Test detail

Test Name	oidcc-server
Variant	client_auth_type=client_secret_basic, server_metadata=static, response_type=code, response_mode=default, client_registration=static_client
Test ID	1VlT0rFlpYI9nuN https://www.certification.openid.net/log-detail.html?public=true&log=1VlT0rFlpYI9nuN
Created	2024-04-25T21:24:25.035505273Z
Description
Test Version	5.1.16
Test Owner	21036854 https://gitlab.com
Plan ID	gg7kXAOPURbNc https://www.certification.openid.net/plan-detail.html?public=true&plan=gg7kXAOPURbNc
Exported From	https://www.certification.openid.net
Exported By	21036854 https://gitlab.com
Suite Version	5.1.16
Exported	2024-04-26 01:05:48 (UTC)

2024-04-25 21:24:25

(7) More

INFO

TEST-RUNNER

Test instance 1VlT0rFlpYI9nuN created

baseUrl	https://www.certification.openid.net/test/a/ad04252024test
variant	{ "client_auth_type": "client_secret_basic", "response_type": "code", "server_metadata": "static", "response_mode": "default", "client_registration": "static_client" }
alias	ad04252024test
description
planId	gg7kXAOPURbNc
config	{ "alias": "ad04252024test", "server": { "issuer": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4", "jwks_uri": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4/.well-known/jwks.json", "authorization_endpoint": "https://gh0stid.authn.cc/oauth2/authorize", "token_endpoint": "https://gh0stid.authn.cc/oauth2/token", "userinfo_endpoint": "https://gh0stid.authn.cc/oauth2/userInfo" }, "client": { "client_id": "3fsi45vsoqf5jr65tsdhr0vjc1", "client_secret": "74k6uj0oqgu1fihmnjvlte3o5sc5tnf59o15an7kvp75touqpcd" }, "client_secret_post": { "client_id": "tiqph3ss01s3n427q82hm70ch", "client_secret": "1pn27ge4pk30gnkf9mngp15m4t09u4u0d58in9dfult8a15i2civ" }, "client2": { "client_id": "657ufjbt2tjc4qb4oln281r20r", "client_secret": "13bgrpol151jajr59nrv2jlall9selesu62iaihstpbs9m326qe2" } }
testName	oidcc-server

2024-04-25 21:24:25

(1) More

SUCCESS

CreateRedirectUri

Created redirect URI

redirect_uri

https://www.certification.openid.net/test/a/ad04252024test/callback

2024-04-25 21:24:25

(5) More

SUCCESS

GetStaticServerConfiguration

Found a static server object

issuer	https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4
jwks_uri	https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4/.well-known/jwks.json
authorization_endpoint	https://gh0stid.authn.cc/oauth2/authorize
token_endpoint	https://gh0stid.authn.cc/oauth2/token
userinfo_endpoint	https://gh0stid.authn.cc/oauth2/userInfo

2024-04-25 21:24:25

(1) More

SUCCESS

CheckServerConfiguration

Found required server configuration keys

required

[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]

2024-04-25 21:24:25

(4) More

SUCCESS

ExtractTLSTestValuesFromServerConfiguration

Extracted TLS information from authorization server configuration

registration_endpoint
authorization_endpoint	{ "testHost": "gh0stid.authn.cc", "testPort": 443 }
token_endpoint	{ "testHost": "gh0stid.authn.cc", "testPort": 443 }
userinfo_endpoint	{ "testHost": "gh0stid.authn.cc", "testPort": 443 }

2024-04-25 21:24:25

(1) More

FetchServerKeys

Fetching server key

jwks_uri

https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4/.well-known/jwks.json

2024-04-25 21:24:25

(4) More

FetchServerKeys

HTTP request

request_uri	https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4/.well-known/jwks.json
request_method	GET
request_headers	{ "Accept": "text/plain, application/json, application/+json, /*", "Content-Length": "0" }
request_body

2024-04-25 21:24:25

(4) More

RESPONSE

FetchServerKeys

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "date": "Thu, 25 Apr 2024 21:24:25 GMT", "content-type": "application/json", "content-length": "916", "connection": "keep-alive", "x-amzn-requestid": "270cc9a5-7684-4c39-a878-799b360c48bb", "cache-control": "public, max-age\u003d86400" }
response_body	{"keys":[{"alg":"RS256","e":"AQAB","kid":"GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM=","kty":"RSA","n":"pk9pSBQvfQKC-QIxPifnyLdjn4vMrb8eLtS78mLQKhPhFLk-O6zFyV0Ie3i2LCKv7meRPlxXixsqhBxvKFweswtOYfqS04sXOFDsgzrqDIFAxNIlpL4Hr1BlDTwfLy5OsLdNyeAy05gNs-HXYh0XsTSdCsUIj7czWNjq77n1anzWub8jCrokKkMksfJNdzgktPregWhedsl3F1vYjYdFRUE-w1LLHaynizxdswj_OJ6GxB_BCCkuAGIYk6wlTOSOStMVq2IWMThwiEd2PPNKKbAT_WdK9o4hR24p6vHbNIYqLGaCl91vuWwTOv4DeBJL7TkvPHVoUqXIZbhZZVYb3Q","use":"sig"},{"alg":"RS256","e":"AQAB","kid":"m26sRoFkJsrCnVgdRO0sT3aj3swpDqtjVZVnhytY5SQ=","kty":"RSA","n":"uxcVDDkFFNxEElSqe55-rjj9Bt27G3Qe36Zl-b9pRIHDSGvXico8ZcZrJl8wTqSYLcJm2x4emgxsa-LDDBlzxxtErwH7CLCbOckumpzh2k9qdusDQXxJcvWEc79qmiLG2Vq8T4m6s4ggVfqBO644YuVdYeDZLsIwmWZwg0tQqwYfivg7ezoJponxVisaze0_sXWClavLLiDNA3bzC4vKoHmqRRHmTTzgisynQstyWznh17dW5c0If2PVF8meanUSIFjRal6DHJ-qS6-mTZIMp5T1S0Xvr35OoPYDwtOpIeIMm5SOWhpuFQKrg4j8epBB6ZftrZLVxOii8A14gJ0ILQ","use":"sig"}]}

2024-04-25 21:24:25

(1) More

FetchServerKeys

Found JWK set string

jwk_string

{"keys":[{"alg":"RS256","e":"AQAB","kid":"GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM=","kty":"RSA","n":"pk9pSBQvfQKC-QIxPifnyLdjn4vMrb8eLtS78mLQKhPhFLk-O6zFyV0Ie3i2LCKv7meRPlxXixsqhBxvKFweswtOYfqS04sXOFDsgzrqDIFAxNIlpL4Hr1BlDTwfLy5OsLdNyeAy05gNs-HXYh0XsTSdCsUIj7czWNjq77n1anzWub8jCrokKkMksfJNdzgktPregWhedsl3F1vYjYdFRUE-w1LLHaynizxdswj_OJ6GxB_BCCkuAGIYk6wlTOSOStMVq2IWMThwiEd2PPNKKbAT_WdK9o4hR24p6vHbNIYqLGaCl91vuWwTOv4DeBJL7TkvPHVoUqXIZbhZZVYb3Q","use":"sig"},{"alg":"RS256","e":"AQAB","kid":"m26sRoFkJsrCnVgdRO0sT3aj3swpDqtjVZVnhytY5SQ=","kty":"RSA","n":"uxcVDDkFFNxEElSqe55-rjj9Bt27G3Qe36Zl-b9pRIHDSGvXico8ZcZrJl8wTqSYLcJm2x4emgxsa-LDDBlzxxtErwH7CLCbOckumpzh2k9qdusDQXxJcvWEc79qmiLG2Vq8T4m6s4ggVfqBO644YuVdYeDZLsIwmWZwg0tQqwYfivg7ezoJponxVisaze0_sXWClavLLiDNA3bzC4vKoHmqRRHmTTzgisynQstyWznh17dW5c0If2PVF8meanUSIFjRal6DHJ-qS6-mTZIMp5T1S0Xvr35OoPYDwtOpIeIMm5SOWhpuFQKrg4j8epBB6ZftrZLVxOii8A14gJ0ILQ","use":"sig"}]}

