search

IdentityPython / oidc-op

An implementation of an OIDC Provider (OP)
Apache License 2.0
65 stars 26 forks source link

oidcmsg.exception.MissingSigningKey: alg=RS256 #7

Closed peppelinux closed 5 years ago

peppelinux commented 5 years ago

Once I went through the login form (user_pass.jinja2), with these information in RP logs:

2019-08-29 15:27:54,677 oidcrp:INFO client_setup: iss_id=flop, user=
2019-08-29 15:27:54,681 oidcrp.oauth2:DEBUG do_request info: {'method': 'GET', 'url': 'https://127.0.0.1:5000/.well-known/openid-configuration'}
2019-08-29 15:27:54,681 oidcrp.oauth2:DEBUG Doing request with: URL:https://127.0.0.1:5000/.well-known/openid-configuration, method:GET, data:None, https_args:{}
2019-08-29 15:27:54,685 urllib3.connectionpool:DEBUG Starting new HTTPS connection (1): 127.0.0.1:5000
2019-08-29 15:27:54,699 urllib3.connectionpool:DEBUG https://127.0.0.1:5000 "GET /.well-known/openid-configuration HTTP/1.1" 200 3478
2019-08-29 15:27:54,700 oidcrp.oauth2:DEBUG response_body_type: "json"
2019-08-29 15:27:54,700 oidcrp.util:DEBUG resp.headers: {'Server': 'Werkzeug/0.15.5 Python/3.5.2', 'Cache-Control': 'no-store', 'Content-Length': '3478', 'Date': 'Thu, 29 Aug 2019 13:27:54 GMT', 'Pragma': 'no-cache', 'Content-type': 'application/json'}
2019-08-29 15:27:54,700 oidcrp.util:DEBUG resp.txt: {"userinfo_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512", "none"], "request_object_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512", "none"], "version": "3.0", "request_parameter_supported": true, "subject_types_supported": ["pairwise", "public"], "userinfo_endpoint": "https://127.0.0.1:5000/userinfo", "issuer": "https://127.0.0.1:5000", "response_types_supported": ["token", "code id_token", "id_token", "code", "none", "code id_token token", "code token", "id_token token"], "backchannel_logout_supported": true, "require_request_uri_registration": true, "frontchannel_logout_supported": true, "claims_supported": ["profile", "birthdate", "zoneinfo", "address", "phone_number_verified", "sub", "locale", "email_verified", "website", "email", "picture", "gender", "family_name", "nickname", "given_name", "name", "updated_at", "preferred_username", "middle_name", "phone_number"], "request_object_encryption_alg_values_supported": ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "response_modes_supported": ["fragment", "form_post", "query"], "id_token_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "userinfo_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "id_token_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512", "none"], "token_endpoint_auth_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "token_endpoint": "https://127.0.0.1:5000/token", "check_session_iframe": "https://127.0.0.1:5000/check_session_iframe", "userinfo_encryption_alg_values_supported": ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "claim_types_supported": ["normal", "distributed", "aggregated"], "frontchannel_logout_session_supported": true, "jwks_uri": "https://127.0.0.1:5000/static/jwks.json", "id_token_encryption_alg_values_supported": ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "token_endpoint_auth_methods_supported": ["client_secret_post", "client_secret_basic", "client_secret_jwt", "private_key_jwt"], "request_object_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "scopes_supported": ["profile", "address", "offline_access", "phone", "openid", "email"], "claims_parameter_supported": true, "end_session_endpoint": "https://127.0.0.1:5000/session", "registration_endpoint": "https://127.0.0.1:5000/registration", "authorization_endpoint": "https://127.0.0.1:5000/authorization", "backchannel_logout_session_supported": true, "acr_values_supported": ["oidcendpoint.user_authn.authn_context.INTERNETPROTOCOLPASSWORD", "oidcendpoint.user_authn.authn_context.UNSPECIFIED"], "grant_types_supported": ["implicit", "authorization_code", "urn:ietf:params:oauth:grant-type:jwt-bearer", "refresh_token"], "request_uri_parameter_supported": true}
2019-08-29 15:27:54,700 oidcrp.oauth2:DEBUG Successful response: {"userinfo_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512", "none"], "request_object_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512", "none"], "version": "3.0", "request_parameter_supported": true, "subject_types_supported": ["pairwise", "public"], "userinfo_endpoint": "https://127.0.0.1:5000/userinfo", "issuer": "https://127.0.0.1:5000", "response_types_supported": ["token", "code id_token", "id_token", "code", "none", "code id_token token", "code token", "id_token token"], "backchannel_logout_supported": true, "require_request_uri_registration": true, "frontchannel_logout_supported": true, "claims_supported": ["profile", "birthdate", "zoneinfo", "address", "phone_number_verified", "sub", "locale", "email_verified", "website", "email", "picture", "gender", "family_name", "nickname", "given_name", "name", "updated_at", "preferred_username", "middle_name", "phone_number"], "request_object_encryption_alg_values_supported": ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "response_modes_supported": ["fragment", "form_post", "query"], "id_token_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "userinfo_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "id_token_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512", "none"], "token_endpoint_auth_signing_alg_values_supported": ["RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "PS256", "PS384", "PS512"], "token_endpoint": "https://127.0.0.1:5000/token", "check_session_iframe": "https://127.0.0.1:5000/check_session_iframe", "userinfo_encryption_alg_values_supported": ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "claim_types_supported": ["normal", "distributed", "aggregated"], "frontchannel_logout_session_supported": true, "jwks_uri": "https://127.0.0.1:5000/static/jwks.json", "id_token_encryption_alg_values_supported": ["RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "A128KW", "A192KW", "A256KW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW"], "token_endpoint_auth_methods_supported": ["client_secret_post", "client_secret_basic", "client_secret_jwt", "private_key_jwt"], "request_object_encryption_enc_values_supported": ["A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM"], "scopes_supported": ["profile", "address", "offline_access", "phone", "openid", "email"], "claims_parameter_supported": true, "end_session_endpoint": "https://127.0.0.1:5000/session", "registration_endpoint": "https://127.0.0.1:5000/registration", "authorization_endpoint": "https://127.0.0.1:5000/authorization", "backchannel_logout_session_supported": true, "acr_values_supported": ["oidcendpoint.user_authn.authn_context.INTERNETPROTOCOLPASSWORD", "oidcendpoint.user_authn.authn_context.UNSPECIFIED"], "grant_types_supported": ["implicit", "authorization_code", "urn:ietf:params:oauth:grant-type:jwt-bearer", "refresh_token"], "request_uri_parameter_supported": true}
2019-08-29 15:27:54,701 oidcservice.service:DEBUG response format: json
2019-08-29 15:27:54,701 oidcservice.service:DEBUG response_cls: ProviderConfigurationResponse
2019-08-29 15:27:54,701 oidcservice.service:DEBUG Initial response parsing => "{'check_session_iframe': 'https://127.0.0.1:5000/check_session_iframe', 'userinfo_signing_alg_values_supported': ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'PS256', 'PS384', 'PS512', 'none'], 'request_object_encryption_alg_values_supported': ['RSA1_5', 'RSA-OAEP', 'RSA-OAEP-256', 'A128KW', 'A192KW', 'A256KW', 'ECDH-ES', 'ECDH-ES+A128KW', 'ECDH-ES+A192KW', 'ECDH-ES+A256KW'], 'grant_types_supported': ['implicit', 'authorization_code', 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'refresh_token'], 'require_request_uri_registration': True, 'token_endpoint_auth_methods_supported': ['client_secret_post', 'client_secret_basic', 'client_secret_jwt', 'private_key_jwt'], 'token_endpoint': 'https://127.0.0.1:5000/token', 'backchannel_logout_supported': True, 'response_modes_supported': ['fragment', 'form_post', 'query'], 'response_types_supported': ['token', 'code id_token', 'id_token', 'code', 'none', 'code id_token token', 'code token', 'id_token token'], 'token_endpoint_auth_signing_alg_values_supported': ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'PS256', 'PS384', 'PS512'], 'claims_parameter_supported': True, 'registration_endpoint': 'https://127.0.0.1:5000/registration', 'claim_types_supported': ['normal', 'distributed', 'aggregated'], 'request_object_encryption_enc_values_supported': ['A128CBC-HS256', 'A192CBC-HS384', 'A256CBC-HS512', 'A128GCM', 'A192GCM', 'A256GCM'], 'version': '3.0', 'scopes_supported': ['profile', 'address', 'offline_access', 'phone', 'openid', 'email'], 'id_token_encryption_enc_values_supported': ['A128CBC-HS256', 'A192CBC-HS384', 'A256CBC-HS512', 'A128GCM', 'A192GCM', 'A256GCM'], 'claims_supported': ['profile', 'birthdate', 'zoneinfo', 'address', 'phone_number_verified', 'sub', 'locale', 'email_verified', 'website', 'email', 'picture', 'gender', 'family_name', 'nickname', 'given_name', 'name', 'updated_at', 'preferred_username', 'middle_name', 'phone_number'], 'request_object_signing_alg_values_supported': ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'PS256', 'PS384', 'PS512', 'none'], 'backchannel_logout_session_supported': True, 'acr_values_supported': ['oidcendpoint.user_authn.authn_context.INTERNETPROTOCOLPASSWORD', 'oidcendpoint.user_authn.authn_context.UNSPECIFIED'], 'request_uri_parameter_supported': True, 'authorization_endpoint': 'https://127.0.0.1:5000/authorization', 'userinfo_encryption_enc_values_supported': ['A128CBC-HS256', 'A192CBC-HS384', 'A256CBC-HS512', 'A128GCM', 'A192GCM', 'A256GCM'], 'issuer': 'https://127.0.0.1:5000', 'userinfo_endpoint': 'https://127.0.0.1:5000/userinfo', 'request_parameter_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://127.0.0.1:5000/session', 'id_token_encryption_alg_values_supported': ['RSA1_5', 'RSA-OAEP', 'RSA-OAEP-256', 'A128KW', 'A192KW', 'A256KW', 'ECDH-ES', 'ECDH-ES+A128KW', 'ECDH-ES+A192KW', 'ECDH-ES+A256KW'], 'jwks_uri': 'https://127.0.0.1:5000/static/jwks.json', 'id_token_signing_alg_values_supported': ['RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512', 'PS256', 'PS384', 'PS512', 'none'], 'subject_types_supported': ['pairwise', 'public'], 'frontchannel_logout_session_supported': True, 'userinfo_encryption_alg_values_supported': ['RSA1_5', 'RSA-OAEP', 'RSA-OAEP-256', 'A128KW', 'A192KW', 'A256KW', 'ECDH-ES', 'ECDH-ES+A128KW', 'ECDH-ES+A192KW', 'ECDH-ES+A256KW']}"
2019-08-29 15:27:54,701 oidcservice.service:DEBUG Verify response with {'client_id': '', 'verify': True, 'iss': 'https://127.0.0.1:5000/', 'keyjar': <KeyJar(issuers=[''])>}
2019-08-29 15:27:54,702 cryptojwt.key_jar:DEBUG Initiating key bundle for issuer: https://127.0.0.1:5000
2019-08-29 15:27:54,702 root:DEBUG KeyBundle fetch keys from: https://127.0.0.1:5000/static/jwks.json
2019-08-29 15:27:54,703 urllib3.connectionpool:DEBUG Starting new HTTPS connection (1): 127.0.0.1:5000
2019-08-29 15:27:54,715 urllib3.connectionpool:DEBUG https://127.0.0.1:5000 "GET /static/jwks.json HTTP/1.1" 200 691
2019-08-29 15:27:54,716 cryptojwt.key_bundle:DEBUG Loaded JWKS: {"keys": [{"kty": "RSA", "use": "sig", "kid": "TGhjUE8xYVRNc0E0UGl4NFBHNzZ2M1dJWXNkaU41TlY5Umxrdk9NT3JRYw", "e": "AQAB", "n": "6Ng0mZKOShKZEFwdJEAlPx-B1oTuH31ZDUvvinZnzkyoEeMfnK2_vxlrf-yHljDtiKBuqSa_wAUXVDKwc5krCUCYMnCPmORzqMkGyB2iqIgz62pQqlUx16ynM0XTTpoC2bgpto-KW3LurfCV6szEQ8nXorEfraXLaG-NkhZCohqC-fPtQyDZCvJCASbjSIATtqD0cXEVjYQyLoxh3WXw2hEWAUkfWSwEwh4saMOGxIWFn0Cs3X7_16yQpCa9Qn8kmgbNb-dndWHec5HyKUooetGkZqv8Pp90tstrza3e8JOtXoFfe0uT7ImuDDSLDgGYDxP6x2nucvQGvSjt8CdzrQ"}, {"kty": "EC", "use": "sig", "kid": "WGx2RmVhaUxaZ2ZmZWYwVngyMHZmaFFUSWJqblhpVURINXdnREZNakdZWQ", "crv": "P-256", "x": "e1HiQ-bNlVsdQ8DV95v6vgoQNXGEOY2Brbu9pz4AJVM", "y": "osKZQ8S20557irH8rklGTgmMwbNOhmObzeFw6KNwZg8"}]} from https://127.0.0.1:5000/static/jwks.json
