Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-28 05:15:27 INFO
TEST-RUNNER
Test instance 7B4TaJ0WM0IsjKQ created
baseUrl
https://www.certification.openid.net/test/a/isv_op_oidc_core_test
variant
{
  "client_auth_type": "private_key_jwt",
  "response_type": "code id_token",
  "server_metadata": "discovery",
  "client_registration": "dynamic_client",
  "response_mode": "default"
}
alias
isv_op_oidc_core_test
description
isv_op_oidc_core_test_dynamic_client
planId
OnmlfiYkW6Bbn
config
{
  "server": {
    "discoveryUrl": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration",
    "login_hint": "isvdev@ibm.com"
  },
  "client": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client One"
  },
  "client2": {
    "client_name": "Ristretto Core Conformance Test Dynamic Client Two"
  },
  "consent": {},
  "alias": "isv_op_oidc_core_test",
  "description": "isv_op_oidc_core_test_dynamic_client"
}
testName
oidcc-userinfo-rs256
2022-11-28 05:15:27 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 05:15:27
GetDynamicServerConfiguration
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:15:28 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK0d38dd4f-60f3-4c45-812e-b3eda71f7707",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638443ef119e95d9",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 05:15:28 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:uN0Rx/BaVGdkuV6MZHLLJ6MQ65Nf3wDTOGfitmx8Jp4\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:57871319; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dC3A5F69AF87E53875FBFAA1D9E53DFD3~-1~YAAQJHYGF/d8+4SEAQAAwWGpvAheKRraiuKmcvz9AUQVYuzVOPOSp4qVkMrCTlI/8aIZbPeztlpgu8YBXPiDBJEm/bG97i8uFk9DLu/YjcrJ8bH2mJEDJDZLvtnB2aWUAKFIfCwyu6AU3+Ll2STLOAiv84yZ+FhUYsQAw6nZBL+jBg4tsCB1nuvDMSdv96A2Hzm8yVfHy3YoqNv/kM38GCVqt90mNhvfPS/iPQV10J20a/txfuo7HIZYhOnQE7/rIvN9qJwnbc4rAlUgoDfMnc2XA+rtAxeJqboZVhUvfB08OgVYY0mKPESa25BYgIcHIKMNHPdtre/sP+BEtvQBsoDI+/LYQGKcMC1RoMsQfZv1LcsxTFTaANYl4p+dwP08JiMD+D4\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:28 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d83DAAAC7FFDF26D417C999146F080A04~YAAQJHYGF/h8+4SEAQAAwWGpvBFzfBbfLLTyLtSEKtWJGJLe28YlIuYdQCHXqZkSCohTVIxdKflo5nlIzjgXCFZKIgNQx4qf6mqCVTnRIliLXjGZkMF49TUeBCqFKcSiC57PLsfngZT0c4LEdmBx+k5ejGjwHkdjeOCku9kEWWZLxDtUcPcW+S2c9fF+AoWCifFOPmUPBz3kgbevRbq6BY+7w7rcKO7bHWrx0UUknqgodPv9KmGC2yLLCXXUzG74vk37Hqm8YkquvYBazZqcinLUoJKZjDfLQT7cF4VoRiABW5S+H2EM/qgx7V+A~4470326~4339267; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:27 GMT; Max-Age\u003d14399; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d91",
    "origin; dur\u003d108"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"issuer":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2","authorization_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize","token_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token","introspection_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect","userinfo_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo","revocation_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke","pushed_authorization_request_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par","registration_endpoint":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register","jwks_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks","response_types_supported":["none","code","token","id_token","code token","code id_token","token id_token","code token id_token"],"response_modes_supported":["query","fragment","form_post","jwt","query.jwt","fragment.jwt","form_post.jwt"],"grant_types_supported":["authorization_code","implicit","password","refresh_token","client_credentials"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],"authorization_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"authorization_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"authorization_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"id_token_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"id_token_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"id_token_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"userinfo_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"userinfo_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"userinfo_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"token_endpoint_auth_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"],"request_object_encryption_alg_values_supported":["none","RSA-OAEP","RSA-OAEP-256"],"request_object_encryption_enc_values_supported":["none","A128GCM","A192GCM","A256GCM"],"subject_types_supported":["public"],"scopes_supported":["openid","profile","email","phone","address"],"claims_supported":["mobile_number","preferred_username","groupIds","tenantId","family_name","given_name","employee_id","department","name","job_title","upn","realmName","email","uid","iss","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"tls_client_certificate_bound_access_tokens":true,"mtls_endpoint_aliases":{"introspection_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect","pushed_authorization_request_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par","revocation_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke","token_endpoint":"https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"},"dpop_signing_alg_values_supported":["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]}
2022-11-28 05:15:28 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize
token_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
introspection_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/introspect
userinfo_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
revocation_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/revoke
pushed_authorization_request_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/par
registration_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
response_types_supported
[
  "none",
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
grant_types_supported
[
  "authorization_code",
  "implicit",
  "password",
  "refresh_token",
  "client_credentials"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
authorization_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
authorization_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
authorization_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
id_token_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
id_token_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
id_token_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
userinfo_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
userinfo_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
userinfo_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA-OAEP",
  "RSA-OAEP-256"
]
request_object_encryption_enc_values_supported
[
  "none",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
subject_types_supported
[
  "public"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "phone",
  "address"
]
claims_supported
[
  "mobile_number",
  "preferred_username",
  "groupIds",
  "tenantId",
  "family_name",
  "given_name",
  "employee_id",
  "department",
  "name",
  "job_title",
  "upn",
  "realmName",
  "email",
  "uid",
  "iss",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "introspection_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/introspect",
  "pushed_authorization_request_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/par",
  "revocation_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/revoke",
  "token_endpoint": "https://fapipoc.rel.vanitytst.cloudidentity.ibm.com/oauth2/token"
}
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
2022-11-28 05:15:28 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-28 05:15:28 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "testPort": 443
}
2022-11-28 05:15:28
FetchServerKeys
Fetching server key
jwks_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
2022-11-28 05:15:28
FetchServerKeys
