Test detail

Test Name	oidcc-claims-essential
Variant	client_auth_type=client_secret_basic, server_metadata=static, response_type=code, response_mode=default, client_registration=static_client
Test ID	dnakI0SMec9WARh https://www.certification.openid.net/log-detail.html?public=true&log=dnakI0SMec9WARh
Created	2024-04-25T21:46:05.744677837Z
Description
Test Version	5.1.16
Test Owner	21036854 https://gitlab.com
Plan ID	gg7kXAOPURbNc https://www.certification.openid.net/plan-detail.html?public=true&plan=gg7kXAOPURbNc
Exported From	https://www.certification.openid.net
Exported By	21036854 https://gitlab.com
Suite Version	5.1.16
Exported	2024-04-26 01:08:54 (UTC)

2024-04-25 21:46:05

(7) More

INFO

TEST-RUNNER

Test instance dnakI0SMec9WARh created

baseUrl	https://www.certification.openid.net/test/a/ad04252024test
variant	{ "client_auth_type": "client_secret_basic", "response_type": "code", "server_metadata": "static", "response_mode": "default", "client_registration": "static_client" }
alias	ad04252024test
description
planId	gg7kXAOPURbNc
config	{ "alias": "ad04252024test", "server": { "issuer": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4", "jwks_uri": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4/.well-known/jwks.json", "authorization_endpoint": "https://gh0stid.authn.cc/oauth2/authorize", "token_endpoint": "https://gh0stid.authn.cc/oauth2/token", "userinfo_endpoint": "https://gh0stid.authn.cc/oauth2/userInfo" }, "client": { "client_id": "3fsi45vsoqf5jr65tsdhr0vjc1", "client_secret": "74k6uj0oqgu1fihmnjvlte3o5sc5tnf59o15an7kvp75touqpcd" }, "client_secret_post": { "client_id": "tiqph3ss01s3n427q82hm70ch", "client_secret": "1pn27ge4pk30gnkf9mngp15m4t09u4u0d58in9dfult8a15i2civ" }, "client2": { "client_id": "657ufjbt2tjc4qb4oln281r20r", "client_secret": "13bgrpol151jajr59nrv2jlall9selesu62iaihstpbs9m326qe2" } }
testName	oidcc-claims-essential

2024-04-25 21:46:05

(1) More

SUCCESS

CreateRedirectUri

Created redirect URI

redirect_uri

https://www.certification.openid.net/test/a/ad04252024test/callback

2024-04-25 21:46:05

(5) More

SUCCESS

GetStaticServerConfiguration

Found a static server object

issuer	https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4
jwks_uri	https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4/.well-known/jwks.json
authorization_endpoint	https://gh0stid.authn.cc/oauth2/authorize
token_endpoint	https://gh0stid.authn.cc/oauth2/token
userinfo_endpoint	https://gh0stid.authn.cc/oauth2/userInfo

2024-04-25 21:46:05

(1) More

SUCCESS

CheckServerConfiguration

Found required server configuration keys

required

[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]

2024-04-25 21:46:05

(4) More

SUCCESS

ExtractTLSTestValuesFromServerConfiguration

Extracted TLS information from authorization server configuration

registration_endpoint
authorization_endpoint	{ "testHost": "gh0stid.authn.cc", "testPort": 443 }
token_endpoint	{ "testHost": "gh0stid.authn.cc", "testPort": 443 }
userinfo_endpoint	{ "testHost": "gh0stid.authn.cc", "testPort": 443 }

2024-04-25 21:46:05

(1) More

FetchServerKeys

Fetching server key

jwks_uri

https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4/.well-known/jwks.json

2024-04-25 21:46:05

(4) More

FetchServerKeys

HTTP request

request_uri	https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4/.well-known/jwks.json
request_method	GET
request_headers	{ "Accept": "text/plain, application/json, application/+json, /*", "Content-Length": "0" }
request_body

2024-04-25 21:46:05

(4) More

RESPONSE

FetchServerKeys

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "date": "Thu, 25 Apr 2024 21:46:05 GMT", "content-type": "application/json", "content-length": "916", "connection": "keep-alive", "x-amzn-requestid": "7baf2e05-882f-45b1-bb55-143e7b359318", "cache-control": "public, max-age\u003d86400" }
response_body	{"keys":[{"alg":"RS256","e":"AQAB","kid":"GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM=","kty":"RSA","n":"pk9pSBQvfQKC-QIxPifnyLdjn4vMrb8eLtS78mLQKhPhFLk-O6zFyV0Ie3i2LCKv7meRPlxXixsqhBxvKFweswtOYfqS04sXOFDsgzrqDIFAxNIlpL4Hr1BlDTwfLy5OsLdNyeAy05gNs-HXYh0XsTSdCsUIj7czWNjq77n1anzWub8jCrokKkMksfJNdzgktPregWhedsl3F1vYjYdFRUE-w1LLHaynizxdswj_OJ6GxB_BCCkuAGIYk6wlTOSOStMVq2IWMThwiEd2PPNKKbAT_WdK9o4hR24p6vHbNIYqLGaCl91vuWwTOv4DeBJL7TkvPHVoUqXIZbhZZVYb3Q","use":"sig"},{"alg":"RS256","e":"AQAB","kid":"m26sRoFkJsrCnVgdRO0sT3aj3swpDqtjVZVnhytY5SQ=","kty":"RSA","n":"uxcVDDkFFNxEElSqe55-rjj9Bt27G3Qe36Zl-b9pRIHDSGvXico8ZcZrJl8wTqSYLcJm2x4emgxsa-LDDBlzxxtErwH7CLCbOckumpzh2k9qdusDQXxJcvWEc79qmiLG2Vq8T4m6s4ggVfqBO644YuVdYeDZLsIwmWZwg0tQqwYfivg7ezoJponxVisaze0_sXWClavLLiDNA3bzC4vKoHmqRRHmTTzgisynQstyWznh17dW5c0If2PVF8meanUSIFjRal6DHJ-qS6-mTZIMp5T1S0Xvr35OoPYDwtOpIeIMm5SOWhpuFQKrg4j8epBB6ZftrZLVxOii8A14gJ0ILQ","use":"sig"}]}

2024-04-25 21:46:05

(1) More

FetchServerKeys

Found JWK set string

jwk_string

{"keys":[{"alg":"RS256","e":"AQAB","kid":"GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM=","kty":"RSA","n":"pk9pSBQvfQKC-QIxPifnyLdjn4vMrb8eLtS78mLQKhPhFLk-O6zFyV0Ie3i2LCKv7meRPlxXixsqhBxvKFweswtOYfqS04sXOFDsgzrqDIFAxNIlpL4Hr1BlDTwfLy5OsLdNyeAy05gNs-HXYh0XsTSdCsUIj7czWNjq77n1anzWub8jCrokKkMksfJNdzgktPregWhedsl3F1vYjYdFRUE-w1LLHaynizxdswj_OJ6GxB_BCCkuAGIYk6wlTOSOStMVq2IWMThwiEd2PPNKKbAT_WdK9o4hR24p6vHbNIYqLGaCl91vuWwTOv4DeBJL7TkvPHVoUqXIZbhZZVYb3Q","use":"sig"},{"alg":"RS256","e":"AQAB","kid":"m26sRoFkJsrCnVgdRO0sT3aj3swpDqtjVZVnhytY5SQ=","kty":"RSA","n":"uxcVDDkFFNxEElSqe55-rjj9Bt27G3Qe36Zl-b9pRIHDSGvXico8ZcZrJl8wTqSYLcJm2x4emgxsa-LDDBlzxxtErwH7CLCbOckumpzh2k9qdusDQXxJcvWEc79qmiLG2Vq8T4m6s4ggVfqBO644YuVdYeDZLsIwmWZwg0tQqwYfivg7ezoJponxVisaze0_sXWClavLLiDNA3bzC4vKoHmqRRHmTTzgisynQstyWznh17dW5c0If2PVF8meanUSIFjRal6DHJ-qS6-mTZIMp5T1S0Xvr35OoPYDwtOpIeIMm5SOWhpuFQKrg4j8epBB6ZftrZLVxOii8A14gJ0ILQ","use":"sig"}]}