2024-04-25 21:24:25

(1) More

SUCCESS

FetchServerKeys

Found server JWK set

server_jwks

{
  "keys": [
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM\u003d",
      "kty": "RSA",
      "n": "pk9pSBQvfQKC-QIxPifnyLdjn4vMrb8eLtS78mLQKhPhFLk-O6zFyV0Ie3i2LCKv7meRPlxXixsqhBxvKFweswtOYfqS04sXOFDsgzrqDIFAxNIlpL4Hr1BlDTwfLy5OsLdNyeAy05gNs-HXYh0XsTSdCsUIj7czWNjq77n1anzWub8jCrokKkMksfJNdzgktPregWhedsl3F1vYjYdFRUE-w1LLHaynizxdswj_OJ6GxB_BCCkuAGIYk6wlTOSOStMVq2IWMThwiEd2PPNKKbAT_WdK9o4hR24p6vHbNIYqLGaCl91vuWwTOv4DeBJL7TkvPHVoUqXIZbhZZVYb3Q",
      "use": "sig"
    },
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "m26sRoFkJsrCnVgdRO0sT3aj3swpDqtjVZVnhytY5SQ\u003d",
      "kty": "RSA",
      "n": "uxcVDDkFFNxEElSqe55-rjj9Bt27G3Qe36Zl-b9pRIHDSGvXico8ZcZrJl8wTqSYLcJm2x4emgxsa-LDDBlzxxtErwH7CLCbOckumpzh2k9qdusDQXxJcvWEc79qmiLG2Vq8T4m6s4ggVfqBO644YuVdYeDZLsIwmWZwg0tQqwYfivg7ezoJponxVisaze0_sXWClavLLiDNA3bzC4vKoHmqRRHmTTzgisynQstyWznh17dW5c0If2PVF8meanUSIFjRal6DHJ-qS6-mTZIMp5T1S0Xvr35OoPYDwtOpIeIMm5SOWhpuFQKrg4j8epBB6ZftrZLVxOii8A14gJ0ILQ",
      "use": "sig"
    }
  ]
}

2024-04-25 21:24:25

(1) More

SUCCESS

CheckServerKeysIsValid

Server JWKs is valid

server_jwks

{
  "keys": [
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM\u003d",
      "kty": "RSA",
      "n": "pk9pSBQvfQKC-QIxPifnyLdjn4vMrb8eLtS78mLQKhPhFLk-O6zFyV0Ie3i2LCKv7meRPlxXixsqhBxvKFweswtOYfqS04sXOFDsgzrqDIFAxNIlpL4Hr1BlDTwfLy5OsLdNyeAy05gNs-HXYh0XsTSdCsUIj7czWNjq77n1anzWub8jCrokKkMksfJNdzgktPregWhedsl3F1vYjYdFRUE-w1LLHaynizxdswj_OJ6GxB_BCCkuAGIYk6wlTOSOStMVq2IWMThwiEd2PPNKKbAT_WdK9o4hR24p6vHbNIYqLGaCl91vuWwTOv4DeBJL7TkvPHVoUqXIZbhZZVYb3Q",
      "use": "sig"
    },
    {
      "alg": "RS256",
      "e": "AQAB",
      "kid": "m26sRoFkJsrCnVgdRO0sT3aj3swpDqtjVZVnhytY5SQ\u003d",
      "kty": "RSA",
      "n": "uxcVDDkFFNxEElSqe55-rjj9Bt27G3Qe36Zl-b9pRIHDSGvXico8ZcZrJl8wTqSYLcJm2x4emgxsa-LDDBlzxxtErwH7CLCbOckumpzh2k9qdusDQXxJcvWEc79qmiLG2Vq8T4m6s4ggVfqBO644YuVdYeDZLsIwmWZwg0tQqwYfivg7ezoJponxVisaze0_sXWClavLLiDNA3bzC4vKoHmqRRHmTTzgisynQstyWznh17dW5c0If2PVF8meanUSIFjRal6DHJ-qS6-mTZIMp5T1S0Xvr35OoPYDwtOpIeIMm5SOWhpuFQKrg4j8epBB6ZftrZLVxOii8A14gJ0ILQ",
      "use": "sig"
    }
  ]
}

2024-04-25 21:24:25	SUCCESS RFC7517-1.1	ValidateServerJWKs Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url

2024-04-25 21:24:25	SUCCESS OIDCC-10.1	CheckForKeyIdInServerJWKs All keys contain kids

2024-04-25 21:24:25

(1) More

SUCCESS

RFC7517-4.5

CheckDistinctKeyIdValueInServerJWKs

Distinct 'kid' value in all keys of server_jwks

see	https://bitbucket.org/openid/connect/issues/1127

2024-04-25 21:24:25	SUCCESS RFC7518-6.3.2.1	EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys Jwks does not contain any private or symmetric keys

2024-04-25 21:24:25

(2) More

SUCCESS

GetStaticClientConfiguration

Found a static client object

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
client_secret	74k6uj0oqgu1fihmnjvlte3o5sc5tnf59o15an7kvp75touqpcd

2024-04-25 21:24:25

(3) More

INFO

RFC7517-1.1

ValidateClientJWKsPrivatePart

Skipped evaluation due to missing required element: client jwks

path	jwks
mapped
object	client

2024-04-25 21:24:25

(3) More

INFO

ExtractJWKsFromStaticClientConfiguration

Skipped evaluation due to missing required element: client jwks

path	jwks
mapped
object	client

2024-04-25 21:24:25

(3) More

INFO

RFC7517-4.5

CheckDistinctKeyIdValueInClientJWKs

Skipped evaluation due to missing required element: client jwks

path	jwks
mapped
object	client

2024-04-25 21:24:25

(1) More

SetScopeInClientConfigurationToOpenId

Set scope in client configuration to "openid"

scope

openid

2024-04-25 21:24:25

(1) More

SUCCESS

SetProtectedResourceUrlToUserInfoEndpoint

userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.

protected_resource_url

https://gh0stid.authn.cc/oauth2/userInfo

2024-04-25 21:24:25		oidcc-server Setup Done

Make request to authorization endpoint

2024-04-25 21:24:25

(3) More

SUCCESS

CreateAuthorizationEndpointRequestFromClientInformation

Created authorization endpoint request

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback
scope	openid

2024-04-25 21:24:25

(2) More

CreateRandomStateValue

Created state value

requested_state_length	10
state	Sv4W2DpPrn

2024-04-25 21:24:25

(4) More

SUCCESS

AddStateToAuthorizationEndpointRequest

Added state parameter to request

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback
scope	openid
state	Sv4W2DpPrn

2024-04-25 21:24:25

(2) More

CreateRandomNonceValue

Created nonce value

requested_nonce_length	10
nonce	bihup8RMUb

2024-04-25 21:24:25

(5) More

SUCCESS

AddNonceToAuthorizationEndpointRequest

Added nonce parameter to request

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback
scope	openid
state	Sv4W2DpPrn
nonce	bihup8RMUb

2024-04-25 21:24:25

(6) More

SUCCESS

SetAuthorizationEndpointRequestResponseTypeFromEnvironment

Added response_type parameter to request

client_id	3fsi45vsoqf5jr65tsdhr0vjc1
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback
scope	openid
state	Sv4W2DpPrn
nonce	bihup8RMUb
response_type	code

2024-04-25 21:24:25

(2) More

SUCCESS

BuildPlainRedirectToAuthorizationEndpoint

Sending to authorization endpoint

auth_request

{
  "client_id": "3fsi45vsoqf5jr65tsdhr0vjc1",
  "redirect_uri": "https://www.certification.openid.net/test/a/ad04252024test/callback",
  "scope": "openid",
  "state": "Sv4W2DpPrn",
  "nonce": "bihup8RMUb",
  "response_type": "code"
}

redirect_to_authorization_endpoint

https://gh0stid.authn.cc/oauth2/authorize?client_id=3fsi45vsoqf5jr65tsdhr0vjc1&redirect_uri=https://www.certification.openid.net/test/a/ad04252024test/callback&scope=openid&state=Sv4W2DpPrn&nonce=bihup8RMUb&response_type=code

