Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-12-27 23:26:47 INFO
TEST-RUNNER
Test instance VZveYQmcQcL3H7u created
baseUrl
https://www.certification.openid.net/test/VZveYQmcQcL3H7u
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "server_metadata": "discovery",
  "response_mode": "default",
  "client_registration": "dynamic_client"
}
alias

                                
description
Janssen
planId
dIrxhprhaRam6
config
{
  "server": {
    "discoveryUrl": "https://milton-ch-precious-gopher.gluu.info/.well-known/openid-configuration",
    "login_hint": "test_user"
  },
  "client": {
    "client_name": "Test Client 1"
  },
  "client2": {
    "client_name": "Test Client 2"
  },
  "consent": {},
  "description": "Janssen",
  "publish": "summary"
}
testName
oidcc-refresh-token
2022-12-27 23:26:47 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
2022-12-27 23:26:47
GetDynamicServerConfiguration
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-12-27 23:26:47 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Tue, 27 Dec 2022 23:26:47 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json",
  "content-length": "7033",
  "set-cookie": "X-Correlation-Id\u003d90c2ef20-3a6d-45f7-885c-bbe0927c6ace; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{
  "request_parameter_supported" : true,
  "pushed_authorization_request_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/par",
  "introspection_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/introspection",
  "claims_parameter_supported" : true,
  "issuer" : "https://milton-ch-precious-gopher.gluu.info",
  "userinfo_encryption_enc_values_supported" : [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ],
  "id_token_encryption_enc_values_supported" : [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ],
  "access_token_signing_alg_values_supported" : [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "authorization_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/authorize",
  "service_documentation" : "http://jans.org/docs",
  "authorization_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
  "claims_supported" : [ "street_address", "country", "zoneinfo", "birthdate", "role", "gender", "user_name", "formatted", "work_phone", "phone_mobile_number", "preferred_username", "inum", "jansIdTknSignedRespAlg", "jansRedirectURI", "locale", "updated_at", "post_office_box", "nickname", "member_of", "org_name", "preferred_language", "email", "website", "email_verified", "jansAppType", "profile", "locality", "room_number", "phone_number_verified", "jansScope", "given_name", "middle_name", "picture", "name", "phone_number", "postal_code", "region", "family_name", "jansAdminUIRole" ],
  "ssa_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/ssa",
  "token_endpoint_auth_methods_supported" : [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt", "tls_client_auth", "self_signed_tls_client_auth", "none" ],
  "tls_client_certificate_bound_access_tokens" : true,
  "response_modes_supported" : [ "query", "query.jwt", "fragment.jwt", "jwt", "form_post.jwt", "fragment", "form_post" ],
  "backchannel_logout_session_supported" : true,
  "token_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/token",
  "backchannel_authentication_request_signing_alg_values_supported" : [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "response_types_supported" : [ "id_token", "id_token token", "id_token code", "id_token token code", "token", "token code", "code" ],
  "authorization_encryption_enc_values_supported" : [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ],
  "backchannel_token_delivery_modes_supported" : [ "poll", "ping", "push" ],
  "dpop_signing_alg_values_supported" : [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "ES512", "PS256", "PS384", "PS512" ],
  "request_uri_parameter_supported" : true,
  "backchannel_user_code_parameter_supported" : true,
  "grant_types_supported" : [ "implicit", "authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:device_code", "urn:openid:params:grant-type:ciba", "password", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "urn:ietf:params:oauth:grant-type:token-exchange" ],
  "ui_locales_supported" : [ "en", "bg", "de", "es", "fr", "it", "ru", "tr" ],
  "userinfo_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/userinfo",
  "op_tos_uri" : "https://milton-ch-precious-gopher.gluu.info/tos",
  "require_request_uri_registration" : false,
  "id_token_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
  "frontchannel_logout_session_supported" : true,
  "authorization_signing_alg_values_supported" : [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "ES512", "PS256", "PS384", "PS512" ],
  "claims_locales_supported" : [ "en" ],
  "clientinfo_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/clientinfo",
  "request_object_signing_alg_values_supported" : [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "request_object_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
  "key_from_java" : "value_from_script_on_java",
  "session_revocation_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/revoke_session",
  "check_session_iframe" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/opiframe.htm",
  "scopes_supported" : [ "https://jans.io/scim/all-resources.search", "user_name", "clientinfo", "https://jans.io/scim/fido2.write", "work_phone", "https://jans.io/auth/ssa.developer", "https://jans.io/scim/fido.read", "https://jans.io/scim/users.write", "revoke_session", "https://jans.io/scim/fido.write", "mobile_phone", "offline_access", "org_name", "email", "https://jans.io/scim/fido2.read", "address", "test", "https://jans.io/auth/ssa.admin", "openid", "profile", "uma_protection", "http://photoz.example.com/dev/scopes/view", "permission", "http://photoz.example.com/dev/scopes/all", "https://jans.io/scim/groups.read", "https://jans.io/scim/bulk", "modify", "https://jans.io/scim/users.read", "device_sso", "phone", "https://jans.io/auth/ssa.portal", "https://jans.io/scim/groups.write" ],
  "backchannel_logout_supported" : true,
  "acr_values_supported" : [ "basic_lock", "basic_alias2", "basic_alias1", "agama", "basic" ],
  "request_object_encryption_enc_values_supported" : [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ],
  "device_authorization_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/device_authorization",
  "display_values_supported" : [ "page", "popup" ],
  "userinfo_signing_alg_values_supported" : [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "require_pushed_authorization_requests" : false,
  "claim_types_supported" : [ "normal" ],
  "userinfo_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
  "end_session_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/end_session",
  "revocation_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/revoke",
  "backchannel_authentication_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/bc-authorize",
  "token_endpoint_auth_signing_alg_values_supported" : [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "frontchannel_logout_supported" : true,
  "jwks_uri" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/jwks",
  "subject_types_supported" : [ "public", "pairwise" ],
  "id_token_signing_alg_values_supported" : [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "registration_endpoint" : "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register",
  "id_token_token_binding_cnf_values_supported" : [ "tbh" ]
}
2022-12-27 23:26:47 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
request_parameter_supported
true
pushed_authorization_request_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/par
introspection_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/introspection
claims_parameter_supported
true
issuer
https://milton-ch-precious-gopher.gluu.info
userinfo_encryption_enc_values_supported
[
  "A128CBC+HS256",
  "A256CBC+HS512",
  "A128GCM",
  "A256GCM"
]
id_token_encryption_enc_values_supported
[
  "A128CBC+HS256",
  "A256CBC+HS512",
  "A128GCM",
  "A256GCM"
]
access_token_signing_alg_values_supported
[
  "none",
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
authorization_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/authorize
service_documentation
http://jans.org/docs
authorization_encryption_alg_values_supported
[
  "RSA1_5",
  "RSA-OAEP",
  "A128KW",
  "A256KW"
]
claims_supported
[
  "street_address",
  "country",
  "zoneinfo",
  "birthdate",
  "role",
  "gender",
  "user_name",
  "formatted",
  "work_phone",
  "phone_mobile_number",
  "preferred_username",
  "inum",
  "jansIdTknSignedRespAlg",
  "jansRedirectURI",
  "locale",
  "updated_at",
  "post_office_box",
  "nickname",
  "member_of",
  "org_name",
  "preferred_language",
  "email",
  "website",
  "email_verified",
  "jansAppType",
  "profile",
  "locality",
  "room_number",
  "phone_number_verified",
  "jansScope",
  "given_name",
  "middle_name",
  "picture",
  "name",
  "phone_number",
  "postal_code",
  "region",
  "family_name",
  "jansAdminUIRole"
]
ssa_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/ssa
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "client_secret_jwt",
  "private_key_jwt",
  "tls_client_auth",
  "self_signed_tls_client_auth",
  "none"
]
tls_client_certificate_bound_access_tokens
true
response_modes_supported
[
  "query",
  "query.jwt",
  "fragment.jwt",
  "jwt",
  "form_post.jwt",
  "fragment",
  "form_post"
]
backchannel_logout_session_supported
true
token_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/token
backchannel_authentication_request_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
response_types_supported
[
  "id_token",
  "id_token token",
  "id_token code",
  "id_token token code",
  "token",
  "token code",
  "code"
]
authorization_encryption_enc_values_supported
[
  "A128CBC+HS256",
  "A256CBC+HS512",
  "A128GCM",
  "A256GCM"
]
backchannel_token_delivery_modes_supported
[
  "poll",
  "ping",
  "push"
]
dpop_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
request_uri_parameter_supported
true
backchannel_user_code_parameter_supported
true
grant_types_supported
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "urn:ietf:params:oauth:grant-type:device_code",
  "urn:openid:params:grant-type:ciba",
  "password",
  "urn:ietf:params:oauth:grant-type:uma-ticket",
  "client_credentials",
  "urn:ietf:params:oauth:grant-type:token-exchange"
]
ui_locales_supported
[
  "en",
  "bg",
  "de",
  "es",
  "fr",
  "it",
  "ru",
  "tr"
]
userinfo_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/userinfo
op_tos_uri
https://milton-ch-precious-gopher.gluu.info/tos
require_request_uri_registration
false
id_token_encryption_alg_values_supported
[
  "RSA1_5",
  "RSA-OAEP",
  "A128KW",
  "A256KW"
]
frontchannel_logout_session_supported
true
authorization_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
claims_locales_supported
[
  "en"
]
clientinfo_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/clientinfo
request_object_signing_alg_values_supported
[
  "none",
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
request_object_encryption_alg_values_supported
[
  "RSA1_5",
  "RSA-OAEP",
  "A128KW",
  "A256KW"
]
key_from_java
value_from_script_on_java
session_revocation_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/revoke_session
check_session_iframe
https://milton-ch-precious-gopher.gluu.info/jans-auth/opiframe.htm
scopes_supported
[
  "https://jans.io/scim/all-resources.search",
  "user_name",
  "clientinfo",
  "https://jans.io/scim/fido2.write",
  "work_phone",
  "https://jans.io/auth/ssa.developer",
  "https://jans.io/scim/fido.read",
  "https://jans.io/scim/users.write",
  "revoke_session",
  "https://jans.io/scim/fido.write",
  "mobile_phone",
  "offline_access",
  "org_name",
  "email",
  "https://jans.io/scim/fido2.read",
  "address",
  "test",
  "https://jans.io/auth/ssa.admin",
  "openid",
  "profile",
  "uma_protection",
  "http://photoz.example.com/dev/scopes/view",
  "permission",
  "http://photoz.example.com/dev/scopes/all",
  "https://jans.io/scim/groups.read",
  "https://jans.io/scim/bulk",
  "modify",
  "https://jans.io/scim/users.read",
  "device_sso",
  "phone",
  "https://jans.io/auth/ssa.portal",
  "https://jans.io/scim/groups.write"
]
backchannel_logout_supported
true
acr_values_supported
[
  "basic_lock",
  "basic_alias2",
  "basic_alias1",
  "agama",
  "basic"
]
request_object_encryption_enc_values_supported
[
  "A128CBC+HS256",
  "A256CBC+HS512",
  "A128GCM",
  "A256GCM"
]
device_authorization_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/device_authorization
display_values_supported
[
  "page",
  "popup"
]
userinfo_signing_alg_values_supported
[
  "none",
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
require_pushed_authorization_requests
false
claim_types_supported
[
  "normal"
]
userinfo_encryption_alg_values_supported
[
  "RSA1_5",
  "RSA-OAEP",
  "A128KW",
  "A256KW"
]
end_session_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/end_session
revocation_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/revoke
backchannel_authentication_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/bc-authorize
token_endpoint_auth_signing_alg_values_supported
[
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
frontchannel_logout_supported
true
jwks_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/jwks
subject_types_supported
[
  "public",
  "pairwise"
]
id_token_signing_alg_values_supported
[
  "none",
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
registration_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register
id_token_token_binding_cnf_values_supported
[
  "tbh"
]
2022-12-27 23:26:47 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-12-27 23:26:47 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "milton-ch-precious-gopher.gluu.info",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "milton-ch-precious-gopher.gluu.info",
  "testPort": 443
}
token_endpoint
{
  "testHost": "milton-ch-precious-gopher.gluu.info",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "milton-ch-precious-gopher.gluu.info",
  "testPort": 443
}
2022-12-27 23:26:47
FetchServerKeys
Fetching server key
jwks_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/jwks
2022-12-27 23:26:47
FetchServerKeys
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-12-27 23:26:47 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Tue, 27 Dec 2022 23:26:47 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json",
  "set-cookie": "X-Correlation-Id\u003df574f67d-b1ab-4392-a6cc-ed482c676462; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive",
  "transfer-encoding": "chunked"
}
response_body
{
  "keys" : [ {
    "descr" : "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-256",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "93bd7998-f8dd-4edc-bb37-849df3f455a5_sig_rs256",
    "x5c" : [ "MIIDCjCCAfKgAwIBAgIhANZZGCKw3evdv5mhxa+Owtyr7W/kQvm7q6xJHCt1pmrVMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODEyWhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysgE4ddJOErxmaIJab7bUsRXmaX5wzwn3Mv1OuTDoKmJBzTROxdNwpaGOZxeh+KdGTq29kdgAooA8+WpR+P769aIxjzG1M7b8yXI6AQ9vEWfRGQlDUgchLwxK94M7RLt9Fl1xN6fxtm/OaLx/1JI80ptjcxL/10JQQz4Y7RW6NNV+7kJiCdzHk1CQ5cnd/RvyeMCChhEWr6rRn0+CLLL3HFUwnLBtishbtGxcWbmZK4oA00bB6XsbYhybDPdNEmjCesbl5tcOe6eNN1h6v/gaCWYR3gAd0O26TKwT1w/p6DvBG985w25C4oPPdXOY4VMxtO/xXgKsvMK0g8mD+X5fQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBADwrX2PzJ5ee78Cs0kV6DlLJbNdn9QWxgmRKHTzSR1fkcGKZ4r4HYvy7I0RETY63CPOXda59Dpl506Ur+d89GILXKBIR+VDGs6rqzc0IgthAbyTMWnm718LajfvOLCBg1k2pDDuVwzppt+EwCnOIulXWsO2SiWQYHVrNH7j6c9Mec9lW34VlLSxtk8oYY5MlGai+LBQbnCRODWfwLjgtr0vgm/XcuvdV2HAy2UBWZcN/7Gn6UnO20WWp3OvA0hVBok/SDosK0YNxZSxqB4jVkc+u7sUXUn+l4hYJziQUnsvPprJaRSjwl4R0YivNyVAlkqRr6s8wnHLTZG1tLZIr4Ok=" ],
    "name" : "id_token RS256 Sign Key",