2024-04-25 21:46:05

(1) More

SUCCESS

FetchServerKeys

Found server JWK set

server_jwks

{
  "keys": [
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM\u003d",
      "kty": "RSA",
      "n": "pk9pSBQvfQKC-QIxPifnyLdjn4vMrb8eLtS78mLQKhPhFLk-O6zFyV0Ie3i2LCKv7meRPlxXixsqhBxvKFweswtOYfqS04sXOFDsgzrqDIFAxNIlpL4Hr1BlDTwfLy5OsLdNyeAy05gNs-HXYh0XsTSdCsUIj7czWNjq77n1anzWub8jCrokKkMksfJNdzgktPregWhedsl3F1vYjYdFRUE-w1LLHaynizxdswj_OJ6GxB_BCCkuAGIYk6wlTOSOStMVq2IWMThwiEd2PPNKKbAT_WdK9o4hR24p6vHbNIYqLGaCl91vuWwTOv4DeBJL7TkvPHVoUqXIZbhZZVYb3Q",
      "use": "sig"
    },
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "m26sRoFkJsrCnVgdRO0sT3aj3swpDqtjVZVnhytY5SQ\u003d",
      "kty": "RSA",
      "n": "uxcVDDkFFNxEElSqe55-rjj9Bt27G3Qe36Zl-b9pRIHDSGvXico8ZcZrJl8wTqSYLcJm2x4emgxsa-LDDBlzxxtErwH7CLCbOckumpzh2k9qdusDQXxJcvWEc79qmiLG2Vq8T4m6s4ggVfqBO644YuVdYeDZLsIwmWZwg0tQqwYfivg7ezoJponxVisaze0_sXWClavLLiDNA3bzC4vKoHmqRRHmTTzgisynQstyWznh17dW5c0If2PVF8meanUSIFjRal6DHJ-qS6-mTZIMp5T1S0Xvr35OoPYDwtOpIeIMm5SOWhpuFQKrg4j8epBB6ZftrZLVxOii8A14gJ0ILQ",
      "use": "sig"
    }
  ]
}

2024-04-25 21:46:05

(1) More

SUCCESS

CheckServerKeysIsValid

Server JWKs is valid

server_jwks

{
  "keys": [
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM\u003d",
      "kty": "RSA",
      "n": "pk9pSBQvfQKC-QIxPifnyLdjn4vMrb8eLtS78mLQKhPhFLk-O6zFyV0Ie3i2LCKv7meRPlxXixsqhBxvKFweswtOYfqS04sXOFDsgzrqDIFAxNIlpL4Hr1BlDTwfLy5OsLdNyeAy05gNs-HXYh0XsTSdCsUIj7czWNjq77n1anzWub8jCrokKkMksfJNdzgktPregWhedsl3F1vYjYdFRUE-w1LLHaynizxdswj_OJ6GxB_BCCkuAGIYk6wlTOSOStMVq2IWMThwiEd2PPNKKbAT_WdK9o4hR24p6vHbNIYqLGaCl91vuWwTOv4DeBJL7TkvPHVoUqXIZbhZZVYb3Q",
      "use": "sig"
    },
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "m26sRoFkJsrCnVgdRO0sT3aj3swpDqtjVZVnhytY5SQ\u003d",
      "kty": "RSA",
      "n": "uxcVDDkFFNxEElSqe55-rjj9Bt27G3Qe36Zl-b9pRIHDSGvXico8ZcZrJl8wTqSYLcJm2x4emgxsa-LDDBlzxxtErwH7CLCbOckumpzh2k9qdusDQXxJcvWEc79qmiLG2Vq8T4m6s4ggVfqBO644YuVdYeDZLsIwmWZwg0tQqwYfivg7ezoJponxVisaze0_sXWClavLLiDNA3bzC4vKoHmqRRHmTTzgisynQstyWznh17dW5c0If2PVF8meanUSIFjRal6DHJ-qS6-mTZIMp5T1S0Xvr35OoPYDwtOpIeIMm5SOWhpuFQKrg4j8epBB6ZftrZLVxOii8A14gJ0ILQ",
      "use": "sig"
    }
  ]
}

2024-04-25 21:46:05	SUCCESS RFC7517-1.1	ValidateServerJWKs Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url

2024-04-25 21:46:05	SUCCESS OIDCC-10.1	CheckForKeyIdInServerJWKs All keys contain kids

2024-04-25 21:46:05

(1) More

SUCCESS

RFC7517-4.5

CheckDistinctKeyIdValueInServerJWKs

Distinct 'kid' value in all keys of server_jwks

see	https://bitbucket.org/openid/connect/issues/1127

2024-04-25 21:46:05	SUCCESS RFC7518-6.3.2.1	EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys Jwks does not contain any private or symmetric keys

2024-04-25 21:46:05

(2) More

SUCCESS

GetStaticClientConfiguration

Found a static client object

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
client_secret	74k6uj0oqgu1fihmnjvlte3o5sc5tnf59o15an7kvp75touqpcd

2024-04-25 21:46:05

(3) More

INFO

RFC7517-1.1

ValidateClientJWKsPrivatePart

Skipped evaluation due to missing required element: client jwks

path	jwks
mapped
object	client

2024-04-25 21:46:05

(3) More

INFO

ExtractJWKsFromStaticClientConfiguration

Skipped evaluation due to missing required element: client jwks

path	jwks
mapped
object	client

2024-04-25 21:46:05

(3) More

INFO

RFC7517-4.5

CheckDistinctKeyIdValueInClientJWKs

Skipped evaluation due to missing required element: client jwks

path	jwks
mapped
object	client

2024-04-25 21:46:05

(1) More

SetScopeInClientConfigurationToOpenId

Set scope in client configuration to "openid"

scope

openid

2024-04-25 21:46:05

(1) More

SUCCESS

SetProtectedResourceUrlToUserInfoEndpoint

userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.

protected_resource_url

https://gh0stid.authn.cc/oauth2/userInfo

2024-04-25 21:46:05		oidcc-claims-essential Setup Done

Make request to authorization endpoint

2024-04-25 21:46:05

(3) More

SUCCESS

CreateAuthorizationEndpointRequestFromClientInformation

Created authorization endpoint request

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback
scope	openid

2024-04-25 21:46:05

(2) More

CreateRandomStateValue

Created state value

requested_state_length	10
state	yxysmB2Tp9

2024-04-25 21:46:05

(4) More

SUCCESS

AddStateToAuthorizationEndpointRequest

Added state parameter to request

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback
scope	openid
state	yxysmB2Tp9

2024-04-25 21:46:05

(2) More

CreateRandomNonceValue

Created nonce value

requested_nonce_length	10
nonce	qHYfdflGdz

2024-04-25 21:46:05

(5) More

SUCCESS

AddNonceToAuthorizationEndpointRequest

Added nonce parameter to request

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback
scope	openid
state	yxysmB2Tp9
nonce	qHYfdflGdz

2024-04-25 21:46:05

(6) More

SUCCESS

SetAuthorizationEndpointRequestResponseTypeFromEnvironment

Added response_type parameter to request

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback
scope	openid
state	yxysmB2Tp9
nonce	qHYfdflGdz
response_type	code

2024-04-25 21:46:05

(1) More

SUCCESS

OIDCC-5.5 OIDCC-5.5.1

AddUserInfoEssentialNameClaimToAuthorizationEndpointRequest

Added name claim to authorization_endpoint_request

authorization_endpoint_request

{
  "client_id": "3fsi45vsoqf5jr65tsdhr0vjc1",
  "redirect_uri": "https://www.certification.openid.net/test/a/ad04252024test/callback",
  "scope": "openid",
  "state": "yxysmB2Tp9",
  "nonce": "qHYfdflGdz",
  "response_type": "code",
  "claims": {
    "userinfo": {
      "name": {
        "essential": true
      }
    }
  }
}

2024-04-25 21:46:05

(2) More

SUCCESS

BuildPlainRedirectToAuthorizationEndpoint

Sending to authorization endpoint

auth_request

{
  "client_id": "3fsi45vsoqf5jr65tsdhr0vjc1",
  "redirect_uri": "https://www.certification.openid.net/test/a/ad04252024test/callback",
  "scope": "openid",
  "state": "yxysmB2Tp9",
  "nonce": "qHYfdflGdz",
  "response_type": "code",
  "claims": {
    "userinfo": {
      "name": {
        "essential": true
      }
    }
  }
}

redirect_to_authorization_endpoint

https://gh0stid.authn.cc/oauth2/authorize?client_id=3fsi45vsoqf5jr65tsdhr0vjc1&redirect_uri=https://www.certification.openid.net/test/a/ad04252024test/callback&scope=openid&state=yxysmB2Tp9&nonce=qHYfdflGdz&response_type=code&claims=%7B%22userinfo%22:%7B%22name%22:%7B%22essential%22:true%7D%7D%7D