2019-08-29 15:27:54,716 cryptojwt.key_bundle:DEBUG Loaded JWKS: {"keys": [{"kty": "RSA", "use": "sig", "kid": "TGhjUE8xYVRNc0E0UGl4NFBHNzZ2M1dJWXNkaU41TlY5Umxrdk9NT3JRYw", "e": "AQAB", "n": "6Ng0mZKOShKZEFwdJEAlPx-B1oTuH31ZDUvvinZnzkyoEeMfnK2_vxlrf-yHljDtiKBuqSa_wAUXVDKwc5krCUCYMnCPmORzqMkGyB2iqIgz62pQqlUx16ynM0XTTpoC2bgpto-KW3LurfCV6szEQ8nXorEfraXLaG-NkhZCohqC-fPtQyDZCvJCASbjSIATtqD0cXEVjYQyLoxh3WXw2hEWAUkfWSwEwh4saMOGxIWFn0Cs3X7_16yQpCa9Qn8kmgbNb-dndWHec5HyKUooetGkZqv8Pp90tstrza3e8JOtXoFfe0uT7ImuDDSLDgGYDxP6x2nucvQGvSjt8CdzrQ"}, {"kty": "EC", "use": "sig", "kid": "WGx2RmVhaUxaZ2ZmZWYwVngyMHZmaFFUSWJqblhpVURINXdnREZNakdZWQ", "crv": "P-256", "x": "e1HiQ-bNlVsdQ8DV95v6vgoQNXGEOY2Brbu9pz4AJVM", "y": "osKZQ8S20557irH8rklGTgmMwbNOhmObzeFw6KNwZg8"}]} from https://127.0.0.1:5000/static/jwks.json
2019-08-29 15:27:54,717 oidcservice.oidc.provider_info_discovery:DEBUG service_context behaviour: {'contacts': ['ops@example.com'], 'response_types': ['code'], 'application_name': 'rphandler', 'application_type': 'web', 'token_endpoint_auth_method': 'client_secret_basic', 'scope': ['openid', 'profile', 'email', 'address', 'phone']}
2019-08-29 15:27:54,717 oidcrp.oauth2:DEBUG do_request info: {'headers': {'Content-Type': 'application/json'}, 'method': 'POST', 'body': '{"contacts": ["ops@example.com"], "post_logout_redirect_uris": ["https://127.0.0.1:8090"], "response_types": ["code"], "redirect_uris": ["https://127.0.0.1:8090/authz_cb/flop"], "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "application_type": "web", "token_endpoint_auth_method": "client_secret_basic", "grant_types": ["authorization_code"]}', 'url': 'https://127.0.0.1:5000/registration'}
2019-08-29 15:27:54,717 oidcrp.oauth2:DEBUG Doing request with: URL:https://127.0.0.1:5000/registration, method:POST, data:{"contacts": ["ops@example.com"], "post_logout_redirect_uris": ["https://127.0.0.1:8090"], "response_types": ["code"], "redirect_uris": ["https://127.0.0.1:8090/authz_cb/flop"], "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "application_type": "web", "token_endpoint_auth_method": "client_secret_basic", "grant_types": ["authorization_code"]}, https_args:{'Content-Type': 'application/json'}
2019-08-29 15:27:54,719 urllib3.connectionpool:DEBUG Starting new HTTPS connection (1): 127.0.0.1:5000
2019-08-29 15:27:54,743 werkzeug:INFO 127.0.0.1 - - [29/Aug/2019 15:27:54] "GET /static/jwks.json HTTP/1.1" 200 -
2019-08-29 15:27:54,748 urllib3.connectionpool:DEBUG https://127.0.0.1:5000 "POST /registration HTTP/1.1" 200 663
2019-08-29 15:27:54,750 oidcrp.oauth2:DEBUG response_body_type: "json"
2019-08-29 15:27:54,750 oidcrp.util:DEBUG resp.headers: {'Server': 'Werkzeug/0.15.5 Python/3.5.2', 'Cache-Control': 'no-store', 'Content-Length': '663', 'Date': 'Thu, 29 Aug 2019 13:27:54 GMT', 'Pragma': 'no-cache', 'Content-type': 'application/json'}
2019-08-29 15:27:54,750 oidcrp.util:DEBUG resp.txt: {"token_endpoint_auth_method": "client_secret_basic", "registration_client_uri": "registration?client_id=u8VvGPtup7gt", "client_secret": "6239c564030e1523978808b28ef47514a677aee35f7eb53f467d468c", "client_secret_expires_at": 1567517274, "registration_access_token": "UJC9BgXYTSMrbvdFRuf2f90gq3JgaQH5", "response_types": ["code"], "post_logout_redirect_uris": ["https://127.0.0.1:8090"], "contacts": ["ops@example.com"], "client_id": "u8VvGPtup7gt", "grant_types": ["authorization_code"], "client_id_issued_at": 1567085274, "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "application_type": "web", "redirect_uris": ["https://127.0.0.1:8090/authz_cb/flop"]}
2019-08-29 15:27:54,750 oidcrp.oauth2:DEBUG Successful response: {"token_endpoint_auth_method": "client_secret_basic", "registration_client_uri": "registration?client_id=u8VvGPtup7gt", "client_secret": "6239c564030e1523978808b28ef47514a677aee35f7eb53f467d468c", "client_secret_expires_at": 1567517274, "registration_access_token": "UJC9BgXYTSMrbvdFRuf2f90gq3JgaQH5", "response_types": ["code"], "post_logout_redirect_uris": ["https://127.0.0.1:8090"], "contacts": ["ops@example.com"], "client_id": "u8VvGPtup7gt", "grant_types": ["authorization_code"], "client_id_issued_at": 1567085274, "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "application_type": "web", "redirect_uris": ["https://127.0.0.1:8090/authz_cb/flop"]}
2019-08-29 15:27:54,751 oidcservice.service:DEBUG response format: json
2019-08-29 15:27:54,752 oidcservice.service:DEBUG response_cls: RegistrationResponse
2019-08-29 15:27:54,754 oidcservice.service:DEBUG Initial response parsing => "{'registration_client_uri': 'registration?client_id=u8VvGPtup7gt', 'response_types': ['code'], 'registration_access_token': 'UJC9BgXYTSMrbvdFRuf2f90gq3JgaQH5', 'client_id_issued_at': 1567085274, 'jwks_uri': 'https://127.0.0.1:8090/static/jwks.json', 'token_endpoint_auth_method': 'client_secret_basic', 'contacts': ['ops@example.com'], 'client_secret': '6239c564030e1523978808b28ef47514a677aee35f7eb53f467d468c', 'client_id': 'u8VvGPtup7gt', 'post_logout_redirect_uris': ['https://127.0.0.1:8090'], 'client_secret_expires_at': 1567517274, 'redirect_uris': ['https://127.0.0.1:8090/authz_cb/flop'], 'application_type': 'web', 'grant_types': ['authorization_code']}"
2019-08-29 15:27:54,754 oidcservice.service:DEBUG Verify response with {'client_id': '', 'verify': True, 'iss': 'https://127.0.0.1:5000', 'keyjar': <KeyJar(issuers=['', 'https://127.0.0.1:5000'])>}
2019-08-29 15:27:54,755 oidcrp:DEBUG Authorization request args: {'response_type': 'code', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK', 'scope': ['openid', 'profile', 'email', 'address', 'phone'], 'nonce': 'FdjlZBbe4xObuqfvlV5FpEak'}
2019-08-29 15:27:54,755 oidcrp:DEBUG Authorization info: {'method': 'GET', 'url': 'https://127.0.0.1:5000/authorization?client_id=u8VvGPtup7gt&state=9LkxRcN1L3k5veYx5x9NSoloVKOiydMK&response_type=code&redirect_uri=https%3A%2F%2F127.0.0.1%3A8090%2Fauthz_cb%2Fflop&scope=openid+profile+email+address+phone&nonce=FdjlZBbe4xObuqfvlV5FpEak'}
2019-08-29 15:27:54,756 werkzeug:INFO 127.0.0.1 - - [29/Aug/2019 15:27:54] "GET /rp?uid=&iss=flop HTTP/1.1" 303 -

