Test detail

Test Name	fapi1-advanced-final-ensure-request-object-without-scope-fails
Variant	client_auth_type=mtls, fapi_auth_request_method=by_value, fapi_profile=openbanking_uk, fapi_response_mode=plain_response
Test ID	xbQv0DG37yAQIh7 https://www.certification.openid.net/log-detail.html?public=true&log=xbQv0DG37yAQIh7
Created	2021-08-23T21:24:52.950405Z
Description	fapi-f-mtls-jar
Test Version	4.1.25
Test Owner	109339807647777393961 https://accounts.google.com
Plan ID	9OcNKC2LTnkvm https://www.certification.openid.net/plan-detail.html?public=true&plan=9OcNKC2LTnkvm
Exported From	https://www.certification.openid.net
Exported By	109339807647777393961 https://accounts.google.com
Suite Version	4.1.25
Exported	2021-08-23 21:47:00 (UTC)

2021-08-23 21:24:53

(7) More

INFO

TEST-RUNNER

Test instance xbQv0DG37yAQIh7 created

baseUrl	https://www.certification.openid.net/test/a/pi
variant	{ "client_auth_type": "mtls", "fapi_auth_request_method": "by_value", "fapi_profile": "openbanking_uk", "fapi_response_mode": "plain_response" }
alias	pi
description	fapi-f-mtls-jar
planId	9OcNKC2LTnkvm
config	{ "alias": "pi", "description": "fapi-f-mtls-jar", "server": { "discoveryUrl": "https://par-what-is-it-good-for.ping-eng.com:9031/.well-known/openid-configuration" }, "client": { "client_id": "c__fapi-mtls-jar1", "scope": "openid other", "hint_type": "login_hint", "hint_value": "cheba-hut@ping-eng.com", "jwks": { "keys": [ { "kty": "RSA", "kid": "-WBaQw", "use": "sig", "alg": "PS256", "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw", "e": "AQAB", "d": "RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ", "p": "8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM", "q": "8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk", "dp": "pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs", "dq": "nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE", "qi": "3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A" } ] } }, "mtls": { "cert": "-----BEGIN CERTIFICATE-----\nMIICmzCCAkGgAwIBAgIBEDAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBB\ndXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2\nMTQxODUyNDlaFw0yMjA2MjQxODUyNDlaMDUxCzAJBgNVBAYTAlVTMQswCQYDVQQI\nDAJDTzEZMBcGA1UEAwwQcGFzc3dvcmQxIGlzIGZ1bjCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBANz7e9keCgR6wkiSGpEzNPz+AmclSkhBQdHgbNoO/hKK\nt57/NE0Ruyts1ESDpmS69R4BccKDZOFD2PsF+DywykI8W/OipgDP7HjpYuyWgNId\nMVHjFcUtILrc3mt0iABR9sfu8UwnqvSV6i7Mxauozv6C3zp7iPmBljiFzOkwudBx\niBm5mwZItMwPbpcdqa9EEPub74/zFgKxhEp/0toVuVg7GZVt76uCQrdlzRtvKOlt\nKi7voxXtCN0hp012tVgJbzvQPeSJrHVJN1jH0bqbEVVsljo6/z5Ur6/+M+tE6s43\nWIbTtgMH1foHmhwpiOaxGGPcRMvxjfVVJdSsL94Py9ECAwEAAaNyMHAwCQYDVR0T\nBAIwADAfBgNVHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8E\nBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4\nYW1wbGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIQCSPVITgusQsgLb5rVZPxIdBuAJ\n2cwPet4GcIXROebbLAIgb0Sq197/+QZkXNl9uUt8VwiA6UX5eZ2bgIbNQizr5BA\u003d\n-----END CERTIFICATE-----", "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA3Pt72R4KBHrCSJIakTM0/P4CZyVKSEFB0eBs2g7+Eoq3nv80\nTRG7K2zURIOmZLr1HgFxwoNk4UPY+wX4PLDKQjxb86KmAM/seOli7JaA0h0xUeMV\nxS0gutzea3SIAFH2x+7xTCeq9JXqLszFq6jO/oLfOnuI+YGWOIXM6TC50HGIGbmb\nBki0zA9ulx2pr0QQ+5vvj/MWArGESn/S2hW5WDsZlW3vq4JCt2XNG28o6W0qLu+j\nFe0I3SGnTXa1WAlvO9A95ImsdUk3WMfRupsRVWyWOjr/PlSvr/4z60TqzjdYhtO2\nAwfV+geaHCmI5rEYY9xEy/GN9VUl1Kwv3g/L0QIDAQABAoIBAQC/Yy9IQ7P5XTiX\nEbLgvrDNzFDYdHt5SMtwsiaUVRfHh0yw7+akOQ8Z9Q+Cp2KdKy7P5gBYruPYFaL/\nBZSRO6xw4UXiJKQRYAM2VSvQLCk10QK+ISbhtsv6CwC3oB2J6XMKhe+GPXTakFxa\nXA93NKTR2Rbs18EyFwG7wmZOMF0+IPnEDUY+qY9DP2aDkLQiqrH+RF1i0eJXLkhh\nL2UFNCDpW7f5iR6y2RUtpq4rHO9aDrGS7W+tzIZEfQpP+x6dEBg9SrHqE7zwaWIX\nuTlwypVRbZRuQqbFQzFAAJPIBWylSs/oypYhPJvhHAG9yCQR79exARbuWXdJyCYa\nGTxc+5ABAoGBAPV33BO7fZeISXdYKwDBKCKfVI9q4ssps/TYpCEKXQ8omrdYJrsD\ncv9rRCJedb250AW3hLJ/18JXjgnFq+o919fe60HE+b833NzzeMs26AFmvsuWvV1y\nXvSIwbMp6LhrzUmrsOdIrhbk8V2tIOpfySrWQUt6LS2jpeEXZSW5XKyhAoGBAOZ2\nrgjYDek2kss/tYnrsmg0RYTX9dI4tmi7P92YCsJfRQTMznBj1HxP8FNyxrZ1AgK5\nBNESgpW3dnd6RekfG04OecDkQSDtJiBxhoOQj//SYLHMDP+JmMFPD/YErulFQz8n\nOJsT5KNYhi9T9sAcFhrwrqzBp6E3KsbgR5+10iExAoGBAJssAvaCXnltUSvdk4mt\nkUaZvCXRZr8RhM4yKUctuvg7LdrbIdi07HxkfbTQS9P843DJu1vvjyAuov6wc+Xm\n5Ex1gfiYoVxs3vTaALFN60n/fntKtjiddUNWNESjKJd0plh87Z63hj24yo/yQs2G\nca/fs3UYLfkc616ooGtBi0EhAoGAIhQsmfww2mqKfGmYU6O5xvTrzsAMhqCCQKxn\nvkHMXX+u+g26/R2V/yfm9sADKFnXCUYIs03UZ4UwjGxVSCqkY/95+48FHnRS7fs7\nk9rdoEugpsnwphzXrMYfKxb4MmBemEkZcr0XUxw1A2ycET5V+nfarIsaWZmJxszF\napV9VBECgYBBrwBJdKtYQTh8+mJJtt5Cv+f6Ynw4QIG8HYssMq1CkFV3gcJFMgIh\nbdyI6yXnwhsk1EtgZYSvOkMym/mJNhyojvzsjUg7bkTivVFeMUy5n89i6T/KqqGH\n8zabTXrA/W3fAj6r58+93+20ZRqVFrhFVxHq9/2rq58b83CRxsHB1w\u003d\u003d\n-----END RSA PRIVATE KEY-----", "ca": "-----BEGIN CERTIFICATE-----\nMIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkG\nA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50\naWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEz\nMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxB\nIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54\nRC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtW\nCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAf\nBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/\nAgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxo\nmIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3R\nRX5gP7kuu2KGMg\u003d\u003d\n-----END CERTIFICATE-----" }, "resource": { "resourceUrl": "https://par-what-is-it-good-for.ping-eng.com:3000/ext/open-banking/v3.1/aisp/" }, "client2": { "client_id": "c__fapi-mtls-jar2", "scope": "openid", "jwks": { "keys": [ { "kty": "RSA", "kid": "8hTzUQ", "use": "sig", "alg": "PS256", "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ", "e": "AQAB", "d": "QqGVJfxJUPRDBdJV8bP2PKkf9bMKCkZgWLvy5Y29s2775i9QLT25IPX1bvnjUBpyecFzraPVLmXPesVQbUyyCU3fzKeEkvghMo2B83ywbCBULydgRsyQPjuMMMB86uALHwxaVjFCUZ2vQtac7c5NHFBMC0NXSXaZwwHqBtCBWbHp2Je531wEfeb8uzrfJpU1Of7bLGfjKaQTwnxs3v9iUng2uR143LTQd1bPL14vJjutnFGoDb4-CE80g_QLqtW7J1gDRRgxHzwnP9nmSjPpGpPK5u1zpQcpXGbi7QTUbqp13cSqq4pLpj2Dib90waoGZ6iicmcIC_zXy0VADcA_OQ", "p": "vosG_MYCvuS6CynUB_CKpqqggnbSDh_iikepagNOQOD-T4BQAYVsQRMyaVzzFJrx3bK3QhFMKbSb7MZOWG2ZpqDUqrML7SlMIxQt6feLWAlVAdSv_RXxWULQoS6dowUfQsfk0OV3x4qMFpmLV3gTAMmJ0-ZuoEDY-72Tj3T-PFc", "q": "rBS8NrHiX3dRtvI81gTvRFUCNzCbBJr54rDv4CXqi9uWwA3wi2xOJSV3bQYgZtoNWaCa-UxfTimG_JUdqMCXB0lMBf62OKB7V-rRA0qZyEMrJrgEcVPQ_nQc3ym_Av6hZdNs9ne1DJZSI_lj0NkeE985V_24vKRRME6j6-yYjCc", "dp": "K-Mr1dbp1Pwr2dxliPqfhOnyFHq3wScY7863t8JRKOJp0Pf19ZO8rnR0fQ46svlJUk4SpbYEO-rsqym16-o6pMWQlkytJ5AGiGHifWxV_Q4RNV2-t2VxdKTOFwH8rwrD-4a9LlxcLWq8_4uYK6ptfhXtmBAQVPr6v2kX7sf8svs", "dq": "EqfY09ErKpBkAoJ2h_lW-0CAEf2qALDQgHwQNWvG5syypjWcq3Ddc_eA4Af3AU-IfPwFcRuPhYjJAp8j7QScGwUeQdQgazkyxhBGAqZWz7hAeF0g1ixxDvUFoEgFVkzGsKRgPsQxk6DEXPQPlzfCpALiU6DFI2ZpCuSrrssiqqc", "qi": "m1eGh0la4w5XdSgLO5v1ToXnuVWHQf-7gHuNGHXdkVfMmIEMoJyiWswSawB71DSmYrr8x29n3IrgErysXLulbnLVr36y7gyfaNo8QGa7IuzDtYBBo6l7nenHqRJkagWgS7sZDaBYqM9_vkT61_kt3fjARBaqA0C_YBuVB5qb_DM" } ] } }, "mtls2": { "cert": "-----BEGIN CERTIFICATE-----\nMIICszCCAligAwIBAgIBETAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBB\ndXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2\nMTQxODU2NTlaFw0yMjA2MjQxODU2NTlaMEwxCzAJBgNVBAYTAkNBMQswCQYDVQQI\nDAJCQzEQMA4GA1UECgwHY29tcGFueTEeMBwGA1UEAwwVc28gYmFzaWMgdG8gYmUg\nY29tbW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgQ0drcANY/f\nodhD3TMdA/6eOymGLsj61q9plDAHGzTGVpOrlSlIdHVBVwrd6A0KOtDkLIgAPnLJ\ns6XlLpqE5ejv+FhdQz1wB99SirYSmc0BT5hGmomOukQkgNofGk2DA7aKzQeRwslu\n1NEEbJT9tTFwNMGlMkMMtEU6k71ddmWzxJdP04UsJBgTtKr98jmiQp585YkIYMJP\nruYt96Kw7XFnGetdbzDzqnscmeYhLTKWPs0xi5m3rq4+2AW9AgHoZJSLUmlshB75\nl+GIlDzVhC/2VsQ+e3Gr1nX/06yKV5efF6N1bVFvIPh8tTAChos6Ka36domMZRAA\n7AyRey7mJQIDAQABo3IwcDAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFGbdaMtrfyVs\nRgK6II9y3RlpIQPYMA4GA1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcD\nAjAdBgNVHREBAf8EEzARgQ9iZGNAZXhhbXBsZS5jb20wCgYIKoZIzj0EAwIDSQAw\nRgIhAPZd2ZQh32SKQJosVPloqCMTelYAopCcMJUyAtu1c6LkAiEAlgnUYDodv0JG\nAJ3lQYMTZm1UjLE34Vz0nrPCJa9k60E\u003d\n-----END CERTIFICATE-----", "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAmgQ0drcANY/fodhD3TMdA/6eOymGLsj61q9plDAHGzTGVpOr\nlSlIdHVBVwrd6A0KOtDkLIgAPnLJs6XlLpqE5ejv+FhdQz1wB99SirYSmc0BT5hG\nmomOukQkgNofGk2DA7aKzQeRwslu1NEEbJT9tTFwNMGlMkMMtEU6k71ddmWzxJdP\n04UsJBgTtKr98jmiQp585YkIYMJPruYt96Kw7XFnGetdbzDzqnscmeYhLTKWPs0x\ni5m3rq4+2AW9AgHoZJSLUmlshB75l+GIlDzVhC/2VsQ+e3Gr1nX/06yKV5efF6N1\nbVFvIPh8tTAChos6Ka36domMZRAA7AyRey7mJQIDAQABAoIBAEe7xaO1QEeyJvp+\ne70+3TjLEm+Du5d2zD3JnWcDp4uoXOheBwCGJdT39+LOkORPjoAuYtfK0DJFzGP7\n1G6MUXGzuHD21xlGODOydANfIfK4ZO/pgJjhkLR4oHfTH8FkcKz+DE/KQr1yjEha\nwbDBBBmsWRJ5TrPGPtiHlezRugI2Syo8hj8F6EUKWG2K8mKRXxDnQ3m+M2plqPmg\nvv8B/VV5BxxyrqBCMdLiCxx1f3EMHZpWtl9XqLRNzatsBTgdQjqb9K5HjzAMS09Y\n9b7Ng0YUcj7Bdp2OYszeUwTHaqhRpIC3TAI6ueGoWgIPR7tHyyPBl5wCKKt3f1v+\noZnf0YECgYEAy4PMiOK9JEEjwbL9X5a9sGWTJnTvJEhanEOZ5Er8YYCf5uDg5UDq\nq0pdaeH/syWqwnmopuoX1t2PCOPKS5piUTrZ8KiCsbbZVmtrJRG9SE4qVrgkhELk\nidoEDVU7If/KkSQOHKgD8EBDo+aV/CLO5YxfuywXG94e48FtJJj69nkCgYEAwbx7\n3qD4i9ZRkdkf6kMqE1Mci1Xquv6qTDMop75JjITz4cy8JOQ6hg9eXFiwBEzgb+mb\nKLjwniABGiqhwdETV8JzqEx4R4lPNCseSL2umeU1bQDaY+lnlxsy2Hf7QisUb7jp\nJFte5+C4o/u2SlXIsG/6HaEeXTlHPWjnTdCC8g0CgYAoAMYpefgXsj4nCtnG+kha\n7fxYqM+A4D//S0Jqn1qwh6nmpflO1s3J0Zo+/89VFWhVRbii5oy9DVvaMXxIFBaT\nRPAl39mguQJLfF3ZMX11QvgLh7KV1Ng7SIFXZZN0AWV91gp4E4aCqP8irmZ44xas\nBEWk8uuv7J9BwXmEohVicQKBgQCsIgDZBKLw9AJTmNvvc6+Nrfmdnz/I136N56KG\nr95/WJ2sERFVoeaRuFP5rt7tYzTCmoe+fdtkU0FHc3t3ToFmJyJF9XOk884Ipwro\nTIg2ul1mtSxVO0tMCeF6TdhTqR0mSt/y6q//TD4hjQMhNujyQvuymbX11G+Ek5F4\nJPxDfQKBgCuRsiZo/lAWpWcVWCN8ceVLDpd2APneyU70Aqq0gRRixi8LEWzs/7GD\nhKf0/Aw4IKyh6d0Ao80zcRNOtC9KpbNhzPID6M8ZXdeMWPrhgjSoex1loW79210o\n0qHzMEMtvif0Urt6gN5ZCGdpjl0Fxb0k+3XvWc1lqwAx1CFKDpoF\n-----END RSA PRIVATE KEY-----", "ca": "-----BEGIN CERTIFICATE-----\nMIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkG\nA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50\naWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEz\nMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxB\nIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54\nRC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtW\nCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAf\nBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/\nAgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxo\nmIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3R\nRX5gP7kuu2KGMg\u003d\u003d\n-----END CERTIFICATE-----" } }
testName	fapi1-advanced-final-ensure-request-object-without-scope-fails

