Issue with Claper and Shibboleth OpenID Connect #208
Description
I configured OCID in the .env file and created a client for these app in Shibboleth. But I only got errors. Maybe you can give me a hint?
2026-02-02 15:44:22,653 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeOutboundResponseMessageContext:68] - Profile Action InitializeOutboundResponseMessageContext: Initialized outbound message context
2026-02-02 15:44:22,653 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeUnverifiedRelyingPartyContext:77] - Profile Action InitializeUnverifiedRelyingPartyContext: new RelyingPartyContext successfully created and attached
2026-02-02 15:44:22,653 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.SelectRelyingPartyConfiguration:178] - Profile Action SelectRelyingPartyConfiguration: Found relying party configuration shibboleth.UnverifiedRelyingParty for request
2026-02-02 15:44:22,654 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No inbound interceptor flows active for this request
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:101] - Starting to resolve value for id_token_signing_alg_values_supported
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:110] - The field id_token_signing_alg_values_supported updated to the result
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:101] - Starting to resolve value for userinfo_signing_alg_values_supported
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:110] - The field userinfo_signing_alg_values_supported updated to the result
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:101] - Starting to resolve value for id_token_encryption_enc_values_supported
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:110] - The field id_token_encryption_enc_values_supported updated to the result
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:101] - Starting to resolve value for userinfo_encryption_enc_values_supported
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:110] - The field userinfo_encryption_enc_values_supported updated to the result
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:101] - Starting to resolve value for id_token_encryption_alg_values_supported
2026-02-02 15:44:22,655 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:110] - The field id_token_encryption_alg_values_supported updated to the result
2026-02-02 15:44:22,656 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:101] - Starting to resolve value for userinfo_encryption_alg_values_supported
2026-02-02 15:44:22,656 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.metadata.impl.DynamicFilesystemProviderMetadataResolver:110] - The field userinfo_encryption_alg_values_supported updated to the result
2026-02-02 15:44:22,656 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No outbound interceptor flows active for this request
2026-02-02 15:44:22,657 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No outbound interceptor flows active for this request
2026-02-02 15:44:22,657 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:180] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler of type 'org.opensaml.messaging.handler.impl.FunctionMessageHandler' on OUTBOUND message context
2026-02-02 15:44:22,658 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:197] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler on message context containing a message of type 'net.shibboleth.idp.plugin.oidc.op.messaging.impl.OpenIDConfigurationSuccessResponse'
2026-02-02 15:44:22,661 - 192.168.1.1 - INFO [Shibboleth-Audit.OIDC.Configuration:333] - 192.168.1.1||2026-02-02T14:44:22.661842491Z|||||||||||||OpenIDConfigurationSuccessResponse|||||null
2026-02-02 15:44:22,662 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:86] - Profile Action RecordResponseComplete: Record response complete
2026-02-02 15:44:22,663 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeOutboundResponseMessageContext:68] - Profile Action InitializeOutboundResponseMessageContext: Initialized outbound message context
2026-02-02 15:44:22,663 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeUnverifiedRelyingPartyContext:77] - Profile Action InitializeUnverifiedRelyingPartyContext: new RelyingPartyContext successfully created and attached
2026-02-02 15:44:22,663 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.SelectRelyingPartyConfiguration:178] - Profile Action SelectRelyingPartyConfiguration: Found relying party configuration shibboleth.UnverifiedRelyingParty for request
2026-02-02 15:44:22,663 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No inbound interceptor flows active for this request
2026-02-02 15:44:22,664 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No outbound interceptor flows active for this request
2026-02-02 15:44:22,665 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No outbound interceptor flows active for this request
2026-02-02 15:44:22,665 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:180] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler of type 'org.opensaml.messaging.handler.impl.FunctionMessageHandler' on OUTBOUND message context
2026-02-02 15:44:22,665 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:197] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler on message context containing a message of type 'net.shibboleth.oidc.profile.messaging.JSONSuccessResponse'
2026-02-02 15:44:22,666 - 192.168.1.1 - INFO [Shibboleth-Audit.OIDC.Keyset:333] - 192.168.1.1||2026-02-02T14:44:22.666715735Z|||||||||||||JSONSuccessResponse|||||null
2026-02-02 15:44:22,666 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:86] - Profile Action RecordResponseComplete: Record response complete
2026-02-02 15:45:11,565 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeOutboundResponseMessageContext:68] - Profile Action InitializeOutboundResponseMessageContext: Initialized outbound message context