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:15:28 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK28840c5d-2a23-48dd-bcc3-b25cb9811a23",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638443f037377a71",
  "vary": "Accept-Encoding",
  "date": "Mon, 28 Nov 2022 05:15:28 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:JUehoW1qYRAuLmI5ZZistOOTbbsYSH4VMzTE323Kjss\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d5DFFB34600E92C5721E9DF456B3EEB0F~-1~YAAQJHYGFxd9+4SEAQAAW2OpvAj7ziPVPoxpIBCXFgBrpXJLxE5dYJReb1tNL6eJlYV4dBMQv3+qHtC0iJ+wlAWVGgoq977sdvVfaFxNXM9aSE+Gr1wdMkgdP3Kx4qrCvP1bGAp8qKYIuqac44z5PsHfdrzFm9Zd/QVb2h5VPQGiS1GRkTCS/yX4s5TJOeC/yTZT9GhwKeKePNi5yF7cdThl2p8ZMyrfES26DgLz+WWaa63Cmt1D7FuS0j9CD8as3o6uEycUUm6KsST4U1bfMx3zTw+/L9mSSlbDO6JyOhXSOnF2bP+r+738Fjk0Dqt/PzvJLBzoX6ZnqyfZZGI3c5z5TIwAo2KKZ/Cqpm6N9H2VDod3hizapTi5A6NTQAVe+POC5us\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:28 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3FEFEDCECB005F21AADE3C71D47A7369~YAAQJHYGFxh9+4SEAQAAW2OpvBFdm6iG78epUWfewOrD74OUcQacvpsUS8Xar/F1ZGRaYFhKs/E7tRuuDqrhhy0GiaCZpH2zD+hAFbGRpPjLaOhJ2QoRLLypiC5yabwlmO3LgjO+hfobvUWk0mxWOCfsHrF3Mekg1Dpv95v03qL3fc6hgEmvmBYvgZxxopvEbugWXQVotcm+hY76/uWWTmaPfEqD+vZNPNggs9fECEc7uSMpaITLOO+PpB4wRTwVvK+ULW4mp7+5+52M4EIWcvZqD3yDZ/IBu3DrnbLNDF+q9KZHlvKztEC+OOPf~3748678~3619140; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:28 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d138",
    "origin; dur\u003d177"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 05:15:28
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"server","kty":"RSA","use":"sig","x5c":["MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA=="],"x5t#S256":"PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4","n":"sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw","e":"AQAB"}]}
2022-11-28 05:15:28 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 05:15:28 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "server",
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIDYDCCAkigAwIBAgIEIFW8uDANBgkqhkiG9w0BAQsFADByMQkwBwYDVQQGEwAxCTAHBgNVBAgTADEJMAcGA1UEBxMAMQkwBwYDVQQKEwAxCTAHBgNVBAsTADE5MDcGA1UEAxMwb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tMB4XDTIyMTExNDA0NDI0MFoXDTMyMTExMTA0NDI0MFowcjEJMAcGA1UEBhMAMQkwBwYDVQQIEwAxCTAHBgNVBAcTADEJMAcGA1UEChMAMQkwBwYDVQQLEwAxOTA3BgNVBAMTMG9pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBtmxl55OH/ceueSG0bRucWkdCLybhWwz+x9J6IOb8Q89d4lcd7xhdkN+9nYEjqQMDrUEFDj2ajikKlxrJk7tZSkbu5skFuxHUETDhjHBqnNQb1jwhAdYzBPFTyQ9Ii7lm0uYTthnBJKvpvjKPoz7H9Vuu15RNDujq7RF6sDGSIJUTaxbx7EM2Xv37iqfSAjaMCvfLelacNHUfCAoyGeJYXCIOnlg2/KdfoN4QHKw9Dwq12Br2vau/TcvbD8Na4b+Mm/NEf00wFjt+MtbMCDyUFMQbsAuAk2eFS3eABb1VOQ9ZZOOcsXwB4nRewWIVVhJyMEixDXxm73G9oJBUpI6sCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAhvvrczfcb1xsYJeEiVtctWlLfHXyKkfyJpIU1nTGdKpd18tPv4OeLMyuJsOFenhJD95UauFwz3AT1zdHShp04JHWTtkb7aezFN4C9fpb97BUR0BheoYzkC6pgZ7M4QkkKE/AKYZfWLahqcbZ6ICmUfXyDJ2mWpXLpLm+l6jh32NF74ho8h4b65cMpDk5mFEp9vf1WgnmaWGtFjVuhAgaS8IrYcDy3DzVrZX/0kCPa0EXng7Xx1IkhUaKz0ajx3ZCmC6HmNa6U+oDKboGq7w1ZfscjOr8nB9M0f5BUAQN1m0nGAR1Ac96BMjfwwS/05lpPLF3Dv5CzOGLuIi0Cws7xA\u003d\u003d"
      ],
      "x5t#S256": "PVCDmVgwC-YE7Q8Bfe_9jJ8izpYjwStjUEYZEe-58Y4",
      "n": "sG2bGXnk4f9x655IbRtG5xaR0IvJuFbDP7H0nog5vxDz13iVx3vGF2Q372dgSOpAwOtQQUOPZqOKQqXGsmTu1lKRu7myQW7EdQRMOGMcGqc1BvWPCEB1jME8VPJD0iLuWbS5hO2GcEkq-m-Mo-jPsf1W67XlE0O6OrtEXqwMZIglRNrFvHsQzZe_fuKp9ICNowK98t6Vpw0dR8ICjIZ4lhcIg6eWDb8p1-g3hAcrD0PCrXYGva9q79Ny9sPw1rhv4yb80R_TTAWO34y1swIPJQUxBuwC4CTZ4VLd4AFvVU5D1lk45yxfAHidF7BYhVWEnIwSLENfGbvcb2gkFSkjqw",
      "e": "AQAB"
    }
  ]
}
2022-11-28 05:15:28 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-28 05:15:28 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-28 05:15:28 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 05:15:28 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-28 05:15:28
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 05:15:28
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Ristretto Core Conformance Test Dynamic Client One
2022-11-28 05:15:28 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "9AsSqkCc8GwW2cqCdGly6MeujvpyHgitMbbPLZV_e_a3vJHtQ5h0Fyc_0LQdGZsJPsyUU5KErUpGEQOa8GKBfaAX0g3dknVzVGOmLo6hiQ1FUQEzK5CJVk_uGOnmMLaUJ9WV4c8eV86vo41P6EsoP86tAc9k7wAkKW5ujLueiZc",
      "kty": "RSA",
      "q": "pAUw4s0x3gE8HwEBAjE8kIKZrA8mFZIZk5zimxr0xqvPPasBCZV-YpEa8mQK3renl6Bg-OGqzoRZ93r1HCRWRBQJgEWuqmeRkC6hRqxUd5vTTEwTyS44fuszz-S_XrUPGxuTnI8kaXv7yIHx-rImyQyu6My8sPbFQU_hdUyugOE",
      "d": "AqS7uehYwM78qfWxPYUVaTPCXzPg4GkAVPsf8xWeEHUmg3R448AGBIsp4013Dm0n0LbXpYrml4uBzHqulnTG4H_tmHfKV1kn2-xpdtGhyZck-nkiyLfCOGVYWFifOikcMBCcIC3Jh4MBGbaokkxGncYI41JcXv77A3VWHDu0Li424eFMavy9KF99UNzrwWZ6zfHwWbzxVV1uC9cP_mzhkHgFk39Chht3PUnwgIx6ywyLZWHUOaKKV2bSRodNoUqSWOTCWTYypM9XOQGgniapOCleXKh_PYEXIb6AWJeBNITEICyVeyepIGMUYEcJ-mExxkg-lj1a9iTgSHM5z7iRAQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "nvryfkAtFmKXxdBXfmfFN1W9J5IICZ9QiK4VO3CzRZzvatdYimDPjaDmlrkJICssnPpGRKjK0Oj5sMGfKIbZDYXa9-i0ywUXCd-6YOJ3zKoimeau6eWDDPXc-15AiIDKJM8dyK64fsq0qXAcM1sqGcAaUOk0MOGKDlHdbyYgIVw",
      "dp": "LYAfA8U2PZE5lXOvbPr4JLSONDQ3sKfXesxlxk74TOmMCkl-3jp_co2r1UKvpkWErMPB5-8Kc7DEbYmpiqYjFIQTzOMu646gaRyHMGkBbycdRGQf4UB6irAuaVC6zVxNNTwaTNasBp0PnEPNoTbaE0N6eDrty63QEDV5wR1-CpM",
      "alg": "RS256",
      "dq": "C77HamZRPNmPyZST0uldsed4Q6buDjthE333iC3c-2EQPRVCxMHsw_gqGtNpJ9u055m3d_sI9TLrElq-tJ4xgzyAFaxnvpIeDVoZeGscvVfuQJduD0j9CLGlCy0ROyHyC_nkjyB89gTH2ercPhyFxH3hBJCsrmttYqjqtzCfimE",
      "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"
    }
  ]
}
2022-11-28 05:15:28 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-28 05:15:28
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-11-28 05:15:28
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ
2022-11-28 05:15:28
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-11-28 05:15:28
AddImplicitGrantTypeToDynamicRegistrationRequest
Added 'implicit' to 'grant_types'
grant_types
[
  "authorization_code",
  "implicit"
]
2022-11-28 05:15:28
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"
      }
    ]
  }
}
2022-11-28 05:15:28
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt"
}
2022-11-28 05:15:28
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ]
}
2022-11-28 05:15:28
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ]
}
2022-11-28 05:15:28
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-11-28 05:15:28
AddUserinfoSignedResponseAlgRS256ToDynamicRegistrationRequest
Added userinfo_signed_response_alg=RS256 to dynamic registration request
dynamic_registration_request
{
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ",
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"
      }
    ]
  },
  "token_endpoint_auth_method": "private_key_jwt",
  "response_types": [
    "code id_token"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ],
  "userinfo_signed_response_alg": "RS256"
}
2022-11-28 05:15:28
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "804"
}
request_body
{"client_name":"Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ","grant_types":["authorization_code","implicit"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw"}]},"token_endpoint_auth_method":"private_key_jwt","response_types":["code id_token"],"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"contacts":["certification@oidf.org"],"userinfo_signed_response_alg":"RS256"}
2022-11-28 05:15:34 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK99f3f1c4-4468-4dca-a7af-52e111c42a14",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638443f0119e97c9",
  "content-length": "1472",
