Test Name | oidcc-scope-email |
---|---|
Variant | client_auth_type=client_secret_basic, server_metadata=discovery, response_type=code id_token token, response_mode=default, client_registration=static_client |
Test ID | NII78bDKcrMNkV8 https://www.certification.openid.net/log-detail.html?public=true&log=NII78bDKcrMNkV8 |
Created | 2022-11-23T06:04:39.984827Z |
Description | isv_op_oidc_core_test_static_client |
Test Version | 5.0.7 |
Test Owner | 112951013672174914777 https://accounts.google.com |
Plan ID | tFf7jwdaGAzXZ https://www.certification.openid.net/plan-detail.html?public=true&plan=tFf7jwdaGAzXZ |
Exported From | https://www.certification.openid.net |
Exported By | 112951013672174914777 https://accounts.google.com |
Suite Version | 5.0.7 |
Exported | 2022-11-29 17:37:25 (UTC) |
Status: FINISHED Result: WARNING |
SUCCESS 69 FAILURE 0 WARNING 4 REVIEW 0 INFO 6 |
2022-11-23 06:04:39 |
INFO
|
TEST-RUNNER
Test instance NII78bDKcrMNkV8 created
|
||||||||||||||
|
2022-11-23 06:04:39 |
SUCCESS
|
CreateRedirectUri
Created redirect URI
|
||
|
2022-11-23 06:04:39 |
|
GetDynamicServerConfiguration
HTTP request
|
||||||||
|
2022-11-23 06:04:40 |
RESPONSE
|
GetDynamicServerConfiguration
HTTP response
|
||||||||
|
2022-11-23 06:04:40 |
SUCCESS
|
GetDynamicServerConfiguration
Successfully parsed server configuration
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
2022-11-23 06:04:40 |
SUCCESS
|
CheckServerConfiguration
Found required server configuration keys
|
||
|
2022-11-23 06:04:40 |
SUCCESS
|
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
|
||||||||
|
2022-11-23 06:04:40 |
|
FetchServerKeys
Fetching server key
|
||
|
2022-11-23 06:04:40 |
|
FetchServerKeys
HTTP request
|
||||||||
|
2022-11-23 06:04:40 |
RESPONSE
|
FetchServerKeys
HTTP response
|
||||||||
|
2022-11-23 06:04:40 |
|
FetchServerKeys
Found JWK set string
|
||
|
2022-11-23 06:04:40 |
SUCCESS
|
FetchServerKeys
Found server JWK set
|
||
|
2022-11-23 06:04:40 |
SUCCESS
|
CheckServerKeysIsValid
Server JWKs is valid
|
||
|
2022-11-23 06:04:40 | SUCCESS |
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
|
|
2022-11-23 06:04:40 | SUCCESS |
CheckForKeyIdInServerJWKs
All keys contain kids
|
|
2022-11-23 06:04:40 | SUCCESS |
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
|
||
|
2022-11-23 06:04:40 | SUCCESS |
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
|
|
2022-11-23 06:04:40 |
SUCCESS
|
GetStaticClientConfiguration
Found a static client object
|
||||
|
2022-11-23 06:04:40 | INFO |
ValidateClientJWKsPrivatePart
Skipped evaluation due to missing required element: client jwks
|
||||||
|
2022-11-23 06:04:40 |
INFO
|
ExtractJWKsFromStaticClientConfiguration
Skipped evaluation due to missing required element: client jwks
|
||||||
|
2022-11-23 06:04:40 | INFO |
CheckDistinctKeyIdValueInClientJWKs
Skipped evaluation due to missing required element: client jwks
|
||||||
|
2022-11-23 06:04:40 |
|
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
|
||
|
2022-11-23 06:04:40 |
SUCCESS
|
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
|
||||||
|
2022-11-23 06:04:40 |
|
SetScopeInClientConfigurationToOpenIdEmail
Set scope in client configuration to "openid email"
|
||
|
2022-11-23 06:04:40 |
SUCCESS
|
OIDCCCheckScopesSupportedContainScopeTest
'scopes_supported' in discovery document contain expected scopes
|
||||
|
2022-11-23 06:04:40 |
SUCCESS
|
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
|
||
|
2022-11-23 06:04:40 |
|
oidcc-scope-email
Setup Done
|
|
Make request to authorization endpoint |
2022-11-23 06:04:40 |
SUCCESS
|
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
|
||||||
|
2022-11-23 06:04:40 |
|
CreateRandomStateValue
Created state value
|
||||
|
2022-11-23 06:04:40 |
SUCCESS
|
AddStateToAuthorizationEndpointRequest
Added state parameter to request
|
||||||||
|
2022-11-23 06:04:40 |
|
CreateRandomNonceValue
Created nonce value
|
||||
|
2022-11-23 06:04:40 |
SUCCESS
|
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
|
||||||||||
|
2022-11-23 06:04:40 |
SUCCESS
|
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
|
||||||||||||
|
2022-11-23 06:04:40 |
SUCCESS
|
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
|
||||
|
2022-11-23 06:04:40 |
REDIRECT
|
oidcc-scope-email
Redirecting to authorization endpoint
|
||
|
2022-11-23 06:04:45 |
INCOMING
|
oidcc-scope-email
