Test detail

Test Name	fapi-rw-id2-ensure-request-object-without-redirect-uri-fails
Variant	client_auth_type=mtls, fapi_auth_request_method=by_value, fapi_profile=plain_fapi, fapi_response_mode=plain_response
Test ID	tpLn9FE2GwLAYhT https://www.certification.openid.net/log-detail.html?public=true&log=tpLn9FE2GwLAYhT
Created	2021-06-15T17:14:12.209848Z
Description	fapi-mtls-jar
Test Version	4.1.13
Test Owner	109339807647777393961 https://accounts.google.com
Plan ID	JYNtwjKhgrJrI https://www.certification.openid.net/plan-detail.html?public=true&plan=JYNtwjKhgrJrI
Exported From	https://www.certification.openid.net
Exported By	109339807647777393961 https://accounts.google.com
Suite Version	4.1.13
Exported	2021-06-15 19:20:40 (UTC)

2021-06-15 17:14:12

(7) More

INFO

TEST-RUNNER

Test instance tpLn9FE2GwLAYhT created

baseUrl	https://www.certification.openid.net/test/a/pi
variant	{ "client_auth_type": "mtls", "fapi_auth_request_method": "by_value", "fapi_profile": "plain_fapi", "fapi_response_mode": "plain_response" }
alias	pi
description	fapi-mtls-jar
planId	JYNtwjKhgrJrI
config	{ "alias": "pi", "description": "fapi-mtls-jar", "server": { "discoveryUrl": "https://par-what-is-it-good-for.ping-eng.com:9032/.well-known/openid-configuration" }, "client": { "client_id": "c__fapi-mtls-jar1", "scope": "openid other", "hint_type": "login_hint", "hint_value": "cheba-hut@ping-eng.com", "jwks": { "keys": [ { "kty": "RSA", "kid": "-WBaQw", "use": "sig", "alg": "PS256", "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw", "e": "AQAB", "d": "RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ", "p": "8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM", "q": "8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk", "dp": "pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs", "dq": "nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE", "qi": "3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A" } ] } }, "mtls": { "cert": "-----BEGIN CERTIFICATE-----\nMIICmzCCAkGgAwIBAgIBEDAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBB\ndXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2\nMTQxODUyNDlaFw0yMjA2MjQxODUyNDlaMDUxCzAJBgNVBAYTAlVTMQswCQYDVQQI\nDAJDTzEZMBcGA1UEAwwQcGFzc3dvcmQxIGlzIGZ1bjCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBANz7e9keCgR6wkiSGpEzNPz+AmclSkhBQdHgbNoO/hKK\nt57/NE0Ruyts1ESDpmS69R4BccKDZOFD2PsF+DywykI8W/OipgDP7HjpYuyWgNId\nMVHjFcUtILrc3mt0iABR9sfu8UwnqvSV6i7Mxauozv6C3zp7iPmBljiFzOkwudBx\niBm5mwZItMwPbpcdqa9EEPub74/zFgKxhEp/0toVuVg7GZVt76uCQrdlzRtvKOlt\nKi7voxXtCN0hp012tVgJbzvQPeSJrHVJN1jH0bqbEVVsljo6/z5Ur6/+M+tE6s43\nWIbTtgMH1foHmhwpiOaxGGPcRMvxjfVVJdSsL94Py9ECAwEAAaNyMHAwCQYDVR0T\nBAIwADAfBgNVHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8E\nBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4\nYW1wbGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIQCSPVITgusQsgLb5rVZPxIdBuAJ\n2cwPet4GcIXROebbLAIgb0Sq197/+QZkXNl9uUt8VwiA6UX5eZ2bgIbNQizr5BA\u003d\n-----END CERTIFICATE-----", "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA3Pt72R4KBHrCSJIakTM0/P4CZyVKSEFB0eBs2g7+Eoq3nv80\nTRG7K2zURIOmZLr1HgFxwoNk4UPY+wX4PLDKQjxb86KmAM/seOli7JaA0h0xUeMV\nxS0gutzea3SIAFH2x+7xTCeq9JXqLszFq6jO/oLfOnuI+YGWOIXM6TC50HGIGbmb\nBki0zA9ulx2pr0QQ+5vvj/MWArGESn/S2hW5WDsZlW3vq4JCt2XNG28o6W0qLu+j\nFe0I3SGnTXa1WAlvO9A95ImsdUk3WMfRupsRVWyWOjr/PlSvr/4z60TqzjdYhtO2\nAwfV+geaHCmI5rEYY9xEy/GN9VUl1Kwv3g/L0QIDAQABAoIBAQC/Yy9IQ7P5XTiX\nEbLgvrDNzFDYdHt5SMtwsiaUVRfHh0yw7+akOQ8Z9Q+Cp2KdKy7P5gBYruPYFaL/\nBZSRO6xw4UXiJKQRYAM2VSvQLCk10QK+ISbhtsv6CwC3oB2J6XMKhe+GPXTakFxa\nXA93NKTR2Rbs18EyFwG7wmZOMF0+IPnEDUY+qY9DP2aDkLQiqrH+RF1i0eJXLkhh\nL2UFNCDpW7f5iR6y2RUtpq4rHO9aDrGS7W+tzIZEfQpP+x6dEBg9SrHqE7zwaWIX\nuTlwypVRbZRuQqbFQzFAAJPIBWylSs/oypYhPJvhHAG9yCQR79exARbuWXdJyCYa\nGTxc+5ABAoGBAPV33BO7fZeISXdYKwDBKCKfVI9q4ssps/TYpCEKXQ8omrdYJrsD\ncv9rRCJedb250AW3hLJ/18JXjgnFq+o919fe60HE+b833NzzeMs26AFmvsuWvV1y\nXvSIwbMp6LhrzUmrsOdIrhbk8V2tIOpfySrWQUt6LS2jpeEXZSW5XKyhAoGBAOZ2\nrgjYDek2kss/tYnrsmg0RYTX9dI4tmi7P92YCsJfRQTMznBj1HxP8FNyxrZ1AgK5\nBNESgpW3dnd6RekfG04OecDkQSDtJiBxhoOQj//SYLHMDP+JmMFPD/YErulFQz8n\nOJsT5KNYhi9T9sAcFhrwrqzBp6E3KsbgR5+10iExAoGBAJssAvaCXnltUSvdk4mt\nkUaZvCXRZr8RhM4yKUctuvg7LdrbIdi07HxkfbTQS9P843DJu1vvjyAuov6wc+Xm\n5Ex1gfiYoVxs3vTaALFN60n/fntKtjiddUNWNESjKJd0plh87Z63hj24yo/yQs2G\nca/fs3UYLfkc616ooGtBi0EhAoGAIhQsmfww2mqKfGmYU6O5xvTrzsAMhqCCQKxn\nvkHMXX+u+g26/R2V/yfm9sADKFnXCUYIs03UZ4UwjGxVSCqkY/95+48FHnRS7fs7\nk9rdoEugpsnwphzXrMYfKxb4MmBemEkZcr0XUxw1A2ycET5V+nfarIsaWZmJxszF\napV9VBECgYBBrwBJdKtYQTh8+mJJtt5Cv+f6Ynw4QIG8HYssMq1CkFV3gcJFMgIh\nbdyI6yXnwhsk1EtgZYSvOkMym/mJNhyojvzsjUg7bkTivVFeMUy5n89i6T/KqqGH\n8zabTXrA/W3fAj6r58+93+20ZRqVFrhFVxHq9/2rq58b83CRxsHB1w\u003d\u003d\n-----END RSA PRIVATE KEY-----", "ca": "-----BEGIN CERTIFICATE-----\nMIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkG\nA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50\naWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEz\nMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxB\nIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54\nRC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtW\nCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAf\nBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/\nAgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxo\nmIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3R\nRX5gP7kuu2KGMg\u003d\u003d\n-----END CERTIFICATE-----" }, "resource": { "resourceUrl": "https://par-what-is-it-good-for.ping-eng.com:3000/get" }, "client2": { "client_id": "c__fapi-mtls-jar2", "scope": "openid", "jwks": { "keys": [ { "kty": "RSA", "kid": "8hTzUQ", "use": "sig", "alg": "PS256", "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ", "e": "AQAB", "d": "QqGVJfxJUPRDBdJV8bP2PKkf9bMKCkZgWLvy5Y29s2775i9QLT25IPX1bvnjUBpyecFzraPVLmXPesVQbUyyCU3fzKeEkvghMo2B83ywbCBULydgRsyQPjuMMMB86uALHwxaVjFCUZ2vQtac7c5NHFBMC0NXSXaZwwHqBtCBWbHp2Je531wEfeb8uzrfJpU1Of7bLGfjKaQTwnxs3v9iUng2uR143LTQd1bPL14vJjutnFGoDb4-CE80g_QLqtW7J1gDRRgxHzwnP9nmSjPpGpPK5u1zpQcpXGbi7QTUbqp13cSqq4pLpj2Dib90waoGZ6iicmcIC_zXy0VADcA_OQ", "p": "vosG_MYCvuS6CynUB_CKpqqggnbSDh_iikepagNOQOD-T4BQAYVsQRMyaVzzFJrx3bK3QhFMKbSb7MZOWG2ZpqDUqrML7SlMIxQt6feLWAlVAdSv_RXxWULQoS6dowUfQsfk0OV3x4qMFpmLV3gTAMmJ0-ZuoEDY-72Tj3T-PFc", "q": "rBS8NrHiX3dRtvI81gTvRFUCNzCbBJr54rDv4CXqi9uWwA3wi2xOJSV3bQYgZtoNWaCa-UxfTimG_JUdqMCXB0lMBf62OKB7V-rRA0qZyEMrJrgEcVPQ_nQc3ym_Av6hZdNs9ne1DJZSI_lj0NkeE985V_24vKRRME6j6-yYjCc", "dp": "K-Mr1dbp1Pwr2dxliPqfhOnyFHq3wScY7863t8JRKOJp0Pf19ZO8rnR0fQ46svlJUk4SpbYEO-rsqym16-o6pMWQlkytJ5AGiGHifWxV_Q4RNV2-t2VxdKTOFwH8rwrD-4a9LlxcLWq8_4uYK6ptfhXtmBAQVPr6v2kX7sf8svs", "dq": "EqfY09ErKpBkAoJ2h_lW-0CAEf2qALDQgHwQNWvG5syypjWcq3Ddc_eA4Af3AU-IfPwFcRuPhYjJAp8j7QScGwUeQdQgazkyxhBGAqZWz7hAeF0g1ixxDvUFoEgFVkzGsKRgPsQxk6DEXPQPlzfCpALiU6DFI2ZpCuSrrssiqqc", "qi": "m1eGh0la4w5XdSgLO5v1ToXnuVWHQf-7gHuNGHXdkVfMmIEMoJyiWswSawB71DSmYrr8x29n3IrgErysXLulbnLVr36y7gyfaNo8QGa7IuzDtYBBo6l7nenHqRJkagWgS7sZDaBYqM9_vkT61_kt3fjARBaqA0C_YBuVB5qb_DM" } ] } }, "mtls2": { "cert": "-----BEGIN CERTIFICATE-----\nMIICszCCAligAwIBAgIBETAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBB\ndXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2\nMTQxODU2NTlaFw0yMjA2MjQxODU2NTlaMEwxCzAJBgNVBAYTAkNBMQswCQYDVQQI\nDAJCQzEQMA4GA1UECgwHY29tcGFueTEeMBwGA1UEAwwVc28gYmFzaWMgdG8gYmUg\nY29tbW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgQ0drcANY/f\nodhD3TMdA/6eOymGLsj61q9plDAHGzTGVpOrlSlIdHVBVwrd6A0KOtDkLIgAPnLJ\ns6XlLpqE5ejv+FhdQz1wB99SirYSmc0BT5hGmomOukQkgNofGk2DA7aKzQeRwslu\n1NEEbJT9tTFwNMGlMkMMtEU6k71ddmWzxJdP04UsJBgTtKr98jmiQp585YkIYMJP\nruYt96Kw7XFnGetdbzDzqnscmeYhLTKWPs0xi5m3rq4+2AW9AgHoZJSLUmlshB75\nl+GIlDzVhC/2VsQ+e3Gr1nX/06yKV5efF6N1bVFvIPh8tTAChos6Ka36domMZRAA\n7AyRey7mJQIDAQABo3IwcDAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFGbdaMtrfyVs\nRgK6II9y3RlpIQPYMA4GA1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcD\nAjAdBgNVHREBAf8EEzARgQ9iZGNAZXhhbXBsZS5jb20wCgYIKoZIzj0EAwIDSQAw\nRgIhAPZd2ZQh32SKQJosVPloqCMTelYAopCcMJUyAtu1c6LkAiEAlgnUYDodv0JG\nAJ3lQYMTZm1UjLE34Vz0nrPCJa9k60E\u003d\n-----END CERTIFICATE-----", "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAmgQ0drcANY/fodhD3TMdA/6eOymGLsj61q9plDAHGzTGVpOr\nlSlIdHVBVwrd6A0KOtDkLIgAPnLJs6XlLpqE5ejv+FhdQz1wB99SirYSmc0BT5hG\nmomOukQkgNofGk2DA7aKzQeRwslu1NEEbJT9tTFwNMGlMkMMtEU6k71ddmWzxJdP\n04UsJBgTtKr98jmiQp585YkIYMJPruYt96Kw7XFnGetdbzDzqnscmeYhLTKWPs0x\ni5m3rq4+2AW9AgHoZJSLUmlshB75l+GIlDzVhC/2VsQ+e3Gr1nX/06yKV5efF6N1\nbVFvIPh8tTAChos6Ka36domMZRAA7AyRey7mJQIDAQABAoIBAEe7xaO1QEeyJvp+\ne70+3TjLEm+Du5d2zD3JnWcDp4uoXOheBwCGJdT39+LOkORPjoAuYtfK0DJFzGP7\n1G6MUXGzuHD21xlGODOydANfIfK4ZO/pgJjhkLR4oHfTH8FkcKz+DE/KQr1yjEha\nwbDBBBmsWRJ5TrPGPtiHlezRugI2Syo8hj8F6EUKWG2K8mKRXxDnQ3m+M2plqPmg\nvv8B/VV5BxxyrqBCMdLiCxx1f3EMHZpWtl9XqLRNzatsBTgdQjqb9K5HjzAMS09Y\n9b7Ng0YUcj7Bdp2OYszeUwTHaqhRpIC3TAI6ueGoWgIPR7tHyyPBl5wCKKt3f1v+\noZnf0YECgYEAy4PMiOK9JEEjwbL9X5a9sGWTJnTvJEhanEOZ5Er8YYCf5uDg5UDq\nq0pdaeH/syWqwnmopuoX1t2PCOPKS5piUTrZ8KiCsbbZVmtrJRG9SE4qVrgkhELk\nidoEDVU7If/KkSQOHKgD8EBDo+aV/CLO5YxfuywXG94e48FtJJj69nkCgYEAwbx7\n3qD4i9ZRkdkf6kMqE1Mci1Xquv6qTDMop75JjITz4cy8JOQ6hg9eXFiwBEzgb+mb\nKLjwniABGiqhwdETV8JzqEx4R4lPNCseSL2umeU1bQDaY+lnlxsy2Hf7QisUb7jp\nJFte5+C4o/u2SlXIsG/6HaEeXTlHPWjnTdCC8g0CgYAoAMYpefgXsj4nCtnG+kha\n7fxYqM+A4D//S0Jqn1qwh6nmpflO1s3J0Zo+/89VFWhVRbii5oy9DVvaMXxIFBaT\nRPAl39mguQJLfF3ZMX11QvgLh7KV1Ng7SIFXZZN0AWV91gp4E4aCqP8irmZ44xas\nBEWk8uuv7J9BwXmEohVicQKBgQCsIgDZBKLw9AJTmNvvc6+Nrfmdnz/I136N56KG\nr95/WJ2sERFVoeaRuFP5rt7tYzTCmoe+fdtkU0FHc3t3ToFmJyJF9XOk884Ipwro\nTIg2ul1mtSxVO0tMCeF6TdhTqR0mSt/y6q//TD4hjQMhNujyQvuymbX11G+Ek5F4\nJPxDfQKBgCuRsiZo/lAWpWcVWCN8ceVLDpd2APneyU70Aqq0gRRixi8LEWzs/7GD\nhKf0/Aw4IKyh6d0Ao80zcRNOtC9KpbNhzPID6M8ZXdeMWPrhgjSoex1loW79210o\n0qHzMEMtvif0Urt6gN5ZCGdpjl0Fxb0k+3XvWc1lqwAx1CFKDpoF\n-----END RSA PRIVATE KEY-----", "ca": "-----BEGIN CERTIFICATE-----\nMIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkG\nA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50\naWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEz\nMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxB\nIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54\nRC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtW\nCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAf\nBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/\nAgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxo\nmIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3R\nRX5gP7kuu2KGMg\u003d\u003d\n-----END CERTIFICATE-----" }, "automated_ciba_approval_url": "https://cheba-hut.ping-eng.com:9031/ext/fake/{action}/oob?v\u003d{auth_req_id}" }
testName	fapi-rw-id2-ensure-request-object-without-redirect-uri-fails