2024-04-25 21:46:05

(1) More

REDIRECT

oidcc-claims-essential

Redirecting to authorization endpoint

redirect_to

https://gh0stid.authn.cc/oauth2/authorize?client_id=3fsi45vsoqf5jr65tsdhr0vjc1&redirect_uri=https://www.certification.openid.net/test/a/ad04252024test/callback&scope=openid&state=yxysmB2Tp9&nonce=qHYfdflGdz&response_type=code&claims=%7B%22userinfo%22:%7B%22name%22:%7B%22essential%22:true%7D%7D%7D

2024-04-25 21:46:29

(12) More

INCOMING

oidcc-claims-essential

Incoming HTTP request to /test/a/ad04252024test/callback

incoming_headers	{ "host": "www.certification.openid.net", "cache-control": "max-age\u003d0", "dnt": "1", "upgrade-insecure-requests": "1", "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36", "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,/;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.7", "sec-fetch-site": "cross-site", "sec-fetch-mode": "navigate", "sec-fetch-user": "?1", "sec-fetch-dest": "document", "sec-ch-ua": "\"Google Chrome\";v\u003d\"123\", \"Not:A-Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"123\"", "sec-ch-ua-mobile": "?0", "sec-ch-ua-platform": "\"macOS\"", "referer": "https://gh0stid.authn.cc/", "accept-encoding": "gzip, deflate, br, zstd", "accept-language": "en-US,en;q\u003d0.9", "cookie": "_gid\u003dGA1.2.1443682475.1714075565; _ga\u003dGA1.2.1767720666.1713926739; _ga_NF8HNLNJJE\u003dGS1.1.1714075564.4.1.1714075870.0.0.0; JSESSIONID\u003d797FF28062B72DC3DC14BB1BDEEE15E6", "connection": "close" }
incoming_path	/test/a/ad04252024test/callback
incoming_body_form_params
incoming_method	GET
incoming_tls_version	TLSv1.2
incoming_tls_cert
incoming_query_string_params	{ "code": "e0612e03-7a4b-47ac-80ef-a8fa623e492d", "state": "yxysmB2Tp9" }
incoming_body
incoming_tls_chain	[ "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL" ]
incoming_body_json_parse_error
incoming_tls_cipher	ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json

2024-04-25 21:46:29

(1) More

SUCCESS

CreateRandomImplicitSubmitUrl

Created random implicit submission URL

implicit_submit

{
  "path": "implicit/p3ky40lTqLuoAL5FsvDs",
  "fullUrl": "https://www.certification.openid.net/test/a/ad04252024test/implicit/p3ky40lTqLuoAL5FsvDs"
}

2024-04-25 21:46:29

(2) More

OUTGOING

oidcc-claims-essential

Response to HTTP request to test instance dnakI0SMec9WARh

outgoing

ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/ad04252024test/implicit/p3ky40lTqLuoAL5FsvDs, returnUrl=/log-detail.html?log=dnakI0SMec9WARh}]

outgoing_path

callback

2024-04-25 21:46:29

(12) More

INCOMING

oidcc-claims-essential

Incoming HTTP request to /test/a/ad04252024test/implicit/p3ky40lTqLuoAL5FsvDs

incoming_headers	{ "host": "www.certification.openid.net", "sec-ch-ua": "\"Google Chrome\";v\u003d\"123\", \"Not:A-Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"123\"", "sec-ch-ua-platform": "\"macOS\"", "dnt": "1", "sec-ch-ua-mobile": "?0", "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36", "content-type": "text/plain", "accept": "/", "origin": "https://www.certification.openid.net", "sec-fetch-site": "same-origin", "sec-fetch-mode": "cors", "sec-fetch-dest": "empty", "referer": "https://www.certification.openid.net/test/a/ad04252024test/callback?code\u003de0612e03-7a4b-47ac-80ef-a8fa623e492d\u0026state\u003dyxysmB2Tp9", "accept-encoding": "gzip, deflate, br, zstd", "accept-language": "en-US,en;q\u003d0.9", "cookie": "_gid\u003dGA1.2.1443682475.1714075565; _ga\u003dGA1.2.1767720666.1713926739; _ga_NF8HNLNJJE\u003dGS1.1.1714075564.4.1.1714075870.0.0.0; JSESSIONID\u003d797FF28062B72DC3DC14BB1BDEEE15E6", "content-length": "0", "connection": "close" }
incoming_path	/test/a/ad04252024test/implicit/p3ky40lTqLuoAL5FsvDs
incoming_body_form_params
incoming_method	POST
incoming_tls_version	TLSv1.2
incoming_tls_cert
incoming_query_string_params	{}
incoming_body
incoming_tls_chain	[ "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL" ]
incoming_body_json_parse_error
incoming_tls_cipher	ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json

2024-04-25 21:46:29

(4) More

OUTGOING

oidcc-claims-essential

Response to HTTP request to test instance dnakI0SMec9WARh

outgoing_status_code	204
outgoing_headers	{}
outgoing_body
outgoing_path	implicit/p3ky40lTqLuoAL5FsvDs

2024-04-25 21:46:29	SUCCESS	ExtractImplicitHashToCallbackResponse implicit_hash is empty

2024-04-25 21:46:29

(5) More

REDIRECT-IN

oidcc-claims-essential

Authorization endpoint response captured

url_query	{ "code": "e0612e03-7a4b-47ac-80ef-a8fa623e492d", "state": "yxysmB2Tp9" }
headers	{ "host": "www.certification.openid.net", "cache-control": "max-age\u003d0", "dnt": "1", "upgrade-insecure-requests": "1", "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36", "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,/;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.7", "sec-fetch-site": "cross-site", "sec-fetch-mode": "navigate", "sec-fetch-user": "?1", "sec-fetch-dest": "document", "sec-ch-ua": "\"Google Chrome\";v\u003d\"123\", \"Not:A-Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"123\"", "sec-ch-ua-mobile": "?0", "sec-ch-ua-platform": "\"macOS\"", "referer": "https://gh0stid.authn.cc/", "accept-encoding": "gzip, deflate, br, zstd", "accept-language": "en-US,en;q\u003d0.9", "cookie": "_gid\u003dGA1.2.1443682475.1714075565; _ga\u003dGA1.2.1767720666.1713926739; _ga_NF8HNLNJJE\u003dGS1.1.1714075564.4.1.1714075870.0.0.0; JSESSIONID\u003d797FF28062B72DC3DC14BB1BDEEE15E6", "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256", "x-ssl-protocol": "TLSv1.2", "x-forwarded-proto": "https", "x-forwarded-port": "443", "x-forwarded-host": "www.certification.openid.net", "x-forwarded-server": "www.certification.openid.net", "connection": "close" }
http_method	GET
url_fragment	{}
post_body

Verify authorization endpoint response

2024-04-25 21:46:29	SUCCESS	CheckMatchingCallbackParameters Callback parameters successfully verified

2024-04-25 21:46:29		ValidateIssIfPresentInAuthorizationResponse No 'iss' value in authorization response.

2024-04-25 21:46:29	SUCCESS	CheckIfAuthorizationEndpointError No error from authorization endpoint

2024-04-25 21:46:29

(1) More

SUCCESS

CheckStateInAuthorizationResponse

State in response correctly returned

state

yxysmB2Tp9

2024-04-25 21:46:29

(1) More

SUCCESS

ExtractAuthorizationCodeFromAuthorizationResponse

Found authorization code

code	e0612e03-7a4b-47ac-80ef-a8fa623e492d

2024-04-25 21:46:29

(3) More

SUCCESS

CreateTokenEndpointRequestForAuthorizationCodeGrant

Created token endpoint request

grant_type	authorization_code
code	e0612e03-7a4b-47ac-80ef-a8fa623e492d
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback

2024-04-25 21:46:29

(1) More

SUCCESS

AddBasicAuthClientSecretAuthenticationParameters

Added basic authorization header

Authorization

Basic M2ZzaTQ1dnNvcWY1anI2NXRzZGhyMHZqYzE6NzRrNnVqMG9xZ3UxZmlobW5qdmx0ZTNvNXNjNXRuZjU5bzE1YW43a3ZwNzV0b3VxcGNk

2024-04-25 21:46:29

(4) More

CallTokenEndpoint

HTTP request

request_uri	https://gh0stid.authn.cc/oauth2/token
request_method	POST
request_headers	{ "Accept": "application/json", "Authorization": "Basic M2ZzaTQ1dnNvcWY1anI2NXRzZGhyMHZqYzE6NzRrNnVqMG9xZ3UxZmlobW5qdmx0ZTNvNXNjNXRuZjU5bzE1YW43a3ZwNzV0b3VxcGNk", "Content-Type": "application/x-www-form-urlencoded;charset\u003dUTF-8", "Content-Length": "166" }
request_body	grant_type=authorization_code&code=e0612e03-7a4b-47ac-80ef-a8fa623e492d&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fad04252024test%2Fcallback

