Test detail

Test Name	oidcc-client-test-kid-absent-single-jwks
Variant	client_auth_type=client_secret_basic, request_type=plain_http_request, response_type=code, response_mode=default, client_registration=static_client
Test ID	Kw3VyUtYlwmPcdc https://www.certification.openid.net/log-detail.html?public=true&log=Kw3VyUtYlwmPcdc
Created	2025-04-28T07:50:05.082407682Z
Description	Conformance testing of Arcon Converged Identity as a Relaying Party using the OpenID Connect Core: Basic Certification Profile
Test Version	5.1.31
Test Owner	115858928797071758548 https://accounts.google.com
Plan ID	BFj2iiVzbPPzd https://www.certification.openid.net/plan-detail.html?public=true&plan=BFj2iiVzbPPzd
Exported From	https://www.certification.openid.net
Exported By	115858928797071758548 https://accounts.google.com
Suite Version	5.1.31
Exported	2025-04-28 09:37:47 (UTC)

2025-04-28 07:50:05

(8) More

INFO

TEST-RUNNER

Test instance Kw3VyUtYlwmPcdc created

baseUrl	https://www.certification.openid.net/test/a/ArconCI
variant	{ "client_auth_type": "client_secret_basic", "response_type": "code", "request_type": "plain_http_request", "response_mode": "default", "client_registration": "static_client" }
alias	ArconCI
description	Conformance testing of Arcon Converged Identity as a Relaying Party using the OpenID Connect Core: Basic Certification Profile
planId	BFj2iiVzbPPzd
config	{ "alias": "ArconCI", "description": "Conformance testing of Arcon Converged Identity as a Relaying Party using the OpenID Connect Core: Basic Certification Profile", "client": { "client_id": "0oaka2gpoymlyinwZ5d7", "client_secret": "_SDHPKKxtbQ55rPvFJV3DIHNI9VKAfbCJptzJhzV5EibdtvYJlXNP6vSlPC-ZDKJ", "redirect_uri": "https://oidc.arconnet.com/api/Oidc/callback", "initiate_login_uri": "https://oidc.arconnet.com/api/Oidc/initiate-login" }, "publish": "everything" }
baseMtlsUrl	https://mtls-www.certification.openid.net/test-mtls/a/ArconCI
testName	oidcc-client-test-kid-absent-single-jwks

2025-04-28 07:50:05

(1) More

SUCCESS

OIDCCGenerateServerConfiguration

Generated default server configuration

server_configuration

{
  "issuer": "https://www.certification.openid.net/test/a/ArconCI/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/ArconCI/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/ArconCI/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/ArconCI/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/ArconCI/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/ArconCI/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at",
    "txn"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}

2025-04-28 07:50:05

(1) More

SetTokenEndpointAuthMethodsSupportedToClientSecretBasicOnly

Changed token_endpoint_auth_methods_supported to client_secret_basic only in server configuration

server_configuration

{
  "issuer": "https://www.certification.openid.net/test/a/ArconCI/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/ArconCI/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/ArconCI/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/ArconCI/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/ArconCI/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/ArconCI/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at",
    "txn"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}

2025-04-28 07:50:05

(3) More

OIDCC-10.1

OIDCCGenerateServerJWKsSingleSigningKeyWithNoKeyId

Generated server public private JWK sets

server_jwks

{
  "keys": [
    {
      "p": "yAr_Hb_3u-5CezdQ5f7e26F8PTaMEqSSyVwQB-6ufzzyE6dzQJprwC2h9UY3SabBtmuEfHcWpsJk745_IFTgt93pU4JRK6TDF1OunJo4hRzFVWlUpCpGwduCWhI3x25SYj08Gv7qlRpNJhsnwSv-N9zaLkUxgZZ09S6BxVzjjPs",
      "kty": "RSA",
      "q": "6YEZRohnuwO0m8FQD2fcr_GinSDHuRcjYqXAk4ofXo6WG6XFt0XpZXxSlZz4KMDDUG0JxS7zPmgZoV2OtK2IjSd_0WKsamX7CgKKzhfuqr8dT8nkVHnrwUdtII52y9imytzmM6uip5N2QuyLIFRzGikIU8HLOQ2zWDvbh7bWwWk",
      "d": "AusYRlw1mXLreUETrMqSxGcHWoTzYnJWJIAu1BX_-9MyWjHKaqyEIg_q3jrsXF66LjdJQYjW1i6XJ9J6nS4Osl8qX8hNygV2kPIIQ80c409u01W08Ckqq_MCRg6J_IySwnkT4RVCEIVX2rQpZM1GLjbyZCm1qKN5B8K6CAm31zog7RM6-q6Sn7jCXCRMu8OyW9IAE6Lxa2KdCASqRzsKQE-Cx-XPvoTE229oGEZhKfybMTJq_SQ-MRzlMjBU7psfIIkeybdCWIHtxl3KgAme4NQWQheNWb-OLBNpet7jQWwe9X4amfGaW29p5yiNFgiiUdlRlSsC67qmBcK57yhb0Q",
      "e": "AQAB",
      "use": "sig",
      "qi": "Soibp5p4uvOZ0rCbCuOhQoiGT4MbCaCngP3N_RnQprdhT7QjgoWj1haSRwnh83tHns5y7zlA6OQru4ICxH0ESBDGoeaoifHxZejqZJtXSq3DIf2LSOduSbbUQvwERV6p3BUJ5q1khtTT0COmTD2HrroysMm_RqJI2Eu3pewdrwY",
      "dp": "ixDZ-dySZFtmbDIwUzOzyguhSwy4o901DjaqDlmnhVzhDTjDro2ripYumUyO8uyyjhaAq-Y-IP_TG5Z8WgWnkyr6IcvekfCgj37lTIkJ8b_mj1ICPX4GYo4vOF6h2Eqhixn2xu2gNrdqGquWH3xt5nfqVXBU0jm-ZRRHsuS4bDE",
      "dq": "qBl0ZL6WTp_gSbDlPfH7gf5mns-WeL0bkEzbUlvBMYVcsxKoP8RovdK-cU7LqCr9cMzOl9Gw82Bl8zEzJwc2oseo0MhEb2RzUUV7P9siynFDXMlvQxFyk3YkLafiBeY2TRyx7MjHE_So0o0Pq3qgUljv0bxV3QDr970_0XfjKuE",
      "n": "tnbjfNI4xdqdOk9CWVm4JGOV5QOK0ZPN5LnXIg1mlPly-wD6yg7ZzCNlZAikuvQq0uIGvul5oX2Enna0KDenZrBRzcHDgsXF4DN8XoLIE8_fEfVrFg4TUoUcJrBX5ROEFwPx378exIIFYm2JJk_CuGxj0YYJqKWzhBFvmokH_1C231FPZ3nReq4V31dd2VTzWfYKqI_8wbpHas7GVTl-Si3wu4OdWSfP_VmvTB-6ZQVv0OOvGg4H4mtleFIyVpXZbZwrTVYcBHW2VtnXlG-BvHgV1T79Wufn0KBvm9acVy8x5GtOPP3y1V65bFV_tYSzZIIYJq_FIObWYYLJ8nAN8w"
    },
    {
      "kty": "EC",
      "d": "Tt1RE4cEqE2fTOpNIl5abOw8qVWnxPAPiOYSg4OUcr8",
      "use": "sig",
      "crv": "P-256",
      "x": "JEjMudlQhPZwrtd8FN5YdV8bOQiWuILCZcePHGzGbcM",
      "y": "-rFKKU8b-9z7VLKp7UundDYeldl-Bh8G-aDZmvkKsJc"
    },
    {
      "kty": "EC",
      "d": "w5N33aoYsftvAtGPXy0Hn13C5QodTY7GEg8So3Kj7WA",
      "use": "sig",
      "crv": "secp256k1",
      "x": "nTNVorhXRYUkjE-tLS5c1Aj52vCDlP6O_5CV-lNt1Mo",
      "y": "6bTAe5u0sdECvy0FVM82EEyK_praqscJs3K2IogvGUI"
    },
    {
      "kty": "OKP",
      "d": "6UPhJL4oOeo7o8-ifagl67575niuMG5QMTDro1w4Dlw",
      "use": "sig",
      "crv": "Ed25519",
      "x": "CgaK2WmQD9NAsdZENDQbmETPTcEZxh7BpqJDFWt0ARM"
    }
  ]
}