2021-06-15 17:14:12

(1) More

SUCCESS

CreateRedirectUri

Created redirect URI

redirect_uri

https://www.certification.openid.net/test/a/pi/callback

2021-06-15 17:14:12

(4) More

GetDynamicServerConfiguration

HTTP request

request_uri	https://par-what-is-it-good-for.ping-eng.com:9032/.well-known/openid-configuration
request_method	GET
request_headers	{ "accept": "text/plain, application/json, application/cbor, application/+json, /*", "content-length": "0" }
request_body

2021-06-15 17:14:12

(4) More

RESPONSE

GetDynamicServerConfiguration

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "date": "Tue, 15 Jun 2021 17:14:12 GMT", "x-frame-options": "SAMEORIGIN", "referrer-policy": "origin", "cache-control": "no-cache, no-store", "pragma": "no-cache", "expires": "Thu, 01 Jan 1970 00:00:00 GMT", "content-type": "application/json;charset\u003dutf-8", "set-cookie": "PF\u003dA58004qibUA2rwbbCAM6PD;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone", "content-length": "3666" }
response_body	{ "issuer": "https://par-what-is-it-good-for.ping-eng.com:9032", "authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2", "token_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/token.oauth2", "revocation_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/revoke_token.oauth2", "userinfo_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/idp/userinfo.openid", "introspection_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/introspect.oauth2", "jwks_uri": "https://par-what-is-it-good-for.ping-eng.com:9032/pf/JWKS", "registration_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/clients.oauth2", "ping_revoked_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/pf-ws/rest/sessionMgmt/revokedSris", "ping_session_management_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/pf-ws/rest/sessionMgmt/sessions", "ping_end_session_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/idp/startSLO.ping", "device_authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/device_authz.oauth2", "scopes_supported": [ "other", "openid" ], "claims_supported": [ "acr", "sub" ], "response_types_supported": [ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ], "response_modes_supported": [ "fragment", "query", "form_post" ], "grant_types_supported": [ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:pingidentity.com:oauth2:grant_type:validate_bearer", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer", "urn:ietf:params:oauth:grant-type:device_code", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:openid:params:grant-type:ciba" ], "subject_types_supported": [ "public", "pairwise" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ], "token_endpoint_auth_methods_supported": ["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"], "token_endpoint_auth_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ], "claim_types_supported": [ "normal" ], "claims_parameter_supported": false, "request_parameter_supported": true, "request_uri_parameter_supported": false, "request_object_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ], "id_token_encryption_alg_values_supported": [ "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "RSA-OAEP" ], "id_token_encryption_enc_values_supported": [ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ], "pushed_authorization_request_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/par.oauth2", "require_pushed_authorization_requests": false, "backchannel_authentication_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/bc-auth.ciba", "backchannel_token_delivery_modes_supported": [ "poll", "ping" ], "backchannel_authentication_request_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ], "backchannel_user_code_parameter_supported": false, "tls_client_certificate_bound_access_tokens": true, "code_challenge_methods_supported": [ "plain", "S256" ] }

2021-06-15 17:14:12

(1) More

GetDynamicServerConfiguration

Downloaded server configuration

server_config_string

{
  "issuer": "https://par-what-is-it-good-for.ping-eng.com:9032",
  "authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2",
  "token_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/token.oauth2",
  "revocation_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/revoke_token.oauth2",
  "userinfo_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/idp/userinfo.openid",
  "introspection_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/introspect.oauth2",
  "jwks_uri": "https://par-what-is-it-good-for.ping-eng.com:9032/pf/JWKS",
  "registration_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/clients.oauth2",
  "ping_revoked_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/pf-ws/rest/sessionMgmt/revokedSris",
  "ping_session_management_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/pf-ws/rest/sessionMgmt/sessions",
  "ping_end_session_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/idp/startSLO.ping",
  "device_authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/device_authz.oauth2",
  "scopes_supported": [ "other", "openid" ],
  "claims_supported": [ "acr", "sub" ],
  "response_types_supported": [ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ],
  "response_modes_supported": [ "fragment", "query", "form_post" ],
  "grant_types_supported": [ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:pingidentity.com:oauth2:grant_type:validate_bearer", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer", "urn:ietf:params:oauth:grant-type:device_code", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:openid:params:grant-type:ciba" ],
  "subject_types_supported": [ "public", "pairwise" ],
  "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "token_endpoint_auth_methods_supported": ["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],
  "token_endpoint_auth_signing_alg_values_supported":  [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "claim_types_supported": [ "normal" ],
  "claims_parameter_supported": false,
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "request_object_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "id_token_encryption_alg_values_supported": [ "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "RSA-OAEP" ],
  "id_token_encryption_enc_values_supported": [ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ],
  "pushed_authorization_request_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/par.oauth2",
  "require_pushed_authorization_requests": false,
  "backchannel_authentication_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/bc-auth.ciba",
  "backchannel_token_delivery_modes_supported": [ "poll", "ping" ],
  "backchannel_authentication_request_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "backchannel_user_code_parameter_supported": false,
  "tls_client_certificate_bound_access_tokens": true,
  "code_challenge_methods_supported": [ "plain", "S256" ]
}

2021-06-15 17:14:12

(36) More

SUCCESS

GetDynamicServerConfiguration

Successfully parsed server configuration

issuer	https://par-what-is-it-good-for.ping-eng.com:9032
authorization_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2
token_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/as/token.oauth2
revocation_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/as/revoke_token.oauth2
userinfo_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/idp/userinfo.openid
introspection_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/as/introspect.oauth2
jwks_uri	https://par-what-is-it-good-for.ping-eng.com:9032/pf/JWKS
registration_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/as/clients.oauth2
ping_revoked_sris_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/pf-ws/rest/sessionMgmt/revokedSris
ping_session_management_sris_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/pf-ws/rest/sessionMgmt/sessions
ping_end_session_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/idp/startSLO.ping
device_authorization_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/as/device_authz.oauth2
scopes_supported	[ "other", "openid" ]
claims_supported	[ "acr", "sub" ]
response_types_supported	[ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ]
response_modes_supported	[ "fragment", "query", "form_post" ]
grant_types_supported	[ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:pingidentity.com:oauth2:grant_type:validate_bearer", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer", "urn:ietf:params:oauth:grant-type:device_code", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:openid:params:grant-type:ciba" ]
subject_types_supported	[ "public", "pairwise" ]
id_token_signing_alg_values_supported	[ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ]
token_endpoint_auth_methods_supported	[ "client_secret_basic", "client_secret_post", "private_key_jwt", "tls_client_auth" ]
token_endpoint_auth_signing_alg_values_supported	[ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ]
claim_types_supported	[ "normal" ]
claims_parameter_supported	false
request_parameter_supported	true
request_uri_parameter_supported	false
request_object_signing_alg_values_supported	[ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ]
id_token_encryption_alg_values_supported	[ "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "RSA-OAEP" ]
id_token_encryption_enc_values_supported	[ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ]
pushed_authorization_request_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/as/par.oauth2
require_pushed_authorization_requests	false
backchannel_authentication_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/as/bc-auth.ciba
backchannel_token_delivery_modes_supported	[ "poll", "ping" ]
backchannel_authentication_request_signing_alg_values_supported	[ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ]
backchannel_user_code_parameter_supported	false
tls_client_certificate_bound_access_tokens	true
code_challenge_methods_supported	[ "plain", "S256" ]