2024-04-25 21:46:29

(4) More

RESPONSE

CallTokenEndpoint

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "content-type": "application/json;charset\u003dUTF-8", "transfer-encoding": "chunked", "connection": "keep-alive", "date": "Thu, 25 Apr 2024 21:46:29 GMT", "content-security-policy-report-only": "script-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; style-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; img-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; report-uri https://gh0stid.authn.cc/cspreport", "set-cookie": "XSRF-TOKEN\u003d0baafd8b-b01c-4fa3-b20e-443204786c9b; Path\u003d/; Secure; HttpOnly; SameSite\u003dLax", "x-amz-cognito-request-id": "f5d0432f-1bb1-4890-879b-7c180cecaa62", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode\u003dblock", "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate", "pragma": "no-cache", "expires": "0", "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains", "x-frame-options": "DENY", "server": "Server", "x-cache": "Miss from cloudfront", "via": "1.1 1d180e6d1aa5f424d0d3571ff7011a02.cloudfront.net (CloudFront)", "x-amz-cf-pop": "MIA3-P2", "x-amz-cf-id": "6P7FRggEspbV11k64z8yoqBwtn4PXmKUskVcGzj1nOvEz3iJz0Cwkg\u003d\u003d" }
response_body	{"id_token":"eyJraWQiOiJHSEJEUE1VYzU0SlFRaGpGdTIwQk4yaVFRM3Y1Z0d4K1J3M1wvTXF3T3F4TT0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoib1lvVFhFakkwbnpuYnUxREZ0LUtsQSIsInN1YiI6Ijc3NDY1OGU5LWUxYTgtNGRkNy05ZjNmLTY5NjAyYTM0OThhMyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJjb2duaXRvOnVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSIsIm5vbmNlIjoicUhZZmRmbEdkeiIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJhdWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsImV2ZW50X2lkIjoiMWJhODhkNjUtZDkwOS00NDYyLWJmOGQtZDM3MTFiOTliYTI3IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE3MTQwODE1ODksImV4cCI6MTcxNDA4NTE4OSwiaWF0IjoxNzE0MDgxNTg5LCJqdGkiOiI0NTU4NDYyOS1mZDkzLTRmNTYtYTdjOS03YjE2ZWMxMmJkOWYiLCJlbWFpbCI6Im9pZGMucjF6eWpAcGFzc2Z3ZC5jb20ifQ.QAPQfgqUPH0UcdZfyhs_8BzeHClHuL1LM9m9CiBnnR5O2rK3uGFovQ2Mehs6YZwRKs041cHARg7kncjH9OnZ9SyBtr6oQsFAnjZ9xiPUe5iBqwcBKCBhl47NOspaodUL1hjTtd5LHq6kI8Ra99YclA3V-2qTGeOUa1KCgMqqDO-aI31etNrQDvxlov-dJxhK4705o-cpaDfESe3YSaB8y1IBKRJrklk4MJXLwi1XUh5Kx0zwS2CErYMglQ0AId61eSmqwTuL7B3pPo8vGaEk4kHrtAAMwd9ERBs3UKd_WyCLHh_jVtCjrMwKljQKwrfCesTbI650q5yy-2LuyMhzeg","access_token":"eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJldmVudF9pZCI6IjFiYTg4ZDY1LWQ5MDktNDQ2Mi1iZjhkLWQzNzExYjk5YmEyNyIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoib3BlbmlkIiwiYXV0aF90aW1lIjoxNzE0MDgxNTg5LCJleHAiOjE3MTQwODUxODksImlhdCI6MTcxNDA4MTU4OSwianRpIjoiOWE4YmUxMWEtYWI4Zi00NGZjLTlkNDYtZThlYTE2ZjE5YjVkIiwidXNlcm5hbWUiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.NHWWmoXmOH3OnrC22pdiz7Mai-k4EIEsV8QLCakXnK1s78GSMzQy0Cxg107MGRMCsdaH8xNRP2rSRWV3M15OOG27C58vmrmK57ZwmqfVBzkwuFTYyAYTgBUN-nn3XpNqKgb_nqyPE3944z_-zfNYomvYedvQbYTzO4b9qhpsa-wwGy7eUH4LJe-lU5-WbDgmIpZLCVCOBFD5URDKJI721wpP1oAKbqBdKB8ieec7Yq5YuV8bgz-wu_SDpx00bHSZVXVLsajUKAiTkXQdFmoIuf2QhNmpWvYFPQnuIPro7J3kL5ZjuKf7iMnCyufukhAp4mjYb9n9DqBxliWk6clocg","refresh_token":"eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.jQ23koJUdA0AD2_DJnq3kRaNbKY41LAIMZLmcbMKhgub7dmHZXsfwvs5rQkXHZHN9V5JJeD67-SaiNI8B0Cpc5grPP05Dtmv1uZMhEkFXfGHm1b7imcH8tE98Cf8sxOf4i9d6GWBSW6YbAK5gfI2wuqpkc1rFc1YVF3w1lKU-7B_NVx54NwW1zVobtyFGFJjPEGJv3v7E-dJJ0iN1aqvkLQZFJf1TI-iimp1cepKSoqsBDBLTiUmOnLXZ-gpB2TSRPBCh2cgLURB_UN4WFkmLpAO40NdMAuz5ghdulbm_-fX7MNNZfbBRKUkfjVcwSeTmkthnF3LttFqDuWZwMSYpw.bhKlnt19CesY2Jvv.vaxiAVouH2-guoP7MIk7C4zs-tP0Xfa9vgAcJeG6Dl8-5BXVBnDmt55HqbMFafc7MvweKDUYbxEqn6VjxXWD93921BzVsXB0t8qFOsUWPul2pNbv_a0ypJ7Wk26viRyigay0cz2UANRM_O9OCvgLABdI5k4U3kVoH-D1WO66YXR4dYsIu9Z7JtJSa5vQhpiu5T691sNAfp5ZarmWiL0MaTHiAhdZ8hSZqsa68g_085c3MUZnbevV44JCiXW2XBIeAI9fxExwuGDUC4Qc0XgYo3CN6NJjHVIQr4bVLi70N6kahrbcr9wFgGBf_NimANEBRDtekEbLJPxIuKMecSHJzoBa63cb_fYSBB3iG4vOTxOCEVsgmc0ptrQlDLYWwHRt8aKTZfoNLyfJm_9tgLR7Lq2BF_p5N8BPt1tzaq2yTuk94SWYI1iIfDPvBA0LKonJpTcQ8S_Wzn4nlSiOX0SYMSWDD78alQ-rL4DFSxElG7247td2hptbR2nfn_u1XQUY3y1ENKv12jI_M8h_lEDZOz5O2lCFBbyRatMKxBntoAB_jVqm-UxyDdLTW4_meBjJSatYGYE5aTO9qAHjgLEQEMFC-9ICcfvCyk5TQbZ_NdFeFeR3Uw4tgdGwA4EGaNW1dN36i0EhMPPP1W3i01EWbHms5A21gq_ynrHWcXmMgBdRWwIeLm9eXVBs4R5LjvhVHJnBjD_OhVueMl-fvPrx4dqdB_hP8WseyEMkxMYNy27_9C_G6Q2IZZS6H8RJ-ah-CIRRdsvcpWRPkEYTVRqC3hWn2GqT0N6baH0rasnMtq3SKh13AF1adNbWfbbyeVAZdmmcQkHFfQWtVUo4Xo55fstP-tKOBgxlnd5GSOq3SkOzK3DScFv4ZM596DCcPpw7snEdVYfXLKciFoCBHrN3--Qb-1QDCBDjcw7xuW-3bXmhrNpFP2wYpSk04s_eZ6W1W8mLiqEoHzelB3-pcGS8-cSO9t4qabxli3d82wtQhcusn6lK1AT6-N25nCBOfgYKYJWrGp2jA8loyYtGupib9t3qV7XseLkMg3WbGXPv_xzVNO-VNrSNA7IWCCEMW2fhbVB_RB_2LVsKiGX7o3CGNLymPsc8jj_vrT_Y6uqI5mIWEznaItM1cB_aeg7MDL7xuiVJNob-GFUQ4tNqoWy2HuQbYdDLWqbxeB3PNO8BA6tx2IekzSkTmzjh7KXycFyiQM62lCCHe4hH5AzdsC9Br-ByCSyyqkyHfY7HlWfMgaqyoGeU-Gq-v8VtuQn1qM7qHMS1ORBJ5ZfEEw.-RkamGubhNWwZ1kt-Q5jHw","expires_in":3600,"token_type":"Bearer"}

