzciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWENpZkJlU2RvMSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwMzI4LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiLTB2NmtMY09TRWlsRm5QaUQ2WnRCZyIsInNfaGFzaCI6ImNRZlJmbGxpYjY3NjNLZFg4Y1ZlM2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.nWN2cEHxTLEyFzPKcG5aHWbrpM_Mtg7YA0sCuvSTiIDzs0BtmD-L7RG-D_lBd4WyCLJQNeAImKbs8FeYYk_y1fH-mKtJ8uMa1z1lOJlNlQ25rseaOFxpYZhDsXJeHqz64hLYfpa9Z2hT-LN-2zxlL9ihjQRAC3-DElFE9KLao69xmQkParzxZhM_fybCKZP_FUAaA89gDGl3ercnF3G16bAAXJrdxEpAkD8G3QPKCEA-iATqolhTUyPvVW-XXM2FUKbeCNk7CgpsUl3rQsT2FSqXvoDORYJtg7gn3clA1RrYEIeaUejUrfxb8gcKX6zr1_2yp5urQvh2O67hNqdY0Q","refresh_token":"0RF5xXbSyqxnVlTkyDkl1P0pKCPh8q21I34rxoz-n7k.Hi7ESjrhvctl6zJZVYmg78KXBJsUrIyMrW1LQvfv4rp9Iy1dYF4VBPHlVzBJ4ygabOlJZdpd3bzkgOgfRxVTZw.M18xNjY5NjEwMzM0XzE4","scope":"openid offline_access","token_type":"bearer"}
2022-11-28 04:38:54 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
dCebG-PJatq9Wrvut-oGNNUHwrzpyTDNGChdqtQA15A.paS30vKElGrh0Ote2z8X8gUjA2QO8oDDpRLyPt02h4nhomVLkBgbktNhq9brkJ9sCJdTNFv4rcAbwhzeWTJLOQ.M18xNjY5NjEwMzM0XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ3cmxNM1JvYTV1Y01LS1RTbHJTeXV3IiwiYXVkIjpbIjc2OTI1MTkzLTU5NTktNGQwOS1iN2I5LTcyYzAyNmJkYzc1OCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzUzNCwiaWF0IjoxNjY5NjEwMzM0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiZTRlODRhNS03NmY5LTQ2ODItYTU3Yi1jOTZmZGIzYTJjMzciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWENpZkJlU2RvMSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwMzI4LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiLTB2NmtMY09TRWlsRm5QaUQ2WnRCZyIsInNfaGFzaCI6ImNRZlJmbGxpYjY3NjNLZFg4Y1ZlM2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.nWN2cEHxTLEyFzPKcG5aHWbrpM_Mtg7YA0sCuvSTiIDzs0BtmD-L7RG-D_lBd4WyCLJQNeAImKbs8FeYYk_y1fH-mKtJ8uMa1z1lOJlNlQ25rseaOFxpYZhDsXJeHqz64hLYfpa9Z2hT-LN-2zxlL9ihjQRAC3-DElFE9KLao69xmQkParzxZhM_fybCKZP_FUAaA89gDGl3ercnF3G16bAAXJrdxEpAkD8G3QPKCEA-iATqolhTUyPvVW-XXM2FUKbeCNk7CgpsUl3rQsT2FSqXvoDORYJtg7gn3clA1RrYEIeaUejUrfxb8gcKX6zr1_2yp5urQvh2O67hNqdY0Q
refresh_token
0RF5xXbSyqxnVlTkyDkl1P0pKCPh8q21I34rxoz-n7k.Hi7ESjrhvctl6zJZVYmg78KXBJsUrIyMrW1LQvfv4rp9Iy1dYF4VBPHlVzBJ4ygabOlJZdpd3bzkgOgfRxVTZw.M18xNjY5NjEwMzM0XzE4
scope
openid offline_access
token_type
bearer
2022-11-28 04:38:54 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 04:38:54 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
dCebG-PJatq9Wrvut-oGNNUHwrzpyTDNGChdqtQA15A.paS30vKElGrh0Ote2z8X8gUjA2QO8oDDpRLyPt02h4nhomVLkBgbktNhq9brkJ9sCJdTNFv4rcAbwhzeWTJLOQ.M18xNjY5NjEwMzM0XzE4
2022-11-28 04:38:54 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
dCebG-PJatq9Wrvut-oGNNUHwrzpyTDNGChdqtQA15A.paS30vKElGrh0Ote2z8X8gUjA2QO8oDDpRLyPt02h4nhomVLkBgbktNhq9brkJ9sCJdTNFv4rcAbwhzeWTJLOQ.M18xNjY5NjEwMzM0XzE4
type
bearer
2022-11-28 04:38:54 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 04:38:54 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 04:38:54 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
0RF5xXbSyqxnVlTkyDkl1P0pKCPh8q21I34rxoz-n7k.Hi7ESjrhvctl6zJZVYmg78KXBJsUrIyMrW1LQvfv4rp9Iy1dYF4VBPHlVzBJ4ygabOlJZdpd3bzkgOgfRxVTZw.M18xNjY5NjEwMzM0XzE4