2021-06-15 17:14:12

(1) More

INFO

RFC8705-5

AddMTLSEndpointAliasesToEnvironment

The mtls_endpoint_aliases is not present in the server configuration

server

{
  "issuer": "https://par-what-is-it-good-for.ping-eng.com:9032",
  "authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2",
  "token_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/token.oauth2",
  "revocation_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/revoke_token.oauth2",
  "userinfo_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/idp/userinfo.openid",
  "introspection_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/introspect.oauth2",
  "jwks_uri": "https://par-what-is-it-good-for.ping-eng.com:9032/pf/JWKS",
  "registration_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/clients.oauth2",
  "ping_revoked_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/pf-ws/rest/sessionMgmt/revokedSris",
  "ping_session_management_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/pf-ws/rest/sessionMgmt/sessions",
  "ping_end_session_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/idp/startSLO.ping",
  "device_authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/device_authz.oauth2",
  "scopes_supported": [
    "other",
    "openid"
  ],
  "claims_supported": [
    "acr",
    "sub"
  ],
  "response_types_supported": [
    "code",
    "token",
    "id_token",
    "code token",
    "code id_token",
    "token id_token",
    "code token id_token"
  ],
  "response_modes_supported": [
    "fragment",
    "query",
    "form_post"
  ],
  "grant_types_supported": [
    "implicit",
    "authorization_code",
    "refresh_token",
    "password",
    "client_credentials",
    "urn:pingidentity.com:oauth2:grant_type:validate_bearer",
    "urn:ietf:params:oauth:grant-type:jwt-bearer",
    "urn:ietf:params:oauth:grant-type:saml2-bearer",
    "urn:ietf:params:oauth:grant-type:device_code",
    "urn:ietf:params:oauth:grant-type:token-exchange",
    "urn:openid:params:grant-type:ciba"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512",
    "ES256",
    "ES384",
    "ES512",
    "PS256",
    "PS384",
    "PS512"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "private_key_jwt",
    "tls_client_auth"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "ES256",
    "ES384",
    "ES512",
    "PS256",
    "PS384",
    "PS512"
  ],
  "claim_types_supported": [
    "normal"
  ],
  "claims_parameter_supported": false,
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "request_object_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "ES256",
    "ES384",
    "ES512",
    "PS256",
    "PS384",
    "PS512"
  ],
  "id_token_encryption_alg_values_supported": [
    "dir",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "RSA-OAEP"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "pushed_authorization_request_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/par.oauth2",
  "require_pushed_authorization_requests": false,
  "backchannel_authentication_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/bc-auth.ciba",
  "backchannel_token_delivery_modes_supported": [
    "poll",
    "ping"
  ],
  "backchannel_authentication_request_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "ES256",
    "ES384",
    "ES512",
    "PS256",
    "PS384",
    "PS512"
  ],
  "backchannel_user_code_parameter_supported": false,
  "tls_client_certificate_bound_access_tokens": true,
  "code_challenge_methods_supported": [
    "plain",
    "S256"
  ]
}

2021-06-15 17:14:12

(1) More

SUCCESS

CheckServerConfiguration

Found required server configuration keys

required

[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]

2021-06-15 17:14:12

(4) More

SUCCESS

ExtractTLSTestValuesFromServerConfiguration

Extracted TLS information from authorization server configuration

registration_endpoint	{ "testHost": "par-what-is-it-good-for.ping-eng.com", "testPort": 9032 }
authorization_endpoint	{ "testHost": "par-what-is-it-good-for.ping-eng.com", "testPort": 9031 }
token_endpoint	{ "testHost": "par-what-is-it-good-for.ping-eng.com", "testPort": 9032 }
userinfo_endpoint	{ "testHost": "par-what-is-it-good-for.ping-eng.com", "testPort": 9032 }

2021-06-15 17:14:12

(1) More

FetchServerKeys

Fetching server key

jwks_uri

https://par-what-is-it-good-for.ping-eng.com:9032/pf/JWKS

2021-06-15 17:14:12

(4) More

FetchServerKeys

HTTP request

request_uri	https://par-what-is-it-good-for.ping-eng.com:9032/pf/JWKS
request_method	GET
request_headers	{ "accept": "text/plain, application/json, application/cbor, application/+json, /*", "content-length": "0" }
request_body

2021-06-15 17:14:13

(4) More

RESPONSE

FetchServerKeys

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "date": "Tue, 15 Jun 2021 17:14:13 GMT", "x-frame-options": "SAMEORIGIN", "referrer-policy": "origin", "cache-control": "no-cache, no-store", "pragma": "no-cache", "expires": "Thu, 01 Jan 1970 00:00:00 GMT", "content-type": "application/json;charset\u003dutf-8", "set-cookie": "PF\u003dWwHVKcciWotWwBg9xQkDHj;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone", "transfer-encoding": "chunked" }
response_body	{"keys":[{"kty":"EC","kid":"5QadRhn8CbPcH87TPn44jtdjEb0","use":"sig","x":"NqD3pkyW21AvgCu7ZqBJh4K8SOuWcIWEEKfN_pU52jY","y":"gjZTZuUYqizpY-gjoVBfDRUiD6k_mv679L0KaDxlSPI","crv":"P-256"},{"kty":"RSA","kid":"E7i-dwTdrPHhrxA87ERbRd3SMTw","use":"sig","n":"gyhVGIOSmrrL_jUQl1GZAmOMs_OJiY69_vLlMYPia_yafsBNYvpX9CF2iboE3NRVC-1m8bZuiINxIgNEqEvqUQDOLmw6ymNP7apGZV19OQndmfi746w7ONh1n48zFZEH4YvG4WOLLOqK4JuHHBu_TZaFve1DoRhEj4tZquJEM67Yl7GVlv89MnwUxOmi8L7Q9Er1ZaZoemwaiNwif1q_suyBSQbNgZ9GZIen9FTtR0p72KBrTuxULkhCoMw7OcKoTwd02iRxgaoxdbiS3g3XHQbPvBCzZ3U84frc7oK664JZ1KFWSGjvpaVwwtojGE3efpoi5-5QPPJOI9r7PvCALw","e":"AQAB"},{"kty":"EC","kid":"NJ-xeJ1prPqxexh2SKij5J2P4uo","use":"sig","x":"H92ITt53QuWhi_qcEFk562XnIiX8BrRoMqMe74SoNTe7EuXNPUo2ttWqVjtrCOLQ","y":"r-UM637j132U7n4V4d9XMnOdvoMtzFki-OcNPcDeB-_fijjyfI8dRniVX6WfOP5-","crv":"P-384"},{"kty":"EC","kid":"_jjw9ffzGB6Z4kAQAO_NV0B7sEU","use":"sig","x":"AbdbAgstypbQKRDhxw9nsfr9_ioGD0w8sWMwN3vD2LsXGW9RaQUh5RgBQ1g-V0I8ZhDPDhjaRneIS2xQ5-uLP70E","y":"AR274LRg7ReUXW1SMQI3SU4wmKBdMoGUbTJq1gg4wAEQiwlNLbOBuEmiJGMcwYZgt1WiO2nmjwGNboSLmk6xab12","crv":"P-521"},{"kty":"EC","kid":"SN6UlUJWv_KKF_mHImCtTOmUD2M","use":"sig","x":"gYJHBD55iX9_exq0hGbhRXRVVqtFlgOsVwkn_A_h1AQ","y":"y3wzQIoknL1wvd3XKpHaeDLp44yJ12wiIbQfBcKji60","crv":"P-256"},{"kty":"RSA","kid":"ZH2y4AetHTynvUgDK_YxYbB5yLQ","use":"sig","n":"mutK9ALOPwBn0Ma6EMzgNq45icxxZtsozOGgJhRv87q7_oaccs5E6LvyIAEYTe4tylKXkb5U36sXb3fB_ljVLUo8TzEvYk8p1AnzrDq17edRsBrK7rA55d1K8kvDXksT9aAAyHxsTvtnpEIPIMy-9zDBsu89nqzBvGBC4qfvonrUK7KAXmq7PsrQykuBD1dNg9DNZL3gWLVaZMEbnioe_f9miaXcUHbR37TEjaOjezBSakjRXqRDIB9bE5JWQvpNfyJDnN_P8EPZK8fq6yn_5kGzMPf-r86bjbz4oR-_HO2o4h5lrov0Hwjic20oeFV7jIx2f2qMuBdPz-x0J3lcjQ","e":"AQAB"},{"kty":"EC","kid":"dsh6NHxZgjoeBgIu0XsECIIbtL8","use":"sig","x":"37_BpW5YpwgG4z7GQWIaW8jViBJ0fRGnDsKpSkyoaiTEjymlR9sBI5tZ9oYFg4pV","y":"jQbA_nqKFiBVfbxratx7YCQgqXr8Ew3GkYw_6vROZikjRPfAl70TLkzaHl2HZk-F","crv":"P-384"},{"kty":"EC","kid":"qrrYthgG0KN3BK0QKR5GVxPIKhA","use":"sig","x":"AJ2bpXuFGeOxaEBP4jU2Yb4etTEfY07rqI1PYQForVj_-lZ7eMDBqIsUJuPvYUulV-mUSDkzwuSRl8-qaQs_MLFS","y":"AKZbW_cNCVuHC-lqWMckKOo7NG1Jtfoph8aUzvyjpAY6KDr1yVxDEPdnhgdeXq17atWu79GHG5LX_f9kqiOF7kKj","crv":"P-521"},{"kty":"EC","kid":"5MwmNtztM_lf-V-GNg1yUkl07HA","use":"enc","x":"_mUAKV1wWPtzvi0dIRLR9TUhNhC-wb14LgS8GZcTOk0","y":"YjCcIQxF_JsLvbmIkak9wn6SR4E54Wqk4hawrmwDG4g","crv":"P-256"},{"kty":"RSA","kid":"KiKQ8Y4fuTo7Q8TIXWyZPHaPDCM","use":"enc","n":"r10ldw2__6mJGjPMpAv_aNYT95bnrWMGiyg6G_3UMYPLbaGF-Nq7SostX8klpLNAWAanJMpdvUSB6X2d5IkQsAvaaLvmDW-jwADA_gSq9ACzPXs_IkL7WvulYhhCmTHtwQwjzbmqS5dDeQ9fYB07l3rEEUskf96-9R6uH1eWeMjle4MWVF-Ex0Sw1EVrOTFf1wjOePJJ2Xop8ZsHaqT52BliNd5gXdlUkdpcj0OfF9wvvAkUdgEXK336VCMeIRpT-NWItmYpGihaTxJaxYKg98REnMmEZ6wGLiJecJWU6Cwxvxd_asPggkxA4DLNtH-35KuQ6ZvTKqabKuka72WHnw","e":"AQAB"},{"kty":"EC","kid":"tTz8_Iu7CET43WmjZANNqOkoSpg","use":"enc","x":"CDCpGMWM1jwborjr3hIFmAko4kgXVYo_CO06dKlxHhsycAIk3zdYf7r50m4nA1jQ","y":"pWm_4nhohNpvwtzqMzAxq8PFNaor9wNSdhbQTAVFp3FUtAZ5lXuy6cqpUrCLA1YL","crv":"P-384"},{"kty":"EC","kid":"yJTeSKJRk14clH6IWD7NKszzrbQ","use":"enc","x":"AbXvCDr46z-ZHwpVoVgVcWHBUfvXsJ7ktit3z-egproYs6GOvKhyd19XlS3RMSs4FnQLdEEqh6zsOOMYxkY3eWTI","y":"AZFW30tO1BFKv92Panabi-mkSY6mdCCbLcnJenpdX7r4lIGXVTvtXFf2wQDaxT-wlQy7SKHQ0xxg4Sc5Am8J0W5p","crv":"P-521"}]}