    "exp" : 1672352901736,
    "alg" : "RS256",
    "n" : "ysgE4ddJOErxmaIJab7bUsRXmaX5wzwn3Mv1OuTDoKmJBzTROxdNwpaGOZxeh-KdGTq29kdgAooA8-WpR-P769aIxjzG1M7b8yXI6AQ9vEWfRGQlDUgchLwxK94M7RLt9Fl1xN6fxtm_OaLx_1JI80ptjcxL_10JQQz4Y7RW6NNV-7kJiCdzHk1CQ5cnd_RvyeMCChhEWr6rRn0-CLLL3HFUwnLBtishbtGxcWbmZK4oA00bB6XsbYhybDPdNEmjCesbl5tcOe6eNN1h6v_gaCWYR3gAd0O26TKwT1w_p6DvBG985w25C4oPPdXOY4VMxtO_xXgKsvMK0g8mD-X5fQ"
  }, {
    "descr" : "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-384",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "7dd2426e-7151-4592-93b7-95b2a12f6d95_sig_rs384",
    "x5c" : [ "MIIDCTCCAfGgAwIBAgIgSFu2fF5bmpLrvSWuRRlmiWJPqqoAksY2907d/Newfc4wDQYJKoZIhvcNAQEMBQAwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTVaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuPgh8/7SQF5syCmt9o/rMBAEuSj7mDAmwqSRZziPTuImGLcZB8LCmoOXup7ZUENG2eBSiraAVUjhkXMvHQpBqRjw+P5uzOSZSH+la917b3a/bkbuPQg51NV9WnvvnYJut2VIOa0Ea1ypU/ACEJG7+6r5eSWZBdPtbCgITN7zo2RZGeiytZXAn1TCoof3YtngWPNbP+4pZLCpwWADLU4tkXy1xecTpan/6BMpCsQ41F4Iz7sxJcynfQtrlhzM3fO8jOZe+GHYCo+TX+V8e5hAFmQOruq/QfXOd9RctPASuup5yLRMWHvHeoqktk5QnRoqcS0i2uv3P6VUf8x06D5RVAgMBAAGjJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADANBgkqhkiG9w0BAQwFAAOCAQEAiv7pyFEFaKvXQrBFdNI+o1vOpWym7+EFyCS2E2+YzRkCXmFbqJfxDKL8ZCmTms5Y06U1rDaJXCUT/L3gVT4YDKbbEGY7rVyFiSVGsGVba+xcd8RsXz7EVObPiBvmLM96YPqVjxHGt/lSzDe08cNt9BIfs2NoMgiNxE1/b8P0hiRAC+pbJASH4y3NINjoupEVF19Tz3nibTEwLOmvLtNgZQW+I6CQPT4t54QlffQkf957rwZu4kr1Oe+G2s2xdlE0GzxwOnEVeDzQilLODqrbGYQNjGXZme3wa1qSUOAaJ+UCgcF2ivutVjqR6e3qnXunT40HnynD8x9AhFJmB/2Gyg==" ],
    "name" : "id_token RS384 Sign Key",
    "exp" : 1672352901736,
    "alg" : "RS384",
    "n" : "rj4IfP-0kBebMgprfaP6zAQBLko-5gwJsKkkWc4j07iJhi3GQfCwpqDl7qe2VBDRtngUoq2gFVI4ZFzLx0KQakY8Pj-bszkmUh_pWvde292v25G7j0IOdTVfVp7752CbrdlSDmtBGtcqVPwAhCRu_uq-XklmQXT7WwoCEze86NkWRnosrWVwJ9UwqKH92LZ4FjzWz_uKWSwqcFgAy1OLZF8tcXnE6Wp_-gTKQrEONReCM-7MSXMp30La5YczN3zvIzmXvhh2AqPk1_lfHuYQBZkDq7qv0H1znfUXLTwErrqeci0TFh7x3qKpLZOUJ0aKnEtItrr9z-lVH_MdOg-UVQ"
  }, {
    "descr" : "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-512",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "3523039d-8ffe-4a4b-a120-85adb220cf32_sig_rs512",
    "x5c" : [ "MIIDCjCCAfKgAwIBAgIhAMFUYb/uIHwiU1QdG0jL8/Edp4tKsPWDsv4+nxiYQu9HMA0GCSqGSIb3DQEBDQUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE1WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE9+Dgb12Mvvrh4MfxCmXnNKhBA+TT4qkOK4gw9/4BDQue84qSLARdvoFY/Xny96gXNtJrxOLScEaQnn1288H/Vyfe1IfefsI1JuPAYX5U/Y4L33YkyL65ET522CA6UnGsKcYyd0ccTfwDEATWf4uA/wDiOmzDqhYZTGzNYTQ3Hq4sk4AROBdJqI9ahpdWfK6K63yRNAUuoU0w+Q3RViyx6IEtBr6pTdlXeGQUZLl88OeDlHIX60f6eCgHMh0M+zU9r7C/lbshgbhPVf9IOw0CH59BCDN4TK65ZbXDNisYnYUaFDibz5vw4sid+8vaYtkIBRSgtm5qounNOYjbHtpQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQENBQADggEBAJpysu8WKVaZDie//uFMME4pRrmU4c2RDCKo4d+QYSmgZewfqWoBv8pLUlXA6ltsWTd5yp23fbEr21oYQaRZNupgFPjgJHe4Dq6y1pbNCoQHIeiscG/s2ao5fC10X/jVlyTMCqZct7k2YiL7LFBuaIPNcyma5ttTQNohb96Jy9Is2xx2z8bC200K4OgE/kcgsHLyciJqzFQkI+eun6XR39WWGYJcoMB0yB21qy0tKYF0XAAylgqOuDB/kwCJhrgrXNxA5NqLQsoGngtItkTssxeiUoeeSjNhWgJQqwUSrFMcVyO8XZ6k1cHOwdgb0UuypY/NKnqdCHUukIUQPUrRUh4=" ],
    "name" : "id_token RS512 Sign Key",
    "exp" : 1672352901736,
    "alg" : "RS512",
    "n" : "wE9-Dgb12Mvvrh4MfxCmXnNKhBA-TT4qkOK4gw9_4BDQue84qSLARdvoFY_Xny96gXNtJrxOLScEaQnn1288H_Vyfe1IfefsI1JuPAYX5U_Y4L33YkyL65ET522CA6UnGsKcYyd0ccTfwDEATWf4uA_wDiOmzDqhYZTGzNYTQ3Hq4sk4AROBdJqI9ahpdWfK6K63yRNAUuoU0w-Q3RViyx6IEtBr6pTdlXeGQUZLl88OeDlHIX60f6eCgHMh0M-zU9r7C_lbshgbhPVf9IOw0CH59BCDN4TK65ZbXDNisYnYUaFDibz5vw4sid-8vaYtkIBRSgtm5qounNOYjbHtpQ"
  }, {
    "descr" : "Signature Key: ECDSA using P-256 (secp256r1) and SHA-256",
    "kty" : "EC",
    "use" : "sig",
    "crv" : "P-256",
    "kid" : "86f081d8-bcc4-4588-9897-79dd06a4ed95_sig_es256",
    "x5c" : [ "MIIBfzCCASSgAwIBAgIhAIpAc4YhyCTNuRCuKKOfes0QBTNox/hSYrGcyRc4fUVjMAoGCCqGSM49BAMCMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE2WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfqLAPJMsMVf1aRoY+nfo9orSeos+g1p+JdhDKJtL4h8nRfTBU9prV+be2ZwOpRDLfhg2ersD/LsVyNf8LYdbjaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMAoGCCqGSM49BAMCA0kAMEYCIQCStUjQohze32BKSn6SBHHCHXmVfY+kYbT2H1FWiItEtAIhAOWSpxUbRB6o7Xy6QsNBpyN3JS3YXVAzuJwbNwS8Adow" ],
    "name" : "id_token ES256 Sign Key",
    "x" : "fqLAPJMsMVf1aRoY-nfo9orSeos-g1p-JdhDKJtL4h8",
    "y" : "J0X0wVPaa1fm3tmcDqUQy34YNnq7A_y7FcjX_C2HW40",
    "exp" : 1672352901736,
    "alg" : "ES256"
  }, {
    "descr" : "Signature Key: ECDSA using P-384 (secp384r1) and SHA-384",
    "kty" : "EC",
    "use" : "sig",
    "crv" : "P-384",
    "kid" : "cbdad4e1-c417-4ab2-afb8-e2582256d1b8_sig_es384",
    "x5c" : [ "MIIBujCCAUCgAwIBAgIgIqK3hX28VBSS34zaW8BLU8vTrdAhXRtg2yyGjH2x3OUwCgYIKoZIzj0EAwMwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTZaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQ/ubE8rNWyg4brdBzmoE+8yksjf6j9/LjBWPiOkUiRdGTMCQY8pIbIiNiDwYHlX5/IDRVzr48fBx41UU0ye9TelCG/jChU3+qFiS6yicTOUZOuN8pOLUNAPfFYK9ZwbS6jJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADAKBggqhkjOPQQDAwNoADBlAjEA8lzHxaofLvVtWxJFOLd0CayeY/Z4tNSf1PWnn9KVlqjxUHs6jw/tOhqcyAlAlH5tAjAR2ruRbvbkOl7n6ckVqWh4nCMYJyQRSQdnX5ZWBcdQ2gcia3OK+gU3OBzjVdvoOEc=" ],
    "name" : "id_token ES384 Sign Key",
    "x" : "P7mxPKzVsoOG63Qc5qBPvMpLI3-o_fy4wVj4jpFIkXRkzAkGPKSGyIjYg8GB5V-f",
    "y" : "yA0Vc6-PHwceNVFNMnvU3pQhv4woVN_qhYkusonEzlGTrjfKTi1DQD3xWCvWcG0u",
    "exp" : 1672352901736,
    "alg" : "ES384"
  }, {
    "descr" : "Signature Key: ECDSA using P-521 (secp521r1) and SHA-512",
    "kty" : "EC",
    "use" : "sig",
    "crv" : "P-521",
    "kid" : "932692bc-7e99-40d0-b114-e6f9882b59a4_sig_es512",
    "x5c" : [ "MIICBTCCAWagAwIBAgIgB426X6D0s3wAu+j+U1IRPdbXZq8ulFuGQinRskqmMzcwCgYIKoZIzj0EAwQwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTZaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABADykMhD0KcQQYWHE6se903Ibrx4sHSgKJxPqBY2X9IYxcObum1LnCAw/p2jdzEkPJuLam1PAZwK3gJYPfamdMUG9wEvt63FBk8BcOLfyhHa/1xr7DQEen/abGt7nibru7+Ml4M8p7hzJ4Vp/nJ0gEcBxdIuhoxGNw+/BxasznbcvXXt16MnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMAoGCCqGSM49BAMEA4GMADCBiAJCALek46bgchW5xotGrBH7PI5afn7Q3HX6W2yG00rI6nboddFhQJbncBdvAwpNzdXew4LdzIQaXwyAGkqWU+Ni6KYPAkIBBV8bG9hYYaxz8WscM8dXKiGFVwKkd6gidtoIhQpTozvMynxGqGc1WA/LySFxXh7URFyh3HYv2PMzr2ThQOKVDok=" ],
    "name" : "id_token ES512 Sign Key",
    "x" : "8pDIQ9CnEEGFhxOrHvdNyG68eLB0oCicT6gWNl_SGMXDm7ptS5wgMP6do3cxJDybi2ptTwGcCt4CWD32pnTFBvc",
    "y" : "AS-3rcUGTwFw4t_KEdr_XGvsNAR6f9psa3ueJuu7v4yXgzynuHMnhWn-cnSARwHF0i6GjEY3D78HFqzOdty9de3X",
    "exp" : 1672352901736,
    "alg" : "ES512"
  }, {
    "descr" : "Signature Key: RSASSA-PSS using SHA-256 and MGF1 with SHA-256",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "654bd47a-5581-48cc-af8a-fe5eca5e6fb6_sig_ps256",
    "x5c" : [ "MIIDcjCCAiagAwIBAgIhAKFEgEB3j/IEo+dm14wePOEfAkPrN9Muq27xxWDbCjOXMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxN1oXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDLLDxA9jaH/QkHuwNqNjSSSOZmblIEntX5VR7Bg10oALY1xk03kGZXfpidHgHSXCUB3GozixLqwGv5p2h1+v14EViWefyu/N6yo2N2M6QldSJcuUpx5/hLQGsW8POFd+cUduOsXCEFWgcdh7qcmhfsUoHyptFM3q1CAlKMI3rT8ss6YOArtUNlJSmk+4j026HEyBTC4/nNlnlAJRGWt2eLGOChhZMamfId0AbuFeR7+QiwaMDFf86wKt6tPfzKzEuVWqAxOqTg40Agprcw3pugmmXPvVj5msdBfIFSzzQGK4Y64ImOsJi2vRPRpBHumC8BeOjdps/mr1c9ERLaTe8CAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIAOCAQEAN1mVpdZq+h5TziBnn52HpjU45FCfjBQKIR6r6mi/gIVqbMqbUwsULjLW5ClhbezFyVRvyhNajsElmWKUXLAsecxTRBx5tJOnWUVWmc26VIZckGGON4qxlgsUMqf+qzGs4MsLWhTDUbiqBfRjaNIW355DGvPRv7L2gbZRw9LiJqca5ueXsk7BIl8p8KbYAt/0BJDMN4c4Y636M866CBnw6iLX3qOtLQWWrPhW6oLyvsJQqqwyt89AZXyVl/cp8uluEAiZ+Hmwlc5G2LN7oiIFqEHR5QlgpDnRf66TJH058lbfI6MKgMDV+qhaqyyFOIoQ0lXTLSymGmadsIncDFC7Og==" ],
    "name" : "id_token PS256 Sign Key",
    "exp" : 1672352901736,
    "alg" : "PS256",
    "n" : "wMssPED2Nof9CQe7A2o2NJJI5mZuUgSe1flVHsGDXSgAtjXGTTeQZld-mJ0eAdJcJQHcajOLEurAa_mnaHX6_XgRWJZ5_K783rKjY3YzpCV1Ily5SnHn-EtAaxbw84V35xR246xcIQVaBx2HupyaF-xSgfKm0UzerUICUowjetPyyzpg4Cu1Q2UlKaT7iPTbocTIFMLj-c2WeUAlEZa3Z4sY4KGFkxqZ8h3QBu4V5Hv5CLBowMV_zrAq3q09_MrMS5VaoDE6pODjQCCmtzDem6CaZc-9WPmax0F8gVLPNAYrhjrgiY6wmLa9E9GkEe6YLwF46N2mz-avVz0REtpN7w"
  }, {
    "descr" : "Signature Key: RSASSA-PSS using SHA-384 and MGF1 with SHA-384",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "a3f507e2-2f98-4c53-a259-43a44605b2a6_sig_ps384",
    "x5c" : [ "MIIDcjCCAiagAwIBAgIhAOyRZ1+oW7esPyHAJhpNB01lDrqAJ84H19gWtXD3aIeVMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxN1oXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1Q+eZ/kmh6cX8Rkt1Bo7NmzjUuff5rHMSUZCKG1Z8+qQ3B6jloX06Xedaate2KYeuhcKIoYKFZRZnO04/jzxyJMtHpRj6chZwq5Q68/WNUrYPzkgvtcupgBOCvv8pybKNEJYaZiKFrmi7ejdsORb/m09TaaKe2985/f5vpU3vg8eFrzvULyYtSsgE6RMzwjAPmKRkJKuMsJ8AsJ10YgD8B6Qya27pgq6TQ4dfmsMlv3kiFzwwNxLV4j6hJ9mR6f4+KdP3AZMd1IieVjeLlI1sH0rcjvBOc7MGScUJHk9Vv2CwgA9VkhYzCyRSZKRyHDhfEgFP37zYDfzXh0wONRUECAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMAOCAQEAcbyNW53i/aRbR4dSWeMD19YvD1B2TAArfwba9yJ5+SGlcQxGDVSbxlSBdMuzKqazvsNYbF8zLGK7waLM/dPFjZaQTwaGA3BIvubYY93MQChOGiflzTwMv9b7WDu6RqpF3akHPvAnvfU5gHc0iMekQYgkAtZRM2k5aV3z0RtXDhFaMqL103K20IB16HEXmxoBFX/p/fvL0zhAw4vnOFiBCiFstBRNjcaH8yuRSJorl1y4SLuaFYWJ/PMAQviFW6Kj2q0UNRdkQkXXlxwQX7NwoOw1yH+CgK868ntKbfpr8xD04mlI+V3ckeKnpMb++5Y7DmLEs4q7yNAT3fg7wgrMCg==" ],
    "name" : "id_token PS384 Sign Key",
    "exp" : 1672352901736,
    "alg" : "PS384",
    "n" : "rVD55n-SaHpxfxGS3UGjs2bONS59_mscxJRkIobVnz6pDcHqOWhfTpd51pq17Yph66FwoihgoVlFmc7Tj-PPHIky0elGPpyFnCrlDrz9Y1Stg_OSC-1y6mAE4K-_ynJso0QlhpmIoWuaLt6N2w5Fv-bT1Npop7b3zn9_m-lTe-Dx4WvO9QvJi1KyATpEzPCMA-YpGQkq4ywnwCwnXRiAPwHpDJrbumCrpNDh1-awyW_eSIXPDA3EtXiPqEn2ZHp_j4p0_cBkx3UiJ5WN4uUjWwfStyO8E5zswZJxQkeT1W_YLCAD1WSFjMLJFJkpHIcOF8SAU_fvNgN_NeHTA41FQQ"
  }, {
    "descr" : "Signature Key: RSASSA-PSS using SHA-512 and MGF1 with SHA-512",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "e2a747b9-f782-4a18-af5c-ab0705653f43_sig_ps512",
    "x5c" : [ "MIIDcjCCAiagAwIBAgIhANlkL3IhK1zhUlrVLBSWtZRxKeWoOXPeiCSmau9sMJtFMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIBQDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxOFoXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJlJp3TPXGK7ZEl0X4uIC2JoRCipkpqRTIfvoJf3qnejreFpRNmYBHMagpZ+Eb8CPOUWhOiXut+SeN1CVtmxUoHNhE8EdERhm/dYGY4Isec4IH8qeLf3Jfn5HiDtyTmZeV17eAxGIGc6UVeOQp+1Vfgd/MgC1o+MLXP6FEkfkwoNcZbYeTJ0yOA7vbH0V+lY9Qg5iFCpQu/r2c46kGTgcjqll2NVg5cHzAPC927tYq6wjSe9PVeBAtZ2vVL8b2LdMywlVmYHguBOOnVrM/d1L3ce0IAOknLHgxGcJj1tMXlnJXPBYG89U3qQfkCoBBzS9NtJCElbHZrVbLgkgCg8XN0CAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIBQAOCAQEASwmflWG3KKFkuy6k5lFKZEk0nYJubqhAgvW8pxI1oiGDBI6kmsX+N1765DBH9zSk/j/3v3q33AMoAiJBrguTOwi/4KfEQTdB7NxWkrsn4m6EHKvUTHvqLHl0n9cxWeGomYmMB3TeoV99FOIi4X8YNaVShZQmYeHZdPJ9iapN8GIDld+oyCEcngiw85/VV+yXKZ+buTiaG5nuiIukZOIZDyqYLWuHMnVsPfOYuyGivzxaz28tRQ+nh+MD+iFLaSn7JWVc0LgGrWE+xHqMZMTINjmE6+E9JHwpmOJjtYartAEW3NrvXae8hXdwYavXcczlabHYIF1lc0L2S+NWyGGWsw==" ],
    "name" : "id_token PS512 Sign Key",
    "exp" : 1672352901736,
    "alg" : "PS512",
    "n" : "mUmndM9cYrtkSXRfi4gLYmhEKKmSmpFMh--gl_eqd6Ot4WlE2ZgEcxqCln4RvwI85RaE6Je635J43UJW2bFSgc2ETwR0RGGb91gZjgix5zggfyp4t_cl-fkeIO3JOZl5XXt4DEYgZzpRV45Cn7VV-B38yALWj4wtc_oUSR-TCg1xlth5MnTI4Du9sfRX6Vj1CDmIUKlC7-vZzjqQZOByOqWXY1WDlwfMA8L3bu1irrCNJ709V4EC1na9UvxvYt0zLCVWZgeC4E46dWsz93Uvdx7QgA6ScseDEZwmPW0xeWclc8Fgbz1TepB-QKgEHNL020kISVsdmtVsuCSAKDxc3Q"
  }, {
    "descr" : "Encryption Key: RSAES-PKCS1-v1_5",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "enc",
    "kid" : "c49ea9b8-b080-4176-84d4-9b2ad0b95c6e_enc_rsa1_5",
    "x5c" : [ "MIIDCTCCAfGgAwIBAgIgaPBB5IhZ5wiEsUBDZUkpRnjBqRg4UohlszaHbuUdoq0wDQYJKoZIhvcNAQELBQAwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MThaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfR6rpxMYmYRM7g3H8xNYBPUwD2zN5ulX47O/fCNZOrawlWBN9LxLz+Qd9yiUb8uYWsuuFberaSfEXwag5gSBDOHI6V56ybJCf08bYOeJqqFOGqb76mugDPo77KOoWdW3eVk3Fow6GVq4R+qdE4auxlvKz6WFg1EWpG/qDcwdGupLh+8ekRweO/3F5+nqD0ynnFVNfzGRL+YSJK6cU+/gJ2nzlqIkqWDpZPLCQ+LTVFQpMzECNTiCtQ+v4l6jw2ztVop0gnve8HYUz054yuI7n2z3JEfFM9oXEI+er3MsDPMj4fNwyUSsY1L7TUWE9HKwfuag+xnPXxRTY+Qj32gSFAgMBAAGjJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADANBgkqhkiG9w0BAQsFAAOCAQEAcJbqBO2i/APm2oO0TvOlvxGhUYaQL8Zsh4n14cDDvzygneWYxkYrIZeqEpmnu4VY98zWtY7151E98CmGoIPdd5epLqYXozl20DHBG1SNhZVgaxGdJvR1cJbFb9/Ux2e2nYCkM33eRu5FKFyuTAkWYypQWA6kXw+yduCcr67EzUrV7jsWvDQYaW8EeL02mjB+xxdCZhL7bq4sTLvm1RBlhr/MKQnARgfMDzn1NfSKvuwg1OYFf5pfl9hiT7ts2ugmF7fhzFXYBQzpjxzk26f2s2vCSnaI8bBWIFYsRe46AcP3nPDxvi+PBHCvVll3NpG32OL+rDDjz4BaqTd7LzVyVw==" ],
    "name" : "id_token RSA1_5 Encryption Key",
    "exp" : 1672352901736,
    "alg" : "RSA1_5",
    "n" : "n0eq6cTGJmETO4Nx_MTWAT1MA9szebpV-Ozv3wjWTq2sJVgTfS8S8_kHfcolG_LmFrLrhW3q2knxF8GoOYEgQzhyOleesmyQn9PG2DniaqhThqm--proAz6O-yjqFnVt3lZNxaMOhlauEfqnROGrsZbys-lhYNRFqRv6g3MHRrqS4fvHpEcHjv9xefp6g9Mp5xVTX8xkS_mEiSunFPv4Cdp85aiJKlg6WTywkPi01RUKTMxAjU4grUPr-Jeo8Ns7VaKdIJ73vB2FM9OeMriO59s9yRHxTPaFxCPnq9zLAzzI-HzcMlErGNS-01FhPRysH7moPsZz18UU2PkI99oEhQ"
  }, {
    "descr" : "Encryption Key: RSAES OAEP using default parameters",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "enc",
    "kid" : "3b4aa911-1b16-45eb-99c3-f9f8177f8e01_enc_rsa-oaep",
    "x5c" : [ "MIIDCjCCAfKgAwIBAgIhAI1Zb5nKeDJ6pa0AU/SLXbI+nUynCHcFzJH3hTH8wsmGMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE5WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmutMdQS7AoEa6OlLW8kFuKqjCC8+My6CXBqHHiKHIen0ZAXe9/VE68FBrX/1e128kR3mnbNYYpTbFv/TxB5H7lkG9v/OojmhhllYGzBPdSawkFM4KzU2KWRT5yKYrjzjNA2W5Z1N6kpETycOjzX4GfAd7TO4YuJcO/yXVSsty6ByU1/btgKCq36cgDN7VnDpIi/m2xr/awfBgf2AnteEO9Me1JWvSP7AGeUGssMbPUMp5Gqi0wYbXUuijUm3InR3gbOE+IDU/6Dd/hJuS4LxM1sAz1sqd8nzVRgnr0mWnsBbD7mMB6RVKTysgZ1AAPZ3t9sHnfbODG2Qr07laKOkUQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBAHqinzEXi+uTdjl5DDE2lVS6Po8Ze4/EHb6wSPgIJjDUyEf5KH7AGEOlmuKtuzy7m5v+WIOHyR3NOfEIlNhQ1e65ZbrvKWlBc2uxFMtdK9EZFKEo4IlrX5kalq4c+yGJlSGG+4Xt5G+tyCQOc4V3OZ9qIbCZyrKCrwWWer8u2rV759nGM7rWM/317fNKeTUB3og+J1paNBkauqPMQtfiC5UvIPyKdZlY1Ed6nOovHCMZLhQogLNuUpc15IFofJWv3/+h+7NYfKZxRNotOWo5jh69VcyUdlo/y5OdIYDWiqO5IU0g5G+zXqnbrlW9da9nF6j4U9cMI5oJUK95hEiZDTI=" ],
    "name" : "id_token RSA-OAEP Encryption Key",
    "exp" : 1672352901736,
    "alg" : "RSA-OAEP",
    "n" : "mutMdQS7AoEa6OlLW8kFuKqjCC8-My6CXBqHHiKHIen0ZAXe9_VE68FBrX_1e128kR3mnbNYYpTbFv_TxB5H7lkG9v_OojmhhllYGzBPdSawkFM4KzU2KWRT5yKYrjzjNA2W5Z1N6kpETycOjzX4GfAd7TO4YuJcO_yXVSsty6ByU1_btgKCq36cgDN7VnDpIi_m2xr_awfBgf2AnteEO9Me1JWvSP7AGeUGssMbPUMp5Gqi0wYbXUuijUm3InR3gbOE-IDU_6Dd_hJuS4LxM1sAz1sqd8nzVRgnr0mWnsBbD7mMB6RVKTysgZ1AAPZ3t9sHnfbODG2Qr07laKOkUQ"
  } ]
}
2022-12-27 23:26:47
FetchServerKeys
Found JWK set string
jwk_string
{
  "keys" : [ {
    "descr" : "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-256",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "93bd7998-f8dd-4edc-bb37-849df3f455a5_sig_rs256",
    "x5c" : [ "MIIDCjCCAfKgAwIBAgIhANZZGCKw3evdv5mhxa+Owtyr7W/kQvm7q6xJHCt1pmrVMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODEyWhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysgE4ddJOErxmaIJab7bUsRXmaX5wzwn3Mv1OuTDoKmJBzTROxdNwpaGOZxeh+KdGTq29kdgAooA8+WpR+P769aIxjzG1M7b8yXI6AQ9vEWfRGQlDUgchLwxK94M7RLt9Fl1xN6fxtm/OaLx/1JI80ptjcxL/10JQQz4Y7RW6NNV+7kJiCdzHk1CQ5cnd/RvyeMCChhEWr6rRn0+CLLL3HFUwnLBtishbtGxcWbmZK4oA00bB6XsbYhybDPdNEmjCesbl5tcOe6eNN1h6v/gaCWYR3gAd0O26TKwT1w/p6DvBG985w25C4oPPdXOY4VMxtO/xXgKsvMK0g8mD+X5fQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBADwrX2PzJ5ee78Cs0kV6DlLJbNdn9QWxgmRKHTzSR1fkcGKZ4r4HYvy7I0RETY63CPOXda59Dpl506Ur+d89GILXKBIR+VDGs6rqzc0IgthAbyTMWnm718LajfvOLCBg1k2pDDuVwzppt+EwCnOIulXWsO2SiWQYHVrNH7j6c9Mec9lW34VlLSxtk8oYY5MlGai+LBQbnCRODWfwLjgtr0vgm/XcuvdV2HAy2UBWZcN/7Gn6UnO20WWp3OvA0hVBok/SDosK0YNxZSxqB4jVkc+u7sUXUn+l4hYJziQUnsvPprJaRSjwl4R0YivNyVAlkqRr6s8wnHLTZG1tLZIr4Ok=" ],
    "name" : "id_token RS256 Sign Key",
