Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-05-30 08:41:48 INFO
TEST-RUNNER
Test instance wPicMAxoLXzgp45 created
baseUrl
https://localhost.emobix.co.uk:8443/test/a/aas-test
variant
{
  "client_auth_type": "client_secret_basic",
  "response_type": "code",
  "server_metadata": "discovery",
  "response_mode": "default",
  "client_registration": "static_client"
}
alias
aas-test
description
GAIA-X AAS
planId
aLu4PYnnVNznM
config
{
  "alias": "aas-test",
  "description": "GAIA-X AAS",
  "publish": "everything",
  "server": {
    "discoveryUrl": "http://78.138.66.128:9009/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "aas-app-oidc",
    "client_secret": "secret"
  },
  "client2": {
    "client_id": "aas-app-siop",
    "client_secret": "secret2"
  }
}
testName
oidcc-unsigned-request-object-supported-correctly-or-rejected-as-unsupported
2022-05-30 08:41:48 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://localhost.emobix.co.uk:8443/test/a/aas-test/callback
2022-05-30 08:41:48
GetDynamicServerConfiguration
HTTP request
request_uri
http://78.138.66.128:9009/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-05-30 08:41:48 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text

                                
response_headers
{
  "x-content-type-options": "nosniff",
  "x-xss-protection": "1; mode\u003dblock",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "pragma": "no-cache",
  "expires": "0",
  "x-frame-options": "DENY",
  "content-type": "application/json",
  "transfer-encoding": "chunked",
  "date": "Mon, 30 May 2022 08:41:49 GMT",
  "keep-alive": "timeout\u003d60",
  "connection": "keep-alive"
}
response_body
{"issuer":"http://78.138.66.128:9009","authorization_endpoint":"http://78.138.66.128:9009/oauth2/authorize","token_endpoint":"http://78.138.66.128:9009/oauth2/token","jwks_uri":"http://78.138.66.128:9009/oauth2/jwks","userinfo_endpoint":"http://78.138.66.128:9009/userinfo","token_endpoint_auth_methods_supported":["client_secret_basic"],"response_types_supported":["code"],"grant_types_supported":["authorization_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","profile","email","protected"],"userinfo_signing_alg_values_supported":["RS256"],"display_values_supported":["page"],"claims_supported":["auth_time","birthdate","email","email_verified","family_name","gender","given_name","iss","middle_name","name","preferred_username","read_access","sub","updated_at","write_access"],"claims_locales_supported":["en"],"ui_locales_supported":["en","de","fr","ru","sk"]}
2022-05-30 08:41:48 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
http://78.138.66.128:9009
authorization_endpoint
http://78.138.66.128:9009/oauth2/authorize
token_endpoint
http://78.138.66.128:9009/oauth2/token
jwks_uri
http://78.138.66.128:9009/oauth2/jwks
userinfo_endpoint
http://78.138.66.128:9009/userinfo
token_endpoint_auth_methods_supported
[
  "client_secret_basic"
]
response_types_supported
[
  "code"
]
grant_types_supported