2022-11-28 04:38:54 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ3cmxNM1JvYTV1Y01LS1RTbHJTeXV3IiwiYXVkIjpbIjc2OTI1MTkzLTU5NTktNGQwOS1iN2I5LTcyYzAyNmJkYzc1OCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzUzNCwiaWF0IjoxNjY5NjEwMzM0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiZTRlODRhNS03NmY5LTQ2ODItYTU3Yi1jOTZmZGIzYTJjMzciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWENpZkJlU2RvMSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwMzI4LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiLTB2NmtMY09TRWlsRm5QaUQ2WnRCZyIsInNfaGFzaCI6ImNRZlJmbGxpYjY3NjNLZFg4Y1ZlM2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.nWN2cEHxTLEyFzPKcG5aHWbrpM_Mtg7YA0sCuvSTiIDzs0BtmD-L7RG-D_lBd4WyCLJQNeAImKbs8FeYYk_y1fH-mKtJ8uMa1z1lOJlNlQ25rseaOFxpYZhDsXJeHqz64hLYfpa9Z2hT-LN-2zxlL9ihjQRAC3-DElFE9KLao69xmQkParzxZhM_fybCKZP_FUAaA89gDGl3ercnF3G16bAAXJrdxEpAkD8G3QPKCEA-iATqolhTUyPvVW-XXM2FUKbeCNk7CgpsUl3rQsT2FSqXvoDORYJtg7gn3clA1RrYEIeaUejUrfxb8gcKX6zr1_2yp5urQvh2O67hNqdY0Q
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "wrlM3Roa5ucMKKTSlrSyuw",
  "sub": "6160017N67",
  "rat": 1669610328,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "XCifBeSdo1",
  "rt_hash": "-0v6kLcOSEilFnPiD6ZtBg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "76925193-5959-4d09-b7b9-72c026bdc758",
  "s_hash": "cQfRfllib6763KdX8cVe3g",
  "auth_time": 1669610042,
  "name": "ISV Dev",
  "exp": 1669617534,
  "iat": 1669610334,
  "jti": "be4e84a5-76f9-4682-a57b-c96fdb3a2c37"
}
2022-11-28 04:38:54 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 04:38:54
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 04:38:54
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 04:38:54
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 04:38:54
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 04:38:54
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
2022-11-28 04:38:54
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 04:38:54 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 04:38:54 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
XCifBeSdo1
2022-11-28 04:38:54 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 04:38:54 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ3cmxNM1JvYTV1Y01LS1RTbHJTeXV3IiwiYXVkIjpbIjc2OTI1MTkzLTU5NTktNGQwOS1iN2I5LTcyYzAyNmJkYzc1OCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzUzNCwiaWF0IjoxNjY5NjEwMzM0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiZTRlODRhNS03NmY5LTQ2ODItYTU3Yi1jOTZmZGIzYTJjMzciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWENpZkJlU2RvMSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwMzI4LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiLTB2NmtMY09TRWlsRm5QaUQ2WnRCZyIsInNfaGFzaCI6ImNRZlJmbGxpYjY3NjNLZFg4Y1ZlM2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.nWN2cEHxTLEyFzPKcG5aHWbrpM_Mtg7YA0sCuvSTiIDzs0BtmD-L7RG-D_lBd4WyCLJQNeAImKbs8FeYYk_y1fH-mKtJ8uMa1z1lOJlNlQ25rseaOFxpYZhDsXJeHqz64hLYfpa9Z2hT-LN-2zxlL9ihjQRAC3-DElFE9KLao69xmQkParzxZhM_fybCKZP_FUAaA89gDGl3ercnF3G16bAAXJrdxEpAkD8G3QPKCEA-iATqolhTUyPvVW-XXM2FUKbeCNk7CgpsUl3rQsT2FSqXvoDORYJtg7gn3clA1RrYEIeaUejUrfxb8gcKX6zr1_2yp5urQvh2O67hNqdY0Q
2022-11-28 04:38:54 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJ3cmxNM1JvYTV1Y01LS1RTbHJTeXV3IiwiYXVkIjpbIjc2OTI1MTkzLTU5NTktNGQwOS1iN2I5LTcyYzAyNmJkYzc1OCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzUzNCwiaWF0IjoxNjY5NjEwMzM0LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiJiZTRlODRhNS03NmY5LTQ2ODItYTU3Yi1jOTZmZGIzYTJjMzciLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoiWENpZkJlU2RvMSIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwMzI4LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiLTB2NmtMY09TRWlsRm5QaUQ2WnRCZyIsInNfaGFzaCI6ImNRZlJmbGxpYjY3NjNLZFg4Y1ZlM2ciLCJzdWIiOiI2MTYwMDE3TjY3In0.nWN2cEHxTLEyFzPKcG5aHWbrpM_Mtg7YA0sCuvSTiIDzs0BtmD-L7RG-D_lBd4WyCLJQNeAImKbs8FeYYk_y1fH-mKtJ8uMa1z1lOJlNlQ25rseaOFxpYZhDsXJeHqz64hLYfpa9Z2hT-LN-2zxlL9ihjQRAC3-DElFE9KLao69xmQkParzxZhM_fybCKZP_FUAaA89gDGl3ercnF3G16bAAXJrdxEpAkD8G3QPKCEA-iATqolhTUyPvVW-XXM2FUKbeCNk7CgpsUl3rQsT2FSqXvoDORYJtg7gn3clA1RrYEIeaUejUrfxb8gcKX6zr1_2yp5urQvh2O67hNqdY0Q