2021-06-15 17:14:13

(1) More

FetchServerKeys

Found JWK set string

jwk_string

{"keys":[{"kty":"EC","kid":"5QadRhn8CbPcH87TPn44jtdjEb0","use":"sig","x":"NqD3pkyW21AvgCu7ZqBJh4K8SOuWcIWEEKfN_pU52jY","y":"gjZTZuUYqizpY-gjoVBfDRUiD6k_mv679L0KaDxlSPI","crv":"P-256"},{"kty":"RSA","kid":"E7i-dwTdrPHhrxA87ERbRd3SMTw","use":"sig","n":"gyhVGIOSmrrL_jUQl1GZAmOMs_OJiY69_vLlMYPia_yafsBNYvpX9CF2iboE3NRVC-1m8bZuiINxIgNEqEvqUQDOLmw6ymNP7apGZV19OQndmfi746w7ONh1n48zFZEH4YvG4WOLLOqK4JuHHBu_TZaFve1DoRhEj4tZquJEM67Yl7GVlv89MnwUxOmi8L7Q9Er1ZaZoemwaiNwif1q_suyBSQbNgZ9GZIen9FTtR0p72KBrTuxULkhCoMw7OcKoTwd02iRxgaoxdbiS3g3XHQbPvBCzZ3U84frc7oK664JZ1KFWSGjvpaVwwtojGE3efpoi5-5QPPJOI9r7PvCALw","e":"AQAB"},{"kty":"EC","kid":"NJ-xeJ1prPqxexh2SKij5J2P4uo","use":"sig","x":"H92ITt53QuWhi_qcEFk562XnIiX8BrRoMqMe74SoNTe7EuXNPUo2ttWqVjtrCOLQ","y":"r-UM637j132U7n4V4d9XMnOdvoMtzFki-OcNPcDeB-_fijjyfI8dRniVX6WfOP5-","crv":"P-384"},{"kty":"EC","kid":"_jjw9ffzGB6Z4kAQAO_NV0B7sEU","use":"sig","x":"AbdbAgstypbQKRDhxw9nsfr9_ioGD0w8sWMwN3vD2LsXGW9RaQUh5RgBQ1g-V0I8ZhDPDhjaRneIS2xQ5-uLP70E","y":"AR274LRg7ReUXW1SMQI3SU4wmKBdMoGUbTJq1gg4wAEQiwlNLbOBuEmiJGMcwYZgt1WiO2nmjwGNboSLmk6xab12","crv":"P-521"},{"kty":"EC","kid":"SN6UlUJWv_KKF_mHImCtTOmUD2M","use":"sig","x":"gYJHBD55iX9_exq0hGbhRXRVVqtFlgOsVwkn_A_h1AQ","y":"y3wzQIoknL1wvd3XKpHaeDLp44yJ12wiIbQfBcKji60","crv":"P-256"},{"kty":"RSA","kid":"ZH2y4AetHTynvUgDK_YxYbB5yLQ","use":"sig","n":"mutK9ALOPwBn0Ma6EMzgNq45icxxZtsozOGgJhRv87q7_oaccs5E6LvyIAEYTe4tylKXkb5U36sXb3fB_ljVLUo8TzEvYk8p1AnzrDq17edRsBrK7rA55d1K8kvDXksT9aAAyHxsTvtnpEIPIMy-9zDBsu89nqzBvGBC4qfvonrUK7KAXmq7PsrQykuBD1dNg9DNZL3gWLVaZMEbnioe_f9miaXcUHbR37TEjaOjezBSakjRXqRDIB9bE5JWQvpNfyJDnN_P8EPZK8fq6yn_5kGzMPf-r86bjbz4oR-_HO2o4h5lrov0Hwjic20oeFV7jIx2f2qMuBdPz-x0J3lcjQ","e":"AQAB"},{"kty":"EC","kid":"dsh6NHxZgjoeBgIu0XsECIIbtL8","use":"sig","x":"37_BpW5YpwgG4z7GQWIaW8jViBJ0fRGnDsKpSkyoaiTEjymlR9sBI5tZ9oYFg4pV","y":"jQbA_nqKFiBVfbxratx7YCQgqXr8Ew3GkYw_6vROZikjRPfAl70TLkzaHl2HZk-F","crv":"P-384"},{"kty":"EC","kid":"qrrYthgG0KN3BK0QKR5GVxPIKhA","use":"sig","x":"AJ2bpXuFGeOxaEBP4jU2Yb4etTEfY07rqI1PYQForVj_-lZ7eMDBqIsUJuPvYUulV-mUSDkzwuSRl8-qaQs_MLFS","y":"AKZbW_cNCVuHC-lqWMckKOo7NG1Jtfoph8aUzvyjpAY6KDr1yVxDEPdnhgdeXq17atWu79GHG5LX_f9kqiOF7kKj","crv":"P-521"},{"kty":"EC","kid":"5MwmNtztM_lf-V-GNg1yUkl07HA","use":"enc","x":"_mUAKV1wWPtzvi0dIRLR9TUhNhC-wb14LgS8GZcTOk0","y":"YjCcIQxF_JsLvbmIkak9wn6SR4E54Wqk4hawrmwDG4g","crv":"P-256"},{"kty":"RSA","kid":"KiKQ8Y4fuTo7Q8TIXWyZPHaPDCM","use":"enc","n":"r10ldw2__6mJGjPMpAv_aNYT95bnrWMGiyg6G_3UMYPLbaGF-Nq7SostX8klpLNAWAanJMpdvUSB6X2d5IkQsAvaaLvmDW-jwADA_gSq9ACzPXs_IkL7WvulYhhCmTHtwQwjzbmqS5dDeQ9fYB07l3rEEUskf96-9R6uH1eWeMjle4MWVF-Ex0Sw1EVrOTFf1wjOePJJ2Xop8ZsHaqT52BliNd5gXdlUkdpcj0OfF9wvvAkUdgEXK336VCMeIRpT-NWItmYpGihaTxJaxYKg98REnMmEZ6wGLiJecJWU6Cwxvxd_asPggkxA4DLNtH-35KuQ6ZvTKqabKuka72WHnw","e":"AQAB"},{"kty":"EC","kid":"tTz8_Iu7CET43WmjZANNqOkoSpg","use":"enc","x":"CDCpGMWM1jwborjr3hIFmAko4kgXVYo_CO06dKlxHhsycAIk3zdYf7r50m4nA1jQ","y":"pWm_4nhohNpvwtzqMzAxq8PFNaor9wNSdhbQTAVFp3FUtAZ5lXuy6cqpUrCLA1YL","crv":"P-384"},{"kty":"EC","kid":"yJTeSKJRk14clH6IWD7NKszzrbQ","use":"enc","x":"AbXvCDr46z-ZHwpVoVgVcWHBUfvXsJ7ktit3z-egproYs6GOvKhyd19XlS3RMSs4FnQLdEEqh6zsOOMYxkY3eWTI","y":"AZFW30tO1BFKv92Panabi-mkSY6mdCCbLcnJenpdX7r4lIGXVTvtXFf2wQDaxT-wlQy7SKHQ0xxg4Sc5Am8J0W5p","crv":"P-521"}]}

2021-06-15 17:14:13

(1) More

SUCCESS

FetchServerKeys

Found server JWK set

server_jwks

{
  "keys": [
    {
      "kty": "EC",
      "kid": "5QadRhn8CbPcH87TPn44jtdjEb0",
      "use": "sig",
      "x": "NqD3pkyW21AvgCu7ZqBJh4K8SOuWcIWEEKfN_pU52jY",
      "y": "gjZTZuUYqizpY-gjoVBfDRUiD6k_mv679L0KaDxlSPI",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "E7i-dwTdrPHhrxA87ERbRd3SMTw",
      "use": "sig",
      "n": "gyhVGIOSmrrL_jUQl1GZAmOMs_OJiY69_vLlMYPia_yafsBNYvpX9CF2iboE3NRVC-1m8bZuiINxIgNEqEvqUQDOLmw6ymNP7apGZV19OQndmfi746w7ONh1n48zFZEH4YvG4WOLLOqK4JuHHBu_TZaFve1DoRhEj4tZquJEM67Yl7GVlv89MnwUxOmi8L7Q9Er1ZaZoemwaiNwif1q_suyBSQbNgZ9GZIen9FTtR0p72KBrTuxULkhCoMw7OcKoTwd02iRxgaoxdbiS3g3XHQbPvBCzZ3U84frc7oK664JZ1KFWSGjvpaVwwtojGE3efpoi5-5QPPJOI9r7PvCALw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "NJ-xeJ1prPqxexh2SKij5J2P4uo",
      "use": "sig",
      "x": "H92ITt53QuWhi_qcEFk562XnIiX8BrRoMqMe74SoNTe7EuXNPUo2ttWqVjtrCOLQ",
      "y": "r-UM637j132U7n4V4d9XMnOdvoMtzFki-OcNPcDeB-_fijjyfI8dRniVX6WfOP5-",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "_jjw9ffzGB6Z4kAQAO_NV0B7sEU",
      "use": "sig",
      "x": "AbdbAgstypbQKRDhxw9nsfr9_ioGD0w8sWMwN3vD2LsXGW9RaQUh5RgBQ1g-V0I8ZhDPDhjaRneIS2xQ5-uLP70E",
      "y": "AR274LRg7ReUXW1SMQI3SU4wmKBdMoGUbTJq1gg4wAEQiwlNLbOBuEmiJGMcwYZgt1WiO2nmjwGNboSLmk6xab12",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "SN6UlUJWv_KKF_mHImCtTOmUD2M",
      "use": "sig",
      "x": "gYJHBD55iX9_exq0hGbhRXRVVqtFlgOsVwkn_A_h1AQ",
      "y": "y3wzQIoknL1wvd3XKpHaeDLp44yJ12wiIbQfBcKji60",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "ZH2y4AetHTynvUgDK_YxYbB5yLQ",
      "use": "sig",
      "n": "mutK9ALOPwBn0Ma6EMzgNq45icxxZtsozOGgJhRv87q7_oaccs5E6LvyIAEYTe4tylKXkb5U36sXb3fB_ljVLUo8TzEvYk8p1AnzrDq17edRsBrK7rA55d1K8kvDXksT9aAAyHxsTvtnpEIPIMy-9zDBsu89nqzBvGBC4qfvonrUK7KAXmq7PsrQykuBD1dNg9DNZL3gWLVaZMEbnioe_f9miaXcUHbR37TEjaOjezBSakjRXqRDIB9bE5JWQvpNfyJDnN_P8EPZK8fq6yn_5kGzMPf-r86bjbz4oR-_HO2o4h5lrov0Hwjic20oeFV7jIx2f2qMuBdPz-x0J3lcjQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "dsh6NHxZgjoeBgIu0XsECIIbtL8",
      "use": "sig",
      "x": "37_BpW5YpwgG4z7GQWIaW8jViBJ0fRGnDsKpSkyoaiTEjymlR9sBI5tZ9oYFg4pV",
      "y": "jQbA_nqKFiBVfbxratx7YCQgqXr8Ew3GkYw_6vROZikjRPfAl70TLkzaHl2HZk-F",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "qrrYthgG0KN3BK0QKR5GVxPIKhA",
      "use": "sig",
      "x": "AJ2bpXuFGeOxaEBP4jU2Yb4etTEfY07rqI1PYQForVj_-lZ7eMDBqIsUJuPvYUulV-mUSDkzwuSRl8-qaQs_MLFS",
      "y": "AKZbW_cNCVuHC-lqWMckKOo7NG1Jtfoph8aUzvyjpAY6KDr1yVxDEPdnhgdeXq17atWu79GHG5LX_f9kqiOF7kKj",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "5MwmNtztM_lf-V-GNg1yUkl07HA",
      "use": "enc",
      "x": "_mUAKV1wWPtzvi0dIRLR9TUhNhC-wb14LgS8GZcTOk0",
      "y": "YjCcIQxF_JsLvbmIkak9wn6SR4E54Wqk4hawrmwDG4g",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "KiKQ8Y4fuTo7Q8TIXWyZPHaPDCM",
      "use": "enc",
      "n": "r10ldw2__6mJGjPMpAv_aNYT95bnrWMGiyg6G_3UMYPLbaGF-Nq7SostX8klpLNAWAanJMpdvUSB6X2d5IkQsAvaaLvmDW-jwADA_gSq9ACzPXs_IkL7WvulYhhCmTHtwQwjzbmqS5dDeQ9fYB07l3rEEUskf96-9R6uH1eWeMjle4MWVF-Ex0Sw1EVrOTFf1wjOePJJ2Xop8ZsHaqT52BliNd5gXdlUkdpcj0OfF9wvvAkUdgEXK336VCMeIRpT-NWItmYpGihaTxJaxYKg98REnMmEZ6wGLiJecJWU6Cwxvxd_asPggkxA4DLNtH-35KuQ6ZvTKqabKuka72WHnw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "tTz8_Iu7CET43WmjZANNqOkoSpg",
      "use": "enc",
      "x": "CDCpGMWM1jwborjr3hIFmAko4kgXVYo_CO06dKlxHhsycAIk3zdYf7r50m4nA1jQ",
      "y": "pWm_4nhohNpvwtzqMzAxq8PFNaor9wNSdhbQTAVFp3FUtAZ5lXuy6cqpUrCLA1YL",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "yJTeSKJRk14clH6IWD7NKszzrbQ",
      "use": "enc",
      "x": "AbXvCDr46z-ZHwpVoVgVcWHBUfvXsJ7ktit3z-egproYs6GOvKhyd19XlS3RMSs4FnQLdEEqh6zsOOMYxkY3eWTI",
      "y": "AZFW30tO1BFKv92Panabi-mkSY6mdCCbLcnJenpdX7r4lIGXVTvtXFf2wQDaxT-wlQy7SKHQ0xxg4Sc5Am8J0W5p",
      "crv": "P-521"
    }
  ]
}