2021-08-23 21:24:53

(1) More

SUCCESS

CreateRedirectUri

Created redirect URI

redirect_uri

https://www.certification.openid.net/test/a/pi/callback

2021-08-23 21:24:53

(4) More

GetDynamicServerConfiguration

HTTP request

request_uri	https://par-what-is-it-good-for.ping-eng.com:9031/.well-known/openid-configuration
request_method	GET
request_headers	{ "accept": "text/plain, application/json, application/cbor, application/+json, /*", "content-length": "0" }
request_body

2021-08-23 21:24:53

(4) More

RESPONSE

GetDynamicServerConfiguration

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "date": "Mon, 23 Aug 2021 21:24:53 GMT", "x-frame-options": "SAMEORIGIN", "referrer-policy": "origin", "cache-control": "no-cache, no-store", "pragma": "no-cache", "expires": "Thu, 01 Jan 1970 00:00:00 GMT", "content-type": "application/json;charset\u003dutf-8", "set-cookie": "PF\u003dnwPYT4y5rzuwumxOQptqii; Path\u003d/; Secure; HttpOnly; SameSite\u003dNone", "content-length": "3855" }
response_body	{ "issuer": "https://par-what-is-it-good-for.ping-eng.com:9031", "authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2", "token_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/token.oauth2", "revocation_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/revoke_token.oauth2", "userinfo_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/idp/userinfo.openid", "introspection_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/introspect.oauth2", "jwks_uri": "https://par-what-is-it-good-for.ping-eng.com:9031/pf/JWKS", "registration_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/clients.oauth2", "ping_revoked_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/revokedSris", "ping_session_management_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/sessions", "ping_session_management_users_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/users", "ping_end_session_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/idp/startSLO.ping", "device_authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/device_authz.oauth2", "scopes_supported": [ "other", "openid", "accounts" ], "claims_supported": [ "acr", "openbanking_intent_id", "sub" ], "response_types_supported": [ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ], "response_modes_supported": [ "fragment", "query", "form_post" ], "grant_types_supported": [ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:pingidentity.com:oauth2:grant_type:validate_bearer", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer", "urn:ietf:params:oauth:grant-type:device_code", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:openid:params:grant-type:ciba" ], "subject_types_supported": [ "public", "pairwise" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ], "token_endpoint_auth_methods_supported": ["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"], "token_endpoint_auth_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ], "claim_types_supported": [ "normal" ], "claims_parameter_supported": false, "request_parameter_supported": true, "request_uri_parameter_supported": false, "request_object_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ], "id_token_encryption_alg_values_supported": [ "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "RSA-OAEP" ], "id_token_encryption_enc_values_supported": [ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ], "pushed_authorization_request_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/par.oauth2", "require_pushed_authorization_requests": false, "backchannel_authentication_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/bc-auth.ciba", "backchannel_token_delivery_modes_supported": [ "poll", "ping" ], "backchannel_authentication_request_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ], "backchannel_user_code_parameter_supported": false, "code_challenge_methods_supported": [ "S256" ], "tls_client_certificate_bound_access_tokens":true, "claims_parameter_supported":true }

2021-08-23 21:24:53

(1) More

GetDynamicServerConfiguration

Downloaded server configuration

server_config_string

{
  "issuer": "https://par-what-is-it-good-for.ping-eng.com:9031",
  "authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2",
  "token_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9032/as/token.oauth2",
  "revocation_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/revoke_token.oauth2",
  "userinfo_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/idp/userinfo.openid",
  "introspection_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/introspect.oauth2",
  "jwks_uri": "https://par-what-is-it-good-for.ping-eng.com:9031/pf/JWKS",
  "registration_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/clients.oauth2",
  "ping_revoked_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/revokedSris",
  "ping_session_management_sris_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/sessions",
  "ping_session_management_users_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/users",
  "ping_end_session_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/idp/startSLO.ping",
  "device_authorization_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/device_authz.oauth2",
  "scopes_supported": [ "other", "openid", "accounts" ],
  "claims_supported": [ "acr", "openbanking_intent_id", "sub" ],
  "response_types_supported": [ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ],
  "response_modes_supported": [ "fragment", "query", "form_post" ],
  "grant_types_supported": [ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:pingidentity.com:oauth2:grant_type:validate_bearer", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer", "urn:ietf:params:oauth:grant-type:device_code", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:openid:params:grant-type:ciba" ],
  "subject_types_supported": [ "public", "pairwise" ],
  "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "token_endpoint_auth_methods_supported": ["client_secret_basic","client_secret_post","private_key_jwt","tls_client_auth"],
  "token_endpoint_auth_signing_alg_values_supported":  [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "claim_types_supported": [ "normal" ],
  "claims_parameter_supported": false,
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "request_object_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "id_token_encryption_alg_values_supported": [ "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "RSA-OAEP" ],
  "id_token_encryption_enc_values_supported": [ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ],
  "pushed_authorization_request_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/par.oauth2",
  "require_pushed_authorization_requests": false,
  "backchannel_authentication_endpoint": "https://par-what-is-it-good-for.ping-eng.com:9031/as/bc-auth.ciba",
  "backchannel_token_delivery_modes_supported": [ "poll", "ping" ],
  "backchannel_authentication_request_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "backchannel_user_code_parameter_supported": false,
  "code_challenge_methods_supported": [ "S256" ],
  "tls_client_certificate_bound_access_tokens":true,
"claims_parameter_supported":true
}