    "exp" : 1672352901736,
    "alg" : "RS256",
    "n" : "ysgE4ddJOErxmaIJab7bUsRXmaX5wzwn3Mv1OuTDoKmJBzTROxdNwpaGOZxeh-KdGTq29kdgAooA8-WpR-P769aIxjzG1M7b8yXI6AQ9vEWfRGQlDUgchLwxK94M7RLt9Fl1xN6fxtm_OaLx_1JI80ptjcxL_10JQQz4Y7RW6NNV-7kJiCdzHk1CQ5cnd_RvyeMCChhEWr6rRn0-CLLL3HFUwnLBtishbtGxcWbmZK4oA00bB6XsbYhybDPdNEmjCesbl5tcOe6eNN1h6v_gaCWYR3gAd0O26TKwT1w_p6DvBG985w25C4oPPdXOY4VMxtO_xXgKsvMK0g8mD-X5fQ"
  }, {
    "descr" : "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-384",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "7dd2426e-7151-4592-93b7-95b2a12f6d95_sig_rs384",
    "x5c" : [ "MIIDCTCCAfGgAwIBAgIgSFu2fF5bmpLrvSWuRRlmiWJPqqoAksY2907d/Newfc4wDQYJKoZIhvcNAQEMBQAwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTVaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuPgh8/7SQF5syCmt9o/rMBAEuSj7mDAmwqSRZziPTuImGLcZB8LCmoOXup7ZUENG2eBSiraAVUjhkXMvHQpBqRjw+P5uzOSZSH+la917b3a/bkbuPQg51NV9WnvvnYJut2VIOa0Ea1ypU/ACEJG7+6r5eSWZBdPtbCgITN7zo2RZGeiytZXAn1TCoof3YtngWPNbP+4pZLCpwWADLU4tkXy1xecTpan/6BMpCsQ41F4Iz7sxJcynfQtrlhzM3fO8jOZe+GHYCo+TX+V8e5hAFmQOruq/QfXOd9RctPASuup5yLRMWHvHeoqktk5QnRoqcS0i2uv3P6VUf8x06D5RVAgMBAAGjJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADANBgkqhkiG9w0BAQwFAAOCAQEAiv7pyFEFaKvXQrBFdNI+o1vOpWym7+EFyCS2E2+YzRkCXmFbqJfxDKL8ZCmTms5Y06U1rDaJXCUT/L3gVT4YDKbbEGY7rVyFiSVGsGVba+xcd8RsXz7EVObPiBvmLM96YPqVjxHGt/lSzDe08cNt9BIfs2NoMgiNxE1/b8P0hiRAC+pbJASH4y3NINjoupEVF19Tz3nibTEwLOmvLtNgZQW+I6CQPT4t54QlffQkf957rwZu4kr1Oe+G2s2xdlE0GzxwOnEVeDzQilLODqrbGYQNjGXZme3wa1qSUOAaJ+UCgcF2ivutVjqR6e3qnXunT40HnynD8x9AhFJmB/2Gyg==" ],
    "name" : "id_token RS384 Sign Key",
    "exp" : 1672352901736,
    "alg" : "RS384",
    "n" : "rj4IfP-0kBebMgprfaP6zAQBLko-5gwJsKkkWc4j07iJhi3GQfCwpqDl7qe2VBDRtngUoq2gFVI4ZFzLx0KQakY8Pj-bszkmUh_pWvde292v25G7j0IOdTVfVp7752CbrdlSDmtBGtcqVPwAhCRu_uq-XklmQXT7WwoCEze86NkWRnosrWVwJ9UwqKH92LZ4FjzWz_uKWSwqcFgAy1OLZF8tcXnE6Wp_-gTKQrEONReCM-7MSXMp30La5YczN3zvIzmXvhh2AqPk1_lfHuYQBZkDq7qv0H1znfUXLTwErrqeci0TFh7x3qKpLZOUJ0aKnEtItrr9z-lVH_MdOg-UVQ"
  }, {
    "descr" : "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-512",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "3523039d-8ffe-4a4b-a120-85adb220cf32_sig_rs512",
    "x5c" : [ "MIIDCjCCAfKgAwIBAgIhAMFUYb/uIHwiU1QdG0jL8/Edp4tKsPWDsv4+nxiYQu9HMA0GCSqGSIb3DQEBDQUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE1WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE9+Dgb12Mvvrh4MfxCmXnNKhBA+TT4qkOK4gw9/4BDQue84qSLARdvoFY/Xny96gXNtJrxOLScEaQnn1288H/Vyfe1IfefsI1JuPAYX5U/Y4L33YkyL65ET522CA6UnGsKcYyd0ccTfwDEATWf4uA/wDiOmzDqhYZTGzNYTQ3Hq4sk4AROBdJqI9ahpdWfK6K63yRNAUuoU0w+Q3RViyx6IEtBr6pTdlXeGQUZLl88OeDlHIX60f6eCgHMh0M+zU9r7C/lbshgbhPVf9IOw0CH59BCDN4TK65ZbXDNisYnYUaFDibz5vw4sid+8vaYtkIBRSgtm5qounNOYjbHtpQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQENBQADggEBAJpysu8WKVaZDie//uFMME4pRrmU4c2RDCKo4d+QYSmgZewfqWoBv8pLUlXA6ltsWTd5yp23fbEr21oYQaRZNupgFPjgJHe4Dq6y1pbNCoQHIeiscG/s2ao5fC10X/jVlyTMCqZct7k2YiL7LFBuaIPNcyma5ttTQNohb96Jy9Is2xx2z8bC200K4OgE/kcgsHLyciJqzFQkI+eun6XR39WWGYJcoMB0yB21qy0tKYF0XAAylgqOuDB/kwCJhrgrXNxA5NqLQsoGngtItkTssxeiUoeeSjNhWgJQqwUSrFMcVyO8XZ6k1cHOwdgb0UuypY/NKnqdCHUukIUQPUrRUh4=" ],
    "name" : "id_token RS512 Sign Key",
    "exp" : 1672352901736,
    "alg" : "RS512",
    "n" : "wE9-Dgb12Mvvrh4MfxCmXnNKhBA-TT4qkOK4gw9_4BDQue84qSLARdvoFY_Xny96gXNtJrxOLScEaQnn1288H_Vyfe1IfefsI1JuPAYX5U_Y4L33YkyL65ET522CA6UnGsKcYyd0ccTfwDEATWf4uA_wDiOmzDqhYZTGzNYTQ3Hq4sk4AROBdJqI9ahpdWfK6K63yRNAUuoU0w-Q3RViyx6IEtBr6pTdlXeGQUZLl88OeDlHIX60f6eCgHMh0M-zU9r7C_lbshgbhPVf9IOw0CH59BCDN4TK65ZbXDNisYnYUaFDibz5vw4sid-8vaYtkIBRSgtm5qounNOYjbHtpQ"
  }, {
    "descr" : "Signature Key: ECDSA using P-256 (secp256r1) and SHA-256",
    "kty" : "EC",
    "use" : "sig",
    "crv" : "P-256",
    "kid" : "86f081d8-bcc4-4588-9897-79dd06a4ed95_sig_es256",
    "x5c" : [ "MIIBfzCCASSgAwIBAgIhAIpAc4YhyCTNuRCuKKOfes0QBTNox/hSYrGcyRc4fUVjMAoGCCqGSM49BAMCMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE2WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfqLAPJMsMVf1aRoY+nfo9orSeos+g1p+JdhDKJtL4h8nRfTBU9prV+be2ZwOpRDLfhg2ersD/LsVyNf8LYdbjaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMAoGCCqGSM49BAMCA0kAMEYCIQCStUjQohze32BKSn6SBHHCHXmVfY+kYbT2H1FWiItEtAIhAOWSpxUbRB6o7Xy6QsNBpyN3JS3YXVAzuJwbNwS8Adow" ],
    "name" : "id_token ES256 Sign Key",
    "x" : "fqLAPJMsMVf1aRoY-nfo9orSeos-g1p-JdhDKJtL4h8",
    "y" : "J0X0wVPaa1fm3tmcDqUQy34YNnq7A_y7FcjX_C2HW40",
    "exp" : 1672352901736,
    "alg" : "ES256"
  }, {
    "descr" : "Signature Key: ECDSA using P-384 (secp384r1) and SHA-384",
    "kty" : "EC",
    "use" : "sig",
    "crv" : "P-384",
    "kid" : "cbdad4e1-c417-4ab2-afb8-e2582256d1b8_sig_es384",
    "x5c" : [ "MIIBujCCAUCgAwIBAgIgIqK3hX28VBSS34zaW8BLU8vTrdAhXRtg2yyGjH2x3OUwCgYIKoZIzj0EAwMwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTZaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQ/ubE8rNWyg4brdBzmoE+8yksjf6j9/LjBWPiOkUiRdGTMCQY8pIbIiNiDwYHlX5/IDRVzr48fBx41UU0ye9TelCG/jChU3+qFiS6yicTOUZOuN8pOLUNAPfFYK9ZwbS6jJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADAKBggqhkjOPQQDAwNoADBlAjEA8lzHxaofLvVtWxJFOLd0CayeY/Z4tNSf1PWnn9KVlqjxUHs6jw/tOhqcyAlAlH5tAjAR2ruRbvbkOl7n6ckVqWh4nCMYJyQRSQdnX5ZWBcdQ2gcia3OK+gU3OBzjVdvoOEc=" ],
    "name" : "id_token ES384 Sign Key",
    "x" : "P7mxPKzVsoOG63Qc5qBPvMpLI3-o_fy4wVj4jpFIkXRkzAkGPKSGyIjYg8GB5V-f",
    "y" : "yA0Vc6-PHwceNVFNMnvU3pQhv4woVN_qhYkusonEzlGTrjfKTi1DQD3xWCvWcG0u",
    "exp" : 1672352901736,
    "alg" : "ES384"
  }, {
    "descr" : "Signature Key: ECDSA using P-521 (secp521r1) and SHA-512",
    "kty" : "EC",
    "use" : "sig",
    "crv" : "P-521",
    "kid" : "932692bc-7e99-40d0-b114-e6f9882b59a4_sig_es512",
    "x5c" : [ "MIICBTCCAWagAwIBAgIgB426X6D0s3wAu+j+U1IRPdbXZq8ulFuGQinRskqmMzcwCgYIKoZIzj0EAwQwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTZaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABADykMhD0KcQQYWHE6se903Ibrx4sHSgKJxPqBY2X9IYxcObum1LnCAw/p2jdzEkPJuLam1PAZwK3gJYPfamdMUG9wEvt63FBk8BcOLfyhHa/1xr7DQEen/abGt7nibru7+Ml4M8p7hzJ4Vp/nJ0gEcBxdIuhoxGNw+/BxasznbcvXXt16MnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMAoGCCqGSM49BAMEA4GMADCBiAJCALek46bgchW5xotGrBH7PI5afn7Q3HX6W2yG00rI6nboddFhQJbncBdvAwpNzdXew4LdzIQaXwyAGkqWU+Ni6KYPAkIBBV8bG9hYYaxz8WscM8dXKiGFVwKkd6gidtoIhQpTozvMynxGqGc1WA/LySFxXh7URFyh3HYv2PMzr2ThQOKVDok=" ],
    "name" : "id_token ES512 Sign Key",
    "x" : "8pDIQ9CnEEGFhxOrHvdNyG68eLB0oCicT6gWNl_SGMXDm7ptS5wgMP6do3cxJDybi2ptTwGcCt4CWD32pnTFBvc",
    "y" : "AS-3rcUGTwFw4t_KEdr_XGvsNAR6f9psa3ueJuu7v4yXgzynuHMnhWn-cnSARwHF0i6GjEY3D78HFqzOdty9de3X",
    "exp" : 1672352901736,
    "alg" : "ES512"
  }, {
    "descr" : "Signature Key: RSASSA-PSS using SHA-256 and MGF1 with SHA-256",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "654bd47a-5581-48cc-af8a-fe5eca5e6fb6_sig_ps256",
    "x5c" : [ "MIIDcjCCAiagAwIBAgIhAKFEgEB3j/IEo+dm14wePOEfAkPrN9Muq27xxWDbCjOXMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxN1oXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDLLDxA9jaH/QkHuwNqNjSSSOZmblIEntX5VR7Bg10oALY1xk03kGZXfpidHgHSXCUB3GozixLqwGv5p2h1+v14EViWefyu/N6yo2N2M6QldSJcuUpx5/hLQGsW8POFd+cUduOsXCEFWgcdh7qcmhfsUoHyptFM3q1CAlKMI3rT8ss6YOArtUNlJSmk+4j026HEyBTC4/nNlnlAJRGWt2eLGOChhZMamfId0AbuFeR7+QiwaMDFf86wKt6tPfzKzEuVWqAxOqTg40Agprcw3pugmmXPvVj5msdBfIFSzzQGK4Y64ImOsJi2vRPRpBHumC8BeOjdps/mr1c9ERLaTe8CAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIAOCAQEAN1mVpdZq+h5TziBnn52HpjU45FCfjBQKIR6r6mi/gIVqbMqbUwsULjLW5ClhbezFyVRvyhNajsElmWKUXLAsecxTRBx5tJOnWUVWmc26VIZckGGON4qxlgsUMqf+qzGs4MsLWhTDUbiqBfRjaNIW355DGvPRv7L2gbZRw9LiJqca5ueXsk7BIl8p8KbYAt/0BJDMN4c4Y636M866CBnw6iLX3qOtLQWWrPhW6oLyvsJQqqwyt89AZXyVl/cp8uluEAiZ+Hmwlc5G2LN7oiIFqEHR5QlgpDnRf66TJH058lbfI6MKgMDV+qhaqyyFOIoQ0lXTLSymGmadsIncDFC7Og==" ],
    "name" : "id_token PS256 Sign Key",
    "exp" : 1672352901736,
    "alg" : "PS256",
    "n" : "wMssPED2Nof9CQe7A2o2NJJI5mZuUgSe1flVHsGDXSgAtjXGTTeQZld-mJ0eAdJcJQHcajOLEurAa_mnaHX6_XgRWJZ5_K783rKjY3YzpCV1Ily5SnHn-EtAaxbw84V35xR246xcIQVaBx2HupyaF-xSgfKm0UzerUICUowjetPyyzpg4Cu1Q2UlKaT7iPTbocTIFMLj-c2WeUAlEZa3Z4sY4KGFkxqZ8h3QBu4V5Hv5CLBowMV_zrAq3q09_MrMS5VaoDE6pODjQCCmtzDem6CaZc-9WPmax0F8gVLPNAYrhjrgiY6wmLa9E9GkEe6YLwF46N2mz-avVz0REtpN7w"
  }, {
    "descr" : "Signature Key: RSASSA-PSS using SHA-384 and MGF1 with SHA-384",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "a3f507e2-2f98-4c53-a259-43a44605b2a6_sig_ps384",
    "x5c" : [ "MIIDcjCCAiagAwIBAgIhAOyRZ1+oW7esPyHAJhpNB01lDrqAJ84H19gWtXD3aIeVMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxN1oXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1Q+eZ/kmh6cX8Rkt1Bo7NmzjUuff5rHMSUZCKG1Z8+qQ3B6jloX06Xedaate2KYeuhcKIoYKFZRZnO04/jzxyJMtHpRj6chZwq5Q68/WNUrYPzkgvtcupgBOCvv8pybKNEJYaZiKFrmi7ejdsORb/m09TaaKe2985/f5vpU3vg8eFrzvULyYtSsgE6RMzwjAPmKRkJKuMsJ8AsJ10YgD8B6Qya27pgq6TQ4dfmsMlv3kiFzwwNxLV4j6hJ9mR6f4+KdP3AZMd1IieVjeLlI1sH0rcjvBOc7MGScUJHk9Vv2CwgA9VkhYzCyRSZKRyHDhfEgFP37zYDfzXh0wONRUECAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMAOCAQEAcbyNW53i/aRbR4dSWeMD19YvD1B2TAArfwba9yJ5+SGlcQxGDVSbxlSBdMuzKqazvsNYbF8zLGK7waLM/dPFjZaQTwaGA3BIvubYY93MQChOGiflzTwMv9b7WDu6RqpF3akHPvAnvfU5gHc0iMekQYgkAtZRM2k5aV3z0RtXDhFaMqL103K20IB16HEXmxoBFX/p/fvL0zhAw4vnOFiBCiFstBRNjcaH8yuRSJorl1y4SLuaFYWJ/PMAQviFW6Kj2q0UNRdkQkXXlxwQX7NwoOw1yH+CgK868ntKbfpr8xD04mlI+V3ckeKnpMb++5Y7DmLEs4q7yNAT3fg7wgrMCg==" ],
    "name" : "id_token PS384 Sign Key",
    "exp" : 1672352901736,
    "alg" : "PS384",
    "n" : "rVD55n-SaHpxfxGS3UGjs2bONS59_mscxJRkIobVnz6pDcHqOWhfTpd51pq17Yph66FwoihgoVlFmc7Tj-PPHIky0elGPpyFnCrlDrz9Y1Stg_OSC-1y6mAE4K-_ynJso0QlhpmIoWuaLt6N2w5Fv-bT1Npop7b3zn9_m-lTe-Dx4WvO9QvJi1KyATpEzPCMA-YpGQkq4ywnwCwnXRiAPwHpDJrbumCrpNDh1-awyW_eSIXPDA3EtXiPqEn2ZHp_j4p0_cBkx3UiJ5WN4uUjWwfStyO8E5zswZJxQkeT1W_YLCAD1WSFjMLJFJkpHIcOF8SAU_fvNgN_NeHTA41FQQ"
  }, {
    "descr" : "Signature Key: RSASSA-PSS using SHA-512 and MGF1 with SHA-512",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "sig",
    "kid" : "e2a747b9-f782-4a18-af5c-ab0705653f43_sig_ps512",
    "x5c" : [ "MIIDcjCCAiagAwIBAgIhANlkL3IhK1zhUlrVLBSWtZRxKeWoOXPeiCSmau9sMJtFMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIBQDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxOFoXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJlJp3TPXGK7ZEl0X4uIC2JoRCipkpqRTIfvoJf3qnejreFpRNmYBHMagpZ+Eb8CPOUWhOiXut+SeN1CVtmxUoHNhE8EdERhm/dYGY4Isec4IH8qeLf3Jfn5HiDtyTmZeV17eAxGIGc6UVeOQp+1Vfgd/MgC1o+MLXP6FEkfkwoNcZbYeTJ0yOA7vbH0V+lY9Qg5iFCpQu/r2c46kGTgcjqll2NVg5cHzAPC927tYq6wjSe9PVeBAtZ2vVL8b2LdMywlVmYHguBOOnVrM/d1L3ce0IAOknLHgxGcJj1tMXlnJXPBYG89U3qQfkCoBBzS9NtJCElbHZrVbLgkgCg8XN0CAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIBQAOCAQEASwmflWG3KKFkuy6k5lFKZEk0nYJubqhAgvW8pxI1oiGDBI6kmsX+N1765DBH9zSk/j/3v3q33AMoAiJBrguTOwi/4KfEQTdB7NxWkrsn4m6EHKvUTHvqLHl0n9cxWeGomYmMB3TeoV99FOIi4X8YNaVShZQmYeHZdPJ9iapN8GIDld+oyCEcngiw85/VV+yXKZ+buTiaG5nuiIukZOIZDyqYLWuHMnVsPfOYuyGivzxaz28tRQ+nh+MD+iFLaSn7JWVc0LgGrWE+xHqMZMTINjmE6+E9JHwpmOJjtYartAEW3NrvXae8hXdwYavXcczlabHYIF1lc0L2S+NWyGGWsw==" ],
    "name" : "id_token PS512 Sign Key",
    "exp" : 1672352901736,
    "alg" : "PS512",
    "n" : "mUmndM9cYrtkSXRfi4gLYmhEKKmSmpFMh--gl_eqd6Ot4WlE2ZgEcxqCln4RvwI85RaE6Je635J43UJW2bFSgc2ETwR0RGGb91gZjgix5zggfyp4t_cl-fkeIO3JOZl5XXt4DEYgZzpRV45Cn7VV-B38yALWj4wtc_oUSR-TCg1xlth5MnTI4Du9sfRX6Vj1CDmIUKlC7-vZzjqQZOByOqWXY1WDlwfMA8L3bu1irrCNJ709V4EC1na9UvxvYt0zLCVWZgeC4E46dWsz93Uvdx7QgA6ScseDEZwmPW0xeWclc8Fgbz1TepB-QKgEHNL020kISVsdmtVsuCSAKDxc3Q"
  }, {
    "descr" : "Encryption Key: RSAES-PKCS1-v1_5",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "enc",
    "kid" : "c49ea9b8-b080-4176-84d4-9b2ad0b95c6e_enc_rsa1_5",
    "x5c" : [ "MIIDCTCCAfGgAwIBAgIgaPBB5IhZ5wiEsUBDZUkpRnjBqRg4UohlszaHbuUdoq0wDQYJKoZIhvcNAQELBQAwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MThaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfR6rpxMYmYRM7g3H8xNYBPUwD2zN5ulX47O/fCNZOrawlWBN9LxLz+Qd9yiUb8uYWsuuFberaSfEXwag5gSBDOHI6V56ybJCf08bYOeJqqFOGqb76mugDPo77KOoWdW3eVk3Fow6GVq4R+qdE4auxlvKz6WFg1EWpG/qDcwdGupLh+8ekRweO/3F5+nqD0ynnFVNfzGRL+YSJK6cU+/gJ2nzlqIkqWDpZPLCQ+LTVFQpMzECNTiCtQ+v4l6jw2ztVop0gnve8HYUz054yuI7n2z3JEfFM9oXEI+er3MsDPMj4fNwyUSsY1L7TUWE9HKwfuag+xnPXxRTY+Qj32gSFAgMBAAGjJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADANBgkqhkiG9w0BAQsFAAOCAQEAcJbqBO2i/APm2oO0TvOlvxGhUYaQL8Zsh4n14cDDvzygneWYxkYrIZeqEpmnu4VY98zWtY7151E98CmGoIPdd5epLqYXozl20DHBG1SNhZVgaxGdJvR1cJbFb9/Ux2e2nYCkM33eRu5FKFyuTAkWYypQWA6kXw+yduCcr67EzUrV7jsWvDQYaW8EeL02mjB+xxdCZhL7bq4sTLvm1RBlhr/MKQnARgfMDzn1NfSKvuwg1OYFf5pfl9hiT7ts2ugmF7fhzFXYBQzpjxzk26f2s2vCSnaI8bBWIFYsRe46AcP3nPDxvi+PBHCvVll3NpG32OL+rDDjz4BaqTd7LzVyVw==" ],
    "name" : "id_token RSA1_5 Encryption Key",
    "exp" : 1672352901736,
    "alg" : "RSA1_5",
    "n" : "n0eq6cTGJmETO4Nx_MTWAT1MA9szebpV-Ozv3wjWTq2sJVgTfS8S8_kHfcolG_LmFrLrhW3q2knxF8GoOYEgQzhyOleesmyQn9PG2DniaqhThqm--proAz6O-yjqFnVt3lZNxaMOhlauEfqnROGrsZbys-lhYNRFqRv6g3MHRrqS4fvHpEcHjv9xefp6g9Mp5xVTX8xkS_mEiSunFPv4Cdp85aiJKlg6WTywkPi01RUKTMxAjU4grUPr-Jeo8Ns7VaKdIJ73vB2FM9OeMriO59s9yRHxTPaFxCPnq9zLAzzI-HzcMlErGNS-01FhPRysH7moPsZz18UU2PkI99oEhQ"
  }, {
    "descr" : "Encryption Key: RSAES OAEP using default parameters",
    "kty" : "RSA",
    "e" : "AQAB",
    "use" : "enc",
    "kid" : "3b4aa911-1b16-45eb-99c3-f9f8177f8e01_enc_rsa-oaep",
    "x5c" : [ "MIIDCjCCAfKgAwIBAgIhAI1Zb5nKeDJ6pa0AU/SLXbI+nUynCHcFzJH3hTH8wsmGMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE5WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmutMdQS7AoEa6OlLW8kFuKqjCC8+My6CXBqHHiKHIen0ZAXe9/VE68FBrX/1e128kR3mnbNYYpTbFv/TxB5H7lkG9v/OojmhhllYGzBPdSawkFM4KzU2KWRT5yKYrjzjNA2W5Z1N6kpETycOjzX4GfAd7TO4YuJcO/yXVSsty6ByU1/btgKCq36cgDN7VnDpIi/m2xr/awfBgf2AnteEO9Me1JWvSP7AGeUGssMbPUMp5Gqi0wYbXUuijUm3InR3gbOE+IDU/6Dd/hJuS4LxM1sAz1sqd8nzVRgnr0mWnsBbD7mMB6RVKTysgZ1AAPZ3t9sHnfbODG2Qr07laKOkUQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBAHqinzEXi+uTdjl5DDE2lVS6Po8Ze4/EHb6wSPgIJjDUyEf5KH7AGEOlmuKtuzy7m5v+WIOHyR3NOfEIlNhQ1e65ZbrvKWlBc2uxFMtdK9EZFKEo4IlrX5kalq4c+yGJlSGG+4Xt5G+tyCQOc4V3OZ9qIbCZyrKCrwWWer8u2rV759nGM7rWM/317fNKeTUB3og+J1paNBkauqPMQtfiC5UvIPyKdZlY1Ed6nOovHCMZLhQogLNuUpc15IFofJWv3/+h+7NYfKZxRNotOWo5jh69VcyUdlo/y5OdIYDWiqO5IU0g5G+zXqnbrlW9da9nF6j4U9cMI5oJUK95hEiZDTI=" ],
    "name" : "id_token RSA-OAEP Encryption Key",
    "exp" : 1672352901736,
    "alg" : "RSA-OAEP",
    "n" : "mutMdQS7AoEa6OlLW8kFuKqjCC8-My6CXBqHHiKHIen0ZAXe9_VE68FBrX_1e128kR3mnbNYYpTbFv_TxB5H7lkG9v_OojmhhllYGzBPdSawkFM4KzU2KWRT5yKYrjzjNA2W5Z1N6kpETycOjzX4GfAd7TO4YuJcO_yXVSsty6ByU1_btgKCq36cgDN7VnDpIi_m2xr_awfBgf2AnteEO9Me1JWvSP7AGeUGssMbPUMp5Gqi0wYbXUuijUm3InR3gbOE-IDU_6Dd_hJuS4LxM1sAz1sqd8nzVRgnr0mWnsBbD7mMB6RVKTysgZ1AAPZ3t9sHnfbODG2Qr07laKOkUQ"
  } ]
}
2022-12-27 23:26:47 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "descr": "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-256",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "93bd7998-f8dd-4edc-bb37-849df3f455a5_sig_rs256",
      "x5c": [
        "MIIDCjCCAfKgAwIBAgIhANZZGCKw3evdv5mhxa+Owtyr7W/kQvm7q6xJHCt1pmrVMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODEyWhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysgE4ddJOErxmaIJab7bUsRXmaX5wzwn3Mv1OuTDoKmJBzTROxdNwpaGOZxeh+KdGTq29kdgAooA8+WpR+P769aIxjzG1M7b8yXI6AQ9vEWfRGQlDUgchLwxK94M7RLt9Fl1xN6fxtm/OaLx/1JI80ptjcxL/10JQQz4Y7RW6NNV+7kJiCdzHk1CQ5cnd/RvyeMCChhEWr6rRn0+CLLL3HFUwnLBtishbtGxcWbmZK4oA00bB6XsbYhybDPdNEmjCesbl5tcOe6eNN1h6v/gaCWYR3gAd0O26TKwT1w/p6DvBG985w25C4oPPdXOY4VMxtO/xXgKsvMK0g8mD+X5fQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBADwrX2PzJ5ee78Cs0kV6DlLJbNdn9QWxgmRKHTzSR1fkcGKZ4r4HYvy7I0RETY63CPOXda59Dpl506Ur+d89GILXKBIR+VDGs6rqzc0IgthAbyTMWnm718LajfvOLCBg1k2pDDuVwzppt+EwCnOIulXWsO2SiWQYHVrNH7j6c9Mec9lW34VlLSxtk8oYY5MlGai+LBQbnCRODWfwLjgtr0vgm/XcuvdV2HAy2UBWZcN/7Gn6UnO20WWp3OvA0hVBok/SDosK0YNxZSxqB4jVkc+u7sUXUn+l4hYJziQUnsvPprJaRSjwl4R0YivNyVAlkqRr6s8wnHLTZG1tLZIr4Ok\u003d"
      ],
      "name": "id_token RS256 Sign Key",