2021-06-15 17:14:13

(1) More

SUCCESS

CheckServerKeysIsValid

Server JWKs is valid

server_jwks

{
  "keys": [
    {
      "kty": "EC",
      "kid": "5QadRhn8CbPcH87TPn44jtdjEb0",
      "use": "sig",
      "x": "NqD3pkyW21AvgCu7ZqBJh4K8SOuWcIWEEKfN_pU52jY",
      "y": "gjZTZuUYqizpY-gjoVBfDRUiD6k_mv679L0KaDxlSPI",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "E7i-dwTdrPHhrxA87ERbRd3SMTw",
      "use": "sig",
      "n": "gyhVGIOSmrrL_jUQl1GZAmOMs_OJiY69_vLlMYPia_yafsBNYvpX9CF2iboE3NRVC-1m8bZuiINxIgNEqEvqUQDOLmw6ymNP7apGZV19OQndmfi746w7ONh1n48zFZEH4YvG4WOLLOqK4JuHHBu_TZaFve1DoRhEj4tZquJEM67Yl7GVlv89MnwUxOmi8L7Q9Er1ZaZoemwaiNwif1q_suyBSQbNgZ9GZIen9FTtR0p72KBrTuxULkhCoMw7OcKoTwd02iRxgaoxdbiS3g3XHQbPvBCzZ3U84frc7oK664JZ1KFWSGjvpaVwwtojGE3efpoi5-5QPPJOI9r7PvCALw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "NJ-xeJ1prPqxexh2SKij5J2P4uo",
      "use": "sig",
      "x": "H92ITt53QuWhi_qcEFk562XnIiX8BrRoMqMe74SoNTe7EuXNPUo2ttWqVjtrCOLQ",
      "y": "r-UM637j132U7n4V4d9XMnOdvoMtzFki-OcNPcDeB-_fijjyfI8dRniVX6WfOP5-",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "_jjw9ffzGB6Z4kAQAO_NV0B7sEU",
      "use": "sig",
      "x": "AbdbAgstypbQKRDhxw9nsfr9_ioGD0w8sWMwN3vD2LsXGW9RaQUh5RgBQ1g-V0I8ZhDPDhjaRneIS2xQ5-uLP70E",
      "y": "AR274LRg7ReUXW1SMQI3SU4wmKBdMoGUbTJq1gg4wAEQiwlNLbOBuEmiJGMcwYZgt1WiO2nmjwGNboSLmk6xab12",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "SN6UlUJWv_KKF_mHImCtTOmUD2M",
      "use": "sig",
      "x": "gYJHBD55iX9_exq0hGbhRXRVVqtFlgOsVwkn_A_h1AQ",
      "y": "y3wzQIoknL1wvd3XKpHaeDLp44yJ12wiIbQfBcKji60",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "ZH2y4AetHTynvUgDK_YxYbB5yLQ",
      "use": "sig",
      "n": "mutK9ALOPwBn0Ma6EMzgNq45icxxZtsozOGgJhRv87q7_oaccs5E6LvyIAEYTe4tylKXkb5U36sXb3fB_ljVLUo8TzEvYk8p1AnzrDq17edRsBrK7rA55d1K8kvDXksT9aAAyHxsTvtnpEIPIMy-9zDBsu89nqzBvGBC4qfvonrUK7KAXmq7PsrQykuBD1dNg9DNZL3gWLVaZMEbnioe_f9miaXcUHbR37TEjaOjezBSakjRXqRDIB9bE5JWQvpNfyJDnN_P8EPZK8fq6yn_5kGzMPf-r86bjbz4oR-_HO2o4h5lrov0Hwjic20oeFV7jIx2f2qMuBdPz-x0J3lcjQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "dsh6NHxZgjoeBgIu0XsECIIbtL8",
      "use": "sig",
      "x": "37_BpW5YpwgG4z7GQWIaW8jViBJ0fRGnDsKpSkyoaiTEjymlR9sBI5tZ9oYFg4pV",
      "y": "jQbA_nqKFiBVfbxratx7YCQgqXr8Ew3GkYw_6vROZikjRPfAl70TLkzaHl2HZk-F",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "qrrYthgG0KN3BK0QKR5GVxPIKhA",
      "use": "sig",
      "x": "AJ2bpXuFGeOxaEBP4jU2Yb4etTEfY07rqI1PYQForVj_-lZ7eMDBqIsUJuPvYUulV-mUSDkzwuSRl8-qaQs_MLFS",
      "y": "AKZbW_cNCVuHC-lqWMckKOo7NG1Jtfoph8aUzvyjpAY6KDr1yVxDEPdnhgdeXq17atWu79GHG5LX_f9kqiOF7kKj",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "5MwmNtztM_lf-V-GNg1yUkl07HA",
      "use": "enc",
      "x": "_mUAKV1wWPtzvi0dIRLR9TUhNhC-wb14LgS8GZcTOk0",
      "y": "YjCcIQxF_JsLvbmIkak9wn6SR4E54Wqk4hawrmwDG4g",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "KiKQ8Y4fuTo7Q8TIXWyZPHaPDCM",
      "use": "enc",
      "n": "r10ldw2__6mJGjPMpAv_aNYT95bnrWMGiyg6G_3UMYPLbaGF-Nq7SostX8klpLNAWAanJMpdvUSB6X2d5IkQsAvaaLvmDW-jwADA_gSq9ACzPXs_IkL7WvulYhhCmTHtwQwjzbmqS5dDeQ9fYB07l3rEEUskf96-9R6uH1eWeMjle4MWVF-Ex0Sw1EVrOTFf1wjOePJJ2Xop8ZsHaqT52BliNd5gXdlUkdpcj0OfF9wvvAkUdgEXK336VCMeIRpT-NWItmYpGihaTxJaxYKg98REnMmEZ6wGLiJecJWU6Cwxvxd_asPggkxA4DLNtH-35KuQ6ZvTKqabKuka72WHnw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "tTz8_Iu7CET43WmjZANNqOkoSpg",
      "use": "enc",
      "x": "CDCpGMWM1jwborjr3hIFmAko4kgXVYo_CO06dKlxHhsycAIk3zdYf7r50m4nA1jQ",
      "y": "pWm_4nhohNpvwtzqMzAxq8PFNaor9wNSdhbQTAVFp3FUtAZ5lXuy6cqpUrCLA1YL",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "yJTeSKJRk14clH6IWD7NKszzrbQ",
      "use": "enc",
      "x": "AbXvCDr46z-ZHwpVoVgVcWHBUfvXsJ7ktit3z-egproYs6GOvKhyd19XlS3RMSs4FnQLdEEqh6zsOOMYxkY3eWTI",
      "y": "AZFW30tO1BFKv92Panabi-mkSY6mdCCbLcnJenpdX7r4lIGXVTvtXFf2wQDaxT-wlQy7SKHQ0xxg4Sc5Am8J0W5p",
      "crv": "P-521"
    }
  ]
}

2021-06-15 17:14:13	SUCCESS RFC7517-1.1	ValidateServerJWKs Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url

2021-06-15 17:14:13	SUCCESS OIDCC-10.1	CheckForKeyIdInServerJWKs All keys contain kids

2021-06-15 17:14:13	SUCCESS RFC7518-6.3.2.1	EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys Jwks does not contain any private or symmetric keys

2021-06-15 17:14:13

(1) More

SUCCESS

FAPI-R-5.2.2-5 FAPI-R-5.2.2-6

FAPIEnsureMinimumServerKeyLength

Validated minimum key lengths for server_jwks

server_jwks

{
  "keys": [
    {
      "kty": "EC",
      "kid": "5QadRhn8CbPcH87TPn44jtdjEb0",
      "use": "sig",
      "x": "NqD3pkyW21AvgCu7ZqBJh4K8SOuWcIWEEKfN_pU52jY",
      "y": "gjZTZuUYqizpY-gjoVBfDRUiD6k_mv679L0KaDxlSPI",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "E7i-dwTdrPHhrxA87ERbRd3SMTw",
      "use": "sig",
      "n": "gyhVGIOSmrrL_jUQl1GZAmOMs_OJiY69_vLlMYPia_yafsBNYvpX9CF2iboE3NRVC-1m8bZuiINxIgNEqEvqUQDOLmw6ymNP7apGZV19OQndmfi746w7ONh1n48zFZEH4YvG4WOLLOqK4JuHHBu_TZaFve1DoRhEj4tZquJEM67Yl7GVlv89MnwUxOmi8L7Q9Er1ZaZoemwaiNwif1q_suyBSQbNgZ9GZIen9FTtR0p72KBrTuxULkhCoMw7OcKoTwd02iRxgaoxdbiS3g3XHQbPvBCzZ3U84frc7oK664JZ1KFWSGjvpaVwwtojGE3efpoi5-5QPPJOI9r7PvCALw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "NJ-xeJ1prPqxexh2SKij5J2P4uo",
      "use": "sig",
      "x": "H92ITt53QuWhi_qcEFk562XnIiX8BrRoMqMe74SoNTe7EuXNPUo2ttWqVjtrCOLQ",
      "y": "r-UM637j132U7n4V4d9XMnOdvoMtzFki-OcNPcDeB-_fijjyfI8dRniVX6WfOP5-",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "_jjw9ffzGB6Z4kAQAO_NV0B7sEU",
      "use": "sig",
      "x": "AbdbAgstypbQKRDhxw9nsfr9_ioGD0w8sWMwN3vD2LsXGW9RaQUh5RgBQ1g-V0I8ZhDPDhjaRneIS2xQ5-uLP70E",
      "y": "AR274LRg7ReUXW1SMQI3SU4wmKBdMoGUbTJq1gg4wAEQiwlNLbOBuEmiJGMcwYZgt1WiO2nmjwGNboSLmk6xab12",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "SN6UlUJWv_KKF_mHImCtTOmUD2M",
      "use": "sig",
      "x": "gYJHBD55iX9_exq0hGbhRXRVVqtFlgOsVwkn_A_h1AQ",
      "y": "y3wzQIoknL1wvd3XKpHaeDLp44yJ12wiIbQfBcKji60",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "ZH2y4AetHTynvUgDK_YxYbB5yLQ",
      "use": "sig",
      "n": "mutK9ALOPwBn0Ma6EMzgNq45icxxZtsozOGgJhRv87q7_oaccs5E6LvyIAEYTe4tylKXkb5U36sXb3fB_ljVLUo8TzEvYk8p1AnzrDq17edRsBrK7rA55d1K8kvDXksT9aAAyHxsTvtnpEIPIMy-9zDBsu89nqzBvGBC4qfvonrUK7KAXmq7PsrQykuBD1dNg9DNZL3gWLVaZMEbnioe_f9miaXcUHbR37TEjaOjezBSakjRXqRDIB9bE5JWQvpNfyJDnN_P8EPZK8fq6yn_5kGzMPf-r86bjbz4oR-_HO2o4h5lrov0Hwjic20oeFV7jIx2f2qMuBdPz-x0J3lcjQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "dsh6NHxZgjoeBgIu0XsECIIbtL8",
      "use": "sig",
      "x": "37_BpW5YpwgG4z7GQWIaW8jViBJ0fRGnDsKpSkyoaiTEjymlR9sBI5tZ9oYFg4pV",
      "y": "jQbA_nqKFiBVfbxratx7YCQgqXr8Ew3GkYw_6vROZikjRPfAl70TLkzaHl2HZk-F",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "qrrYthgG0KN3BK0QKR5GVxPIKhA",
      "use": "sig",
      "x": "AJ2bpXuFGeOxaEBP4jU2Yb4etTEfY07rqI1PYQForVj_-lZ7eMDBqIsUJuPvYUulV-mUSDkzwuSRl8-qaQs_MLFS",
      "y": "AKZbW_cNCVuHC-lqWMckKOo7NG1Jtfoph8aUzvyjpAY6KDr1yVxDEPdnhgdeXq17atWu79GHG5LX_f9kqiOF7kKj",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "5MwmNtztM_lf-V-GNg1yUkl07HA",
      "use": "enc",
      "x": "_mUAKV1wWPtzvi0dIRLR9TUhNhC-wb14LgS8GZcTOk0",
      "y": "YjCcIQxF_JsLvbmIkak9wn6SR4E54Wqk4hawrmwDG4g",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "KiKQ8Y4fuTo7Q8TIXWyZPHaPDCM",
      "use": "enc",
      "n": "r10ldw2__6mJGjPMpAv_aNYT95bnrWMGiyg6G_3UMYPLbaGF-Nq7SostX8klpLNAWAanJMpdvUSB6X2d5IkQsAvaaLvmDW-jwADA_gSq9ACzPXs_IkL7WvulYhhCmTHtwQwjzbmqS5dDeQ9fYB07l3rEEUskf96-9R6uH1eWeMjle4MWVF-Ex0Sw1EVrOTFf1wjOePJJ2Xop8ZsHaqT52BliNd5gXdlUkdpcj0OfF9wvvAkUdgEXK336VCMeIRpT-NWItmYpGihaTxJaxYKg98REnMmEZ6wGLiJecJWU6Cwxvxd_asPggkxA4DLNtH-35KuQ6ZvTKqabKuka72WHnw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "tTz8_Iu7CET43WmjZANNqOkoSpg",
      "use": "enc",
      "x": "CDCpGMWM1jwborjr3hIFmAko4kgXVYo_CO06dKlxHhsycAIk3zdYf7r50m4nA1jQ",
      "y": "pWm_4nhohNpvwtzqMzAxq8PFNaor9wNSdhbQTAVFp3FUtAZ5lXuy6cqpUrCLA1YL",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "yJTeSKJRk14clH6IWD7NKszzrbQ",
      "use": "enc",
      "x": "AbXvCDr46z-ZHwpVoVgVcWHBUfvXsJ7ktit3z-egproYs6GOvKhyd19XlS3RMSs4FnQLdEEqh6zsOOMYxkY3eWTI",
      "y": "AZFW30tO1BFKv92Panabi-mkSY6mdCCbLcnJenpdX7r4lIGXVTvtXFf2wQDaxT-wlQy7SKHQ0xxg4Sc5Am8J0W5p",
      "crv": "P-521"
    }
  ]
}