server_encryption_keys

{
  "keys": [
    {
      "p": "3H1eGi3-9HVfwHjue-9xh6MPSKhAaaKaZ0ZBt6SWDim0fDVfzsCA15TC_TrRWQQkf3treVG81BXpgC9XzAXGcuyDziL04VEEKM5kxRZCIxm6KzGlJ4sVIkNbTRB4Uwn-US-MwOQfVsfCWLSw99xiL7xJSeA2JHSjO8EoGrV2igk",
      "kty": "RSA",
      "q": "9KAvJndG-Q0i_ozE0Wt-4Q8yIk_WVg1hKe-Kum9XkCaGbXcnbWbgH_uiaS-mBvDs37z9jpgUh9m8Bi7O08owFOAdGTobFdA7b5MFIOmDxh48fftniYn1ZGgEmf1NiWIaDHAqRNwMuv7JOjj_Bc8mUzL1F6GVl5KE1tb-epMIqgs",
      "d": "SGEyBCUtOznFaTD7ItFTkeviNZHUZSAJ59_WF33OCe0dqAEg1t4IY0p4L1vCU40-wvIxBB3HUGk-eZaTud31MopyfFIb4gHJcv89XYQsbXkj_7QwU6nit1tEjig-BO-SUMTzoWiDGnzfFpqaReJxzbCcoq7En6gZuSXMDGwKEpIz2UQJv29yZN9U77Jp2uhV61-3uWnY_5IYtopw--WVOGMtMcNnHTqICchm3hZx1x2KvKajhUmd5XzgXcZeYwM7wvMGmk6jKD9S8pCjmDujzLpIgzFgEJlzaHAV1DM7FIkZRSAhlnJupRpzGMixujYdcvsofro_PeRsir91DsSjoQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "c5a33b71-a730-4e9a-92c5-c448dc166855",
      "qi": "uNfxa-PFu0KI6duoxKkKkRnKhbRdZgC7qrA_aMKLeg4qahk1T0Zg8x-JUYfQDkuPYvkGJiZV5DGYKqjMLsYoEqRg_Prflk8se-INNPQ7ImTNx-0rgYwrwsSy82VYj4JHrfWcUxBX0Xf3SWE_Fs_NCTZgU8-5lsQyWj3fQdh8jI0",
      "dp": "pSEXKtAr03VcQs_O--61vfl25tlrdDGdJZ9OdHTFFNJTI3rtx_AQDmSRLAmy49Hga8FJGlEG9Gd8us26GUhx-Xv8spMnht-gF9eLTLeAzLzl2peRsu3M5B5B8JNXKgmf97l-1q-CcQGmIb0hlF_vAQUodjV_FwprfcMJgAdLQdE",
      "alg": "RSA-OAEP",
      "dq": "RXm9Cmqz4IXnm231dBjYlyjOr0oHcLcqElPzDZITx1_5q9s8emjOXKcF8GPU_oGsdLrjNH1iz1Z6fTMMEMCKuVMRUJndGWvjhYO24CsR_tGVkp41QK3K4PJd5DI5tDwFc-TjTF1GzFESa5PGcirsEpMVYtnEd6DoU3AKJFvgCRM",
      "n": "0rF0p-nR7jRy7FsbFS1xFZ7w8GCJb-pW02DgxLZEW4wa5KDWOVdLuJ_dugv7K8W3o5b60YaN7meNO8yS6h6CIcoo90v7OcJo-7Wvab4Gy7Caj2jQw7E0kcuDB4lWXM2S4_87OQOqzKB7NPvkzouslgefQAKhT0MUgRMjnZOBogrw4Q7vf48KGXE7rfq6Uwb6VDc4LXsWqqxz_qQepLqq6Wu2CfTtP5JUjqZnA0ILoI3ECQKVNHH-wSBfTjHcQIGDEjnnIOcXy-2act_WUUUDWkf_irhbsBv4AuaI4ofh7EpfMhJh_xM5uhhp6sBe2rhJjDY19Ldy5Kdt7-jn_wnoYw"
    },
    {
      "kty": "EC",
      "d": "na6wDVjwQyRn7mIgW3rLvkq_5ikuW2fF59R54x56_QQ",
      "use": "enc",
      "crv": "P-256",
      "kid": "9b8e9f0b-e699-4cf8-9265-32517ec7993a",
      "x": "vgLujXO4s6gvpiyw1GPHZz1WR-m8_Pu4Nm9Bo_cSS7E",
      "y": "Kdpq0Otf1pc-6zqY3bQ3DSh0r4Z8Hw8Ul-1I4_I-CjU",
      "alg": "ECDH-ES"
    }
  ]
}