2026-02-02 15:45:11,600 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:175] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler of type 'net.shibboleth.idp.plugin.oidc.op.profile.impl.OIDCMetadataLookupHandler' on INBOUND message context
2026-02-02 15:45:11,601 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:197] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler on message context containing a message of type 'com.nimbusds.oauth2.sdk.PushedAuthorizationRequest'
2026-02-02 15:45:11,601 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.OIDCMetadataLookupHandler:118] - Message Handler: net.shibboleth.oidc.metadata.context.OIDCMetadataContext added to MessageContext as child of org.opensaml.messaging.context.MessageContext
2026-02-02 15:45:11,602 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeRelyingPartyContext:160] - Attaching RelyingPartyContext for https://presentation.domain.tld
2026-02-02 15:45:11,602 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeRelyingPartyContext:169] - Profile Action InitializeRelyingPartyContext: Setting the rp context verified
2026-02-02 15:45:11,603 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.SelectRelyingPartyConfiguration:178] - Profile Action SelectRelyingPartyConfiguration: Found relying party configuration shibboleth.DefaultRelyingParty for request
2026-02-02 15:45:11,604 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No inbound interceptor flows active for this request
2026-02-02 15:45:11,605 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:175] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler of type 'org.opensaml.messaging.handler.impl.FunctionMessageHandler' on INBOUND message context
2026-02-02 15:45:11,606 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:197] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler on message context containing a message of type 'com.nimbusds.oauth2.sdk.PushedAuthorizationRequest'
2026-02-02 15:45:11,606 - 192.168.1.1 - DEBUG [net.shibboleth.idp.saml.profile.impl.InitializeAuthenticationContext:226] - Profile Action InitializeAuthenticationContext: Created authentication context: AuthenticationContext{initiationInstant=2026-02-02T14:45:11.606370155Z, isPassive=false, forceAuthn=false, requiredName=null, hintedName=null, maxAge=null, potentialFlows=[], activeResults=[], attemptedFlow=null, signaledFlowId=null, authenticationStateMap={}, resultCacheable=true, authenticationResult=null, completionInstant=null}
2026-02-02 15:45:11,611 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.InitializeDPoPProofContext:120] - Profile Action InitializeDPoPProofContext: No optional DPoP Proof header values exists, nothing to do
2026-02-02 15:45:11,617 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.ValidateDPoPProof:107] - Profile Action ValidateDPoPProof: No DPoP Proof found from the response context, nothing to do
2026-02-02 15:45:11,619 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.PopulateAuthenticationContext:203] - Profile Action PopulateAuthenticationContext: Installed 1 potential authentication flows into AuthenticationContext
2026-02-02 15:45:11,620 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.InitializeRequestedPrincipalContext:142] - Profile Action InitializeRequestedPrincipalContext: Profile configuration did not supply any default authentication methods
2026-02-02 15:45:11,620 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByForcedAuthn:54] - Profile Action FilterFlowsByForcedAuthn: Request does not have forced authentication requirement, nothing to do
2026-02-02 15:45:11,620 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:73] - Profile Action FilterFlowsByNonBrowserSupport: Retaining flow authn/OAuth2Client, it supports non-browser authentication
2026-02-02 15:45:11,620 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.FilterFlowsByNonBrowserSupport:85] - Profile Action FilterFlowsByNonBrowserSupport: Potential authentication flows left after filtering: [authn/OAuth2Client]
2026-02-02 15:45:11,621 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:270] - Profile Action SelectAuthenticationFlow: No specific Principals requested
2026-02-02 15:45:11,621 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:309] - Profile Action SelectAuthenticationFlow: No usable active results available, selecting an inactive flow
2026-02-02 15:45:11,621 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.SelectAuthenticationFlow:368] - Profile Action SelectAuthenticationFlow: Selecting inactive authentication flow authn/OAuth2Client
2026-02-02 15:45:11,684 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.authn.impl.OIDCClientInfoCredentialValidator:154] - Credential Validator oauth2-clientinfo: Attempting to authenticate effective client ID 'https://presentation.domain.tld'
2026-02-02 15:45:11,684 - 192.168.1.1 - INFO [net.shibboleth.idp.plugin.oidc.op.authn.impl.OIDCClientInfoCredentialValidator:163] - Credential Validator oauth2-clientinfo: Login by 'https://presentation.domain.tld' succeeded
2026-02-02 15:45:11,684 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.AbstractValidationAction:396] - Profile Action ValidateCredentials: Adding custom Principal(s) defined on underlying flow descriptor
2026-02-02 15:45:11,685 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.PopulateSubjectCanonicalizationContext:67] - Profile Action PopulateSubjectCanonicalizationContext: Installing 2 canonicalization flows into SubjectCanonicalizationContext
2026-02-02 15:45:11,686 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.SelectSubjectCanonicalizationFlow:97] - Profile Action SelectSubjectCanonicalizationFlow: Checking canonicalization flow c14n/x500 for applicability...