2022-11-28 04:38:54 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 04:38:54
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 04:38:54 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
Cycling keys in RP jwks_uri
2022-11-28 04:38:55 SUCCESS
GenerateRS256ClientJWKsWithKeyID
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "zHmy436ACvKldftGfoobHTTYQtFMTPEYb6fMBUEIEuzpP2oGepww-2rjuko9-P_7cDdSqG2UWFmgV2dOIt8VkSoY0fHC9wUYTPrPH8tpvcWM-0gQoAL3YKj6YRANd6390f-6OtARAAcxiHoZpYMPVaR2eHL0QG4IDC68wGteY-8",
      "kty": "RSA",
      "q": "pVnsHsjOnALAiOy30M7X8xfjF6jqUmaEXVSkQfVC_EJ-TKgyXMKBjRewIZ6IWIJTbPU-Oe9siKMPRGqp4psEefZzI-eeedtTREeGja00WW44-79JbHLFzk_-MS_3SRXZ2RV9-cEr5x8OOvB7O4jbQWYcC7GhtdRbLLVgWyjot-U",
      "d": "byrgHtoC6H2mF7vxl2JpDiA6cpq7mWv88w8EpV759qcyl0E49Wc8RN5O1GE4Xx1DcTr-6EsnK9mwWEPqS82usMpDdM3QzgWXqehXVBPV8CQGDNbX-qfMdomSOAaEhxYD_kqKp5rQvmdOx3lNng_nY4p0ylpsk4rEYE-68UFnYyjOM5N_lMCNHl_nHNN0mGpu4dtBmWn04iwlGT9A9TRLAGcb3ZJ8KBnFJIxL8TAbz4fTxv-KDuml8j-dDauxxLr714KJahCD9Xe-9GwMmcnw9Ct-KP5qMPN2S_8yKBQJWLG-t_b_ujqbIftY5Qcma6hzh7YxmPBvYq5DUU8V47a8IQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "2Yj6vi6MzklINz7rAtAtm8f1UihW_YE1TB8wyfbdN2I",
      "qi": "HoZJJlLGJuO6x72-hiuv0xRgZ5aCeHGUwdWIAlLk7A-aPQ6J5_4m4CPW2iEw8r17Q_ru7TecGcj2-fdlQPimSZ-9B0OieWfBjhuAg6pI3wPFFBiefJ5ICrPEhKmY50BBe9zy2BTIJMTk3Z9CFEaQPbCarPd6lpDRlyrslC2ljeY",
      "dp": "YaS8CGcgPhohaXXU9Bh_WjMiEsZf6V44jRlUFC457M-1ktLOxT5RJb6lgRBzB7U2HSBOGKA7dvVV3Gc4qO5fHjM8JwWMVOnZ8OjUgBpjJHxyFo0TY1YHS-Flr3Q6-ivcSawVAoDZnWnR_ZpRJPixGfSvnlVGzn282hR3jmu3Z4E",
      "alg": "RS256",
      "dq": "PjFGWIXbAF8gn9-5e7ZxDyQq7FlCWV_p5VjSt2RSn6M68gZJew5FwBXqz5pbWj8atd7AWvYs8m-ybF9aKrt3wY_q2tRhjR_rf8EPYPaGvCRzFm1qZnn84I7B4ypRbpHjcH1e9rOrmbDan1yYXVoqbbzES7myQzvuVzCZX3BRp-k",
      "n": "hBJDNJkwSyUZvAhJASahnElTantcOIpcGrY2HMoI5i86yAN9pTqJT0s3FqDZtNjAYNEEoy1FsuTcrxq5Svmk_3dSsW3vwbuakgPnZ_wvdw1zHLPI6Zf4RSfuofIP12723la63QjRp34fEYrRYsLl3GexieZN19O1bcf0keMLgvehlzA9loP0apJeJ85GpBGYpSNSQdYDeIK3cOwHOmbBikLBwg9hREEZ_2tWsNOYb5hVGmPIDXXY5KeDFPcu94QFdV8Pp34hQFU9ANJjMPVPwSGe1saGrLYSB9QDM5d2LtWa527aVtAczHjgPwPKGOx2CY8zEzOsW0m55pf9bXc9yw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "2Yj6vi6MzklINz7rAtAtm8f1UihW_YE1TB8wyfbdN2I",
      "alg": "RS256",
      "n": "hBJDNJkwSyUZvAhJASahnElTantcOIpcGrY2HMoI5i86yAN9pTqJT0s3FqDZtNjAYNEEoy1FsuTcrxq5Svmk_3dSsW3vwbuakgPnZ_wvdw1zHLPI6Zf4RSfuofIP12723la63QjRp34fEYrRYsLl3GexieZN19O1bcf0keMLgvehlzA9loP0apJeJ85GpBGYpSNSQdYDeIK3cOwHOmbBikLBwg9hREEZ_2tWsNOYb5hVGmPIDXXY5KeDFPcu94QFdV8Pp34hQFU9ANJjMPVPwSGe1saGrLYSB9QDM5d2LtWa527aVtAczHjgPwPKGOx2CY8zEzOsW0m55pf9bXc9yw"
    }
  ]
}
Waiting, so that any DoS limits on retrieving the jwks_uri too often are not triggered
2022-11-28 04:38:55 SUCCESS
WaitFor60Seconds
Pausing for 60 seconds
2022-11-28 04:39:55 SUCCESS
WaitFor60Seconds
Woke up after 60 seconds sleep
2022-11-28 04:39:55 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
0RF5xXbSyqxnVlTkyDkl1P0pKCPh8q21I34rxoz-n7k.Hi7ESjrhvctl6zJZVYmg78KXBJsUrIyMrW1LQvfv4rp9Iy1dYF4VBPHlVzBJ4ygabOlJZdpd3bzkgOgfRxVTZw.M18xNjY5NjEwMzM0XzE4
2022-11-28 04:39:55 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
2022-11-28 04:39:55 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-11-28 04:39:55 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
0RF5xXbSyqxnVlTkyDkl1P0pKCPh8q21I34rxoz-n7k.Hi7ESjrhvctl6zJZVYmg78KXBJsUrIyMrW1LQvfv4rp9Iy1dYF4VBPHlVzBJ4ygabOlJZdpd3bzkgOgfRxVTZw.M18xNjY5NjEwMzM0XzE4
2022-11-28 04:39:55 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid offline_access' to token endpoint request
grant_type
refresh_token
refresh_token