2021-06-15 17:14:13

(5) More

SUCCESS

GetStaticClientConfiguration

Found a static client object

client_id	c__fapi-mtls-jar1
scope	openid other
hint_type	login_hint
hint_value	cheba-hut@ping-eng.com
jwks	{ "keys": [ { "kty": "RSA", "kid": "-WBaQw", "use": "sig", "alg": "PS256", "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw", "e": "AQAB", "d": "RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ", "p": "8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM", "q": "8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk", "dp": "pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs", "dq": "nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE", "qi": "3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A" } ] }

2021-06-15 17:14:13	SUCCESS	ValidateMTLSCertificatesHeader MTLS certificates header is valid

2021-06-15 17:14:13

(3) More

SUCCESS

ExtractMTLSCertificatesFromConfiguration

Mutual TLS authentication credentials loaded

cert

MIICmzCCAkGgAwIBAgIBEDAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2MTQxODUyNDlaFw0yMjA2MjQxODUyNDlaMDUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDTzEZMBcGA1UEAwwQcGFzc3dvcmQxIGlzIGZ1bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANz7e9keCgR6wkiSGpEzNPz+AmclSkhBQdHgbNoO/hKKt57/NE0Ruyts1ESDpmS69R4BccKDZOFD2PsF+DywykI8W/OipgDP7HjpYuyWgNIdMVHjFcUtILrc3mt0iABR9sfu8UwnqvSV6i7Mxauozv6C3zp7iPmBljiFzOkwudBxiBm5mwZItMwPbpcdqa9EEPub74/zFgKxhEp/0toVuVg7GZVt76uCQrdlzRtvKOltKi7voxXtCN0hp012tVgJbzvQPeSJrHVJN1jH0bqbEVVsljo6/z5Ur6/+M+tE6s43WIbTtgMH1foHmhwpiOaxGGPcRMvxjfVVJdSsL94Py9ECAwEAAaNyMHAwCQYDVR0TBAIwADAfBgNVHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4YW1wbGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIQCSPVITgusQsgLb5rVZPxIdBuAJ2cwPet4GcIXROebbLAIgb0Sq197/+QZkXNl9uUt8VwiA6UX5eZ2bgIbNQizr5BA=

key

MIIEpAIBAAKCAQEA3Pt72R4KBHrCSJIakTM0/P4CZyVKSEFB0eBs2g7+Eoq3nv80TRG7K2zURIOmZLr1HgFxwoNk4UPY+wX4PLDKQjxb86KmAM/seOli7JaA0h0xUeMVxS0gutzea3SIAFH2x+7xTCeq9JXqLszFq6jO/oLfOnuI+YGWOIXM6TC50HGIGbmbBki0zA9ulx2pr0QQ+5vvj/MWArGESn/S2hW5WDsZlW3vq4JCt2XNG28o6W0qLu+jFe0I3SGnTXa1WAlvO9A95ImsdUk3WMfRupsRVWyWOjr/PlSvr/4z60TqzjdYhtO2AwfV+geaHCmI5rEYY9xEy/GN9VUl1Kwv3g/L0QIDAQABAoIBAQC/Yy9IQ7P5XTiXEbLgvrDNzFDYdHt5SMtwsiaUVRfHh0yw7+akOQ8Z9Q+Cp2KdKy7P5gBYruPYFaL/BZSRO6xw4UXiJKQRYAM2VSvQLCk10QK+ISbhtsv6CwC3oB2J6XMKhe+GPXTakFxaXA93NKTR2Rbs18EyFwG7wmZOMF0+IPnEDUY+qY9DP2aDkLQiqrH+RF1i0eJXLkhhL2UFNCDpW7f5iR6y2RUtpq4rHO9aDrGS7W+tzIZEfQpP+x6dEBg9SrHqE7zwaWIXuTlwypVRbZRuQqbFQzFAAJPIBWylSs/oypYhPJvhHAG9yCQR79exARbuWXdJyCYaGTxc+5ABAoGBAPV33BO7fZeISXdYKwDBKCKfVI9q4ssps/TYpCEKXQ8omrdYJrsDcv9rRCJedb250AW3hLJ/18JXjgnFq+o919fe60HE+b833NzzeMs26AFmvsuWvV1yXvSIwbMp6LhrzUmrsOdIrhbk8V2tIOpfySrWQUt6LS2jpeEXZSW5XKyhAoGBAOZ2rgjYDek2kss/tYnrsmg0RYTX9dI4tmi7P92YCsJfRQTMznBj1HxP8FNyxrZ1AgK5BNESgpW3dnd6RekfG04OecDkQSDtJiBxhoOQj//SYLHMDP+JmMFPD/YErulFQz8nOJsT5KNYhi9T9sAcFhrwrqzBp6E3KsbgR5+10iExAoGBAJssAvaCXnltUSvdk4mtkUaZvCXRZr8RhM4yKUctuvg7LdrbIdi07HxkfbTQS9P843DJu1vvjyAuov6wc+Xm5Ex1gfiYoVxs3vTaALFN60n/fntKtjiddUNWNESjKJd0plh87Z63hj24yo/yQs2Gca/fs3UYLfkc616ooGtBi0EhAoGAIhQsmfww2mqKfGmYU6O5xvTrzsAMhqCCQKxnvkHMXX+u+g26/R2V/yfm9sADKFnXCUYIs03UZ4UwjGxVSCqkY/95+48FHnRS7fs7k9rdoEugpsnwphzXrMYfKxb4MmBemEkZcr0XUxw1A2ycET5V+nfarIsaWZmJxszFapV9VBECgYBBrwBJdKtYQTh8+mJJtt5Cv+f6Ynw4QIG8HYssMq1CkFV3gcJFMgIhbdyI6yXnwhsk1EtgZYSvOkMym/mJNhyojvzsjUg7bkTivVFeMUy5n89i6T/KqqGH8zabTXrA/W3fAj6r58+93+20ZRqVFrhFVxHq9/2rq58b83CRxsHB1w==

ca

MIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkGA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50aWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEzMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54RC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtWCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAfBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxomIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3RRX5gP7kuu2KGMg==

2021-06-15 17:14:13	SUCCESS RFC7517-1.1	ValidateClientJWKsPrivatePart Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url

2021-06-15 17:14:13

(2) More

SUCCESS

ExtractJWKsFromStaticClientConfiguration

Extracted client JWK

client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "-WBaQw",
      "use": "sig",
      "alg": "PS256",
      "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw",
      "e": "AQAB",
      "d": "RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ",
      "p": "8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM",
      "q": "8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk",
      "dp": "pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs",
      "dq": "nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE",
      "qi": "3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A"
    }
  ]
}

public_client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "-WBaQw",
      "alg": "PS256",
      "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw"
    }
  ]
}

2021-06-15 17:14:13	SUCCESS OIDCC-10.1	CheckForKeyIdInClientJWKs All keys contain kids

2021-06-15 17:14:13

(1) More

SUCCESS

RFC7517-4.5

CheckDistinctKeyIdValueInClientJWKs

Distinct 'kid' value in all keys of client_jwks

see	https://bitbucket.org/openid/connect/issues/1127

2021-06-15 17:14:13

(1) More

SUCCESS

FAPI-RW-8.6

FAPICheckKeyAlgInClientJWKs

Keys in client JWKS all have permitted 'alg'

permitted

[
  "PS256",
  "ES256"
]

2021-06-15 17:14:13

(1) More

SUCCESS

FAPI-R-5.2.2-5 FAPI-R-5.2.2-6

FAPIEnsureMinimumClientKeyLength

Validated minimum key lengths for client_jwks

client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "-WBaQw",
      "use": "sig",
      "alg": "PS256",
      "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw",
      "e": "AQAB",
      "d": "RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ",
      "p": "8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM",
      "q": "8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk",
      "dp": "pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs",
      "dq": "nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE",
      "qi": "3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A"
    }
  ]
}

2021-06-15 17:14:13	SUCCESS	ValidateMTLSCertificatesAsX509 Mutual TLS authentication cert validated as X.509

Verify configuration of second client

2021-06-15 17:14:13

(3) More

SUCCESS

GetStaticClient2Configuration

Found a static second client object

client_id

c__fapi-mtls-jar2

scope

openid

jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "8hTzUQ",
      "use": "sig",
      "alg": "PS256",
      "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ",
      "e": "AQAB",
      "d": "QqGVJfxJUPRDBdJV8bP2PKkf9bMKCkZgWLvy5Y29s2775i9QLT25IPX1bvnjUBpyecFzraPVLmXPesVQbUyyCU3fzKeEkvghMo2B83ywbCBULydgRsyQPjuMMMB86uALHwxaVjFCUZ2vQtac7c5NHFBMC0NXSXaZwwHqBtCBWbHp2Je531wEfeb8uzrfJpU1Of7bLGfjKaQTwnxs3v9iUng2uR143LTQd1bPL14vJjutnFGoDb4-CE80g_QLqtW7J1gDRRgxHzwnP9nmSjPpGpPK5u1zpQcpXGbi7QTUbqp13cSqq4pLpj2Dib90waoGZ6iicmcIC_zXy0VADcA_OQ",
      "p": "vosG_MYCvuS6CynUB_CKpqqggnbSDh_iikepagNOQOD-T4BQAYVsQRMyaVzzFJrx3bK3QhFMKbSb7MZOWG2ZpqDUqrML7SlMIxQt6feLWAlVAdSv_RXxWULQoS6dowUfQsfk0OV3x4qMFpmLV3gTAMmJ0-ZuoEDY-72Tj3T-PFc",
      "q": "rBS8NrHiX3dRtvI81gTvRFUCNzCbBJr54rDv4CXqi9uWwA3wi2xOJSV3bQYgZtoNWaCa-UxfTimG_JUdqMCXB0lMBf62OKB7V-rRA0qZyEMrJrgEcVPQ_nQc3ym_Av6hZdNs9ne1DJZSI_lj0NkeE985V_24vKRRME6j6-yYjCc",
      "dp": "K-Mr1dbp1Pwr2dxliPqfhOnyFHq3wScY7863t8JRKOJp0Pf19ZO8rnR0fQ46svlJUk4SpbYEO-rsqym16-o6pMWQlkytJ5AGiGHifWxV_Q4RNV2-t2VxdKTOFwH8rwrD-4a9LlxcLWq8_4uYK6ptfhXtmBAQVPr6v2kX7sf8svs",
      "dq": "EqfY09ErKpBkAoJ2h_lW-0CAEf2qALDQgHwQNWvG5syypjWcq3Ddc_eA4Af3AU-IfPwFcRuPhYjJAp8j7QScGwUeQdQgazkyxhBGAqZWz7hAeF0g1ixxDvUFoEgFVkzGsKRgPsQxk6DEXPQPlzfCpALiU6DFI2ZpCuSrrssiqqc",
      "qi": "m1eGh0la4w5XdSgLO5v1ToXnuVWHQf-7gHuNGHXdkVfMmIEMoJyiWswSawB71DSmYrr8x29n3IrgErysXLulbnLVr36y7gyfaNo8QGa7IuzDtYBBo6l7nenHqRJkagWgS7sZDaBYqM9_vkT61_kt3fjARBaqA0C_YBuVB5qb_DM"
    }
  ]
}