[
  "authorization_code"
]
subject_types_supported
[
  "public"
]
id_token_signing_alg_values_supported
[
  "RS256"
]
scopes_supported
[
  "openid",
  "profile",
  "email",
  "protected"
]
userinfo_signing_alg_values_supported
[
  "RS256"
]
display_values_supported
[
  "page"
]
claims_supported
[
  "auth_time",
  "birthdate",
  "email",
  "email_verified",
  "family_name",
  "gender",
  "given_name",
  "iss",
  "middle_name",
  "name",
  "preferred_username",
  "read_access",
  "sub",
  "updated_at",
  "write_access"
]
claims_locales_supported
[
  "en"
]
ui_locales_supported
[
  "en",
  "de",
  "fr",
  "ru",
  "sk"
]
2022-05-30 08:41:48 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-05-30 08:41:48 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
authorization_endpoint
{
  "testHost": "78.138.66.128",
  "testPort": 9009
}
token_endpoint
{
  "testHost": "78.138.66.128",
  "testPort": 9009
}
userinfo_endpoint
{
  "testHost": "78.138.66.128",
  "testPort": 9009
}
2022-05-30 08:41:48
FetchServerKeys
Fetching server key
jwks_uri
http://78.138.66.128:9009/oauth2/jwks
2022-05-30 08:41:48
FetchServerKeys
HTTP request
request_uri
http://78.138.66.128:9009/oauth2/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-05-30 08:41:48 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text

                                
response_headers
{
  "x-content-type-options": "nosniff",
  "x-xss-protection": "1; mode\u003dblock",
  "cache-control": "no-cache, no-store, max-age\u003d0, must-revalidate",
  "pragma": "no-cache",
  "expires": "0",
  "x-frame-options": "DENY",
  "content-type": "application/json;charset\u003dISO-8859-1",
  "content-length": "599",
  "date": "Mon, 30 May 2022 08:41:49 GMT",
  "keep-alive": "timeout\u003d60",
  "connection": "keep-alive"
}
response_body
{"keys":[{"kty":"RSA","e":"AQAB","kid":"96ec048e-c640-4cfd-bc82-6571810a9d0f","n":"3qjCXN3z7n50cLaSM23T6Cq98X0jdn7Xzwki-FPkJ760vPuSLZCRMl8K9HfKS5SZIJzgrrQy6JlQ3ZSXmDJEgp7MeBpPGaa87559fWh2hapXzRNV-1SzUtMjXPa_UrNvnP_o_XuaJEKP53DroA20V9DTcPOHz5-xjfvUDFuoD2iNgqGSKtJPhg2D0uAuIJCt3h794IA2vWtiaovdqUZrfWFz1Yvt2-jRmjfzO7I4aKk3yyovEa9frxdk56ePT0EQE4bXyzg3IZDdpiCE0_1_jiPHuXkpY0K9jiYPqH3jSj_fat1AtEw-j8t_oy1PmOF4Hm6iIljYNTMGphwFekDzbTNYq8jYrSM1RWwcsvR_wvq_CIX6RfniHLD4QrG1V1euNlK2NktuBaEF3CuaOoJsujsrjDQphsrp63gLp7wMZMJrISm6T5abQsvBiDPmUDfXlREeJ2g1DH1ajKDrzP4ieu9nIAGjxZkMoocx3ng7wkXAJW05j-l3ehNpyqnHRtCb"}]}
2022-05-30 08:41:48
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kty":"RSA","e":"AQAB","kid":"96ec048e-c640-4cfd-bc82-6571810a9d0f","n":"3qjCXN3z7n50cLaSM23T6Cq98X0jdn7Xzwki-FPkJ760vPuSLZCRMl8K9HfKS5SZIJzgrrQy6JlQ3ZSXmDJEgp7MeBpPGaa87559fWh2hapXzRNV-1SzUtMjXPa_UrNvnP_o_XuaJEKP53DroA20V9DTcPOHz5-xjfvUDFuoD2iNgqGSKtJPhg2D0uAuIJCt3h794IA2vWtiaovdqUZrfWFz1Yvt2-jRmjfzO7I4aKk3yyovEa9frxdk56ePT0EQE4bXyzg3IZDdpiCE0_1_jiPHuXkpY0K9jiYPqH3jSj_fat1AtEw-j8t_oy1PmOF4Hm6iIljYNTMGphwFekDzbTNYq8jYrSM1RWwcsvR_wvq_CIX6RfniHLD4QrG1V1euNlK2NktuBaEF3CuaOoJsujsrjDQphsrp63gLp7wMZMJrISm6T5abQsvBiDPmUDfXlREeJ2g1DH1ajKDrzP4ieu9nIAGjxZkMoocx3ng7wkXAJW05j-l3ehNpyqnHRtCb"}]}