0RF5xXbSyqxnVlTkyDkl1P0pKCPh8q21I34rxoz-n7k.Hi7ESjrhvctl6zJZVYmg78KXBJsUrIyMrW1LQvfv4rp9Iy1dYF4VBPHlVzBJ4ygabOlJZdpd3bzkgOgfRxVTZw.M18xNjY5NjEwMzM0XzE4
scope
openid offline_access
2022-11-28 04:39:55 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
76925193-5959-4d09-b7b9-72c026bdc758
sub
76925193-5959-4d09-b7b9-72c026bdc758
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
gcYqvT5lksnd0JrgnTjK
iat
1669610395
exp
1669610455
2022-11-28 04:39:55 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiIyWWo2dmk2TXprbElOejdyQXRBdG04ZjFVaWhXX1lFMVRCOHd5ZmJkTjJJIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI3NjkyNTE5My01OTU5LTRkMDktYjdiOS03MmMwMjZiZGM3NTgiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzY5MjUxOTMtNTk1OS00ZDA5LWI3YjktNzJjMDI2YmRjNzU4IiwiZXhwIjoxNjY5NjEwNDU1LCJpYXQiOjE2Njk2MTAzOTUsImp0aSI6ImdjWXF2VDVsa3NuZDBKcmduVGpLIn0.gUwe6-7bR5mQg--lRTcetCTDjPI59nQ66ddz3DdfBpOqxY4WTME-Fl40tITsHKZjnL07RfmOt3uOdipzxkNtuDvHMH1qkjmmPwhdBwzxCTATrFA8fUV7s7zWjALZtibMtm4kjqT5TOlT5sMzEQaE9MLyh7gi6JRSHJzNx5lZxvDkhsW2wxCP4rQItXMaiSXIwR4YsmfS1JAS1o_SBJ-kWn11o8oshn5kFG_vRiCqWGdY5WwUECrCoQcE_t1Y2HApLgXIYomYsvu1r4mFn58AJ0fdQa1nSb9keyO9iPRY96riZLge3U4rTerJGWsJTRqsrL-0DeVGgcNuySCGZZwB_Q
2022-11-28 04:39:55
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
0RF5xXbSyqxnVlTkyDkl1P0pKCPh8q21I34rxoz-n7k.Hi7ESjrhvctl6zJZVYmg78KXBJsUrIyMrW1LQvfv4rp9Iy1dYF4VBPHlVzBJ4ygabOlJZdpd3bzkgOgfRxVTZw.M18xNjY5NjEwMzM0XzE4
scope
openid offline_access
client_assertion
eyJraWQiOiIyWWo2dmk2TXprbElOejdyQXRBdG04ZjFVaWhXX1lFMVRCOHd5ZmJkTjJJIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI3NjkyNTE5My01OTU5LTRkMDktYjdiOS03MmMwMjZiZGM3NTgiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzY5MjUxOTMtNTk1OS00ZDA5LWI3YjktNzJjMDI2YmRjNzU4IiwiZXhwIjoxNjY5NjEwNDU1LCJpYXQiOjE2Njk2MTAzOTUsImp0aSI6ImdjWXF2VDVsa3NuZDBKcmduVGpLIn0.gUwe6-7bR5mQg--lRTcetCTDjPI59nQ66ddz3DdfBpOqxY4WTME-Fl40tITsHKZjnL07RfmOt3uOdipzxkNtuDvHMH1qkjmmPwhdBwzxCTATrFA8fUV7s7zWjALZtibMtm4kjqT5TOlT5sMzEQaE9MLyh7gi6JRSHJzNx5lZxvDkhsW2wxCP4rQItXMaiSXIwR4YsmfS1JAS1o_SBJ-kWn11o8oshn5kFG_vRiCqWGdY5WwUECrCoQcE_t1Y2HApLgXIYomYsvu1r4mFn58AJ0fdQa1nSb9keyO9iPRY96riZLge3U4rTerJGWsJTRqsrL-0DeVGgcNuySCGZZwB_Q
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 04:39:55 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-11-28 04:39:56 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-11-28 04:39:56
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1072"
}
request_body
grant_type=refresh_token&refresh_token=0RF5xXbSyqxnVlTkyDkl1P0pKCPh8q21I34rxoz-n7k.Hi7ESjrhvctl6zJZVYmg78KXBJsUrIyMrW1LQvfv4rp9Iy1dYF4VBPHlVzBJ4ygabOlJZdpd3bzkgOgfRxVTZw.M18xNjY5NjEwMzM0XzE4&scope=openid+offline_access&client_assertion=eyJraWQiOiIyWWo2dmk2TXprbElOejdyQXRBdG04ZjFVaWhXX1lFMVRCOHd5ZmJkTjJJIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI3NjkyNTE5My01OTU5LTRkMDktYjdiOS03MmMwMjZiZGM3NTgiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzY5MjUxOTMtNTk1OS00ZDA5LWI3YjktNzJjMDI2YmRjNzU4IiwiZXhwIjoxNjY5NjEwNDU1LCJpYXQiOjE2Njk2MTAzOTUsImp0aSI6ImdjWXF2VDVsa3NuZDBKcmduVGpLIn0.gUwe6-7bR5mQg--lRTcetCTDjPI59nQ66ddz3DdfBpOqxY4WTME-Fl40tITsHKZjnL07RfmOt3uOdipzxkNtuDvHMH1qkjmmPwhdBwzxCTATrFA8fUV7s7zWjALZtibMtm4kjqT5TOlT5sMzEQaE9MLyh7gi6JRSHJzNx5lZxvDkhsW2wxCP4rQItXMaiSXIwR4YsmfS1JAS1o_SBJ-kWn11o8oshn5kFG_vRiCqWGdY5WwUECrCoQcE_t1Y2HApLgXIYomYsvu1r4mFn58AJ0fdQa1nSb9keyO9iPRY96riZLge3U4rTerJGWsJTRqsrL-0DeVGgcNuySCGZZwB_Q&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 04:39:57 INCOMING
oidcc-refresh-token-rp-key-rotation
Incoming HTTP request to /test/a/isv_op_oidc_core_test/client1_jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "Go-http-client/1.1",