  "date": "Mon, 28 Nov 2022 05:15:34 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:45ovFkK4GQatueBI1mi3mlRhHO6QuXA0GMTfFMUc+NE\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dBEE85BB827A641B8DA9F9250EA6F459A~-1~YAAQJHYGFzR++4SEAQAA6XmpvAhlo4wb4HDNhHF5BuTNRMo15o3zsEMbIRm1bNAnsKQqmE/ec0O38VLlXGRMEqZOq2elVk0lRJSeVSC4nRYaezGJw4lVdO0QrVts0wyjc7iujLrmimvJwlK7pyEhdEGw3kNvlxoEcQLdy+zLuhuVo8Ps4C/ozGgoaa8yDdW97rlv/jPueMH6On7X/0pUhzzwS+fdQLJ/TExkQ6ps26Phcu8Z2GtSgn0Lqkkx41QUHEoH/2XK/FtWE/8PmhENpqpNi3gOtAuzBXlx9ceEFN4LDZ6IrhqrnX1+DksXNyGJh37s88Lgttne1JVstPqau66pNG5RM1Pq71o+iLaOJpUEgKi1R4s/tTIw1ZsinARWwPMnEKI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:34 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d79076CAC6786D525B135755A3BA103F8~YAAQJHYGFzV++4SEAQAA6XmpvBHkO5cMWE2l+9SYpmQFqU1HdH785CpnVpXQV88Gr2BvwVwZBWZWC6tP4+huZiuv9jNmWhJ2/gqAkheijNZgU+ePf10RbmGNyquHDYbZ2cQfIu5WlVaqOJj2tYqX1nklwQZxeMLzGdvIu0JXxtn90lZZoMac1+le7PBK9a+HHLjXFCTo2NAbGferR3MgVF2eScBI+jpKldg56MhkZFgeByDksiuSaqdrWytT5qhRPt90BY55RegiIHi0JhD3NWUNpPyg0qo6fBzdmfS5TwF41AQqUt8H/9n7y0Ny~3748678~3619140; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:28 GMT; Max-Age\u003d14394; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d97",
    "origin; dur\u003d5511"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"all_users_entitled":true,"client_id":"702137d1-30d9-4c7c-8b6a-1723994327de","client_id_issued_at":"2022-11-28T05:15:29Z","client_name":"Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ","client_secret":"hHb0yBkFdl","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"11Kse7jjguX2Y5s0zUiqvhkd614qDx3vNSOXyTPNVwY.igwbSCjCU-lUbHKuUcYpVCEbAXyv8bFfVfKf-R8RYeIaxfSdrAhmwqVYymMNp39h0K9rTPhtrnyOPDMSRbFhsQ.M18xNjY5NjEyNTM0XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/702137d1-30d9-4c7c-8b6a-1723994327de","response_types":["code id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[],"userinfo_signed_response_alg":"RS256"}
2022-11-28 05:15:34
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK99f3f1c4-4468-4dca-a7af-52e111c42a14",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638443f0119e97c9",
  "content-length": "1472",
  "date": "Mon, 28 Nov 2022 05:15:34 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:45ovFkK4GQatueBI1mi3mlRhHO6QuXA0GMTfFMUc+NE\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003dBEE85BB827A641B8DA9F9250EA6F459A~-1~YAAQJHYGFzR++4SEAQAA6XmpvAhlo4wb4HDNhHF5BuTNRMo15o3zsEMbIRm1bNAnsKQqmE/ec0O38VLlXGRMEqZOq2elVk0lRJSeVSC4nRYaezGJw4lVdO0QrVts0wyjc7iujLrmimvJwlK7pyEhdEGw3kNvlxoEcQLdy+zLuhuVo8Ps4C/ozGgoaa8yDdW97rlv/jPueMH6On7X/0pUhzzwS+fdQLJ/TExkQ6ps26Phcu8Z2GtSgn0Lqkkx41QUHEoH/2XK/FtWE/8PmhENpqpNi3gOtAuzBXlx9ceEFN4LDZ6IrhqrnX1+DksXNyGJh37s88Lgttne1JVstPqau66pNG5RM1Pq71o+iLaOJpUEgKi1R4s/tTIw1ZsinARWwPMnEKI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:34 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d79076CAC6786D525B135755A3BA103F8~YAAQJHYGFzV++4SEAQAA6XmpvBHkO5cMWE2l+9SYpmQFqU1HdH785CpnVpXQV88Gr2BvwVwZBWZWC6tP4+huZiuv9jNmWhJ2/gqAkheijNZgU+ePf10RbmGNyquHDYbZ2cQfIu5WlVaqOJj2tYqX1nklwQZxeMLzGdvIu0JXxtn90lZZoMac1+le7PBK9a+HHLjXFCTo2NAbGferR3MgVF2eScBI+jpKldg56MhkZFgeByDksiuSaqdrWytT5qhRPt90BY55RegiIHi0JhD3NWUNpPyg0qo6fBzdmfS5TwF41AQqUt8H/9n7y0Ny~3748678~3619140; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:28 GMT; Max-Age\u003d14394; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d97",
    "origin; dur\u003d5511"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
{"all_users_entitled":true,"client_id":"702137d1-30d9-4c7c-8b6a-1723994327de","client_id_issued_at":"2022-11-28T05:15:29Z","client_name":"Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ","client_secret":"hHb0yBkFdl","client_secret_expires_at":0,"consent_action":"always_prompt","enforce_pkce":false,"grant_types":["authorization_code","implicit"],"id_token_map":[],"id_token_signed_response_alg":"RS256","initiate_login_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com","jwks":{"keys":[{"use":"sig","kty":"RSA","alg":"RS256","n":"nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw","e":"AQAB"}]},"redirect_uris":["https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"],"registration_access_token":"11Kse7jjguX2Y5s0zUiqvhkd614qDx3vNSOXyTPNVwY.igwbSCjCU-lUbHKuUcYpVCEbAXyv8bFfVfKf-R8RYeIaxfSdrAhmwqVYymMNp39h0K9rTPhtrnyOPDMSRbFhsQ.M18xNjY5NjEyNTM0XzE4","registration_client_uri":"https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/702137d1-30d9-4c7c-8b6a-1723994327de","response_types":["code id_token"],"token_endpoint_auth_method":"private_key_jwt","token_map":[],"userinfo_signed_response_alg":"RS256"}
body_json
{
  "all_users_entitled": true,
  "client_id": "702137d1-30d9-4c7c-8b6a-1723994327de",
  "client_id_issued_at": "2022-11-28T05:15:29Z",
  "client_name": "Ristretto Core Conformance Test Dynamic Client One 7B4TaJ0WM0IsjKQ",
  "client_secret": "hHb0yBkFdl",
  "client_secret_expires_at": 0,
  "consent_action": "always_prompt",
  "enforce_pkce": false,
  "grant_types": [
    "authorization_code",
    "implicit"
  ],
  "id_token_map": [],
  "id_token_signed_response_alg": "RS256",
  "initiate_login_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com",
  "jwks": {
    "keys": [
      {
        "use": "sig",
        "kty": "RSA",
        "alg": "RS256",
        "n": "nFwKxreamzQYP2OgoGviB6nzvucQs7nu5f9KcgmB3Z-lkcmNc7wEwIEGHWyszEtgjCqYlHVnJmBtDQy5Gbr-clK8oDRnT10o6eHSiX7A-b7554kR_OQHbeC_spd33PVzy4FuKRsyNM1PpV-4ImQGBMV3iJsxS6IyeDmpfS86qML-q5G2tVpkZwEb_txUBXvEP10X1_y5OIbdpjQOWNvEVUMPYhduxCASYq1tuER3wIQeCIE47AtvUTRKbHGWXjmjFPaiQwnk1hWJKDGnFdOpg81qBACxvejLuEZvh3MlJO5FAfYfHdTXe7L97saREIaFgFS5Rxe8f6dvq7cdg8Rttw",
        "e": "AQAB"
      }
    ]
  },
  "redirect_uris": [
    "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback"
  ],
  "registration_access_token": "11Kse7jjguX2Y5s0zUiqvhkd614qDx3vNSOXyTPNVwY.igwbSCjCU-lUbHKuUcYpVCEbAXyv8bFfVfKf-R8RYeIaxfSdrAhmwqVYymMNp39h0K9rTPhtrnyOPDMSRbFhsQ.M18xNjY5NjEyNTM0XzE4",
  "registration_client_uri": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/702137d1-30d9-4c7c-8b6a-1723994327de",
  "response_types": [
    "code id_token"
  ],
  "token_endpoint_auth_method": "private_key_jwt",
  "token_map": [],
  "userinfo_signed_response_alg": "RS256"
}
2022-11-28 05:15:34 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-11-28 05:15:34 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-11-28 05:15:34 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-11-28 05:15:34 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
702137d1-30d9-4c7c-8b6a-1723994327de
2022-11-28 05:15:34 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/702137d1-30d9-4c7c-8b6a-1723994327de
registration_access_token
11Kse7jjguX2Y5s0zUiqvhkd614qDx3vNSOXyTPNVwY.igwbSCjCU-lUbHKuUcYpVCEbAXyv8bFfVfKf-R8RYeIaxfSdrAhmwqVYymMNp39h0K9rTPhtrnyOPDMSRbFhsQ.M18xNjY5NjEyNTM0XzE4
2022-11-28 05:15:34
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-11-28 05:15:34 SUCCESS
EnsureServerConfigurationSupportsPrivateKeyJwt
Found supported private_key_jwt method
method
private_key_jwt
2022-11-28 05:15:34 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
2022-11-28 05:15:34 SUCCESS
CheckDiscEndpointUserinfoSigningAlgValuesSupportedContainsRS256
Contents of 'userinfo_signing_alg_values_supported' in discovery document matches expectations.
actual
[
  "RS256",
  "RS384",
  "RS512",
  "PS256",
  "PS384",
  "PS512",
  "ES256",
  "ES384",
  "ES512"
]
expected
[
  "RS256"
]
minimum_matches_required
1
2022-11-28 05:15:34
oidcc-userinfo-rs256
Setup Done
Make request to authorization endpoint
2022-11-28 05:15:34 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
702137d1-30d9-4c7c-8b6a-1723994327de
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
2022-11-28 05:15:34
CreateRandomStateValue
Created state value
requested_state_length
10
state
F0x4raHGfU
2022-11-28 05:15:34 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
702137d1-30d9-4c7c-8b6a-1723994327de
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
F0x4raHGfU
2022-11-28 05:15:34
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
wFi0oo2icg
2022-11-28 05:15:34 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
702137d1-30d9-4c7c-8b6a-1723994327de
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
F0x4raHGfU
nonce
wFi0oo2icg
2022-11-28 05:15:34 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
702137d1-30d9-4c7c-8b6a-1723994327de
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
scope
openid
state
F0x4raHGfU
nonce
wFi0oo2icg
response_type
code id_token