Incoming HTTP request to /test/a/isv_op_oidc_core_test/callback
|
||||||||||||||||||||||
|
2022-11-23 06:04:45 |
SUCCESS
|
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
|
||
|
2022-11-23 06:04:45 |
OUTGOING
|
oidcc-scope-email
Response to HTTP request to test instance NII78bDKcrMNkV8
|
||||
|
2022-11-23 06:04:46 |
INCOMING
|
oidcc-scope-email
Incoming HTTP request to /test/a/isv_op_oidc_core_test/implicit/4I0kJra4PrvJSN6u5xfI
|
||||||||||||||||||||||
|
2022-11-23 06:04:46 |
OUTGOING
|
oidcc-scope-email
Response to HTTP request to test instance NII78bDKcrMNkV8
|
||||||||
|
2022-11-23 06:04:46 |
|
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
|
||
|
2022-11-23 06:04:46 |
SUCCESS
|
ExtractImplicitHashToCallbackResponse
Extracted the hash values
|
||||||||||||||||
|
2022-11-23 06:04:46 |
REDIRECT-IN
|
oidcc-scope-email
Authorization endpoint response captured
|
||||||||||
|
Verify authorization endpoint response |
2022-11-23 06:04:46 | SUCCESS |
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
|
|
2022-11-23 06:04:46 | SUCCESS |
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
|
|
2022-11-23 06:04:46 |
SUCCESS
|
CheckMatchingCallbackParameters
Callback parameters successfully verified
|
|
2022-11-23 06:04:46 | SUCCESS |
ValidateIssInAuthorizationResponse
'iss' parameter in authorization response matches server's issuer value.
|
|
2022-11-23 06:04:46 |
SUCCESS
|
CheckIfAuthorizationEndpointError
No error from authorization endpoint
|
|
2022-11-23 06:04:46 |
SUCCESS
|
CheckStateInAuthorizationResponse
State in response correctly returned
|
||
|
2022-11-23 06:04:46 |
SUCCESS
|
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
|
||
|
2022-11-23 06:04:46 |
SUCCESS
|
ExtractAccessTokenFromAuthorizationResponse
Extracted the access token
|
||||
|
2022-11-23 06:04:46 |
SUCCESS
|
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
|
||||||
|
2022-11-23 06:04:46 | SUCCESS |
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
sub is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
zoneinfo is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
gender is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
preferred_username is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
locale is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
updated_at is a number
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
nickname is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
website is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: address.address
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: address.phone_number
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
address is a valid object or contains invalid claims
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
email_verified is a boolean
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
profile is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
phone_number_verified is a boolean
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
middle_name is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
picture is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
name is a string with content
|
|
2022-11-23 06:04:46 |
|
ValidateIdTokenStandardClaims
phone_number is a string with content
|
|
2022-11-23 06:04:46 | SUCCESS |
ValidateIdTokenStandardClaims
id_token claims are valid
|
|
2022-11-23 06:04:46 | SUCCESS |
ValidateIdTokenNonce
Nonce values match
|
||
|
2022-11-23 06:04:46 | SUCCESS |
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
|
|
2022-11-23 06:04:46 |
SUCCESS
|
ValidateIdTokenSignature
id_token signature validated
|
||
|
2022-11-23 06:04:46 |
SUCCESS
|
ValidateIdTokenSignatureUsingKid
id_token signature validated
|
||
|
2022-11-23 06:04:46 | SUCCESS |
CheckForSubjectInIdToken
Found 'sub' in id_token
|
||
|
2022-11-23 06:04:46 |
|
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
|
|
2022-11-23 06:04:46 | INFO |
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
|
||||||
|
2022-11-23 06:04:46 | WARNING |
EnsureIdTokenDoesNotContainName
Unexpectedly found name in id_token. The conformance suite did not request the 'name' claim is returned in the id_token and hence did not expect the server to include it. Technically this does not violate the specifications but it is likely a bug in the server and may result in user data being exposed in unintended ways.