  "accept-encoding": "gzip",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/client1_jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 04:39:57 OUTGOING
oidcc-refresh-token-rp-key-rotation
Response to HTTP request to test instance 6iVWnSAX3dm1a6B
outgoing_status_code
200
outgoing_headers
{
  "Content-Type": [
    "application/json"
  ]
}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "2Yj6vi6MzklINz7rAtAtm8f1UihW_YE1TB8wyfbdN2I",
      "alg": "RS256",
      "n": "hBJDNJkwSyUZvAhJASahnElTantcOIpcGrY2HMoI5i86yAN9pTqJT0s3FqDZtNjAYNEEoy1FsuTcrxq5Svmk_3dSsW3vwbuakgPnZ_wvdw1zHLPI6Zf4RSfuofIP12723la63QjRp34fEYrRYsLl3GexieZN19O1bcf0keMLgvehlzA9loP0apJeJ85GpBGYpSNSQdYDeIK3cOwHOmbBikLBwg9hREEZ_2tWsNOYb5hVGmPIDXXY5KeDFPcu94QFdV8Pp34hQFU9ANJjMPVPwSGe1saGrLYSB9QDM5d2LtWa527aVtAczHjgPwPKGOx2CY8zEzOsW0m55pf9bXc9yw"
    }
  ]
}
outgoing_path
client1_jwks
2022-11-28 04:39:57 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKd050cd10-70ba-48d2-a2dc-f915502b7d65",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843b9c371a7a91",
  "content-length": "1440",
  "date": "Mon, 28 Nov 2022 04:39:57 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:wtF1Ulnc6bXN8gfop+ZDks7mlGVw++lBKr8FI3ROv3I\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dA318631DDDBE13A5BB8CFC2D05F39F29~-1~YAAQXXYGFzHr4YSEAQAA5OCIvAj4uGra9liB/fjiFbxbQXGUQMYx7gp2eqF5DvN+LkGqysf5UYKlkSZ46mSm8EipzX2RLBInipLTOq+DDQcdVTJsByihwEosJvdhUdiHA88WbQScCWIAW9z2NL8i+4ly5ODQYllTSuv6u9gdk9tQy7vTF2XPwLKoPxMjvy5roaFuKnsmlQ4xMcSxZu8+ktMm6WOv7FQJS90g4YmLItudXZZjSl5SqzgxwABT6wd9Hw++3ZdbJ0vJChyyKAyRhOxRKUUgFfmpmq5st0S1mKI+SzaoLuEvr6IzoD+1+IG/yw1bHZtjrPf5ucFK3Agf76hfNrWmdt3NwX13U1V+vCmGdnJF3hvQaVokQsVXLJN7YJZYfpU\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:39:57 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9ABACB141D64F34F02C73AEE5CB1C55D~YAAQXXYGFzLr4YSEAQAA5OCIvBGRHdDTHz0eJ5kJXcyIrF5zJ7Vnm3s400rbvsNr7MTU4fruRE0SxzqUvyJ2CZaScDv4dpPerjEJKI0fGS/u8Emf7gNmc+uHtg1KKIOKsg64UNN//+dcidS0ETwwwNds1s9y5/DGhSUkVkjqFnpO467rDBvJO21ySACjRLNytli6d8MqlfgkHbCseKPsoAqDNWl8g8f102jAUYH2HJgOXjQVfh2TyHmwUupobrOeP2vdSF5ynmcOxeEMYqE71udS0Xiz8zE/XbpdWZ6GWn977c2xZerDOqivL5Jb~4539956~3424582; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:39:56 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d378",
    "origin; dur\u003d1087"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"vN1x2fe8lxcuYfMDZtJmoEcFom_-T3hOLgrRrUORw8k.0FQ_g5I-67zKlDb_IqT8MtxlPtBxhbiBi5qNH3VQupj9PYa-GN6xq1vP2jHp3xhayBigDJGg5Tj-PVuZpqyy8w.M18xNjY5NjEwMzk3XzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJzc0VCcHprNlNxX2FRWGVKMjNmQXRRIiwiYXVkIjpbIjc2OTI1MTkzLTU5NTktNGQwOS1iN2I5LTcyYzAyNmJkYzc1OCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzU5NywiaWF0IjoxNjY5NjEwMzk3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIyNjZkZTY2OS0xNzNjLTRhNzYtYTdkZC04OTQyOWQ4NDVkZTMiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwMzI4LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiVnBJeEs1SG9jSlpseDkwWm82VWd5ZyIsInN1YiI6IjYxNjAwMTdONjcifQ.TtXAshtEx1DiFoxJAoNspZGs7nkAo0tDcJC1RnzCK3j7OY41ykTY5PfXLNSi5uc8ZRyc9UtP0_35bu8oUAFotcI2lk7ifkqyJVpC2g7qP29WE6BfvQP5jE3P2FNIv5Z-TB9CR4vILtNhwODki9hft2R5NvGInluWnajNj8N_o_IRhEkWiAbQIu-NEspYpTJfNc8br0HY87suY3y42hh9N3DlAexyb667WT2O3SVQZ0gNrFBjCDIK_gMkzNEJ8_6zg9Yh_71pr2hCiao4ldCvGWAxeGQZ8HLo24Tqrhj4QQGHJ8rhETvZXS75fjnRf4lHXRZDc6upxobfmcQFrsQQwg","refresh_token":"nF7AMpufUdd0KdIgBSlTz5j1w0WZFBW3X1Xul7ZSxJs.Wgbkl8MkOkXZuPglusIT5Ou-VV6MpZZE48CrU0VVEeaGGeeGddjcvPW5HCIgiibT52TVtLAhga5qE-3eHDZjCg.M18xNjY5NjEwMzk3XzE4","scope":"openid offline_access","token_type":"bearer"}
2022-11-28 04:39:57 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