2021-08-23 21:24:53

(37) More

SUCCESS

GetDynamicServerConfiguration

Successfully parsed server configuration

issuer	https://par-what-is-it-good-for.ping-eng.com:9031
authorization_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2
token_endpoint	https://par-what-is-it-good-for.ping-eng.com:9032/as/token.oauth2
revocation_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/as/revoke_token.oauth2
userinfo_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/idp/userinfo.openid
introspection_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/as/introspect.oauth2
jwks_uri	https://par-what-is-it-good-for.ping-eng.com:9031/pf/JWKS
registration_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/as/clients.oauth2
ping_revoked_sris_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/revokedSris
ping_session_management_sris_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/sessions
ping_session_management_users_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/pf-ws/rest/sessionMgmt/users
ping_end_session_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/idp/startSLO.ping
device_authorization_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/as/device_authz.oauth2
scopes_supported	[ "other", "openid", "accounts" ]
claims_supported	[ "acr", "openbanking_intent_id", "sub" ]
response_types_supported	[ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ]
response_modes_supported	[ "fragment", "query", "form_post" ]
grant_types_supported	[ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:pingidentity.com:oauth2:grant_type:validate_bearer", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer", "urn:ietf:params:oauth:grant-type:device_code", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:openid:params:grant-type:ciba" ]
subject_types_supported	[ "public", "pairwise" ]
id_token_signing_alg_values_supported	[ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ]
token_endpoint_auth_methods_supported	[ "client_secret_basic", "client_secret_post", "private_key_jwt", "tls_client_auth" ]
token_endpoint_auth_signing_alg_values_supported	[ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ]
claim_types_supported	[ "normal" ]
claims_parameter_supported	true
request_parameter_supported	true
request_uri_parameter_supported	false
request_object_signing_alg_values_supported	[ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ]
id_token_encryption_alg_values_supported	[ "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "RSA-OAEP" ]
id_token_encryption_enc_values_supported	[ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ]
pushed_authorization_request_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/as/par.oauth2
require_pushed_authorization_requests	false
backchannel_authentication_endpoint	https://par-what-is-it-good-for.ping-eng.com:9031/as/bc-auth.ciba
backchannel_token_delivery_modes_supported	[ "poll", "ping" ]
backchannel_authentication_request_signing_alg_values_supported	[ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ]
backchannel_user_code_parameter_supported	false
code_challenge_methods_supported	[ "S256" ]
tls_client_certificate_bound_access_tokens	true

2021-08-23 21:24:53	SUCCESS RFC8705-5	AddMTLSEndpointAliasesToEnvironment Added mtls_endpoint_aliases to environment

2021-08-23 21:24:53

(1) More

SUCCESS

CheckServerConfiguration

Found required server configuration keys

required

[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]

2021-08-23 21:24:53

(1) More

FetchServerKeys

Fetching server key

jwks_uri

https://par-what-is-it-good-for.ping-eng.com:9031/pf/JWKS

2021-08-23 21:24:53

(4) More

FetchServerKeys

HTTP request

request_uri	https://par-what-is-it-good-for.ping-eng.com:9031/pf/JWKS
request_method	GET
request_headers	{ "accept": "text/plain, application/json, application/cbor, application/+json, /*", "content-length": "0" }
request_body

2021-08-23 21:24:53

(4) More

RESPONSE

FetchServerKeys

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "date": "Mon, 23 Aug 2021 21:24:53 GMT", "x-frame-options": "SAMEORIGIN", "referrer-policy": "origin", "cache-control": "no-cache, no-store", "pragma": "no-cache", "expires": "Thu, 01 Jan 1970 00:00:00 GMT", "content-type": "application/json;charset\u003dutf-8", "set-cookie": "PF\u003dyElltN8aR5TX6wKgrZ9Fvb; Path\u003d/; Secure; HttpOnly; SameSite\u003dNone", "transfer-encoding": "chunked" }
response_body	{"keys":[{"kty":"RSA","kid":"1QYSfMMbnKSjVpn8McabnlzpvZk","use":"sig","n":"qlv31BK76PigWHX4c1rOdcGPOUS1AfXLhsbiNWoDrQ3ce1aLyA-kdf91eZ9h05ONdkzCd-8zNzVRng6ymglaXEBgdr8P-Z9Fy6KqpPSZJa92OW_wEJybvvbhX-aT4IvsLPX4afvNnQAJqJe0tmq4M3PyWGhfPE6IhpVSh4LB5Bs1y2Mt5Ys74URON-ULE6trtYFXHvivrMEK2-yAJZXx3VX7JHmMqMlXEWp9YhRVs_smkYjxlhty9Amdk94DJyAT7ZK6CkvVJj_76Ghwhw13rWFUkmLjCxPl38kQWtuxNr-OVU6VpTuaItHfosMyOZvfqse14A_nIu2-KKmWGYW7bQ","e":"AQAB"},{"kty":"EC","kid":"JAgcs8VPEz1HBzVWj4EAcPME_MY","use":"sig","x":"es_F48sh6qBS9XnAWpw3ovQcfRuzW9zFBo8h5r3M-jA","y":"7prPfgYPWAr_tYKvzGd7kxLGsKIruLyGxSm6yBNpSSg","crv":"P-256"},{"kty":"EC","kid":"YTX4RLtDJXNk5I0O-nidaZIFCgY","use":"sig","x":"AZrJflqCH_VTW7v07Ac2oGxXTNb1AkQjAG9jg-Rg0dQoRmHlUSHNVRaUnRrqDb2aIC6YvHGggb_R8v-eCSua1Wzk","y":"AEe9VPKBf3MRLAkFrketuqd1MnZ0k2znV4opRsVUwxkBZ3jUXUiY3AJXwV4zEtWp7UUTGOxCQgNnQhyM2Z62ziYR","crv":"P-521"},{"kty":"EC","kid":"bCWshC2UVaQWD_Vnco0OAEboyA8","use":"sig","x":"AXfa0EV9AS2GVr-EaovjIEd5scbbwyvTx84c-hiuly611cTl-6J1nSSne1sjqd7o","y":"mrYoiLX5DT2NguHmV9wlWvFo4hJGSsF0B2N63zyoyKwStZqhY8nX13KUXSmVYAFE","crv":"P-384"},{"kty":"RSA","kid":"EHE1CpDFeQVWk3c968RPZW3QZHE","use":"sig","n":"v0MAqXOyFu94NnC2HYO7I1tWXdcNYp7qaGcPqKPKQ_UqOdx_H79fzpaaDmfq2NDbSvl__4MR8ByDRzPwm8C-eWMlLJZM0OoQsbGoTm09cO2v_rLMUlhJwmgVukVy8hR89mkrMh7DJzNSFwjUcxCI-GVt8TldjS1n67e8HUPnlvYTX5XHnH6YAZNhA5pJneYTBSHc0C3x31hCkfeKr914ViU46LPHfvvczW-x96CCZHYh4m8kpOrKX78nnxdlAg6T34CS9dxLkgAQ4Jm2mVdF8n3edEOOY4cegUUimFLguVLd6R9jjlfE5NKna-Rw03wIa1B6Vi9mAxnonaaIvculOw","e":"AQAB"},{"kty":"EC","kid":"YY7DeawJUT2ysl8u2v3moIwo7CI","use":"sig","x":"fws6gmxzWKKVhJkSSYcafpZy3xWdVrNu2vLdOBcp5-k","y":"62oW2bZYK1AbYXnyiYUk-lSdehXx6YYj_OaIRXnft3I","crv":"P-256"},{"kty":"EC","kid":"_kHJmgNgSypjjumxgqHZnxGpmho","use":"sig","x":"dZb_5RLyD3PPXcgJ02CRuxPBklwh14_LmvRZJBxouIS80gM9gpgIo4E9OASN-UQZ","y":"ueINBfR5hrRO2sriUKDv33W-XHkyIGAqOtp0BOzShuk5ERGw7QZrQiGVpXu0uQPW","crv":"P-384"},{"kty":"EC","kid":"qF6ckvyskqm3lze5SD8WSZaIw14","use":"sig","x":"AOWr_SRhKWRSwfuDGmTz8xOuVwMeSpVjNBCnJho4NmezFep4kMYY7ELS07D8KfRbxKJVs54QduuHqDLq5Pw7HbgM","y":"ABkZlS7CcuXoLn4DIoqaVuis-FqOQXzzDSAkGosF5e6Ehkph2MFnhVXiqvMBP2jRtflIAckTHRT2PHxtoyJrGg63","crv":"P-521"},{"kty":"EC","kid":"RAitgMt8ggfgou4dXxFZUiOkRc0","use":"enc","x":"AaXuRZltDiUQJSjCGUjfEAKnlDWLN_s09a_TS4OR4cT84EGoDpwOYrEfhCGleJTAZFc-7mCZBLacpeFuinLmUnKA","y":"AR98xmgRCQ2uLQrxk-qnOUKvEbOzZjwg2XbqR5JHylEN9kld4OAp3uBEu4aiFelYZYJ9BQhuERlomJpCHliB-r3B","crv":"P-521"},{"kty":"EC","kid":"kSp1CjJXjW6X0dhqtxVBhFJV7tI","use":"enc","x":"fbu8_yrv1wqLrsEBGJYIOOWmPfF9YCnN8DRoOVRHOfM","y":"N_aTUFVBwx1FPBK8TTOAfSpBQojgTJRZcwPYsGC4WCM","crv":"P-256"},{"kty":"RSA","kid":"w9VpiC2f-1-6Pmo1i1tVrml4mpg","use":"enc","n":"iKFBEUg9Iz1y1YOfeavAyg8wMhDTJdexs5YnnHzT7-FoTD7jP4dR-ScSG640_ERqv1_rV_xGGG8BXo5Sao3oCtmITWJmBSKzdYYDwNwir9u27AM5Yc5TFAAB8f_U8UllD6jr4usrZQEU6cRN-S13EFR-q4HCobbrCwRKJOZVTKX5elR2xKDbc7a7X7HdZ9YXuTdulhHKtilY2cxGZ4Gvhq00RJ73lKJ8rKxOOxFgBGs7RvW1Zdn8F4egz-jdEhgszMLlSp0R9oYEkMFxT9lxTFdgUhWprx1L5YtUj77olH8hXeHeVunbeEP0oTLwiS771CqQ7R44G9eFigwDD-XCwQ","e":"AQAB"},{"kty":"EC","kid":"yEQOwa0-3j63Wo8_02jyhIMpB6s","use":"enc","x":"3nqh_FLB17t174sdQiyRk1XlX6iWw1mC0rsXEyN0Ob8z1YSkGEQZgfwf1BVQtKis","y":"7aP9aVcz8VtcBlOFtQBZA1TKg1_7bmYDwhRWTqAWH1L41SP-gTcYXjucFv3MOSGn","crv":"P-384"}]}