|
||
|
2022-11-23 06:04:46 | SUCCESS |
EnsureIdTokenDoesNotContainEmailForScopeEmail
email claim not found in id_token, which is expected as it was not requested to be returned there
|
|
Userinfo endpoint tests |
2022-11-23 06:04:46 |
|
CallProtectedResource
HTTP request
|
||||||||
|
2022-11-23 06:04:46 |
RESPONSE
|
CallProtectedResource
HTTP response
|
||||||||
|
2022-11-23 06:04:46 |
SUCCESS
|
CallProtectedResource
Got a response from the resource endpoint
|
||||||||
|
2022-11-23 06:04:46 |
SUCCESS
|
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
|
||||
|
2022-11-23 06:04:46 |
SUCCESS
|
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
|
||||||
|
2022-11-23 06:04:46 |
SUCCESS
|
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
|
||
|
2022-11-23 06:04:46 |
|
CallTokenEndpoint
HTTP request
|
||||||||
|
2022-11-23 06:04:47 |
RESPONSE
|
CallTokenEndpoint
HTTP response
|
||||||||
|
2022-11-23 06:04:47 |
SUCCESS
|
CallTokenEndpoint
Parsed token endpoint response
|
||||||||||||
|
2022-11-23 06:04:47 |
SUCCESS
|
CheckIfTokenEndpointResponseError
No error from token endpoint
|
|
2022-11-23 06:04:47 |
SUCCESS
|
CheckForAccessTokenValue
Found an access token
|
||
|
2022-11-23 06:04:47 |
SUCCESS
|
ExtractAccessTokenFromTokenResponse
Extracted the access token
|
||||
|
2022-11-23 06:04:47 | SUCCESS |
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
|
||
|
2022-11-23 06:04:47 | SUCCESS |
ValidateExpiresIn
expires_in passed all validation checks
|
||
|
2022-11-23 06:04:47 |
SUCCESS
|
CheckForRefreshTokenValue
Found a refresh token
|
||
|
2022-11-23 06:04:47 | SUCCESS |
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
|
||||||
|
2022-11-23 06:04:47 | SUCCESS |
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
sub is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
zoneinfo is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
gender is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: realmName
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
preferred_username is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
locale is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: rt_hash
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
updated_at is a number
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
nickname is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
website is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: address.address
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: address.phone_number
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
address is a valid object or contains invalid claims
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
email_verified is a boolean
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
Skipping unknown claim: rat
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
profile is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
phone_number_verified is a boolean
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
middle_name is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
picture is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
name is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateIdTokenStandardClaims
phone_number is a string with content
|
|
2022-11-23 06:04:47 | SUCCESS |
ValidateIdTokenStandardClaims
id_token claims are valid
|
|
2022-11-23 06:04:47 | SUCCESS |
ValidateIdTokenNonce
Nonce values match
|
||
|
2022-11-23 06:04:47 | SUCCESS |
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
|
|
2022-11-23 06:04:47 |
SUCCESS
|
ValidateIdTokenSignature
id_token signature validated
|
||
|
2022-11-23 06:04:47 |
SUCCESS
|
ValidateIdTokenSignatureUsingKid
id_token signature validated
|
||
|
2022-11-23 06:04:47 | SUCCESS |
CheckForSubjectInIdToken
Found 'sub' in id_token
|
||
|
2022-11-23 06:04:47 |
|
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
|
|
2022-11-23 06:04:47 | INFO |
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
|
||||||
|
2022-11-23 06:04:47 | WARNING |
EnsureIdTokenDoesNotContainName
Unexpectedly found name in id_token. The conformance suite did not request the 'name' claim is returned in the id_token and hence did not expect the server to include it. Technically this does not violate the specifications but it is likely a bug in the server and may result in user data being exposed in unintended ways.