2022-11-28 05:15:34 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "702137d1-30d9-4c7c-8b6a-1723994327de",
  "redirect_uri": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "scope": "openid",
  "state": "F0x4raHGfU",
  "nonce": "wFi0oo2icg",
  "response_type": "code id_token"
}
redirect_to_authorization_endpoint
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=702137d1-30d9-4c7c-8b6a-1723994327de&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=F0x4raHGfU&nonce=wFi0oo2icg&response_type=code%20id_token
2022-11-28 05:15:34 REDIRECT
oidcc-userinfo-rs256
Redirecting to authorization endpoint
redirect_to
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/authorize?client_id=702137d1-30d9-4c7c-8b6a-1723994327de&redirect_uri=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback&scope=openid&state=F0x4raHGfU&nonce=wFi0oo2icg&response_type=code%20id_token
2022-11-28 05:15:40 INCOMING
oidcc-userinfo-rs256
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close"
}
incoming_path
/test/a/isv_op_oidc_core_test/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:15:40 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/RBgFqPji9rHc7jsHsfi0",
  "fullUrl": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/RBgFqPji9rHc7jsHsfi0"
}
2022-11-28 05:15:40 OUTGOING
oidcc-userinfo-rs256
Response to HTTP request to test instance 7B4TaJ0WM0IsjKQ
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/isv_op_oidc_core_test/implicit/RBgFqPji9rHc7jsHsfi0, returnUrl=/log-detail.html?log=7B4TaJ0WM0IsjKQ}]
outgoing_path
callback
2022-11-28 05:15:41 INCOMING
oidcc-userinfo-rs256
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/RBgFqPji9rHc7jsHsfi0
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "connection": "close",
  "content-length": "1278"
}
incoming_path
/test/a/isv_op_oidc_core_test/implicit/RBgFqPji9rHc7jsHsfi0
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
#code=CDWKKOuMc2sDLlehZCRNZSsEJy1C-24Mt25sB2Rp7ew.w4zed_Zd181pwP5ZMr9p-exzxRXYAYiT5XQzLaBbIsgrx6UVl-o5BA_Rpyo7uUl3RtxyV7Hecf-NEUFNMqH95w&id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJjX2hhc2giOiJwWEgtLXp5QWRSY0JlVGFUSm1LRmtBIiwiZXhwIjoxNjY5NjE5NzQwLCJpYXQiOjE2Njk2MTI1NDAsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjIyZWEzN2Y0LThmYjEtNGZlZi04Y2UyLWJkYzFjNzJkZDNmYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJ3Rmkwb28yaWNnIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6InR1ZHhNd19rT1NvQmVucUhpMkVEWEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.oXZ-UWHtoX2DtLTIu3jOLDR3epEiVTxve0_wkfHQje_LYl78YQCD6gclCV7aeGNuhqkJufb7X1rNRJxsQqLTcIEPuD9xoCrZRIaI3fkWnGsA6_G5XMTSsJPVC86CApkjsu5HRP1_JZPDuqSxrbArRs-5-i920jtXEf6l20WWFs9A3Zpt15rFNB9t8kj4ecs-DgHqTHxo-nbR6ckiuMDc7y925kvALYb9oToZSYcmzsBtx6pFw7kbBqtqrJbYhIxavhsGDroWWSmGKLd7MrFbqBSu5xw5v5G0LzK0NFA8l1E4i9DOUh10TQhdNOKFyQ9JfGW5hzWlvZDDV4ixktF46Q&iss=https%3A%2F%2Foidc-conformance.rel.verify.ibmcloudsecurity.com%2Foauth2&state=F0x4raHGfU
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-11-28 05:15:41 OUTGOING
oidcc-userinfo-rs256
Response to HTTP request to test instance 7B4TaJ0WM0IsjKQ
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/RBgFqPji9rHc7jsHsfi0
2022-11-28 05:15:41
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "code",
    "value": "CDWKKOuMc2sDLlehZCRNZSsEJy1C-24Mt25sB2Rp7ew.w4zed_Zd181pwP5ZMr9p-exzxRXYAYiT5XQzLaBbIsgrx6UVl-o5BA_Rpyo7uUl3RtxyV7Hecf-NEUFNMqH95w"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJjX2hhc2giOiJwWEgtLXp5QWRSY0JlVGFUSm1LRmtBIiwiZXhwIjoxNjY5NjE5NzQwLCJpYXQiOjE2Njk2MTI1NDAsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjIyZWEzN2Y0LThmYjEtNGZlZi04Y2UyLWJkYzFjNzJkZDNmYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJ3Rmkwb28yaWNnIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6InR1ZHhNd19rT1NvQmVucUhpMkVEWEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.oXZ-UWHtoX2DtLTIu3jOLDR3epEiVTxve0_wkfHQje_LYl78YQCD6gclCV7aeGNuhqkJufb7X1rNRJxsQqLTcIEPuD9xoCrZRIaI3fkWnGsA6_G5XMTSsJPVC86CApkjsu5HRP1_JZPDuqSxrbArRs-5-i920jtXEf6l20WWFs9A3Zpt15rFNB9t8kj4ecs-DgHqTHxo-nbR6ckiuMDc7y925kvALYb9oToZSYcmzsBtx6pFw7kbBqtqrJbYhIxavhsGDroWWSmGKLd7MrFbqBSu5xw5v5G0LzK0NFA8l1E4i9DOUh10TQhdNOKFyQ9JfGW5hzWlvZDDV4ixktF46Q"
  },
  {
    "name": "iss",
    "value": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2"
  },
  {
    "name": "state",
    "value": "F0x4raHGfU"
  }
]
2022-11-28 05:15:41 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
CDWKKOuMc2sDLlehZCRNZSsEJy1C-24Mt25sB2Rp7ew.w4zed_Zd181pwP5ZMr9p-exzxRXYAYiT5XQzLaBbIsgrx6UVl-o5BA_Rpyo7uUl3RtxyV7Hecf-NEUFNMqH95w
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJjX2hhc2giOiJwWEgtLXp5QWRSY0JlVGFUSm1LRmtBIiwiZXhwIjoxNjY5NjE5NzQwLCJpYXQiOjE2Njk2MTI1NDAsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjIyZWEzN2Y0LThmYjEtNGZlZi04Y2UyLWJkYzFjNzJkZDNmYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJ3Rmkwb28yaWNnIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6InR1ZHhNd19rT1NvQmVucUhpMkVEWEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.oXZ-UWHtoX2DtLTIu3jOLDR3epEiVTxve0_wkfHQje_LYl78YQCD6gclCV7aeGNuhqkJufb7X1rNRJxsQqLTcIEPuD9xoCrZRIaI3fkWnGsA6_G5XMTSsJPVC86CApkjsu5HRP1_JZPDuqSxrbArRs-5-i920jtXEf6l20WWFs9A3Zpt15rFNB9t8kj4ecs-DgHqTHxo-nbR6ckiuMDc7y925kvALYb9oToZSYcmzsBtx6pFw7kbBqtqrJbYhIxavhsGDroWWSmGKLd7MrFbqBSu5xw5v5G0LzK0NFA8l1E4i9DOUh10TQhdNOKFyQ9JfGW5hzWlvZDDV4ixktF46Q
iss
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2
state
F0x4raHGfU
2022-11-28 05:15:41 REDIRECT-IN
oidcc-userinfo-rs256
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,zh-CN;q\u003d0.8,zh;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1094656506.1667372526.1669192421.1669574146.18; __utmz\u003d201319536.1669574146.18.4.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d3F138883B59A4562B9987C6E0F96FA4F",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "CDWKKOuMc2sDLlehZCRNZSsEJy1C-24Mt25sB2Rp7ew.w4zed_Zd181pwP5ZMr9p-exzxRXYAYiT5XQzLaBbIsgrx6UVl-o5BA_Rpyo7uUl3RtxyV7Hecf-NEUFNMqH95w",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJjX2hhc2giOiJwWEgtLXp5QWRSY0JlVGFUSm1LRmtBIiwiZXhwIjoxNjY5NjE5NzQwLCJpYXQiOjE2Njk2MTI1NDAsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjIyZWEzN2Y0LThmYjEtNGZlZi04Y2UyLWJkYzFjNzJkZDNmYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJ3Rmkwb28yaWNnIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6InR1ZHhNd19rT1NvQmVucUhpMkVEWEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.oXZ-UWHtoX2DtLTIu3jOLDR3epEiVTxve0_wkfHQje_LYl78YQCD6gclCV7aeGNuhqkJufb7X1rNRJxsQqLTcIEPuD9xoCrZRIaI3fkWnGsA6_G5XMTSsJPVC86CApkjsu5HRP1_JZPDuqSxrbArRs-5-i920jtXEf6l20WWFs9A3Zpt15rFNB9t8kj4ecs-DgHqTHxo-nbR6ckiuMDc7y925kvALYb9oToZSYcmzsBtx6pFw7kbBqtqrJbYhIxavhsGDroWWSmGKLd7MrFbqBSu5xw5v5G0LzK0NFA8l1E4i9DOUh10TQhdNOKFyQ9JfGW5hzWlvZDDV4ixktF46Q",
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "state": "F0x4raHGfU"
}
post_body
Verify authorization endpoint response
2022-11-28 05:15:41 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-28 05:15:41 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2022-11-28 05:15:41 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-11-28 05:15:41 SUCCESS
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
2022-11-28 05:15:41 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-11-28 05:15:41 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
F0x4raHGfU
2022-11-28 05:15:41 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
CDWKKOuMc2sDLlehZCRNZSsEJy1C-24Mt25sB2Rp7ew.w4zed_Zd181pwP5ZMr9p-exzxRXYAYiT5XQzLaBbIsgrx6UVl-o5BA_Rpyo7uUl3RtxyV7Hecf-NEUFNMqH95w
2022-11-28 05:15:41 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJjX2hhc2giOiJwWEgtLXp5QWRSY0JlVGFUSm1LRmtBIiwiZXhwIjoxNjY5NjE5NzQwLCJpYXQiOjE2Njk2MTI1NDAsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjIyZWEzN2Y0LThmYjEtNGZlZi04Y2UyLWJkYzFjNzJkZDNmYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJ3Rmkwb28yaWNnIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6InR1ZHhNd19rT1NvQmVucUhpMkVEWEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.oXZ-UWHtoX2DtLTIu3jOLDR3epEiVTxve0_wkfHQje_LYl78YQCD6gclCV7aeGNuhqkJufb7X1rNRJxsQqLTcIEPuD9xoCrZRIaI3fkWnGsA6_G5XMTSsJPVC86CApkjsu5HRP1_JZPDuqSxrbArRs-5-i920jtXEf6l20WWFs9A3Zpt15rFNB9t8kj4ecs-DgHqTHxo-nbR6ckiuMDc7y925kvALYb9oToZSYcmzsBtx6pFw7kbBqtqrJbYhIxavhsGDroWWSmGKLd7MrFbqBSu5xw5v5G0LzK0NFA8l1E4i9DOUh10TQhdNOKFyQ9JfGW5hzWlvZDDV4ixktF46Q