server_public_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "n": "tnbjfNI4xdqdOk9CWVm4JGOV5QOK0ZPN5LnXIg1mlPly-wD6yg7ZzCNlZAikuvQq0uIGvul5oX2Enna0KDenZrBRzcHDgsXF4DN8XoLIE8_fEfVrFg4TUoUcJrBX5ROEFwPx378exIIFYm2JJk_CuGxj0YYJqKWzhBFvmokH_1C231FPZ3nReq4V31dd2VTzWfYKqI_8wbpHas7GVTl-Si3wu4OdWSfP_VmvTB-6ZQVv0OOvGg4H4mtleFIyVpXZbZwrTVYcBHW2VtnXlG-BvHgV1T79Wufn0KBvm9acVy8x5GtOPP3y1V65bFV_tYSzZIIYJq_FIObWYYLJ8nAN8w"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "x": "JEjMudlQhPZwrtd8FN5YdV8bOQiWuILCZcePHGzGbcM",
      "y": "-rFKKU8b-9z7VLKp7UundDYeldl-Bh8G-aDZmvkKsJc"
    },
    {
      "kty": "EC",
      "use": "sig",
      "crv": "secp256k1",
      "x": "nTNVorhXRYUkjE-tLS5c1Aj52vCDlP6O_5CV-lNt1Mo",
      "y": "6bTAe5u0sdECvy0FVM82EEyK_praqscJs3K2IogvGUI"
    },
    {
      "kty": "OKP",
      "use": "sig",
      "crv": "Ed25519",
      "x": "CgaK2WmQD9NAsdZENDQbmETPTcEZxh7BpqJDFWt0ARM"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "c5a33b71-a730-4e9a-92c5-c448dc166855",
      "alg": "RSA-OAEP",
      "n": "0rF0p-nR7jRy7FsbFS1xFZ7w8GCJb-pW02DgxLZEW4wa5KDWOVdLuJ_dugv7K8W3o5b60YaN7meNO8yS6h6CIcoo90v7OcJo-7Wvab4Gy7Caj2jQw7E0kcuDB4lWXM2S4_87OQOqzKB7NPvkzouslgefQAKhT0MUgRMjnZOBogrw4Q7vf48KGXE7rfq6Uwb6VDc4LXsWqqxz_qQepLqq6Wu2CfTtP5JUjqZnA0ILoI3ECQKVNHH-wSBfTjHcQIGDEjnnIOcXy-2act_WUUUDWkf_irhbsBv4AuaI4ofh7EpfMhJh_xM5uhhp6sBe2rhJjDY19Ldy5Kdt7-jn_wnoYw"
    },
    {
      "kty": "EC",
      "use": "enc",
      "crv": "P-256",
      "kid": "9b8e9f0b-e699-4cf8-9265-32517ec7993a",
      "x": "vgLujXO4s6gvpiyw1GPHZz1WR-m8_Pu4Nm9Bo_cSS7E",
      "y": "Kdpq0Otf1pc-6zqY3bQ3DSh0r4Z8Hw8Ul-1I4_I-CjU",
      "alg": "ECDH-ES"
    }
  ]
}

2025-04-28 07:50:05	SUCCESS RFC7517-1.1	ValidateServerJWKs Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url

2025-04-28 07:50:05

(1) More

SUCCESS

OIDCCLoadUserInfo

Added user information

user_info

{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "given_name": "Demo",
  "family_name": "User",
  "middle_name": "Theresa",
  "nickname": "Dee",
  "preferred_username": "d.tu",
  "gender": "female",
  "birthdate": "2000-02-03",
  "address": {
    "street_address": "100 Universal City Plaza",
    "locality": "Hollywood",
    "region": "CA",
    "postal_code": "91608",
    "country": "USA"
  },
  "zoneinfo": "America/Los_Angeles",
  "locale": "en-US",
  "phone_number": "+1 555 5550000",
  "phone_number_verified": false,
  "email": "user@example.com",
  "email_verified": false,
  "website": "https://openid.net/",
  "profile": "https://example.com/user",
  "updated_at": 1580000000,
  "txn": "2c6fb585-d51b-465a-9dca-b8cd22a11451"
}

2025-04-28 07:50:05

(4) More

SUCCESS

OIDCCGetStaticClientConfigurationForRPTests

Found a static client object

client_id	0oaka2gpoymlyinwZ5d7
client_secret	_SDHPKKxtbQ55rPvFJV3DIHNI9VKAfbCJptzJhzV5EibdtvYJlXNP6vSlPC-ZDKJ
initiate_login_uri	https://oidc.arconnet.com/api/Oidc/initiate-login
redirect_uris	[ "https://oidc.arconnet.com/api/Oidc/callback" ]

2025-04-28 07:50:05

(1) More

SUCCESS

OIDCR-2

EnsureClientDoesNotHaveBothJwksAndJwksUri

Client does not have both jwks and jwks_uri set

client

{
  "client_id": "0oaka2gpoymlyinwZ5d7",
  "client_secret": "_SDHPKKxtbQ55rPvFJV3DIHNI9VKAfbCJptzJhzV5EibdtvYJlXNP6vSlPC-ZDKJ",
  "initiate_login_uri": "https://oidc.arconnet.com/api/Oidc/initiate-login",
  "redirect_uris": [
    "https://oidc.arconnet.com/api/Oidc/callback"
  ]
}

2025-04-28 07:50:05

(3) More

INFO

OIDCC-10.1.1 OIDCC-10.2.1

FetchClientKeys

Skipped evaluation due to missing required element: client jwks_uri

path	jwks_uri
mapped
object	client

2025-04-28 07:50:05

(2) More

SUCCESS

OIDCR-2

ValidateClientGrantTypes

grant_types match response_types

grant_types	[ "authorization_code" ]
response_types	[ "code" ]

2025-04-28 07:50:05

(1) More

SUCCESS

OIDCR-2

OIDCCValidateClientRedirectUris

Valid redirect_uri(s) provided in registration request

redirect_uris

[
  "https://oidc.arconnet.com/api/Oidc/callback"
]

2025-04-28 07:50:05	SUCCESS OIDCR-2	ValidateClientLogoUris Client does not contain any logo_uri

2025-04-28 07:50:05	SUCCESS OIDCR-2	ValidateClientUris Client does not contain any client_uri

2025-04-28 07:50:05	SUCCESS OIDCR-2	ValidateClientPolicyUris Client does not contain any policy_uri

2025-04-28 07:50:05	SUCCESS OIDCR-2	ValidateClientTosUris Client does not contain any tos_uri