|
||
|
2022-11-23 06:04:47 | SUCCESS |
EnsureIdTokenDoesNotContainEmailForScopeEmail
email claim not found in id_token, which is expected as it was not requested to be returned there
|
|
2022-11-23 06:04:47 | SUCCESS |
VerifyIdTokenSubConsistentHybridFlow
authorization endpoint and token endpoint id_token have same sub
|
||||
|
Userinfo endpoint tests |
2022-11-23 06:04:47 |
|
CallProtectedResource
HTTP request
|
||||||||
|
2022-11-23 06:04:47 |
RESPONSE
|
CallProtectedResource
HTTP response
|
||||||||
|
2022-11-23 06:04:47 |
SUCCESS
|
CallProtectedResource
Got a response from the resource endpoint
|
||||||||
|
2022-11-23 06:04:47 |
SUCCESS
|
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
|
||||
|
2022-11-23 06:04:47 |
|
CallUserInfoEndpoint
HTTP request
|
||||||||
|
2022-11-23 06:04:47 |
RESPONSE
|
CallUserInfoEndpoint
HTTP response
|
||||||||
|
2022-11-23 06:04:47 | SUCCESS |
CallUserInfoEndpoint
Got a response from the userinfo endpoint
|
||||||
|
2022-11-23 06:04:47 |
SUCCESS
|
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
|
||||
|
2022-11-23 06:04:47 |
SUCCESS
|
ExtractUserInfoFromUserInfoEndpointResponse
Extracted user info
|
||
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: acr
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: address.address
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: address.phone_number
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
address is a valid object or contains invalid claims
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: amr
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: aud
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: auth_time
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
birthdate is a valid birthdate in the format stated in OpenID Connect Standard - YYYY-MM-DD, 0000-MM-DD or YYYY
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
email_verified is a boolean
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
gender is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: iss
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
locale is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
middle_name is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
name is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
nickname is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
phone_number is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
phone_number_verified is a boolean
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
picture is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
preferred_username is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
profile is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: rat
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
Skipping unknown claim: realmName
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
sub is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
updated_at is a number
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
website is a string with content
|
|
2022-11-23 06:04:47 |
|
ValidateUserInfoStandardClaims
zoneinfo is a string with content
|
|
2022-11-23 06:04:47 | SUCCESS |
ValidateUserInfoStandardClaims
Userinfo is valid
|
|
2022-11-23 06:04:47 | SUCCESS |
EnsureUserInfoContainsSub
Found sub in userinfo
|
||
|
2022-11-23 06:04:47 | SUCCESS |
EnsureUserInfoUpdatedAtValid
'updated_at' in userinfo response seems to be a valid time
|
||||
|
2022-11-23 06:04:47 |
|
EnsureMemberValuesInClaimNameReferenceToMemberNamesInClaimSources
userinfo response does not contain '_claim_names' nor _claim_sources'
|
|
2022-11-23 06:04:47 | SUCCESS |
VerifyUserInfoAndIdTokenInAuthorizationEndpointSameSub
userinfo response and id_token sub are the same
|
||||
|
2022-11-23 06:04:47 | SUCCESS |
VerifyUserInfoAndIdTokenInTokenEndpointSameSub
userinfo response and id_token sub are the same
|
||||
|
2022-11-23 06:04:47 | WARNING |
VerifyScopesReturnedInUserInfoClaims
'claims' in userinfo doesn't contain all scope items of scope in authorization request(corresponds to scope standard claims)
|
||||||
|
2022-11-23 06:04:47 | WARNING |
EnsureUserInfoDoesNotContainName
Unexpectedly found name in userinfo response. The conformance suite did not request the 'name' claim is returned and hence did not expect the server to include it. Technically this does not violate the specifications but it is likely a bug in the server and may result in user data being exposed in unintended ways.
|
||
|
2022-11-23 06:04:47 |
FINISHED
|
oidcc-scope-email
Test has run to completion
|
||
|
Unregister dynamically registered client |
2022-11-23 06:04:47 |
|
UnregisterDynamicallyRegisteredClient
Couldn't find registration_access_token.
|
|
2022-11-23 06:04:51 |
|
TEST-RUNNER
Alias has now been claimed by another test
|
||||
|