diff --git a/CHANGELOG.md b/CHANGELOG.md
index 60d2665..20368aa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changed
 
+- Strengthened constructor tests guided by mutation testing: the `jwt`
+  collaborator is asserted to become the request factory, and `0` is
+  asserted to be an accepted boundary value for `cacheDuration` and
+  `leeway`
 - Strengthened cache assertions guided by mutation testing: the discovery
   document and JWKS key map are asserted to be written to the cache with
   the configured duration under the namespaced key, and a multi-key JWKS
diff --git a/tests/Security/OpenIdConfigurationProviderTest.php b/tests/Security/OpenIdConfigurationProviderTest.php
index 63e5d6a..fe7fbcd 100644
--- a/tests/Security/OpenIdConfigurationProviderTest.php
+++ b/tests/Security/OpenIdConfigurationProviderTest.php
@@ -20,6 +20,7 @@
 use ItkDev\OpenIdConnect\Security\OpenIdConfigurationProvider;
 use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
 use League\OAuth2\Client\Token\AccessToken;
+use League\OAuth2\Client\Tool\RequestFactory;
 use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration;
 use PHPUnit\Framework\TestCase;
 use Psr\Cache\CacheItemInterface;
@@ -124,6 +125,40 @@ public function testConstructLeeway(): void
         ], []);
     }
 
+    public function testConstructZeroCacheDurationAndLeewayAccepted(): void
+    {
+        $mockCacheItemPool = $this->createStub(CacheItemPoolInterface::class);
+
+        // Zero is a valid boundary value for both options: cache nothing,
+        // tolerate no clock skew. Only negative values are rejected.
+        $provider = new OpenIdConfigurationProvider([
+            'cacheItemPool' => $mockCacheItemPool,
+            'openIDConnectMetadataUrl' => 'https://some.url/openid-configuration',
+            'cacheDuration' => 0,
+            'leeway' => 0,
+        ], []);
+
+        $this->assertInstanceOf(OpenIdConfigurationProvider::class, $provider);
+    }
+
+    public function testConstructWiresJwtCollaboratorAsRequestFactory(): void
+    {
+        $mockCacheItemPool = $this->createStub(CacheItemPoolInterface::class);
+        $requestFactory = new RequestFactory();
+
+        $provider = new OpenIdConfigurationProvider([
+            'cacheItemPool' => $mockCacheItemPool,
+            'openIDConnectMetadataUrl' => 'https://some.url/openid-configuration',
+        ], [
+            'jwt' => $requestFactory,
+        ]);
+
+        // The 'jwt' collaborator must become the provider's request factory;
+        // without the explicit wiring the parent's default factory would be
+        // silently used instead.
+        $this->assertSame($requestFactory, $provider->getRequestFactory());
+    }
+
     public function testGenerateState(): void
     {
         $state = $this->provider->generateState(32);