2025-04-28 07:50:05	SUCCESS OIDCR-2	ValidateClientSubjectType A subject_type was not provided

2025-04-28 07:50:05

(3) More

INFO

OIDCR-2

ValidateIdTokenSignedResponseAlg

Skipped evaluation due to missing required element: client id_token_signed_response_alg

path	id_token_signed_response_alg
mapped
object	client

2025-04-28 07:50:05	SUCCESS OIDCR-2	EnsureIdTokenEncryptedResponseAlgIsSetIfEncIsSet id_token_encrypted_response_enc is not set

2025-04-28 07:50:05

(3) More

INFO

OIDCR-2

ValidateUserinfoSignedResponseAlg

Skipped evaluation due to missing required element: client userinfo_signed_response_alg

path	userinfo_signed_response_alg
mapped
object	client

2025-04-28 07:50:05	SUCCESS OIDCR-2	EnsureUserinfoEncryptedResponseAlgIsSetIfEncIsSet userinfo_encrypted_response_enc is not set

2025-04-28 07:50:05

(3) More

INFO

OIDCR-2

ValidateRequestObjectSigningAlg

Skipped evaluation due to missing required element: client request_object_signing_alg

path	request_object_signing_alg
mapped
object	client

2025-04-28 07:50:05	SUCCESS OIDCR-2	EnsureRequestObjectEncryptionAlgIsSetIfEncIsSet request_object_encryption_enc is not set

2025-04-28 07:50:05

(3) More

INFO

OIDCR-2

ValidateTokenEndpointAuthSigningAlg

Skipped evaluation due to missing required element: client token_endpoint_auth_signing_alg

path	token_endpoint_auth_signing_alg
mapped
object	client

2025-04-28 07:50:05	SUCCESS OIDCR-2	ValidateDefaultMaxAge default_max_age is not set

2025-04-28 07:50:05

(3) More

INFO

OIDCR-2

ValidateRequireAuthTime

Skipped evaluation due to missing required element: client require_auth_time

path	require_auth_time
mapped
object	client

2025-04-28 07:50:05

(3) More

INFO

OIDCR-2

ValidateDefaultAcrValues

Skipped evaluation due to missing required element: client default_acr_values

path	default_acr_values
mapped
object	client

2025-04-28 07:50:05

(1) More

SUCCESS

OIDCR-2

ValidateInitiateLoginUri

initiate_login_uri is valid

initiate_login_uri

https://oidc.arconnet.com/api/Oidc/initiate-login

2025-04-28 07:50:05

(3) More

INFO

OIDCR-2

ValidateRequestUris

Skipped evaluation due to missing required element: client request_uris

path	request_uris
mapped
object	client

2025-04-28 07:50:05		SetServerSigningAlgToRS256 Successfully set signing algorithm to RS256

2025-04-28 07:50:05

(1) More

SetClientIdTokenSignedResponseAlgToServerSigningAlg

Set id_token_signed_response_alg for the registered client

id_token_signed_response_alg

RS256

2025-04-28 07:50:05		oidcc-client-test-kid-absent-single-jwks Setup Done

2025-04-28 07:50:12

(12) More

INCOMING

oidcc-client-test-kid-absent-single-jwks

Incoming HTTP request to /test/a/ArconCI/authorize

incoming_headers	{ "host": "www.certification.openid.net", "upgrade-insecure-requests": "1", "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36", "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,/;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.7", "sec-fetch-site": "none", "sec-fetch-mode": "navigate", "sec-fetch-user": "?1", "sec-fetch-dest": "document", "sec-ch-ua": "\"Google Chrome\";v\u003d\"135\", \"Not-A.Brand\";v\u003d\"8\", \"Chromium\";v\u003d\"135\"", "sec-ch-ua-mobile": "?0", "sec-ch-ua-platform": "\"Windows\"", "accept-encoding": "gzip, deflate, br, zstd", "accept-language": "en-US,en;q\u003d0.9", "cookie": "_gid\u003dGA1.2.1265047192.1745825002; _ga\u003dGA1.2.1650576532.1738752960; JSESSIONID\u003dAD623538DCDCDE27055B97879A488FDA; _ga_NF8HNLNJJE\u003dGS1.1.1745825002.5.1.1745825607.0.0.0", "connection": "close" }
incoming_path	/test/a/ArconCI/authorize
incoming_body_form_params
incoming_method	GET
incoming_tls_version	TLSv1.2
incoming_tls_cert
incoming_query_string_params	{ "response_type": "code", "client_id": "0oaka2gpoymlyinwZ5d7", "redirect_uri": "https://oidc.arconnet.com/api/Oidc/callback", "scope": "openid email", "state": "65b62da4-b550-4c68-952c-cb0368e4eb72", "nonce": "d804463d-66b3-434c-8282-28921958c9c7" }
incoming_body
incoming_tls_chain	[ "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL" ]
incoming_body_json_parse_error
incoming_tls_cipher	ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json

Authorization endpoint

2025-04-28 07:50:12	SUCCESS OIDCC-6.1	EnsureRequestDoesNotContainRequestObject Request does not contain a request parameter

2025-04-28 07:50:12

(2) More

SUCCESS

OIDCC-6.2 OIDCC-6.1

EnsureAuthorizationHttpRequestContainsOpenIDScope

Found 'openid' in scope http request parameter

actual	[ "openid", "email" ]
expected	openid

2025-04-28 07:50:12

(1) More

SUCCESS

OIDCC-6.2 OIDCC-6.1

CreateEffectiveAuthorizationRequestParameters

Merged http request parameters with request object claims

effective_authorization_endpoint_request

{
  "response_type": "code",
  "client_id": "0oaka2gpoymlyinwZ5d7",
  "redirect_uri": "https://oidc.arconnet.com/api/Oidc/callback",
  "scope": "openid email",
  "state": "65b62da4-b550-4c68-952c-cb0368e4eb72",
  "nonce": "d804463d-66b3-434c-8282-28921958c9c7"
}