2024-04-25 21:24:25

(1) More

REDIRECT

oidcc-server

Redirecting to authorization endpoint

redirect_to

https://gh0stid.authn.cc/oauth2/authorize?client_id=3fsi45vsoqf5jr65tsdhr0vjc1&redirect_uri=https://www.certification.openid.net/test/a/ad04252024test/callback&scope=openid&state=Sv4W2DpPrn&nonce=bihup8RMUb&response_type=code

2024-04-25 21:24:27

(12) More

INCOMING

oidcc-server

Incoming HTTP request to /test/a/ad04252024test/callback

incoming_headers	{ "host": "www.certification.openid.net", "upgrade-insecure-requests": "1", "dnt": "1", "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36", "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,/;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.7", "sec-fetch-site": "cross-site", "sec-fetch-mode": "navigate", "sec-fetch-user": "?1", "sec-fetch-dest": "document", "sec-ch-ua": "\"Google Chrome\";v\u003d\"123\", \"Not:A-Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"123\"", "sec-ch-ua-mobile": "?0", "sec-ch-ua-platform": "\"macOS\"", "referer": "https://www.certification.openid.net/", "accept-encoding": "gzip, deflate, br, zstd", "accept-language": "en-US,en;q\u003d0.9", "cookie": "_gid\u003dGA1.2.1443682475.1714075565; _ga\u003dGA1.2.1767720666.1713926739; _ga_NF8HNLNJJE\u003dGS1.1.1714075564.4.1.1714075870.0.0.0; JSESSIONID\u003d797FF28062B72DC3DC14BB1BDEEE15E6", "connection": "close" }
incoming_path	/test/a/ad04252024test/callback
incoming_body_form_params
incoming_method	GET
incoming_tls_version	TLSv1.2
incoming_tls_cert
incoming_query_string_params	{ "code": "5550b2d1-dc82-4b13-893c-f8ebb0b041f5", "state": "Sv4W2DpPrn" }
incoming_body
incoming_tls_chain	[ "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL" ]
incoming_body_json_parse_error
incoming_tls_cipher	ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json

2024-04-25 21:24:27

(1) More

SUCCESS

CreateRandomImplicitSubmitUrl

Created random implicit submission URL

implicit_submit

{
  "path": "implicit/lpQsKLZgEu62wGI1C4f7",
  "fullUrl": "https://www.certification.openid.net/test/a/ad04252024test/implicit/lpQsKLZgEu62wGI1C4f7"
}

2024-04-25 21:24:27

(2) More

OUTGOING

oidcc-server

Response to HTTP request to test instance 1VlT0rFlpYI9nuN

outgoing

ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/ad04252024test/implicit/lpQsKLZgEu62wGI1C4f7, returnUrl=/log-detail.html?log=1VlT0rFlpYI9nuN}]

outgoing_path

callback

2024-04-25 21:24:27

(12) More

INCOMING

oidcc-server

Incoming HTTP request to /test/a/ad04252024test/implicit/lpQsKLZgEu62wGI1C4f7

incoming_headers	{ "host": "www.certification.openid.net", "sec-ch-ua": "\"Google Chrome\";v\u003d\"123\", \"Not:A-Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"123\"", "sec-ch-ua-platform": "\"macOS\"", "dnt": "1", "sec-ch-ua-mobile": "?0", "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36", "content-type": "text/plain", "accept": "/", "origin": "https://www.certification.openid.net", "sec-fetch-site": "same-origin", "sec-fetch-mode": "cors", "sec-fetch-dest": "empty", "referer": "https://www.certification.openid.net/test/a/ad04252024test/callback?code\u003d5550b2d1-dc82-4b13-893c-f8ebb0b041f5\u0026state\u003dSv4W2DpPrn", "accept-encoding": "gzip, deflate, br, zstd", "accept-language": "en-US,en;q\u003d0.9", "cookie": "_gid\u003dGA1.2.1443682475.1714075565; _ga\u003dGA1.2.1767720666.1713926739; _ga_NF8HNLNJJE\u003dGS1.1.1714075564.4.1.1714075870.0.0.0; JSESSIONID\u003d797FF28062B72DC3DC14BB1BDEEE15E6", "content-length": "0", "connection": "close" }
incoming_path	/test/a/ad04252024test/implicit/lpQsKLZgEu62wGI1C4f7
incoming_body_form_params
incoming_method	POST
incoming_tls_version	TLSv1.2
incoming_tls_cert
incoming_query_string_params	{}
incoming_body
incoming_tls_chain	[ "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL" ]
incoming_body_json_parse_error
incoming_tls_cipher	ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json

2024-04-25 21:24:27

(4) More

OUTGOING

oidcc-server

Response to HTTP request to test instance 1VlT0rFlpYI9nuN

outgoing_status_code	204
outgoing_headers	{}
outgoing_body
outgoing_path	implicit/lpQsKLZgEu62wGI1C4f7

2024-04-25 21:24:27	SUCCESS	ExtractImplicitHashToCallbackResponse implicit_hash is empty

2024-04-25 21:24:27

(5) More

REDIRECT-IN

oidcc-server

Authorization endpoint response captured

url_query	{ "code": "5550b2d1-dc82-4b13-893c-f8ebb0b041f5", "state": "Sv4W2DpPrn" }
headers	{ "host": "www.certification.openid.net", "upgrade-insecure-requests": "1", "dnt": "1", "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36", "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,/;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.7", "sec-fetch-site": "cross-site", "sec-fetch-mode": "navigate", "sec-fetch-user": "?1", "sec-fetch-dest": "document", "sec-ch-ua": "\"Google Chrome\";v\u003d\"123\", \"Not:A-Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"123\"", "sec-ch-ua-mobile": "?0", "sec-ch-ua-platform": "\"macOS\"", "referer": "https://www.certification.openid.net/", "accept-encoding": "gzip, deflate, br, zstd", "accept-language": "en-US,en;q\u003d0.9", "cookie": "_gid\u003dGA1.2.1443682475.1714075565; _ga\u003dGA1.2.1767720666.1713926739; _ga_NF8HNLNJJE\u003dGS1.1.1714075564.4.1.1714075870.0.0.0; JSESSIONID\u003d797FF28062B72DC3DC14BB1BDEEE15E6", "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256", "x-ssl-protocol": "TLSv1.2", "x-forwarded-proto": "https", "x-forwarded-port": "443", "x-forwarded-host": "www.certification.openid.net", "x-forwarded-server": "www.certification.openid.net", "connection": "close" }
http_method	GET
url_fragment	{}
post_body

Verify authorization endpoint response

2024-04-25 21:24:27	SUCCESS	CheckMatchingCallbackParameters Callback parameters successfully verified

2024-04-25 21:24:27		ValidateIssIfPresentInAuthorizationResponse No 'iss' value in authorization response.