2024-04-25 21:46:29

(5) More

SUCCESS

CallTokenEndpoint

Parsed token endpoint response

id_token	eyJraWQiOiJHSEJEUE1VYzU0SlFRaGpGdTIwQk4yaVFRM3Y1Z0d4K1J3M1wvTXF3T3F4TT0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoib1lvVFhFakkwbnpuYnUxREZ0LUtsQSIsInN1YiI6Ijc3NDY1OGU5LWUxYTgtNGRkNy05ZjNmLTY5NjAyYTM0OThhMyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJjb2duaXRvOnVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSIsIm5vbmNlIjoicUhZZmRmbEdkeiIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJhdWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsImV2ZW50X2lkIjoiMWJhODhkNjUtZDkwOS00NDYyLWJmOGQtZDM3MTFiOTliYTI3IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE3MTQwODE1ODksImV4cCI6MTcxNDA4NTE4OSwiaWF0IjoxNzE0MDgxNTg5LCJqdGkiOiI0NTU4NDYyOS1mZDkzLTRmNTYtYTdjOS03YjE2ZWMxMmJkOWYiLCJlbWFpbCI6Im9pZGMucjF6eWpAcGFzc2Z3ZC5jb20ifQ.QAPQfgqUPH0UcdZfyhs_8BzeHClHuL1LM9m9CiBnnR5O2rK3uGFovQ2Mehs6YZwRKs041cHARg7kncjH9OnZ9SyBtr6oQsFAnjZ9xiPUe5iBqwcBKCBhl47NOspaodUL1hjTtd5LHq6kI8Ra99YclA3V-2qTGeOUa1KCgMqqDO-aI31etNrQDvxlov-dJxhK4705o-cpaDfESe3YSaB8y1IBKRJrklk4MJXLwi1XUh5Kx0zwS2CErYMglQ0AId61eSmqwTuL7B3pPo8vGaEk4kHrtAAMwd9ERBs3UKd_WyCLHh_jVtCjrMwKljQKwrfCesTbI650q5yy-2LuyMhzeg
access_token	eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJldmVudF9pZCI6IjFiYTg4ZDY1LWQ5MDktNDQ2Mi1iZjhkLWQzNzExYjk5YmEyNyIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoib3BlbmlkIiwiYXV0aF90aW1lIjoxNzE0MDgxNTg5LCJleHAiOjE3MTQwODUxODksImlhdCI6MTcxNDA4MTU4OSwianRpIjoiOWE4YmUxMWEtYWI4Zi00NGZjLTlkNDYtZThlYTE2ZjE5YjVkIiwidXNlcm5hbWUiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.NHWWmoXmOH3OnrC22pdiz7Mai-k4EIEsV8QLCakXnK1s78GSMzQy0Cxg107MGRMCsdaH8xNRP2rSRWV3M15OOG27C58vmrmK57ZwmqfVBzkwuFTYyAYTgBUN-nn3XpNqKgb_nqyPE3944z_-zfNYomvYedvQbYTzO4b9qhpsa-wwGy7eUH4LJe-lU5-WbDgmIpZLCVCOBFD5URDKJI721wpP1oAKbqBdKB8ieec7Yq5YuV8bgz-wu_SDpx00bHSZVXVLsajUKAiTkXQdFmoIuf2QhNmpWvYFPQnuIPro7J3kL5ZjuKf7iMnCyufukhAp4mjYb9n9DqBxliWk6clocg
refresh_token	eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.jQ23koJUdA0AD2_DJnq3kRaNbKY41LAIMZLmcbMKhgub7dmHZXsfwvs5rQkXHZHN9V5JJeD67-SaiNI8B0Cpc5grPP05Dtmv1uZMhEkFXfGHm1b7imcH8tE98Cf8sxOf4i9d6GWBSW6YbAK5gfI2wuqpkc1rFc1YVF3w1lKU-7B_NVx54NwW1zVobtyFGFJjPEGJv3v7E-dJJ0iN1aqvkLQZFJf1TI-iimp1cepKSoqsBDBLTiUmOnLXZ-gpB2TSRPBCh2cgLURB_UN4WFkmLpAO40NdMAuz5ghdulbm_-fX7MNNZfbBRKUkfjVcwSeTmkthnF3LttFqDuWZwMSYpw.bhKlnt19CesY2Jvv.vaxiAVouH2-guoP7MIk7C4zs-tP0Xfa9vgAcJeG6Dl8-5BXVBnDmt55HqbMFafc7MvweKDUYbxEqn6VjxXWD93921BzVsXB0t8qFOsUWPul2pNbv_a0ypJ7Wk26viRyigay0cz2UANRM_O9OCvgLABdI5k4U3kVoH-D1WO66YXR4dYsIu9Z7JtJSa5vQhpiu5T691sNAfp5ZarmWiL0MaTHiAhdZ8hSZqsa68g_085c3MUZnbevV44JCiXW2XBIeAI9fxExwuGDUC4Qc0XgYo3CN6NJjHVIQr4bVLi70N6kahrbcr9wFgGBf_NimANEBRDtekEbLJPxIuKMecSHJzoBa63cb_fYSBB3iG4vOTxOCEVsgmc0ptrQlDLYWwHRt8aKTZfoNLyfJm_9tgLR7Lq2BF_p5N8BPt1tzaq2yTuk94SWYI1iIfDPvBA0LKonJpTcQ8S_Wzn4nlSiOX0SYMSWDD78alQ-rL4DFSxElG7247td2hptbR2nfn_u1XQUY3y1ENKv12jI_M8h_lEDZOz5O2lCFBbyRatMKxBntoAB_jVqm-UxyDdLTW4_meBjJSatYGYE5aTO9qAHjgLEQEMFC-9ICcfvCyk5TQbZ_NdFeFeR3Uw4tgdGwA4EGaNW1dN36i0EhMPPP1W3i01EWbHms5A21gq_ynrHWcXmMgBdRWwIeLm9eXVBs4R5LjvhVHJnBjD_OhVueMl-fvPrx4dqdB_hP8WseyEMkxMYNy27_9C_G6Q2IZZS6H8RJ-ah-CIRRdsvcpWRPkEYTVRqC3hWn2GqT0N6baH0rasnMtq3SKh13AF1adNbWfbbyeVAZdmmcQkHFfQWtVUo4Xo55fstP-tKOBgxlnd5GSOq3SkOzK3DScFv4ZM596DCcPpw7snEdVYfXLKciFoCBHrN3--Qb-1QDCBDjcw7xuW-3bXmhrNpFP2wYpSk04s_eZ6W1W8mLiqEoHzelB3-pcGS8-cSO9t4qabxli3d82wtQhcusn6lK1AT6-N25nCBOfgYKYJWrGp2jA8loyYtGupib9t3qV7XseLkMg3WbGXPv_xzVNO-VNrSNA7IWCCEMW2fhbVB_RB_2LVsKiGX7o3CGNLymPsc8jj_vrT_Y6uqI5mIWEznaItM1cB_aeg7MDL7xuiVJNob-GFUQ4tNqoWy2HuQbYdDLWqbxeB3PNO8BA6tx2IekzSkTmzjh7KXycFyiQM62lCCHe4hH5AzdsC9Br-ByCSyyqkyHfY7HlWfMgaqyoGeU-Gq-v8VtuQn1qM7qHMS1ORBJ5ZfEEw.-RkamGubhNWwZ1kt-Q5jHw
expires_in	3600
token_type	Bearer

2024-04-25 21:46:29	SUCCESS	CheckIfTokenEndpointResponseError No error from token endpoint

2024-04-25 21:46:29

(1) More

SUCCESS

CheckForAccessTokenValue

Found an access token

access_token

eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJldmVudF9pZCI6IjFiYTg4ZDY1LWQ5MDktNDQ2Mi1iZjhkLWQzNzExYjk5YmEyNyIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoib3BlbmlkIiwiYXV0aF90aW1lIjoxNzE0MDgxNTg5LCJleHAiOjE3MTQwODUxODksImlhdCI6MTcxNDA4MTU4OSwianRpIjoiOWE4YmUxMWEtYWI4Zi00NGZjLTlkNDYtZThlYTE2ZjE5YjVkIiwidXNlcm5hbWUiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.NHWWmoXmOH3OnrC22pdiz7Mai-k4EIEsV8QLCakXnK1s78GSMzQy0Cxg107MGRMCsdaH8xNRP2rSRWV3M15OOG27C58vmrmK57ZwmqfVBzkwuFTYyAYTgBUN-nn3XpNqKgb_nqyPE3944z_-zfNYomvYedvQbYTzO4b9qhpsa-wwGy7eUH4LJe-lU5-WbDgmIpZLCVCOBFD5URDKJI721wpP1oAKbqBdKB8ieec7Yq5YuV8bgz-wu_SDpx00bHSZVXVLsajUKAiTkXQdFmoIuf2QhNmpWvYFPQnuIPro7J3kL5ZjuKf7iMnCyufukhAp4mjYb9n9DqBxliWk6clocg