2021-06-15 17:14:13	SUCCESS	ValidateMTLSCertificates2Header MTLS certificates header is valid

2021-06-15 17:14:13

(3) More

SUCCESS

ExtractMTLSCertificates2FromConfiguration

Mutual TLS authentication credentials loaded

cert

MIICszCCAligAwIBAgIBETAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2MTQxODU2NTlaFw0yMjA2MjQxODU2NTlaMEwxCzAJBgNVBAYTAkNBMQswCQYDVQQIDAJCQzEQMA4GA1UECgwHY29tcGFueTEeMBwGA1UEAwwVc28gYmFzaWMgdG8gYmUgY29tbW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgQ0drcANY/fodhD3TMdA/6eOymGLsj61q9plDAHGzTGVpOrlSlIdHVBVwrd6A0KOtDkLIgAPnLJs6XlLpqE5ejv+FhdQz1wB99SirYSmc0BT5hGmomOukQkgNofGk2DA7aKzQeRwslu1NEEbJT9tTFwNMGlMkMMtEU6k71ddmWzxJdP04UsJBgTtKr98jmiQp585YkIYMJPruYt96Kw7XFnGetdbzDzqnscmeYhLTKWPs0xi5m3rq4+2AW9AgHoZJSLUmlshB75l+GIlDzVhC/2VsQ+e3Gr1nX/06yKV5efF6N1bVFvIPh8tTAChos6Ka36domMZRAA7AyRey7mJQIDAQABo3IwcDAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFGbdaMtrfyVsRgK6II9y3RlpIQPYMA4GA1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcDAjAdBgNVHREBAf8EEzARgQ9iZGNAZXhhbXBsZS5jb20wCgYIKoZIzj0EAwIDSQAwRgIhAPZd2ZQh32SKQJosVPloqCMTelYAopCcMJUyAtu1c6LkAiEAlgnUYDodv0JGAJ3lQYMTZm1UjLE34Vz0nrPCJa9k60E=

key

MIIEowIBAAKCAQEAmgQ0drcANY/fodhD3TMdA/6eOymGLsj61q9plDAHGzTGVpOrlSlIdHVBVwrd6A0KOtDkLIgAPnLJs6XlLpqE5ejv+FhdQz1wB99SirYSmc0BT5hGmomOukQkgNofGk2DA7aKzQeRwslu1NEEbJT9tTFwNMGlMkMMtEU6k71ddmWzxJdP04UsJBgTtKr98jmiQp585YkIYMJPruYt96Kw7XFnGetdbzDzqnscmeYhLTKWPs0xi5m3rq4+2AW9AgHoZJSLUmlshB75l+GIlDzVhC/2VsQ+e3Gr1nX/06yKV5efF6N1bVFvIPh8tTAChos6Ka36domMZRAA7AyRey7mJQIDAQABAoIBAEe7xaO1QEeyJvp+e70+3TjLEm+Du5d2zD3JnWcDp4uoXOheBwCGJdT39+LOkORPjoAuYtfK0DJFzGP71G6MUXGzuHD21xlGODOydANfIfK4ZO/pgJjhkLR4oHfTH8FkcKz+DE/KQr1yjEhawbDBBBmsWRJ5TrPGPtiHlezRugI2Syo8hj8F6EUKWG2K8mKRXxDnQ3m+M2plqPmgvv8B/VV5BxxyrqBCMdLiCxx1f3EMHZpWtl9XqLRNzatsBTgdQjqb9K5HjzAMS09Y9b7Ng0YUcj7Bdp2OYszeUwTHaqhRpIC3TAI6ueGoWgIPR7tHyyPBl5wCKKt3f1v+oZnf0YECgYEAy4PMiOK9JEEjwbL9X5a9sGWTJnTvJEhanEOZ5Er8YYCf5uDg5UDqq0pdaeH/syWqwnmopuoX1t2PCOPKS5piUTrZ8KiCsbbZVmtrJRG9SE4qVrgkhELkidoEDVU7If/KkSQOHKgD8EBDo+aV/CLO5YxfuywXG94e48FtJJj69nkCgYEAwbx73qD4i9ZRkdkf6kMqE1Mci1Xquv6qTDMop75JjITz4cy8JOQ6hg9eXFiwBEzgb+mbKLjwniABGiqhwdETV8JzqEx4R4lPNCseSL2umeU1bQDaY+lnlxsy2Hf7QisUb7jpJFte5+C4o/u2SlXIsG/6HaEeXTlHPWjnTdCC8g0CgYAoAMYpefgXsj4nCtnG+kha7fxYqM+A4D//S0Jqn1qwh6nmpflO1s3J0Zo+/89VFWhVRbii5oy9DVvaMXxIFBaTRPAl39mguQJLfF3ZMX11QvgLh7KV1Ng7SIFXZZN0AWV91gp4E4aCqP8irmZ44xasBEWk8uuv7J9BwXmEohVicQKBgQCsIgDZBKLw9AJTmNvvc6+Nrfmdnz/I136N56KGr95/WJ2sERFVoeaRuFP5rt7tYzTCmoe+fdtkU0FHc3t3ToFmJyJF9XOk884IpwroTIg2ul1mtSxVO0tMCeF6TdhTqR0mSt/y6q//TD4hjQMhNujyQvuymbX11G+Ek5F4JPxDfQKBgCuRsiZo/lAWpWcVWCN8ceVLDpd2APneyU70Aqq0gRRixi8LEWzs/7GDhKf0/Aw4IKyh6d0Ao80zcRNOtC9KpbNhzPID6M8ZXdeMWPrhgjSoex1loW79210o0qHzMEMtvif0Urt6gN5ZCGdpjl0Fxb0k+3XvWc1lqwAx1CFKDpoF

ca

MIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkGA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50aWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEzMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54RC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtWCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAfBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxomIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3RRX5gP7kuu2KGMg==

2021-06-15 17:14:13	SUCCESS RFC7517-1.1	ValidateClientJWKsPrivatePart Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url

2021-06-15 17:14:13

(2) More

SUCCESS

ExtractJWKsFromStaticClientConfiguration

Extracted client JWK

client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "8hTzUQ",
      "use": "sig",
      "alg": "PS256",
      "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ",
      "e": "AQAB",
      "d": "QqGVJfxJUPRDBdJV8bP2PKkf9bMKCkZgWLvy5Y29s2775i9QLT25IPX1bvnjUBpyecFzraPVLmXPesVQbUyyCU3fzKeEkvghMo2B83ywbCBULydgRsyQPjuMMMB86uALHwxaVjFCUZ2vQtac7c5NHFBMC0NXSXaZwwHqBtCBWbHp2Je531wEfeb8uzrfJpU1Of7bLGfjKaQTwnxs3v9iUng2uR143LTQd1bPL14vJjutnFGoDb4-CE80g_QLqtW7J1gDRRgxHzwnP9nmSjPpGpPK5u1zpQcpXGbi7QTUbqp13cSqq4pLpj2Dib90waoGZ6iicmcIC_zXy0VADcA_OQ",
      "p": "vosG_MYCvuS6CynUB_CKpqqggnbSDh_iikepagNOQOD-T4BQAYVsQRMyaVzzFJrx3bK3QhFMKbSb7MZOWG2ZpqDUqrML7SlMIxQt6feLWAlVAdSv_RXxWULQoS6dowUfQsfk0OV3x4qMFpmLV3gTAMmJ0-ZuoEDY-72Tj3T-PFc",
      "q": "rBS8NrHiX3dRtvI81gTvRFUCNzCbBJr54rDv4CXqi9uWwA3wi2xOJSV3bQYgZtoNWaCa-UxfTimG_JUdqMCXB0lMBf62OKB7V-rRA0qZyEMrJrgEcVPQ_nQc3ym_Av6hZdNs9ne1DJZSI_lj0NkeE985V_24vKRRME6j6-yYjCc",
      "dp": "K-Mr1dbp1Pwr2dxliPqfhOnyFHq3wScY7863t8JRKOJp0Pf19ZO8rnR0fQ46svlJUk4SpbYEO-rsqym16-o6pMWQlkytJ5AGiGHifWxV_Q4RNV2-t2VxdKTOFwH8rwrD-4a9LlxcLWq8_4uYK6ptfhXtmBAQVPr6v2kX7sf8svs",
      "dq": "EqfY09ErKpBkAoJ2h_lW-0CAEf2qALDQgHwQNWvG5syypjWcq3Ddc_eA4Af3AU-IfPwFcRuPhYjJAp8j7QScGwUeQdQgazkyxhBGAqZWz7hAeF0g1ixxDvUFoEgFVkzGsKRgPsQxk6DEXPQPlzfCpALiU6DFI2ZpCuSrrssiqqc",
      "qi": "m1eGh0la4w5XdSgLO5v1ToXnuVWHQf-7gHuNGHXdkVfMmIEMoJyiWswSawB71DSmYrr8x29n3IrgErysXLulbnLVr36y7gyfaNo8QGa7IuzDtYBBo6l7nenHqRJkagWgS7sZDaBYqM9_vkT61_kt3fjARBaqA0C_YBuVB5qb_DM"
    }
  ]
}

public_client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "8hTzUQ",
      "alg": "PS256",
      "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ"
    }
  ]
}

2021-06-15 17:14:13	SUCCESS OIDCC-10.1	CheckForKeyIdInClientJWKs All keys contain kids

2021-06-15 17:14:13

(1) More

SUCCESS

RFC7517-4.5

CheckDistinctKeyIdValueInClientJWKs

Distinct 'kid' value in all keys of client_jwks

see	https://bitbucket.org/openid/connect/issues/1127

2021-06-15 17:14:13

(1) More

SUCCESS

FAPI-RW-8.6

FAPICheckKeyAlgInClientJWKs

Keys in client JWKS all have permitted 'alg'

permitted

[
  "PS256",
  "ES256"
]

2021-06-15 17:14:13

(1) More

SUCCESS

FAPI-R-5.2.2-5 FAPI-R-5.2.2-6

FAPIEnsureMinimumClientKeyLength

Validated minimum key lengths for client_jwks

client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "8hTzUQ",
      "use": "sig",
      "alg": "PS256",
      "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ",
      "e": "AQAB",
      "d": "QqGVJfxJUPRDBdJV8bP2PKkf9bMKCkZgWLvy5Y29s2775i9QLT25IPX1bvnjUBpyecFzraPVLmXPesVQbUyyCU3fzKeEkvghMo2B83ywbCBULydgRsyQPjuMMMB86uALHwxaVjFCUZ2vQtac7c5NHFBMC0NXSXaZwwHqBtCBWbHp2Je531wEfeb8uzrfJpU1Of7bLGfjKaQTwnxs3v9iUng2uR143LTQd1bPL14vJjutnFGoDb4-CE80g_QLqtW7J1gDRRgxHzwnP9nmSjPpGpPK5u1zpQcpXGbi7QTUbqp13cSqq4pLpj2Dib90waoGZ6iicmcIC_zXy0VADcA_OQ",
      "p": "vosG_MYCvuS6CynUB_CKpqqggnbSDh_iikepagNOQOD-T4BQAYVsQRMyaVzzFJrx3bK3QhFMKbSb7MZOWG2ZpqDUqrML7SlMIxQt6feLWAlVAdSv_RXxWULQoS6dowUfQsfk0OV3x4qMFpmLV3gTAMmJ0-ZuoEDY-72Tj3T-PFc",
      "q": "rBS8NrHiX3dRtvI81gTvRFUCNzCbBJr54rDv4CXqi9uWwA3wi2xOJSV3bQYgZtoNWaCa-UxfTimG_JUdqMCXB0lMBf62OKB7V-rRA0qZyEMrJrgEcVPQ_nQc3ym_Av6hZdNs9ne1DJZSI_lj0NkeE985V_24vKRRME6j6-yYjCc",
      "dp": "K-Mr1dbp1Pwr2dxliPqfhOnyFHq3wScY7863t8JRKOJp0Pf19ZO8rnR0fQ46svlJUk4SpbYEO-rsqym16-o6pMWQlkytJ5AGiGHifWxV_Q4RNV2-t2VxdKTOFwH8rwrD-4a9LlxcLWq8_4uYK6ptfhXtmBAQVPr6v2kX7sf8svs",
      "dq": "EqfY09ErKpBkAoJ2h_lW-0CAEf2qALDQgHwQNWvG5syypjWcq3Ddc_eA4Af3AU-IfPwFcRuPhYjJAp8j7QScGwUeQdQgazkyxhBGAqZWz7hAeF0g1ixxDvUFoEgFVkzGsKRgPsQxk6DEXPQPlzfCpALiU6DFI2ZpCuSrrssiqqc",
      "qi": "m1eGh0la4w5XdSgLO5v1ToXnuVWHQf-7gHuNGHXdkVfMmIEMoJyiWswSawB71DSmYrr8x29n3IrgErysXLulbnLVr36y7gyfaNo8QGa7IuzDtYBBo6l7nenHqRJkagWgS7sZDaBYqM9_vkT61_kt3fjARBaqA0C_YBuVB5qb_DM"
    }
  ]
}