      "exp": 1672352901736,
      "alg": "RS256",
      "n": "ysgE4ddJOErxmaIJab7bUsRXmaX5wzwn3Mv1OuTDoKmJBzTROxdNwpaGOZxeh-KdGTq29kdgAooA8-WpR-P769aIxjzG1M7b8yXI6AQ9vEWfRGQlDUgchLwxK94M7RLt9Fl1xN6fxtm_OaLx_1JI80ptjcxL_10JQQz4Y7RW6NNV-7kJiCdzHk1CQ5cnd_RvyeMCChhEWr6rRn0-CLLL3HFUwnLBtishbtGxcWbmZK4oA00bB6XsbYhybDPdNEmjCesbl5tcOe6eNN1h6v_gaCWYR3gAd0O26TKwT1w_p6DvBG985w25C4oPPdXOY4VMxtO_xXgKsvMK0g8mD-X5fQ"
    },
    {
      "descr": "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-384",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "7dd2426e-7151-4592-93b7-95b2a12f6d95_sig_rs384",
      "x5c": [
        "MIIDCTCCAfGgAwIBAgIgSFu2fF5bmpLrvSWuRRlmiWJPqqoAksY2907d/Newfc4wDQYJKoZIhvcNAQEMBQAwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTVaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuPgh8/7SQF5syCmt9o/rMBAEuSj7mDAmwqSRZziPTuImGLcZB8LCmoOXup7ZUENG2eBSiraAVUjhkXMvHQpBqRjw+P5uzOSZSH+la917b3a/bkbuPQg51NV9WnvvnYJut2VIOa0Ea1ypU/ACEJG7+6r5eSWZBdPtbCgITN7zo2RZGeiytZXAn1TCoof3YtngWPNbP+4pZLCpwWADLU4tkXy1xecTpan/6BMpCsQ41F4Iz7sxJcynfQtrlhzM3fO8jOZe+GHYCo+TX+V8e5hAFmQOruq/QfXOd9RctPASuup5yLRMWHvHeoqktk5QnRoqcS0i2uv3P6VUf8x06D5RVAgMBAAGjJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADANBgkqhkiG9w0BAQwFAAOCAQEAiv7pyFEFaKvXQrBFdNI+o1vOpWym7+EFyCS2E2+YzRkCXmFbqJfxDKL8ZCmTms5Y06U1rDaJXCUT/L3gVT4YDKbbEGY7rVyFiSVGsGVba+xcd8RsXz7EVObPiBvmLM96YPqVjxHGt/lSzDe08cNt9BIfs2NoMgiNxE1/b8P0hiRAC+pbJASH4y3NINjoupEVF19Tz3nibTEwLOmvLtNgZQW+I6CQPT4t54QlffQkf957rwZu4kr1Oe+G2s2xdlE0GzxwOnEVeDzQilLODqrbGYQNjGXZme3wa1qSUOAaJ+UCgcF2ivutVjqR6e3qnXunT40HnynD8x9AhFJmB/2Gyg\u003d\u003d"
      ],
      "name": "id_token RS384 Sign Key",
      "exp": 1672352901736,
      "alg": "RS384",
      "n": "rj4IfP-0kBebMgprfaP6zAQBLko-5gwJsKkkWc4j07iJhi3GQfCwpqDl7qe2VBDRtngUoq2gFVI4ZFzLx0KQakY8Pj-bszkmUh_pWvde292v25G7j0IOdTVfVp7752CbrdlSDmtBGtcqVPwAhCRu_uq-XklmQXT7WwoCEze86NkWRnosrWVwJ9UwqKH92LZ4FjzWz_uKWSwqcFgAy1OLZF8tcXnE6Wp_-gTKQrEONReCM-7MSXMp30La5YczN3zvIzmXvhh2AqPk1_lfHuYQBZkDq7qv0H1znfUXLTwErrqeci0TFh7x3qKpLZOUJ0aKnEtItrr9z-lVH_MdOg-UVQ"
    },
    {
      "descr": "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-512",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "3523039d-8ffe-4a4b-a120-85adb220cf32_sig_rs512",
      "x5c": [
        "MIIDCjCCAfKgAwIBAgIhAMFUYb/uIHwiU1QdG0jL8/Edp4tKsPWDsv4+nxiYQu9HMA0GCSqGSIb3DQEBDQUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE1WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE9+Dgb12Mvvrh4MfxCmXnNKhBA+TT4qkOK4gw9/4BDQue84qSLARdvoFY/Xny96gXNtJrxOLScEaQnn1288H/Vyfe1IfefsI1JuPAYX5U/Y4L33YkyL65ET522CA6UnGsKcYyd0ccTfwDEATWf4uA/wDiOmzDqhYZTGzNYTQ3Hq4sk4AROBdJqI9ahpdWfK6K63yRNAUuoU0w+Q3RViyx6IEtBr6pTdlXeGQUZLl88OeDlHIX60f6eCgHMh0M+zU9r7C/lbshgbhPVf9IOw0CH59BCDN4TK65ZbXDNisYnYUaFDibz5vw4sid+8vaYtkIBRSgtm5qounNOYjbHtpQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQENBQADggEBAJpysu8WKVaZDie//uFMME4pRrmU4c2RDCKo4d+QYSmgZewfqWoBv8pLUlXA6ltsWTd5yp23fbEr21oYQaRZNupgFPjgJHe4Dq6y1pbNCoQHIeiscG/s2ao5fC10X/jVlyTMCqZct7k2YiL7LFBuaIPNcyma5ttTQNohb96Jy9Is2xx2z8bC200K4OgE/kcgsHLyciJqzFQkI+eun6XR39WWGYJcoMB0yB21qy0tKYF0XAAylgqOuDB/kwCJhrgrXNxA5NqLQsoGngtItkTssxeiUoeeSjNhWgJQqwUSrFMcVyO8XZ6k1cHOwdgb0UuypY/NKnqdCHUukIUQPUrRUh4\u003d"
      ],
      "name": "id_token RS512 Sign Key",
      "exp": 1672352901736,
      "alg": "RS512",
      "n": "wE9-Dgb12Mvvrh4MfxCmXnNKhBA-TT4qkOK4gw9_4BDQue84qSLARdvoFY_Xny96gXNtJrxOLScEaQnn1288H_Vyfe1IfefsI1JuPAYX5U_Y4L33YkyL65ET522CA6UnGsKcYyd0ccTfwDEATWf4uA_wDiOmzDqhYZTGzNYTQ3Hq4sk4AROBdJqI9ahpdWfK6K63yRNAUuoU0w-Q3RViyx6IEtBr6pTdlXeGQUZLl88OeDlHIX60f6eCgHMh0M-zU9r7C_lbshgbhPVf9IOw0CH59BCDN4TK65ZbXDNisYnYUaFDibz5vw4sid-8vaYtkIBRSgtm5qounNOYjbHtpQ"
    },
    {
      "descr": "Signature Key: ECDSA using P-256 (secp256r1) and SHA-256",
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "86f081d8-bcc4-4588-9897-79dd06a4ed95_sig_es256",
      "x5c": [
        "MIIBfzCCASSgAwIBAgIhAIpAc4YhyCTNuRCuKKOfes0QBTNox/hSYrGcyRc4fUVjMAoGCCqGSM49BAMCMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE2WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfqLAPJMsMVf1aRoY+nfo9orSeos+g1p+JdhDKJtL4h8nRfTBU9prV+be2ZwOpRDLfhg2ersD/LsVyNf8LYdbjaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMAoGCCqGSM49BAMCA0kAMEYCIQCStUjQohze32BKSn6SBHHCHXmVfY+kYbT2H1FWiItEtAIhAOWSpxUbRB6o7Xy6QsNBpyN3JS3YXVAzuJwbNwS8Adow"
      ],
      "name": "id_token ES256 Sign Key",
      "x": "fqLAPJMsMVf1aRoY-nfo9orSeos-g1p-JdhDKJtL4h8",
      "y": "J0X0wVPaa1fm3tmcDqUQy34YNnq7A_y7FcjX_C2HW40",
      "exp": 1672352901736,
      "alg": "ES256"
    },
    {
      "descr": "Signature Key: ECDSA using P-384 (secp384r1) and SHA-384",
      "kty": "EC",
      "use": "sig",
      "crv": "P-384",
      "kid": "cbdad4e1-c417-4ab2-afb8-e2582256d1b8_sig_es384",
      "x5c": [
        "MIIBujCCAUCgAwIBAgIgIqK3hX28VBSS34zaW8BLU8vTrdAhXRtg2yyGjH2x3OUwCgYIKoZIzj0EAwMwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTZaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQ/ubE8rNWyg4brdBzmoE+8yksjf6j9/LjBWPiOkUiRdGTMCQY8pIbIiNiDwYHlX5/IDRVzr48fBx41UU0ye9TelCG/jChU3+qFiS6yicTOUZOuN8pOLUNAPfFYK9ZwbS6jJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADAKBggqhkjOPQQDAwNoADBlAjEA8lzHxaofLvVtWxJFOLd0CayeY/Z4tNSf1PWnn9KVlqjxUHs6jw/tOhqcyAlAlH5tAjAR2ruRbvbkOl7n6ckVqWh4nCMYJyQRSQdnX5ZWBcdQ2gcia3OK+gU3OBzjVdvoOEc\u003d"
      ],
      "name": "id_token ES384 Sign Key",
      "x": "P7mxPKzVsoOG63Qc5qBPvMpLI3-o_fy4wVj4jpFIkXRkzAkGPKSGyIjYg8GB5V-f",
      "y": "yA0Vc6-PHwceNVFNMnvU3pQhv4woVN_qhYkusonEzlGTrjfKTi1DQD3xWCvWcG0u",
      "exp": 1672352901736,
      "alg": "ES384"
    },
    {
      "descr": "Signature Key: ECDSA using P-521 (secp521r1) and SHA-512",
      "kty": "EC",
      "use": "sig",
      "crv": "P-521",
      "kid": "932692bc-7e99-40d0-b114-e6f9882b59a4_sig_es512",
      "x5c": [
        "MIICBTCCAWagAwIBAgIgB426X6D0s3wAu+j+U1IRPdbXZq8ulFuGQinRskqmMzcwCgYIKoZIzj0EAwQwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTZaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABADykMhD0KcQQYWHE6se903Ibrx4sHSgKJxPqBY2X9IYxcObum1LnCAw/p2jdzEkPJuLam1PAZwK3gJYPfamdMUG9wEvt63FBk8BcOLfyhHa/1xr7DQEen/abGt7nibru7+Ml4M8p7hzJ4Vp/nJ0gEcBxdIuhoxGNw+/BxasznbcvXXt16MnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMAoGCCqGSM49BAMEA4GMADCBiAJCALek46bgchW5xotGrBH7PI5afn7Q3HX6W2yG00rI6nboddFhQJbncBdvAwpNzdXew4LdzIQaXwyAGkqWU+Ni6KYPAkIBBV8bG9hYYaxz8WscM8dXKiGFVwKkd6gidtoIhQpTozvMynxGqGc1WA/LySFxXh7URFyh3HYv2PMzr2ThQOKVDok\u003d"
      ],
      "name": "id_token ES512 Sign Key",
      "x": "8pDIQ9CnEEGFhxOrHvdNyG68eLB0oCicT6gWNl_SGMXDm7ptS5wgMP6do3cxJDybi2ptTwGcCt4CWD32pnTFBvc",
      "y": "AS-3rcUGTwFw4t_KEdr_XGvsNAR6f9psa3ueJuu7v4yXgzynuHMnhWn-cnSARwHF0i6GjEY3D78HFqzOdty9de3X",
      "exp": 1672352901736,
      "alg": "ES512"
    },
    {
      "descr": "Signature Key: RSASSA-PSS using SHA-256 and MGF1 with SHA-256",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "654bd47a-5581-48cc-af8a-fe5eca5e6fb6_sig_ps256",
      "x5c": [
        "MIIDcjCCAiagAwIBAgIhAKFEgEB3j/IEo+dm14wePOEfAkPrN9Muq27xxWDbCjOXMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxN1oXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDLLDxA9jaH/QkHuwNqNjSSSOZmblIEntX5VR7Bg10oALY1xk03kGZXfpidHgHSXCUB3GozixLqwGv5p2h1+v14EViWefyu/N6yo2N2M6QldSJcuUpx5/hLQGsW8POFd+cUduOsXCEFWgcdh7qcmhfsUoHyptFM3q1CAlKMI3rT8ss6YOArtUNlJSmk+4j026HEyBTC4/nNlnlAJRGWt2eLGOChhZMamfId0AbuFeR7+QiwaMDFf86wKt6tPfzKzEuVWqAxOqTg40Agprcw3pugmmXPvVj5msdBfIFSzzQGK4Y64ImOsJi2vRPRpBHumC8BeOjdps/mr1c9ERLaTe8CAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIAOCAQEAN1mVpdZq+h5TziBnn52HpjU45FCfjBQKIR6r6mi/gIVqbMqbUwsULjLW5ClhbezFyVRvyhNajsElmWKUXLAsecxTRBx5tJOnWUVWmc26VIZckGGON4qxlgsUMqf+qzGs4MsLWhTDUbiqBfRjaNIW355DGvPRv7L2gbZRw9LiJqca5ueXsk7BIl8p8KbYAt/0BJDMN4c4Y636M866CBnw6iLX3qOtLQWWrPhW6oLyvsJQqqwyt89AZXyVl/cp8uluEAiZ+Hmwlc5G2LN7oiIFqEHR5QlgpDnRf66TJH058lbfI6MKgMDV+qhaqyyFOIoQ0lXTLSymGmadsIncDFC7Og\u003d\u003d"
      ],
      "name": "id_token PS256 Sign Key",
      "exp": 1672352901736,
      "alg": "PS256",
      "n": "wMssPED2Nof9CQe7A2o2NJJI5mZuUgSe1flVHsGDXSgAtjXGTTeQZld-mJ0eAdJcJQHcajOLEurAa_mnaHX6_XgRWJZ5_K783rKjY3YzpCV1Ily5SnHn-EtAaxbw84V35xR246xcIQVaBx2HupyaF-xSgfKm0UzerUICUowjetPyyzpg4Cu1Q2UlKaT7iPTbocTIFMLj-c2WeUAlEZa3Z4sY4KGFkxqZ8h3QBu4V5Hv5CLBowMV_zrAq3q09_MrMS5VaoDE6pODjQCCmtzDem6CaZc-9WPmax0F8gVLPNAYrhjrgiY6wmLa9E9GkEe6YLwF46N2mz-avVz0REtpN7w"
    },
    {
      "descr": "Signature Key: RSASSA-PSS using SHA-384 and MGF1 with SHA-384",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a3f507e2-2f98-4c53-a259-43a44605b2a6_sig_ps384",
      "x5c": [
        "MIIDcjCCAiagAwIBAgIhAOyRZ1+oW7esPyHAJhpNB01lDrqAJ84H19gWtXD3aIeVMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxN1oXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1Q+eZ/kmh6cX8Rkt1Bo7NmzjUuff5rHMSUZCKG1Z8+qQ3B6jloX06Xedaate2KYeuhcKIoYKFZRZnO04/jzxyJMtHpRj6chZwq5Q68/WNUrYPzkgvtcupgBOCvv8pybKNEJYaZiKFrmi7ejdsORb/m09TaaKe2985/f5vpU3vg8eFrzvULyYtSsgE6RMzwjAPmKRkJKuMsJ8AsJ10YgD8B6Qya27pgq6TQ4dfmsMlv3kiFzwwNxLV4j6hJ9mR6f4+KdP3AZMd1IieVjeLlI1sH0rcjvBOc7MGScUJHk9Vv2CwgA9VkhYzCyRSZKRyHDhfEgFP37zYDfzXh0wONRUECAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMAOCAQEAcbyNW53i/aRbR4dSWeMD19YvD1B2TAArfwba9yJ5+SGlcQxGDVSbxlSBdMuzKqazvsNYbF8zLGK7waLM/dPFjZaQTwaGA3BIvubYY93MQChOGiflzTwMv9b7WDu6RqpF3akHPvAnvfU5gHc0iMekQYgkAtZRM2k5aV3z0RtXDhFaMqL103K20IB16HEXmxoBFX/p/fvL0zhAw4vnOFiBCiFstBRNjcaH8yuRSJorl1y4SLuaFYWJ/PMAQviFW6Kj2q0UNRdkQkXXlxwQX7NwoOw1yH+CgK868ntKbfpr8xD04mlI+V3ckeKnpMb++5Y7DmLEs4q7yNAT3fg7wgrMCg\u003d\u003d"
      ],
      "name": "id_token PS384 Sign Key",
      "exp": 1672352901736,
      "alg": "PS384",
      "n": "rVD55n-SaHpxfxGS3UGjs2bONS59_mscxJRkIobVnz6pDcHqOWhfTpd51pq17Yph66FwoihgoVlFmc7Tj-PPHIky0elGPpyFnCrlDrz9Y1Stg_OSC-1y6mAE4K-_ynJso0QlhpmIoWuaLt6N2w5Fv-bT1Npop7b3zn9_m-lTe-Dx4WvO9QvJi1KyATpEzPCMA-YpGQkq4ywnwCwnXRiAPwHpDJrbumCrpNDh1-awyW_eSIXPDA3EtXiPqEn2ZHp_j4p0_cBkx3UiJ5WN4uUjWwfStyO8E5zswZJxQkeT1W_YLCAD1WSFjMLJFJkpHIcOF8SAU_fvNgN_NeHTA41FQQ"
    },
    {
      "descr": "Signature Key: RSASSA-PSS using SHA-512 and MGF1 with SHA-512",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e2a747b9-f782-4a18-af5c-ab0705653f43_sig_ps512",
      "x5c": [
        "MIIDcjCCAiagAwIBAgIhANlkL3IhK1zhUlrVLBSWtZRxKeWoOXPeiCSmau9sMJtFMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIBQDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxOFoXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJlJp3TPXGK7ZEl0X4uIC2JoRCipkpqRTIfvoJf3qnejreFpRNmYBHMagpZ+Eb8CPOUWhOiXut+SeN1CVtmxUoHNhE8EdERhm/dYGY4Isec4IH8qeLf3Jfn5HiDtyTmZeV17eAxGIGc6UVeOQp+1Vfgd/MgC1o+MLXP6FEkfkwoNcZbYeTJ0yOA7vbH0V+lY9Qg5iFCpQu/r2c46kGTgcjqll2NVg5cHzAPC927tYq6wjSe9PVeBAtZ2vVL8b2LdMywlVmYHguBOOnVrM/d1L3ce0IAOknLHgxGcJj1tMXlnJXPBYG89U3qQfkCoBBzS9NtJCElbHZrVbLgkgCg8XN0CAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIBQAOCAQEASwmflWG3KKFkuy6k5lFKZEk0nYJubqhAgvW8pxI1oiGDBI6kmsX+N1765DBH9zSk/j/3v3q33AMoAiJBrguTOwi/4KfEQTdB7NxWkrsn4m6EHKvUTHvqLHl0n9cxWeGomYmMB3TeoV99FOIi4X8YNaVShZQmYeHZdPJ9iapN8GIDld+oyCEcngiw85/VV+yXKZ+buTiaG5nuiIukZOIZDyqYLWuHMnVsPfOYuyGivzxaz28tRQ+nh+MD+iFLaSn7JWVc0LgGrWE+xHqMZMTINjmE6+E9JHwpmOJjtYartAEW3NrvXae8hXdwYavXcczlabHYIF1lc0L2S+NWyGGWsw\u003d\u003d"
      ],
      "name": "id_token PS512 Sign Key",
      "exp": 1672352901736,
      "alg": "PS512",
      "n": "mUmndM9cYrtkSXRfi4gLYmhEKKmSmpFMh--gl_eqd6Ot4WlE2ZgEcxqCln4RvwI85RaE6Je635J43UJW2bFSgc2ETwR0RGGb91gZjgix5zggfyp4t_cl-fkeIO3JOZl5XXt4DEYgZzpRV45Cn7VV-B38yALWj4wtc_oUSR-TCg1xlth5MnTI4Du9sfRX6Vj1CDmIUKlC7-vZzjqQZOByOqWXY1WDlwfMA8L3bu1irrCNJ709V4EC1na9UvxvYt0zLCVWZgeC4E46dWsz93Uvdx7QgA6ScseDEZwmPW0xeWclc8Fgbz1TepB-QKgEHNL020kISVsdmtVsuCSAKDxc3Q"
    },
    {
      "descr": "Encryption Key: RSAES-PKCS1-v1_5",
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "c49ea9b8-b080-4176-84d4-9b2ad0b95c6e_enc_rsa1_5",
      "x5c": [
        "MIIDCTCCAfGgAwIBAgIgaPBB5IhZ5wiEsUBDZUkpRnjBqRg4UohlszaHbuUdoq0wDQYJKoZIhvcNAQELBQAwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MThaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfR6rpxMYmYRM7g3H8xNYBPUwD2zN5ulX47O/fCNZOrawlWBN9LxLz+Qd9yiUb8uYWsuuFberaSfEXwag5gSBDOHI6V56ybJCf08bYOeJqqFOGqb76mugDPo77KOoWdW3eVk3Fow6GVq4R+qdE4auxlvKz6WFg1EWpG/qDcwdGupLh+8ekRweO/3F5+nqD0ynnFVNfzGRL+YSJK6cU+/gJ2nzlqIkqWDpZPLCQ+LTVFQpMzECNTiCtQ+v4l6jw2ztVop0gnve8HYUz054yuI7n2z3JEfFM9oXEI+er3MsDPMj4fNwyUSsY1L7TUWE9HKwfuag+xnPXxRTY+Qj32gSFAgMBAAGjJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADANBgkqhkiG9w0BAQsFAAOCAQEAcJbqBO2i/APm2oO0TvOlvxGhUYaQL8Zsh4n14cDDvzygneWYxkYrIZeqEpmnu4VY98zWtY7151E98CmGoIPdd5epLqYXozl20DHBG1SNhZVgaxGdJvR1cJbFb9/Ux2e2nYCkM33eRu5FKFyuTAkWYypQWA6kXw+yduCcr67EzUrV7jsWvDQYaW8EeL02mjB+xxdCZhL7bq4sTLvm1RBlhr/MKQnARgfMDzn1NfSKvuwg1OYFf5pfl9hiT7ts2ugmF7fhzFXYBQzpjxzk26f2s2vCSnaI8bBWIFYsRe46AcP3nPDxvi+PBHCvVll3NpG32OL+rDDjz4BaqTd7LzVyVw\u003d\u003d"
      ],
      "name": "id_token RSA1_5 Encryption Key",
      "exp": 1672352901736,
      "alg": "RSA1_5",
      "n": "n0eq6cTGJmETO4Nx_MTWAT1MA9szebpV-Ozv3wjWTq2sJVgTfS8S8_kHfcolG_LmFrLrhW3q2knxF8GoOYEgQzhyOleesmyQn9PG2DniaqhThqm--proAz6O-yjqFnVt3lZNxaMOhlauEfqnROGrsZbys-lhYNRFqRv6g3MHRrqS4fvHpEcHjv9xefp6g9Mp5xVTX8xkS_mEiSunFPv4Cdp85aiJKlg6WTywkPi01RUKTMxAjU4grUPr-Jeo8Ns7VaKdIJ73vB2FM9OeMriO59s9yRHxTPaFxCPnq9zLAzzI-HzcMlErGNS-01FhPRysH7moPsZz18UU2PkI99oEhQ"
    },
    {
      "descr": "Encryption Key: RSAES OAEP using default parameters",
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "3b4aa911-1b16-45eb-99c3-f9f8177f8e01_enc_rsa-oaep",
      "x5c": [
        "MIIDCjCCAfKgAwIBAgIhAI1Zb5nKeDJ6pa0AU/SLXbI+nUynCHcFzJH3hTH8wsmGMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE5WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmutMdQS7AoEa6OlLW8kFuKqjCC8+My6CXBqHHiKHIen0ZAXe9/VE68FBrX/1e128kR3mnbNYYpTbFv/TxB5H7lkG9v/OojmhhllYGzBPdSawkFM4KzU2KWRT5yKYrjzjNA2W5Z1N6kpETycOjzX4GfAd7TO4YuJcO/yXVSsty6ByU1/btgKCq36cgDN7VnDpIi/m2xr/awfBgf2AnteEO9Me1JWvSP7AGeUGssMbPUMp5Gqi0wYbXUuijUm3InR3gbOE+IDU/6Dd/hJuS4LxM1sAz1sqd8nzVRgnr0mWnsBbD7mMB6RVKTysgZ1AAPZ3t9sHnfbODG2Qr07laKOkUQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBAHqinzEXi+uTdjl5DDE2lVS6Po8Ze4/EHb6wSPgIJjDUyEf5KH7AGEOlmuKtuzy7m5v+WIOHyR3NOfEIlNhQ1e65ZbrvKWlBc2uxFMtdK9EZFKEo4IlrX5kalq4c+yGJlSGG+4Xt5G+tyCQOc4V3OZ9qIbCZyrKCrwWWer8u2rV759nGM7rWM/317fNKeTUB3og+J1paNBkauqPMQtfiC5UvIPyKdZlY1Ed6nOovHCMZLhQogLNuUpc15IFofJWv3/+h+7NYfKZxRNotOWo5jh69VcyUdlo/y5OdIYDWiqO5IU0g5G+zXqnbrlW9da9nF6j4U9cMI5oJUK95hEiZDTI\u003d"
      ],
      "name": "id_token RSA-OAEP Encryption Key",
      "exp": 1672352901736,
      "alg": "RSA-OAEP",
      "n": "mutMdQS7AoEa6OlLW8kFuKqjCC8-My6CXBqHHiKHIen0ZAXe9_VE68FBrX_1e128kR3mnbNYYpTbFv_TxB5H7lkG9v_OojmhhllYGzBPdSawkFM4KzU2KWRT5yKYrjzjNA2W5Z1N6kpETycOjzX4GfAd7TO4YuJcO_yXVSsty6ByU1_btgKCq36cgDN7VnDpIi_m2xr_awfBgf2AnteEO9Me1JWvSP7AGeUGssMbPUMp5Gqi0wYbXUuijUm3InR3gbOE-IDU_6Dd_hJuS4LxM1sAz1sqd8nzVRgnr0mWnsBbD7mMB6RVKTysgZ1AAPZ3t9sHnfbODG2Qr07laKOkUQ"
    }
  ]
}
2022-12-27 23:26:47 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "descr": "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-256",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "93bd7998-f8dd-4edc-bb37-849df3f455a5_sig_rs256",
      "x5c": [
        "MIIDCjCCAfKgAwIBAgIhANZZGCKw3evdv5mhxa+Owtyr7W/kQvm7q6xJHCt1pmrVMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODEyWhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysgE4ddJOErxmaIJab7bUsRXmaX5wzwn3Mv1OuTDoKmJBzTROxdNwpaGOZxeh+KdGTq29kdgAooA8+WpR+P769aIxjzG1M7b8yXI6AQ9vEWfRGQlDUgchLwxK94M7RLt9Fl1xN6fxtm/OaLx/1JI80ptjcxL/10JQQz4Y7RW6NNV+7kJiCdzHk1CQ5cnd/RvyeMCChhEWr6rRn0+CLLL3HFUwnLBtishbtGxcWbmZK4oA00bB6XsbYhybDPdNEmjCesbl5tcOe6eNN1h6v/gaCWYR3gAd0O26TKwT1w/p6DvBG985w25C4oPPdXOY4VMxtO/xXgKsvMK0g8mD+X5fQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBADwrX2PzJ5ee78Cs0kV6DlLJbNdn9QWxgmRKHTzSR1fkcGKZ4r4HYvy7I0RETY63CPOXda59Dpl506Ur+d89GILXKBIR+VDGs6rqzc0IgthAbyTMWnm718LajfvOLCBg1k2pDDuVwzppt+EwCnOIulXWsO2SiWQYHVrNH7j6c9Mec9lW34VlLSxtk8oYY5MlGai+LBQbnCRODWfwLjgtr0vgm/XcuvdV2HAy2UBWZcN/7Gn6UnO20WWp3OvA0hVBok/SDosK0YNxZSxqB4jVkc+u7sUXUn+l4hYJziQUnsvPprJaRSjwl4R0YivNyVAlkqRr6s8wnHLTZG1tLZIr4Ok\u003d"