2024-04-25 21:46:29

(2) More

SUCCESS

ExtractAccessTokenFromTokenResponse

Extracted the access token

value

eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJldmVudF9pZCI6IjFiYTg4ZDY1LWQ5MDktNDQ2Mi1iZjhkLWQzNzExYjk5YmEyNyIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoib3BlbmlkIiwiYXV0aF90aW1lIjoxNzE0MDgxNTg5LCJleHAiOjE3MTQwODUxODksImlhdCI6MTcxNDA4MTU4OSwianRpIjoiOWE4YmUxMWEtYWI4Zi00NGZjLTlkNDYtZThlYTE2ZjE5YjVkIiwidXNlcm5hbWUiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.NHWWmoXmOH3OnrC22pdiz7Mai-k4EIEsV8QLCakXnK1s78GSMzQy0Cxg107MGRMCsdaH8xNRP2rSRWV3M15OOG27C58vmrmK57ZwmqfVBzkwuFTYyAYTgBUN-nn3XpNqKgb_nqyPE3944z_-zfNYomvYedvQbYTzO4b9qhpsa-wwGy7eUH4LJe-lU5-WbDgmIpZLCVCOBFD5URDKJI721wpP1oAKbqBdKB8ieec7Yq5YuV8bgz-wu_SDpx00bHSZVXVLsajUKAiTkXQdFmoIuf2QhNmpWvYFPQnuIPro7J3kL5ZjuKf7iMnCyufukhAp4mjYb9n9DqBxliWk6clocg

type

Bearer

2024-04-25 21:46:29

(1) More

SUCCESS

RFC6749-5.1

ExtractExpiresInFromTokenEndpointResponse

Extracted 'expires_in'

expires_in

2024-04-25 21:46:29

(1) More

SUCCESS

RFC6749-5.1

ValidateExpiresIn

expires_in passed all validation checks

expires_in

2024-04-25 21:46:29

(1) More

SUCCESS

CheckForRefreshTokenValue

Found a refresh token

refresh_token

eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.jQ23koJUdA0AD2_DJnq3kRaNbKY41LAIMZLmcbMKhgub7dmHZXsfwvs5rQkXHZHN9V5JJeD67-SaiNI8B0Cpc5grPP05Dtmv1uZMhEkFXfGHm1b7imcH8tE98Cf8sxOf4i9d6GWBSW6YbAK5gfI2wuqpkc1rFc1YVF3w1lKU-7B_NVx54NwW1zVobtyFGFJjPEGJv3v7E-dJJ0iN1aqvkLQZFJf1TI-iimp1cepKSoqsBDBLTiUmOnLXZ-gpB2TSRPBCh2cgLURB_UN4WFkmLpAO40NdMAuz5ghdulbm_-fX7MNNZfbBRKUkfjVcwSeTmkthnF3LttFqDuWZwMSYpw.bhKlnt19CesY2Jvv.vaxiAVouH2-guoP7MIk7C4zs-tP0Xfa9vgAcJeG6Dl8-5BXVBnDmt55HqbMFafc7MvweKDUYbxEqn6VjxXWD93921BzVsXB0t8qFOsUWPul2pNbv_a0ypJ7Wk26viRyigay0cz2UANRM_O9OCvgLABdI5k4U3kVoH-D1WO66YXR4dYsIu9Z7JtJSa5vQhpiu5T691sNAfp5ZarmWiL0MaTHiAhdZ8hSZqsa68g_085c3MUZnbevV44JCiXW2XBIeAI9fxExwuGDUC4Qc0XgYo3CN6NJjHVIQr4bVLi70N6kahrbcr9wFgGBf_NimANEBRDtekEbLJPxIuKMecSHJzoBa63cb_fYSBB3iG4vOTxOCEVsgmc0ptrQlDLYWwHRt8aKTZfoNLyfJm_9tgLR7Lq2BF_p5N8BPt1tzaq2yTuk94SWYI1iIfDPvBA0LKonJpTcQ8S_Wzn4nlSiOX0SYMSWDD78alQ-rL4DFSxElG7247td2hptbR2nfn_u1XQUY3y1ENKv12jI_M8h_lEDZOz5O2lCFBbyRatMKxBntoAB_jVqm-UxyDdLTW4_meBjJSatYGYE5aTO9qAHjgLEQEMFC-9ICcfvCyk5TQbZ_NdFeFeR3Uw4tgdGwA4EGaNW1dN36i0EhMPPP1W3i01EWbHms5A21gq_ynrHWcXmMgBdRWwIeLm9eXVBs4R5LjvhVHJnBjD_OhVueMl-fvPrx4dqdB_hP8WseyEMkxMYNy27_9C_G6Q2IZZS6H8RJ-ah-CIRRdsvcpWRPkEYTVRqC3hWn2GqT0N6baH0rasnMtq3SKh13AF1adNbWfbbyeVAZdmmcQkHFfQWtVUo4Xo55fstP-tKOBgxlnd5GSOq3SkOzK3DScFv4ZM596DCcPpw7snEdVYfXLKciFoCBHrN3--Qb-1QDCBDjcw7xuW-3bXmhrNpFP2wYpSk04s_eZ6W1W8mLiqEoHzelB3-pcGS8-cSO9t4qabxli3d82wtQhcusn6lK1AT6-N25nCBOfgYKYJWrGp2jA8loyYtGupib9t3qV7XseLkMg3WbGXPv_xzVNO-VNrSNA7IWCCEMW2fhbVB_RB_2LVsKiGX7o3CGNLymPsc8jj_vrT_Y6uqI5mIWEznaItM1cB_aeg7MDL7xuiVJNob-GFUQ4tNqoWy2HuQbYdDLWqbxeB3PNO8BA6tx2IekzSkTmzjh7KXycFyiQM62lCCHe4hH5AzdsC9Br-ByCSyyqkyHfY7HlWfMgaqyoGeU-Gq-v8VtuQn1qM7qHMS1ORBJ5ZfEEw.-RkamGubhNWwZ1kt-Q5jHw

2024-04-25 21:46:29

(2) More

INFO

OIDCC-10.2

ValidateIdTokenFromTokenResponseEncryption

Skipped evaluation due to missing required object: client_jwks

expected	client_jwks
mapped

2024-04-25 21:46:29

(3) More

SUCCESS

OIDCC-3.3.3.3 OIDCC-3.1.3.3

ExtractIdTokenFromTokenResponse

Found and parsed the id_token from token_endpoint_response

value	eyJraWQiOiJHSEJEUE1VYzU0SlFRaGpGdTIwQk4yaVFRM3Y1Z0d4K1J3M1wvTXF3T3F4TT0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoib1lvVFhFakkwbnpuYnUxREZ0LUtsQSIsInN1YiI6Ijc3NDY1OGU5LWUxYTgtNGRkNy05ZjNmLTY5NjAyYTM0OThhMyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJjb2duaXRvOnVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSIsIm5vbmNlIjoicUhZZmRmbEdkeiIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJhdWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsImV2ZW50X2lkIjoiMWJhODhkNjUtZDkwOS00NDYyLWJmOGQtZDM3MTFiOTliYTI3IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE3MTQwODE1ODksImV4cCI6MTcxNDA4NTE4OSwiaWF0IjoxNzE0MDgxNTg5LCJqdGkiOiI0NTU4NDYyOS1mZDkzLTRmNTYtYTdjOS03YjE2ZWMxMmJkOWYiLCJlbWFpbCI6Im9pZGMucjF6eWpAcGFzc2Z3ZC5jb20ifQ.QAPQfgqUPH0UcdZfyhs_8BzeHClHuL1LM9m9CiBnnR5O2rK3uGFovQ2Mehs6YZwRKs041cHARg7kncjH9OnZ9SyBtr6oQsFAnjZ9xiPUe5iBqwcBKCBhl47NOspaodUL1hjTtd5LHq6kI8Ra99YclA3V-2qTGeOUa1KCgMqqDO-aI31etNrQDvxlov-dJxhK4705o-cpaDfESe3YSaB8y1IBKRJrklk4MJXLwi1XUh5Kx0zwS2CErYMglQ0AId61eSmqwTuL7B3pPo8vGaEk4kHrtAAMwd9ERBs3UKd_WyCLHh_jVtCjrMwKljQKwrfCesTbI650q5yy-2LuyMhzeg
header	{ "kid": "GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM\u003d", "alg": "RS256" }
claims	{ "at_hash": "oYoTXEjI0nznbu1DFt-KlA", "sub": "774658e9-e1a8-4dd7-9f3f-69602a3498a3", "email_verified": true, "iss": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4", "cognito:username": "[email protected]", "nonce": "qHYfdflGdz", "origin_jti": "6912df13-6492-4f36-beeb-c931ff91a373", "aud": "3fsi45vsoqf5jr65tsdhr0vjc1", "event_id": "1ba88d65-d909-4462-bf8d-d3711b99ba27", "token_use": "id", "auth_time": 1714081589, "exp": 1714085189, "iat": 1714081589, "jti": "45584629-fd93-4f56-a7c9-7b16ec12bd9f", "email": "[email protected]" }