2022-05-30 08:41:48 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "96ec048e-c640-4cfd-bc82-6571810a9d0f",
      "n": "3qjCXN3z7n50cLaSM23T6Cq98X0jdn7Xzwki-FPkJ760vPuSLZCRMl8K9HfKS5SZIJzgrrQy6JlQ3ZSXmDJEgp7MeBpPGaa87559fWh2hapXzRNV-1SzUtMjXPa_UrNvnP_o_XuaJEKP53DroA20V9DTcPOHz5-xjfvUDFuoD2iNgqGSKtJPhg2D0uAuIJCt3h794IA2vWtiaovdqUZrfWFz1Yvt2-jRmjfzO7I4aKk3yyovEa9frxdk56ePT0EQE4bXyzg3IZDdpiCE0_1_jiPHuXkpY0K9jiYPqH3jSj_fat1AtEw-j8t_oy1PmOF4Hm6iIljYNTMGphwFekDzbTNYq8jYrSM1RWwcsvR_wvq_CIX6RfniHLD4QrG1V1euNlK2NktuBaEF3CuaOoJsujsrjDQphsrp63gLp7wMZMJrISm6T5abQsvBiDPmUDfXlREeJ2g1DH1ajKDrzP4ieu9nIAGjxZkMoocx3ng7wkXAJW05j-l3ehNpyqnHRtCb"
    }
  ]
}
2022-05-30 08:41:48 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "96ec048e-c640-4cfd-bc82-6571810a9d0f",
      "n": "3qjCXN3z7n50cLaSM23T6Cq98X0jdn7Xzwki-FPkJ760vPuSLZCRMl8K9HfKS5SZIJzgrrQy6JlQ3ZSXmDJEgp7MeBpPGaa87559fWh2hapXzRNV-1SzUtMjXPa_UrNvnP_o_XuaJEKP53DroA20V9DTcPOHz5-xjfvUDFuoD2iNgqGSKtJPhg2D0uAuIJCt3h794IA2vWtiaovdqUZrfWFz1Yvt2-jRmjfzO7I4aKk3yyovEa9frxdk56ePT0EQE4bXyzg3IZDdpiCE0_1_jiPHuXkpY0K9jiYPqH3jSj_fat1AtEw-j8t_oy1PmOF4Hm6iIljYNTMGphwFekDzbTNYq8jYrSM1RWwcsvR_wvq_CIX6RfniHLD4QrG1V1euNlK2NktuBaEF3CuaOoJsujsrjDQphsrp63gLp7wMZMJrISm6T5abQsvBiDPmUDfXlREeJ2g1DH1ajKDrzP4ieu9nIAGjxZkMoocx3ng7wkXAJW05j-l3ehNpyqnHRtCb"
    }
  ]
}
2022-05-30 08:41:48 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-05-30 08:41:48 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-05-30 08:41:48 SUCCESS
CheckDistinctKeyIdValueInServerJWKs
Distinct 'kid' value in all keys of server_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-05-30 08:41:48 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-05-30 08:41:48 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
aas-app-oidc
client_secret
secret
2022-05-30 08:41:48 INFO
ValidateClientJWKsPrivatePart
Skipped evaluation due to missing required element: client jwks
path
jwks
mapped
object
client
2022-05-30 08:41:48 INFO
ExtractJWKsFromStaticClientConfiguration
Skipped evaluation due to missing required element: client jwks
path
jwks
mapped
object
client
2022-05-30 08:41:48 INFO
CheckDistinctKeyIdValueInClientJWKs
Skipped evaluation due to missing required element: client jwks
path
jwks
mapped
object
client
2022-05-30 08:41:48
SetScopeInClientConfigurationToOpenId
Set scope in client configuration to "openid"
scope
openid
2022-05-30 08:41:48 SUCCESS
EnsureServerConfigurationSupportsClientSecretBasic
Contents of 'token_endpoint_auth_methods_supported' in discovery document matches expectations.
actual
[
  "client_secret_basic"
]
expected
[
  "client_secret_basic"
]
minimum_matches_required
1
2022-05-30 08:41:48 SUCCESS
SetProtectedResourceUrlToUserInfoEndpoint
userinfo_endpoint will be used to test access token. The user info is not a mandatory to implement feature in the OpenID Connect specification, but is mandatory for certification.