2026-02-02 15:45:11,686 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.SelectSubjectCanonicalizationFlow:104] - Profile Action SelectSubjectCanonicalizationFlow: Canonicalization flow c14n/x500 was not applicable: Neither a single X509Certificate nor X500Principal were found
2026-02-02 15:45:11,686 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.SelectSubjectCanonicalizationFlow:97] - Profile Action SelectSubjectCanonicalizationFlow: Checking canonicalization flow c14n/simple for applicability...
2026-02-02 15:45:11,686 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.SelectSubjectCanonicalizationFlow:80] - Profile Action SelectSubjectCanonicalizationFlow: Selecting canonicalization flow c14n/simple
2026-02-02 15:45:11,687 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:225] - Profile Action SimpleSubjectCanonicalization: trimming whitespace of input string 'https://presentation.domain.tld'
2026-02-02 15:45:11,687 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.AbstractSubjectCanonicalizationAction:230] - Profile Action SimpleSubjectCanonicalization: converting input string 'https://presentation.domain.tld' to lowercase
2026-02-02 15:45:11,687 - 192.168.1.1 - DEBUG [net.shibboleth.idp.session.impl.DetectIdentitySwitch:142] - Profile Action DetectIdentitySwitch: No previous session found, nothing to do
2026-02-02 15:45:11,688 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:114] - Profile Action FinalizeAuthentication: Canonical principal name was established as 'https://presentation.domain.tld'
2026-02-02 15:45:11,688 - 192.168.1.1 - DEBUG [net.shibboleth.idp.authn.impl.FinalizeAuthentication:175] - Profile Action FinalizeAuthentication: Request did not have explicit authentication requirements, result is accepted
2026-02-02 15:45:11,688 - 192.168.1.1 - INFO [net.shibboleth.idp.authn.impl.FinalizeAuthentication:201] - Profile Action FinalizeAuthentication: Principal https://presentation.domain.tld authenticated
2026-02-02 15:45:11,690 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.ValidateClientIDAgainstPolicy:124] - Profile Action ValidateClientIDAgainstPolicy: OIDC metadata context is populated: client ID has already been validated against metadata
2026-02-02 15:45:11,692 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeOutboundResponseMessageContext:68] - Profile Action InitializeOutboundResponseMessageContext: Initialized outbound message context
2026-02-02 15:45:11,693 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.SetRequestObjectToResponseContext:266] - Profile Action SetRequestObjectToResponseContext: Request object eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwczovL2lkcC5tcGktYnJlbWVuLmRlIiwiY2xpZW50X2lkIjoiaHR0cHM6Ly9wcmVzZW50YXRpb24ubXBpLWJyZW1lbi5kZSIsImNvZGVfY2hhbGxlbmdlIjoiQ25rSDR0UU95X25lTXozMHJnSVY3QXpQanFNR191dEVYWlJ5V2FSMVFXTSIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJleHAiOjE3NzAwNDM1NDEsImlhdCI6MTc3MDA0MzUxMSwiaXNzIjoiaHR0cHM6Ly9wcmVzZW50YXRpb24ubXBpLWJyZW1lbi5kZSIsImp0aSI6InJKcDlFN2ttZGFCSXd3cHZSak82bGRuTUYyMzBjTFNPQkp0Q3VTT3U3S1kiLCJuYmYiOjE3NzAwNDM1MTEsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vcHJlc2VudGF0aW9uLm1waS1icmVtZW4uZGUvdXNlcnMvb2lkYy9jYWxsYmFjayIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwic2NvcGUiOiJvcGVuaWQgZW1haWwgcHJvZmlsZSJ9.xUYihbfhJVsPuZp58Xe2K8_J0HBoVnVzCtgrCEJkVaU by value stored to oidc response context
2026-02-02 15:45:11,714 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:175] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler of type 'org.opensaml.messaging.handler.impl.BasicMessageHandlerChain' on INBOUND message context
2026-02-02 15:45:11,714 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:197] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler on message context containing a message of type 'com.nimbusds.oauth2.sdk.PushedAuthorizationRequest'
2026-02-02 15:45:11,735 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.ValidateRedirectURI:243] - Profile Action ValidateRedirectURI: Redirection URI validated https://presentation.domain.tld/users/oidc/callback
2026-02-02 15:45:11,739 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.ValidateResponseMode:95] - Profile Action ValidateResponseMode: No restrictions for the response mode
2026-02-02 15:45:11,743 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.ValidateCodeChallenge:170] - Profile Action ValidateCodeChallenge: S256 code challenge exists in the request
2026-02-02 15:45:11,746 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.StoreDPoPProofKeyThumbprint:122] - Profile Action StoreDPoPProofKeyThumbprint: No optional dpop_jkt in request, nothing to do