I have a login form, then I put login: upper and password: crust then submit. I can see the RP log here


2019-08-29 15:28:07,217 flask_rp.views:DEBUG Issuer: https://127.0.0.1:5000
2019-08-29 15:28:07,217 oidcservice.service:DEBUG response format: dict
2019-08-29 15:28:07,217 oidcservice.service:DEBUG response_cls: AuthorizationResponse
2019-08-29 15:28:07,218 oidcservice.service:DEBUG Initial response parsing => "{'code': 'Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0=', 'session_state': 'e9f76df21f0372b0435af5f6d6ee165ee26d8cb90424518685e060744f4c7382.KmCqoYVgxU9i74lf', 'client_id': 'u8VvGPtup7gt', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK', 'iss': 'https://127.0.0.1:5000', 'scope': 'openid profile email address phone'}"
2019-08-29 15:28:07,218 oidcservice.service:DEBUG Verify response with {'client_id': 'u8VvGPtup7gt', 'skew': 15, 'verify': True, 'iss': 'https://127.0.0.1:5000', 'keyjar': <KeyJar(issuers=['', 'https://127.0.0.1:5000'])>}
2019-08-29 15:28:07,218 oidcrp:DEBUG Authz response: {'code': 'Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0=', 'session_state': 'e9f76df21f0372b0435af5f6d6ee165ee26d8cb90424518685e060744f4c7382.KmCqoYVgxU9i74lf', 'client_id': 'u8VvGPtup7gt', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK', 'iss': 'https://127.0.0.1:5000', 'scope': 'openid profile email address phone'}
2019-08-29 15:28:07,218 oidcrp:DEBUG get_accesstoken
2019-08-29 15:28:07,218 oidcrp:DEBUG request_args: {'code': 'Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0=', 'client_secret': '6239c564030e1523978808b28ef47514a677aee35f7eb53f467d468c', 'client_id': 'u8VvGPtup7gt', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK', 'grant_type': 'authorization_code', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop'}
2019-08-29 15:28:07,219 oidcservice.service:DEBUG Client authn method: client_secret_basic
2019-08-29 15:28:07,219 oidcrp.oauth2:DEBUG do_request info: {'headers': {'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic dThWdkdQdHVwN2d0OjYyMzljNTY0MDMwZTE1MjM5Nzg4MDhiMjhlZjQ3NTE0YTY3N2FlZTM1ZjdlYjUzZjQ2N2Q0Njhj'}, 'method': 'POST', 'body': 'code=Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0%3D&client_id=u8VvGPtup7gt&state=9LkxRcN1L3k5veYx5x9NSoloVKOiydMK&grant_type=authorization_code&redirect_uri=https%3A%2F%2F127.0.0.1%3A8090%2Fauthz_cb%2Fflop', 'url': 'https://127.0.0.1:5000/token'}
2019-08-29 15:28:07,219 oidcrp.oauth2:DEBUG Doing request with: URL:https://127.0.0.1:5000/token, method:POST, data:code=Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0%3D&client_id=u8VvGPtup7gt&state=9LkxRcN1L3k5veYx5x9NSoloVKOiydMK&grant_type=authorization_code&redirect_uri=https%3A%2F%2F127.0.0.1%3A8090%2Fauthz_cb%2Fflop, https_args:{'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic dThWdkdQdHVwN2d0OjYyMzljNTY0MDMwZTE1MjM5Nzg4MDhiMjhlZjQ3NTE0YTY3N2FlZTM1ZjdlYjUzZjQ2N2Q0Njhj'}
2019-08-29 15:28:07,221 urllib3.connectionpool:DEBUG Starting new HTTPS connection (1): 127.0.0.1:5000
2019-08-29 15:28:07,240 urllib3.connectionpool:DEBUG https://127.0.0.1:5000 "POST /token HTTP/1.1" 200 1927
2019-08-29 15:28:07,241 oidcrp.oauth2:DEBUG response_body_type: "json"
2019-08-29 15:28:07,241 oidcrp.util:DEBUG resp.headers: {'Server': 'Werkzeug/0.15.5 Python/3.5.2', 'Cache-Control': 'no-store', 'Content-Length': '1927', 'Date': 'Thu, 29 Aug 2019 13:28:07 GMT', 'Pragma': 'no-cache', 'Content-type': 'application/json'}
2019-08-29 15:28:07,241 oidcrp.util:DEBUG resp.txt: {"token_type": "Bearer", "access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImRYWmxjRFZPZDFsU1UyWkNVa05CYzI5MmFIaE9jR0ZwZDFOa05WSmtRbmRZUjNsT1dscDVjMVZoUVEifQ.eyJzaWQiOiAiMjc4YjVlMjI4ZmYyYTFiMGFlNzczMmJkZmE1MGE5MzBhNDJlMDI2NTRjN2I5YWY0MWZjN2FkYjgiLCAiaWF0IjogMTU2NzA4NTI4NywgImV4cCI6IDE1NjcwODg4ODcsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJraWQiOiAiZFhabGNEVk9kMWxTVTJaQ1VrTkJjMjkyYUhoT2NHRnBkMU5rTlZKa1FuZFlSM2xPV2xwNWMxVmhRUSIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSIsICJmYW1pbHlfbmFtZSI6ICJDcnVzdCIsICJnaXZlbl9uYW1lIjogIlVwcGVyIiwgInR0eXBlIjogIlQiLCAibmFtZSI6ICJVcHBlciBDcnVzdCIsICJhdWQiOiBbInU4VnZHUHR1cDdndCIsICJodHRwczovL2V4YW1wbGUub3JnL2FwcGwiXSwgImlzcyI6ICJodHRwczovLzEyNy4wLjAuMTo1MDAwIn0.aETnD4yhOfdKsm8uh1pXdJktVXLMNUqAU49J0q8_F41fMWrk2cKFMugJfuwdApYBOZMXy1VuP7drBqkGRkFRxQ", "expires_in": 3600, "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlIybFlObDlaZGs1TE1WOVNXbVZuVVhkNlUxWm5jVGN6YW1SMGIwdFpOblExY0Vwd1pFTXhOVEZLYXcifQ.eyJhdXRoX3RpbWUiOiAxNTY3MDg1Mjc0LCAiaWF0IjogMTU2NzA4NTI4NywgIm5vbmNlIjogIkZkamxaQmJlNHhPYnVxZnZsVjVGcEVhayIsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJraWQiOiAiUjJsWU5sOVpkazVMTVY5U1dtVm5VWGQ2VTFabmNUY3phbVIwYjB0Wk5uUTFjRXB3WkVNeE5URkthdyIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJleHAiOiAxNTY3MDg1NTg3LCAiYXVkIjogWyJ1OFZ2R1B0dXA3Z3QiXSwgImFjciI6ICJvaWRjZW5kcG9pbnQudXNlcl9hdXRobi5hdXRobl9jb250ZXh0LklOVEVSTkVUUFJPVE9DT0xQQVNTV09SRCIsICJpc3MiOiAiaHR0cHM6Ly8xMjcuMC4wLjE6NTAwMCIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSJ9.nGHeMvkB6VUOdu0_Vz2tPvDdxRwECOCbq1ZyWTKpiSNlg9fwUobqhPVbkpf3TDKwpRgvdONRRrM_czQ4HCVSv-mWDCu1SNVYbBfFRjVMtrJ0EhCrECc-JD0tF0INBL-Z_1vTAlRL6T7zrJ1MkJOnYhREkszdGyc200kSJe_zLfhmKOdKSnSH0ncJ9t4lUq8InQlynv08gOzHdMZVSx9V4rqqltuKDuElPC8I0yhe9yxDwM9DG6-hNW9ChAmkvYH5XXFZcINtI5XjdMDcW3XrFR9P2rtA_nRkO_TroG_vAzEBBCplymKLKafA7-3xPkd8tmeSA-AgX5jSZ7LtjR7KpQ"}