2025-04-28 07:50:12

(1) More

SUCCESS

ExtractRequestedScopes

Requested scopes

scope

openid email

2025-04-28 07:50:12

(1) More

SUCCESS

OIDCC-3.1.2.1

ExtractNonceFromAuthorizationRequest

Extracted nonce

nonce

d804463d-66b3-434c-8282-28921958c9c7

2025-04-28 07:50:12

(3) More

INFO

RFC7636-4.3

EnsureAuthorizationRequestContainsPkceCodeChallenge

Skipped evaluation due to missing required element: effective_authorization_endpoint_request code_challenge

path	code_challenge
mapped
object	effective_authorization_endpoint_request

2025-04-28 07:50:12

(1) More

SUCCESS

EnsureResponseTypeIsCode

Response type is expected value

expected

code

2025-04-28 07:50:12

(1) More

SUCCESS

OIDCC-3.1.2.1

EnsureMatchingClientId

Client ID matched

client_id

0oaka2gpoymlyinwZ5d7

2025-04-28 07:50:12

(2) More

SUCCESS

OIDCC-3.1.2.1

EnsureValidRedirectUriForAuthorizationEndpointRequest

redirect_uri is one of the allowed redirect uris

actual	https://oidc.arconnet.com/api/Oidc/callback
expected	[ "https://oidc.arconnet.com/api/Oidc/callback" ]

2025-04-28 07:50:12

(2) More

SUCCESS

OIDCC-3.1.2.1

EnsureOpenIDInScopeRequest

Found 'openid' scope in request

actual	[ "openid", "email" ]
expected	openid

2025-04-28 07:50:12	SUCCESS OIDCC-3.1.2.3	DisallowMaxAgeEqualsZeroAndPromptNone The client did not send max_age=0 and prompt=none parameters as expected

2025-04-28 07:50:12

(3) More

INFO

RFC6749-4.1.1 OIDCC-3.1.2.1 RFC7636-4.3 OAuth2-RT-2.1 RFC7519-4.1 DPOP-10 RFC8485-4.1 RFC8707-2.1 RFC9396-2

CheckForUnexpectedClaimsInRequestObject

Skipped evaluation due to missing required element: authorization_request_object claims

path	claims
mapped
object	authorization_request_object

2025-04-28 07:50:12

(3) More

INFO

OIDCC-5.5

CheckForUnexpectedClaimsInClaimsParameter

Skipped evaluation due to missing required element: authorization_request_object claims.claims

path	claims.claims
mapped
object	authorization_request_object

2025-04-28 07:50:12

(3) More

INFO

OIDCC-5.1 OIDCC-5.5.1.1 BrazilOB-5.2.2.3 BrazilOB-5.2.2.4 OBSP-3.4

CheckForUnexpectedOpenIdClaims

Skipped evaluation due to missing required element: authorization_request_object claims.claims

path	claims.claims
mapped
object	authorization_request_object

2025-04-28 07:50:12

(3) More

INFO

OIDCC-5.5

CheckRequestObjectClaimsParameterValues

Skipped evaluation due to missing required element: authorization_request_object claims.claims

path	claims.claims
mapped
object	authorization_request_object

2025-04-28 07:50:12

(3) More

INFO

OIDCC-5.5.1

CheckRequestObjectClaimsParameterMemberValues

Skipped evaluation due to missing required element: authorization_request_object claims.claims

path	claims.claims
mapped
object	authorization_request_object

2025-04-28 07:50:12

(1) More

SUCCESS

CreateAuthorizationCode

Created authorization code

authorization_code

ZVvO8SnlvqE9hhczhWfVVeXLyBo15Zt2

2025-04-28 07:50:12

(1) More

SUCCESS

OIDCC-3.3.2.11

CalculateCHash

Successful c_hash encoding

c_hash

JfLNfb7-W94XskdGrdYw-w

2025-04-28 07:50:12

(1) More

SUCCESS

CreateAuthorizationEndpointResponseParams

Added authorization_endpoint_response_params to environment

params

{
  "redirect_uri": "https://oidc.arconnet.com/api/Oidc/callback",
  "state": "65b62da4-b550-4c68-952c-cb0368e4eb72"
}

2025-04-28 07:50:12

(1) More

SUCCESS

OIDCC-3.3.2.5

AddCodeToAuthorizationEndpointResponseParams

Added code to authorization endpoint response params

authorization_endpoint_response_params

{
  "redirect_uri": "https://oidc.arconnet.com/api/Oidc/callback",
  "state": "65b62da4-b550-4c68-952c-cb0368e4eb72",
  "code": "ZVvO8SnlvqE9hhczhWfVVeXLyBo15Zt2"
}

2025-04-28 07:50:12

(1) More

OIDCC-3.3.2.5

SendAuthorizationResponseWithResponseModeQuery

Redirecting back to client

uri	https://oidc.arconnet.com/api/Oidc/callback?state=65b62da4-b550-4c68-952c-cb0368e4eb72&code=ZVvO8SnlvqE9hhczhWfVVeXLyBo15Zt2

2025-04-28 07:50:12

(2) More

OUTGOING

oidcc-client-test-kid-absent-single-jwks

Response to HTTP request to test instance Kw3VyUtYlwmPcdc

outgoing

org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://oidc.arconnet.com/api/Oidc/callback?state=65b62da4-b550-4c68-952c-cb0368e4eb72&code=ZVvO8SnlvqE9hhczhWfVVeXLyBo15Zt2]

outgoing_path

authorize

2025-04-28 07:50:13

(12) More

INCOMING

oidcc-client-test-kid-absent-single-jwks

Incoming HTTP request to /test/a/ArconCI/token

incoming_headers	{ "host": "www.certification.openid.net", "authorization": "Basic MG9ha2EyZ3BveW1seWlud1o1ZDc6X1NESFBLS3h0YlE1NXJQdkZKVjNESUhOSTlWS0FmYkNKcHR6Smh6VjVFaWJkdHZZSmxYTlA2dlNsUEMtWkRLSg\u003d\u003d", "traceparent": "00-d95e26ebf217817173d186bf8bca1091-89a2d6b30e25b1e2-00", "cookie": "JSESSIONID\u003dB0A6189B5F2ACF761BF49D54B23A0592", "content-type": "application/x-www-form-urlencoded", "content-length": "136", "connection": "close" }
incoming_path	/test/a/ArconCI/token
incoming_body_form_params	{ "grant_type": "authorization_code", "code": "ZVvO8SnlvqE9hhczhWfVVeXLyBo15Zt2", "redirect_uri": "https://oidc.arconnet.com/api/Oidc/callback" }
incoming_method	POST
incoming_tls_version	TLSv1.2
incoming_tls_cert
incoming_query_string_params	{}
incoming_body	grant_type=authorization_code&code=ZVvO8SnlvqE9hhczhWfVVeXLyBo15Zt2&redirect_uri=https%3A%2F%2Foidc.arconnet.com%2Fapi%2FOidc%2Fcallback
incoming_tls_chain	[ "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL" ]
incoming_body_json_parse_error
incoming_tls_cipher	ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json