vN1x2fe8lxcuYfMDZtJmoEcFom_-T3hOLgrRrUORw8k.0FQ_g5I-67zKlDb_IqT8MtxlPtBxhbiBi5qNH3VQupj9PYa-GN6xq1vP2jHp3xhayBigDJGg5Tj-PVuZpqyy8w.M18xNjY5NjEwMzk3XzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJzc0VCcHprNlNxX2FRWGVKMjNmQXRRIiwiYXVkIjpbIjc2OTI1MTkzLTU5NTktNGQwOS1iN2I5LTcyYzAyNmJkYzc1OCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzU5NywiaWF0IjoxNjY5NjEwMzk3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIyNjZkZTY2OS0xNzNjLTRhNzYtYTdkZC04OTQyOWQ4NDVkZTMiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwMzI4LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiVnBJeEs1SG9jSlpseDkwWm82VWd5ZyIsInN1YiI6IjYxNjAwMTdONjcifQ.TtXAshtEx1DiFoxJAoNspZGs7nkAo0tDcJC1RnzCK3j7OY41ykTY5PfXLNSi5uc8ZRyc9UtP0_35bu8oUAFotcI2lk7ifkqyJVpC2g7qP29WE6BfvQP5jE3P2FNIv5Z-TB9CR4vILtNhwODki9hft2R5NvGInluWnajNj8N_o_IRhEkWiAbQIu-NEspYpTJfNc8br0HY87suY3y42hh9N3DlAexyb667WT2O3SVQZ0gNrFBjCDIK_gMkzNEJ8_6zg9Yh_71pr2hCiao4ldCvGWAxeGQZ8HLo24Tqrhj4QQGHJ8rhETvZXS75fjnRf4lHXRZDc6upxobfmcQFrsQQwg
refresh_token
nF7AMpufUdd0KdIgBSlTz5j1w0WZFBW3X1Xul7ZSxJs.Wgbkl8MkOkXZuPglusIT5Ou-VV6MpZZE48CrU0VVEeaGGeeGddjcvPW5HCIgiibT52TVtLAhga5qE-3eHDZjCg.M18xNjY5NjEwMzk3XzE4
scope
openid offline_access
token_type
bearer
2022-11-28 04:39:57 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-11-28 04:39:57 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-11-28 04:39:57 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-11-28 04:39:57 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 04:39:57 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
vN1x2fe8lxcuYfMDZtJmoEcFom_-T3hOLgrRrUORw8k.0FQ_g5I-67zKlDb_IqT8MtxlPtBxhbiBi5qNH3VQupj9PYa-GN6xq1vP2jHp3xhayBigDJGg5Tj-PVuZpqyy8w.M18xNjY5NjEwMzk3XzE4
type
bearer
2022-11-28 04:39:57 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-11-28 04:39:57 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
862.440509725758
expected
96.0
value
vN1x2fe8lxcuYfMDZtJmoEcFom_-T3hOLgrRrUORw8k.0FQ_g5I-67zKlDb_IqT8MtxlPtBxhbiBi5qNH3VQupj9PYa-GN6xq1vP2jHp3xhayBigDJGg5Tj-PVuZpqyy8w.M18xNjY5NjEwMzk3XzE4
2022-11-28 04:39:57 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-11-28 04:39:57 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 04:39:57 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 04:39:57 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
dCebG-PJatq9Wrvut-oGNNUHwrzpyTDNGChdqtQA15A.paS30vKElGrh0Ote2z8X8gUjA2QO8oDDpRLyPt02h4nhomVLkBgbktNhq9brkJ9sCJdTNFv4rcAbwhzeWTJLOQ.M18xNjY5NjEwMzM0XzE4
second_access_token
vN1x2fe8lxcuYfMDZtJmoEcFom_-T3hOLgrRrUORw8k.0FQ_g5I-67zKlDb_IqT8MtxlPtBxhbiBi5qNH3VQupj9PYa-GN6xq1vP2jHp3xhayBigDJGg5Tj-PVuZpqyy8w.M18xNjY5NjEwMzk3XzE4
2022-11-28 04:39:57 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiJzc0VCcHprNlNxX2FRWGVKMjNmQXRRIiwiYXVkIjpbIjc2OTI1MTkzLTU5NTktNGQwOS1iN2I5LTcyYzAyNmJkYzc1OCJdLCJhdXRoX3RpbWUiOjE2Njk2MTAwNDIsImV4cCI6MTY2OTYxNzU5NywiaWF0IjoxNjY5NjEwMzk3LCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiIyNjZkZTY2OS0xNzNjLTRhNzYtYTdkZC04OTQyOWQ4NDVkZTMiLCJuYW1lIjoiSVNWIERldiIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEwMzI4LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJydF9oYXNoIjoiVnBJeEs1SG9jSlpseDkwWm82VWd5ZyIsInN1YiI6IjYxNjAwMTdONjcifQ.TtXAshtEx1DiFoxJAoNspZGs7nkAo0tDcJC1RnzCK3j7OY41ykTY5PfXLNSi5uc8ZRyc9UtP0_35bu8oUAFotcI2lk7ifkqyJVpC2g7qP29WE6BfvQP5jE3P2FNIv5Z-TB9CR4vILtNhwODki9hft2R5NvGInluWnajNj8N_o_IRhEkWiAbQIu-NEspYpTJfNc8br0HY87suY3y42hh9N3DlAexyb667WT2O3SVQZ0gNrFBjCDIK_gMkzNEJ8_6zg9Yh_71pr2hCiao4ldCvGWAxeGQZ8HLo24Tqrhj4QQGHJ8rhETvZXS75fjnRf4lHXRZDc6upxobfmcQFrsQQwg
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "ssEBpzk6Sq_aQXeJ23fAtQ",
  "sub": "6160017N67",