2024-04-25 21:46:29	SUCCESS OIDCC-3.1.3.7	ValidateIdToken ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks

2024-04-25 21:46:29		ValidateIdTokenStandardClaims sub is a string with content

2024-04-25 21:46:29		ValidateIdTokenStandardClaims email_verified is a boolean

2024-04-25 21:46:29		ValidateIdTokenStandardClaims Skipping unknown claim: cognito:username

2024-04-25 21:46:29		ValidateIdTokenStandardClaims Skipping unknown claim: origin_jti

2024-04-25 21:46:29		ValidateIdTokenStandardClaims Skipping unknown claim: event_id

2024-04-25 21:46:29		ValidateIdTokenStandardClaims Skipping unknown claim: token_use

2024-04-25 21:46:29		ValidateIdTokenStandardClaims email is a string with content

2024-04-25 21:46:29	SUCCESS OIDCC-5.1	ValidateIdTokenStandardClaims id_token claims are valid

2024-04-25 21:46:29

(1) More

SUCCESS

OIDCC-2

ValidateIdTokenNonce

Nonce values match

nonce

qHYfdflGdz

2024-04-25 21:46:29	SUCCESS OIDCC-5.5.1.1	ValidateIdTokenACRClaimAgainstRequest Nothing to check; the conformance suite did not request an acr claim in request object

2024-04-25 21:46:29

(1) More

SUCCESS

ValidateIdTokenSignature

id_token signature validated

id_token

eyJraWQiOiJHSEJEUE1VYzU0SlFRaGpGdTIwQk4yaVFRM3Y1Z0d4K1J3M1wvTXF3T3F4TT0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoib1lvVFhFakkwbnpuYnUxREZ0LUtsQSIsInN1YiI6Ijc3NDY1OGU5LWUxYTgtNGRkNy05ZjNmLTY5NjAyYTM0OThhMyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJjb2duaXRvOnVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSIsIm5vbmNlIjoicUhZZmRmbEdkeiIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJhdWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsImV2ZW50X2lkIjoiMWJhODhkNjUtZDkwOS00NDYyLWJmOGQtZDM3MTFiOTliYTI3IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE3MTQwODE1ODksImV4cCI6MTcxNDA4NTE4OSwiaWF0IjoxNzE0MDgxNTg5LCJqdGkiOiI0NTU4NDYyOS1mZDkzLTRmNTYtYTdjOS03YjE2ZWMxMmJkOWYiLCJlbWFpbCI6Im9pZGMucjF6eWpAcGFzc2Z3ZC5jb20ifQ.QAPQfgqUPH0UcdZfyhs_8BzeHClHuL1LM9m9CiBnnR5O2rK3uGFovQ2Mehs6YZwRKs041cHARg7kncjH9OnZ9SyBtr6oQsFAnjZ9xiPUe5iBqwcBKCBhl47NOspaodUL1hjTtd5LHq6kI8Ra99YclA3V-2qTGeOUa1KCgMqqDO-aI31etNrQDvxlov-dJxhK4705o-cpaDfESe3YSaB8y1IBKRJrklk4MJXLwi1XUh5Kx0zwS2CErYMglQ0AId61eSmqwTuL7B3pPo8vGaEk4kHrtAAMwd9ERBs3UKd_WyCLHh_jVtCjrMwKljQKwrfCesTbI650q5yy-2LuyMhzeg

2024-04-25 21:46:29

(1) More

SUCCESS

OIDCC-2

CheckForSubjectInIdToken

Found 'sub' in id_token

sub	774658e9-e1a8-4dd7-9f3f-69602a3498a3

2024-04-25 21:46:29		EnsureIdTokenUpdatedAtValid id_token response does not contain 'updated_at'

2024-04-25 21:46:29

(3) More

INFO

OIDCC-10.2 OIDC-10.2.1

ValidateEncryptedIdTokenHasKid

Skipped evaluation due to missing required element: id_token jwe_header

path	jwe_header
mapped
object	id_token

Userinfo endpoint tests

2024-04-25 21:46:29

(4) More

CallProtectedResource

HTTP request

request_uri	https://gh0stid.authn.cc/oauth2/userInfo
request_method	GET
request_headers	{ "Accept": "application/json", "Authorization": "Bearer eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJldmVudF9pZCI6IjFiYTg4ZDY1LWQ5MDktNDQ2Mi1iZjhkLWQzNzExYjk5YmEyNyIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoib3BlbmlkIiwiYXV0aF90aW1lIjoxNzE0MDgxNTg5LCJleHAiOjE3MTQwODUxODksImlhdCI6MTcxNDA4MTU4OSwianRpIjoiOWE4YmUxMWEtYWI4Zi00NGZjLTlkNDYtZThlYTE2ZjE5YjVkIiwidXNlcm5hbWUiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.NHWWmoXmOH3OnrC22pdiz7Mai-k4EIEsV8QLCakXnK1s78GSMzQy0Cxg107MGRMCsdaH8xNRP2rSRWV3M15OOG27C58vmrmK57ZwmqfVBzkwuFTYyAYTgBUN-nn3XpNqKgb_nqyPE3944z_-zfNYomvYedvQbYTzO4b9qhpsa-wwGy7eUH4LJe-lU5-WbDgmIpZLCVCOBFD5URDKJI721wpP1oAKbqBdKB8ieec7Yq5YuV8bgz-wu_SDpx00bHSZVXVLsajUKAiTkXQdFmoIuf2QhNmpWvYFPQnuIPro7J3kL5ZjuKf7iMnCyufukhAp4mjYb9n9DqBxliWk6clocg", "Content-Length": "0" }
request_body

2024-04-25 21:46:30

(4) More

RESPONSE

CallProtectedResource

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "content-type": "application/json;charset\u003dUTF-8", "content-length": "139", "connection": "keep-alive", "date": "Thu, 25 Apr 2024 21:46:30 GMT", "content-security-policy-report-only": "script-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; style-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; img-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; report-uri https://gh0stid.authn.cc/cspreport", "set-cookie": "XSRF-TOKEN\u003deb7e6c80-29a8-4f73-9bd6-c9a28903c23e; Path\u003d/; Secure; HttpOnly; SameSite\u003dLax", "x-amz-cognito-request-id": "714a9fac-efd3-49f0-8372-11196dbebab7", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode\u003dblock", "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate", "pragma": "no-cache", "expires": "0", "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains", "x-frame-options": "DENY", "server": "Server", "x-cache": "Miss from cloudfront", "via": "1.1 ea17bb5c24692755a274a9116072570a.cloudfront.net (CloudFront)", "x-amz-cf-pop": "MIA3-P2", "x-amz-cf-id": "VpGIZIVzl9ZCKXbrGTm2G_uY6C4fErZxQM-qDpdU4AnY3FJnET25iQ\u003d\u003d" }
response_body	{"sub":"774658e9-e1a8-4dd7-9f3f-69602a3498a3","email_verified":"true","email":"[email protected]","username":"[email protected]"}

2024-04-25 21:46:30

(4) More

SUCCESS

CallProtectedResource

Got a response from the resource endpoint

status	200
endpoint_name	resource
headers	{ "content-type": "application/json;charset\u003dUTF-8", "content-length": "139", "connection": "keep-alive", "date": "Thu, 25 Apr 2024 21:46:30 GMT", "content-security-policy-report-only": "script-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; style-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; img-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; report-uri https://gh0stid.authn.cc/cspreport", "set-cookie": "XSRF-TOKEN\u003deb7e6c80-29a8-4f73-9bd6-c9a28903c23e; Path\u003d/; Secure; HttpOnly; SameSite\u003dLax", "x-amz-cognito-request-id": "714a9fac-efd3-49f0-8372-11196dbebab7", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode\u003dblock", "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate", "pragma": "no-cache", "expires": "0", "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains", "x-frame-options": "DENY", "server": "Server", "x-cache": "Miss from cloudfront", "via": "1.1 ea17bb5c24692755a274a9116072570a.cloudfront.net (CloudFront)", "x-amz-cf-pop": "MIA3-P2", "x-amz-cf-id": "VpGIZIVzl9ZCKXbrGTm2G_uY6C4fErZxQM-qDpdU4AnY3FJnET25iQ\u003d\u003d" }
body	{"sub":"774658e9-e1a8-4dd7-9f3f-69602a3498a3","email_verified":"true","email":"[email protected]","username":"[email protected]"}