Token endpoint

2025-04-28 07:50:13	RFC6749-3.2.1	CheckClientIdMatchesOnTokenRequestIfPresent client_id not present, nothing to check

2025-04-28 07:50:13

(3) More

SUCCESS

OIDCC-9

ExtractClientCredentialsFromBasicAuthorizationHeader

Extracted client authentication

client_id	0oaka2gpoymlyinwZ5d7
client_secret	_SDHPKKxtbQ55rPvFJV3DIHNI9VKAfbCJptzJhzV5EibdtvYJlXNP6vSlPC-ZDKJ
method	client_secret_basic

2025-04-28 07:50:13	SUCCESS RFC6749-2.3.1	ValidateClientIdAndSecret Client id and secret match

2025-04-28 07:50:13

(1) More

SUCCESS

OIDCC-3.1.3.2

ValidateAuthorizationCode

Found authorization code

authorization_code

ZVvO8SnlvqE9hhczhWfVVeXLyBo15Zt2

2025-04-28 07:50:13

(1) More

SUCCESS

OIDCC-3.1.3.2

ValidateRedirectUriForTokenEndpointRequest

redirect_uri is the same as the one used in the authorization request

actual

https://oidc.arconnet.com/api/Oidc/callback

2025-04-28 07:50:13

(1) More

SUCCESS

GenerateBearerAccessToken

Generated access token

access_token

a6Cg0L1T0xR27XXNgmt1FLcCJXVOxCvVoPU7ylNgPwanTn7SPK

2025-04-28 07:50:13

(1) More

SUCCESS

OIDCC-3.3.2.11

CalculateAtHash

Successful at_hash encoding

at_hash

sCgWqEOaHmIejav6aegpuQ

2025-04-28 07:50:13

(6) More

SUCCESS

GenerateIdTokenClaims

Created ID Token Claims

iss	https://www.certification.openid.net/test/a/ArconCI/
sub	user-subject-1234531
aud	0oaka2gpoymlyinwZ5d7
nonce	d804463d-66b3-434c-8282-28921958c9c7
iat	1745826613
exp	1745826913

2025-04-28 07:50:13

(2) More

SUCCESS

OIDCC-3.3.2.11

AddAtHashToIdTokenClaims

Added at_hash to ID token claims

at_hash

sCgWqEOaHmIejav6aegpuQ

id_token_claims

{
  "iss": "https://www.certification.openid.net/test/a/ArconCI/",
  "sub": "user-subject-1234531",
  "aud": "0oaka2gpoymlyinwZ5d7",
  "nonce": "d804463d-66b3-434c-8282-28921958c9c7",
  "iat": 1745826613,
  "exp": 1745826913,
  "at_hash": "sCgWqEOaHmIejav6aegpuQ"
}

2025-04-28 07:50:13

(3) More

INFO

OIDCC-3.1.2.1

AddAuthTimeToIdTokenClaims

Skipped evaluation due to missing required element: effective_authorization_endpoint_request max_age

path	max_age
mapped
object	effective_authorization_endpoint_request

2025-04-28 07:50:13

(3) More

SUCCESS

OIDCC-2

OIDCCSignIdToken

Signed the ID token

id_token

eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoic0NnV3FFT2FIbUllamF2NmFlZ3B1USIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiMG9ha2EyZ3BveW1seWlud1o1ZDciLCJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL0FyY29uQ0kvIiwiZXhwIjoxNzQ1ODI2OTEzLCJub25jZSI6ImQ4MDQ0NjNkLTY2YjMtNDM0Yy04MjgyLTI4OTIxOTU4YzljNyIsImlhdCI6MTc0NTgyNjYxM30.STW1wINgYSuqSLH-chq_q4rcdQy__tS_lt42BIqhgInWYxc36OPySMm2KNlja7SAwP4EqEJjJTuIW_DX2ETnpWnY-adOxJ0RgR5o09i9mec9BDU3q0rso69JMj95hALOhkxP5c3ZIsvewDesJ72gSTxvOedAkMl5yoNuYsQBY6VYQt0NzU1_ihWBrzeWFGE1Syux6rWjE3gS5-hSVQjD-gxO5iPNYpJp8A-LAGha_6wxejCrx_ZfoguthNk3YuyS1_MvYB1sDeE90EHBivYzzFfPe8mZiC3zodufZNOKe26nlIsHeaN8_TLOD-t-5kayIL26qSTuzZog8HGhxYVxhw

key

{"p":"yAr_Hb_3u-5CezdQ5f7e26F8PTaMEqSSyVwQB-6ufzzyE6dzQJprwC2h9UY3SabBtmuEfHcWpsJk745_IFTgt93pU4JRK6TDF1OunJo4hRzFVWlUpCpGwduCWhI3x25SYj08Gv7qlRpNJhsnwSv-N9zaLkUxgZZ09S6BxVzjjPs","kty":"RSA","q":"6YEZRohnuwO0m8FQD2fcr_GinSDHuRcjYqXAk4ofXo6WG6XFt0XpZXxSlZz4KMDDUG0JxS7zPmgZoV2OtK2IjSd_0WKsamX7CgKKzhfuqr8dT8nkVHnrwUdtII52y9imytzmM6uip5N2QuyLIFRzGikIU8HLOQ2zWDvbh7bWwWk","d":"AusYRlw1mXLreUETrMqSxGcHWoTzYnJWJIAu1BX_-9MyWjHKaqyEIg_q3jrsXF66LjdJQYjW1i6XJ9J6nS4Osl8qX8hNygV2kPIIQ80c409u01W08Ckqq_MCRg6J_IySwnkT4RVCEIVX2rQpZM1GLjbyZCm1qKN5B8K6CAm31zog7RM6-q6Sn7jCXCRMu8OyW9IAE6Lxa2KdCASqRzsKQE-Cx-XPvoTE229oGEZhKfybMTJq_SQ-MRzlMjBU7psfIIkeybdCWIHtxl3KgAme4NQWQheNWb-OLBNpet7jQWwe9X4amfGaW29p5yiNFgiiUdlRlSsC67qmBcK57yhb0Q","e":"AQAB","use":"sig","qi":"Soibp5p4uvOZ0rCbCuOhQoiGT4MbCaCngP3N_RnQprdhT7QjgoWj1haSRwnh83tHns5y7zlA6OQru4ICxH0ESBDGoeaoifHxZejqZJtXSq3DIf2LSOduSbbUQvwERV6p3BUJ5q1khtTT0COmTD2HrroysMm_RqJI2Eu3pewdrwY","dp":"ixDZ-dySZFtmbDIwUzOzyguhSwy4o901DjaqDlmnhVzhDTjDro2ripYumUyO8uyyjhaAq-Y-IP_TG5Z8WgWnkyr6IcvekfCgj37lTIkJ8b_mj1ICPX4GYo4vOF6h2Eqhixn2xu2gNrdqGquWH3xt5nfqVXBU0jm-ZRRHsuS4bDE","dq":"qBl0ZL6WTp_gSbDlPfH7gf5mns-WeL0bkEzbUlvBMYVcsxKoP8RovdK-cU7LqCr9cMzOl9Gw82Bl8zEzJwc2oseo0MhEb2RzUUV7P9siynFDXMlvQxFyk3YkLafiBeY2TRyx7MjHE_So0o0Pq3qgUljv0bxV3QDr970_0XfjKuE","n":"tnbjfNI4xdqdOk9CWVm4JGOV5QOK0ZPN5LnXIg1mlPly-wD6yg7ZzCNlZAikuvQq0uIGvul5oX2Enna0KDenZrBRzcHDgsXF4DN8XoLIE8_fEfVrFg4TUoUcJrBX5ROEFwPx378exIIFYm2JJk_CuGxj0YYJqKWzhBFvmokH_1C231FPZ3nReq4V31dd2VTzWfYKqI_8wbpHas7GVTl-Si3wu4OdWSfP_VmvTB-6ZQVv0OOvGg4H4mtleFIyVpXZbZwrTVYcBHW2VtnXlG-BvHgV1T79Wufn0KBvm9acVy8x5GtOPP3y1V65bFV_tYSzZIIYJq_FIObWYYLJ8nAN8w"}