2019-08-29 15:28:07,242 oidcrp.oauth2:DEBUG Successful response: {"token_type": "Bearer", "access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImRYWmxjRFZPZDFsU1UyWkNVa05CYzI5MmFIaE9jR0ZwZDFOa05WSmtRbmRZUjNsT1dscDVjMVZoUVEifQ.eyJzaWQiOiAiMjc4YjVlMjI4ZmYyYTFiMGFlNzczMmJkZmE1MGE5MzBhNDJlMDI2NTRjN2I5YWY0MWZjN2FkYjgiLCAiaWF0IjogMTU2NzA4NTI4NywgImV4cCI6IDE1NjcwODg4ODcsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJraWQiOiAiZFhabGNEVk9kMWxTVTJaQ1VrTkJjMjkyYUhoT2NHRnBkMU5rTlZKa1FuZFlSM2xPV2xwNWMxVmhRUSIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSIsICJmYW1pbHlfbmFtZSI6ICJDcnVzdCIsICJnaXZlbl9uYW1lIjogIlVwcGVyIiwgInR0eXBlIjogIlQiLCAibmFtZSI6ICJVcHBlciBDcnVzdCIsICJhdWQiOiBbInU4VnZHUHR1cDdndCIsICJodHRwczovL2V4YW1wbGUub3JnL2FwcGwiXSwgImlzcyI6ICJodHRwczovLzEyNy4wLjAuMTo1MDAwIn0.aETnD4yhOfdKsm8uh1pXdJktVXLMNUqAU49J0q8_F41fMWrk2cKFMugJfuwdApYBOZMXy1VuP7drBqkGRkFRxQ", "expires_in": 3600, "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlIybFlObDlaZGs1TE1WOVNXbVZuVVhkNlUxWm5jVGN6YW1SMGIwdFpOblExY0Vwd1pFTXhOVEZLYXcifQ.eyJhdXRoX3RpbWUiOiAxNTY3MDg1Mjc0LCAiaWF0IjogMTU2NzA4NTI4NywgIm5vbmNlIjogIkZkamxaQmJlNHhPYnVxZnZsVjVGcEVhayIsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJraWQiOiAiUjJsWU5sOVpkazVMTVY5U1dtVm5VWGQ2VTFabmNUY3phbVIwYjB0Wk5uUTFjRXB3WkVNeE5URkthdyIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJleHAiOiAxNTY3MDg1NTg3LCAiYXVkIjogWyJ1OFZ2R1B0dXA3Z3QiXSwgImFjciI6ICJvaWRjZW5kcG9pbnQudXNlcl9hdXRobi5hdXRobl9jb250ZXh0LklOVEVSTkVUUFJPVE9DT0xQQVNTV09SRCIsICJpc3MiOiAiaHR0cHM6Ly8xMjcuMC4wLjE6NTAwMCIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSJ9.nGHeMvkB6VUOdu0_Vz2tPvDdxRwECOCbq1ZyWTKpiSNlg9fwUobqhPVbkpf3TDKwpRgvdONRRrM_czQ4HCVSv-mWDCu1SNVYbBfFRjVMtrJ0EhCrECc-JD0tF0INBL-Z_1vTAlRL6T7zrJ1MkJOnYhREkszdGyc200kSJe_zLfhmKOdKSnSH0ncJ9t4lUq8InQlynv08gOzHdMZVSx9V4rqqltuKDuElPC8I0yhe9yxDwM9DG6-hNW9ChAmkvYH5XXFZcINtI5XjdMDcW3XrFR9P2rtA_nRkO_TroG_vAzEBBCplymKLKafA7-3xPkd8tmeSA-AgX5jSZ7LtjR7KpQ"}
2019-08-29 15:28:07,242 oidcservice.service:DEBUG response format: json
2019-08-29 15:28:07,242 oidcservice.service:DEBUG response_cls: AccessTokenResponse
2019-08-29 15:28:07,242 oidcservice.service:DEBUG Initial response parsing => "{'access_token': 'eyJhbGciOiJFUzI1NiIsImtpZCI6ImRYWmxjRFZPZDFsU1UyWkNVa05CYzI5MmFIaE9jR0ZwZDFOa05WSmtRbmRZUjNsT1dscDVjMVZoUVEifQ.eyJzaWQiOiAiMjc4YjVlMjI4ZmYyYTFiMGFlNzczMmJkZmE1MGE5MzBhNDJlMDI2NTRjN2I5YWY0MWZjN2FkYjgiLCAiaWF0IjogMTU2NzA4NTI4NywgImV4cCI6IDE1NjcwODg4ODcsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJraWQiOiAiZFhabGNEVk9kMWxTVTJaQ1VrTkJjMjkyYUhoT2NHRnBkMU5rTlZKa1FuZFlSM2xPV2xwNWMxVmhRUSIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSIsICJmYW1pbHlfbmFtZSI6ICJDcnVzdCIsICJnaXZlbl9uYW1lIjogIlVwcGVyIiwgInR0eXBlIjogIlQiLCAibmFtZSI6ICJVcHBlciBDcnVzdCIsICJhdWQiOiBbInU4VnZHUHR1cDdndCIsICJodHRwczovL2V4YW1wbGUub3JnL2FwcGwiXSwgImlzcyI6ICJodHRwczovLzEyNy4wLjAuMTo1MDAwIn0.aETnD4yhOfdKsm8uh1pXdJktVXLMNUqAU49J0q8_F41fMWrk2cKFMugJfuwdApYBOZMXy1VuP7drBqkGRkFRxQ', 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IlIybFlObDlaZGs1TE1WOVNXbVZuVVhkNlUxWm5jVGN6YW1SMGIwdFpOblExY0Vwd1pFTXhOVEZLYXcifQ.eyJhdXRoX3RpbWUiOiAxNTY3MDg1Mjc0LCAiaWF0IjogMTU2NzA4NTI4NywgIm5vbmNlIjogIkZkamxaQmJlNHhPYnVxZnZsVjVGcEVhayIsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJraWQiOiAiUjJsWU5sOVpkazVMTVY5U1dtVm5VWGQ2VTFabmNUY3phbVIwYjB0Wk5uUTFjRXB3WkVNeE5URkthdyIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJleHAiOiAxNTY3MDg1NTg3LCAiYXVkIjogWyJ1OFZ2R1B0dXA3Z3QiXSwgImFjciI6ICJvaWRjZW5kcG9pbnQudXNlcl9hdXRobi5hdXRobl9jb250ZXh0LklOVEVSTkVUUFJPVE9DT0xQQVNTV09SRCIsICJpc3MiOiAiaHR0cHM6Ly8xMjcuMC4wLjE6NTAwMCIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSJ9.nGHeMvkB6VUOdu0_Vz2tPvDdxRwECOCbq1ZyWTKpiSNlg9fwUobqhPVbkpf3TDKwpRgvdONRRrM_czQ4HCVSv-mWDCu1SNVYbBfFRjVMtrJ0EhCrECc-JD0tF0INBL-Z_1vTAlRL6T7zrJ1MkJOnYhREkszdGyc200kSJe_zLfhmKOdKSnSH0ncJ9t4lUq8InQlynv08gOzHdMZVSx9V4rqqltuKDuElPC8I0yhe9yxDwM9DG6-hNW9ChAmkvYH5XXFZcINtI5XjdMDcW3XrFR9P2rtA_nRkO_TroG_vAzEBBCplymKLKafA7-3xPkd8tmeSA-AgX5jSZ7LtjR7KpQ', 'expires_in': 3600, 'token_type': 'Bearer'}"
2019-08-29 15:28:07,242 oidcservice.service:DEBUG Verify response with {'client_id': 'u8VvGPtup7gt', 'skew': 15, 'verify': True, 'iss': 'https://127.0.0.1:5000', 'keyjar': <KeyJar(issuers=['', 'https://127.0.0.1:5000'])>}
2019-08-29 15:28:07,242 oidcmsg.message:DEBUG Raw JSON: {'iss': 'https://127.0.0.1:5000', 'auth_time': 1567085274, 'email': 'uc@example.com', 'email_verified': True, 'iat': 1567085287, 'exp': 1567085587, 'kid': 'R2lYNl9Zdk5LMV9SWmVnUXd6U1ZncTczamR0b0tZNnQ1cEpwZEMxNTFKaw', 'nonce': 'FdjlZBbe4xObuqfvlV5FpEak', 'aud': ['u8VvGPtup7gt'], 'acr': 'oidcendpoint.user_authn.authn_context.INTERNETPROTOCOLPASSWORD', 'sub': 'aee610558292023758a4229ddcf75f167c9904313a83cf795232ed7f7e2131c9'}
2019-08-29 15:28:07,242 oidcmsg.message:DEBUG JWS header: {'kid': 'R2lYNl9Zdk5LMV9SWmVnUXd6U1ZncTczamR0b0tZNnQ1cEpwZEMxNTFKaw', 'alg': 'RS256'}
2019-08-29 15:28:07,243 cryptojwt.key_jar:DEBUG Key set summary for https://127.0.0.1:5000: RSA:sig:TGhjUE8xYVRNc0E0UGl4NFBHNzZ2M1dJWXNkaU41TlY5Umxrdk9NT3JRYw, EC:sig:WGx2RmVhaUxaZ2ZmZWYwVngyMHZmaFFUSWJqblhpVURINXdnREZNakdZWQ
2019-08-29 15:28:07,243 oidcservice.service:ERROR Got exception while verifying response: alg=RS256
2019-08-29 15:28:07,243 oidcrp.oauth2:ERROR alg=RS256
2019-08-29 15:28:07,244 oidcrp:ERROR ['Traceback (most recent call last):\n', '  File "/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcrp/__init__.py", line 501, in get_access_token\n    state=state\n', '  File "/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcrp/oauth2/__init__.py", line 96, in do_request\n    state=_state, **_info)\n', '  File "/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcrp/oauth2/__init__.py", line 141, in service_request\n    response_body_type, **kwargs)\n', '  File "/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcrp/oauth2/__init__.py", line 188, in parse_request_response\n    state, **kwargs)\n', '  File "/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcservice/service.py", line 484, in parse_response\n    resp.verify(**vargs)\n', '  File "/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcmsg/oidc/__init__.py", line 343, in verify\n    if not verify_id_token(self, **kwargs):\n', '  File "/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcmsg/oidc/__init__.py", line 303, in verify_id_token\n    idt = IdToken().from_jwt(str(msg[claim]), **args)\n', '  File "/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcmsg/message.py", line 540, in from_jwt\n    "alg=%s" % _header["alg"])\n', 'oidcmsg.exception.MissingSigningKey: alg=RS256\n']
2019-08-29 15:28:07,257 werkzeug:INFO 127.0.0.1 - - [29/Aug/2019 15:28:07] "GET /authz_cb/flop?client_id=u8VvGPtup7gt&iss=https%3A%2F%2F127.0.0.1%3A5000&code=Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0%3D&scope=openid+profile+email+address+phone&session_state=e9f76df21f0372b0435af5f6d6ee165ee26d8cb90424518685e060744f4c7382.KmCqoYVgxU9i74lf&state=9LkxRcN1L3k5veYx5x9NSoloVKOiydMK HTTP/1.1" 500 -