2024-04-25 21:24:27	SUCCESS	CheckIfAuthorizationEndpointError No error from authorization endpoint

2024-04-25 21:24:27

(1) More

SUCCESS

CheckStateInAuthorizationResponse

State in response correctly returned

state

Sv4W2DpPrn

2024-04-25 21:24:27

(1) More

SUCCESS

ExtractAuthorizationCodeFromAuthorizationResponse

Found authorization code

code	5550b2d1-dc82-4b13-893c-f8ebb0b041f5

2024-04-25 21:24:27

(2) More

SUCCESS

RFC6819-5.1.4.2-2 RFC6749-10.10

EnsureMinimumAuthorizationCodeLength

Authorization code is of sufficient length

actual	288
required	128

2024-04-25 21:24:27

(3) More

SUCCESS

RFC6819-5.1.4.2-2 RFC6749-10.10

EnsureMinimumAuthorizationCodeEntropy

Calculated shannon entropy seems sufficient

actual	132.242997070996
expected	96.0
value	5550b2d1-dc82-4b13-893c-f8ebb0b041f5

2024-04-25 21:24:27

(3) More

SUCCESS

CreateTokenEndpointRequestForAuthorizationCodeGrant

Created token endpoint request

grant_type	authorization_code
code	5550b2d1-dc82-4b13-893c-f8ebb0b041f5
redirect_uri	https://www.certification.openid.net/test/a/ad04252024test/callback

2024-04-25 21:24:27

(1) More

SUCCESS

AddBasicAuthClientSecretAuthenticationParameters

Added basic authorization header

Authorization

Basic M2ZzaTQ1dnNvcWY1anI2NXRzZGhyMHZqYzE6NzRrNnVqMG9xZ3UxZmlobW5qdmx0ZTNvNXNjNXRuZjU5bzE1YW43a3ZwNzV0b3VxcGNk

2024-04-25 21:24:27

(4) More

CallTokenEndpoint

HTTP request

request_uri	https://gh0stid.authn.cc/oauth2/token
request_method	POST
request_headers	{ "Accept": "application/json", "Authorization": "Basic M2ZzaTQ1dnNvcWY1anI2NXRzZGhyMHZqYzE6NzRrNnVqMG9xZ3UxZmlobW5qdmx0ZTNvNXNjNXRuZjU5bzE1YW43a3ZwNzV0b3VxcGNk", "Content-Type": "application/x-www-form-urlencoded;charset\u003dUTF-8", "Content-Length": "166" }
request_body	grant_type=authorization_code&code=5550b2d1-dc82-4b13-893c-f8ebb0b041f5&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fad04252024test%2Fcallback

2024-04-25 21:24:27

(4) More

RESPONSE

CallTokenEndpoint

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "content-type": "application/json;charset\u003dUTF-8", "transfer-encoding": "chunked", "connection": "keep-alive", "date": "Thu, 25 Apr 2024 21:24:27 GMT", "content-security-policy-report-only": "script-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; style-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; img-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; report-uri https://gh0stid.authn.cc/cspreport", "set-cookie": "XSRF-TOKEN\u003d8b6f92e0-95ae-4ea9-a4c9-a4b43280e2ae; Path\u003d/; Secure; HttpOnly; SameSite\u003dLax", "x-amz-cognito-request-id": "de889fc5-52fc-4e82-93a1-220c7d720a40", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode\u003dblock", "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate", "pragma": "no-cache", "expires": "0", "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains", "x-frame-options": "DENY", "server": "Server", "x-cache": "Miss from cloudfront", "via": "1.1 5d219c13711b70ba6da9405b48e9ea06.cloudfront.net (CloudFront)", "x-amz-cf-pop": "MIA3-P2", "x-amz-cf-id": "DiIONHEJ3vSvbbq3hBIMe5FWvwYfhVahD3623CNe_N7pNJQaLndciw\u003d\u003d" }
response_body	{"id_token":"eyJraWQiOiJHSEJEUE1VYzU0SlFRaGpGdTIwQk4yaVFRM3Y1Z0d4K1J3M1wvTXF3T3F4TT0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoidVRuaVhUaUtNYzB3cU02ZURYekR4QSIsInN1YiI6Ijc3NDY1OGU5LWUxYTgtNGRkNy05ZjNmLTY5NjAyYTM0OThhMyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJjb2duaXRvOnVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSIsIm5vbmNlIjoiYmlodXA4Uk1VYiIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJhdWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNzE0MDgwMjY3LCJleHAiOjE3MTQwODM4NjcsImlhdCI6MTcxNDA4MDI2NywianRpIjoiZTVhOTIyNzYtZDU1NS00ZWE3LTk0YWItN2Y1MzE1YzBmNTQwIiwiZW1haWwiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.YkASYMVpPFMbckr-arjIWlOk6K9rnVDfnbkqepb6TkWZGM7owl2UyWH718vw5Le97ObfkSj05569M_8T3h6qa4tfsNeEd_Ol543yTlzMFp8XgA9ed_lUJeYX1xgUJkpUovmCD5tskrrd8vhq6SG0rfQWjR9jLjKQlD0KG9IMVdUD8Mj1jhjI-_sO_c2lH8Xvov23MWdr6iAJXwVaznOhl1DEG9jyztS9g9KJ9OOrbZtO2Lv1UkIeqqTmaBGbre_Oc1vcsUkNX5pf-HOQt_rNQzKd5NVhX_dS-FEdJAhSPu0-veHzbJYoIJI-aJ7aEY-GbYRFtC-PXA9dCA3fxlYRog","access_token":"eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6Im9wZW5pZCIsImF1dGhfdGltZSI6MTcxNDA4MDI2NywiZXhwIjoxNzE0MDgzODY3LCJpYXQiOjE3MTQwODAyNjcsImp0aSI6IjFhMGUyYjZhLTRmYWEtNDAxYi05Zjc2LWM4OTQ0MjMyNmZhZiIsInVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSJ9.izPMZdQqWYrK_KSyaxLmkQQVMyPMhqxeRxhHuDbYt-nT3Eg6lLTvgtbouY6ZIqRUeeyxQbwZp4zCTfWOb2ilE_CmXYJR-aO1sIZ_84jUOIgKwJI-cS3vceOTjoCMxRN98pvc2aavP4zXLVdL_T3UzgwsfMM4F1oqfeFQFdkLQGZpYQbk2Y_7sEmgSgG3s8rVkOwGwK2AR0-jP10LMwO5H78APFYri1MElotet2TFLnP0MWuM4Ka6XwUzHzzmLcuMsP93xoTcxgaWC4xK99qoOwRFBHaMO_fJSwmCYnwoa8Vpbcsw71WZPXhuApgJp0po7Zm7f9PsWYYINoqRS2fEfQ","refresh_token":"eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.2jjsRBAvO4oq-MleTOezV96OMfZuuGo5tWQ-TtEr4rapww016deR5B8FlIxzuO4c0okLRDteYJPBk_lLjyPu8brEJzIVaprB1UtM6moMpa9p0x4ctfd2s8ZxQijjz64rKTEJhz-0-R_w_HcJlYbeO_4OB5BTNCPd7NgEM5Uuj8KdQuN8X1suZhKKdvM5y7ljiuQk8Y5LvQveCRkJoalmHG12xCTeqBErbIYRLZjMRKT0QCGkUwWPVtFBrsHnRqTeGMJWB4uD2BofMAf8ijc8l7P_Ti7uU22WVqRMZJsJ3i2UUvQWqfCv3QUPYAY5qWkMS0OBkkXNNpBc1SmVxhJ2RA.04Ok5F0U6ZmuIEgn.fNoyx6JeO-7ZHTjKTfCqIGftFL7Hqfi6WYNesIR9Y1ZSYHaF-CKIfiKfcc4wu_35eZRTSEwoRNtUPg_W3FzW0-4jQqPw9Z3v6Z-On3dDS2ZNl2LnW4dNq3mw447M1OWiCpqFV0dDpNx22XU_dhlmshzou9vAfRp0KUZcnhlNLYuyiby3GMAkhPYz5-AN8Cqt7e_x1uaunapiCFDzqOCnZqvKODXKYDXCJ8jBJq4_GXTs3Xsme1-uWc4DZ2Xi37_X4ClcT89H6LCsdqicTabIPtTeQdhJxb6Zco3f6SiN_OQ_RqmeNqWmhuB7qXVV9A4a_mMOwZaBo0wkWFsyWJ6PnD6YKPQpMWUTbSvgbpDIHOYkOYQ8jyZfLiTZVCRj1VpCOAglm8D9biELxxNudzBBlIwvJcHCuyWrPuKyC1vhl7habxFv3DCX0f4EkeqrCF84n-Y32Z3__qphYMkHTF1G1QoF61IsnmgyqEWHyfJyibciz20OhPgQMfpQ_MxXWVfJ0C-fcVQQ0Vm9wT5j_C2GEGjRFfW1mhawxSBxlzje9KESvn7v6e3cEXB28h6_qzyggpppRemgBnybrs73Uu_I3VWihj2_XCFo6SFNGuh3QIAzldjT9WnYh7_i8_59fhrOoESpno6hVjXSsH-R9PeLR0DB8KtJu6fGZZ5Bc22dEB8wqzV36UTm2IO05hwIBghAJZXu8NN7wzOGktQc89LYuUttvrURwHFMaMeK9gYYIGfbI8W8WX_zF-3bkcge57mxsNw4nKrlvb_JcWgNba7ilSMZW3Y31-bPHnxb1ZuMVVhHXSny8cD-twWNGVNZgK-r8e8DvKe8y0-MgZgHQKdiz-Oj78t3pJQTfosv3G8UVKPRVeU30CtZnlmR7Yrj9EhtVM1WHOvMgi6aVx_p-ZTdodpOZC5HCstLGuQfBCr-J85C2g53WVSfnQIAYzOS5hBFA0kU1faRyh5hvMWxJqXbyiRNKkpsYPzRTV47JV31DvisQvotdeCDtZ88_yfU1rsvrsJo3iQPby03eyrUrCMne_xuKNNs4LfK3bWCCQqDvHd2boHHCyeZTa6YE3EQQ-a4opUp7lqZb2Sk_pakjbuCXMtK79O3YB50mi2EIybcU4PwI49meopKbsoJelTLrb6U1Xm1NynsnU6CoalKGFp-LSm4moGylRGXlYLcO1Z0vjXZ1vVNe1pK.zVvHVBavTAS88GkSwgoo8A","expires_in":3600,"token_type":"Bearer"}