algorithm

RS256

2025-04-28 07:50:13

(3) More

INFO

OIDCC-10.2

EncryptIdToken

Skipped evaluation due to missing required element: client id_token_encrypted_response_alg

path	id_token_encrypted_response_alg
mapped
object	client

2025-04-28 07:50:13

(4) More

SUCCESS

OIDCC-3.1.3.3

CreateTokenEndpointResponse

Created token endpoint response

access_token	a6Cg0L1T0xR27XXNgmt1FLcCJXVOxCvVoPU7ylNgPwanTn7SPK
token_type	Bearer
id_token	eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoic0NnV3FFT2FIbUllamF2NmFlZ3B1USIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiMG9ha2EyZ3BveW1seWlud1o1ZDciLCJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL0FyY29uQ0kvIiwiZXhwIjoxNzQ1ODI2OTEzLCJub25jZSI6ImQ4MDQ0NjNkLTY2YjMtNDM0Yy04MjgyLTI4OTIxOTU4YzljNyIsImlhdCI6MTc0NTgyNjYxM30.STW1wINgYSuqSLH-chq_q4rcdQy__tS_lt42BIqhgInWYxc36OPySMm2KNlja7SAwP4EqEJjJTuIW_DX2ETnpWnY-adOxJ0RgR5o09i9mec9BDU3q0rso69JMj95hALOhkxP5c3ZIsvewDesJ72gSTxvOedAkMl5yoNuYsQBY6VYQt0NzU1_ihWBrzeWFGE1Syux6rWjE3gS5-hSVQjD-gxO5iPNYpJp8A-LAGha_6wxejCrx_ZfoguthNk3YuyS1_MvYB1sDeE90EHBivYzzFfPe8mZiC3zodufZNOKe26nlIsHeaN8_TLOD-t-5kayIL26qSTuzZog8HGhxYVxhw
scope	openid email

2025-04-28 07:50:13

(4) More

OUTGOING

oidcc-client-test-kid-absent-single-jwks

Response to HTTP request to test instance Kw3VyUtYlwmPcdc

outgoing_status_code	200
outgoing_headers	{}
outgoing_body	{ "access_token": "a6Cg0L1T0xR27XXNgmt1FLcCJXVOxCvVoPU7ylNgPwanTn7SPK", "token_type": "Bearer", "id_token": "eyJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoic0NnV3FFT2FIbUllamF2NmFlZ3B1USIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiMG9ha2EyZ3BveW1seWlud1o1ZDciLCJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL0FyY29uQ0kvIiwiZXhwIjoxNzQ1ODI2OTEzLCJub25jZSI6ImQ4MDQ0NjNkLTY2YjMtNDM0Yy04MjgyLTI4OTIxOTU4YzljNyIsImlhdCI6MTc0NTgyNjYxM30.STW1wINgYSuqSLH-chq_q4rcdQy__tS_lt42BIqhgInWYxc36OPySMm2KNlja7SAwP4EqEJjJTuIW_DX2ETnpWnY-adOxJ0RgR5o09i9mec9BDU3q0rso69JMj95hALOhkxP5c3ZIsvewDesJ72gSTxvOedAkMl5yoNuYsQBY6VYQt0NzU1_ihWBrzeWFGE1Syux6rWjE3gS5-hSVQjD-gxO5iPNYpJp8A-LAGha_6wxejCrx_ZfoguthNk3YuyS1_MvYB1sDeE90EHBivYzzFfPe8mZiC3zodufZNOKe26nlIsHeaN8_TLOD-t-5kayIL26qSTuzZog8HGhxYVxhw", "scope": "openid email" }
outgoing_path	token

2025-04-28 07:50:13

(12) More

INCOMING

oidcc-client-test-kid-absent-single-jwks

Incoming HTTP request to /test/a/ArconCI/jwks

incoming_headers	{ "host": "www.certification.openid.net", "traceparent": "00-d95e26ebf217817173d186bf8bca1091-18ae63afbb38c25f-00", "cookie": "JSESSIONID\u003dB0A6189B5F2ACF761BF49D54B23A0592", "connection": "close" }
incoming_path	/test/a/ArconCI/jwks
incoming_body_form_params
incoming_method	GET
incoming_tls_version	TLSv1.2
incoming_tls_cert
incoming_query_string_params	{}
incoming_body
incoming_tls_chain	[ "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL" ]
incoming_body_json_parse_error
incoming_tls_cipher	ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json