2021-08-23 21:24:53

(1) More

FetchServerKeys

Found JWK set string

jwk_string

{"keys":[{"kty":"RSA","kid":"1QYSfMMbnKSjVpn8McabnlzpvZk","use":"sig","n":"qlv31BK76PigWHX4c1rOdcGPOUS1AfXLhsbiNWoDrQ3ce1aLyA-kdf91eZ9h05ONdkzCd-8zNzVRng6ymglaXEBgdr8P-Z9Fy6KqpPSZJa92OW_wEJybvvbhX-aT4IvsLPX4afvNnQAJqJe0tmq4M3PyWGhfPE6IhpVSh4LB5Bs1y2Mt5Ys74URON-ULE6trtYFXHvivrMEK2-yAJZXx3VX7JHmMqMlXEWp9YhRVs_smkYjxlhty9Amdk94DJyAT7ZK6CkvVJj_76Ghwhw13rWFUkmLjCxPl38kQWtuxNr-OVU6VpTuaItHfosMyOZvfqse14A_nIu2-KKmWGYW7bQ","e":"AQAB"},{"kty":"EC","kid":"JAgcs8VPEz1HBzVWj4EAcPME_MY","use":"sig","x":"es_F48sh6qBS9XnAWpw3ovQcfRuzW9zFBo8h5r3M-jA","y":"7prPfgYPWAr_tYKvzGd7kxLGsKIruLyGxSm6yBNpSSg","crv":"P-256"},{"kty":"EC","kid":"YTX4RLtDJXNk5I0O-nidaZIFCgY","use":"sig","x":"AZrJflqCH_VTW7v07Ac2oGxXTNb1AkQjAG9jg-Rg0dQoRmHlUSHNVRaUnRrqDb2aIC6YvHGggb_R8v-eCSua1Wzk","y":"AEe9VPKBf3MRLAkFrketuqd1MnZ0k2znV4opRsVUwxkBZ3jUXUiY3AJXwV4zEtWp7UUTGOxCQgNnQhyM2Z62ziYR","crv":"P-521"},{"kty":"EC","kid":"bCWshC2UVaQWD_Vnco0OAEboyA8","use":"sig","x":"AXfa0EV9AS2GVr-EaovjIEd5scbbwyvTx84c-hiuly611cTl-6J1nSSne1sjqd7o","y":"mrYoiLX5DT2NguHmV9wlWvFo4hJGSsF0B2N63zyoyKwStZqhY8nX13KUXSmVYAFE","crv":"P-384"},{"kty":"RSA","kid":"EHE1CpDFeQVWk3c968RPZW3QZHE","use":"sig","n":"v0MAqXOyFu94NnC2HYO7I1tWXdcNYp7qaGcPqKPKQ_UqOdx_H79fzpaaDmfq2NDbSvl__4MR8ByDRzPwm8C-eWMlLJZM0OoQsbGoTm09cO2v_rLMUlhJwmgVukVy8hR89mkrMh7DJzNSFwjUcxCI-GVt8TldjS1n67e8HUPnlvYTX5XHnH6YAZNhA5pJneYTBSHc0C3x31hCkfeKr914ViU46LPHfvvczW-x96CCZHYh4m8kpOrKX78nnxdlAg6T34CS9dxLkgAQ4Jm2mVdF8n3edEOOY4cegUUimFLguVLd6R9jjlfE5NKna-Rw03wIa1B6Vi9mAxnonaaIvculOw","e":"AQAB"},{"kty":"EC","kid":"YY7DeawJUT2ysl8u2v3moIwo7CI","use":"sig","x":"fws6gmxzWKKVhJkSSYcafpZy3xWdVrNu2vLdOBcp5-k","y":"62oW2bZYK1AbYXnyiYUk-lSdehXx6YYj_OaIRXnft3I","crv":"P-256"},{"kty":"EC","kid":"_kHJmgNgSypjjumxgqHZnxGpmho","use":"sig","x":"dZb_5RLyD3PPXcgJ02CRuxPBklwh14_LmvRZJBxouIS80gM9gpgIo4E9OASN-UQZ","y":"ueINBfR5hrRO2sriUKDv33W-XHkyIGAqOtp0BOzShuk5ERGw7QZrQiGVpXu0uQPW","crv":"P-384"},{"kty":"EC","kid":"qF6ckvyskqm3lze5SD8WSZaIw14","use":"sig","x":"AOWr_SRhKWRSwfuDGmTz8xOuVwMeSpVjNBCnJho4NmezFep4kMYY7ELS07D8KfRbxKJVs54QduuHqDLq5Pw7HbgM","y":"ABkZlS7CcuXoLn4DIoqaVuis-FqOQXzzDSAkGosF5e6Ehkph2MFnhVXiqvMBP2jRtflIAckTHRT2PHxtoyJrGg63","crv":"P-521"},{"kty":"EC","kid":"RAitgMt8ggfgou4dXxFZUiOkRc0","use":"enc","x":"AaXuRZltDiUQJSjCGUjfEAKnlDWLN_s09a_TS4OR4cT84EGoDpwOYrEfhCGleJTAZFc-7mCZBLacpeFuinLmUnKA","y":"AR98xmgRCQ2uLQrxk-qnOUKvEbOzZjwg2XbqR5JHylEN9kld4OAp3uBEu4aiFelYZYJ9BQhuERlomJpCHliB-r3B","crv":"P-521"},{"kty":"EC","kid":"kSp1CjJXjW6X0dhqtxVBhFJV7tI","use":"enc","x":"fbu8_yrv1wqLrsEBGJYIOOWmPfF9YCnN8DRoOVRHOfM","y":"N_aTUFVBwx1FPBK8TTOAfSpBQojgTJRZcwPYsGC4WCM","crv":"P-256"},{"kty":"RSA","kid":"w9VpiC2f-1-6Pmo1i1tVrml4mpg","use":"enc","n":"iKFBEUg9Iz1y1YOfeavAyg8wMhDTJdexs5YnnHzT7-FoTD7jP4dR-ScSG640_ERqv1_rV_xGGG8BXo5Sao3oCtmITWJmBSKzdYYDwNwir9u27AM5Yc5TFAAB8f_U8UllD6jr4usrZQEU6cRN-S13EFR-q4HCobbrCwRKJOZVTKX5elR2xKDbc7a7X7HdZ9YXuTdulhHKtilY2cxGZ4Gvhq00RJ73lKJ8rKxOOxFgBGs7RvW1Zdn8F4egz-jdEhgszMLlSp0R9oYEkMFxT9lxTFdgUhWprx1L5YtUj77olH8hXeHeVunbeEP0oTLwiS771CqQ7R44G9eFigwDD-XCwQ","e":"AQAB"},{"kty":"EC","kid":"yEQOwa0-3j63Wo8_02jyhIMpB6s","use":"enc","x":"3nqh_FLB17t174sdQiyRk1XlX6iWw1mC0rsXEyN0Ob8z1YSkGEQZgfwf1BVQtKis","y":"7aP9aVcz8VtcBlOFtQBZA1TKg1_7bmYDwhRWTqAWH1L41SP-gTcYXjucFv3MOSGn","crv":"P-384"}]}