protected_resource_url
http://78.138.66.128:9009/userinfo
2022-05-30 08:41:48
oidcc-unsigned-request-object-supported-correctly-or-rejected-as-unsupported
Setup Done
Make request to authorization endpoint
2022-05-30 08:41:48 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
aas-app-oidc
redirect_uri
https://localhost.emobix.co.uk:8443/test/a/aas-test/callback
scope
openid
2022-05-30 08:41:48
CreateRandomStateValue
Created state value
requested_state_length
10
state
yLFL2mhOit
2022-05-30 08:41:48 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
aas-app-oidc
redirect_uri
https://localhost.emobix.co.uk:8443/test/a/aas-test/callback
scope
openid
state
yLFL2mhOit
2022-05-30 08:41:48
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
AxKjtBtFVx
2022-05-30 08:41:48 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
aas-app-oidc
redirect_uri
https://localhost.emobix.co.uk:8443/test/a/aas-test/callback
scope
openid
state
yLFL2mhOit
nonce
AxKjtBtFVx
2022-05-30 08:41:48 SUCCESS
SetAuthorizationEndpointRequestResponseTypeFromEnvironment
Added response_type parameter to request
client_id
aas-app-oidc
redirect_uri
https://localhost.emobix.co.uk:8443/test/a/aas-test/callback
scope
openid
state
yLFL2mhOit
nonce
AxKjtBtFVx
response_type
code
2022-05-30 08:41:48 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "aas-app-oidc",
  "redirect_uri": "https://localhost.emobix.co.uk:8443/test/a/aas-test/callback",
  "scope": "openid",
  "state": "yLFL2mhOit",
  "nonce": "AxKjtBtFVx",
  "response_type": "code"
}
2022-05-30 08:41:48 SUCCESS
SerializeRequestObjectWithNullAlgorithm
Serialized the request object
request_object
eyJhbGciOiJub25lIn0.eyJzY29wZSI6Im9wZW5pZCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6XC9cL2xvY2FsaG9zdC5lbW9iaXguY28udWs6ODQ0M1wvdGVzdFwvYVwvYWFzLXRlc3RcL2NhbGxiYWNrIiwic3RhdGUiOiJ5TEZMMm1oT2l0Iiwibm9uY2UiOiJBeEtqdEJ0RlZ4IiwiY2xpZW50X2lkIjoiYWFzLWFwcC1vaWRjIn0.
2022-05-30 08:41:48 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
http://78.138.66.128:9009/oauth2/authorize?request=eyJhbGciOiJub25lIn0.eyJzY29wZSI6Im9wZW5pZCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6XC9cL2xvY2FsaG9zdC5lbW9iaXguY28udWs6ODQ0M1wvdGVzdFwvYVwvYWFzLXRlc3RcL2NhbGxiYWNrIiwic3RhdGUiOiJ5TEZMMm1oT2l0Iiwibm9uY2UiOiJBeEtqdEJ0RlZ4IiwiY2xpZW50X2lkIjoiYWFzLWFwcC1vaWRjIn0.&client_id=aas-app-oidc&redirect_uri=https://localhost.emobix.co.uk:8443/test/a/aas-test/callback&scope=openid&response_type=code
2022-05-30 08:41:48 REDIRECT
oidcc-unsigned-request-object-supported-correctly-or-rejected-as-unsupported
Redirecting to authorization endpoint
redirect_to
http://78.138.66.128:9009/oauth2/authorize?request=eyJhbGciOiJub25lIn0.eyJzY29wZSI6Im9wZW5pZCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6XC9cL2xvY2FsaG9zdC5lbW9iaXguY28udWs6ODQ0M1wvdGVzdFwvYVwvYWFzLXRlc3RcL2NhbGxiYWNrIiwic3RhdGUiOiJ5TEZMMm1oT2l0Iiwibm9uY2UiOiJBeEtqdEJ0RlZ4IiwiY2xpZW50X2lkIjoiYWFzLWFwcC1vaWRjIn0.&client_id=aas-app-oidc&redirect_uri=https://localhost.emobix.co.uk:8443/test/a/aas-test/callback&scope=openid&response_type=code
2022-05-30 08:44:00
TEST-RUNNER
Stopping test due to alias conflict - before this test finished, you have started another test using the same alias. You will need to rerun this test and ensure you complete all steps in this test before you move onto the next test. Please check that the alias in your test configuration is unique, for example include your company name in it.
alias
aas-test
new_test_id
AjCnsdFLB089cmP
Unregister dynamically registered client
2022-05-30 08:44:00
UnregisterDynamicallyRegisteredClient
Couldn't find registration_access_token.
2022-05-30 08:44:00 INTERRUPTED
oidcc-unsigned-request-object-supported-correctly-or-rejected-as-unsupported
Test was interrupted before it could complete. Stopping test due to alias conflict - before this test finished, you have started another test using the same alias. You will need to rerun this test and ensure you complete all steps in this test before you move onto the next test. Please check that the alias in your test configuration is unique, for example include your company name in it.
Test Results