      ],
      "name": "id_token RS256 Sign Key",
      "exp": 1672352901736,
      "alg": "RS256",
      "n": "ysgE4ddJOErxmaIJab7bUsRXmaX5wzwn3Mv1OuTDoKmJBzTROxdNwpaGOZxeh-KdGTq29kdgAooA8-WpR-P769aIxjzG1M7b8yXI6AQ9vEWfRGQlDUgchLwxK94M7RLt9Fl1xN6fxtm_OaLx_1JI80ptjcxL_10JQQz4Y7RW6NNV-7kJiCdzHk1CQ5cnd_RvyeMCChhEWr6rRn0-CLLL3HFUwnLBtishbtGxcWbmZK4oA00bB6XsbYhybDPdNEmjCesbl5tcOe6eNN1h6v_gaCWYR3gAd0O26TKwT1w_p6DvBG985w25C4oPPdXOY4VMxtO_xXgKsvMK0g8mD-X5fQ"
    },
    {
      "descr": "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-384",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "7dd2426e-7151-4592-93b7-95b2a12f6d95_sig_rs384",
      "x5c": [
        "MIIDCTCCAfGgAwIBAgIgSFu2fF5bmpLrvSWuRRlmiWJPqqoAksY2907d/Newfc4wDQYJKoZIhvcNAQEMBQAwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTVaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuPgh8/7SQF5syCmt9o/rMBAEuSj7mDAmwqSRZziPTuImGLcZB8LCmoOXup7ZUENG2eBSiraAVUjhkXMvHQpBqRjw+P5uzOSZSH+la917b3a/bkbuPQg51NV9WnvvnYJut2VIOa0Ea1ypU/ACEJG7+6r5eSWZBdPtbCgITN7zo2RZGeiytZXAn1TCoof3YtngWPNbP+4pZLCpwWADLU4tkXy1xecTpan/6BMpCsQ41F4Iz7sxJcynfQtrlhzM3fO8jOZe+GHYCo+TX+V8e5hAFmQOruq/QfXOd9RctPASuup5yLRMWHvHeoqktk5QnRoqcS0i2uv3P6VUf8x06D5RVAgMBAAGjJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADANBgkqhkiG9w0BAQwFAAOCAQEAiv7pyFEFaKvXQrBFdNI+o1vOpWym7+EFyCS2E2+YzRkCXmFbqJfxDKL8ZCmTms5Y06U1rDaJXCUT/L3gVT4YDKbbEGY7rVyFiSVGsGVba+xcd8RsXz7EVObPiBvmLM96YPqVjxHGt/lSzDe08cNt9BIfs2NoMgiNxE1/b8P0hiRAC+pbJASH4y3NINjoupEVF19Tz3nibTEwLOmvLtNgZQW+I6CQPT4t54QlffQkf957rwZu4kr1Oe+G2s2xdlE0GzxwOnEVeDzQilLODqrbGYQNjGXZme3wa1qSUOAaJ+UCgcF2ivutVjqR6e3qnXunT40HnynD8x9AhFJmB/2Gyg\u003d\u003d"
      ],
      "name": "id_token RS384 Sign Key",
      "exp": 1672352901736,
      "alg": "RS384",
      "n": "rj4IfP-0kBebMgprfaP6zAQBLko-5gwJsKkkWc4j07iJhi3GQfCwpqDl7qe2VBDRtngUoq2gFVI4ZFzLx0KQakY8Pj-bszkmUh_pWvde292v25G7j0IOdTVfVp7752CbrdlSDmtBGtcqVPwAhCRu_uq-XklmQXT7WwoCEze86NkWRnosrWVwJ9UwqKH92LZ4FjzWz_uKWSwqcFgAy1OLZF8tcXnE6Wp_-gTKQrEONReCM-7MSXMp30La5YczN3zvIzmXvhh2AqPk1_lfHuYQBZkDq7qv0H1znfUXLTwErrqeci0TFh7x3qKpLZOUJ0aKnEtItrr9z-lVH_MdOg-UVQ"
    },
    {
      "descr": "Signature Key: RSA RSASSA-PKCS1-v1_5 using SHA-512",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "3523039d-8ffe-4a4b-a120-85adb220cf32_sig_rs512",
      "x5c": [
        "MIIDCjCCAfKgAwIBAgIhAMFUYb/uIHwiU1QdG0jL8/Edp4tKsPWDsv4+nxiYQu9HMA0GCSqGSIb3DQEBDQUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE1WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE9+Dgb12Mvvrh4MfxCmXnNKhBA+TT4qkOK4gw9/4BDQue84qSLARdvoFY/Xny96gXNtJrxOLScEaQnn1288H/Vyfe1IfefsI1JuPAYX5U/Y4L33YkyL65ET522CA6UnGsKcYyd0ccTfwDEATWf4uA/wDiOmzDqhYZTGzNYTQ3Hq4sk4AROBdJqI9ahpdWfK6K63yRNAUuoU0w+Q3RViyx6IEtBr6pTdlXeGQUZLl88OeDlHIX60f6eCgHMh0M+zU9r7C/lbshgbhPVf9IOw0CH59BCDN4TK65ZbXDNisYnYUaFDibz5vw4sid+8vaYtkIBRSgtm5qounNOYjbHtpQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQENBQADggEBAJpysu8WKVaZDie//uFMME4pRrmU4c2RDCKo4d+QYSmgZewfqWoBv8pLUlXA6ltsWTd5yp23fbEr21oYQaRZNupgFPjgJHe4Dq6y1pbNCoQHIeiscG/s2ao5fC10X/jVlyTMCqZct7k2YiL7LFBuaIPNcyma5ttTQNohb96Jy9Is2xx2z8bC200K4OgE/kcgsHLyciJqzFQkI+eun6XR39WWGYJcoMB0yB21qy0tKYF0XAAylgqOuDB/kwCJhrgrXNxA5NqLQsoGngtItkTssxeiUoeeSjNhWgJQqwUSrFMcVyO8XZ6k1cHOwdgb0UuypY/NKnqdCHUukIUQPUrRUh4\u003d"
      ],
      "name": "id_token RS512 Sign Key",
      "exp": 1672352901736,
      "alg": "RS512",
      "n": "wE9-Dgb12Mvvrh4MfxCmXnNKhBA-TT4qkOK4gw9_4BDQue84qSLARdvoFY_Xny96gXNtJrxOLScEaQnn1288H_Vyfe1IfefsI1JuPAYX5U_Y4L33YkyL65ET522CA6UnGsKcYyd0ccTfwDEATWf4uA_wDiOmzDqhYZTGzNYTQ3Hq4sk4AROBdJqI9ahpdWfK6K63yRNAUuoU0w-Q3RViyx6IEtBr6pTdlXeGQUZLl88OeDlHIX60f6eCgHMh0M-zU9r7C_lbshgbhPVf9IOw0CH59BCDN4TK65ZbXDNisYnYUaFDibz5vw4sid-8vaYtkIBRSgtm5qounNOYjbHtpQ"
    },
    {
      "descr": "Signature Key: ECDSA using P-256 (secp256r1) and SHA-256",
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "86f081d8-bcc4-4588-9897-79dd06a4ed95_sig_es256",
      "x5c": [
        "MIIBfzCCASSgAwIBAgIhAIpAc4YhyCTNuRCuKKOfes0QBTNox/hSYrGcyRc4fUVjMAoGCCqGSM49BAMCMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE2WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfqLAPJMsMVf1aRoY+nfo9orSeos+g1p+JdhDKJtL4h8nRfTBU9prV+be2ZwOpRDLfhg2ersD/LsVyNf8LYdbjaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMAoGCCqGSM49BAMCA0kAMEYCIQCStUjQohze32BKSn6SBHHCHXmVfY+kYbT2H1FWiItEtAIhAOWSpxUbRB6o7Xy6QsNBpyN3JS3YXVAzuJwbNwS8Adow"
      ],
      "name": "id_token ES256 Sign Key",
      "x": "fqLAPJMsMVf1aRoY-nfo9orSeos-g1p-JdhDKJtL4h8",
      "y": "J0X0wVPaa1fm3tmcDqUQy34YNnq7A_y7FcjX_C2HW40",
      "exp": 1672352901736,
      "alg": "ES256"
    },
    {
      "descr": "Signature Key: ECDSA using P-384 (secp384r1) and SHA-384",
      "kty": "EC",
      "use": "sig",
      "crv": "P-384",
      "kid": "cbdad4e1-c417-4ab2-afb8-e2582256d1b8_sig_es384",
      "x5c": [
        "MIIBujCCAUCgAwIBAgIgIqK3hX28VBSS34zaW8BLU8vTrdAhXRtg2yyGjH2x3OUwCgYIKoZIzj0EAwMwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTZaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQ/ubE8rNWyg4brdBzmoE+8yksjf6j9/LjBWPiOkUiRdGTMCQY8pIbIiNiDwYHlX5/IDRVzr48fBx41UU0ye9TelCG/jChU3+qFiS6yicTOUZOuN8pOLUNAPfFYK9ZwbS6jJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADAKBggqhkjOPQQDAwNoADBlAjEA8lzHxaofLvVtWxJFOLd0CayeY/Z4tNSf1PWnn9KVlqjxUHs6jw/tOhqcyAlAlH5tAjAR2ruRbvbkOl7n6ckVqWh4nCMYJyQRSQdnX5ZWBcdQ2gcia3OK+gU3OBzjVdvoOEc\u003d"
      ],
      "name": "id_token ES384 Sign Key",
      "x": "P7mxPKzVsoOG63Qc5qBPvMpLI3-o_fy4wVj4jpFIkXRkzAkGPKSGyIjYg8GB5V-f",
      "y": "yA0Vc6-PHwceNVFNMnvU3pQhv4woVN_qhYkusonEzlGTrjfKTi1DQD3xWCvWcG0u",
      "exp": 1672352901736,
      "alg": "ES384"
    },
    {
      "descr": "Signature Key: ECDSA using P-521 (secp521r1) and SHA-512",
      "kty": "EC",
      "use": "sig",
      "crv": "P-521",
      "kid": "932692bc-7e99-40d0-b114-e6f9882b59a4_sig_es512",
      "x5c": [
        "MIICBTCCAWagAwIBAgIgB426X6D0s3wAu+j+U1IRPdbXZq8ulFuGQinRskqmMzcwCgYIKoZIzj0EAwQwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MTZaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABADykMhD0KcQQYWHE6se903Ibrx4sHSgKJxPqBY2X9IYxcObum1LnCAw/p2jdzEkPJuLam1PAZwK3gJYPfamdMUG9wEvt63FBk8BcOLfyhHa/1xr7DQEen/abGt7nibru7+Ml4M8p7hzJ4Vp/nJ0gEcBxdIuhoxGNw+/BxasznbcvXXt16MnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMAoGCCqGSM49BAMEA4GMADCBiAJCALek46bgchW5xotGrBH7PI5afn7Q3HX6W2yG00rI6nboddFhQJbncBdvAwpNzdXew4LdzIQaXwyAGkqWU+Ni6KYPAkIBBV8bG9hYYaxz8WscM8dXKiGFVwKkd6gidtoIhQpTozvMynxGqGc1WA/LySFxXh7URFyh3HYv2PMzr2ThQOKVDok\u003d"
      ],
      "name": "id_token ES512 Sign Key",
      "x": "8pDIQ9CnEEGFhxOrHvdNyG68eLB0oCicT6gWNl_SGMXDm7ptS5wgMP6do3cxJDybi2ptTwGcCt4CWD32pnTFBvc",
      "y": "AS-3rcUGTwFw4t_KEdr_XGvsNAR6f9psa3ueJuu7v4yXgzynuHMnhWn-cnSARwHF0i6GjEY3D78HFqzOdty9de3X",
      "exp": 1672352901736,
      "alg": "ES512"
    },
    {
      "descr": "Signature Key: RSASSA-PSS using SHA-256 and MGF1 with SHA-256",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "654bd47a-5581-48cc-af8a-fe5eca5e6fb6_sig_ps256",
      "x5c": [
        "MIIDcjCCAiagAwIBAgIhAKFEgEB3j/IEo+dm14wePOEfAkPrN9Muq27xxWDbCjOXMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxN1oXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDLLDxA9jaH/QkHuwNqNjSSSOZmblIEntX5VR7Bg10oALY1xk03kGZXfpidHgHSXCUB3GozixLqwGv5p2h1+v14EViWefyu/N6yo2N2M6QldSJcuUpx5/hLQGsW8POFd+cUduOsXCEFWgcdh7qcmhfsUoHyptFM3q1CAlKMI3rT8ss6YOArtUNlJSmk+4j026HEyBTC4/nNlnlAJRGWt2eLGOChhZMamfId0AbuFeR7+QiwaMDFf86wKt6tPfzKzEuVWqAxOqTg40Agprcw3pugmmXPvVj5msdBfIFSzzQGK4Y64ImOsJi2vRPRpBHumC8BeOjdps/mr1c9ERLaTe8CAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIAOCAQEAN1mVpdZq+h5TziBnn52HpjU45FCfjBQKIR6r6mi/gIVqbMqbUwsULjLW5ClhbezFyVRvyhNajsElmWKUXLAsecxTRBx5tJOnWUVWmc26VIZckGGON4qxlgsUMqf+qzGs4MsLWhTDUbiqBfRjaNIW355DGvPRv7L2gbZRw9LiJqca5ueXsk7BIl8p8KbYAt/0BJDMN4c4Y636M866CBnw6iLX3qOtLQWWrPhW6oLyvsJQqqwyt89AZXyVl/cp8uluEAiZ+Hmwlc5G2LN7oiIFqEHR5QlgpDnRf66TJH058lbfI6MKgMDV+qhaqyyFOIoQ0lXTLSymGmadsIncDFC7Og\u003d\u003d"
      ],
      "name": "id_token PS256 Sign Key",
      "exp": 1672352901736,
      "alg": "PS256",
      "n": "wMssPED2Nof9CQe7A2o2NJJI5mZuUgSe1flVHsGDXSgAtjXGTTeQZld-mJ0eAdJcJQHcajOLEurAa_mnaHX6_XgRWJZ5_K783rKjY3YzpCV1Ily5SnHn-EtAaxbw84V35xR246xcIQVaBx2HupyaF-xSgfKm0UzerUICUowjetPyyzpg4Cu1Q2UlKaT7iPTbocTIFMLj-c2WeUAlEZa3Z4sY4KGFkxqZ8h3QBu4V5Hv5CLBowMV_zrAq3q09_MrMS5VaoDE6pODjQCCmtzDem6CaZc-9WPmax0F8gVLPNAYrhjrgiY6wmLa9E9GkEe6YLwF46N2mz-avVz0REtpN7w"
    },
    {
      "descr": "Signature Key: RSASSA-PSS using SHA-384 and MGF1 with SHA-384",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a3f507e2-2f98-4c53-a259-43a44605b2a6_sig_ps384",
      "x5c": [
        "MIIDcjCCAiagAwIBAgIhAOyRZ1+oW7esPyHAJhpNB01lDrqAJ84H19gWtXD3aIeVMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxN1oXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK1Q+eZ/kmh6cX8Rkt1Bo7NmzjUuff5rHMSUZCKG1Z8+qQ3B6jloX06Xedaate2KYeuhcKIoYKFZRZnO04/jzxyJMtHpRj6chZwq5Q68/WNUrYPzkgvtcupgBOCvv8pybKNEJYaZiKFrmi7ejdsORb/m09TaaKe2985/f5vpU3vg8eFrzvULyYtSsgE6RMzwjAPmKRkJKuMsJ8AsJ10YgD8B6Qya27pgq6TQ4dfmsMlv3kiFzwwNxLV4j6hJ9mR6f4+KdP3AZMd1IieVjeLlI1sH0rcjvBOc7MGScUJHk9Vv2CwgA9VkhYzCyRSZKRyHDhfEgFP37zYDfzXh0wONRUECAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIBMAOCAQEAcbyNW53i/aRbR4dSWeMD19YvD1B2TAArfwba9yJ5+SGlcQxGDVSbxlSBdMuzKqazvsNYbF8zLGK7waLM/dPFjZaQTwaGA3BIvubYY93MQChOGiflzTwMv9b7WDu6RqpF3akHPvAnvfU5gHc0iMekQYgkAtZRM2k5aV3z0RtXDhFaMqL103K20IB16HEXmxoBFX/p/fvL0zhAw4vnOFiBCiFstBRNjcaH8yuRSJorl1y4SLuaFYWJ/PMAQviFW6Kj2q0UNRdkQkXXlxwQX7NwoOw1yH+CgK868ntKbfpr8xD04mlI+V3ckeKnpMb++5Y7DmLEs4q7yNAT3fg7wgrMCg\u003d\u003d"
      ],
      "name": "id_token PS384 Sign Key",
      "exp": 1672352901736,
      "alg": "PS384",
      "n": "rVD55n-SaHpxfxGS3UGjs2bONS59_mscxJRkIobVnz6pDcHqOWhfTpd51pq17Yph66FwoihgoVlFmc7Tj-PPHIky0elGPpyFnCrlDrz9Y1Stg_OSC-1y6mAE4K-_ynJso0QlhpmIoWuaLt6N2w5Fv-bT1Npop7b3zn9_m-lTe-Dx4WvO9QvJi1KyATpEzPCMA-YpGQkq4ywnwCwnXRiAPwHpDJrbumCrpNDh1-awyW_eSIXPDA3EtXiPqEn2ZHp_j4p0_cBkx3UiJ5WN4uUjWwfStyO8E5zswZJxQkeT1W_YLCAD1WSFjMLJFJkpHIcOF8SAU_fvNgN_NeHTA41FQQ"
    },
    {
      "descr": "Signature Key: RSASSA-PSS using SHA-512 and MGF1 with SHA-512",
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "e2a747b9-f782-4a18-af5c-ab0705653f43_sig_ps512",
      "x5c": [
        "MIIDcjCCAiagAwIBAgIhANlkL3IhK1zhUlrVLBSWtZRxKeWoOXPeiCSmau9sMJtFMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIBQDAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMB4XDTIyMTIyNzIyMjgxOFoXDTIyMTIyOTIyMjgyMVowJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJlJp3TPXGK7ZEl0X4uIC2JoRCipkpqRTIfvoJf3qnejreFpRNmYBHMagpZ+Eb8CPOUWhOiXut+SeN1CVtmxUoHNhE8EdERhm/dYGY4Isec4IH8qeLf3Jfn5HiDtyTmZeV17eAxGIGc6UVeOQp+1Vfgd/MgC1o+MLXP6FEkfkwoNcZbYeTJ0yOA7vbH0V+lY9Qg5iFCpQu/r2c46kGTgcjqll2NVg5cHzAPC927tYq6wjSe9PVeBAtZ2vVL8b2LdMywlVmYHguBOOnVrM/d1L3ce0IAOknLHgxGcJj1tMXlnJXPBYG89U3qQfkCoBBzS9NtJCElbHZrVbLgkgCg8XN0CAwEAAaMnMCUwIwYDVR0lBBwwGgYIKwYBBQUHAwEGCCsGAQUFBwMCBgRVHSUAMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIBQAOCAQEASwmflWG3KKFkuy6k5lFKZEk0nYJubqhAgvW8pxI1oiGDBI6kmsX+N1765DBH9zSk/j/3v3q33AMoAiJBrguTOwi/4KfEQTdB7NxWkrsn4m6EHKvUTHvqLHl0n9cxWeGomYmMB3TeoV99FOIi4X8YNaVShZQmYeHZdPJ9iapN8GIDld+oyCEcngiw85/VV+yXKZ+buTiaG5nuiIukZOIZDyqYLWuHMnVsPfOYuyGivzxaz28tRQ+nh+MD+iFLaSn7JWVc0LgGrWE+xHqMZMTINjmE6+E9JHwpmOJjtYartAEW3NrvXae8hXdwYavXcczlabHYIF1lc0L2S+NWyGGWsw\u003d\u003d"
      ],
      "name": "id_token PS512 Sign Key",
      "exp": 1672352901736,
      "alg": "PS512",
      "n": "mUmndM9cYrtkSXRfi4gLYmhEKKmSmpFMh--gl_eqd6Ot4WlE2ZgEcxqCln4RvwI85RaE6Je635J43UJW2bFSgc2ETwR0RGGb91gZjgix5zggfyp4t_cl-fkeIO3JOZl5XXt4DEYgZzpRV45Cn7VV-B38yALWj4wtc_oUSR-TCg1xlth5MnTI4Du9sfRX6Vj1CDmIUKlC7-vZzjqQZOByOqWXY1WDlwfMA8L3bu1irrCNJ709V4EC1na9UvxvYt0zLCVWZgeC4E46dWsz93Uvdx7QgA6ScseDEZwmPW0xeWclc8Fgbz1TepB-QKgEHNL020kISVsdmtVsuCSAKDxc3Q"
    },
    {
      "descr": "Encryption Key: RSAES-PKCS1-v1_5",
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "c49ea9b8-b080-4176-84d4-9b2ad0b95c6e_enc_rsa1_5",
      "x5c": [
        "MIIDCTCCAfGgAwIBAgIgaPBB5IhZ5wiEsUBDZUkpRnjBqRg4UohlszaHbuUdoq0wDQYJKoZIhvcNAQELBQAwJDEiMCAGA1UEAwwZSmFucyBBdXRoIENBIENlcnRpZmljYXRlczAeFw0yMjEyMjcyMjI4MThaFw0yMjEyMjkyMjI4MjFaMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfR6rpxMYmYRM7g3H8xNYBPUwD2zN5ulX47O/fCNZOrawlWBN9LxLz+Qd9yiUb8uYWsuuFberaSfEXwag5gSBDOHI6V56ybJCf08bYOeJqqFOGqb76mugDPo77KOoWdW3eVk3Fow6GVq4R+qdE4auxlvKz6WFg1EWpG/qDcwdGupLh+8ekRweO/3F5+nqD0ynnFVNfzGRL+YSJK6cU+/gJ2nzlqIkqWDpZPLCQ+LTVFQpMzECNTiCtQ+v4l6jw2ztVop0gnve8HYUz054yuI7n2z3JEfFM9oXEI+er3MsDPMj4fNwyUSsY1L7TUWE9HKwfuag+xnPXxRTY+Qj32gSFAgMBAAGjJzAlMCMGA1UdJQQcMBoGCCsGAQUFBwMBBggrBgEFBQcDAgYEVR0lADANBgkqhkiG9w0BAQsFAAOCAQEAcJbqBO2i/APm2oO0TvOlvxGhUYaQL8Zsh4n14cDDvzygneWYxkYrIZeqEpmnu4VY98zWtY7151E98CmGoIPdd5epLqYXozl20DHBG1SNhZVgaxGdJvR1cJbFb9/Ux2e2nYCkM33eRu5FKFyuTAkWYypQWA6kXw+yduCcr67EzUrV7jsWvDQYaW8EeL02mjB+xxdCZhL7bq4sTLvm1RBlhr/MKQnARgfMDzn1NfSKvuwg1OYFf5pfl9hiT7ts2ugmF7fhzFXYBQzpjxzk26f2s2vCSnaI8bBWIFYsRe46AcP3nPDxvi+PBHCvVll3NpG32OL+rDDjz4BaqTd7LzVyVw\u003d\u003d"
      ],
      "name": "id_token RSA1_5 Encryption Key",
      "exp": 1672352901736,
      "alg": "RSA1_5",
      "n": "n0eq6cTGJmETO4Nx_MTWAT1MA9szebpV-Ozv3wjWTq2sJVgTfS8S8_kHfcolG_LmFrLrhW3q2knxF8GoOYEgQzhyOleesmyQn9PG2DniaqhThqm--proAz6O-yjqFnVt3lZNxaMOhlauEfqnROGrsZbys-lhYNRFqRv6g3MHRrqS4fvHpEcHjv9xefp6g9Mp5xVTX8xkS_mEiSunFPv4Cdp85aiJKlg6WTywkPi01RUKTMxAjU4grUPr-Jeo8Ns7VaKdIJ73vB2FM9OeMriO59s9yRHxTPaFxCPnq9zLAzzI-HzcMlErGNS-01FhPRysH7moPsZz18UU2PkI99oEhQ"
    },
    {
      "descr": "Encryption Key: RSAES OAEP using default parameters",
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "3b4aa911-1b16-45eb-99c3-f9f8177f8e01_enc_rsa-oaep",
      "x5c": [
        "MIIDCjCCAfKgAwIBAgIhAI1Zb5nKeDJ6pa0AU/SLXbI+nUynCHcFzJH3hTH8wsmGMA0GCSqGSIb3DQEBCwUAMCQxIjAgBgNVBAMMGUphbnMgQXV0aCBDQSBDZXJ0aWZpY2F0ZXMwHhcNMjIxMjI3MjIyODE5WhcNMjIxMjI5MjIyODIxWjAkMSIwIAYDVQQDDBlKYW5zIEF1dGggQ0EgQ2VydGlmaWNhdGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmutMdQS7AoEa6OlLW8kFuKqjCC8+My6CXBqHHiKHIen0ZAXe9/VE68FBrX/1e128kR3mnbNYYpTbFv/TxB5H7lkG9v/OojmhhllYGzBPdSawkFM4KzU2KWRT5yKYrjzjNA2W5Z1N6kpETycOjzX4GfAd7TO4YuJcO/yXVSsty6ByU1/btgKCq36cgDN7VnDpIi/m2xr/awfBgf2AnteEO9Me1JWvSP7AGeUGssMbPUMp5Gqi0wYbXUuijUm3InR3gbOE+IDU/6Dd/hJuS4LxM1sAz1sqd8nzVRgnr0mWnsBbD7mMB6RVKTysgZ1AAPZ3t9sHnfbODG2Qr07laKOkUQIDAQABoycwJTAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBAHqinzEXi+uTdjl5DDE2lVS6Po8Ze4/EHb6wSPgIJjDUyEf5KH7AGEOlmuKtuzy7m5v+WIOHyR3NOfEIlNhQ1e65ZbrvKWlBc2uxFMtdK9EZFKEo4IlrX5kalq4c+yGJlSGG+4Xt5G+tyCQOc4V3OZ9qIbCZyrKCrwWWer8u2rV759nGM7rWM/317fNKeTUB3og+J1paNBkauqPMQtfiC5UvIPyKdZlY1Ed6nOovHCMZLhQogLNuUpc15IFofJWv3/+h+7NYfKZxRNotOWo5jh69VcyUdlo/y5OdIYDWiqO5IU0g5G+zXqnbrlW9da9nF6j4U9cMI5oJUK95hEiZDTI\u003d"
      ],
      "name": "id_token RSA-OAEP Encryption Key",
      "exp": 1672352901736,
      "alg": "RSA-OAEP",
      "n": "mutMdQS7AoEa6OlLW8kFuKqjCC8-My6CXBqHHiKHIen0ZAXe9_VE68FBrX_1e128kR3mnbNYYpTbFv_TxB5H7lkG9v_OojmhhllYGzBPdSawkFM4KzU2KWRT5yKYrjzjNA2W5Z1N6kpETycOjzX4GfAd7TO4YuJcO_yXVSsty6ByU1_btgKCq36cgDN7VnDpIi_m2xr_awfBgf2AnteEO9Me1JWvSP7AGeUGssMbPUMp5Gqi0wYbXUuijUm3InR3gbOE-IDU_6Dd_hJuS4LxM1sAz1sqd8nzVRgnr0mWnsBbD7mMB6RVKTysgZ1AAPZ3t9sHnfbODG2Qr07laKOkUQ"
    }
  ]
}
2022-12-27 23:26:47 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-12-27 23:26:47 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-12-27 23:26:47 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-12-27 23:26:47 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-12-27 23:26:47
StoreOriginalClientConfiguration
Created original_client_config object from the client configuration.