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "sub": "6160017N67",
  "rat": 1669612536,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "wFi0oo2icg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "702137d1-30d9-4c7c-8b6a-1723994327de",
  "c_hash": "pXH--zyAdRcBeTaTJmKFkA",
  "s_hash": "tudxMw_kOSoBenqHi2EDXA",
  "auth_time": 1669612275,
  "name": "ISV Dev",
  "exp": 1669619740,
  "iat": 1669612540,
  "jti": "22ea37f4-8fb1-4fef-8ce2-bdc1c72dd3fb"
}
2022-11-28 05:15:41 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 05:15:41
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 05:15:41
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 05:15:41
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:15:41
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 05:15:41
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 05:15:41 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 05:15:41 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
wFi0oo2icg
2022-11-28 05:15:41 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 05:15:41 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJjX2hhc2giOiJwWEgtLXp5QWRSY0JlVGFUSm1LRmtBIiwiZXhwIjoxNjY5NjE5NzQwLCJpYXQiOjE2Njk2MTI1NDAsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjIyZWEzN2Y0LThmYjEtNGZlZi04Y2UyLWJkYzFjNzJkZDNmYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJ3Rmkwb28yaWNnIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6InR1ZHhNd19rT1NvQmVucUhpMkVEWEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.oXZ-UWHtoX2DtLTIu3jOLDR3epEiVTxve0_wkfHQje_LYl78YQCD6gclCV7aeGNuhqkJufb7X1rNRJxsQqLTcIEPuD9xoCrZRIaI3fkWnGsA6_G5XMTSsJPVC86CApkjsu5HRP1_JZPDuqSxrbArRs-5-i920jtXEf6l20WWFs9A3Zpt15rFNB9t8kj4ecs-DgHqTHxo-nbR6ckiuMDc7y925kvALYb9oToZSYcmzsBtx6pFw7kbBqtqrJbYhIxavhsGDroWWSmGKLd7MrFbqBSu5xw5v5G0LzK0NFA8l1E4i9DOUh10TQhdNOKFyQ9JfGW5hzWlvZDDV4ixktF46Q
2022-11-28 05:15:41 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJjX2hhc2giOiJwWEgtLXp5QWRSY0JlVGFUSm1LRmtBIiwiZXhwIjoxNjY5NjE5NzQwLCJpYXQiOjE2Njk2MTI1NDAsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6IjIyZWEzN2Y0LThmYjEtNGZlZi04Y2UyLWJkYzFjNzJkZDNmYiIsIm5hbWUiOiJJU1YgRGV2Iiwibm9uY2UiOiJ3Rmkwb28yaWNnIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInNfaGFzaCI6InR1ZHhNd19rT1NvQmVucUhpMkVEWEEiLCJzdWIiOiI2MTYwMDE3TjY3In0.oXZ-UWHtoX2DtLTIu3jOLDR3epEiVTxve0_wkfHQje_LYl78YQCD6gclCV7aeGNuhqkJufb7X1rNRJxsQqLTcIEPuD9xoCrZRIaI3fkWnGsA6_G5XMTSsJPVC86CApkjsu5HRP1_JZPDuqSxrbArRs-5-i920jtXEf6l20WWFs9A3Zpt15rFNB9t8kj4ecs-DgHqTHxo-nbR6ckiuMDc7y925kvALYb9oToZSYcmzsBtx6pFw7kbBqtqrJbYhIxavhsGDroWWSmGKLd7MrFbqBSu5xw5v5G0LzK0NFA8l1E4i9DOUh10TQhdNOKFyQ9JfGW5hzWlvZDDV4ixktF46Q
2022-11-28 05:15:41 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 05:15:41
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 05:15:41 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 05:15:41 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
CDWKKOuMc2sDLlehZCRNZSsEJy1C-24Mt25sB2Rp7ew.w4zed_Zd181pwP5ZMr9p-exzxRXYAYiT5XQzLaBbIsgrx6UVl-o5BA_Rpyo7uUl3RtxyV7Hecf-NEUFNMqH95w
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
2022-11-28 05:15:41 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
702137d1-30d9-4c7c-8b6a-1723994327de
sub
702137d1-30d9-4c7c-8b6a-1723994327de
aud
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
jti
Wnf8SvvsO2PEN72KaQGP
iat
1669612541
exp
1669612601
2022-11-28 05:15:41 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzAyMTM3ZDEtMzBkOS00YzdjLThiNmEtMTcyMzk5NDMyN2RlIiwiZXhwIjoxNjY5NjEyNjAxLCJpYXQiOjE2Njk2MTI1NDEsImp0aSI6IlduZjhTdnZzTzJQRU43MkthUUdQIn0.YatnOhQ_q8F1hjaBTu5G63VdvfEsdUXbV1yQtqSQjjjNzitYj8JRvFFITphBhgCz148JI2p8efVcu6QJG5NMHs3V_zAEjkIauU_wrkqRsybDyTqwOhB9MoSQrHexPPcQSqBnakYhAo0Ywpyrqgk3zAJWul_KQkgTi_dVsV9JRS5ScQ0nVxtCf-lhrRGnKZH0Vzgpi8KiLlY-I_esab5IIlm74Xu0zVsMvQiqQqSrfejQnF9doA3F5DiceSKQUHTg6HA46lqZb8B2Icd0GJBJX0nf-vJGIcNygWi6RpOe5hvIt4CxIYCyt76rT87m1kn6LW7aWgrQPNb0pggun0qF3w
2022-11-28 05:15:41
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
CDWKKOuMc2sDLlehZCRNZSsEJy1C-24Mt25sB2Rp7ew.w4zed_Zd181pwP5ZMr9p-exzxRXYAYiT5XQzLaBbIsgrx6UVl-o5BA_Rpyo7uUl3RtxyV7Hecf-NEUFNMqH95w
redirect_uri
https://www.certification.openid.net/test/a/isv_op_oidc_core_test/callback
client_assertion
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzAyMTM3ZDEtMzBkOS00YzdjLThiNmEtMTcyMzk5NDMyN2RlIiwiZXhwIjoxNjY5NjEyNjAxLCJpYXQiOjE2Njk2MTI1NDEsImp0aSI6IlduZjhTdnZzTzJQRU43MkthUUdQIn0.YatnOhQ_q8F1hjaBTu5G63VdvfEsdUXbV1yQtqSQjjjNzitYj8JRvFFITphBhgCz148JI2p8efVcu6QJG5NMHs3V_zAEjkIauU_wrkqRsybDyTqwOhB9MoSQrHexPPcQSqBnakYhAo0Ywpyrqgk3zAJWul_KQkgTi_dVsV9JRS5ScQ0nVxtCf-lhrRGnKZH0Vzgpi8KiLlY-I_esab5IIlm74Xu0zVsMvQiqQqSrfejQnF9doA3F5DiceSKQUHTg6HA46lqZb8B2Icd0GJBJX0nf-vJGIcNygWi6RpOe5hvIt4CxIYCyt76rT87m1kn6LW7aWgrQPNb0pggun0qF3w
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-11-28 05:15:41
CallTokenEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1051"
}
request_body
grant_type=authorization_code&code=CDWKKOuMc2sDLlehZCRNZSsEJy1C-24Mt25sB2Rp7ew.w4zed_Zd181pwP5ZMr9p-exzxRXYAYiT5XQzLaBbIsgrx6UVl-o5BA_Rpyo7uUl3RtxyV7Hecf-NEUFNMqH95w&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fisv_op_oidc_core_test%2Fcallback&client_assertion=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiLCJhdWQiOiJodHRwczpcL1wvb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tXC9vYXV0aDJcL3Rva2VuIiwiaXNzIjoiNzAyMTM3ZDEtMzBkOS00YzdjLThiNmEtMTcyMzk5NDMyN2RlIiwiZXhwIjoxNjY5NjEyNjAxLCJpYXQiOjE2Njk2MTI1NDEsImp0aSI6IlduZjhTdnZzTzJQRU43MkthUUdQIn0.YatnOhQ_q8F1hjaBTu5G63VdvfEsdUXbV1yQtqSQjjjNzitYj8JRvFFITphBhgCz148JI2p8efVcu6QJG5NMHs3V_zAEjkIauU_wrkqRsybDyTqwOhB9MoSQrHexPPcQSqBnakYhAo0Ywpyrqgk3zAJWul_KQkgTi_dVsV9JRS5ScQ0nVxtCf-lhrRGnKZH0Vzgpi8KiLlY-I_esab5IIlm74Xu0zVsMvQiqQqSrfejQnF9doA3F5DiceSKQUHTg6HA46lqZb8B2Icd0GJBJX0nf-vJGIcNygWi6RpOe5hvIt4CxIYCyt76rT87m1kn6LW7aWgrQPNb0pggun0qF3w&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-11-28 05:15:42 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/json;charset\u003dUTF-8",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK83c46fdf-ca8e-49a1-ae87-91893e6b1f9d",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638443fd219dd405",
  "content-length": "1281",
  "date": "Mon, 28 Nov 2022 05:15:41 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:rmyQtCxv4DmUIQi2/TWaDlouCQJoSzRXylL8ORhy1n8\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d3514D4D90A6E85CB807342D44C5F5D50~-1~YAAQBmrcFz2NB4mEAQAALZipvAhYUmuz2DyYOCXIFsaGv+fJjULJWUf7jOa/rLeIsYxRxRucwwjzPSraE60jVDxFJl9/PZGnyUYmstXB/g2UYL15oPoRCGRaNa48O7t2rZxzf1pe+XPt9K0+Jz5ysl0tU+cGChjCeeY5PtG2umowPQFJT26F8CJdKV8/56VOih/W+lt/NOFktAWvtCblmtDQo/YtzaeIMkDZN7bV3+guGsd8sZr+79rlv2uSVUt5DSzpwI/yFIW1X7L1qJ4fzqSh8Bhj46D/oQCOytZSVhU9NgvVFFgVIaD283WPFE6J20so4K2IrewMfGX1no1Vrsvc54dACqkfY65YmAWBDX6HkMhNrdGzovkwxkknfaY6yUwnVrI\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:41 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003dA29CC80AECC15083424602A90C6A8898~YAAQBmrcFz6NB4mEAQAALZipvBGp66df1UBN8e6WJjseiTdLzlVLRUb4zQc0X7JYstal/rENFl61p0o9LdHcsBo8k+o9sds5uR4qwd5wSwlf36/Ba3AyLPRZqYivygKv+CODXvWyUcipXpd0xYE4Z3JDTdMqkANRsYW5R3fi6wo20JgtsufewuvjTH8O6wRWX6fXaqQlah/Mbz/LSw5wzmRESL2g6ehx7SIHkV6oeRwS6teT1MElD64sgv5K/nRG58cjc1W1L77is3UvmZfEvZfdmyDVJhJ8g1Qk1CKmGLYcOj/N/YEnnatFVeR+~3421234~4470070; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:41 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d245",
    "origin; dur\u003d219"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