oidc-op side I have this

2019-08-29 15:27:54,746 oidcendpoint.oidc.registration DEBUG found 2 keys for client_id=u8VvGPtup7gt
2019-08-29 15:27:54,746 oidcendpoint.oidc.registration INFO registration_response: {'token_endpoint_auth_method': 'client_secret_basic', 'registration_client_uri': 'registration?client_id=u8VvGPtup7gt', 'client_secret': '6239c564030e1523978808b28ef47514a677aee35f7eb53f467d468c', 'client_secret_expires_at': 1567517274, 'jwks_uri': 'https://127.0.0.1:8090/static/jwks.json', 'response_types': ['code'], 'post_logout_redirect_uris': ['https://127.0.0.1:8090'], 'contacts': ['ops@example.com'], 'client_id': 'u8VvGPtup7gt', 'grant_types': ['authorization_code'], 'registration_access_token': 'UJC9BgXYTSMrbvdFRuf2f90gq3JgaQH5', 'application_type': 'web', 'redirect_uris': ['https://127.0.0.1:8090/authz_cb/flop'], 'client_id_issued_at': 1567085274}
2019-08-29 15:27:54,747 oidcop.configure INFO Response args: {'response_args': <oidcmsg.oidc.RegistrationResponse object at 0x7f049fdfa048>, 'cookie': <SimpleCookie: oidc_op_rp='1567085274|eyJjbGllbnRfaWQiOiAidThWdkdQdHVwN2d0In0::1567085274::sso|7PfJFpLE0LhP/mEkj6iul4jD8YPZd2hS6mfY+7JjAhQ='>}
2019-08-29 15:27:54,747 oidcop.configure DEBUG do_response: {'response': '{"token_endpoint_auth_method": "client_secret_basic", "registration_client_uri": "registration?client_id=u8VvGPtup7gt", "client_secret": "6239c564030e1523978808b28ef47514a677aee35f7eb53f467d468c", "client_secret_expires_at": 1567517274, "registration_access_token": "UJC9BgXYTSMrbvdFRuf2f90gq3JgaQH5", "response_types": ["code"], "post_logout_redirect_uris": ["https://127.0.0.1:8090"], "contacts": ["ops@example.com"], "client_id": "u8VvGPtup7gt", "grant_types": ["authorization_code"], "client_id_issued_at": 1567085274, "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "application_type": "web", "redirect_uris": ["https://127.0.0.1:8090/authz_cb/flop"]}', 'http_headers': [('Content-type', 'application/json'), ('Pragma', 'no-cache'), ('Cache-Control', 'no-store')], 'cookie': <SimpleCookie: oidc_op_rp='1567085274|eyJjbGllbnRfaWQiOiAidThWdkdQdHVwN2d0In0::1567085274::sso|7PfJFpLE0LhP/mEkj6iul4jD8YPZd2hS6mfY+7JjAhQ='>}
2019-08-29 15:27:54,747 oidcop.configure DEBUG response_placement: body
2019-08-29 15:27:54,747 oidcop.configure INFO Response: {"token_endpoint_auth_method": "client_secret_basic", "registration_client_uri": "registration?client_id=u8VvGPtup7gt", "client_secret": "6239c564030e1523978808b28ef47514a677aee35f7eb53f467d468c", "client_secret_expires_at": 1567517274, "registration_access_token": "UJC9BgXYTSMrbvdFRuf2f90gq3JgaQH5", "response_types": ["code"], "post_logout_redirect_uris": ["https://127.0.0.1:8090"], "contacts": ["ops@example.com"], "client_id": "u8VvGPtup7gt", "grant_types": ["authorization_code"], "client_id_issued_at": 1567085274, "jwks_uri": "https://127.0.0.1:8090/static/jwks.json", "application_type": "web", "redirect_uris": ["https://127.0.0.1:8090/authz_cb/flop"]}
2019-08-29 15:27:54,748 werkzeug INFO 127.0.0.1 - - [29/Aug/2019 15:27:54] "POST /registration HTTP/1.1" 200 -
2019-08-29 15:27:54,771 oidcop.configure INFO At the "authorization_endpoint" endpoint
2019-08-29 15:27:54,772 oidcendpoint.endpoint DEBUG - authorization_endpoint -
2019-08-29 15:27:54,772 oidcendpoint.endpoint INFO Request: {'client_id': 'u8VvGPtup7gt', 'response_type': 'code', 'nonce': 'FdjlZBbe4xObuqfvlV5FpEak', 'scope': 'openid profile email address phone', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK'}
2019-08-29 15:27:54,772 oidcendpoint.endpoint INFO Parsed and verified request: {'nonce': 'FdjlZBbe4xObuqfvlV5FpEak', 'scope': 'openid profile email address phone', 'client_id': 'u8VvGPtup7gt', 'response_type': 'code', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK'}
2019-08-29 15:27:54,772 oidcop.configure INFO request: {'nonce': 'FdjlZBbe4xObuqfvlV5FpEak', 'scope': 'openid profile email address phone', 'client_id': 'u8VvGPtup7gt', 'response_type': 'code', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK'}
2019-08-29 15:27:54,773 oidcop.configure DEBUG {'rp_session': 'eyJvcF9oYXNoIjoiZmxvcCJ9.XWfS2g.nYjvP5ZnWmPeXBlIro0a0IWCE_g', 'sman': '1567085261|"{\\"authn_time\\": 1567085261}"::1567085261::session|D+6uoaJvdKGYcPKGiJoHPXyAGzvfkF1R/QIfTeV10pI=', 'oidcop': '1567085261|eyJjbGllbnRfaWQiOiAiODRyZ0pDY3FOVThNIiwgInN1YiI6ICJkaWFuYSIsICJzaWQiOiAiNWFhMjM3YzhjYWVhZDg5YmJlMTBjYzMzZGExOWVmYjcxMWJhODc4YzFiOWY0MjAzM2NkYmRkOTciLCAic3RhdGUiOiAiVHlJMTJ1ZzdYc0dVeEdxSXFsZTRMaUZrSEliTk02NHEifQ::1567085261::sso|M0GGyIaWQ1AG4StqwmfbfOcITZPY+baCaAtmgJrSU/E='}
2019-08-29 15:27:54,774 oidcendpoint.user_authn.user DEBUG kwargs: {'authorization': '', 'max_age': 0}
2019-08-29 15:27:54,774 oidcendpoint.oidc.authorization INFO No active authentication
/home/wert/DEV3/Django-Identity.env/lib/python3.5/site-packages/oidcendpoint/user_authn/user.py:188: OnlyForTestingWarning: Do not use the "UserPassJinja2" authentication method in a production environment
  OnlyForTestingWarning)
2019-08-29 15:27:54,774 root DEBUG JWT header: {'alg': 'RS256', 'kid': 'R2lYNl9Zdk5LMV9SWmVnUXd6U1ZncTczamR0b0tZNnQ1cEpwZEMxNTFKaw'}