client_name
Test Client 1
2022-12-27 23:26:47
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Test Client 1
2022-12-27 23:26:47 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "9sl5BTFzmbtXy3yOcC_ZncaVZUaYTAwNh7yIMOuKyDMsVi_cG8n6XFqm0FnRHY2llQuXgCLUM1FMhsqVw2vuxc8plPwNGBI5iKBYPcos-IPdT41-fKKKRRwNdriG9zgB31lai2O4w-SeGLTu_0vwnt_ZdFQUtSTMJcyN_-RSsic",
      "kty": "RSA",
      "q": "pWdseNE9IKulnS2d8vf6JljwA_Bqh1Q3xu3oGzsjJ9Ni0PUr25hj9yUZLXAa_ycGjADoeP8UThV47uebVY06_qelkrlxraUKsS59iG3-LA87SuXzeopUmqCruIU7d2GOB3DJVYWEKRaRsizwyisciz7yRLDOVADjJAg13oFnysU",
      "d": "MQ55bGD0B_CkSjuGw28N-7-XWKH8-duGMSbV9123yXyzqkx_7HqdNyPbEtXOy-L84npe65DPa6hv4ZA_dSjwMQ1KT_VeRZ_yO2rqXgwy1_bGkOQ9cHG_RdsgN2tFyAX1ZyVXbSoIhzTsiMmcV9m7ML1Rlo4WsEuvFbKWIc6yzXKK-yfPRCS2dHTLHRhQ2Am_-6mfif82VSGaW1EGnh6r8nkmmz3S1Kkn7Pb6esqkRCzTFCAeEhN3kxrS5vTAkEdFmrVoeqUkBbgbD8BbyWG5T2VbqU9UMFMrs_h8EuJj5dvRKb-jjp5ljhRfccvFyhOn56IjfrEAdLJQWJaASxpFSQ",
      "e": "AQAB",
      "use": "sig",
      "qi": "rZeJjuRiELE6sPTm39UWuhZ3MbFEl4wTsAn7Ij1fjhxW0Q7KT6mFdxZmIxurHWRV4WD5el3PEwjsViiYy_rLiuE2hvFptPvzsi2WGQZl2qlQfVwhOfoCKZ7Q4nCR2kf_fyDGvrz5DgNaqFfq0JFWTEIOpmkP5FfQ5gpEE-_Syso",
      "dp": "nCzP-2taHtWiL9I5SeHeM6yyao8MXkPaZCX5ggvtndhUnI5ZGvTtDXkIzB2q6qrzOKlHTP29kGRIq5yUvkEVr_Tz-aawmqUd58qhTSke4H6ClY-Tlkg-fJHOK22Ha_fzp2aimEeZa87IBhaqkMF8Gu7KbIWxPRl2YA1dZ60UcE0",
      "alg": "RS256",
      "dq": "HtTAa2TVOBnGrR2rq3Z9slgxpQpTURZprzL5aNoFG49ThA-vNSeaup63qriSz6y-k6o3qxYg-s0V1bJmSfQhYwZs3oSio_N3or8_twaJsjzEmJl0YQsX6hq455QuGXqdttVXMhHJKL-EOOoXmBehInOBRTyPuSjRLg45vFfyuOE",
      "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
    }
  ]
}
2022-12-27 23:26:47 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-12-27 23:26:47
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-12-27 23:26:47
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Test Client 1 VZveYQmcQcL3H7u
2022-12-27 23:26:47
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-12-27 23:26:47
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 1 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
      }
    ]
  }
}
2022-12-27 23:26:47
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 1 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-12-27 23:26:47
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 1 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ]
}
2022-12-27 23:26:47
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 1 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"
  ]
}
2022-12-27 23:26:47
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 1 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-12-27 23:26:47
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "refresh_token"
]
2022-12-27 23:26:47
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "720"
}
request_body
{"client_name":"Test Client 1 VZveYQmcQcL3H7u","grant_types":["authorization_code","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code"],"redirect_uris":["https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"],"contacts":["certification@oidf.org"]}
2022-12-27 23:26:48 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "date": "Tue, 27 Dec 2022 23:26:48 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "2193",
  "set-cookie": "X-Correlation-Id\u003d1649ec76-be7d-4b34-9079-2e4cd4e473e0; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{
    "allow_spontaneous_scopes": false,
    "jwks": {"keys": [{
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
    }]},
    "application_type": "web",
    "rpt_as_jwt": false,
    "registration_client_uri": "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id=78f349d0-713d-40f2-b37c-00d1c0a947a4",
    "tls_client_auth_subject_dn": "",
    "run_introspection_script_before_jwt_creation": false,
    "registration_access_token": "417af579-02a1-47b3-9b34-8740dea0ccc8",
    "client_id": "78f349d0-713d-40f2-b37c-00d1c0a947a4",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "test user_name clientinfo profile uma_protection email org_name work_phone address permission offline_access device_sso phone openid https://jans.io/auth/ssa.admin https://jans.io/auth/ssa.developer https://jans.io/auth/ssa.portal",
    "client_secret": "14185c75-9cda-4a72-a4f6-076417744c0a",
    "client_id_issued_at": 1672183608,
    "backchannel_logout_uri": [],
    "backchannel_logout_session_required": false,
    "client_name": "Test Client 1 VZveYQmcQcL3H7u",
    "par_lifetime": 600,
    "spontaneous_scopes": [],
    "id_token_signed_response_alg": "RS256",
    "access_token_as_jwt": false,
    "grant_types": [
        "authorization_code",
        "refresh_token"
    ],
    "subject_type": "pairwise",
    "keep_client_authorization_after_expiration": false,
    "require_par": false,
    "redirect_uris": ["https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"],
    "redirect_uris_regex": "",
    "additional_audience": [],
    "frontchannel_logout_session_required": false,
    "client_secret_expires_at": 1672270008,
    "access_token_signing_alg": "RS256",
    "contacts": ["certification@oidf.org"],
    "response_types": ["code"]
}
2022-12-27 23:26:48
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "date": "Tue, 27 Dec 2022 23:26:48 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "2193",
  "set-cookie": "X-Correlation-Id\u003d1649ec76-be7d-4b34-9079-2e4cd4e473e0; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
body
{
    "allow_spontaneous_scopes": false,
    "jwks": {"keys": [{
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
    }]},
    "application_type": "web",
    "rpt_as_jwt": false,
    "registration_client_uri": "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id=78f349d0-713d-40f2-b37c-00d1c0a947a4",
    "tls_client_auth_subject_dn": "",
    "run_introspection_script_before_jwt_creation": false,
    "registration_access_token": "417af579-02a1-47b3-9b34-8740dea0ccc8",
    "client_id": "78f349d0-713d-40f2-b37c-00d1c0a947a4",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "test user_name clientinfo profile uma_protection email org_name work_phone address permission offline_access device_sso phone openid https://jans.io/auth/ssa.admin https://jans.io/auth/ssa.developer https://jans.io/auth/ssa.portal",
    "client_secret": "14185c75-9cda-4a72-a4f6-076417744c0a",
    "client_id_issued_at": 1672183608,
    "backchannel_logout_uri": [],
    "backchannel_logout_session_required": false,
    "client_name": "Test Client 1 VZveYQmcQcL3H7u",
    "par_lifetime": 600,
    "spontaneous_scopes": [],
    "id_token_signed_response_alg": "RS256",
    "access_token_as_jwt": false,
    "grant_types": [
        "authorization_code",
        "refresh_token"
    ],
    "subject_type": "pairwise",
    "keep_client_authorization_after_expiration": false,
    "require_par": false,
    "redirect_uris": ["https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"],
    "redirect_uris_regex": "",
    "additional_audience": [],
    "frontchannel_logout_session_required": false,
    "client_secret_expires_at": 1672270008,
    "access_token_signing_alg": "RS256",
    "contacts": ["certification@oidf.org"],
    "response_types": ["code"]
}
body_json
{
  "allow_spontaneous_scopes": false,
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "n3OOoYEqvDJH-Zk_OmoVsiO3bfTFdFG3J-sQn0_c8o-Cv7G3T-fy62G6VItttO93Wm2Jt-fdHauC8HLKHwKLNF3YOZZeK4bFk0GTJvkKegi97443zBYWnsMsABhXftkAbtmgLE3TZnD4aqCTGFcWAlE2DCi_CWmw0Q6JDSBFBSpb1BhL3xBKLgyTYxqMRXsrh2LqxzCJkBXD10mivkRUKjmXkIz9HdUcDgnnSaAfyebxTyv8-CF7qD1aZU9Y5pLHZZFGTupIQn-Kixd8UoUyBZBRz1etZ3G46bwktTObJ7VyBuC3w9IcsCY52iHNuqqDJujP5WShiiy-SEnxSObeAw"
      }
    ]
  },
  "application_type": "web",
  "rpt_as_jwt": false,
  "registration_client_uri": "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id\u003d78f349d0-713d-40f2-b37c-00d1c0a947a4",
  "tls_client_auth_subject_dn": "",
  "run_introspection_script_before_jwt_creation": false,
  "registration_access_token": "417af579-02a1-47b3-9b34-8740dea0ccc8",
  "client_id": "78f349d0-713d-40f2-b37c-00d1c0a947a4",
  "token_endpoint_auth_method": "client_secret_basic",
  "scope": "test user_name clientinfo profile uma_protection email org_name work_phone address permission offline_access device_sso phone openid https://jans.io/auth/ssa.admin https://jans.io/auth/ssa.developer https://jans.io/auth/ssa.portal",
  "client_secret": "14185c75-9cda-4a72-a4f6-076417744c0a",
  "client_id_issued_at": 1672183608,
  "backchannel_logout_uri": [],
  "backchannel_logout_session_required": false,
  "client_name": "Test Client 1 VZveYQmcQcL3H7u",
  "par_lifetime": 600,
  "spontaneous_scopes": [],
  "id_token_signed_response_alg": "RS256",
  "access_token_as_jwt": false,
  "grant_types": [
    "authorization_code",
    "refresh_token"
  ],
  "subject_type": "pairwise",
  "keep_client_authorization_after_expiration": false,
  "require_par": false,
  "redirect_uris": [
    "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"
  ],
  "redirect_uris_regex": "",
  "additional_audience": [],
  "frontchannel_logout_session_required": false,
  "client_secret_expires_at": 1672270008,
  "access_token_signing_alg": "RS256",
  "contacts": [
    "certification@oidf.org"
  ],
  "response_types": [
    "code"
  ]
}
2022-12-27 23:26:48 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-12-27 23:26:48 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-12-27 23:26:48 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-12-27 23:26:48 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
78f349d0-713d-40f2-b37c-00d1c0a947a4
2022-12-27 23:26:48 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id=78f349d0-713d-40f2-b37c-00d1c0a947a4
registration_access_token
417af579-02a1-47b3-9b34-8740dea0ccc8
2022-12-27 23:26:48
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-12-27 23:26:48
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
Set scope in client configuration to "openid offline_access"as 'scope_supported' contains 'offline_access'
scope
openid offline_access
2022-12-27 23:26:48 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "client_secret_jwt",
  "private_key_jwt",
  "tls_client_auth",
  "self_signed_tls_client_auth",
  "none"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-12-27 23:26:48
StoreOriginalClient2Configuration
Created original_client_config object from the client configuration.
client_name
Test Client 2
2022-12-27 23:26:48
ExtractClientNameFromStoredConfig
Extracted client_name from stored client configuration.
client_name
Test Client 2
2022-12-27 23:26:48 SUCCESS
GenerateRS256ClientJWKs
Generated client JWKs
client_jwks
{
  "keys": [
    {
      "p": "5prF1db7E-L6jzMW3EmUngi8APi-Iq_rEHtyjTFbEnkCYJylQhKAsyL8dtCHaMx778ZPvpaiQvzKaMDKXA0Rj5EaMqHWsITuR88d8FK0L8-p51NzyC7sVZxw3yA0RsdzrgJAapKi_LvXxjDfzaml2bEiZV46kDfLFEipBtc1Z_k",
      "kty": "RSA",
      "q": "oRzyE6MRxXBDjh98C5PLJogKZ1GcehaWNVUKlEdgrQso2dJf7ehFa9qN8NuWgYBYlMYhQq7WxlBEPdiXP8TwZwbF6YrHWi4Z6I2GUpAQRc3xtc5VCStdR_36VEZiIqKra8mXiYzgeVMgyJKen9qDxdW5lRFBsjsrjebsgKzEdb8",
      "d": "Vhg6DjBhy9smkf6DPchRU0SAEVckQVSQTetN2vh-FWMDihfwnnLH7UnpP9qUweRDeeoLMaw1Va3gkGVFByv9-uyU2w0AR1RfiD0i_VHR33ZOSKwp3GehTP7DyfZt8NxfO-alldr21QQru2a4bEAVplVAvu7spwB63OXatSrWvj0tGOyqlfMww55kX3aUnkdzEgkqsjxgenVw3xFBo1UvBNo3_ecguZT37kLUzjnMJ_atwisyFqRi9gkXGYdmvmtvxo1hR8QbpJbvFSsisrNiLtfiMVRE7Y6PSxBXYoSoICiW8DgirM4I_DarP77aK1_ACxPmkCGYVbcQTXpFAlk54Q",
      "e": "AQAB",
      "use": "sig",
      "qi": "JhwPp4P6ONwBWsTur30k-RlPRKNJZxoEj_OJPBVS9ueh5e269d801GQ7Jz9ts_3bdXXzQIlsb3Ict2zGDo9mKjgkWB5aMYZlTIA23XZpjA7z4RobFukJ2fm4w2IMHPzZmLiMejTKFwTrNvbYfGqAdda4xYXOd5bR2fAmP1sVS0k",
      "dp": "LfJ0rLDTAhldlx601VuL0xkmbIMjT0IB8hzGrD9DSCD4Skur2chaAFdeOkY-VLE5mILI7M6SsgowQkL3jvPDpflhYOlCH5W87G3mJzYzVLtpvP-xuBcxW7V5_9soz1l6QReNwi5Jb1X2HjUqwo2k0AUtN0lZHdcgDYCUvRowN_E",
      "alg": "RS256",
      "dq": "A-Q-GKlUsY8voowyI9lzC8A3eB1piS1ofWtLcR90P1nIp9JEDOwSWTOTQCEdto0SFq3eeczdVTb1HwVPSfQI1oQ8XZLDk_MPHyXj-7SNIBKEZx7PwQPyId4JoOV-U1XYjCb3aRQlC-ktHoskF7pgenPaIrai_podSDUuu0DxEeM",
      "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "alg": "RS256",
      "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
    }
  ]
}
2022-12-27 23:26:48 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-12-27 23:26:48
CreateEmptyDynamicRegistrationRequest
Created empty dynamic registration request
2022-12-27 23:26:48
AddClientNameToDynamicRegistrationRequest
Added client_name to registration request
client_name
Test Client 2 VZveYQmcQcL3H7u
2022-12-27 23:26:48
AddAuthorizationCodeGrantTypeToDynamicRegistrationRequest
Added 'authorization_code' to 'grant_types'
grant_types
[
  "authorization_code"
]
2022-12-27 23:26:48
AddPublicJwksToDynamicRegistrationRequest
Added client public JWKS to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 2 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
      }
    ]
  }
}
2022-12-27 23:26:48
AddTokenEndpointAuthMethodToDynamicRegistrationRequestFromEnvironment
Added token endpoint auth method to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 2 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic"
}
2022-12-27 23:26:48
AddResponseTypesArrayToDynamicRegistrationRequestFromEnvironment
Added response_types array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 2 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ]
}
2022-12-27 23:26:48
AddRedirectUriToDynamicRegistrationRequest
Added redirect_uris array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 2 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"
  ]
}
2022-12-27 23:26:48
AddContactsToDynamicRegistrationRequest
Added contacts array to dynamic registration request
dynamic_registration_request
{
  "client_name": "Test Client 2 VZveYQmcQcL3H7u",
  "grant_types": [
    "authorization_code"
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
      }
    ]
  },
  "token_endpoint_auth_method": "client_secret_basic",
  "response_types": [
    "code"
  ],
  "redirect_uris": [
    "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"
  ],
  "contacts": [
    "certification@oidf.org"
  ]
}
2022-12-27 23:26:48
AddRefreshTokenGrantTypeToDynamicRegistrationRequest
Added 'refresh_token' to 'grant_types'
grant_types
[
  "authorization_code",
  "refresh_token"
]
2022-12-27 23:26:48
CallDynamicRegistrationEndpoint
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-type": "application/json",
  "content-length": "720"
}
request_body
{"client_name":"Test Client 2 VZveYQmcQcL3H7u","grant_types":["authorization_code","refresh_token"],"jwks":{"keys":[{"kty":"RSA","e":"AQAB","use":"sig","alg":"RS256","n":"kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"}]},"token_endpoint_auth_method":"client_secret_basic","response_types":["code"],"redirect_uris":["https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"],"contacts":["certification@oidf.org"]}
2022-12-27 23:26:48 RESPONSE
CallDynamicRegistrationEndpoint
HTTP response
response_status_code
201 CREATED
response_status_text
Created
response_headers
{
  "date": "Tue, 27 Dec 2022 23:26:48 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "2193",
  "set-cookie": "X-Correlation-Id\u003d62177360-0a23-4fc8-9353-e29d99f38db5; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{
    "allow_spontaneous_scopes": false,
    "jwks": {"keys": [{
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
    }]},
    "application_type": "web",
    "rpt_as_jwt": false,
    "registration_client_uri": "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id=9941641f-26f8-45e0-9c04-a8b0f724fb9a",
    "tls_client_auth_subject_dn": "",
    "run_introspection_script_before_jwt_creation": false,
    "registration_access_token": "4d750784-640e-4f0e-ac9d-4d131d0768e7",
    "client_id": "9941641f-26f8-45e0-9c04-a8b0f724fb9a",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "test user_name clientinfo profile uma_protection email org_name work_phone address permission offline_access device_sso phone openid https://jans.io/auth/ssa.admin https://jans.io/auth/ssa.developer https://jans.io/auth/ssa.portal",
    "client_secret": "9d79d1f6-975c-45a3-a5aa-aec90b558039",
    "client_id_issued_at": 1672183608,
    "backchannel_logout_uri": [],
    "backchannel_logout_session_required": false,
    "client_name": "Test Client 2 VZveYQmcQcL3H7u",
    "par_lifetime": 600,
    "spontaneous_scopes": [],
    "id_token_signed_response_alg": "RS256",
    "access_token_as_jwt": false,
    "grant_types": [
        "authorization_code",
        "refresh_token"
    ],
    "subject_type": "pairwise",
    "keep_client_authorization_after_expiration": false,
    "require_par": false,
    "redirect_uris": ["https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"],
    "redirect_uris_regex": "",
    "additional_audience": [],
    "frontchannel_logout_session_required": false,
    "client_secret_expires_at": 1672270008,
    "access_token_signing_alg": "RS256",
    "contacts": ["certification@oidf.org"],
    "response_types": ["code"]
}
2022-12-27 23:26:48
CallDynamicRegistrationEndpoint
Parsed registration endpoint response
status
201
endpoint_name
dynamic registration
headers
{
  "date": "Tue, 27 Dec 2022 23:26:48 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "2193",
  "set-cookie": "X-Correlation-Id\u003d62177360-0a23-4fc8-9353-e29d99f38db5; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
body
{
    "allow_spontaneous_scopes": false,
    "jwks": {"keys": [{
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
    }]},
    "application_type": "web",
    "rpt_as_jwt": false,
    "registration_client_uri": "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id=9941641f-26f8-45e0-9c04-a8b0f724fb9a",
    "tls_client_auth_subject_dn": "",
    "run_introspection_script_before_jwt_creation": false,
    "registration_access_token": "4d750784-640e-4f0e-ac9d-4d131d0768e7",
    "client_id": "9941641f-26f8-45e0-9c04-a8b0f724fb9a",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "test user_name clientinfo profile uma_protection email org_name work_phone address permission offline_access device_sso phone openid https://jans.io/auth/ssa.admin https://jans.io/auth/ssa.developer https://jans.io/auth/ssa.portal",
    "client_secret": "9d79d1f6-975c-45a3-a5aa-aec90b558039",
    "client_id_issued_at": 1672183608,
    "backchannel_logout_uri": [],
    "backchannel_logout_session_required": false,
    "client_name": "Test Client 2 VZveYQmcQcL3H7u",
    "par_lifetime": 600,
    "spontaneous_scopes": [],
    "id_token_signed_response_alg": "RS256",
    "access_token_as_jwt": false,
    "grant_types": [
        "authorization_code",
        "refresh_token"
    ],
    "subject_type": "pairwise",
    "keep_client_authorization_after_expiration": false,
    "require_par": false,
    "redirect_uris": ["https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"],
    "redirect_uris_regex": "",
    "additional_audience": [],
    "frontchannel_logout_session_required": false,
    "client_secret_expires_at": 1672270008,
    "access_token_signing_alg": "RS256",
    "contacts": ["certification@oidf.org"],
    "response_types": ["code"]
}
body_json
{
  "allow_spontaneous_scopes": false,
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "e": "AQAB",
        "use": "sig",
        "alg": "RS256",
        "n": "kSFpaR78zSi_uknPOPRrEINmYLy6YGEK_IirqjrfyW7n12iR2orSNd_9HUZDRb0bwyQayOHShnsR1Upggh7S8LopRT5nxu2YSCV5m_h2N4y5_3aHM2j1TCH7cru3TNvTA977HhHBwuMtVuUKg_yxnlQX_vG8HHrNxI7b7C1UGAAGQ1odxsltIXTs7-2amwOQh6MUJa8qJ4leE2dC0gcAGWmkw6QbUku1UGT1TZPjpeMbjfZSDSnfWJgN-6eXuTX70koR6OISLyTsIcM_fK3C3m2X84KdB43TWFUQ468YcPYLuTdHlXM_jU1_LH6BmeDfHTbHZ34bOd6-jmu04AFfxw"
      }
    ]
  },
  "application_type": "web",
  "rpt_as_jwt": false,
  "registration_client_uri": "https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id\u003d9941641f-26f8-45e0-9c04-a8b0f724fb9a",
  "tls_client_auth_subject_dn": "",
  "run_introspection_script_before_jwt_creation": false,
  "registration_access_token": "4d750784-640e-4f0e-ac9d-4d131d0768e7",
  "client_id": "9941641f-26f8-45e0-9c04-a8b0f724fb9a",
  "token_endpoint_auth_method": "client_secret_basic",
  "scope": "test user_name clientinfo profile uma_protection email org_name work_phone address permission offline_access device_sso phone openid https://jans.io/auth/ssa.admin https://jans.io/auth/ssa.developer https://jans.io/auth/ssa.portal",
  "client_secret": "9d79d1f6-975c-45a3-a5aa-aec90b558039",
  "client_id_issued_at": 1672183608,
  "backchannel_logout_uri": [],
  "backchannel_logout_session_required": false,
  "client_name": "Test Client 2 VZveYQmcQcL3H7u",
  "par_lifetime": 600,
  "spontaneous_scopes": [],
  "id_token_signed_response_alg": "RS256",
  "access_token_as_jwt": false,
  "grant_types": [
    "authorization_code",
    "refresh_token"
  ],
  "subject_type": "pairwise",
  "keep_client_authorization_after_expiration": false,
  "require_par": false,
  "redirect_uris": [
    "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback"
  ],
  "redirect_uris_regex": "",
  "additional_audience": [],
  "frontchannel_logout_session_required": false,
  "client_secret_expires_at": 1672270008,
  "access_token_signing_alg": "RS256",
  "contacts": [
    "certification@oidf.org"
  ],
  "response_types": [
    "code"
  ]
}
2022-12-27 23:26:48 SUCCESS
EnsureContentTypeJson
endpoint_response Content-Type: header is application/json
2022-12-27 23:26:48 SUCCESS
EnsureHttpStatusCodeIs201
dynamic registration endpoint returned the expected http status
expected_status
201
http_status
201
2022-12-27 23:26:48 SUCCESS
CheckNoErrorFromDynamicRegistrationEndpoint
Dynamic registration endpoint did not return an error.