2024-04-25 21:46:30

(2) More

SUCCESS

EnsureHttpStatusCodeIs200

resource endpoint returned the expected http status

expected_status	200
http_status	200

2024-04-25 21:46:30

(4) More

CallUserInfoEndpoint

HTTP request

request_uri	https://gh0stid.authn.cc/oauth2/userInfo
request_method	GET
request_headers	{ "Accept": "application/json", "Authorization": "Bearer eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI2OTEyZGYxMy02NDkyLTRmMzYtYmVlYi1jOTMxZmY5MWEzNzMiLCJldmVudF9pZCI6IjFiYTg4ZDY1LWQ5MDktNDQ2Mi1iZjhkLWQzNzExYjk5YmEyNyIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoib3BlbmlkIiwiYXV0aF90aW1lIjoxNzE0MDgxNTg5LCJleHAiOjE3MTQwODUxODksImlhdCI6MTcxNDA4MTU4OSwianRpIjoiOWE4YmUxMWEtYWI4Zi00NGZjLTlkNDYtZThlYTE2ZjE5YjVkIiwidXNlcm5hbWUiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.NHWWmoXmOH3OnrC22pdiz7Mai-k4EIEsV8QLCakXnK1s78GSMzQy0Cxg107MGRMCsdaH8xNRP2rSRWV3M15OOG27C58vmrmK57ZwmqfVBzkwuFTYyAYTgBUN-nn3XpNqKgb_nqyPE3944z_-zfNYomvYedvQbYTzO4b9qhpsa-wwGy7eUH4LJe-lU5-WbDgmIpZLCVCOBFD5URDKJI721wpP1oAKbqBdKB8ieec7Yq5YuV8bgz-wu_SDpx00bHSZVXVLsajUKAiTkXQdFmoIuf2QhNmpWvYFPQnuIPro7J3kL5ZjuKf7iMnCyufukhAp4mjYb9n9DqBxliWk6clocg", "Content-Length": "0" }
request_body

2024-04-25 21:46:30

(4) More

RESPONSE

CallUserInfoEndpoint

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "content-type": "application/json;charset\u003dUTF-8", "content-length": "139", "connection": "keep-alive", "date": "Thu, 25 Apr 2024 21:46:30 GMT", "content-security-policy-report-only": "script-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; style-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; img-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; report-uri https://gh0stid.authn.cc/cspreport", "set-cookie": "XSRF-TOKEN\u003d70ed8a71-a09f-4439-8426-d550a6c6bb20; Path\u003d/; Secure; HttpOnly; SameSite\u003dLax", "x-amz-cognito-request-id": "0793840a-31e8-4557-8e8b-1bf1b6a2ade1", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode\u003dblock", "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate", "pragma": "no-cache", "expires": "0", "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains", "x-frame-options": "DENY", "server": "Server", "x-cache": "Miss from cloudfront", "via": "1.1 dd2d6c5b6e642ed1fe019e9ccc631034.cloudfront.net (CloudFront)", "x-amz-cf-pop": "MIA3-P2", "x-amz-cf-id": "P73OI9C0l-qRKp1YlWAs0Rox1Z_TjnxZVuYZUblp9YZ1zmyOK9sUTg\u003d\u003d" }
response_body	{"sub":"774658e9-e1a8-4dd7-9f3f-69602a3498a3","email_verified":"true","email":"[email protected]","username":"[email protected]"}

2024-04-25 21:46:30

(3) More

SUCCESS

OIDCC-5.3.1

CallUserInfoEndpoint

Got a response from the userinfo endpoint

headers

{
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "139",
  "connection": "keep-alive",
  "date": "Thu, 25 Apr 2024 21:46:30 GMT",
  "content-security-policy-report-only": "script-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; style-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; img-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; report-uri https://gh0stid.authn.cc/cspreport",
  "set-cookie": "XSRF-TOKEN\u003d70ed8a71-a09f-4439-8426-d550a6c6bb20; Path\u003d/; Secure; HttpOnly; SameSite\u003dLax",
  "x-amz-cognito-request-id": "0793840a-31e8-4557-8e8b-1bf1b6a2ade1",
  "x-content-type-options": "nosniff",
  "x-xss-protection": "1; mode\u003dblock",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "pragma": "no-cache",
  "expires": "0",
  "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains",
  "x-frame-options": "DENY",
  "server": "Server",
  "x-cache": "Miss from cloudfront",
  "via": "1.1 dd2d6c5b6e642ed1fe019e9ccc631034.cloudfront.net (CloudFront)",
  "x-amz-cf-pop": "MIA3-P2",
  "x-amz-cf-id": "P73OI9C0l-qRKp1YlWAs0Rox1Z_TjnxZVuYZUblp9YZ1zmyOK9sUTg\u003d\u003d"
}

status_code

{
  "code": 200
}

body

{"sub":"774658e9-e1a8-4dd7-9f3f-69602a3498a3","email_verified":"true","email":"[email protected]","username":"[email protected]"}

2024-04-25 21:46:30

(2) More

SUCCESS

EnsureHttpStatusCodeIs200

resource endpoint returned the expected http status

expected_status	200
http_status	200

2024-04-25 21:46:30

(1) More

SUCCESS

ExtractUserInfoFromUserInfoEndpointResponse

Extracted user info

userinfo

{
  "sub": "774658e9-e1a8-4dd7-9f3f-69602a3498a3",
  "email_verified": "true",
  "email": "[email protected]",
  "username": "[email protected]"
}

2024-04-25 21:46:30		ValidateUserInfoStandardClaims sub is a string with content

2024-04-25 21:46:30	FAILURE OIDCC-5.1	ValidateUserInfoStandardClaims email_verified is not a boolean

2024-04-25 21:46:30		ValidateUserInfoStandardClaims email is a string with content

2024-04-25 21:46:30		ValidateUserInfoStandardClaims Skipping unknown claim: username

2024-04-25 21:46:30	FAILURE OIDCC-5.1	ValidateUserInfoStandardClaims Userinfo is not valid

2024-04-25 21:46:30

(1) More

SUCCESS

OIDCC-5.3.2

EnsureUserInfoContainsSub

Found sub in userinfo

sub	774658e9-e1a8-4dd7-9f3f-69602a3498a3

2024-04-25 21:46:30		EnsureUserInfoUpdatedAtValid userinfo response does not contain 'updated_at'

2024-04-25 21:46:30		EnsureMemberValuesInClaimNameReferenceToMemberNamesInClaimSources userinfo response does not contain '_claim_names' nor _claim_sources'

2024-04-25 21:46:30

(2) More

SUCCESS

OIDCC-5.3.2

VerifyUserInfoAndIdTokenInTokenEndpointSameSub

userinfo response and id_token sub are the same

sub_user_info	774658e9-e1a8-4dd7-9f3f-69602a3498a3
sub_id_token	774658e9-e1a8-4dd7-9f3f-69602a3498a3

2024-04-25 21:46:30

(2) More

SUCCESS

OIDCC-5.4

VerifyScopesReturnedInUserInfoClaims

'claims' in userinfo contains all scope items of scope in authorization request (corresponds to scope standard claims)

actual_scope_items	[ "sub", "email_verified", "email", "username" ]
expected_scope_items	[ "sub" ]

2024-04-25 21:46:30	WARNING OIDCC-5.5 OIDCC-5.5.1	EnsureUserInfoContainsName name not found in userinfo

2024-04-25 21:46:30	SUCCESS OIDCC-5.5 OIDCC-5.5.1	EnsureIdTokenDoesNotContainName name claim not found in id_token, which is expected as it was not requested to be returned there

2024-04-25 21:46:30

(1) More

FINISHED

oidcc-claims-essential

Test has run to completion

testmodule_result

FAILED

Unregister dynamically registered client

2024-04-25 21:46:30		UnregisterDynamicallyRegisteredClient Couldn't find registration_access_token.

2024-04-25 21:46:35

(2) More

TEST-RUNNER

Alias has now been claimed by another test

alias	ad04252024test
new_test_id	sC85JQP74dCOuub

Test Summary

Test Results