{"access_token":"Se72tSLdL-7CGBZW62Kyg3SSyIPmmqlBPfhc-KQTa7A.JyLxnT0EchbBGDETRqXSd00QoamRzLuLRvGLsl4QEfOc_TJRuUfgIg43sV6u-Nw4TR4MVI1Ji0O9ZBykk6XZMA.M18xNjY5NjEyNTQxXzE4","expires_in":7200,"id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiItUjMwX1gwWlZUaExkekZoZXp3ZHJnIiwiYXVkIjpbIjcwMjEzN2QxLTMwZDktNGM3Yy04YjZhLTE3MjM5OTQzMjdkZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTIyNzUsImV4cCI6MTY2OTYxOTc0MSwiaWF0IjoxNjY5NjEyNTQxLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzkxNjc4Yy1jMzhiLTRmMDctYmU0NS03MTc1NzkxMmQ1NWYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoid0ZpMG9vMmljZyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEyNTM2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJ0dWR4TXdfa09Tb0JlbnFIaTJFRFhBIiwic3ViIjoiNjE2MDAxN042NyJ9.EDFMZF5-tESKVxuJ2otPTn74MaWd3hHd2PKNJ-dPuo5qBIohpHWg34sFJKv6hRXm3YVpqj0j5RSEybWrvQlT-msaQtS2eY4J5BWhmxgfhVxlZ1bO5nHbSgQ6mcRPErb-bhUrWyUk5K9Imt49s48N5DvwWNlSKSc5Lrci5J7mNDhFVCjd6537_s-RVLLoE3keb9GdvlmX1rGO0791k844yuY28TmWKNADpPXYgQKfC7sf4ptAsGViYymCuJh40B10VW4n1NrGRWc5Sc9vcJ8WE7ewK5-QPFqXSg6oErwIHtaJczA76JdJjeoOPeSm-WMsAAVH2nQlVEVKGRe1HmWUrA","scope":"openid","token_type":"bearer"}
2022-11-28 05:15:42 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
Se72tSLdL-7CGBZW62Kyg3SSyIPmmqlBPfhc-KQTa7A.JyLxnT0EchbBGDETRqXSd00QoamRzLuLRvGLsl4QEfOc_TJRuUfgIg43sV6u-Nw4TR4MVI1Ji0O9ZBykk6XZMA.M18xNjY5NjEyNTQxXzE4
expires_in
7200
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiItUjMwX1gwWlZUaExkekZoZXp3ZHJnIiwiYXVkIjpbIjcwMjEzN2QxLTMwZDktNGM3Yy04YjZhLTE3MjM5OTQzMjdkZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTIyNzUsImV4cCI6MTY2OTYxOTc0MSwiaWF0IjoxNjY5NjEyNTQxLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzkxNjc4Yy1jMzhiLTRmMDctYmU0NS03MTc1NzkxMmQ1NWYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoid0ZpMG9vMmljZyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEyNTM2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJ0dWR4TXdfa09Tb0JlbnFIaTJFRFhBIiwic3ViIjoiNjE2MDAxN042NyJ9.EDFMZF5-tESKVxuJ2otPTn74MaWd3hHd2PKNJ-dPuo5qBIohpHWg34sFJKv6hRXm3YVpqj0j5RSEybWrvQlT-msaQtS2eY4J5BWhmxgfhVxlZ1bO5nHbSgQ6mcRPErb-bhUrWyUk5K9Imt49s48N5DvwWNlSKSc5Lrci5J7mNDhFVCjd6537_s-RVLLoE3keb9GdvlmX1rGO0791k844yuY28TmWKNADpPXYgQKfC7sf4ptAsGViYymCuJh40B10VW4n1NrGRWc5Sc9vcJ8WE7ewK5-QPFqXSg6oErwIHtaJczA76JdJjeoOPeSm-WMsAAVH2nQlVEVKGRe1HmWUrA
scope
openid
token_type
bearer
2022-11-28 05:15:42 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-11-28 05:15:42 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
Se72tSLdL-7CGBZW62Kyg3SSyIPmmqlBPfhc-KQTa7A.JyLxnT0EchbBGDETRqXSd00QoamRzLuLRvGLsl4QEfOc_TJRuUfgIg43sV6u-Nw4TR4MVI1Ji0O9ZBykk6XZMA.M18xNjY5NjEyNTQxXzE4
2022-11-28 05:15:42 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
Se72tSLdL-7CGBZW62Kyg3SSyIPmmqlBPfhc-KQTa7A.JyLxnT0EchbBGDETRqXSd00QoamRzLuLRvGLsl4QEfOc_TJRuUfgIg43sV6u-Nw4TR4MVI1Ji0O9ZBykk6XZMA.M18xNjY5NjEyNTQxXzE4
type
bearer
2022-11-28 05:15:42 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7200
2022-11-28 05:15:42 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7200
2022-11-28 05:15:42 INFO
CheckForRefreshTokenValue
Couldn't find refresh token
2022-11-28 05:15:42 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiItUjMwX1gwWlZUaExkekZoZXp3ZHJnIiwiYXVkIjpbIjcwMjEzN2QxLTMwZDktNGM3Yy04YjZhLTE3MjM5OTQzMjdkZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTIyNzUsImV4cCI6MTY2OTYxOTc0MSwiaWF0IjoxNjY5NjEyNTQxLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzkxNjc4Yy1jMzhiLTRmMDctYmU0NS03MTc1NzkxMmQ1NWYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoid0ZpMG9vMmljZyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEyNTM2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJ0dWR4TXdfa09Tb0JlbnFIaTJFRFhBIiwic3ViIjoiNjE2MDAxN042NyJ9.EDFMZF5-tESKVxuJ2otPTn74MaWd3hHd2PKNJ-dPuo5qBIohpHWg34sFJKv6hRXm3YVpqj0j5RSEybWrvQlT-msaQtS2eY4J5BWhmxgfhVxlZ1bO5nHbSgQ6mcRPErb-bhUrWyUk5K9Imt49s48N5DvwWNlSKSc5Lrci5J7mNDhFVCjd6537_s-RVLLoE3keb9GdvlmX1rGO0791k844yuY28TmWKNADpPXYgQKfC7sf4ptAsGViYymCuJh40B10VW4n1NrGRWc5Sc9vcJ8WE7ewK5-QPFqXSg6oErwIHtaJczA76JdJjeoOPeSm-WMsAAVH2nQlVEVKGRe1HmWUrA
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "at_hash": "-R30_X0ZVThLdzFhezwdrg",
  "sub": "6160017N67",
  "rat": 1669612536,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "preferred_username": "isvdev@ibm.com",
  "nonce": "wFi0oo2icg",
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "702137d1-30d9-4c7c-8b6a-1723994327de",
  "s_hash": "tudxMw_kOSoBenqHi2EDXA",
  "auth_time": 1669612275,
  "name": "ISV Dev",
  "exp": 1669619741,
  "iat": 1669612541,
  "jti": "8791678c-c38b-4f07-be45-71757912d55f"
}
2022-11-28 05:15:42 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-11-28 05:15:42
ValidateIdTokenStandardClaims
sub is a string with content
2022-11-28 05:15:42
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
2022-11-28 05:15:42
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:15:42
ValidateIdTokenStandardClaims
preferred_username is a string with content
2022-11-28 05:15:42
ValidateIdTokenStandardClaims
name is a string with content
2022-11-28 05:15:42 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-11-28 05:15:42 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
wFi0oo2icg
2022-11-28 05:15:42 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-11-28 05:15:42 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiItUjMwX1gwWlZUaExkekZoZXp3ZHJnIiwiYXVkIjpbIjcwMjEzN2QxLTMwZDktNGM3Yy04YjZhLTE3MjM5OTQzMjdkZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTIyNzUsImV4cCI6MTY2OTYxOTc0MSwiaWF0IjoxNjY5NjEyNTQxLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzkxNjc4Yy1jMzhiLTRmMDctYmU0NS03MTc1NzkxMmQ1NWYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoid0ZpMG9vMmljZyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEyNTM2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJ0dWR4TXdfa09Tb0JlbnFIaTJFRFhBIiwic3ViIjoiNjE2MDAxN042NyJ9.EDFMZF5-tESKVxuJ2otPTn74MaWd3hHd2PKNJ-dPuo5qBIohpHWg34sFJKv6hRXm3YVpqj0j5RSEybWrvQlT-msaQtS2eY4J5BWhmxgfhVxlZ1bO5nHbSgQ6mcRPErb-bhUrWyUk5K9Imt49s48N5DvwWNlSKSc5Lrci5J7mNDhFVCjd6537_s-RVLLoE3keb9GdvlmX1rGO0791k844yuY28TmWKNADpPXYgQKfC7sf4ptAsGViYymCuJh40B10VW4n1NrGRWc5Sc9vcJ8WE7ewK5-QPFqXSg6oErwIHtaJczA76JdJjeoOPeSm-WMsAAVH2nQlVEVKGRe1HmWUrA
2022-11-28 05:15:42 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF0X2hhc2giOiItUjMwX1gwWlZUaExkekZoZXp3ZHJnIiwiYXVkIjpbIjcwMjEzN2QxLTMwZDktNGM3Yy04YjZhLTE3MjM5OTQzMjdkZSJdLCJhdXRoX3RpbWUiOjE2Njk2MTIyNzUsImV4cCI6MTY2OTYxOTc0MSwiaWF0IjoxNjY5NjEyNTQxLCJpc3MiOiJodHRwczovL29pZGMtY29uZm9ybWFuY2UucmVsLnZlcmlmeS5pYm1jbG91ZHNlY3VyaXR5LmNvbS9vYXV0aDIiLCJqdGkiOiI4NzkxNjc4Yy1jMzhiLTRmMDctYmU0NS03MTc1NzkxMmQ1NWYiLCJuYW1lIjoiSVNWIERldiIsIm5vbmNlIjoid0ZpMG9vMmljZyIsInByZWZlcnJlZF91c2VybmFtZSI6ImlzdmRldkBpYm0uY29tIiwicmF0IjoxNjY5NjEyNTM2LCJyZWFsbU5hbWUiOiJjbG91ZElkZW50aXR5UmVhbG0iLCJzX2hhc2giOiJ0dWR4TXdfa09Tb0JlbnFIaTJFRFhBIiwic3ViIjoiNjE2MDAxN042NyJ9.EDFMZF5-tESKVxuJ2otPTn74MaWd3hHd2PKNJ-dPuo5qBIohpHWg34sFJKv6hRXm3YVpqj0j5RSEybWrvQlT-msaQtS2eY4J5BWhmxgfhVxlZ1bO5nHbSgQ6mcRPErb-bhUrWyUk5K9Imt49s48N5DvwWNlSKSc5Lrci5J7mNDhFVCjd6537_s-RVLLoE3keb9GdvlmX1rGO0791k844yuY28TmWKNADpPXYgQKfC7sf4ptAsGViYymCuJh40B10VW4n1NrGRWc5Sc9vcJ8WE7ewK5-QPFqXSg6oErwIHtaJczA76JdJjeoOPeSm-WMsAAVH2nQlVEVKGRe1HmWUrA
2022-11-28 05:15:42 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
6160017N67
2022-11-28 05:15:42
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-11-28 05:15:42 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-11-28 05:15:42 SUCCESS
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
sub_auth_endpoint
6160017N67
sub_token_endpoint
6160017N67
Userinfo endpoint tests
2022-11-28 05:15:42
CallProtectedResource
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer Se72tSLdL-7CGBZW62Kyg3SSyIPmmqlBPfhc-KQTa7A.JyLxnT0EchbBGDETRqXSd00QoamRzLuLRvGLsl4QEfOc_TJRuUfgIg43sV6u-Nw4TR4MVI1Ji0O9ZBykk6XZMA.M18xNjY5NjEyNTQxXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:15:42 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/jwt",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa5afe919-1f3e-4e21-8bdf-6ec52d3331b8",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638443fe3737abf1",
  "content-length": "898",