2024-04-25 21:24:27

(5) More

SUCCESS

CallTokenEndpoint

Parsed token endpoint response

id_token	eyJraWQiOiJHSEJEUE1VYzU0SlFRaGpGdTIwQk4yaVFRM3Y1Z0d4K1J3M1wvTXF3T3F4TT0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoidVRuaVhUaUtNYzB3cU02ZURYekR4QSIsInN1YiI6Ijc3NDY1OGU5LWUxYTgtNGRkNy05ZjNmLTY5NjAyYTM0OThhMyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJjb2duaXRvOnVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSIsIm5vbmNlIjoiYmlodXA4Uk1VYiIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJhdWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNzE0MDgwMjY3LCJleHAiOjE3MTQwODM4NjcsImlhdCI6MTcxNDA4MDI2NywianRpIjoiZTVhOTIyNzYtZDU1NS00ZWE3LTk0YWItN2Y1MzE1YzBmNTQwIiwiZW1haWwiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.YkASYMVpPFMbckr-arjIWlOk6K9rnVDfnbkqepb6TkWZGM7owl2UyWH718vw5Le97ObfkSj05569M_8T3h6qa4tfsNeEd_Ol543yTlzMFp8XgA9ed_lUJeYX1xgUJkpUovmCD5tskrrd8vhq6SG0rfQWjR9jLjKQlD0KG9IMVdUD8Mj1jhjI-_sO_c2lH8Xvov23MWdr6iAJXwVaznOhl1DEG9jyztS9g9KJ9OOrbZtO2Lv1UkIeqqTmaBGbre_Oc1vcsUkNX5pf-HOQt_rNQzKd5NVhX_dS-FEdJAhSPu0-veHzbJYoIJI-aJ7aEY-GbYRFtC-PXA9dCA3fxlYRog
access_token	eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6Im9wZW5pZCIsImF1dGhfdGltZSI6MTcxNDA4MDI2NywiZXhwIjoxNzE0MDgzODY3LCJpYXQiOjE3MTQwODAyNjcsImp0aSI6IjFhMGUyYjZhLTRmYWEtNDAxYi05Zjc2LWM4OTQ0MjMyNmZhZiIsInVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSJ9.izPMZdQqWYrK_KSyaxLmkQQVMyPMhqxeRxhHuDbYt-nT3Eg6lLTvgtbouY6ZIqRUeeyxQbwZp4zCTfWOb2ilE_CmXYJR-aO1sIZ_84jUOIgKwJI-cS3vceOTjoCMxRN98pvc2aavP4zXLVdL_T3UzgwsfMM4F1oqfeFQFdkLQGZpYQbk2Y_7sEmgSgG3s8rVkOwGwK2AR0-jP10LMwO5H78APFYri1MElotet2TFLnP0MWuM4Ka6XwUzHzzmLcuMsP93xoTcxgaWC4xK99qoOwRFBHaMO_fJSwmCYnwoa8Vpbcsw71WZPXhuApgJp0po7Zm7f9PsWYYINoqRS2fEfQ
refresh_token	eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.2jjsRBAvO4oq-MleTOezV96OMfZuuGo5tWQ-TtEr4rapww016deR5B8FlIxzuO4c0okLRDteYJPBk_lLjyPu8brEJzIVaprB1UtM6moMpa9p0x4ctfd2s8ZxQijjz64rKTEJhz-0-R_w_HcJlYbeO_4OB5BTNCPd7NgEM5Uuj8KdQuN8X1suZhKKdvM5y7ljiuQk8Y5LvQveCRkJoalmHG12xCTeqBErbIYRLZjMRKT0QCGkUwWPVtFBrsHnRqTeGMJWB4uD2BofMAf8ijc8l7P_Ti7uU22WVqRMZJsJ3i2UUvQWqfCv3QUPYAY5qWkMS0OBkkXNNpBc1SmVxhJ2RA.04Ok5F0U6ZmuIEgn.fNoyx6JeO-7ZHTjKTfCqIGftFL7Hqfi6WYNesIR9Y1ZSYHaF-CKIfiKfcc4wu_35eZRTSEwoRNtUPg_W3FzW0-4jQqPw9Z3v6Z-On3dDS2ZNl2LnW4dNq3mw447M1OWiCpqFV0dDpNx22XU_dhlmshzou9vAfRp0KUZcnhlNLYuyiby3GMAkhPYz5-AN8Cqt7e_x1uaunapiCFDzqOCnZqvKODXKYDXCJ8jBJq4_GXTs3Xsme1-uWc4DZ2Xi37_X4ClcT89H6LCsdqicTabIPtTeQdhJxb6Zco3f6SiN_OQ_RqmeNqWmhuB7qXVV9A4a_mMOwZaBo0wkWFsyWJ6PnD6YKPQpMWUTbSvgbpDIHOYkOYQ8jyZfLiTZVCRj1VpCOAglm8D9biELxxNudzBBlIwvJcHCuyWrPuKyC1vhl7habxFv3DCX0f4EkeqrCF84n-Y32Z3__qphYMkHTF1G1QoF61IsnmgyqEWHyfJyibciz20OhPgQMfpQ_MxXWVfJ0C-fcVQQ0Vm9wT5j_C2GEGjRFfW1mhawxSBxlzje9KESvn7v6e3cEXB28h6_qzyggpppRemgBnybrs73Uu_I3VWihj2_XCFo6SFNGuh3QIAzldjT9WnYh7_i8_59fhrOoESpno6hVjXSsH-R9PeLR0DB8KtJu6fGZZ5Bc22dEB8wqzV36UTm2IO05hwIBghAJZXu8NN7wzOGktQc89LYuUttvrURwHFMaMeK9gYYIGfbI8W8WX_zF-3bkcge57mxsNw4nKrlvb_JcWgNba7ilSMZW3Y31-bPHnxb1ZuMVVhHXSny8cD-twWNGVNZgK-r8e8DvKe8y0-MgZgHQKdiz-Oj78t3pJQTfosv3G8UVKPRVeU30CtZnlmR7Yrj9EhtVM1WHOvMgi6aVx_p-ZTdodpOZC5HCstLGuQfBCr-J85C2g53WVSfnQIAYzOS5hBFA0kU1faRyh5hvMWxJqXbyiRNKkpsYPzRTV47JV31DvisQvotdeCDtZ88_yfU1rsvrsJo3iQPby03eyrUrCMne_xuKNNs4LfK3bWCCQqDvHd2boHHCyeZTa6YE3EQQ-a4opUp7lqZb2Sk_pakjbuCXMtK79O3YB50mi2EIybcU4PwI49meopKbsoJelTLrb6U1Xm1NynsnU6CoalKGFp-LSm4moGylRGXlYLcO1Z0vjXZ1vVNe1pK.zVvHVBavTAS88GkSwgoo8A
expires_in	3600
token_type	Bearer