2021-08-23 21:24:53

(1) More

SUCCESS

FetchServerKeys

Found server JWK set

server_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "1QYSfMMbnKSjVpn8McabnlzpvZk",
      "use": "sig",
      "n": "qlv31BK76PigWHX4c1rOdcGPOUS1AfXLhsbiNWoDrQ3ce1aLyA-kdf91eZ9h05ONdkzCd-8zNzVRng6ymglaXEBgdr8P-Z9Fy6KqpPSZJa92OW_wEJybvvbhX-aT4IvsLPX4afvNnQAJqJe0tmq4M3PyWGhfPE6IhpVSh4LB5Bs1y2Mt5Ys74URON-ULE6trtYFXHvivrMEK2-yAJZXx3VX7JHmMqMlXEWp9YhRVs_smkYjxlhty9Amdk94DJyAT7ZK6CkvVJj_76Ghwhw13rWFUkmLjCxPl38kQWtuxNr-OVU6VpTuaItHfosMyOZvfqse14A_nIu2-KKmWGYW7bQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "JAgcs8VPEz1HBzVWj4EAcPME_MY",
      "use": "sig",
      "x": "es_F48sh6qBS9XnAWpw3ovQcfRuzW9zFBo8h5r3M-jA",
      "y": "7prPfgYPWAr_tYKvzGd7kxLGsKIruLyGxSm6yBNpSSg",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "YTX4RLtDJXNk5I0O-nidaZIFCgY",
      "use": "sig",
      "x": "AZrJflqCH_VTW7v07Ac2oGxXTNb1AkQjAG9jg-Rg0dQoRmHlUSHNVRaUnRrqDb2aIC6YvHGggb_R8v-eCSua1Wzk",
      "y": "AEe9VPKBf3MRLAkFrketuqd1MnZ0k2znV4opRsVUwxkBZ3jUXUiY3AJXwV4zEtWp7UUTGOxCQgNnQhyM2Z62ziYR",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "bCWshC2UVaQWD_Vnco0OAEboyA8",
      "use": "sig",
      "x": "AXfa0EV9AS2GVr-EaovjIEd5scbbwyvTx84c-hiuly611cTl-6J1nSSne1sjqd7o",
      "y": "mrYoiLX5DT2NguHmV9wlWvFo4hJGSsF0B2N63zyoyKwStZqhY8nX13KUXSmVYAFE",
      "crv": "P-384"
    },
    {
      "kty": "RSA",
      "kid": "EHE1CpDFeQVWk3c968RPZW3QZHE",
      "use": "sig",
      "n": "v0MAqXOyFu94NnC2HYO7I1tWXdcNYp7qaGcPqKPKQ_UqOdx_H79fzpaaDmfq2NDbSvl__4MR8ByDRzPwm8C-eWMlLJZM0OoQsbGoTm09cO2v_rLMUlhJwmgVukVy8hR89mkrMh7DJzNSFwjUcxCI-GVt8TldjS1n67e8HUPnlvYTX5XHnH6YAZNhA5pJneYTBSHc0C3x31hCkfeKr914ViU46LPHfvvczW-x96CCZHYh4m8kpOrKX78nnxdlAg6T34CS9dxLkgAQ4Jm2mVdF8n3edEOOY4cegUUimFLguVLd6R9jjlfE5NKna-Rw03wIa1B6Vi9mAxnonaaIvculOw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "YY7DeawJUT2ysl8u2v3moIwo7CI",
      "use": "sig",
      "x": "fws6gmxzWKKVhJkSSYcafpZy3xWdVrNu2vLdOBcp5-k",
      "y": "62oW2bZYK1AbYXnyiYUk-lSdehXx6YYj_OaIRXnft3I",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "_kHJmgNgSypjjumxgqHZnxGpmho",
      "use": "sig",
      "x": "dZb_5RLyD3PPXcgJ02CRuxPBklwh14_LmvRZJBxouIS80gM9gpgIo4E9OASN-UQZ",
      "y": "ueINBfR5hrRO2sriUKDv33W-XHkyIGAqOtp0BOzShuk5ERGw7QZrQiGVpXu0uQPW",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "qF6ckvyskqm3lze5SD8WSZaIw14",
      "use": "sig",
      "x": "AOWr_SRhKWRSwfuDGmTz8xOuVwMeSpVjNBCnJho4NmezFep4kMYY7ELS07D8KfRbxKJVs54QduuHqDLq5Pw7HbgM",
      "y": "ABkZlS7CcuXoLn4DIoqaVuis-FqOQXzzDSAkGosF5e6Ehkph2MFnhVXiqvMBP2jRtflIAckTHRT2PHxtoyJrGg63",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "RAitgMt8ggfgou4dXxFZUiOkRc0",
      "use": "enc",
      "x": "AaXuRZltDiUQJSjCGUjfEAKnlDWLN_s09a_TS4OR4cT84EGoDpwOYrEfhCGleJTAZFc-7mCZBLacpeFuinLmUnKA",
      "y": "AR98xmgRCQ2uLQrxk-qnOUKvEbOzZjwg2XbqR5JHylEN9kld4OAp3uBEu4aiFelYZYJ9BQhuERlomJpCHliB-r3B",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "kSp1CjJXjW6X0dhqtxVBhFJV7tI",
      "use": "enc",
      "x": "fbu8_yrv1wqLrsEBGJYIOOWmPfF9YCnN8DRoOVRHOfM",
      "y": "N_aTUFVBwx1FPBK8TTOAfSpBQojgTJRZcwPYsGC4WCM",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "w9VpiC2f-1-6Pmo1i1tVrml4mpg",
      "use": "enc",
      "n": "iKFBEUg9Iz1y1YOfeavAyg8wMhDTJdexs5YnnHzT7-FoTD7jP4dR-ScSG640_ERqv1_rV_xGGG8BXo5Sao3oCtmITWJmBSKzdYYDwNwir9u27AM5Yc5TFAAB8f_U8UllD6jr4usrZQEU6cRN-S13EFR-q4HCobbrCwRKJOZVTKX5elR2xKDbc7a7X7HdZ9YXuTdulhHKtilY2cxGZ4Gvhq00RJ73lKJ8rKxOOxFgBGs7RvW1Zdn8F4egz-jdEhgszMLlSp0R9oYEkMFxT9lxTFdgUhWprx1L5YtUj77olH8hXeHeVunbeEP0oTLwiS771CqQ7R44G9eFigwDD-XCwQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "yEQOwa0-3j63Wo8_02jyhIMpB6s",
      "use": "enc",
      "x": "3nqh_FLB17t174sdQiyRk1XlX6iWw1mC0rsXEyN0Ob8z1YSkGEQZgfwf1BVQtKis",
      "y": "7aP9aVcz8VtcBlOFtQBZA1TKg1_7bmYDwhRWTqAWH1L41SP-gTcYXjucFv3MOSGn",
      "crv": "P-384"
    }
  ]
}

2021-08-23 21:24:53

(1) More

SUCCESS

CheckServerKeysIsValid

Server JWKs is valid

server_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "1QYSfMMbnKSjVpn8McabnlzpvZk",
      "use": "sig",
      "n": "qlv31BK76PigWHX4c1rOdcGPOUS1AfXLhsbiNWoDrQ3ce1aLyA-kdf91eZ9h05ONdkzCd-8zNzVRng6ymglaXEBgdr8P-Z9Fy6KqpPSZJa92OW_wEJybvvbhX-aT4IvsLPX4afvNnQAJqJe0tmq4M3PyWGhfPE6IhpVSh4LB5Bs1y2Mt5Ys74URON-ULE6trtYFXHvivrMEK2-yAJZXx3VX7JHmMqMlXEWp9YhRVs_smkYjxlhty9Amdk94DJyAT7ZK6CkvVJj_76Ghwhw13rWFUkmLjCxPl38kQWtuxNr-OVU6VpTuaItHfosMyOZvfqse14A_nIu2-KKmWGYW7bQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "JAgcs8VPEz1HBzVWj4EAcPME_MY",
      "use": "sig",
      "x": "es_F48sh6qBS9XnAWpw3ovQcfRuzW9zFBo8h5r3M-jA",
      "y": "7prPfgYPWAr_tYKvzGd7kxLGsKIruLyGxSm6yBNpSSg",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "YTX4RLtDJXNk5I0O-nidaZIFCgY",
      "use": "sig",
      "x": "AZrJflqCH_VTW7v07Ac2oGxXTNb1AkQjAG9jg-Rg0dQoRmHlUSHNVRaUnRrqDb2aIC6YvHGggb_R8v-eCSua1Wzk",
      "y": "AEe9VPKBf3MRLAkFrketuqd1MnZ0k2znV4opRsVUwxkBZ3jUXUiY3AJXwV4zEtWp7UUTGOxCQgNnQhyM2Z62ziYR",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "bCWshC2UVaQWD_Vnco0OAEboyA8",
      "use": "sig",
      "x": "AXfa0EV9AS2GVr-EaovjIEd5scbbwyvTx84c-hiuly611cTl-6J1nSSne1sjqd7o",
      "y": "mrYoiLX5DT2NguHmV9wlWvFo4hJGSsF0B2N63zyoyKwStZqhY8nX13KUXSmVYAFE",
      "crv": "P-384"
    },
    {
      "kty": "RSA",
      "kid": "EHE1CpDFeQVWk3c968RPZW3QZHE",
      "use": "sig",
      "n": "v0MAqXOyFu94NnC2HYO7I1tWXdcNYp7qaGcPqKPKQ_UqOdx_H79fzpaaDmfq2NDbSvl__4MR8ByDRzPwm8C-eWMlLJZM0OoQsbGoTm09cO2v_rLMUlhJwmgVukVy8hR89mkrMh7DJzNSFwjUcxCI-GVt8TldjS1n67e8HUPnlvYTX5XHnH6YAZNhA5pJneYTBSHc0C3x31hCkfeKr914ViU46LPHfvvczW-x96CCZHYh4m8kpOrKX78nnxdlAg6T34CS9dxLkgAQ4Jm2mVdF8n3edEOOY4cegUUimFLguVLd6R9jjlfE5NKna-Rw03wIa1B6Vi9mAxnonaaIvculOw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "YY7DeawJUT2ysl8u2v3moIwo7CI",
      "use": "sig",
      "x": "fws6gmxzWKKVhJkSSYcafpZy3xWdVrNu2vLdOBcp5-k",
      "y": "62oW2bZYK1AbYXnyiYUk-lSdehXx6YYj_OaIRXnft3I",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "_kHJmgNgSypjjumxgqHZnxGpmho",
      "use": "sig",
      "x": "dZb_5RLyD3PPXcgJ02CRuxPBklwh14_LmvRZJBxouIS80gM9gpgIo4E9OASN-UQZ",
      "y": "ueINBfR5hrRO2sriUKDv33W-XHkyIGAqOtp0BOzShuk5ERGw7QZrQiGVpXu0uQPW",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "qF6ckvyskqm3lze5SD8WSZaIw14",
      "use": "sig",
      "x": "AOWr_SRhKWRSwfuDGmTz8xOuVwMeSpVjNBCnJho4NmezFep4kMYY7ELS07D8KfRbxKJVs54QduuHqDLq5Pw7HbgM",
      "y": "ABkZlS7CcuXoLn4DIoqaVuis-FqOQXzzDSAkGosF5e6Ehkph2MFnhVXiqvMBP2jRtflIAckTHRT2PHxtoyJrGg63",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "RAitgMt8ggfgou4dXxFZUiOkRc0",
      "use": "enc",
      "x": "AaXuRZltDiUQJSjCGUjfEAKnlDWLN_s09a_TS4OR4cT84EGoDpwOYrEfhCGleJTAZFc-7mCZBLacpeFuinLmUnKA",
      "y": "AR98xmgRCQ2uLQrxk-qnOUKvEbOzZjwg2XbqR5JHylEN9kld4OAp3uBEu4aiFelYZYJ9BQhuERlomJpCHliB-r3B",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "kSp1CjJXjW6X0dhqtxVBhFJV7tI",
      "use": "enc",
      "x": "fbu8_yrv1wqLrsEBGJYIOOWmPfF9YCnN8DRoOVRHOfM",
      "y": "N_aTUFVBwx1FPBK8TTOAfSpBQojgTJRZcwPYsGC4WCM",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "w9VpiC2f-1-6Pmo1i1tVrml4mpg",
      "use": "enc",
      "n": "iKFBEUg9Iz1y1YOfeavAyg8wMhDTJdexs5YnnHzT7-FoTD7jP4dR-ScSG640_ERqv1_rV_xGGG8BXo5Sao3oCtmITWJmBSKzdYYDwNwir9u27AM5Yc5TFAAB8f_U8UllD6jr4usrZQEU6cRN-S13EFR-q4HCobbrCwRKJOZVTKX5elR2xKDbc7a7X7HdZ9YXuTdulhHKtilY2cxGZ4Gvhq00RJ73lKJ8rKxOOxFgBGs7RvW1Zdn8F4egz-jdEhgszMLlSp0R9oYEkMFxT9lxTFdgUhWprx1L5YtUj77olH8hXeHeVunbeEP0oTLwiS771CqQ7R44G9eFigwDD-XCwQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "yEQOwa0-3j63Wo8_02jyhIMpB6s",
      "use": "enc",
      "x": "3nqh_FLB17t174sdQiyRk1XlX6iWw1mC0rsXEyN0Ob8z1YSkGEQZgfwf1BVQtKis",
      "y": "7aP9aVcz8VtcBlOFtQBZA1TKg1_7bmYDwhRWTqAWH1L41SP-gTcYXjucFv3MOSGn",
      "crv": "P-384"
    }
  ]
}