Jwks endpoint

2025-04-28 07:50:13

(4) More

OUTGOING

oidcc-client-test-kid-absent-single-jwks

Response to HTTP request to test instance Kw3VyUtYlwmPcdc

outgoing_status_code	200
outgoing_headers	{}
outgoing_body	{ "keys": [ { "kty": "RSA", "e": "AQAB", "use": "sig", "n": "tnbjfNI4xdqdOk9CWVm4JGOV5QOK0ZPN5LnXIg1mlPly-wD6yg7ZzCNlZAikuvQq0uIGvul5oX2Enna0KDenZrBRzcHDgsXF4DN8XoLIE8_fEfVrFg4TUoUcJrBX5ROEFwPx378exIIFYm2JJk_CuGxj0YYJqKWzhBFvmokH_1C231FPZ3nReq4V31dd2VTzWfYKqI_8wbpHas7GVTl-Si3wu4OdWSfP_VmvTB-6ZQVv0OOvGg4H4mtleFIyVpXZbZwrTVYcBHW2VtnXlG-BvHgV1T79Wufn0KBvm9acVy8x5GtOPP3y1V65bFV_tYSzZIIYJq_FIObWYYLJ8nAN8w" }, { "kty": "EC", "use": "sig", "crv": "P-256", "x": "JEjMudlQhPZwrtd8FN5YdV8bOQiWuILCZcePHGzGbcM", "y": "-rFKKU8b-9z7VLKp7UundDYeldl-Bh8G-aDZmvkKsJc" }, { "kty": "EC", "use": "sig", "crv": "secp256k1", "x": "nTNVorhXRYUkjE-tLS5c1Aj52vCDlP6O_5CV-lNt1Mo", "y": "6bTAe5u0sdECvy0FVM82EEyK_praqscJs3K2IogvGUI" }, { "kty": "OKP", "use": "sig", "crv": "Ed25519", "x": "CgaK2WmQD9NAsdZENDQbmETPTcEZxh7BpqJDFWt0ARM" }, { "kty": "RSA", "e": "AQAB", "use": "enc", "kid": "c5a33b71-a730-4e9a-92c5-c448dc166855", "alg": "RSA-OAEP", "n": "0rF0p-nR7jRy7FsbFS1xFZ7w8GCJb-pW02DgxLZEW4wa5KDWOVdLuJ_dugv7K8W3o5b60YaN7meNO8yS6h6CIcoo90v7OcJo-7Wvab4Gy7Caj2jQw7E0kcuDB4lWXM2S4_87OQOqzKB7NPvkzouslgefQAKhT0MUgRMjnZOBogrw4Q7vf48KGXE7rfq6Uwb6VDc4LXsWqqxz_qQepLqq6Wu2CfTtP5JUjqZnA0ILoI3ECQKVNHH-wSBfTjHcQIGDEjnnIOcXy-2act_WUUUDWkf_irhbsBv4AuaI4ofh7EpfMhJh_xM5uhhp6sBe2rhJjDY19Ldy5Kdt7-jn_wnoYw" }, { "kty": "EC", "use": "enc", "crv": "P-256", "kid": "9b8e9f0b-e699-4cf8-9265-32517ec7993a", "x": "vgLujXO4s6gvpiyw1GPHZz1WR-m8_Pu4Nm9Bo_cSS7E", "y": "Kdpq0Otf1pc-6zqY3bQ3DSh0r4Z8Hw8Ul-1I4_I-CjU", "alg": "ECDH-ES" } ] }
outgoing_path	jwks

2025-04-28 07:50:14

(12) More

INCOMING

oidcc-client-test-kid-absent-single-jwks

Incoming HTTP request to /test/a/ArconCI/userinfo

incoming_headers	{ "host": "www.certification.openid.net", "authorization": "Bearer a6Cg0L1T0xR27XXNgmt1FLcCJXVOxCvVoPU7ylNgPwanTn7SPK", "traceparent": "00-d95e26ebf217817173d186bf8bca1091-f504d5995072ebb1-00", "cookie": "JSESSIONID\u003dB0A6189B5F2ACF761BF49D54B23A0592", "connection": "close" }
incoming_path	/test/a/ArconCI/userinfo
incoming_body_form_params
incoming_method	GET
incoming_tls_version	TLSv1.2
incoming_tls_cert
incoming_query_string_params	{}
incoming_body
incoming_tls_chain	[ "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL", "CONFORMANCE_SUITE_JSON_NULL" ]
incoming_body_json_parse_error
incoming_tls_cipher	ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json

Userinfo endpoint

2025-04-28 07:50:14

(1) More

SUCCESS

RFC6750-2 OIDCC-5.3.1

OIDCCExtractBearerAccessTokenFromRequest

Found access token on incoming request

access_token

a6Cg0L1T0xR27XXNgmt1FLcCJXVOxCvVoPU7ylNgPwanTn7SPK

2025-04-28 07:50:14

(1) More

SUCCESS

OIDCC-5.3.1

RequireBearerAccessToken

Found access token in request

actual

a6Cg0L1T0xR27XXNgmt1FLcCJXVOxCvVoPU7ylNgPwanTn7SPK

2025-04-28 07:50:14

(3) More

SUCCESS

OIDCC-5.4

FilterUserInfoForScopes

User info endpoint output

sub	user-subject-1234531
email	user@example.com
email_verified	false

2025-04-28 07:50:14		ClearAccessTokenFromRequest Removed incoming access token from environment

2025-04-28 07:50:14

(3) More

INFO

OIDCC-5.3.2

AddIssAndAudToUserInfoResponse

Skipped evaluation due to missing required element: client userinfo_signed_response_alg

path	userinfo_signed_response_alg
mapped
object	client

2025-04-28 07:50:14

(3) More

INFO

OIDCC-5.3.2

SignUserInfoResponse

Skipped evaluation due to missing required element: client userinfo_signed_response_alg

path	userinfo_signed_response_alg
mapped
object	client

2025-04-28 07:50:14

(3) More

INFO

OIDCC-5.3.2

EncryptUserInfoResponse

Skipped evaluation due to missing required element: client userinfo_encrypted_response_alg

path	userinfo_encrypted_response_alg
mapped
object	client

2025-04-28 07:50:14

(4) More

OUTGOING

oidcc-client-test-kid-absent-single-jwks

Response to HTTP request to test instance Kw3VyUtYlwmPcdc

outgoing_status_code	200
outgoing_headers	{}
outgoing_body	{ "sub": "user-subject-1234531", "email": "user@example.com", "email_verified": false }
outgoing_path	userinfo

2025-04-28 07:50:14

(1) More

FINISHED

oidcc-client-test-kid-absent-single-jwks

Test has run to completion

testmodule_result

PASSED

2025-04-28 07:50:27

(2) More

TEST-RUNNER

Alias has now been claimed by another test

alias	ArconCI
new_test_id	HNVsEPu4GMplwk7

Test Summary

Test Results