  "date": "Mon, 28 Nov 2022 05:15:42 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:AzuKP55puU77BGoT3pdv33HmlZtJRAoCVLcxMyPwo1Y\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d3FBB0936DE9EDDF0A084BFB195948076~-1~YAAQBmrcF0aNB4mEAQAAdZmpvAhY+EpVHaHofp0xcMEagjm7ktmO/bfksWCk/Ow5daXmQxT0Ss/ceS36ucyJtlHIRtTxSju6xXU50KiU1oTS+kTTbFm70km2N2j36Z7ENqznaW8452cLsgtGcl/swIBC4hqnyBMtpTKC8MRszOEFbEtGR/Y1NcwBS5djqr6qQ6y36+9jCicjUwdZGIbXuQYJng6S2tzfvUP2liOJ4XCyY8sDpwpWTgzWFTfHbtiJD1iRGJ9EDyKJtNdeav0jaupxIyZiK5fVeMYkU5Y1LqkH7o6STJ0uSEwsk/G25jB2xOAYWAFuUkc056knWnSyaM79z2/nBA6gkLpNG7VQIpd6zfpq/fQih66cgwSEfd2BZyl0QZA\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:42 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3C1605F5DA8F7249BADDF1E72FCB3958~YAAQBmrcF0eNB4mEAQAAdZmpvBGuYoIHmA+jcGjzlTULtozUANRrzDqjZx0Ulh2bf1M6A3ldAP+Tl4w059N7gsm4LBHhjkFbkZwsoa0hifXC4cgsnHMCgzxNXZJun3B5eb0Km0g2/FQMh5yVk704SRUgJ+uPFevcneFTAntkmJzYkBT4iCoEqtZpLMmkm31Twnt+nf3DsihewddteVbUfY5tuLu9N+C234ft0fOiir5taQ7kbqgSb4pTj254T5fHSwRA3Pms56IxxcePlm0UnXK7DIyQfb6ZW9mYHauuszI0MvVSHx02m2QfRkjL~3162937~3163700; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:42 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d79",
    "origin; dur\u003d126"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJpYXQiOjE2Njk2MTI1NDIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImU4ZGMzNjJjLTkwMDEtNGI0My1hZWVkLTQ1ZDhjMDIxYmViNyIsIm5hbWUiOiJJU1YgRGV2IiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInN1YiI6IjYxNjAwMTdONjcifQ.ptZMvXhLYgIoMFedwfsXduW_bHUIHKhbS4zVi3zPcZLR06S4SKzbymOwXoG7TNoioO1BOJqL9x3kVuTSQcrO5DGPWr2V1YvXF-jT8H4ISWR2mzxawYBWPEVHWcaILYqtbKn-EaJdD3AETEpB97t9QOoJm5wBKOkOkdBNNwtqlteJQiKIGKe5iyB8o8N0jc8VmhWaGIYyVzL_OjOLkCRl1l43OBebnV0s1OmSZFWfbOLNgbDZhrQ38NyJuazq8N2RK5ZnzOf8qLJI0FJ1P56PEjR1iFYZCn03wWkU9ETSVFzDKAZkjEokbh7EEsuJoU204WEoj9Bp1XTDd00-jKq8jw
2022-11-28 05:15:42 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/jwt",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKa5afe919-1f3e-4e21-8bdf-6ec52d3331b8",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638443fe3737abf1",
  "content-length": "898",
  "date": "Mon, 28 Nov 2022 05:15:42 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:AzuKP55puU77BGoT3pdv33HmlZtJRAoCVLcxMyPwo1Y\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:54725591; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d3FBB0936DE9EDDF0A084BFB195948076~-1~YAAQBmrcF0aNB4mEAQAAdZmpvAhY+EpVHaHofp0xcMEagjm7ktmO/bfksWCk/Ow5daXmQxT0Ss/ceS36ucyJtlHIRtTxSju6xXU50KiU1oTS+kTTbFm70km2N2j36Z7ENqznaW8452cLsgtGcl/swIBC4hqnyBMtpTKC8MRszOEFbEtGR/Y1NcwBS5djqr6qQ6y36+9jCicjUwdZGIbXuQYJng6S2tzfvUP2liOJ4XCyY8sDpwpWTgzWFTfHbtiJD1iRGJ9EDyKJtNdeav0jaupxIyZiK5fVeMYkU5Y1LqkH7o6STJ0uSEwsk/G25jB2xOAYWAFuUkc056knWnSyaM79z2/nBA6gkLpNG7VQIpd6zfpq/fQih66cgwSEfd2BZyl0QZA\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:42 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d3C1605F5DA8F7249BADDF1E72FCB3958~YAAQBmrcF0eNB4mEAQAAdZmpvBGuYoIHmA+jcGjzlTULtozUANRrzDqjZx0Ulh2bf1M6A3ldAP+Tl4w059N7gsm4LBHhjkFbkZwsoa0hifXC4cgsnHMCgzxNXZJun3B5eb0Km0g2/FQMh5yVk704SRUgJ+uPFevcneFTAntkmJzYkBT4iCoEqtZpLMmkm31Twnt+nf3DsihewddteVbUfY5tuLu9N+C234ft0fOiir5taQ7kbqgSb4pTj254T5fHSwRA3Pms56IxxcePlm0UnXK7DIyQfb6ZW9mYHauuszI0MvVSHx02m2QfRkjL~3162937~3163700; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:42 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d79",
    "origin; dur\u003d126"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
body
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJpYXQiOjE2Njk2MTI1NDIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImU4ZGMzNjJjLTkwMDEtNGI0My1hZWVkLTQ1ZDhjMDIxYmViNyIsIm5hbWUiOiJJU1YgRGV2IiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInN1YiI6IjYxNjAwMTdONjcifQ.ptZMvXhLYgIoMFedwfsXduW_bHUIHKhbS4zVi3zPcZLR06S4SKzbymOwXoG7TNoioO1BOJqL9x3kVuTSQcrO5DGPWr2V1YvXF-jT8H4ISWR2mzxawYBWPEVHWcaILYqtbKn-EaJdD3AETEpB97t9QOoJm5wBKOkOkdBNNwtqlteJQiKIGKe5iyB8o8N0jc8VmhWaGIYyVzL_OjOLkCRl1l43OBebnV0s1OmSZFWfbOLNgbDZhrQ38NyJuazq8N2RK5ZnzOf8qLJI0FJ1P56PEjR1iFYZCn03wWkU9ETSVFzDKAZkjEokbh7EEsuJoU204WEoj9Bp1XTDd00-jKq8jw
2022-11-28 05:15:42 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-28 05:15:42
CallUserInfoEndpoint
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "bearer Se72tSLdL-7CGBZW62Kyg3SSyIPmmqlBPfhc-KQTa7A.JyLxnT0EchbBGDETRqXSd00QoamRzLuLRvGLsl4QEfOc_TJRuUfgIg43sV6u-Nw4TR4MVI1Ji0O9ZBykk6XZMA.M18xNjY5NjEyNTQxXzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:15:42 RESPONSE
CallUserInfoEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/jwt",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKf8a5504c-a501-4b15-830a-2b7bc23b0ecd",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638443fe219dd6d5",
  "content-length": "898",
  "date": "Mon, 28 Nov 2022 05:15:42 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:rrMaixumrNV4iSRc/BVEF7DJCGvaiR5DuZsepJPpaYM\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d95F2B264F078ECE763C75234756E1182~-1~YAAQBmrcF1iNB4mEAQAA0ZqpvAh53gV7bw9yIXdL+ffZji/UD9MahfJKakRtWmfh3WN9nV58q3CP7DqgvxGT6Id37t9jikMF+ZaRiwOKhcxn078EqsJRdmprJuzX3gks2xxIPIgOMUZWNW0lmAykpdHmZgJLTH/Rv753qe9Mzz7SbOLilGKakhlKWPoLw6WwKzR/iYlO9uyaOQtuEGvNQIJ9MnR1rBBQN52xbby9/e2i0+3jU+zL6CNydUNLcTnaVYVNW7nnlAtcgmVhjGSy6oFt013f61+a7LRyHvL6qEGonbN3AWUGNpPNDXwR+4cZ2dPCh8Dun0P2ebIrcW/xV5/FBwaPAUR7Uo6RqOHnil4fFQ9HmSPxljI1h3uKksU+3VMXCrU\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:42 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d1F7D2141E325CA6B095D2C0DD4C9AEF1~YAAQBmrcF1mNB4mEAQAA0ZqpvBEX+PrHjQuL345Rrzps/z1x6ZhB5+1PfuJRyyZDl61g6wK7xkSvnYzzb+AKukRb1yUNDVMBz/5pgb7EPsAVS3mrGyFsRYwHonzYe71GJMB+wHebW5v8QrI1PHo8FfDh6cS81YxVHla5Vrwlf3RcP5jJ9tF7jC2mVMhA0u6o5ryZqt3u3sTyKHN/iUamS0f4kuhcvcigBjgjNmY56JYwEXMMnfOQ+g96Ug+YqszRd2FGDH0PHvNLEYLkR46dkbF7SAc60qR6xD1QZ3SBGaHQ3Wu6ZuzOMHHlmsu+~3162937~3163700; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:42 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d89",
    "origin; dur\u003d152"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJpYXQiOjE2Njk2MTI1NDIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwYTlhMThkLWE3OWQtNDI2Yi04ZDU3LWY3YTU2MjBiNDEyZiIsIm5hbWUiOiJJU1YgRGV2IiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInN1YiI6IjYxNjAwMTdONjcifQ.gih_xVYKfJHAou3RlM0gx2oEZViXK433fg_dkmCZQJ8Jpwx-hpctycNvw9Ttk9NNdSDPnc5vHFixsX2-P4wdo1O1AbO3A0iUYEKxpfxyel72ppeEtgg8IUGeHXXH1lAENXtmm76Aj7CQJQFWqcy0F0zokQHlHrLAlKiw_uAELII6QDRn6zsu_0Kr1wMzZBHef2ucKbWu-WNJgsLHXJHGxQ9DT-lKLIF2FDEj6CRebWQB1ZlVyVPmttukSaBP_g885WE2-hrC4yHOtmJQakS5JRtOW8fEq4RbNXYfpOGoCCZhbzRM10EW4lXIKf1YY8AUNyr7QN7YMCT57g4WA5G9VQ
2022-11-28 05:15:42 SUCCESS
CallUserInfoEndpoint
Got a response from the userinfo endpoint
headers
{
  "x-backside-transport": "OK OK",
  "content-type": "application/jwt",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "x-content-type-options": "nosniff",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "expires": "0",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AKf8a5504c-a501-4b15-830a-2b7bc23b0ecd",
  "content-security-policy": "frame-ancestors \u0027self\u0027",
  "x-ua-compatible": "IE\u003dedge",
  "x-global-transaction-id": "efc5c281638443fe219dd6d5",
  "content-length": "898",
  "date": "Mon, 28 Nov 2022 05:15:42 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:rrMaixumrNV4iSRc/BVEF7DJCGvaiR5DuZsepJPpaYM\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d95F2B264F078ECE763C75234756E1182~-1~YAAQBmrcF1iNB4mEAQAA0ZqpvAh53gV7bw9yIXdL+ffZji/UD9MahfJKakRtWmfh3WN9nV58q3CP7DqgvxGT6Id37t9jikMF+ZaRiwOKhcxn078EqsJRdmprJuzX3gks2xxIPIgOMUZWNW0lmAykpdHmZgJLTH/Rv753qe9Mzz7SbOLilGKakhlKWPoLw6WwKzR/iYlO9uyaOQtuEGvNQIJ9MnR1rBBQN52xbby9/e2i0+3jU+zL6CNydUNLcTnaVYVNW7nnlAtcgmVhjGSy6oFt013f61+a7LRyHvL6qEGonbN3AWUGNpPNDXwR+4cZ2dPCh8Dun0P2ebIrcW/xV5/FBwaPAUR7Uo6RqOHnil4fFQ9HmSPxljI1h3uKksU+3VMXCrU\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:42 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d1F7D2141E325CA6B095D2C0DD4C9AEF1~YAAQBmrcF1mNB4mEAQAA0ZqpvBEX+PrHjQuL345Rrzps/z1x6ZhB5+1PfuJRyyZDl61g6wK7xkSvnYzzb+AKukRb1yUNDVMBz/5pgb7EPsAVS3mrGyFsRYwHonzYe71GJMB+wHebW5v8QrI1PHo8FfDh6cS81YxVHla5Vrwlf3RcP5jJ9tF7jC2mVMhA0u6o5ryZqt3u3sTyKHN/iUamS0f4kuhcvcigBjgjNmY56JYwEXMMnfOQ+g96Ug+YqszRd2FGDH0PHvNLEYLkR46dkbF7SAc60qR6xD1QZ3SBGaHQ3Wu6ZuzOMHHlmsu+~3162937~3163700; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:42 GMT; Max-Age\u003d14400; Secure"