2022-12-27 23:26:48 SUCCESS
ExtractDynamicRegistrationResponse
Extracted client from dynamic registration response
client_id
9941641f-26f8-45e0-9c04-a8b0f724fb9a
2022-12-27 23:26:48 SUCCESS
VerifyClientManagementCredentials
Verified dynamic registration management credentials
registration_client_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id=9941641f-26f8-45e0-9c04-a8b0f724fb9a
registration_access_token
4d750784-640e-4f0e-ac9d-4d131d0768e7
2022-12-27 23:26:48
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-12-27 23:26:48
SetScopeInClientConfigurationToOpenIdOfflineAccessIfServerSupportsOfflineAccess
Set scope in client configuration to "openid offline_access"as 'scope_supported' contains 'offline_access'
scope
openid offline_access
2022-12-27 23:26:48 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic",
  "client_secret_post",
  "client_secret_jwt",
  "private_key_jwt",
  "tls_client_auth",
  "self_signed_tls_client_auth",
  "none"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-12-27 23:26:48 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/userinfo
2022-12-27 23:26:48
oidcc-refresh-token
Setup Done
Make request to authorization endpoint
2022-12-27 23:26:48 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
78f349d0-713d-40f2-b37c-00d1c0a947a4
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
2022-12-27 23:26:48
CreateRandomStateValue
Created state value
requested_state_length
10
state
c0qa8zcSyg
2022-12-27 23:26:48 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
78f349d0-713d-40f2-b37c-00d1c0a947a4
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
state
c0qa8zcSyg
2022-12-27 23:26:48
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
Z0DoXJawp1
2022-12-27 23:26:48 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
78f349d0-713d-40f2-b37c-00d1c0a947a4
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
state
c0qa8zcSyg
nonce
Z0DoXJawp1
2022-12-27 23:26:48 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
78f349d0-713d-40f2-b37c-00d1c0a947a4
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
state
c0qa8zcSyg
nonce
Z0DoXJawp1
response_type
code
2022-12-27 23:26:48 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Added prompt=consent to authorization endpoint request
client_id
78f349d0-713d-40f2-b37c-00d1c0a947a4
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
state
c0qa8zcSyg
nonce
Z0DoXJawp1
response_type
code
prompt
consent
2022-12-27 23:26:48 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "78f349d0-713d-40f2-b37c-00d1c0a947a4",
  "redirect_uri": "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback",
  "scope": "openid offline_access",
  "state": "c0qa8zcSyg",
  "nonce": "Z0DoXJawp1",
  "response_type": "code",
  "prompt": "consent"
}
redirect_to_authorization_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/authorize?client_id=78f349d0-713d-40f2-b37c-00d1c0a947a4&redirect_uri=https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback&scope=openid%20offline_access&state=c0qa8zcSyg&nonce=Z0DoXJawp1&response_type=code&prompt=consent
2022-12-27 23:26:48 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/authorize?client_id=78f349d0-713d-40f2-b37c-00d1c0a947a4&redirect_uri=https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback&scope=openid%20offline_access&state=c0qa8zcSyg&nonce=Z0DoXJawp1&response_type=code&prompt=consent
2022-12-27 23:27:02 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/VZveYQmcQcL3H7u/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Not?A_Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"108\", \"Google Chrome\";v\u003d\"108\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Linux\"",
  "referer": "https://milton-ch-precious-gopher.gluu.info/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,es;q\u003d0.8",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1671195405.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); __utma\u003d201319536.1115198539.1671195405.1671997866.1672149094.18; JSESSIONID\u003dA7FE058ADAF7CCDA0A211A9A498F2A59",
  "connection": "close"
}
incoming_path
/test/VZveYQmcQcL3H7u/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "code": "19e1f7d1-fe06-4f87-b0a6-94981b677867",
  "scope": "openid offline_access",
  "session_id": "6aad9d28-0b4c-4c4b-bc69-194159cea9a5",
  "state": "c0qa8zcSyg",
  "session_state": "281a55cd80fc8ba34854d6efd85ac7288c863c1ce1170c87f5ca23d19a9d3b55.33afcf94-6f6d-4601-8bae-f334c070af48"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-12-27 23:27:02 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/cqkLdOHyTsd15L5SH9q5",
  "fullUrl": "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/implicit/cqkLdOHyTsd15L5SH9q5"
}
2022-12-27 23:27:02 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance VZveYQmcQcL3H7u
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/VZveYQmcQcL3H7u/implicit/cqkLdOHyTsd15L5SH9q5, returnUrl=/log-detail.html?log=VZveYQmcQcL3H7u}]
outgoing_path
callback
2022-12-27 23:27:02 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/VZveYQmcQcL3H7u/implicit/cqkLdOHyTsd15L5SH9q5
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Not?A_Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"108\", \"Google Chrome\";v\u003d\"108\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Linux\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback?code\u003d19e1f7d1-fe06-4f87-b0a6-94981b677867\u0026scope\u003dopenid+offline_access\u0026session_id\u003d6aad9d28-0b4c-4c4b-bc69-194159cea9a5\u0026state\u003dc0qa8zcSyg\u0026session_state\u003d281a55cd80fc8ba34854d6efd85ac7288c863c1ce1170c87f5ca23d19a9d3b55.33afcf94-6f6d-4601-8bae-f334c070af48",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,es;q\u003d0.8",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1671195405.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); __utma\u003d201319536.1115198539.1671195405.1671997866.1672149094.18; JSESSIONID\u003dA7FE058ADAF7CCDA0A211A9A498F2A59",
  "connection": "close",
  "content-length": "0"
}
incoming_path
/test/VZveYQmcQcL3H7u/implicit/cqkLdOHyTsd15L5SH9q5
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-12-27 23:27:02 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance VZveYQmcQcL3H7u
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/cqkLdOHyTsd15L5SH9q5
2022-12-27 23:27:02 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2022-12-27 23:27:02 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{
  "code": "19e1f7d1-fe06-4f87-b0a6-94981b677867",
  "scope": "openid offline_access",
  "session_id": "6aad9d28-0b4c-4c4b-bc69-194159cea9a5",
  "state": "c0qa8zcSyg",
  "session_state": "281a55cd80fc8ba34854d6efd85ac7288c863c1ce1170c87f5ca23d19a9d3b55.33afcf94-6f6d-4601-8bae-f334c070af48"
}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Not?A_Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"108\", \"Google Chrome\";v\u003d\"108\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Linux\"",
  "referer": "https://milton-ch-precious-gopher.gluu.info/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,es;q\u003d0.8",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1671195405.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); __utma\u003d201319536.1115198539.1671195405.1671997866.1672149094.18; JSESSIONID\u003dA7FE058ADAF7CCDA0A211A9A498F2A59",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{}
post_body
Verify authorization endpoint response
2022-12-27 23:27:02 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-12-27 23:27:02
ValidateIssInAuthorizationResponse
No 'iss' value in authorization response.
2022-12-27 23:27:02 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-12-27 23:27:02 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
c0qa8zcSyg
2022-12-27 23:27:02 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
19e1f7d1-fe06-4f87-b0a6-94981b677867
2022-12-27 23:27:02 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
19e1f7d1-fe06-4f87-b0a6-94981b677867
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
2022-12-27 23:27:02 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic NzhmMzQ5ZDAtNzEzZC00MGYyLWIzN2MtMDBkMWMwYTk0N2E0OjE0MTg1Yzc1LTljZGEtNGE3Mi1hNGY2LTA3NjQxNzc0NGMwYQ==
2022-12-27 23:27:02
CallTokenEndpoint
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic NzhmMzQ5ZDAtNzEzZC00MGYyLWIzN2MtMDBkMWMwYTk0N2E0OjE0MTg1Yzc1LTljZGEtNGE3Mi1hNGY2LTA3NjQxNzc0NGMwYQ\u003d\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "163"
}
request_body
grant_type=authorization_code&code=19e1f7d1-fe06-4f87-b0a6-94981b677867&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2FVZveYQmcQcL3H7u%2Fcallback
2022-12-27 23:27:03 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:02 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "1272",
  "set-cookie": "X-Correlation-Id\u003d5a644636-0b25-4649-81f3-c0b73fe46047; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"access_token":"6d7623cc-f91d-4501-bfd2-0812cbdecd88","refresh_token":"5c272761-1843-4e8b-98f5-293a1b6807d0","id_token":"eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoidHRHOGpDRk1oNFpWWkozclhZb1hOUSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiZDYyNWQ2Y2ItZTI1NC00MzhhLWE5MmQtNjdhNjRmNDQ2YTQ5IiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6IlowRG9YSmF3cDEiLCJzaWQiOiJlNGI1YTA5Yy1jNGY5LTRhZWUtYmNmMS0wYTYwMzVmM2ViMTAiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijc4ZjM0OWQwLTcxM2QtNDBmMi1iMzdjLTAwZDFjMGE5NDdhNCIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiQ0RYM0RoT1JIMkFLaENlX0lFTnRhUSIsImF1dGhfdGltZSI6MTY3MjE4MzYyMSwiZXhwIjoxNjcyMTg3MjIyLCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYyMn0.evZNImw1NXR0ThYEHh39q5HoLELcU5RZQ_cyjaGhxV8UDCWe-fHatFpkuyEMXEAsINm42NODLUcsg8SyichquoAddEAdnyWyMwAr_8t1L570WRfETY-kZC0z9AkTzLIoF3HhPQsCVknnWhbh4o5lDiVUT5QWqZ93xVQs0nWByFOBZW7O6OU7XxgLcMhPk4xm-99SS-TGwqNY83ENSoG80Sbd2_KPQB585bISyaBoQHA3U-GKjc_D99FNf3xJ3DytR0_HnHNZIt-GRV7HRYKqtwFqpqvcmtKS2_YRQ_AcShDJ56gImE89XV41dBpBUZQkVtffcS9KTHB9TRqXwY3hAA","token_type":"Bearer","expires_in":299}
2022-12-27 23:27:03 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
6d7623cc-f91d-4501-bfd2-0812cbdecd88
refresh_token
5c272761-1843-4e8b-98f5-293a1b6807d0
id_token
eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoidHRHOGpDRk1oNFpWWkozclhZb1hOUSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiZDYyNWQ2Y2ItZTI1NC00MzhhLWE5MmQtNjdhNjRmNDQ2YTQ5IiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6IlowRG9YSmF3cDEiLCJzaWQiOiJlNGI1YTA5Yy1jNGY5LTRhZWUtYmNmMS0wYTYwMzVmM2ViMTAiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijc4ZjM0OWQwLTcxM2QtNDBmMi1iMzdjLTAwZDFjMGE5NDdhNCIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiQ0RYM0RoT1JIMkFLaENlX0lFTnRhUSIsImF1dGhfdGltZSI6MTY3MjE4MzYyMSwiZXhwIjoxNjcyMTg3MjIyLCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYyMn0.evZNImw1NXR0ThYEHh39q5HoLELcU5RZQ_cyjaGhxV8UDCWe-fHatFpkuyEMXEAsINm42NODLUcsg8SyichquoAddEAdnyWyMwAr_8t1L570WRfETY-kZC0z9AkTzLIoF3HhPQsCVknnWhbh4o5lDiVUT5QWqZ93xVQs0nWByFOBZW7O6OU7XxgLcMhPk4xm-99SS-TGwqNY83ENSoG80Sbd2_KPQB585bISyaBoQHA3U-GKjc_D99FNf3xJ3DytR0_HnHNZIt-GRV7HRYKqtwFqpqvcmtKS2_YRQ_AcShDJ56gImE89XV41dBpBUZQkVtffcS9KTHB9TRqXwY3hAA
token_type
Bearer
expires_in
299
2022-12-27 23:27:03 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-12-27 23:27:03 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
6d7623cc-f91d-4501-bfd2-0812cbdecd88
2022-12-27 23:27:03 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
6d7623cc-f91d-4501-bfd2-0812cbdecd88
type
Bearer
2022-12-27 23:27:03 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
299
2022-12-27 23:27:03 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
299
2022-12-27 23:27:03 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
5c272761-1843-4e8b-98f5-293a1b6807d0
2022-12-27 23:27:03 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoidHRHOGpDRk1oNFpWWkozclhZb1hOUSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiZDYyNWQ2Y2ItZTI1NC00MzhhLWE5MmQtNjdhNjRmNDQ2YTQ5IiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6IlowRG9YSmF3cDEiLCJzaWQiOiJlNGI1YTA5Yy1jNGY5LTRhZWUtYmNmMS0wYTYwMzVmM2ViMTAiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijc4ZjM0OWQwLTcxM2QtNDBmMi1iMzdjLTAwZDFjMGE5NDdhNCIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiQ0RYM0RoT1JIMkFLaENlX0lFTnRhUSIsImF1dGhfdGltZSI6MTY3MjE4MzYyMSwiZXhwIjoxNjcyMTg3MjIyLCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYyMn0.evZNImw1NXR0ThYEHh39q5HoLELcU5RZQ_cyjaGhxV8UDCWe-fHatFpkuyEMXEAsINm42NODLUcsg8SyichquoAddEAdnyWyMwAr_8t1L570WRfETY-kZC0z9AkTzLIoF3HhPQsCVknnWhbh4o5lDiVUT5QWqZ93xVQs0nWByFOBZW7O6OU7XxgLcMhPk4xm-99SS-TGwqNY83ENSoG80Sbd2_KPQB585bISyaBoQHA3U-GKjc_D99FNf3xJ3DytR0_HnHNZIt-GRV7HRYKqtwFqpqvcmtKS2_YRQ_AcShDJ56gImE89XV41dBpBUZQkVtffcS9KTHB9TRqXwY3hAA
header
{
  "kid": "93bd7998-f8dd-4edc-bb37-849df3f455a5_sig_rs256",
  "typ": "jwt",
  "alg": "RS256"
}
claims
{
  "at_hash": "ttG8jCFMh4ZVZJ3rXYoXNQ",
  "sub": "AhaOTjEknJ_LMMZifj1LOxbXMI-AJaCLzpTwRb02Gnk",
  "code": "d625d6cb-e254-438a-a92d-67a64f446a49",
  "amr": [
    "10"
  ],
  "iss": "https://milton-ch-precious-gopher.gluu.info",
  "nonce": "Z0DoXJawp1",
  "sid": "e4b5a09c-c4f9-4aee-bcf1-0a6035f3eb10",
  "jansOpenIDConnectVersion": "openidconnect-1.0",
  "aud": "78f349d0-713d-40f2-b37c-00d1c0a947a4",
  "acr": "basic",
  "c_hash": "CDX3DhORH2AKhCe_IENtaQ",
  "auth_time": 1672183621,
  "exp": 1672187222,
  "grant": "authorization_code",
  "iat": 1672183622
}
2022-12-27 23:27:03 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-12-27 23:27:03
ValidateIdTokenStandardClaims
sub is a string with content
2022-12-27 23:27:03
ValidateIdTokenStandardClaims
Skipping unknown claim: code
2022-12-27 23:27:03
ValidateIdTokenStandardClaims
Skipping unknown claim: sid
2022-12-27 23:27:03
ValidateIdTokenStandardClaims
Skipping unknown claim: jansOpenIDConnectVersion
2022-12-27 23:27:03
ValidateIdTokenStandardClaims
Skipping unknown claim: grant
2022-12-27 23:27:03 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-12-27 23:27:03 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
Z0DoXJawp1
2022-12-27 23:27:03 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-12-27 23:27:03 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoidHRHOGpDRk1oNFpWWkozclhZb1hOUSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiZDYyNWQ2Y2ItZTI1NC00MzhhLWE5MmQtNjdhNjRmNDQ2YTQ5IiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6IlowRG9YSmF3cDEiLCJzaWQiOiJlNGI1YTA5Yy1jNGY5LTRhZWUtYmNmMS0wYTYwMzVmM2ViMTAiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijc4ZjM0OWQwLTcxM2QtNDBmMi1iMzdjLTAwZDFjMGE5NDdhNCIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiQ0RYM0RoT1JIMkFLaENlX0lFTnRhUSIsImF1dGhfdGltZSI6MTY3MjE4MzYyMSwiZXhwIjoxNjcyMTg3MjIyLCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYyMn0.evZNImw1NXR0ThYEHh39q5HoLELcU5RZQ_cyjaGhxV8UDCWe-fHatFpkuyEMXEAsINm42NODLUcsg8SyichquoAddEAdnyWyMwAr_8t1L570WRfETY-kZC0z9AkTzLIoF3HhPQsCVknnWhbh4o5lDiVUT5QWqZ93xVQs0nWByFOBZW7O6OU7XxgLcMhPk4xm-99SS-TGwqNY83ENSoG80Sbd2_KPQB585bISyaBoQHA3U-GKjc_D99FNf3xJ3DytR0_HnHNZIt-GRV7HRYKqtwFqpqvcmtKS2_YRQ_AcShDJ56gImE89XV41dBpBUZQkVtffcS9KTHB9TRqXwY3hAA
2022-12-27 23:27:03 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoidHRHOGpDRk1oNFpWWkozclhZb1hOUSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiZDYyNWQ2Y2ItZTI1NC00MzhhLWE5MmQtNjdhNjRmNDQ2YTQ5IiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6IlowRG9YSmF3cDEiLCJzaWQiOiJlNGI1YTA5Yy1jNGY5LTRhZWUtYmNmMS0wYTYwMzVmM2ViMTAiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijc4ZjM0OWQwLTcxM2QtNDBmMi1iMzdjLTAwZDFjMGE5NDdhNCIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiQ0RYM0RoT1JIMkFLaENlX0lFTnRhUSIsImF1dGhfdGltZSI6MTY3MjE4MzYyMSwiZXhwIjoxNjcyMTg3MjIyLCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYyMn0.evZNImw1NXR0ThYEHh39q5HoLELcU5RZQ_cyjaGhxV8UDCWe-fHatFpkuyEMXEAsINm42NODLUcsg8SyichquoAddEAdnyWyMwAr_8t1L570WRfETY-kZC0z9AkTzLIoF3HhPQsCVknnWhbh4o5lDiVUT5QWqZ93xVQs0nWByFOBZW7O6OU7XxgLcMhPk4xm-99SS-TGwqNY83ENSoG80Sbd2_KPQB585bISyaBoQHA3U-GKjc_D99FNf3xJ3DytR0_HnHNZIt-GRV7HRYKqtwFqpqvcmtKS2_YRQ_AcShDJ56gImE89XV41dBpBUZQkVtffcS9KTHB9TRqXwY3hAA
2022-12-27 23:27:03 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
AhaOTjEknJ_LMMZifj1LOxbXMI-AJaCLzpTwRb02Gnk
2022-12-27 23:27:03
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-12-27 23:27:03 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-12-27 23:27:03 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
5c272761-1843-4e8b-98f5-293a1b6807d0
2022-12-27 23:27:03 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "urn:ietf:params:oauth:grant-type:device_code",
  "urn:openid:params:grant-type:ciba",
  "password",
  "urn:ietf:params:oauth:grant-type:uma-ticket",
  "client_credentials",
  "urn:ietf:params:oauth:grant-type:token-exchange"
]
2022-12-27 23:27:03 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-12-27 23:27:03 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
5c272761-1843-4e8b-98f5-293a1b6807d0
2022-12-27 23:27:03 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid offline_access' to token endpoint request
grant_type
refresh_token
refresh_token
5c272761-1843-4e8b-98f5-293a1b6807d0
scope
openid offline_access
2022-12-27 23:27:03 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic NzhmMzQ5ZDAtNzEzZC00MGYyLWIzN2MtMDBkMWMwYTk0N2E0OjE0MTg1Yzc1LTljZGEtNGE3Mi1hNGY2LTA3NjQxNzc0NGMwYQ==
2022-12-27 23:27:03 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-12-27 23:27:04 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-12-27 23:27:04
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic NzhmMzQ5ZDAtNzEzZC00MGYyLWIzN2MtMDBkMWMwYTk0N2E0OjE0MTg1Yzc1LTljZGEtNGE3Mi1hNGY2LTA3NjQxNzc0NGMwYQ\u003d\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "103"
}
request_body
grant_type=refresh_token&refresh_token=5c272761-1843-4e8b-98f5-293a1b6807d0&scope=openid+offline_access
2022-12-27 23:27:04 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:04 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "181",
  "set-cookie": "X-Correlation-Id\u003d01e14558-2b46-4af5-90c6-e1ad7a75dfe0; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"access_token":"82994f77-d59e-432a-bf84-d5246871e93f","refresh_token":"783cdfd4-7db9-48cd-a533-23af7a94cc22","scope":"openid offline_access","token_type":"Bearer","expires_in":299}
2022-12-27 23:27:04 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
82994f77-d59e-432a-bf84-d5246871e93f
refresh_token
783cdfd4-7db9-48cd-a533-23af7a94cc22
scope
openid offline_access
token_type
Bearer
expires_in
299
2022-12-27 23:27:04 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-12-27 23:27:04 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-12-27 23:27:04 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-12-27 23:27:04 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-12-27 23:27:04 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
82994f77-d59e-432a-bf84-d5246871e93f
type
Bearer
2022-12-27 23:27:04 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-12-27 23:27:04 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
135.09775004326937
expected
96.0
value
82994f77-d59e-432a-bf84-d5246871e93f
2022-12-27 23:27:04 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-12-27 23:27:04 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
299
2022-12-27 23:27:04 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
299
2022-12-27 23:27:04 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
6d7623cc-f91d-4501-bfd2-0812cbdecd88
second_access_token
82994f77-d59e-432a-bf84-d5246871e93f
2022-12-27 23:27:04 INFO
ExtractIdTokenFromTokenResponse
Couldn't find id_token in token_endpoint_response
2022-12-27 23:27:04 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
783cdfd4-7db9-48cd-a533-23af7a94cc22
2022-12-27 23:27:04 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
288
required
128
2022-12-27 23:27:04 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
129.09775004326937
expected
96.0
value
783cdfd4-7db9-48cd-a533-23af7a94cc22
2022-12-27 23:27:04 INFO
CompareIdTokenClaims
Skipped evaluation due to missing required object: second_id_token
expected
second_id_token
mapped
second_id_token
Userinfo endpoint tests
2022-12-27 23:27:04
CallProtectedResource
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer 82994f77-d59e-432a-bf84-d5246871e93f",
  "content-length": "0"
}
request_body

                                
2022-12-27 23:27:04 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:04 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store, private",
  "content-type": "application/json;charset\u003dutf-8",
  "pragma": "no-cache",
  "content-length": "82",
  "set-cookie": "X-Correlation-Id\u003dcf72eb10-ce2c-4a8f-ba16-f5a8f081ed0e; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"sub":"AhaOTjEknJ_LMMZifj1LOxbXMI-AJaCLzpTwRb02Gnk","name":"Jans Auth Test User"}
2022-12-27 23:27:04 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "date": "Tue, 27 Dec 2022 23:27:04 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store, private",
  "content-type": "application/json;charset\u003dutf-8",
  "pragma": "no-cache",
  "content-length": "82",
  "set-cookie": "X-Correlation-Id\u003dcf72eb10-ce2c-4a8f-ba16-f5a8f081ed0e; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
body
{"sub":"AhaOTjEknJ_LMMZifj1LOxbXMI-AJaCLzpTwRb02Gnk","name":"Jans Auth Test User"}
2022-12-27 23:27:04 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Second client: Make request to authorization endpoint
2022-12-27 23:27:04 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
9941641f-26f8-45e0-9c04-a8b0f724fb9a
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
2022-12-27 23:27:04
CreateRandomStateValue
Created state value
requested_state_length
10
state
TWWjd3BZEO
2022-12-27 23:27:04 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
9941641f-26f8-45e0-9c04-a8b0f724fb9a
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
state
TWWjd3BZEO
2022-12-27 23:27:04
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
rPGJv4gBEm
2022-12-27 23:27:04 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
9941641f-26f8-45e0-9c04-a8b0f724fb9a
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
state
TWWjd3BZEO
nonce
rPGJv4gBEm
2022-12-27 23:27:04 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
9941641f-26f8-45e0-9c04-a8b0f724fb9a
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
state
TWWjd3BZEO
nonce
rPGJv4gBEm
response_type
code
2022-12-27 23:27:04 SUCCESS
AddPromptConsentToAuthorizationEndpointRequestIfScopeContainsOfflineAccess
Added prompt=consent to authorization endpoint request
client_id
9941641f-26f8-45e0-9c04-a8b0f724fb9a
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
scope
openid offline_access
state
TWWjd3BZEO
nonce
rPGJv4gBEm
response_type
code
prompt
consent
2022-12-27 23:27:04 SUCCESS
BuildPlainRedirectToAuthorizationEndpoint
Sending to authorization endpoint
auth_request
{
  "client_id": "9941641f-26f8-45e0-9c04-a8b0f724fb9a",
  "redirect_uri": "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback",
  "scope": "openid offline_access",
  "state": "TWWjd3BZEO",
  "nonce": "rPGJv4gBEm",
  "response_type": "code",
  "prompt": "consent"
}
redirect_to_authorization_endpoint
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/authorize?client_id=9941641f-26f8-45e0-9c04-a8b0f724fb9a&redirect_uri=https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback&scope=openid%20offline_access&state=TWWjd3BZEO&nonce=rPGJv4gBEm&response_type=code&prompt=consent
2022-12-27 23:27:04 REDIRECT
oidcc-refresh-token
Redirecting to authorization endpoint
redirect_to
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/authorize?client_id=9941641f-26f8-45e0-9c04-a8b0f724fb9a&redirect_uri=https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback&scope=openid%20offline_access&state=TWWjd3BZEO&nonce=rPGJv4gBEm&response_type=code&prompt=consent
2022-12-27 23:27:19 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/VZveYQmcQcL3H7u/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Not?A_Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"108\", \"Google Chrome\";v\u003d\"108\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Linux\"",
  "referer": "https://milton-ch-precious-gopher.gluu.info/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,es;q\u003d0.8",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1671195405.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); __utma\u003d201319536.1115198539.1671195405.1671997866.1672149094.18; JSESSIONID\u003dA7FE058ADAF7CCDA0A211A9A498F2A59",
  "connection": "close"
}
incoming_path
/test/VZveYQmcQcL3H7u/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "code": "de27aac1-ad1e-4822-adfe-c627fea894ab",
  "scope": "openid offline_access",
  "session_id": "97285ef6-eabe-4c02-936c-9ad463e670ff",
  "state": "TWWjd3BZEO",
  "session_state": "50446f208afc9c4e996ac5cf686111785ee5f211622c4c52461b4e3ba9b30566.37bf7a52-f4eb-4438-a18b-f601ea084373"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-12-27 23:27:19 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/2dh8kfaOZH3VENLl9I5N",
  "fullUrl": "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/implicit/2dh8kfaOZH3VENLl9I5N"
}
2022-12-27 23:27:19 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance VZveYQmcQcL3H7u
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/VZveYQmcQcL3H7u/implicit/2dh8kfaOZH3VENLl9I5N, returnUrl=/log-detail.html?log=VZveYQmcQcL3H7u}]
outgoing_path
callback
2022-12-27 23:27:19 INCOMING
oidcc-refresh-token
Incoming HTTP request to /test/VZveYQmcQcL3H7u/implicit/2dh8kfaOZH3VENLl9I5N
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Not?A_Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"108\", \"Google Chrome\";v\u003d\"108\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Linux\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback?code\u003dde27aac1-ad1e-4822-adfe-c627fea894ab\u0026scope\u003dopenid+offline_access\u0026session_id\u003d97285ef6-eabe-4c02-936c-9ad463e670ff\u0026state\u003dTWWjd3BZEO\u0026session_state\u003d50446f208afc9c4e996ac5cf686111785ee5f211622c4c52461b4e3ba9b30566.37bf7a52-f4eb-4438-a18b-f601ea084373",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,es;q\u003d0.8",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1671195405.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); __utma\u003d201319536.1115198539.1671195405.1671997866.1672149094.18; JSESSIONID\u003dA7FE058ADAF7CCDA0A211A9A498F2A59",
  "connection": "close",
  "content-length": "0"
}
incoming_path
/test/VZveYQmcQcL3H7u/implicit/2dh8kfaOZH3VENLl9I5N
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
2022-12-27 23:27:19 OUTGOING
oidcc-refresh-token
Response to HTTP request to test instance VZveYQmcQcL3H7u
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/2dh8kfaOZH3VENLl9I5N
2022-12-27 23:27:19 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2022-12-27 23:27:19 REDIRECT-IN
oidcc-refresh-token
Authorization endpoint response captured
url_query
{
  "code": "de27aac1-ad1e-4822-adfe-c627fea894ab",
  "scope": "openid offline_access",
  "session_id": "97285ef6-eabe-4c02-936c-9ad463e670ff",
  "state": "TWWjd3BZEO",
  "session_state": "50446f208afc9c4e996ac5cf686111785ee5f211622c4c52461b4e3ba9b30566.37bf7a52-f4eb-4438-a18b-f601ea084373"
}
headers
{
  "host": "www.certification.openid.net",
  "cache-control": "max-age\u003d0",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Not?A_Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"108\", \"Google Chrome\";v\u003d\"108\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Linux\"",
  "referer": "https://milton-ch-precious-gopher.gluu.info/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9,es;q\u003d0.8",
  "cookie": "__utmc\u003d201319536; __utmz\u003d201319536.1671195405.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); __utma\u003d201319536.1115198539.1671195405.1671997866.1672149094.18; JSESSIONID\u003dA7FE058ADAF7CCDA0A211A9A498F2A59",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{}
post_body
Second client: Verify authorization endpoint response
2022-12-27 23:27:19 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2022-12-27 23:27:19
ValidateIssInAuthorizationResponse
No 'iss' value in authorization response.