2026-02-02 15:45:11,752 - 192.168.1.1 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.FormOutbounPushedAuthorizationResponseMessage:211] - Profile Action FormOutbounPushedAuthorizationResponseMessage: No manipulation strategy configured
2026-02-02 15:45:11,755 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No outbound interceptor flows active for this request
2026-02-02 15:45:11,755 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No outbound interceptor flows active for this request
2026-02-02 15:45:11,756 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:180] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler of type 'org.opensaml.messaging.handler.impl.FunctionMessageHandler' on OUTBOUND message context
2026-02-02 15:45:11,757 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:197] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler on message context containing a message of type 'com.nimbusds.oauth2.sdk.PushedAuthorizationSuccessResponse'
2026-02-02 15:45:11,760 - 192.168.1.1 - INFO [Shibboleth-Audit.OAuth2.PAR:333] - 192.168.1.1|2026-02-02T14:45:11.565544382Z|2026-02-02T14:45:11.760039806Z|https://presentation.domain.tld|https://presentation.domain.tld|||2026-02-02T14:45:11.685173459Z||||false|||PushedAuthorizationRequest|PushedAuthorizationSuccessResponse|||||null
2026-02-02 15:45:11,760 - 192.168.1.1 - DEBUG [net.shibboleth.idp.profile.impl.RecordResponseComplete:86] - Profile Action RecordResponseComplete: Record response complete
2026-02-02 15:45:12,018 - 192.168.13.3 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:175] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler of type 'net.shibboleth.idp.plugin.oidc.op.profile.impl.OIDCMetadataLookupHandler' on INBOUND message context
2026-02-02 15:45:12,019 - 192.168.13.3 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:197] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler on message context containing a message of type 'com.nimbusds.oauth2.sdk.AuthorizationRequest'
2026-02-02 15:45:12,019 - 192.168.13.3 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.OIDCMetadataLookupHandler:118] - Message Handler: net.shibboleth.oidc.metadata.context.OIDCMetadataContext added to MessageContext as child of org.opensaml.messaging.context.MessageContext
2026-02-02 15:45:12,019 - 192.168.13.3 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeRelyingPartyContext:160] - Attaching RelyingPartyContext for https://presentation.domain.tld
2026-02-02 15:45:12,019 - 192.168.13.3 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.InitializeRelyingPartyContext:169] - Profile Action InitializeRelyingPartyContext: Setting the rp context verified
2026-02-02 15:45:12,020 - 192.168.13.3 - DEBUG [net.shibboleth.idp.profile.impl.SelectRelyingPartyConfiguration:178] - Profile Action SelectRelyingPartyConfiguration: Found relying party configuration shibboleth.DefaultRelyingParty for request
2026-02-02 15:45:12,021 - 192.168.13.3 - DEBUG [net.shibboleth.idp.profile.interceptor.impl.PopulateProfileInterceptorContext:138] - Profile Action PopulateProfileInterceptorContext: No inbound interceptor flows active for this request
2026-02-02 15:45:12,023 - 192.168.13.3 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:175] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler of type 'org.opensaml.messaging.handler.impl.FunctionMessageHandler' on INBOUND message context
2026-02-02 15:45:12,023 - 192.168.13.3 - DEBUG [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:197] - Profile Action WebFlowMessageHandlerAdaptor: Invoking message handler on message context containing a message of type 'com.nimbusds.oauth2.sdk.AuthorizationRequest'
2026-02-02 15:45:12,024 - 192.168.13.3 - DEBUG [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.ValidateClientIDAgainstPolicy:124] - Profile Action ValidateClientIDAgainstPolicy: OIDC metadata context is populated: client ID has already been validated against metadata
2026-02-02 15:45:12,024 - 192.168.13.3 - WARN [net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl.ValidateAuthorizationRequestType:69] - Profile Action ValidateAuthorizationRequestType: The request did not match with the configured authorization request type requirements
2026-02-02 15:45:12,028 - 192.168.13.3 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractBuildErrorResponseFromEvent:159] - Profile Action BuildAuthenticationErrorResponseFromEvent: No mapped event found for InvalidMessage, creating general invalid_request
2026-02-02 15:45:12,029 - 192.168.13.3 - DEBUG [net.shibboleth.idp.plugin.oidc.op.profile.impl.AbstractBuildErrorResponseFromEvent:168] - Profile Action BuildAuthenticationErrorResponseFromEvent: Error response not formed