  "rat": 1669610328,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "rt_hash": "VpIxK5HocJZlx90Zo6Ugyg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "76925193-5959-4d09-b7b9-72c026bdc758",
  "auth_time": 1669610042,
  "name": "ISV Dev",
  "exp": 1669617597,
  "iat": 1669610397,
  "jti": "266de669-173c-4a76-a7dd-89429d845de3"
}
2022-11-28 04:39:57 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
nF7AMpufUdd0KdIgBSlTz5j1w0WZFBW3X1Xul7ZSxJs.Wgbkl8MkOkXZuPglusIT5Ou-VV6MpZZE48CrU0VVEeaGGeeGddjcvPW5HCIgiibT52TVtLAhga5qE-3eHDZjCg.M18xNjY5NjEwMzk3XzE4
2022-11-28 04:39:57 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
1208
required
128
2022-11-28 04:39:57 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
850.772847761177
expected
96.0
value
nF7AMpufUdd0KdIgBSlTz5j1w0WZFBW3X1Xul7ZSxJs.Wgbkl8MkOkXZuPglusIT5Ou-VV6MpZZE48CrU0VVEeaGGeeGddjcvPW5HCIgiibT52TVtLAhga5qE-3eHDZjCg.M18xNjY5NjEwMzk3XzE4
2022-11-28 04:39:57 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "second": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "6160017N67",
  "second": "6160017N67",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1669610334,
  "second": 1669610397,
  "note": "Values are expected to be different"
}
aud
{
  "first": "76925193-5959-4d09-b7b9-72c026bdc758",
  "second": "76925193-5959-4d09-b7b9-72c026bdc758",
  "note": "Values are expected to be equal"
}
auth_time
{
  "first": 1669610042,
  "second": 1669610042,
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Userinfo endpoint tests
2022-11-28 04:39:57
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer vN1x2fe8lxcuYfMDZtJmoEcFom_-T3hOLgrRrUORw8k.0FQ_g5I-67zKlDb_IqT8MtxlPtBxhbiBi5qNH3VQupj9PYa-GN6xq1vP2jHp3xhayBigDJGg5Tj-PVuZpqyy8w.M18xNjY5NjEwMzk3XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:39:58 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK14117b0d-2004-4b66-957b-029f0eeafa15",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843b9e2189a525",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 04:39:58 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:bbwfxTqaNZ2OmIc9RFJk1pF7RQYa1oIj2/aHiQjL3io\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dA957B2ACB1BBB6FC9ADEB314578E81AE~-1~YAAQXXYGFzrr4YSEAQAATOKIvAja/5VV0nym1OaLB9GJNw2r2MUV5sQXiLzjh78h4zQ9cdIeFMW9nj2KTCWCm5V+pQUjTjfd9jdOF1l8YgjRjwbSm64wj+lvXy3BKXRYVARpAHq6TTXHW5PsP9ufVHYlsB2J4eyg+yG5umLsWas+DLCC6PXm9ni5QdoN22mNdcY6ql71jB06gvDH2L0Z+roScz8yRvNj0gc8BCggj9WcwXwyYGWW5YCewWt+b+H/GggopH76Ni01l80VFY5o6mdkz1YrOhYIQXg9wzbSzFVxldQUW/gj1yx3/rZB7XwOilBTJ19rk3zjsMDiSjg38r+uf1n6iQWE/eRxLkfuChRuOXLSUZXuq3t3ztPlcTS2R+x/Ulw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:39:58 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9EAEEA08BBB52E36935B191F01527D88~YAAQXXYGFzvr4YSEAQAATOKIvBH/m68fRc7Ylk7ORQjXYIK+XItLz3lWY9DENdymDExr9qVxAFA4pug4Uridqxc4BTko3vdMY5J6vdrVzD21xBoIz3pDezIZ7FZ7dnGw/KbnpYN4wcKqhLwM0EzNKfGK7YbT5O4GCElsI8AqC8aljGnVEKXzN1HXjm5JJuGFsZwlHxMcss3YBhR/uOxoOi01+9wMM81ETyCfq2n7p9eUsNsBRaiLZruxh7OWa53/ckhgrGLk7IwEXZk7cc2Vn//VqEZmJIhBmouvAFdRdsJ5Py8S3TKqmEVsOexh~3747893~3354677; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:39:57 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d192"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["76925193-5959-4d09-b7b9-72c026bdc758"],"auth_time":1669610042,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669610328,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 04:39:58 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK14117b0d-2004-4b66-957b-029f0eeafa15",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c28163843b9e2189a525",
  "content-length": "324",