2019-08-29 15:27:54,786 oidcop.configure INFO Response args: {'http_response': '<!doctype html>\n\n<html lang="en">\n<head>\n    <meta charset="utf-8">\n    <title>Please login</title>\n</head>\n\n<body>\n<h1>Testing log in</h1>\n\n<form action="/verify/user_pass_jinja" method="post">\n    <input type="hidden" name="token" value="eyJhbGciOiJSUzI1NiIsImtpZCI6IlIybFlObDlaZGs1TE1WOVNXbVZuVVhkNlUxWm5jVGN6YW1SMGIwdFpOblExY0Vwd1pFTXhOVEZLYXcifQ.eyJhdXRobl9jbGFzc19yZWYiOiAib2lkY2VuZHBvaW50LnVzZXJfYXV0aG4uYXV0aG5fY29udGV4dC5JTlRFUk5FVFBST1RPQ09MUEFTU1dPUkQiLCAiaXNzIjogImh0dHBzOi8vMTI3LjAuMC4xOjUwMDAiLCAicXVlcnkiOiAiY2xpZW50X2lkPXU4VnZHUHR1cDdndCZyZXNwb25zZV90eXBlPWNvZGUmbm9uY2U9RmRqbFpCYmU0eE9idXFmdmxWNUZwRWFrJnNjb3BlPW9wZW5pZCtwcm9maWxlK2VtYWlsK2FkZHJlc3MrcGhvbmUmcmVkaXJlY3RfdXJpPWh0dHBzJTNBJTJGJTJGMTI3LjAuMC4xJTNBODA5MCUyRmF1dGh6X2NiJTJGZmxvcCZzdGF0ZT05TGt4UmNOMUwzazV2ZVl4NXg5TlNvbG9WS09peWRNSyIsICJraWQiOiAiUjJsWU5sOVpkazVMTVY5U1dtVm5VWGQ2VTFabmNUY3phbVIwYjB0Wk5uUTFjRXB3WkVNeE5URkthdyIsICJpYXQiOiAxNTY3MDg1Mjc0LCAicmV0dXJuX3VyaSI6ICJodHRwczovLzEyNy4wLjAuMTo4MDkwL2F1dGh6X2NiL2Zsb3AifQ.zanMFiIkiGTl4Ozdx5bG9k2SKIhwZT2n8NVDagALL_YbpZBN1F4Q3Cfy_iXLbvwSiPN8TOKpphWMmj6sOebBXFGp10jdojQXUfjVkquXUGpjurPn8Ay-ZDnfL4TGEmVNCuvXzjLNwuO868JoDpOftsrAs_ifF2FWvtO8RA2fYU727z5l16tjPLJP3ZY2d4XJHs50SJHOrjFzYYKEnXjGMWjufFJdqGgUwtT2rH6OR9ENneNWyJTXTFPa-FUf5HcG_FlXALO6K-M-dNq0123t94tceIgz3kvCsocwboZVQPLkohObW_1UfYQmy35VTqTV_H-3pr_yUDVDFWUyQ95dRg">\n\n    <p>\n        <label for="username">Nickname</label>\n        <input type="text" id="username" name="username" autofocus\n               required>\n    </p>\n\n    <p>\n        <label for="password">Secret sauce</label>\n        <input type="password" id="password" name="password" required>\n    </p>\n\n    <p>\n        <img src="" alt="">\n    </p>\n    <p>\n        <a href=""></a>\n    </p>\n    <p>\n        <a href=""></a>\n    </p>\n\n    <input type="submit" value="Get me in!">\n</form>\n</body>\n</html>', 'return_uri': 'https://127.0.0.1:8090/authz_cb/flop'}
2019-08-29 15:27:54,787 werkzeug INFO 127.0.0.1 - - [29/Aug/2019 15:27:54] "GET /authorization?client_id=u8VvGPtup7gt&state=9LkxRcN1L3k5veYx5x9NSoloVKOiydMK&response_type=code&redirect_uri=https%3A%2F%2F127.0.0.1%3A8090%2Fauthz_cb%2Fflop&scope=openid+profile+email+address+phone&nonce=FdjlZBbe4xObuqfvlV5FpEak HTTP/1.1" 200 -
2019-08-29 15:27:54,827 werkzeug INFO 127.0.0.1 - - [29/Aug/2019 15:27:54] "GET /favicon.ico HTTP/1.1" 404 -
2019-08-29 15:28:07,209 oidcendpoint.oidc.authorization DEBUG response type: ['code']
2019-08-29 15:28:07,210 oidcop.configure DEBUG do_response: {'response': 'https://127.0.0.1:8090/authz_cb/flop?client_id=u8VvGPtup7gt&iss=https%3A%2F%2F127.0.0.1%3A5000&code=Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0%3D&scope=openid+profile+email+address+phone&session_state=e9f76df21f0372b0435af5f6d6ee165ee26d8cb90424518685e060744f4c7382.KmCqoYVgxU9i74lf&state=9LkxRcN1L3k5veYx5x9NSoloVKOiydMK', 'http_headers': [('Pragma', 'no-cache'), ('Cache-Control', 'no-store')], 'cookie': [<SimpleCookie: oidcop='1567085287|eyJzaWQiOiAiMjc4YjVlMjI4ZmYyYTFiMGFlNzczMmJkZmE1MGE5MzBhNDJlMDI2NTRjN2I5YWY0MWZjN2FkYjgiLCAiY2xpZW50X2lkIjogInU4VnZHUHR1cDdndCIsICJzdWIiOiAidXBwZXIiLCAic3RhdGUiOiAiOUxreFJjTjFMM2s1dmVZeDV4OU5Tb2xvVktPaXlkTUsifQ::1567085287::sso|QeuGg07jyCgx1oeExYfieihOS+SXZzFXLM6ONLS+zvQ='>, <SimpleCookie: sman='1567085287|"{\\"authn_time\\": 1567085274}"::1567085287::session|w3pbACLIsyU7WoOvxI07kjvg/D1uNNZAEfMuu8U65/I='>]}
2019-08-29 15:28:07,211 oidcop.configure DEBUG response_placement: url
2019-08-29 15:28:07,211 oidcop.configure INFO Redirect to: https://127.0.0.1:8090/authz_cb/flop?client_id=u8VvGPtup7gt&iss=https%3A%2F%2F127.0.0.1%3A5000&code=Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0%3D&scope=openid+profile+email+address+phone&session_state=e9f76df21f0372b0435af5f6d6ee165ee26d8cb90424518685e060744f4c7382.KmCqoYVgxU9i74lf&state=9LkxRcN1L3k5veYx5x9NSoloVKOiydMK
2019-08-29 15:28:07,212 werkzeug INFO 127.0.0.1 - - [29/Aug/2019 15:28:07] "POST /verify/user_pass_jinja HTTP/1.1" 302 -
2019-08-29 15:28:07,228 oidcop.configure INFO At the "token_endpoint" endpoint
2019-08-29 15:28:07,229 oidcendpoint.endpoint DEBUG - token_endpoint -
2019-08-29 15:28:07,229 oidcendpoint.endpoint INFO Request: {'code': 'Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0=', 'grant_type': 'authorization_code', 'client_id': 'u8VvGPtup7gt', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK'}
2019-08-29 15:28:07,229 oidcendpoint.endpoint INFO Parsed and verified request: {'code': 'Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0=', 'grant_type': 'authorization_code', 'client_id': 'u8VvGPtup7gt', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK'}
2019-08-29 15:28:07,230 oidcendpoint.oidc.token DEBUG AccessTokenRequest: {'code': 'Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0=', 'grant_type': 'authorization_code', 'client_id': 'u8VvGPtup7gt', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK'}
2019-08-29 15:28:07,230 oidcop.configure INFO request: {'code': 'Z0FBQUFBQmRaOUxuOC1BUUFjazFDMU1wLTd3S0k3QlNBV2Zya0RIMEV2djE3M0RzUHhKTUdiV2lqT3dCZDRsOTNGNzVFdkE5VmRYblloRk9idUxHNUtLOHlSYWZ6MC1uWEtUb0VUajB5ZUphWW9QY3N3bFZyYzRGWmpDdjNsNmNGQzdtMklHOGtXNF82VTQ0enR5NGZPVE1sUS1mZWtfM3F2YU9BR1ZzdUh6cGR5Z0xJS2NDWERJTUQ3TmdFNEdtNmRoUlJfT2RjVlNNTHpmUDdXZnBPbUVyaE55TWxuRHZVZWgxNU9kTEI4QWVhWkhPOHZjSFBuUT0=', 'grant_type': 'authorization_code', 'client_id': 'u8VvGPtup7gt', 'redirect_uri': 'https://127.0.0.1:8090/authz_cb/flop', 'state': '9LkxRcN1L3k5veYx5x9NSoloVKOiydMK'}
2019-08-29 15:28:07,231 oidcendpoint.oidc.token DEBUG All checks OK
2019-08-29 15:28:07,231 root DEBUG JWT header: {'alg': 'ES256', 'kid': 'dXZlcDVOd1lSU2ZCUkNBc292aHhOcGFpd1NkNVJkQndYR3lOWlp5c1VhQQ'}
2019-08-29 15:28:07,233 root DEBUG JWT header: {'alg': 'RS256', 'kid': 'R2lYNl9Zdk5LMV9SWmVnUXd6U1ZncTczamR0b0tZNnQ1cEpwZEMxNTFKaw'}