2021-06-15 17:14:13	SUCCESS	ValidateMTLSCertificatesAsX509 Mutual TLS authentication cert validated as X.509

2021-06-15 17:14:13

(1) More

SUCCESS

GetResourceEndpointConfiguration

Found a resource endpoint object

resourceUrl

https://par-what-is-it-good-for.ping-eng.com:3000/get

2021-06-15 17:14:13

(1) More

SUCCESS

SetProtectedResourceUrlToSingleResourceEndpoint

Set protected resource URL

protected_resource_url

https://par-what-is-it-good-for.ping-eng.com:3000/get

2021-06-15 17:14:13

(1) More

SUCCESS

ExtractTLSTestValuesFromResourceConfiguration

Extracted TLS information from resource endpoint

resource_endpoint

{
  "testHost": "par-what-is-it-good-for.ping-eng.com",
  "testPort": 3000
}

2021-06-15 17:14:13

(2) More

SUCCESS

ExtractTLSTestValuesFromOBResourceConfiguration

Extracted TLS information from resource endpoint

accounts_resource_endpoint	{ "testHost": "par-what-is-it-good-for.ping-eng.com", "testPort": 3000 }
accounts_request_endpoint	{ "testHost": "par-what-is-it-good-for.ping-eng.com", "testPort": 3000 }

2021-06-15 17:14:13		fapi-rw-id2-ensure-request-object-without-redirect-uri-fails Setup Done

Make request to authorization endpoint

2021-06-15 17:14:13

(3) More

SUCCESS

CreateAuthorizationEndpointRequestFromClientInformation

Created authorization endpoint request

client_id	c__fapi-mtls-jar1
redirect_uri	https://www.certification.openid.net/test/a/pi/callback
scope	openid other

2021-06-15 17:14:13

(1) More

SUCCESS

AddAcrClaimToAuthorizationEndpointRequest

Added acr claim to authorization_endpoint_request

authorization_endpoint_request

{
  "client_id": "c__fapi-mtls-jar1",
  "redirect_uri": "https://www.certification.openid.net/test/a/pi/callback",
  "scope": "openid other",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  }
}

2021-06-15 17:14:13

(2) More

CreateRandomStateValue

Created state value

requested_state_length	10
state	a6Alg57ocr

2021-06-15 17:14:13

(5) More

SUCCESS

AddStateToAuthorizationEndpointRequest

Added state parameter to request

client_id	c__fapi-mtls-jar1
redirect_uri	https://www.certification.openid.net/test/a/pi/callback
scope	openid other
claims	{ "id_token": { "acr": { "value": "urn:mace:incommon:iap:silver", "essential": true } } }
state	a6Alg57ocr

2021-06-15 17:14:13

(2) More

CreateRandomNonceValue

Created nonce value

requested_nonce_length	10
nonce	fKlySAo7Ef

2021-06-15 17:14:13

(6) More

SUCCESS

AddNonceToAuthorizationEndpointRequest

Added nonce parameter to request

client_id	c__fapi-mtls-jar1
redirect_uri	https://www.certification.openid.net/test/a/pi/callback
scope	openid other
claims	{ "id_token": { "acr": { "value": "urn:mace:incommon:iap:silver", "essential": true } } }
state	a6Alg57ocr
nonce	fKlySAo7Ef

2021-06-15 17:14:13

(7) More

SUCCESS

SetAuthorizationEndpointRequestResponseTypeToCodeIdtoken

Added response_type parameter to request

client_id	c__fapi-mtls-jar1
redirect_uri	https://www.certification.openid.net/test/a/pi/callback
scope	openid other
claims	{ "id_token": { "acr": { "value": "urn:mace:incommon:iap:silver", "essential": true } } }
state	a6Alg57ocr
nonce	fKlySAo7Ef
response_type	code id_token

2021-06-15 17:14:13

(1) More

SUCCESS

ConvertAuthorizationEndpointRequestToRequestObject

Created request object claims

request_object_claims

{
  "client_id": "c__fapi-mtls-jar1",
  "redirect_uri": "https://www.certification.openid.net/test/a/pi/callback",
  "scope": "openid other",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "state": "a6Alg57ocr",
  "nonce": "fKlySAo7Ef",
  "response_type": "code id_token"
}

2021-06-15 17:14:13

(1) More

SUCCESS

FAPI-RW-5.2.2-13

AddExpToRequestObject

Added exp to request object claims

exp	1.623777553E9

2021-06-15 17:14:13

(1) More

SUCCESS

FAPI-RW-5.2.2-14

AddAudToRequestObject

Added aud to request object claims

aud	https://par-what-is-it-good-for.ping-eng.com:9032

2021-06-15 17:14:13

(1) More

SUCCESS

OIDCC-6.1

AddIssToRequestObject

Added iss to request object claims

iss	c__fapi-mtls-jar1

2021-06-15 17:14:13

(1) More

SUCCESS

FAPI-RW-5.2.3-8

AddClientIdToRequestObject

Added client_id to request object claims

client_id

c__fapi-mtls-jar1

2021-06-15 17:14:13

(1) More

SUCCESS

RemoveRedirectUriFromRequestObject

Removed redirect_uri from request object claims

request_object_claims

{
  "client_id": "c__fapi-mtls-jar1",
  "scope": "openid other",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "state": "a6Alg57ocr",
  "nonce": "fKlySAo7Ef",
  "response_type": "code id_token",
  "exp": 1623777553,
  "aud": "https://par-what-is-it-good-for.ping-eng.com:9032",
  "iss": "c__fapi-mtls-jar1"
}

2021-06-15 17:14:13

(4) More

SUCCESS

SignRequestObject

Signed the request object

claims	{"aud":"https:\/\/par-what-is-it-good-for.ping-eng.com:9032","scope":"openid other","claims":{"id_token":{"acr":{"value":"urn:mace:incommon:iap:silver","essential":true}}},"iss":"c__fapi-mtls-jar1","response_type":"code id_token","state":"a6Alg57ocr","exp":1623777553,"nonce":"fKlySAo7Ef","client_id":"c__fapi-mtls-jar1"}
header	{"kid":"-WBaQw","alg":"PS256"}
request_object	eyJraWQiOiItV0JhUXciLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvcGFyLXdoYXQtaXMtaXQtZ29vZC1mb3IucGluZy1lbmcuY29tOjkwMzIiLCJzY29wZSI6Im9wZW5pZCBvdGhlciIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJjX19mYXBpLW10bHMtamFyMSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwic3RhdGUiOiJhNkFsZzU3b2NyIiwiZXhwIjoxNjIzNzc3NTUzLCJub25jZSI6ImZLbHlTQW83RWYiLCJjbGllbnRfaWQiOiJjX19mYXBpLW10bHMtamFyMSJ9.DxuoXMrr9__t7chHfgK9Akt6Bpy0sYyqJffcjdZ3pw_FXb0DtZ7CvrMJ4c3IeK_u4BnIPxvRxwiVmyHouhjlExH6oN0vj5XsGYfXV6cJy-NC8fYKUnVK4MC_H9kVq1jtYk3hryp8NNBr6Edb0axyQoy5F0PCwEoD__ouJjrHnG70yulogSHS6-BHXVjnU5_6_uZDX8GL2wQGmR8Iwmr1X82u1pxINp5A1Amtu5eRevnDqKGJx5AOm6ceMTT6J2hPIroqpzQMIjAqEVJUtC7vFKF0ryc_5lehmt5Utsb5fSZF8uNqFCYbz8bqAMy8JD1_j56QjhEC_UL3stLALd6cjg
key	{"p":"8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM","kty":"RSA","q":"8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk","d":"RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ","e":"AQAB","use":"sig","kid":"-WBaQw","qi":"3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A","dp":"pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs","alg":"PS256","dq":"nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE","n":"5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw"}

2021-06-15 17:14:13

(1) More

SUCCESS

BuildRequestObjectByValueRedirectToAuthorizationEndpoint

Sending to authorization endpoint

redirect_to_authorization_endpoint

https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2?request=eyJraWQiOiItV0JhUXciLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvcGFyLXdoYXQtaXMtaXQtZ29vZC1mb3IucGluZy1lbmcuY29tOjkwMzIiLCJzY29wZSI6Im9wZW5pZCBvdGhlciIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJjX19mYXBpLW10bHMtamFyMSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwic3RhdGUiOiJhNkFsZzU3b2NyIiwiZXhwIjoxNjIzNzc3NTUzLCJub25jZSI6ImZLbHlTQW83RWYiLCJjbGllbnRfaWQiOiJjX19mYXBpLW10bHMtamFyMSJ9.DxuoXMrr9__t7chHfgK9Akt6Bpy0sYyqJffcjdZ3pw_FXb0DtZ7CvrMJ4c3IeK_u4BnIPxvRxwiVmyHouhjlExH6oN0vj5XsGYfXV6cJy-NC8fYKUnVK4MC_H9kVq1jtYk3hryp8NNBr6Edb0axyQoy5F0PCwEoD__ouJjrHnG70yulogSHS6-BHXVjnU5_6_uZDX8GL2wQGmR8Iwmr1X82u1pxINp5A1Amtu5eRevnDqKGJx5AOm6ceMTT6J2hPIroqpzQMIjAqEVJUtC7vFKF0ryc_5lehmt5Utsb5fSZF8uNqFCYbz8bqAMy8JD1_j56QjhEC_UL3stLALd6cjg&client_id=c__fapi-mtls-jar1&redirect_uri=https://www.certification.openid.net/test/a/pi/callback&scope=openid%20other&response_type=code%20id_token

2021-06-15 17:14:13

(1) More

REDIRECT

fapi-rw-id2-ensure-request-object-without-redirect-uri-fails

Redirecting to authorization endpoint

redirect_to

https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2?request=eyJraWQiOiItV0JhUXciLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvcGFyLXdoYXQtaXMtaXQtZ29vZC1mb3IucGluZy1lbmcuY29tOjkwMzIiLCJzY29wZSI6Im9wZW5pZCBvdGhlciIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJjX19mYXBpLW10bHMtamFyMSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwic3RhdGUiOiJhNkFsZzU3b2NyIiwiZXhwIjoxNjIzNzc3NTUzLCJub25jZSI6ImZLbHlTQW83RWYiLCJjbGllbnRfaWQiOiJjX19mYXBpLW10bHMtamFyMSJ9.DxuoXMrr9__t7chHfgK9Akt6Bpy0sYyqJffcjdZ3pw_FXb0DtZ7CvrMJ4c3IeK_u4BnIPxvRxwiVmyHouhjlExH6oN0vj5XsGYfXV6cJy-NC8fYKUnVK4MC_H9kVq1jtYk3hryp8NNBr6Edb0axyQoy5F0PCwEoD__ouJjrHnG70yulogSHS6-BHXVjnU5_6_uZDX8GL2wQGmR8Iwmr1X82u1pxINp5A1Amtu5eRevnDqKGJx5AOm6ceMTT6J2hPIroqpzQMIjAqEVJUtC7vFKF0ryc_5lehmt5Utsb5fSZF8uNqFCYbz8bqAMy8JD1_j56QjhEC_UL3stLALd6cjg&client_id=c__fapi-mtls-jar1&redirect_uri=https://www.certification.openid.net/test/a/pi/callback&scope=openid%20other&response_type=code%20id_token

2021-06-15 17:14:13

(2) More

REVIEW IMAGE

FAPI-RW-5.2.3-8

ExpectRequestObjectMissingRedirectUriErrorPage

If the server does not return an invalid_request_object error back to the client, it must show an error page saying the request object is invalid as it is missing the 'redirect_uri' claim - upload a screenshot of the error page.

img
updatedAt	1623777273394

2021-06-15 17:14:44

(1) More

FINISHED

fapi-rw-id2-ensure-request-object-without-redirect-uri-fails

Test has run to completion

testmodule_result

REVIEW

2021-06-15 17:14:46

(2) More

TEST-RUNNER

Alias has now been claimed by another test

alias	pi
new_test_id	PGYtvD982RNne43

Test Summary

Test Results