  ],
  "server-timing": [
    "cdn-cache; desc\u003dMISS",
    "edge; dur\u003d89",
    "origin; dur\u003d152"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
status_code
{
  "code": 200
}
body
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJpYXQiOjE2Njk2MTI1NDIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwYTlhMThkLWE3OWQtNDI2Yi04ZDU3LWY3YTU2MjBiNDEyZiIsIm5hbWUiOiJJU1YgRGV2IiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInN1YiI6IjYxNjAwMTdONjcifQ.gih_xVYKfJHAou3RlM0gx2oEZViXK433fg_dkmCZQJ8Jpwx-hpctycNvw9Ttk9NNdSDPnc5vHFixsX2-P4wdo1O1AbO3A0iUYEKxpfxyel72ppeEtgg8IUGeHXXH1lAENXtmm76Aj7CQJQFWqcy0F0zokQHlHrLAlKiw_uAELII6QDRn6zsu_0Kr1wMzZBHef2ucKbWu-WNJgsLHXJHGxQ9DT-lKLIF2FDEj6CRebWQB1ZlVyVPmttukSaBP_g885WE2-hrC4yHOtmJQakS5JRtOW8fEq4RbNXYfpOGoCCZhbzRM10EW4lXIKf1YY8AUNyr7QN7YMCT57g4WA5G9VQ
2022-11-28 05:15:42 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-11-28 05:15:42 SUCCESS
EnsureContentTypeApplicationJwt
endpoint_response Content-Type: header is application/jwt
2022-11-28 05:15:42 SUCCESS
ValidateUserInfoResponseSignature
userinfo_endpoint_response_full signature validated
userinfo_endpoint_response_full
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJpYXQiOjE2Njk2MTI1NDIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwYTlhMThkLWE3OWQtNDI2Yi04ZDU3LWY3YTU2MjBiNDEyZiIsIm5hbWUiOiJJU1YgRGV2IiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInN1YiI6IjYxNjAwMTdONjcifQ.gih_xVYKfJHAou3RlM0gx2oEZViXK433fg_dkmCZQJ8Jpwx-hpctycNvw9Ttk9NNdSDPnc5vHFixsX2-P4wdo1O1AbO3A0iUYEKxpfxyel72ppeEtgg8IUGeHXXH1lAENXtmm76Aj7CQJQFWqcy0F0zokQHlHrLAlKiw_uAELII6QDRn6zsu_0Kr1wMzZBHef2ucKbWu-WNJgsLHXJHGxQ9DT-lKLIF2FDEj6CRebWQB1ZlVyVPmttukSaBP_g885WE2-hrC4yHOtmJQakS5JRtOW8fEq4RbNXYfpOGoCCZhbzRM10EW4lXIKf1YY8AUNyr7QN7YMCT57g4WA5G9VQ
2022-11-28 05:15:42 SUCCESS
ExtractSignedUserInfoFromUserInfoEndpointResponse
Found and parsed the userinfo from userinfo_endpoint_response_full
value
eyJhbGciOiJSUzI1NiIsImtpZCI6InNlcnZlciJ9.eyJhY3IiOiJ1cm46aWJtOnNlY3VyaXR5OnBvbGljeTppZDoxIiwiYW1yIjpbInBhc3N3b3JkIl0sImF1ZCI6WyI3MDIxMzdkMS0zMGQ5LTRjN2MtOGI2YS0xNzIzOTk0MzI3ZGUiXSwiYXV0aF90aW1lIjoxNjY5NjEyMjc1LCJpYXQiOjE2Njk2MTI1NDIsImlzcyI6Imh0dHBzOi8vb2lkYy1jb25mb3JtYW5jZS5yZWwudmVyaWZ5LmlibWNsb3Vkc2VjdXJpdHkuY29tL29hdXRoMiIsImp0aSI6ImMwYTlhMThkLWE3OWQtNDI2Yi04ZDU3LWY3YTU2MjBiNDEyZiIsIm5hbWUiOiJJU1YgRGV2IiwicHJlZmVycmVkX3VzZXJuYW1lIjoiaXN2ZGV2QGlibS5jb20iLCJyYXQiOjE2Njk2MTI1MzYsInJlYWxtTmFtZSI6ImNsb3VkSWRlbnRpdHlSZWFsbSIsInN1YiI6IjYxNjAwMTdONjcifQ.gih_xVYKfJHAou3RlM0gx2oEZViXK433fg_dkmCZQJ8Jpwx-hpctycNvw9Ttk9NNdSDPnc5vHFixsX2-P4wdo1O1AbO3A0iUYEKxpfxyel72ppeEtgg8IUGeHXXH1lAENXtmm76Aj7CQJQFWqcy0F0zokQHlHrLAlKiw_uAELII6QDRn6zsu_0Kr1wMzZBHef2ucKbWu-WNJgsLHXJHGxQ9DT-lKLIF2FDEj6CRebWQB1ZlVyVPmttukSaBP_g885WE2-hrC4yHOtmJQakS5JRtOW8fEq4RbNXYfpOGoCCZhbzRM10EW4lXIKf1YY8AUNyr7QN7YMCT57g4WA5G9VQ
header
{
  "kid": "server",
  "alg": "RS256"
}
claims
{
  "acr": "urn:ibm:security:policy:id:1",
  "aud": "702137d1-30d9-4c7c-8b6a-1723994327de",
  "sub": "6160017N67",
  "rat": 1669612536,
  "realmName": "cloudIdentityRealm",
  "amr": [
    "password"
  ],
  "auth_time": 1669612275,
  "iss": "https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2",
  "name": "ISV Dev",
  "preferred_username": "isvdev@ibm.com",
  "iat": 1669612542,
  "jti": "c0a9a18d-a79d-426b-8d57-f7a5620b412f"
}
2022-11-28 05:15:42 SUCCESS
ValidateUserInfoSigningAlgIsRS256
userinfo response is signed with RS256
alg
RS256
2022-11-28 05:15:42 SUCCESS
ValidateSignedUserInfoResponseStandardJWTClaims
Signed userinfo response iss and aud claims passed validation checks. If present, exp, iat and nbf are also valid.
2022-11-28 05:15:42 SUCCESS
EnsureUserInfoDoesNotContainNonce
userinfo response does not contain 'nonce' and hence cannot be confused with an id_token.
nonce
2022-11-28 05:15:42
ValidateUserInfoStandardClaims
Skipping unknown claim: acr
2022-11-28 05:15:42
ValidateUserInfoStandardClaims
sub is a string with content
2022-11-28 05:15:42
ValidateUserInfoStandardClaims
Skipping unknown claim: rat
2022-11-28 05:15:42
ValidateUserInfoStandardClaims
Skipping unknown claim: realmName
2022-11-28 05:15:42
ValidateUserInfoStandardClaims
Skipping unknown claim: amr
2022-11-28 05:15:42
ValidateUserInfoStandardClaims
Skipping unknown claim: auth_time
2022-11-28 05:15:42
ValidateUserInfoStandardClaims
name is a string with content
2022-11-28 05:15:42
ValidateUserInfoStandardClaims
preferred_username is a string with content
2022-11-28 05:15:42 SUCCESS
ValidateUserInfoStandardClaims
Userinfo is valid
2022-11-28 05:15:42 SUCCESS
EnsureUserInfoContainsSub
Found sub in userinfo
sub
6160017N67
2022-11-28 05:15:42
EnsureUserInfoUpdatedAtValid
userinfo response does not contain 'updated_at'
2022-11-28 05:15:42
EnsureMemberValuesInClaimNameReferenceToMemberNamesInClaimSources
userinfo response does not contain '_claim_names' nor _claim_sources'
2022-11-28 05:15:42 SUCCESS
VerifyUserInfoAndIdTokenInAuthorizationEndpointSameSub
userinfo response and id_token sub are the same
sub_user_info
6160017N67
sub_id_token
6160017N67
2022-11-28 05:15:42 SUCCESS
VerifyUserInfoAndIdTokenInTokenEndpointSameSub
userinfo response and id_token sub are the same
sub_user_info
6160017N67
sub_id_token
6160017N67
2022-11-28 05:15:42 FINISHED
oidcc-userinfo-rs256
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-11-28 05:15:42
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://oidc-conformance.rel.verify.ibmcloudsecurity.com/oauth2/register/702137d1-30d9-4c7c-8b6a-1723994327de
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer 11Kse7jjguX2Y5s0zUiqvhkd614qDx3vNSOXyTPNVwY.igwbSCjCU-lUbHKuUcYpVCEbAXyv8bFfVfKf-R8RYeIaxfSdrAhmwqVYymMNp39h0K9rTPhtrnyOPDMSRbFhsQ.M18xNjY5NjEyNTM0XzE4",
  "content-length": "0"
}
request_body

                                
2022-11-28 05:15:44 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "x-backside-transport": "OK OK",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-content-type-options": "nosniff",
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-correlation-id": "CORR_ID-AK37797f3b-1246-486e-9342-8d34f7face58",
  "pragma": "no-cache",
  "x-global-transaction-id": "efc5c281638443fe119eb359",
  "date": "Mon, 28 Nov 2022 05:15:44 GMT",
  "connection": "keep-alive",
  "set-cookie": [
    "CIPD-S-SESSION-ID\u003d0:1:rediscol:bVf62OQrm+Z+h4/dxtzUjOCoQUK4A1ypY7m5NlmixKU\u003d; Path\u003d/; SameSite\u003dNone; Secure; HttpOnly",
    "CISESSIONIDREL02A\u003dPBC5YS:61017047; Path\u003d/; Domain\u003drel.verify.ibmcloudsecurity.com; Secure; HttpOnly",
    "_abck\u003d8AEC713B23E545A90F408FC247663CB5~-1~YAAQBmrcF6aNB4mEAQAAwaCpvAhOAfQGiMXguDPdMrUJDLoRTQz9bMPypic3tzCgR9JC4YOCpg7+JakavGrlKuReq52qgusEmo3G9juxlkxEGiJFRIZJX6kttLBQOakzx3XOppQaqhISw3nRckdIkZ86Hd4RU3i6MlPRV6Gz/hGmxhP8YyJW2IWA1CjYGw/+YQTe6PcjDTJqs1vlVQxOpapiCWMcWB1TjNcXGoiv1ETYXwabb3xdWOZC4JsSQBHI0sfYi+M4TH4pAcd2AnJzkqy33NiGXBgCY2U58JH7w7qrZS12adNtF9LUogxpJTLP6d7n50NfeRRpvzC+hcokXx9cqdv5n54ljzjnjMYGyzTfcGq1xtiQqGOlf8P3Wlj5U//2QbY\u003d~-1~-1~-1; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dTue, 28 Nov 2023 05:15:44 GMT; Max-Age\u003d31536000; Secure",
    "bm_sz\u003d55BEAD8314B97B244D6946E8875DBA4A~YAAQBmrcF6eNB4mEAQAAwaCpvBEgkAq540PJaKuVuSKp8xE5jnpg8yxyd+bzVIWdZU9QJVIOfXvUBoAk0Qe5SpP/gyiWcMDjiWau3lCyPyaifAYyLev9aFAD495AgEBDF/gvGHgvKvSgC3vb5UiWWZ462Qb4BA4PgXryK1PdNoDbLL6TAHfH+wWUlCjKhgmL5HmAu9vNGFJ653to70fUh+QAVPs+r7ThacoeIp6DCo5kt404ou4ewKOUTsQTlbPX5kXS0+eED7G6slAs6lgzmsb9V2Wc6cjFKXCDLRoUmsaifVXGnmXx0ECDYcMR~3162937~3163700; Domain\u003d.ibmcloudsecurity.com; Path\u003d/; Expires\u003dMon, 28 Nov 2022 09:15:42 GMT; Max-Age\u003d14398; Secure"
  ],
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains"
}
response_body

                                
2022-11-28 05:15:44 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
2022-11-28 05:15:45
TEST-RUNNER
Alias has now been claimed by another test
alias
isv_op_oidc_core_test
new_test_id
FS8TQefPbPXjYrt
Test Results