2022-12-27 23:27:19 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2022-12-27 23:27:19 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
TWWjd3BZEO
2022-12-27 23:27:19 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
de27aac1-ad1e-4822-adfe-c627fea894ab
2022-12-27 23:27:19 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
Created token endpoint request
grant_type
authorization_code
code
de27aac1-ad1e-4822-adfe-c627fea894ab
redirect_uri
https://www.certification.openid.net/test/VZveYQmcQcL3H7u/callback
2022-12-27 23:27:19 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic OTk0MTY0MWYtMjZmOC00NWUwLTljMDQtYThiMGY3MjRmYjlhOjlkNzlkMWY2LTk3NWMtNDVhMy1hNWFhLWFlYzkwYjU1ODAzOQ==
2022-12-27 23:27:19
CallTokenEndpoint
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic OTk0MTY0MWYtMjZmOC00NWUwLTljMDQtYThiMGY3MjRmYjlhOjlkNzlkMWY2LTk3NWMtNDVhMy1hNWFhLWFlYzkwYjU1ODAzOQ\u003d\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "163"
}
request_body
grant_type=authorization_code&code=de27aac1-ad1e-4822-adfe-c627fea894ab&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2FVZveYQmcQcL3H7u%2Fcallback
2022-12-27 23:27:19 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:19 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "1272",
  "set-cookie": "X-Correlation-Id\u003d8dff32c5-e26a-4615-9e94-cbdf96daeb48; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"access_token":"24542efb-3d2f-45f9-99b5-b0ea4ba48845","refresh_token":"8db82f30-e9e4-45b6-9f95-7c7aae67a973","id_token":"eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoiU3JWcUhLa1NuQ1VYVUkwZ1VtbDlVQSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiNDhhMDIzNTktYTk5My00ZjQ3LWFlNTUtMzMzY2YwM2Y4MmRiIiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6InJQR0p2NGdCRW0iLCJzaWQiOiI1NWZlMmViNy03ZGVmLTRiM2EtYmZmOC03NTMyZTJkOWIyNmMiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijk5NDE2NDFmLTI2ZjgtNDVlMC05YzA0LWE4YjBmNzI0ZmI5YSIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiX212dlhqMkQzS3hwdlFycDlnMmdrQSIsImF1dGhfdGltZSI6MTY3MjE4MzYzOCwiZXhwIjoxNjcyMTg3MjM5LCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYzOX0.FXgFkzXdgjm2xC-95DmmJGe8byv56ONODpCtg6BFViHUtpiMaGvY_2xnA7FdRpz8uMevtfDZ3tmTO_5Yj6n2sLKxVi6dQTNat5YE7PfeQHSKS5WtNkSVKI-aEYgrNZbjHtnQ36E0s0e17WsIZhvTTsziaNsouov4DuPGvOG2n8v_gNAENDDCjAgOv5TjuFiwG70JrsNhWkwamCaeDzW4rLoHnPp7_sl1WuX3i00MuHOkVxzznu94ZNWAtFWgfbuV1RS0QGSQmr90r3uhGVyw3fIgz7tDutnANMcOh9DByklOYt9Mbrg_MWWCPYCF-uDoQ1bubY7MbXqEjuZVraXd9w","token_type":"Bearer","expires_in":299}
2022-12-27 23:27:19 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
24542efb-3d2f-45f9-99b5-b0ea4ba48845
refresh_token
8db82f30-e9e4-45b6-9f95-7c7aae67a973
id_token
eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoiU3JWcUhLa1NuQ1VYVUkwZ1VtbDlVQSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiNDhhMDIzNTktYTk5My00ZjQ3LWFlNTUtMzMzY2YwM2Y4MmRiIiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6InJQR0p2NGdCRW0iLCJzaWQiOiI1NWZlMmViNy03ZGVmLTRiM2EtYmZmOC03NTMyZTJkOWIyNmMiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijk5NDE2NDFmLTI2ZjgtNDVlMC05YzA0LWE4YjBmNzI0ZmI5YSIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiX212dlhqMkQzS3hwdlFycDlnMmdrQSIsImF1dGhfdGltZSI6MTY3MjE4MzYzOCwiZXhwIjoxNjcyMTg3MjM5LCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYzOX0.FXgFkzXdgjm2xC-95DmmJGe8byv56ONODpCtg6BFViHUtpiMaGvY_2xnA7FdRpz8uMevtfDZ3tmTO_5Yj6n2sLKxVi6dQTNat5YE7PfeQHSKS5WtNkSVKI-aEYgrNZbjHtnQ36E0s0e17WsIZhvTTsziaNsouov4DuPGvOG2n8v_gNAENDDCjAgOv5TjuFiwG70JrsNhWkwamCaeDzW4rLoHnPp7_sl1WuX3i00MuHOkVxzznu94ZNWAtFWgfbuV1RS0QGSQmr90r3uhGVyw3fIgz7tDutnANMcOh9DByklOYt9Mbrg_MWWCPYCF-uDoQ1bubY7MbXqEjuZVraXd9w
token_type
Bearer
expires_in
299
2022-12-27 23:27:19 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-12-27 23:27:19 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
24542efb-3d2f-45f9-99b5-b0ea4ba48845
2022-12-27 23:27:19 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
24542efb-3d2f-45f9-99b5-b0ea4ba48845
type
Bearer
2022-12-27 23:27:19 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
299
2022-12-27 23:27:19 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
299
2022-12-27 23:27:19 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
8db82f30-e9e4-45b6-9f95-7c7aae67a973
2022-12-27 23:27:19 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoiU3JWcUhLa1NuQ1VYVUkwZ1VtbDlVQSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiNDhhMDIzNTktYTk5My00ZjQ3LWFlNTUtMzMzY2YwM2Y4MmRiIiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6InJQR0p2NGdCRW0iLCJzaWQiOiI1NWZlMmViNy03ZGVmLTRiM2EtYmZmOC03NTMyZTJkOWIyNmMiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijk5NDE2NDFmLTI2ZjgtNDVlMC05YzA0LWE4YjBmNzI0ZmI5YSIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiX212dlhqMkQzS3hwdlFycDlnMmdrQSIsImF1dGhfdGltZSI6MTY3MjE4MzYzOCwiZXhwIjoxNjcyMTg3MjM5LCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYzOX0.FXgFkzXdgjm2xC-95DmmJGe8byv56ONODpCtg6BFViHUtpiMaGvY_2xnA7FdRpz8uMevtfDZ3tmTO_5Yj6n2sLKxVi6dQTNat5YE7PfeQHSKS5WtNkSVKI-aEYgrNZbjHtnQ36E0s0e17WsIZhvTTsziaNsouov4DuPGvOG2n8v_gNAENDDCjAgOv5TjuFiwG70JrsNhWkwamCaeDzW4rLoHnPp7_sl1WuX3i00MuHOkVxzznu94ZNWAtFWgfbuV1RS0QGSQmr90r3uhGVyw3fIgz7tDutnANMcOh9DByklOYt9Mbrg_MWWCPYCF-uDoQ1bubY7MbXqEjuZVraXd9w
header
{
  "kid": "93bd7998-f8dd-4edc-bb37-849df3f455a5_sig_rs256",
  "typ": "jwt",
  "alg": "RS256"
}
claims
{
  "at_hash": "SrVqHKkSnCUXUI0gUml9UA",
  "sub": "AhaOTjEknJ_LMMZifj1LOxbXMI-AJaCLzpTwRb02Gnk",
  "code": "48a02359-a993-4f47-ae55-333cf03f82db",
  "amr": [
    "10"
  ],
  "iss": "https://milton-ch-precious-gopher.gluu.info",
  "nonce": "rPGJv4gBEm",
  "sid": "55fe2eb7-7def-4b3a-bff8-7532e2d9b26c",
  "jansOpenIDConnectVersion": "openidconnect-1.0",
  "aud": "9941641f-26f8-45e0-9c04-a8b0f724fb9a",
  "acr": "basic",
  "c_hash": "_mvvXj2D3KxpvQrp9g2gkA",
  "auth_time": 1672183638,
  "exp": 1672187239,
  "grant": "authorization_code",
  "iat": 1672183639
}
2022-12-27 23:27:19 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-12-27 23:27:19
ValidateIdTokenStandardClaims
sub is a string with content
2022-12-27 23:27:19
ValidateIdTokenStandardClaims
Skipping unknown claim: code
2022-12-27 23:27:19
ValidateIdTokenStandardClaims
Skipping unknown claim: sid
2022-12-27 23:27:19
ValidateIdTokenStandardClaims
Skipping unknown claim: jansOpenIDConnectVersion
2022-12-27 23:27:19
ValidateIdTokenStandardClaims
Skipping unknown claim: grant
2022-12-27 23:27:19 SUCCESS
ValidateIdTokenStandardClaims
id_token claims are valid
2022-12-27 23:27:19 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
rPGJv4gBEm
2022-12-27 23:27:19 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
Nothing to check; the conformance suite did not request an acr claim in request object
2022-12-27 23:27:19 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoiU3JWcUhLa1NuQ1VYVUkwZ1VtbDlVQSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiNDhhMDIzNTktYTk5My00ZjQ3LWFlNTUtMzMzY2YwM2Y4MmRiIiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6InJQR0p2NGdCRW0iLCJzaWQiOiI1NWZlMmViNy03ZGVmLTRiM2EtYmZmOC03NTMyZTJkOWIyNmMiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijk5NDE2NDFmLTI2ZjgtNDVlMC05YzA0LWE4YjBmNzI0ZmI5YSIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiX212dlhqMkQzS3hwdlFycDlnMmdrQSIsImF1dGhfdGltZSI6MTY3MjE4MzYzOCwiZXhwIjoxNjcyMTg3MjM5LCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYzOX0.FXgFkzXdgjm2xC-95DmmJGe8byv56ONODpCtg6BFViHUtpiMaGvY_2xnA7FdRpz8uMevtfDZ3tmTO_5Yj6n2sLKxVi6dQTNat5YE7PfeQHSKS5WtNkSVKI-aEYgrNZbjHtnQ36E0s0e17WsIZhvTTsziaNsouov4DuPGvOG2n8v_gNAENDDCjAgOv5TjuFiwG70JrsNhWkwamCaeDzW4rLoHnPp7_sl1WuX3i00MuHOkVxzznu94ZNWAtFWgfbuV1RS0QGSQmr90r3uhGVyw3fIgz7tDutnANMcOh9DByklOYt9Mbrg_MWWCPYCF-uDoQ1bubY7MbXqEjuZVraXd9w
2022-12-27 23:27:19 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJraWQiOiI5M2JkNzk5OC1mOGRkLTRlZGMtYmIzNy04NDlkZjNmNDU1YTVfc2lnX3JzMjU2IiwidHlwIjoiand0IiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoiU3JWcUhLa1NuQ1VYVUkwZ1VtbDlVQSIsInN1YiI6IkFoYU9UakVrbkpfTE1NWmlmajFMT3hiWE1JLUFKYUNMenBUd1JiMDJHbmsiLCJjb2RlIjoiNDhhMDIzNTktYTk5My00ZjQ3LWFlNTUtMzMzY2YwM2Y4MmRiIiwiYW1yIjpbIjEwIl0sImlzcyI6Imh0dHBzOi8vbWlsdG9uLWNoLXByZWNpb3VzLWdvcGhlci5nbHV1LmluZm8iLCJub25jZSI6InJQR0p2NGdCRW0iLCJzaWQiOiI1NWZlMmViNy03ZGVmLTRiM2EtYmZmOC03NTMyZTJkOWIyNmMiLCJqYW5zT3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsImF1ZCI6Ijk5NDE2NDFmLTI2ZjgtNDVlMC05YzA0LWE4YjBmNzI0ZmI5YSIsImFjciI6ImJhc2ljIiwiY19oYXNoIjoiX212dlhqMkQzS3hwdlFycDlnMmdrQSIsImF1dGhfdGltZSI6MTY3MjE4MzYzOCwiZXhwIjoxNjcyMTg3MjM5LCJncmFudCI6ImF1dGhvcml6YXRpb25fY29kZSIsImlhdCI6MTY3MjE4MzYzOX0.FXgFkzXdgjm2xC-95DmmJGe8byv56ONODpCtg6BFViHUtpiMaGvY_2xnA7FdRpz8uMevtfDZ3tmTO_5Yj6n2sLKxVi6dQTNat5YE7PfeQHSKS5WtNkSVKI-aEYgrNZbjHtnQ36E0s0e17WsIZhvTTsziaNsouov4DuPGvOG2n8v_gNAENDDCjAgOv5TjuFiwG70JrsNhWkwamCaeDzW4rLoHnPp7_sl1WuX3i00MuHOkVxzznu94ZNWAtFWgfbuV1RS0QGSQmr90r3uhGVyw3fIgz7tDutnANMcOh9DByklOYt9Mbrg_MWWCPYCF-uDoQ1bubY7MbXqEjuZVraXd9w
2022-12-27 23:27:19 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
AhaOTjEknJ_LMMZifj1LOxbXMI-AJaCLzpTwRb02Gnk
2022-12-27 23:27:19
EnsureIdTokenUpdatedAtValid
id_token response does not contain 'updated_at'
2022-12-27 23:27:19 INFO
ValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-12-27 23:27:19 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
8db82f30-e9e4-45b6-9f95-7c7aae67a973
2022-12-27 23:27:19 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "urn:ietf:params:oauth:grant-type:device_code",
  "urn:openid:params:grant-type:ciba",
  "password",
  "urn:ietf:params:oauth:grant-type:uma-ticket",
  "client_credentials",
  "urn:ietf:params:oauth:grant-type:token-exchange"
]
2022-12-27 23:27:19 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2022-12-27 23:27:19 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
8db82f30-e9e4-45b6-9f95-7c7aae67a973
2022-12-27 23:27:19 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic OTk0MTY0MWYtMjZmOC00NWUwLTljMDQtYThiMGY3MjRmYjlhOjlkNzlkMWY2LTk3NWMtNDVhMy1hNWFhLWFlYzkwYjU1ODAzOQ==
2022-12-27 23:27:19 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-12-27 23:27:20 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-12-27 23:27:20
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic OTk0MTY0MWYtMjZmOC00NWUwLTljMDQtYThiMGY3MjRmYjlhOjlkNzlkMWY2LTk3NWMtNDVhMy1hNWFhLWFlYzkwYjU1ODAzOQ\u003d\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "75"
}
request_body
grant_type=refresh_token&refresh_token=8db82f30-e9e4-45b6-9f95-7c7aae67a973
2022-12-27 23:27:21 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:20 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "149",
  "set-cookie": "X-Correlation-Id\u003dc23fe93b-6911-4427-849c-33751c62048f; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"access_token":"e72d1f10-0d0f-4771-b855-6cef6765b1e2","refresh_token":"49585068-73c5-4770-b24c-84017cd211a9","token_type":"Bearer","expires_in":299}
2022-12-27 23:27:21 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
e72d1f10-0d0f-4771-b855-6cef6765b1e2
refresh_token
49585068-73c5-4770-b24c-84017cd211a9
token_type
Bearer
expires_in
299
2022-12-27 23:27:21 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-12-27 23:27:21 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-12-27 23:27:21 SUCCESS
CheckTokenEndpointCacheHeaders
'cache-control' header in token endpoint response contains expected value.
cache_control_header
no-store
2022-12-27 23:27:21 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-12-27 23:27:21 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
e72d1f10-0d0f-4771-b855-6cef6765b1e2
type
Bearer
2022-12-27 23:27:21 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-12-27 23:27:21 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
132.3428625411059
expected
96.0
value
e72d1f10-0d0f-4771-b855-6cef6765b1e2
2022-12-27 23:27:21 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-12-27 23:27:21 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
299
2022-12-27 23:27:21 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
299
2022-12-27 23:27:21 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
24542efb-3d2f-45f9-99b5-b0ea4ba48845
second_access_token
e72d1f10-0d0f-4771-b855-6cef6765b1e2
2022-12-27 23:27:21 INFO
ExtractIdTokenFromTokenResponse
Couldn't find id_token in token_endpoint_response
2022-12-27 23:27:21 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
49585068-73c5-4770-b24c-84017cd211a9
2022-12-27 23:27:21 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
288
required
128
2022-12-27 23:27:21 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
134.3428625411059
expected
96.0
value
49585068-73c5-4770-b24c-84017cd211a9
2022-12-27 23:27:21 INFO
CompareIdTokenClaims
Skipped evaluation due to missing required object: second_id_token
expected
second_id_token
mapped
second_id_token
Second client: Userinfo endpoint tests
2022-12-27 23:27:21
CallProtectedResource
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/userinfo
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer e72d1f10-0d0f-4771-b855-6cef6765b1e2",
  "content-length": "0"
}
request_body

                                
2022-12-27 23:27:21 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:21 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store, private",
  "content-type": "application/json;charset\u003dutf-8",
  "pragma": "no-cache",
  "content-length": "82",
  "set-cookie": "X-Correlation-Id\u003dc8150761-3516-4e0b-8b63-3a9b25ca967a; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"sub":"AhaOTjEknJ_LMMZifj1LOxbXMI-AJaCLzpTwRb02Gnk","name":"Jans Auth Test User"}
2022-12-27 23:27:21 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "date": "Tue, 27 Dec 2022 23:27:21 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store, private",
  "content-type": "application/json;charset\u003dutf-8",
  "pragma": "no-cache",
  "content-length": "82",
  "set-cookie": "X-Correlation-Id\u003dc8150761-3516-4e0b-8b63-3a9b25ca967a; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
body
{"sub":"AhaOTjEknJ_LMMZifj1LOxbXMI-AJaCLzpTwRb02Gnk","name":"Jans Auth Test User"}
2022-12-27 23:27:21 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
Attempting to use refresh_token issued to client 2 with client 1
2022-12-27 23:27:21 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
49585068-73c5-4770-b24c-84017cd211a9
2022-12-27 23:27:21 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid offline_access' to token endpoint request
grant_type
refresh_token
refresh_token
49585068-73c5-4770-b24c-84017cd211a9
scope
openid offline_access
2022-12-27 23:27:21 SUCCESS
AddBasicAuthClientSecretAuthenticationParameters
Added basic authorization header
Authorization
Basic NzhmMzQ5ZDAtNzEzZC00MGYyLWIzN2MtMDBkMWMwYTk0N2E0OjE0MTg1Yzc1LTljZGEtNGE3Mi1hNGY2LTA3NjQxNzc0NGMwYQ==
2022-12-27 23:27:21
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "authorization": "Basic NzhmMzQ5ZDAtNzEzZC00MGYyLWIzN2MtMDBkMWMwYTk0N2E0OjE0MTg1Yzc1LTljZGEtNGE3Mi1hNGY2LTA3NjQxNzc0NGMwYQ\u003d\u003d",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "103"
}
request_body
grant_type=refresh_token&refresh_token=49585068-73c5-4770-b24c-84017cd211a9&scope=openid+offline_access
2022-12-27 23:27:21 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:21 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "content-type": "application/json",
  "pragma": "no-cache",
  "content-length": "278",
  "set-cookie": "X-Correlation-Id\u003dc782d100-dfc9-4fe2-8487-7d43b8197531; Secure; HttpOnly;HttpOnly",
  "connection": "close"
}
response_body
{
    "error_description": "The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. CorrelationId: c782d100-dfc9-4fe2-8487-7d43b8197531",
    "error": "invalid_grant"
}
2022-12-27 23:27:21 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. CorrelationId: c782d100-dfc9-4fe2-8487-7d43b8197531
error
invalid_grant
2022-12-27 23:27:21 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2022-12-27 23:27:21 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-12-27 23:27:21 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-12-27 23:27:21 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2022-12-27 23:27:21 FINISHED
oidcc-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-12-27 23:27:21
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id=78f349d0-713d-40f2-b37c-00d1c0a947a4
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer 417af579-02a1-47b3-9b34-8740dea0ccc8",
  "content-length": "0"
}
request_body

                                
2022-12-27 23:27:21 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:21 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "set-cookie": "X-Correlation-Id\u003d87fa7965-b57f-436e-832c-5b4823065560; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body

                                
2022-12-27 23:27:21 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Second client: Unregister dynamically registered client
2022-12-27 23:27:21
UnregisterDynamicallyRegisteredClient
HTTP request
request_uri
https://milton-ch-precious-gopher.gluu.info/jans-auth/restv1/register?client_id=9941641f-26f8-45e0-9c04-a8b0f724fb9a
request_method
DELETE
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer 4d750784-640e-4f0e-ac9d-4d131d0768e7",
  "content-length": "0"
}
request_body

                                
2022-12-27 23:27:21 RESPONSE
UnregisterDynamicallyRegisteredClient
HTTP response
response_status_code
204 NO_CONTENT
response_status_text
No Content
response_headers
{
  "date": "Tue, 27 Dec 2022 23:27:21 GMT",
  "server": "Apache/2.4.41 (Ubuntu)",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "set-cookie": "X-Correlation-Id\u003de61da7ed-9092-4e7c-9eb0-18c3a4c769a0; Secure; HttpOnly;HttpOnly",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body

                                
2022-12-27 23:27:21 SUCCESS
UnregisterDynamicallyRegisteredClient
Client successfully unregistered
Test Results