2024-04-25 21:24:27	SUCCESS	CheckIfTokenEndpointResponseError No error from token endpoint

2024-04-25 21:24:27

(1) More

SUCCESS

CheckForAccessTokenValue

Found an access token

access_token

eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6Im9wZW5pZCIsImF1dGhfdGltZSI6MTcxNDA4MDI2NywiZXhwIjoxNzE0MDgzODY3LCJpYXQiOjE3MTQwODAyNjcsImp0aSI6IjFhMGUyYjZhLTRmYWEtNDAxYi05Zjc2LWM4OTQ0MjMyNmZhZiIsInVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSJ9.izPMZdQqWYrK_KSyaxLmkQQVMyPMhqxeRxhHuDbYt-nT3Eg6lLTvgtbouY6ZIqRUeeyxQbwZp4zCTfWOb2ilE_CmXYJR-aO1sIZ_84jUOIgKwJI-cS3vceOTjoCMxRN98pvc2aavP4zXLVdL_T3UzgwsfMM4F1oqfeFQFdkLQGZpYQbk2Y_7sEmgSgG3s8rVkOwGwK2AR0-jP10LMwO5H78APFYri1MElotet2TFLnP0MWuM4Ka6XwUzHzzmLcuMsP93xoTcxgaWC4xK99qoOwRFBHaMO_fJSwmCYnwoa8Vpbcsw71WZPXhuApgJp0po7Zm7f9PsWYYINoqRS2fEfQ

2024-04-25 21:24:27

(2) More

SUCCESS

ExtractAccessTokenFromTokenResponse

Extracted the access token

value

eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6Im9wZW5pZCIsImF1dGhfdGltZSI6MTcxNDA4MDI2NywiZXhwIjoxNzE0MDgzODY3LCJpYXQiOjE3MTQwODAyNjcsImp0aSI6IjFhMGUyYjZhLTRmYWEtNDAxYi05Zjc2LWM4OTQ0MjMyNmZhZiIsInVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSJ9.izPMZdQqWYrK_KSyaxLmkQQVMyPMhqxeRxhHuDbYt-nT3Eg6lLTvgtbouY6ZIqRUeeyxQbwZp4zCTfWOb2ilE_CmXYJR-aO1sIZ_84jUOIgKwJI-cS3vceOTjoCMxRN98pvc2aavP4zXLVdL_T3UzgwsfMM4F1oqfeFQFdkLQGZpYQbk2Y_7sEmgSgG3s8rVkOwGwK2AR0-jP10LMwO5H78APFYri1MElotet2TFLnP0MWuM4Ka6XwUzHzzmLcuMsP93xoTcxgaWC4xK99qoOwRFBHaMO_fJSwmCYnwoa8Vpbcsw71WZPXhuApgJp0po7Zm7f9PsWYYINoqRS2fEfQ

type

Bearer

2024-04-25 21:24:27

(1) More

SUCCESS

RFC6749-5.1

ExtractExpiresInFromTokenEndpointResponse

Extracted 'expires_in'

expires_in

2024-04-25 21:24:27

(1) More

SUCCESS

RFC6749-5.1

ValidateExpiresIn

expires_in passed all validation checks

expires_in

2024-04-25 21:24:27

(1) More

SUCCESS

CheckForRefreshTokenValue

Found a refresh token

refresh_token

eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.2jjsRBAvO4oq-MleTOezV96OMfZuuGo5tWQ-TtEr4rapww016deR5B8FlIxzuO4c0okLRDteYJPBk_lLjyPu8brEJzIVaprB1UtM6moMpa9p0x4ctfd2s8ZxQijjz64rKTEJhz-0-R_w_HcJlYbeO_4OB5BTNCPd7NgEM5Uuj8KdQuN8X1suZhKKdvM5y7ljiuQk8Y5LvQveCRkJoalmHG12xCTeqBErbIYRLZjMRKT0QCGkUwWPVtFBrsHnRqTeGMJWB4uD2BofMAf8ijc8l7P_Ti7uU22WVqRMZJsJ3i2UUvQWqfCv3QUPYAY5qWkMS0OBkkXNNpBc1SmVxhJ2RA.04Ok5F0U6ZmuIEgn.fNoyx6JeO-7ZHTjKTfCqIGftFL7Hqfi6WYNesIR9Y1ZSYHaF-CKIfiKfcc4wu_35eZRTSEwoRNtUPg_W3FzW0-4jQqPw9Z3v6Z-On3dDS2ZNl2LnW4dNq3mw447M1OWiCpqFV0dDpNx22XU_dhlmshzou9vAfRp0KUZcnhlNLYuyiby3GMAkhPYz5-AN8Cqt7e_x1uaunapiCFDzqOCnZqvKODXKYDXCJ8jBJq4_GXTs3Xsme1-uWc4DZ2Xi37_X4ClcT89H6LCsdqicTabIPtTeQdhJxb6Zco3f6SiN_OQ_RqmeNqWmhuB7qXVV9A4a_mMOwZaBo0wkWFsyWJ6PnD6YKPQpMWUTbSvgbpDIHOYkOYQ8jyZfLiTZVCRj1VpCOAglm8D9biELxxNudzBBlIwvJcHCuyWrPuKyC1vhl7habxFv3DCX0f4EkeqrCF84n-Y32Z3__qphYMkHTF1G1QoF61IsnmgyqEWHyfJyibciz20OhPgQMfpQ_MxXWVfJ0C-fcVQQ0Vm9wT5j_C2GEGjRFfW1mhawxSBxlzje9KESvn7v6e3cEXB28h6_qzyggpppRemgBnybrs73Uu_I3VWihj2_XCFo6SFNGuh3QIAzldjT9WnYh7_i8_59fhrOoESpno6hVjXSsH-R9PeLR0DB8KtJu6fGZZ5Bc22dEB8wqzV36UTm2IO05hwIBghAJZXu8NN7wzOGktQc89LYuUttvrURwHFMaMeK9gYYIGfbI8W8WX_zF-3bkcge57mxsNw4nKrlvb_JcWgNba7ilSMZW3Y31-bPHnxb1ZuMVVhHXSny8cD-twWNGVNZgK-r8e8DvKe8y0-MgZgHQKdiz-Oj78t3pJQTfosv3G8UVKPRVeU30CtZnlmR7Yrj9EhtVM1WHOvMgi6aVx_p-ZTdodpOZC5HCstLGuQfBCr-J85C2g53WVSfnQIAYzOS5hBFA0kU1faRyh5hvMWxJqXbyiRNKkpsYPzRTV47JV31DvisQvotdeCDtZ88_yfU1rsvrsJo3iQPby03eyrUrCMne_xuKNNs4LfK3bWCCQqDvHd2boHHCyeZTa6YE3EQQ-a4opUp7lqZb2Sk_pakjbuCXMtK79O3YB50mi2EIybcU4PwI49meopKbsoJelTLrb6U1Xm1NynsnU6CoalKGFp-LSm4moGylRGXlYLcO1Z0vjXZ1vVNe1pK.zVvHVBavTAS88GkSwgoo8A