  "date": "Mon, 28 Nov 2022 04:39:58 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:bbwfxTqaNZ2OmIc9RFJk1pF7RQYa1oIj2/aHiQjL3io\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dA957B2ACB1BBB6FC9ADEB314578E81AE~-1~YAAQXXYGFzrr4YSEAQAATOKIvAja/5VV0nym1OaLB9GJNw2r2MUV5sQXiLzjh78h4zQ9cdIeFMW9nj2KTCWCm5V+pQUjTjfd9jdOF1l8YgjRjwbSm64wj+lvXy3BKXRYVARpAHq6TTXHW5PsP9ufVHYlsB2J4eyg+yG5umLsWas+DLCC6PXm9ni5QdoN22mNdcY6ql71jB06gvDH2L0Z+roScz8yRvNj0gc8BCggj9WcwXwyYGWW5YCewWt+b+H/GggopH76Ni01l80VFY5o6mdkz1YrOhYIQXg9wzbSzFVxldQUW/gj1yx3/rZB7XwOilBTJ19rk3zjsMDiSjg38r+uf1n6iQWE/eRxLkfuChRuOXLSUZXuq3t3ztPlcTS2R+x/Ulw\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:39:58 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d9EAEEA08BBB52E36935B191F01527D88~YAAQXXYGFzvr4YSEAQAATOKIvBH/m68fRc7Ylk7ORQjXYIK+XItLz3lWY9DENdymDExr9qVxAFA4pug4Uridqxc4BTko3vdMY5J6vdrVzD21xBoIz3pDezIZ7FZ7dnGw/KbnpYN4wcKqhLwM0EzNKfGK7YbT5O4GCElsI8AqC8aljGnVEKXzN1HXjm5JJuGFsZwlHxMcss3YBhR/uOxoOi01+9wMM81ETyCfq2n7p9eUsNsBRaiLZruxh7OWa53/ckhgrGLk7IwEXZk7cc2Vn//VqEZmJIhBmouvAFdRdsJ5Py8S3TKqmEVsOexh~3747893~3354677; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:39:57 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d90",
    "origin; dur\u003d192"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"acr":"urn:ibm:security:policy:id:1","amr":["password"],"aud":["76925193-5959-4d09-b7b9-72c026bdc758"],"auth_time":1669610042,"iss":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","name":"ISV Dev","preferred_username":"isvdev@ibm.com","rat":1669610328,"realmName":"cloudIdentityRealm","sub":"6160017N67"}
2022-11-28 04:39:58 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-28 04:39:58 FINISHED
oidcc-refresh-token-rp-key-rotation
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-28 04:39:58
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/76925193-5959-4d09-b7b9-72c026bdc758
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer YxJvyNklmXSw1CIU842ci_el7QY1ebAvNq51P7pux_M.edOD5XuuNnbuEd2wo6IKiIgrG_hX8-lOXa_871Sois2KRnDnRdZUENxzWP6k6uQC319peK8Ogo2_3h_PIxG1YQ.M18xNjY5NjEwMzAxXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 04:40:03 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK6f7445b6-0152-4722-9c71-5f04a17bdd2e",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c28163843b9e371a7d31",
  "date": "Mon, 28 Nov 2022 04:40:03 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:SPuKuDkrZi668Cj56i0Nvf73EtkVw0X7nJ9iIfhJVco\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d5E30568B6EC01D780477D8E1EA6BDBC9~-1~YAAQXXYGF7Tr4YSEAQAAXPaIvAjNlMFThaw8d53GpFyXGJs3H892V98QZDxdKIs7P/8GWoRM8ff+NlCwvdTsr4ijN35k305PC/+3atwcLoGHHDoSoCmpfbTqMbCk/WRUszlGAf6wdGyYphsEN+oi6p9syOiaT04fnrzy/4coK5TVaDDFx3DgTtDbxLHKeO7jqFVGx5Un1iqa3+9Pw944DG9vELuQlNcTWvCrO8cjzq2Zi6UmQopo1ntdawltO1CPMZ4vFea06wHnVNurVDFgKHjczmIyTB81YRpc8WkoXevz3bpoMNwcN3vR1LAX6xcoCNhng1umwb3YwByrhen1kp5eXbrr0JDIJs0bJ6wuTHEyQ02pe17pib6wPEeERV+NzO1ttTk\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 04:40:03 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d248DBCC0BE7E38FA9D0C7BE800838D59~YAAQXXYGF7Xr4YSEAQAAXPaIvBHgbIQcGpfNZvMfag2rItIet2iBpr654I6VtTTcvzzTMk+6nRzoptbTDFNxCPKnazGmi38P0u/zMHfArVB0ZdqCyFRgMlxcsAXWnarSmn/iAvmpRO2aQcfOm9Ux/9qlCd6KjeqwTWS9cZxruF5avs3lqy0TmLcqCSewrnVPdjsAEOU/XGvlIsVzGRi7bLWS7t4OMddCAdwbLHBnEWjyfK7i0X67/FNHEHxiVeW9tKhnj9gWjZjTFdG11EQTSnJygh0ZR9lGHNsBzqQkNweqRZw9f9EM4oEi8d6G~4534833~3225141; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 08:39:58 GMT; Max-Age\u003d14395; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 04:40:03 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-28 04:40:11
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
woy1eP6Nysbbl2R
Test Results