2021-08-23 21:24:53	SUCCESS RFC7517-1.1	ValidateServerJWKs Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url

2021-08-23 21:24:53	SUCCESS OIDCC-10.1	CheckForKeyIdInServerJWKs All keys contain kids

2021-08-23 21:24:53	SUCCESS RFC7518-6.3.2.1	EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys Jwks does not contain any private or symmetric keys

2021-08-23 21:24:53

(1) More

SUCCESS

FAPI1-BASE-5.2.2-6 FAPI1-BASE-5.2.2-5

FAPIEnsureMinimumServerKeyLength

Validated minimum key lengths for server_jwks

server_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "1QYSfMMbnKSjVpn8McabnlzpvZk",
      "use": "sig",
      "n": "qlv31BK76PigWHX4c1rOdcGPOUS1AfXLhsbiNWoDrQ3ce1aLyA-kdf91eZ9h05ONdkzCd-8zNzVRng6ymglaXEBgdr8P-Z9Fy6KqpPSZJa92OW_wEJybvvbhX-aT4IvsLPX4afvNnQAJqJe0tmq4M3PyWGhfPE6IhpVSh4LB5Bs1y2Mt5Ys74URON-ULE6trtYFXHvivrMEK2-yAJZXx3VX7JHmMqMlXEWp9YhRVs_smkYjxlhty9Amdk94DJyAT7ZK6CkvVJj_76Ghwhw13rWFUkmLjCxPl38kQWtuxNr-OVU6VpTuaItHfosMyOZvfqse14A_nIu2-KKmWGYW7bQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "JAgcs8VPEz1HBzVWj4EAcPME_MY",
      "use": "sig",
      "x": "es_F48sh6qBS9XnAWpw3ovQcfRuzW9zFBo8h5r3M-jA",
      "y": "7prPfgYPWAr_tYKvzGd7kxLGsKIruLyGxSm6yBNpSSg",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "YTX4RLtDJXNk5I0O-nidaZIFCgY",
      "use": "sig",
      "x": "AZrJflqCH_VTW7v07Ac2oGxXTNb1AkQjAG9jg-Rg0dQoRmHlUSHNVRaUnRrqDb2aIC6YvHGggb_R8v-eCSua1Wzk",
      "y": "AEe9VPKBf3MRLAkFrketuqd1MnZ0k2znV4opRsVUwxkBZ3jUXUiY3AJXwV4zEtWp7UUTGOxCQgNnQhyM2Z62ziYR",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "bCWshC2UVaQWD_Vnco0OAEboyA8",
      "use": "sig",
      "x": "AXfa0EV9AS2GVr-EaovjIEd5scbbwyvTx84c-hiuly611cTl-6J1nSSne1sjqd7o",
      "y": "mrYoiLX5DT2NguHmV9wlWvFo4hJGSsF0B2N63zyoyKwStZqhY8nX13KUXSmVYAFE",
      "crv": "P-384"
    },
    {
      "kty": "RSA",
      "kid": "EHE1CpDFeQVWk3c968RPZW3QZHE",
      "use": "sig",
      "n": "v0MAqXOyFu94NnC2HYO7I1tWXdcNYp7qaGcPqKPKQ_UqOdx_H79fzpaaDmfq2NDbSvl__4MR8ByDRzPwm8C-eWMlLJZM0OoQsbGoTm09cO2v_rLMUlhJwmgVukVy8hR89mkrMh7DJzNSFwjUcxCI-GVt8TldjS1n67e8HUPnlvYTX5XHnH6YAZNhA5pJneYTBSHc0C3x31hCkfeKr914ViU46LPHfvvczW-x96CCZHYh4m8kpOrKX78nnxdlAg6T34CS9dxLkgAQ4Jm2mVdF8n3edEOOY4cegUUimFLguVLd6R9jjlfE5NKna-Rw03wIa1B6Vi9mAxnonaaIvculOw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "YY7DeawJUT2ysl8u2v3moIwo7CI",
      "use": "sig",
      "x": "fws6gmxzWKKVhJkSSYcafpZy3xWdVrNu2vLdOBcp5-k",
      "y": "62oW2bZYK1AbYXnyiYUk-lSdehXx6YYj_OaIRXnft3I",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "_kHJmgNgSypjjumxgqHZnxGpmho",
      "use": "sig",
      "x": "dZb_5RLyD3PPXcgJ02CRuxPBklwh14_LmvRZJBxouIS80gM9gpgIo4E9OASN-UQZ",
      "y": "ueINBfR5hrRO2sriUKDv33W-XHkyIGAqOtp0BOzShuk5ERGw7QZrQiGVpXu0uQPW",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "qF6ckvyskqm3lze5SD8WSZaIw14",
      "use": "sig",
      "x": "AOWr_SRhKWRSwfuDGmTz8xOuVwMeSpVjNBCnJho4NmezFep4kMYY7ELS07D8KfRbxKJVs54QduuHqDLq5Pw7HbgM",
      "y": "ABkZlS7CcuXoLn4DIoqaVuis-FqOQXzzDSAkGosF5e6Ehkph2MFnhVXiqvMBP2jRtflIAckTHRT2PHxtoyJrGg63",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "RAitgMt8ggfgou4dXxFZUiOkRc0",
      "use": "enc",
      "x": "AaXuRZltDiUQJSjCGUjfEAKnlDWLN_s09a_TS4OR4cT84EGoDpwOYrEfhCGleJTAZFc-7mCZBLacpeFuinLmUnKA",
      "y": "AR98xmgRCQ2uLQrxk-qnOUKvEbOzZjwg2XbqR5JHylEN9kld4OAp3uBEu4aiFelYZYJ9BQhuERlomJpCHliB-r3B",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "kSp1CjJXjW6X0dhqtxVBhFJV7tI",
      "use": "enc",
      "x": "fbu8_yrv1wqLrsEBGJYIOOWmPfF9YCnN8DRoOVRHOfM",
      "y": "N_aTUFVBwx1FPBK8TTOAfSpBQojgTJRZcwPYsGC4WCM",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "w9VpiC2f-1-6Pmo1i1tVrml4mpg",
      "use": "enc",
      "n": "iKFBEUg9Iz1y1YOfeavAyg8wMhDTJdexs5YnnHzT7-FoTD7jP4dR-ScSG640_ERqv1_rV_xGGG8BXo5Sao3oCtmITWJmBSKzdYYDwNwir9u27AM5Yc5TFAAB8f_U8UllD6jr4usrZQEU6cRN-S13EFR-q4HCobbrCwRKJOZVTKX5elR2xKDbc7a7X7HdZ9YXuTdulhHKtilY2cxGZ4Gvhq00RJ73lKJ8rKxOOxFgBGs7RvW1Zdn8F4egz-jdEhgszMLlSp0R9oYEkMFxT9lxTFdgUhWprx1L5YtUj77olH8hXeHeVunbeEP0oTLwiS771CqQ7R44G9eFigwDD-XCwQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "yEQOwa0-3j63Wo8_02jyhIMpB6s",
      "use": "enc",
      "x": "3nqh_FLB17t174sdQiyRk1XlX6iWw1mC0rsXEyN0Ob8z1YSkGEQZgfwf1BVQtKis",
      "y": "7aP9aVcz8VtcBlOFtQBZA1TKg1_7bmYDwhRWTqAWH1L41SP-gTcYXjucFv3MOSGn",
      "crv": "P-384"
    }
  ]
}

2021-08-23 21:24:53

(5) More

SUCCESS

GetStaticClientConfiguration

Found a static client object

client_id	c__fapi-mtls-jar1
scope	openid other
hint_type	login_hint
hint_value	cheba-hut@ping-eng.com
jwks	{ "keys": [ { "kty": "RSA", "kid": "-WBaQw", "use": "sig", "alg": "PS256", "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw", "e": "AQAB", "d": "RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ", "p": "8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM", "q": "8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk", "dp": "pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs", "dq": "nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE", "qi": "3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A" } ] }

2021-08-23 21:24:53	SUCCESS	ValidateMTLSCertificatesHeader MTLS certificates header is valid

2021-08-23 21:24:53

(3) More

SUCCESS

ExtractMTLSCertificatesFromConfiguration

Mutual TLS authentication credentials loaded

cert

MIICmzCCAkGgAwIBAgIBEDAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2MTQxODUyNDlaFw0yMjA2MjQxODUyNDlaMDUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDTzEZMBcGA1UEAwwQcGFzc3dvcmQxIGlzIGZ1bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANz7e9keCgR6wkiSGpEzNPz+AmclSkhBQdHgbNoO/hKKt57/NE0Ruyts1ESDpmS69R4BccKDZOFD2PsF+DywykI8W/OipgDP7HjpYuyWgNIdMVHjFcUtILrc3mt0iABR9sfu8UwnqvSV6i7Mxauozv6C3zp7iPmBljiFzOkwudBxiBm5mwZItMwPbpcdqa9EEPub74/zFgKxhEp/0toVuVg7GZVt76uCQrdlzRtvKOltKi7voxXtCN0hp012tVgJbzvQPeSJrHVJN1jH0bqbEVVsljo6/z5Ur6/+M+tE6s43WIbTtgMH1foHmhwpiOaxGGPcRMvxjfVVJdSsL94Py9ECAwEAAaNyMHAwCQYDVR0TBAIwADAfBgNVHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4YW1wbGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIQCSPVITgusQsgLb5rVZPxIdBuAJ2cwPet4GcIXROebbLAIgb0Sq197/+QZkXNl9uUt8VwiA6UX5eZ2bgIbNQizr5BA=