2024-04-25 21:24:27

(2) More

INFO

OIDCC-10.2

ValidateIdTokenFromTokenResponseEncryption

Skipped evaluation due to missing required object: client_jwks

expected	client_jwks
mapped

2024-04-25 21:24:27

(3) More

SUCCESS

OIDCC-3.3.3.3 OIDCC-3.1.3.3

ExtractIdTokenFromTokenResponse

Found and parsed the id_token from token_endpoint_response

value	eyJraWQiOiJHSEJEUE1VYzU0SlFRaGpGdTIwQk4yaVFRM3Y1Z0d4K1J3M1wvTXF3T3F4TT0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoidVRuaVhUaUtNYzB3cU02ZURYekR4QSIsInN1YiI6Ijc3NDY1OGU5LWUxYTgtNGRkNy05ZjNmLTY5NjAyYTM0OThhMyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJjb2duaXRvOnVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSIsIm5vbmNlIjoiYmlodXA4Uk1VYiIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJhdWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNzE0MDgwMjY3LCJleHAiOjE3MTQwODM4NjcsImlhdCI6MTcxNDA4MDI2NywianRpIjoiZTVhOTIyNzYtZDU1NS00ZWE3LTk0YWItN2Y1MzE1YzBmNTQwIiwiZW1haWwiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.YkASYMVpPFMbckr-arjIWlOk6K9rnVDfnbkqepb6TkWZGM7owl2UyWH718vw5Le97ObfkSj05569M_8T3h6qa4tfsNeEd_Ol543yTlzMFp8XgA9ed_lUJeYX1xgUJkpUovmCD5tskrrd8vhq6SG0rfQWjR9jLjKQlD0KG9IMVdUD8Mj1jhjI-_sO_c2lH8Xvov23MWdr6iAJXwVaznOhl1DEG9jyztS9g9KJ9OOrbZtO2Lv1UkIeqqTmaBGbre_Oc1vcsUkNX5pf-HOQt_rNQzKd5NVhX_dS-FEdJAhSPu0-veHzbJYoIJI-aJ7aEY-GbYRFtC-PXA9dCA3fxlYRog
header	{ "kid": "GHBDPMUc54JQQhjFu20BN2iQQ3v5gGx+Rw3/MqwOqxM\u003d", "alg": "RS256" }
claims	{ "at_hash": "uTniXTiKMc0wqM6eDXzDxA", "sub": "774658e9-e1a8-4dd7-9f3f-69602a3498a3", "email_verified": true, "iss": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4", "cognito:username": "[email protected]", "nonce": "bihup8RMUb", "origin_jti": "5c03ec65-f20b-4208-9ce4-51f931b7d0ba", "aud": "3fsi45vsoqf5jr65tsdhr0vjc1", "token_use": "id", "auth_time": 1714080267, "exp": 1714083867, "iat": 1714080267, "jti": "e5a92276-d555-4ea7-94ab-7f5315c0f540", "email": "[email protected]" }

2024-04-25 21:24:27	SUCCESS OIDCC-3.1.3.7	ValidateIdToken ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks

2024-04-25 21:24:27		ValidateIdTokenStandardClaims sub is a string with content

2024-04-25 21:24:27		ValidateIdTokenStandardClaims email_verified is a boolean

2024-04-25 21:24:27		ValidateIdTokenStandardClaims Skipping unknown claim: cognito:username

2024-04-25 21:24:27		ValidateIdTokenStandardClaims Skipping unknown claim: origin_jti

2024-04-25 21:24:27		ValidateIdTokenStandardClaims Skipping unknown claim: token_use

2024-04-25 21:24:27		ValidateIdTokenStandardClaims email is a string with content

2024-04-25 21:24:27	SUCCESS OIDCC-5.1	ValidateIdTokenStandardClaims id_token claims are valid

2024-04-25 21:24:27

(1) More

SUCCESS

OIDCC-2

ValidateIdTokenNonce

Nonce values match

nonce

bihup8RMUb

2024-04-25 21:24:27	SUCCESS OIDCC-5.5.1.1	ValidateIdTokenACRClaimAgainstRequest Nothing to check; the conformance suite did not request an acr claim in request object

2024-04-25 21:24:27

(1) More

SUCCESS

ValidateIdTokenSignature

id_token signature validated

id_token

eyJraWQiOiJHSEJEUE1VYzU0SlFRaGpGdTIwQk4yaVFRM3Y1Z0d4K1J3M1wvTXF3T3F4TT0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoidVRuaVhUaUtNYzB3cU02ZURYekR4QSIsInN1YiI6Ijc3NDY1OGU5LWUxYTgtNGRkNy05ZjNmLTY5NjAyYTM0OThhMyIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJjb2duaXRvOnVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSIsIm5vbmNlIjoiYmlodXA4Uk1VYiIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJhdWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsInRva2VuX3VzZSI6ImlkIiwiYXV0aF90aW1lIjoxNzE0MDgwMjY3LCJleHAiOjE3MTQwODM4NjcsImlhdCI6MTcxNDA4MDI2NywianRpIjoiZTVhOTIyNzYtZDU1NS00ZWE3LTk0YWItN2Y1MzE1YzBmNTQwIiwiZW1haWwiOiJvaWRjLnIxenlqQHBhc3Nmd2QuY29tIn0.YkASYMVpPFMbckr-arjIWlOk6K9rnVDfnbkqepb6TkWZGM7owl2UyWH718vw5Le97ObfkSj05569M_8T3h6qa4tfsNeEd_Ol543yTlzMFp8XgA9ed_lUJeYX1xgUJkpUovmCD5tskrrd8vhq6SG0rfQWjR9jLjKQlD0KG9IMVdUD8Mj1jhjI-_sO_c2lH8Xvov23MWdr6iAJXwVaznOhl1DEG9jyztS9g9KJ9OOrbZtO2Lv1UkIeqqTmaBGbre_Oc1vcsUkNX5pf-HOQt_rNQzKd5NVhX_dS-FEdJAhSPu0-veHzbJYoIJI-aJ7aEY-GbYRFtC-PXA9dCA3fxlYRog

2024-04-25 21:24:27

(1) More

SUCCESS

OIDCC-2

CheckForSubjectInIdToken

Found 'sub' in id_token

sub	774658e9-e1a8-4dd7-9f3f-69602a3498a3

2024-04-25 21:24:27		EnsureIdTokenUpdatedAtValid id_token response does not contain 'updated_at'

2024-04-25 21:24:27

(3) More

INFO

OIDCC-10.2 OIDC-10.2.1

ValidateEncryptedIdTokenHasKid

Skipped evaluation due to missing required element: id_token jwe_header

path	jwe_header
mapped
object	id_token

2024-04-25 21:24:27	SUCCESS OIDCC-5.5 OIDCC-5.5.1	EnsureIdTokenDoesNotContainName name claim not found in id_token, which is expected as it was not requested to be returned there

2024-04-25 21:24:27

(1) More

SUCCESS

RFC6749-5.1

ExtractExpiresInFromTokenEndpointResponse

Extracted 'expires_in'

expires_in

2024-04-25 21:24:27

(2) More

SUCCESS

OIDCC-3.3.3.6 OIDCC-3.3.2.11

ExtractAtHash

Extracted at_hash from ID Token

at_hash	uTniXTiKMc0wqM6eDXzDxA
alg	RS256

2024-04-25 21:24:27

(3) More

SUCCESS

OIDCC-3.3.2.11

ValidateAtHash

at_hash validated successfully

expected_hash	uTniXTiKMc0wqM6eDXzDxA
unhashed_value	eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6Im9wZW5pZCIsImF1dGhfdGltZSI6MTcxNDA4MDI2NywiZXhwIjoxNzE0MDgzODY3LCJpYXQiOjE3MTQwODAyNjcsImp0aSI6IjFhMGUyYjZhLTRmYWEtNDAxYi05Zjc2LWM4OTQ0MjMyNmZhZiIsInVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSJ9.izPMZdQqWYrK_KSyaxLmkQQVMyPMhqxeRxhHuDbYt-nT3Eg6lLTvgtbouY6ZIqRUeeyxQbwZp4zCTfWOb2ilE_CmXYJR-aO1sIZ_84jUOIgKwJI-cS3vceOTjoCMxRN98pvc2aavP4zXLVdL_T3UzgwsfMM4F1oqfeFQFdkLQGZpYQbk2Y_7sEmgSgG3s8rVkOwGwK2AR0-jP10LMwO5H78APFYri1MElotet2TFLnP0MWuM4Ka6XwUzHzzmLcuMsP93xoTcxgaWC4xK99qoOwRFBHaMO_fJSwmCYnwoa8Vpbcsw71WZPXhuApgJp0po7Zm7f9PsWYYINoqRS2fEfQ
id_token_hash	uTniXTiKMc0wqM6eDXzDxA