2019-08-29 15:28:07,239 oidcop.configure INFO Response args: {'http_headers': [('Content-type', 'application/json')], 'response_args': {'access_token': 'eyJhbGciOiJFUzI1NiIsImtpZCI6ImRYWmxjRFZPZDFsU1UyWkNVa05CYzI5MmFIaE9jR0ZwZDFOa05WSmtRbmRZUjNsT1dscDVjMVZoUVEifQ.eyJzaWQiOiAiMjc4YjVlMjI4ZmYyYTFiMGFlNzczMmJkZmE1MGE5MzBhNDJlMDI2NTRjN2I5YWY0MWZjN2FkYjgiLCAiaWF0IjogMTU2NzA4NTI4NywgImV4cCI6IDE1NjcwODg4ODcsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJraWQiOiAiZFhabGNEVk9kMWxTVTJaQ1VrTkJjMjkyYUhoT2NHRnBkMU5rTlZKa1FuZFlSM2xPV2xwNWMxVmhRUSIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSIsICJmYW1pbHlfbmFtZSI6ICJDcnVzdCIsICJnaXZlbl9uYW1lIjogIlVwcGVyIiwgInR0eXBlIjogIlQiLCAibmFtZSI6ICJVcHBlciBDcnVzdCIsICJhdWQiOiBbInU4VnZHUHR1cDdndCIsICJodHRwczovL2V4YW1wbGUub3JnL2FwcGwiXSwgImlzcyI6ICJodHRwczovLzEyNy4wLjAuMTo1MDAwIn0.aETnD4yhOfdKsm8uh1pXdJktVXLMNUqAU49J0q8_F41fMWrk2cKFMugJfuwdApYBOZMXy1VuP7drBqkGRkFRxQ', 'token_type': 'Bearer', 'expires_in': 3600, 'id_token': 'eyJhbGciOiJSUzI1NiIsImtpZCI6IlIybFlObDlaZGs1TE1WOVNXbVZuVVhkNlUxWm5jVGN6YW1SMGIwdFpOblExY0Vwd1pFTXhOVEZLYXcifQ.eyJhdXRoX3RpbWUiOiAxNTY3MDg1Mjc0LCAiaWF0IjogMTU2NzA4NTI4NywgIm5vbmNlIjogIkZkamxaQmJlNHhPYnVxZnZsVjVGcEVhayIsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJraWQiOiAiUjJsWU5sOVpkazVMTVY5U1dtVm5VWGQ2VTFabmNUY3phbVIwYjB0Wk5uUTFjRXB3WkVNeE5URkthdyIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJleHAiOiAxNTY3MDg1NTg3LCAiYXVkIjogWyJ1OFZ2R1B0dXA3Z3QiXSwgImFjciI6ICJvaWRjZW5kcG9pbnQudXNlcl9hdXRobi5hdXRobl9jb250ZXh0LklOVEVSTkVUUFJPVE9DT0xQQVNTV09SRCIsICJpc3MiOiAiaHR0cHM6Ly8xMjcuMC4wLjE6NTAwMCIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSJ9.nGHeMvkB6VUOdu0_Vz2tPvDdxRwECOCbq1ZyWTKpiSNlg9fwUobqhPVbkpf3TDKwpRgvdONRRrM_czQ4HCVSv-mWDCu1SNVYbBfFRjVMtrJ0EhCrECc-JD0tF0INBL-Z_1vTAlRL6T7zrJ1MkJOnYhREkszdGyc200kSJe_zLfhmKOdKSnSH0ncJ9t4lUq8InQlynv08gOzHdMZVSx9V4rqqltuKDuElPC8I0yhe9yxDwM9DG6-hNW9ChAmkvYH5XXFZcINtI5XjdMDcW3XrFR9P2rtA_nRkO_TroG_vAzEBBCplymKLKafA7-3xPkd8tmeSA-AgX5jSZ7LtjR7KpQ'}, 'cookie': <SimpleCookie: oidc_op='1567085287|eyJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSJ9::1567085287::sso|2fW+R0f6xZfYB9ekTiLJz7WSDrnd8TUdDrSCJRKaznQ='>}
2019-08-29 15:28:07,239 oidcop.configure DEBUG do_response: {'response': '{"token_type": "Bearer", "access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImRYWmxjRFZPZDFsU1UyWkNVa05CYzI5MmFIaE9jR0ZwZDFOa05WSmtRbmRZUjNsT1dscDVjMVZoUVEifQ.eyJzaWQiOiAiMjc4YjVlMjI4ZmYyYTFiMGFlNzczMmJkZmE1MGE5MzBhNDJlMDI2NTRjN2I5YWY0MWZjN2FkYjgiLCAiaWF0IjogMTU2NzA4NTI4NywgImV4cCI6IDE1NjcwODg4ODcsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJraWQiOiAiZFhabGNEVk9kMWxTVTJaQ1VrTkJjMjkyYUhoT2NHRnBkMU5rTlZKa1FuZFlSM2xPV2xwNWMxVmhRUSIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSIsICJmYW1pbHlfbmFtZSI6ICJDcnVzdCIsICJnaXZlbl9uYW1lIjogIlVwcGVyIiwgInR0eXBlIjogIlQiLCAibmFtZSI6ICJVcHBlciBDcnVzdCIsICJhdWQiOiBbInU4VnZHUHR1cDdndCIsICJodHRwczovL2V4YW1wbGUub3JnL2FwcGwiXSwgImlzcyI6ICJodHRwczovLzEyNy4wLjAuMTo1MDAwIn0.aETnD4yhOfdKsm8uh1pXdJktVXLMNUqAU49J0q8_F41fMWrk2cKFMugJfuwdApYBOZMXy1VuP7drBqkGRkFRxQ", "expires_in": 3600, "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlIybFlObDlaZGs1TE1WOVNXbVZuVVhkNlUxWm5jVGN6YW1SMGIwdFpOblExY0Vwd1pFTXhOVEZLYXcifQ.eyJhdXRoX3RpbWUiOiAxNTY3MDg1Mjc0LCAiaWF0IjogMTU2NzA4NTI4NywgIm5vbmNlIjogIkZkamxaQmJlNHhPYnVxZnZsVjVGcEVhayIsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJraWQiOiAiUjJsWU5sOVpkazVMTVY5U1dtVm5VWGQ2VTFabmNUY3phbVIwYjB0Wk5uUTFjRXB3WkVNeE5URkthdyIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJleHAiOiAxNTY3MDg1NTg3LCAiYXVkIjogWyJ1OFZ2R1B0dXA3Z3QiXSwgImFjciI6ICJvaWRjZW5kcG9pbnQudXNlcl9hdXRobi5hdXRobl9jb250ZXh0LklOVEVSTkVUUFJPVE9DT0xQQVNTV09SRCIsICJpc3MiOiAiaHR0cHM6Ly8xMjcuMC4wLjE6NTAwMCIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSJ9.nGHeMvkB6VUOdu0_Vz2tPvDdxRwECOCbq1ZyWTKpiSNlg9fwUobqhPVbkpf3TDKwpRgvdONRRrM_czQ4HCVSv-mWDCu1SNVYbBfFRjVMtrJ0EhCrECc-JD0tF0INBL-Z_1vTAlRL6T7zrJ1MkJOnYhREkszdGyc200kSJe_zLfhmKOdKSnSH0ncJ9t4lUq8InQlynv08gOzHdMZVSx9V4rqqltuKDuElPC8I0yhe9yxDwM9DG6-hNW9ChAmkvYH5XXFZcINtI5XjdMDcW3XrFR9P2rtA_nRkO_TroG_vAzEBBCplymKLKafA7-3xPkd8tmeSA-AgX5jSZ7LtjR7KpQ"}', 'http_headers': [('Content-type', 'application/json'), ('Pragma', 'no-cache'), ('Cache-Control', 'no-store')], 'cookie': <SimpleCookie: oidc_op='1567085287|eyJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSJ9::1567085287::sso|2fW+R0f6xZfYB9ekTiLJz7WSDrnd8TUdDrSCJRKaznQ='>}
2019-08-29 15:28:07,240 oidcop.configure DEBUG response_placement: body
2019-08-29 15:28:07,240 oidcop.configure INFO Response: {"token_type": "Bearer", "access_token": "eyJhbGciOiJFUzI1NiIsImtpZCI6ImRYWmxjRFZPZDFsU1UyWkNVa05CYzI5MmFIaE9jR0ZwZDFOa05WSmtRbmRZUjNsT1dscDVjMVZoUVEifQ.eyJzaWQiOiAiMjc4YjVlMjI4ZmYyYTFiMGFlNzczMmJkZmE1MGE5MzBhNDJlMDI2NTRjN2I5YWY0MWZjN2FkYjgiLCAiaWF0IjogMTU2NzA4NTI4NywgImV4cCI6IDE1NjcwODg4ODcsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJraWQiOiAiZFhabGNEVk9kMWxTVTJaQ1VrTkJjMjkyYUhoT2NHRnBkMU5rTlZKa1FuZFlSM2xPV2xwNWMxVmhRUSIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSIsICJmYW1pbHlfbmFtZSI6ICJDcnVzdCIsICJnaXZlbl9uYW1lIjogIlVwcGVyIiwgInR0eXBlIjogIlQiLCAibmFtZSI6ICJVcHBlciBDcnVzdCIsICJhdWQiOiBbInU4VnZHUHR1cDdndCIsICJodHRwczovL2V4YW1wbGUub3JnL2FwcGwiXSwgImlzcyI6ICJodHRwczovLzEyNy4wLjAuMTo1MDAwIn0.aETnD4yhOfdKsm8uh1pXdJktVXLMNUqAU49J0q8_F41fMWrk2cKFMugJfuwdApYBOZMXy1VuP7drBqkGRkFRxQ", "expires_in": 3600, "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IlIybFlObDlaZGs1TE1WOVNXbVZuVVhkNlUxWm5jVGN6YW1SMGIwdFpOblExY0Vwd1pFTXhOVEZLYXcifQ.eyJhdXRoX3RpbWUiOiAxNTY3MDg1Mjc0LCAiaWF0IjogMTU2NzA4NTI4NywgIm5vbmNlIjogIkZkamxaQmJlNHhPYnVxZnZsVjVGcEVhayIsICJzdWIiOiAiYWVlNjEwNTU4MjkyMDIzNzU4YTQyMjlkZGNmNzVmMTY3Yzk5MDQzMTNhODNjZjc5NTIzMmVkN2Y3ZTIxMzFjOSIsICJraWQiOiAiUjJsWU5sOVpkazVMTVY5U1dtVm5VWGQ2VTFabmNUY3phbVIwYjB0Wk5uUTFjRXB3WkVNeE5URkthdyIsICJlbWFpbF92ZXJpZmllZCI6IHRydWUsICJleHAiOiAxNTY3MDg1NTg3LCAiYXVkIjogWyJ1OFZ2R1B0dXA3Z3QiXSwgImFjciI6ICJvaWRjZW5kcG9pbnQudXNlcl9hdXRobi5hdXRobl9jb250ZXh0LklOVEVSTkVUUFJPVE9DT0xQQVNTV09SRCIsICJpc3MiOiAiaHR0cHM6Ly8xMjcuMC4wLjE6NTAwMCIsICJlbWFpbCI6ICJ1Y0BleGFtcGxlLmNvbSJ9.nGHeMvkB6VUOdu0_Vz2tPvDdxRwECOCbq1ZyWTKpiSNlg9fwUobqhPVbkpf3TDKwpRgvdONRRrM_czQ4HCVSv-mWDCu1SNVYbBfFRjVMtrJ0EhCrECc-JD0tF0INBL-Z_1vTAlRL6T7zrJ1MkJOnYhREkszdGyc200kSJe_zLfhmKOdKSnSH0ncJ9t4lUq8InQlynv08gOzHdMZVSx9V4rqqltuKDuElPC8I0yhe9yxDwM9DG6-hNW9ChAmkvYH5XXFZcINtI5XjdMDcW3XrFR9P2rtA_nRkO_TroG_vAzEBBCplymKLKafA7-3xPkd8tmeSA-AgX5jSZ7LtjR7KpQ"}

Is there the possiblity that some jwks files mess something?

peppelinux commented 5 years ago

Fixed with automatic keyjar init. I'll look into cryptojwt.key_jar.init_key_jar to document a good way to create jwk manually.

Thank you for your suggestions in other threads