key

MIIEpAIBAAKCAQEA3Pt72R4KBHrCSJIakTM0/P4CZyVKSEFB0eBs2g7+Eoq3nv80TRG7K2zURIOmZLr1HgFxwoNk4UPY+wX4PLDKQjxb86KmAM/seOli7JaA0h0xUeMVxS0gutzea3SIAFH2x+7xTCeq9JXqLszFq6jO/oLfOnuI+YGWOIXM6TC50HGIGbmbBki0zA9ulx2pr0QQ+5vvj/MWArGESn/S2hW5WDsZlW3vq4JCt2XNG28o6W0qLu+jFe0I3SGnTXa1WAlvO9A95ImsdUk3WMfRupsRVWyWOjr/PlSvr/4z60TqzjdYhtO2AwfV+geaHCmI5rEYY9xEy/GN9VUl1Kwv3g/L0QIDAQABAoIBAQC/Yy9IQ7P5XTiXEbLgvrDNzFDYdHt5SMtwsiaUVRfHh0yw7+akOQ8Z9Q+Cp2KdKy7P5gBYruPYFaL/BZSRO6xw4UXiJKQRYAM2VSvQLCk10QK+ISbhtsv6CwC3oB2J6XMKhe+GPXTakFxaXA93NKTR2Rbs18EyFwG7wmZOMF0+IPnEDUY+qY9DP2aDkLQiqrH+RF1i0eJXLkhhL2UFNCDpW7f5iR6y2RUtpq4rHO9aDrGS7W+tzIZEfQpP+x6dEBg9SrHqE7zwaWIXuTlwypVRbZRuQqbFQzFAAJPIBWylSs/oypYhPJvhHAG9yCQR79exARbuWXdJyCYaGTxc+5ABAoGBAPV33BO7fZeISXdYKwDBKCKfVI9q4ssps/TYpCEKXQ8omrdYJrsDcv9rRCJedb250AW3hLJ/18JXjgnFq+o919fe60HE+b833NzzeMs26AFmvsuWvV1yXvSIwbMp6LhrzUmrsOdIrhbk8V2tIOpfySrWQUt6LS2jpeEXZSW5XKyhAoGBAOZ2rgjYDek2kss/tYnrsmg0RYTX9dI4tmi7P92YCsJfRQTMznBj1HxP8FNyxrZ1AgK5BNESgpW3dnd6RekfG04OecDkQSDtJiBxhoOQj//SYLHMDP+JmMFPD/YErulFQz8nOJsT5KNYhi9T9sAcFhrwrqzBp6E3KsbgR5+10iExAoGBAJssAvaCXnltUSvdk4mtkUaZvCXRZr8RhM4yKUctuvg7LdrbIdi07HxkfbTQS9P843DJu1vvjyAuov6wc+Xm5Ex1gfiYoVxs3vTaALFN60n/fntKtjiddUNWNESjKJd0plh87Z63hj24yo/yQs2Gca/fs3UYLfkc616ooGtBi0EhAoGAIhQsmfww2mqKfGmYU6O5xvTrzsAMhqCCQKxnvkHMXX+u+g26/R2V/yfm9sADKFnXCUYIs03UZ4UwjGxVSCqkY/95+48FHnRS7fs7k9rdoEugpsnwphzXrMYfKxb4MmBemEkZcr0XUxw1A2ycET5V+nfarIsaWZmJxszFapV9VBECgYBBrwBJdKtYQTh8+mJJtt5Cv+f6Ynw4QIG8HYssMq1CkFV3gcJFMgIhbdyI6yXnwhsk1EtgZYSvOkMym/mJNhyojvzsjUg7bkTivVFeMUy5n89i6T/KqqGH8zabTXrA/W3fAj6r58+93+20ZRqVFrhFVxHq9/2rq58b83CRxsHB1w==

ca

MIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkGA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50aWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEzMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54RC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtWCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAfBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxomIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3RRX5gP7kuu2KGMg==

2021-08-23 21:24:53	SUCCESS RFC7517-1.1	ValidateClientJWKsPrivatePart Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url

2021-08-23 21:24:53

(2) More

SUCCESS

ExtractJWKsFromStaticClientConfiguration

Extracted client JWK

client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "-WBaQw",
      "use": "sig",
      "alg": "PS256",
      "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw",
      "e": "AQAB",
      "d": "RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ",
      "p": "8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM",
      "q": "8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk",
      "dp": "pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs",
      "dq": "nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE",
      "qi": "3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A"
    }
  ]
}

public_client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "-WBaQw",
      "alg": "PS256",
      "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw"
    }
  ]
}

2021-08-23 21:24:53	SUCCESS OIDCC-10.1	CheckForKeyIdInClientJWKs All keys contain kids

2021-08-23 21:24:53

(1) More

SUCCESS

RFC7517-4.5

CheckDistinctKeyIdValueInClientJWKs

Distinct 'kid' value in all keys of client_jwks

see	https://bitbucket.org/openid/connect/issues/1127

2021-08-23 21:24:53

(1) More

SUCCESS

FAPI1-ADV-8.6

FAPICheckKeyAlgInClientJWKs

Keys in client JWKS all have permitted 'alg'

permitted

[
  "PS256",
  "ES256"
]

2021-08-23 21:24:53

(1) More

SUCCESS

FAPI1-BASE-5.2.2-6 FAPI1-BASE-5.2.2-5

FAPIEnsureMinimumClientKeyLength

Validated minimum key lengths for client_jwks

client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "-WBaQw",
      "use": "sig",
      "alg": "PS256",
      "n": "5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw",
      "e": "AQAB",
      "d": "RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ",
      "p": "8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM",
      "q": "8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk",
      "dp": "pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs",
      "dq": "nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE",
      "qi": "3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A"
    }
  ]
}

2021-08-23 21:24:53	SUCCESS	ValidateMTLSCertificatesAsX509 Mutual TLS authentication cert validated as X.509

Verify configuration of second client

2021-08-23 21:24:53

(3) More

SUCCESS

GetStaticClient2Configuration

Found a static second client object

client_id

c__fapi-mtls-jar2

scope

openid

jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "8hTzUQ",
      "use": "sig",
      "alg": "PS256",
      "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ",
      "e": "AQAB",
      "d": "QqGVJfxJUPRDBdJV8bP2PKkf9bMKCkZgWLvy5Y29s2775i9QLT25IPX1bvnjUBpyecFzraPVLmXPesVQbUyyCU3fzKeEkvghMo2B83ywbCBULydgRsyQPjuMMMB86uALHwxaVjFCUZ2vQtac7c5NHFBMC0NXSXaZwwHqBtCBWbHp2Je531wEfeb8uzrfJpU1Of7bLGfjKaQTwnxs3v9iUng2uR143LTQd1bPL14vJjutnFGoDb4-CE80g_QLqtW7J1gDRRgxHzwnP9nmSjPpGpPK5u1zpQcpXGbi7QTUbqp13cSqq4pLpj2Dib90waoGZ6iicmcIC_zXy0VADcA_OQ",
      "p": "vosG_MYCvuS6CynUB_CKpqqggnbSDh_iikepagNOQOD-T4BQAYVsQRMyaVzzFJrx3bK3QhFMKbSb7MZOWG2ZpqDUqrML7SlMIxQt6feLWAlVAdSv_RXxWULQoS6dowUfQsfk0OV3x4qMFpmLV3gTAMmJ0-ZuoEDY-72Tj3T-PFc",
      "q": "rBS8NrHiX3dRtvI81gTvRFUCNzCbBJr54rDv4CXqi9uWwA3wi2xOJSV3bQYgZtoNWaCa-UxfTimG_JUdqMCXB0lMBf62OKB7V-rRA0qZyEMrJrgEcVPQ_nQc3ym_Av6hZdNs9ne1DJZSI_lj0NkeE985V_24vKRRME6j6-yYjCc",
      "dp": "K-Mr1dbp1Pwr2dxliPqfhOnyFHq3wScY7863t8JRKOJp0Pf19ZO8rnR0fQ46svlJUk4SpbYEO-rsqym16-o6pMWQlkytJ5AGiGHifWxV_Q4RNV2-t2VxdKTOFwH8rwrD-4a9LlxcLWq8_4uYK6ptfhXtmBAQVPr6v2kX7sf8svs",
      "dq": "EqfY09ErKpBkAoJ2h_lW-0CAEf2qALDQgHwQNWvG5syypjWcq3Ddc_eA4Af3AU-IfPwFcRuPhYjJAp8j7QScGwUeQdQgazkyxhBGAqZWz7hAeF0g1ixxDvUFoEgFVkzGsKRgPsQxk6DEXPQPlzfCpALiU6DFI2ZpCuSrrssiqqc",
      "qi": "m1eGh0la4w5XdSgLO5v1ToXnuVWHQf-7gHuNGHXdkVfMmIEMoJyiWswSawB71DSmYrr8x29n3IrgErysXLulbnLVr36y7gyfaNo8QGa7IuzDtYBBo6l7nenHqRJkagWgS7sZDaBYqM9_vkT61_kt3fjARBaqA0C_YBuVB5qb_DM"
    }
  ]
}

2021-08-23 21:24:53	SUCCESS	ValidateMTLSCertificates2Header MTLS certificates header is valid

2021-08-23 21:24:53

(3) More

SUCCESS

ExtractMTLSCertificates2FromConfiguration

Mutual TLS authentication credentials loaded

cert

MIICszCCAligAwIBAgIBETAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2MTQxODU2NTlaFw0yMjA2MjQxODU2NTlaMEwxCzAJBgNVBAYTAkNBMQswCQYDVQQIDAJCQzEQMA4GA1UECgwHY29tcGFueTEeMBwGA1UEAwwVc28gYmFzaWMgdG8gYmUgY29tbW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgQ0drcANY/fodhD3TMdA/6eOymGLsj61q9plDAHGzTGVpOrlSlIdHVBVwrd6A0KOtDkLIgAPnLJs6XlLpqE5ejv+FhdQz1wB99SirYSmc0BT5hGmomOukQkgNofGk2DA7aKzQeRwslu1NEEbJT9tTFwNMGlMkMMtEU6k71ddmWzxJdP04UsJBgTtKr98jmiQp585YkIYMJPruYt96Kw7XFnGetdbzDzqnscmeYhLTKWPs0xi5m3rq4+2AW9AgHoZJSLUmlshB75l+GIlDzVhC/2VsQ+e3Gr1nX/06yKV5efF6N1bVFvIPh8tTAChos6Ka36domMZRAA7AyRey7mJQIDAQABo3IwcDAJBgNVHRMEAjAAMB8GA1UdIwQYMBaAFGbdaMtrfyVsRgK6II9y3RlpIQPYMA4GA1UdDwEB/wQEAwIGwDATBgNVHSUEDDAKBggrBgEFBQcDAjAdBgNVHREBAf8EEzARgQ9iZGNAZXhhbXBsZS5jb20wCgYIKoZIzj0EAwIDSQAwRgIhAPZd2ZQh32SKQJosVPloqCMTelYAopCcMJUyAtu1c6LkAiEAlgnUYDodv0JGAJ3lQYMTZm1UjLE34Vz0nrPCJa9k60E=