2024-04-25 21:24:27	INFO OIDCC-3.3.3.6 OIDCC-3.3.2.11	ExtractCHash Couldn't find c_hash in ID token

2024-04-25 21:24:27

(2) More

INFO

OIDCC-3.3.2.11

ValidateCHash

Skipped evaluation due to missing required object: c_hash

expected	c_hash
mapped

Userinfo endpoint tests

2024-04-25 21:24:27

(4) More

CallProtectedResource

HTTP request

request_uri	https://gh0stid.authn.cc/oauth2/userInfo
request_method	GET
request_headers	{ "Accept": "application/json", "Authorization": "Bearer eyJraWQiOiJtMjZzUm9Ga0pzckNuVmdkUk8wc1QzYWozc3dwRHF0alZaVm5oeXRZNVNRPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI3NzQ2NThlOS1lMWE4LTRkZDctOWYzZi02OTYwMmEzNDk4YTMiLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtZWFzdC0xLmFtYXpvbmF3cy5jb21cL3VzLWVhc3QtMV92eTFJNUY0YzQiLCJ2ZXJzaW9uIjoyLCJjbGllbnRfaWQiOiIzZnNpNDV2c29xZjVqcjY1dHNkaHIwdmpjMSIsIm9yaWdpbl9qdGkiOiI1YzAzZWM2NS1mMjBiLTQyMDgtOWNlNC01MWY5MzFiN2QwYmEiLCJ0b2tlbl91c2UiOiJhY2Nlc3MiLCJzY29wZSI6Im9wZW5pZCIsImF1dGhfdGltZSI6MTcxNDA4MDI2NywiZXhwIjoxNzE0MDgzODY3LCJpYXQiOjE3MTQwODAyNjcsImp0aSI6IjFhMGUyYjZhLTRmYWEtNDAxYi05Zjc2LWM4OTQ0MjMyNmZhZiIsInVzZXJuYW1lIjoib2lkYy5yMXp5akBwYXNzZndkLmNvbSJ9.izPMZdQqWYrK_KSyaxLmkQQVMyPMhqxeRxhHuDbYt-nT3Eg6lLTvgtbouY6ZIqRUeeyxQbwZp4zCTfWOb2ilE_CmXYJR-aO1sIZ_84jUOIgKwJI-cS3vceOTjoCMxRN98pvc2aavP4zXLVdL_T3UzgwsfMM4F1oqfeFQFdkLQGZpYQbk2Y_7sEmgSgG3s8rVkOwGwK2AR0-jP10LMwO5H78APFYri1MElotet2TFLnP0MWuM4Ka6XwUzHzzmLcuMsP93xoTcxgaWC4xK99qoOwRFBHaMO_fJSwmCYnwoa8Vpbcsw71WZPXhuApgJp0po7Zm7f9PsWYYINoqRS2fEfQ", "Content-Length": "0" }
request_body

2024-04-25 21:24:27

(4) More

RESPONSE

CallProtectedResource

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "content-type": "application/json;charset\u003dUTF-8", "content-length": "139", "connection": "keep-alive", "date": "Thu, 25 Apr 2024 21:24:27 GMT", "content-security-policy-report-only": "script-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; style-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; img-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; report-uri https://gh0stid.authn.cc/cspreport", "set-cookie": "XSRF-TOKEN\u003d59e024bd-340e-4c86-9758-cdc5bf1c94c6; Path\u003d/; Secure; HttpOnly; SameSite\u003dLax", "x-amz-cognito-request-id": "e2e22a58-c4a2-4d35-9932-e24becc50c84", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode\u003dblock", "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate", "pragma": "no-cache", "expires": "0", "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains", "x-frame-options": "DENY", "server": "Server", "x-cache": "Miss from cloudfront", "via": "1.1 9f38fc245d638f10232100c770bc84fe.cloudfront.net (CloudFront)", "x-amz-cf-pop": "MIA3-P2", "x-amz-cf-id": "X4zlXuvPnJpXBq9bCVATuM6t_TBh-TRvJ1KtyAEliuRu_VS3FMHv9w\u003d\u003d" }
response_body	{"sub":"774658e9-e1a8-4dd7-9f3f-69602a3498a3","email_verified":"true","email":"[email protected]","username":"[email protected]"}

2024-04-25 21:24:27

(4) More

SUCCESS

CallProtectedResource

Got a response from the resource endpoint

status	200
endpoint_name	resource
headers	{ "content-type": "application/json;charset\u003dUTF-8", "content-length": "139", "connection": "keep-alive", "date": "Thu, 25 Apr 2024 21:24:27 GMT", "content-security-policy-report-only": "script-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; style-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; img-src https://d3oia8etllorh5.cloudfront.net https://gh0stid.authn.cc; report-uri https://gh0stid.authn.cc/cspreport", "set-cookie": "XSRF-TOKEN\u003d59e024bd-340e-4c86-9758-cdc5bf1c94c6; Path\u003d/; Secure; HttpOnly; SameSite\u003dLax", "x-amz-cognito-request-id": "e2e22a58-c4a2-4d35-9932-e24becc50c84", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode\u003dblock", "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate", "pragma": "no-cache", "expires": "0", "strict-transport-security": "max-age\u003d31536000 ; includeSubDomains", "x-frame-options": "DENY", "server": "Server", "x-cache": "Miss from cloudfront", "via": "1.1 9f38fc245d638f10232100c770bc84fe.cloudfront.net (CloudFront)", "x-amz-cf-pop": "MIA3-P2", "x-amz-cf-id": "X4zlXuvPnJpXBq9bCVATuM6t_TBh-TRvJ1KtyAEliuRu_VS3FMHv9w\u003d\u003d" }
body	{"sub":"774658e9-e1a8-4dd7-9f3f-69602a3498a3","email_verified":"true","email":"[email protected]","username":"[email protected]"}

2024-04-25 21:24:27

(2) More

SUCCESS

EnsureHttpStatusCodeIs200

resource endpoint returned the expected http status

expected_status	200
http_status	200

2024-04-25 21:24:27	WARNING	EnsureIdTokenDoesNotContainNonRequestedClaims id_token contains non-requested claim 'cognito:username'

2024-04-25 21:24:27	WARNING	EnsureIdTokenDoesNotContainNonRequestedClaims id_token contains non-requested claim 'origin_jti'

2024-04-25 21:24:27	WARNING	EnsureIdTokenDoesNotContainNonRequestedClaims id_token contains non-requested claim 'token_use'

2024-04-25 21:24:27

(2) More

WARNING

EnsureIdTokenDoesNotContainNonRequestedClaims

id_token contains non-requested claims. This may indicate the authorization server is returning data about the user that it should not, or that a specification has been wrongly implemented, or that it implements an extension the conformance suite is currently aware of.

supplied

{
  "at_hash": "uTniXTiKMc0wqM6eDXzDxA",
  "sub": "774658e9-e1a8-4dd7-9f3f-69602a3498a3",
  "email_verified": true,
  "iss": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_vy1I5F4c4",
  "cognito:username": "[email protected]",
  "nonce": "bihup8RMUb",
  "origin_jti": "5c03ec65-f20b-4208-9ce4-51f931b7d0ba",
  "aud": "3fsi45vsoqf5jr65tsdhr0vjc1",
  "token_use": "id",
  "auth_time": 1714080267,
  "exp": 1714083867,
  "iat": 1714080267,
  "jti": "e5a92276-d555-4ea7-94ab-7f5315c0f540",
  "email": "[email protected]"
}

requested_scope

openid

2024-04-25 21:24:27

(1) More

FINISHED

oidcc-server

Test has run to completion

testmodule_result

WARNING

Unregister dynamically registered client

2024-04-25 21:24:27		UnregisterDynamicallyRegisteredClient Couldn't find registration_access_token.

2024-04-25 21:24:33

(2) More

TEST-RUNNER

Alias has now been claimed by another test

alias	ad04252024test
new_test_id	5LeX1404b5ik1J9

Test Summary

Test Results