key

MIIEowIBAAKCAQEAmgQ0drcANY/fodhD3TMdA/6eOymGLsj61q9plDAHGzTGVpOrlSlIdHVBVwrd6A0KOtDkLIgAPnLJs6XlLpqE5ejv+FhdQz1wB99SirYSmc0BT5hGmomOukQkgNofGk2DA7aKzQeRwslu1NEEbJT9tTFwNMGlMkMMtEU6k71ddmWzxJdP04UsJBgTtKr98jmiQp585YkIYMJPruYt96Kw7XFnGetdbzDzqnscmeYhLTKWPs0xi5m3rq4+2AW9AgHoZJSLUmlshB75l+GIlDzVhC/2VsQ+e3Gr1nX/06yKV5efF6N1bVFvIPh8tTAChos6Ka36domMZRAA7AyRey7mJQIDAQABAoIBAEe7xaO1QEeyJvp+e70+3TjLEm+Du5d2zD3JnWcDp4uoXOheBwCGJdT39+LOkORPjoAuYtfK0DJFzGP71G6MUXGzuHD21xlGODOydANfIfK4ZO/pgJjhkLR4oHfTH8FkcKz+DE/KQr1yjEhawbDBBBmsWRJ5TrPGPtiHlezRugI2Syo8hj8F6EUKWG2K8mKRXxDnQ3m+M2plqPmgvv8B/VV5BxxyrqBCMdLiCxx1f3EMHZpWtl9XqLRNzatsBTgdQjqb9K5HjzAMS09Y9b7Ng0YUcj7Bdp2OYszeUwTHaqhRpIC3TAI6ueGoWgIPR7tHyyPBl5wCKKt3f1v+oZnf0YECgYEAy4PMiOK9JEEjwbL9X5a9sGWTJnTvJEhanEOZ5Er8YYCf5uDg5UDqq0pdaeH/syWqwnmopuoX1t2PCOPKS5piUTrZ8KiCsbbZVmtrJRG9SE4qVrgkhELkidoEDVU7If/KkSQOHKgD8EBDo+aV/CLO5YxfuywXG94e48FtJJj69nkCgYEAwbx73qD4i9ZRkdkf6kMqE1Mci1Xquv6qTDMop75JjITz4cy8JOQ6hg9eXFiwBEzgb+mbKLjwniABGiqhwdETV8JzqEx4R4lPNCseSL2umeU1bQDaY+lnlxsy2Hf7QisUb7jpJFte5+C4o/u2SlXIsG/6HaEeXTlHPWjnTdCC8g0CgYAoAMYpefgXsj4nCtnG+kha7fxYqM+A4D//S0Jqn1qwh6nmpflO1s3J0Zo+/89VFWhVRbii5oy9DVvaMXxIFBaTRPAl39mguQJLfF3ZMX11QvgLh7KV1Ng7SIFXZZN0AWV91gp4E4aCqP8irmZ44xasBEWk8uuv7J9BwXmEohVicQKBgQCsIgDZBKLw9AJTmNvvc6+Nrfmdnz/I136N56KGr95/WJ2sERFVoeaRuFP5rt7tYzTCmoe+fdtkU0FHc3t3ToFmJyJF9XOk884IpwroTIg2ul1mtSxVO0tMCeF6TdhTqR0mSt/y6q//TD4hjQMhNujyQvuymbX11G+Ek5F4JPxDfQKBgCuRsiZo/lAWpWcVWCN8ceVLDpd2APneyU70Aqq0gRRixi8LEWzs/7GDhKf0/Aw4IKyh6d0Ao80zcRNOtC9KpbNhzPID6M8ZXdeMWPrhgjSoex1loW79210o0qHzMEMtvif0Urt6gN5ZCGdpjl0Fxb0k+3XvWc1lqwAx1CFKDpoF

ca

MIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkGA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50aWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEzMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54RC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtWCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAfBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxomIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3RRX5gP7kuu2KGMg==

2021-08-23 21:24:53	SUCCESS RFC7517-1.1	ValidateClientJWKsPrivatePart Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url

2021-08-23 21:24:53

(2) More

SUCCESS

ExtractJWKsFromStaticClientConfiguration

Extracted client JWK

client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "8hTzUQ",
      "use": "sig",
      "alg": "PS256",
      "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ",
      "e": "AQAB",
      "d": "QqGVJfxJUPRDBdJV8bP2PKkf9bMKCkZgWLvy5Y29s2775i9QLT25IPX1bvnjUBpyecFzraPVLmXPesVQbUyyCU3fzKeEkvghMo2B83ywbCBULydgRsyQPjuMMMB86uALHwxaVjFCUZ2vQtac7c5NHFBMC0NXSXaZwwHqBtCBWbHp2Je531wEfeb8uzrfJpU1Of7bLGfjKaQTwnxs3v9iUng2uR143LTQd1bPL14vJjutnFGoDb4-CE80g_QLqtW7J1gDRRgxHzwnP9nmSjPpGpPK5u1zpQcpXGbi7QTUbqp13cSqq4pLpj2Dib90waoGZ6iicmcIC_zXy0VADcA_OQ",
      "p": "vosG_MYCvuS6CynUB_CKpqqggnbSDh_iikepagNOQOD-T4BQAYVsQRMyaVzzFJrx3bK3QhFMKbSb7MZOWG2ZpqDUqrML7SlMIxQt6feLWAlVAdSv_RXxWULQoS6dowUfQsfk0OV3x4qMFpmLV3gTAMmJ0-ZuoEDY-72Tj3T-PFc",
      "q": "rBS8NrHiX3dRtvI81gTvRFUCNzCbBJr54rDv4CXqi9uWwA3wi2xOJSV3bQYgZtoNWaCa-UxfTimG_JUdqMCXB0lMBf62OKB7V-rRA0qZyEMrJrgEcVPQ_nQc3ym_Av6hZdNs9ne1DJZSI_lj0NkeE985V_24vKRRME6j6-yYjCc",
      "dp": "K-Mr1dbp1Pwr2dxliPqfhOnyFHq3wScY7863t8JRKOJp0Pf19ZO8rnR0fQ46svlJUk4SpbYEO-rsqym16-o6pMWQlkytJ5AGiGHifWxV_Q4RNV2-t2VxdKTOFwH8rwrD-4a9LlxcLWq8_4uYK6ptfhXtmBAQVPr6v2kX7sf8svs",
      "dq": "EqfY09ErKpBkAoJ2h_lW-0CAEf2qALDQgHwQNWvG5syypjWcq3Ddc_eA4Af3AU-IfPwFcRuPhYjJAp8j7QScGwUeQdQgazkyxhBGAqZWz7hAeF0g1ixxDvUFoEgFVkzGsKRgPsQxk6DEXPQPlzfCpALiU6DFI2ZpCuSrrssiqqc",
      "qi": "m1eGh0la4w5XdSgLO5v1ToXnuVWHQf-7gHuNGHXdkVfMmIEMoJyiWswSawB71DSmYrr8x29n3IrgErysXLulbnLVr36y7gyfaNo8QGa7IuzDtYBBo6l7nenHqRJkagWgS7sZDaBYqM9_vkT61_kt3fjARBaqA0C_YBuVB5qb_DM"
    }
  ]
}

public_client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "8hTzUQ",
      "alg": "PS256",
      "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ"
    }
  ]
}

2021-08-23 21:24:53	SUCCESS OIDCC-10.1	CheckForKeyIdInClientJWKs All keys contain kids

2021-08-23 21:24:53

(1) More

SUCCESS

RFC7517-4.5

CheckDistinctKeyIdValueInClientJWKs

Distinct 'kid' value in all keys of client_jwks

see	https://bitbucket.org/openid/connect/issues/1127

2021-08-23 21:24:53

(1) More

SUCCESS

FAPI1-ADV-8.6

FAPICheckKeyAlgInClientJWKs

Keys in client JWKS all have permitted 'alg'

permitted

[
  "PS256",
  "ES256"
]

2021-08-23 21:24:53

(1) More

SUCCESS

FAPI1-BASE-5.2.2-6 FAPI1-BASE-5.2.2-5

FAPIEnsureMinimumClientKeyLength

Validated minimum key lengths for client_jwks

client_jwks

{
  "keys": [
    {
      "kty": "RSA",
      "kid": "8hTzUQ",
      "use": "sig",
      "alg": "PS256",
      "n": "gBTXpS-lCNO2uy-WjHx2hXBhECLWk75N0CCGU3iRfxi6fmE1sOcxtmDZfNVxcM7l04xY9KiD7cLsd4OAIduAwiSe142jLoONhziaoCoT60ghZQSi1X4IdfHAcvKScah-f7u2MayZBJSOydi-NltbbhKIttiZRcyx7-Yl4Q2m52L7ARYhTjidGuHGTRRS6NlxDVUBIX6j4jc3Pk99ZU7a5Zk6wWM12GBhHdojFOvbABA6w7CxjC48u9TEh0L5d9hz3aCFqcAII8XB0VY5M5_yj03oFfNbrNUd__GYlRcN3tycHTFvTdWtV7wq-v8f6nbWK3sW1Gllt83b6o5G42LFQQ",
      "e": "AQAB",
      "d": "QqGVJfxJUPRDBdJV8bP2PKkf9bMKCkZgWLvy5Y29s2775i9QLT25IPX1bvnjUBpyecFzraPVLmXPesVQbUyyCU3fzKeEkvghMo2B83ywbCBULydgRsyQPjuMMMB86uALHwxaVjFCUZ2vQtac7c5NHFBMC0NXSXaZwwHqBtCBWbHp2Je531wEfeb8uzrfJpU1Of7bLGfjKaQTwnxs3v9iUng2uR143LTQd1bPL14vJjutnFGoDb4-CE80g_QLqtW7J1gDRRgxHzwnP9nmSjPpGpPK5u1zpQcpXGbi7QTUbqp13cSqq4pLpj2Dib90waoGZ6iicmcIC_zXy0VADcA_OQ",
      "p": "vosG_MYCvuS6CynUB_CKpqqggnbSDh_iikepagNOQOD-T4BQAYVsQRMyaVzzFJrx3bK3QhFMKbSb7MZOWG2ZpqDUqrML7SlMIxQt6feLWAlVAdSv_RXxWULQoS6dowUfQsfk0OV3x4qMFpmLV3gTAMmJ0-ZuoEDY-72Tj3T-PFc",
      "q": "rBS8NrHiX3dRtvI81gTvRFUCNzCbBJr54rDv4CXqi9uWwA3wi2xOJSV3bQYgZtoNWaCa-UxfTimG_JUdqMCXB0lMBf62OKB7V-rRA0qZyEMrJrgEcVPQ_nQc3ym_Av6hZdNs9ne1DJZSI_lj0NkeE985V_24vKRRME6j6-yYjCc",
      "dp": "K-Mr1dbp1Pwr2dxliPqfhOnyFHq3wScY7863t8JRKOJp0Pf19ZO8rnR0fQ46svlJUk4SpbYEO-rsqym16-o6pMWQlkytJ5AGiGHifWxV_Q4RNV2-t2VxdKTOFwH8rwrD-4a9LlxcLWq8_4uYK6ptfhXtmBAQVPr6v2kX7sf8svs",
      "dq": "EqfY09ErKpBkAoJ2h_lW-0CAEf2qALDQgHwQNWvG5syypjWcq3Ddc_eA4Af3AU-IfPwFcRuPhYjJAp8j7QScGwUeQdQgazkyxhBGAqZWz7hAeF0g1ixxDvUFoEgFVkzGsKRgPsQxk6DEXPQPlzfCpALiU6DFI2ZpCuSrrssiqqc",
      "qi": "m1eGh0la4w5XdSgLO5v1ToXnuVWHQf-7gHuNGHXdkVfMmIEMoJyiWswSawB71DSmYrr8x29n3IrgErysXLulbnLVr36y7gyfaNo8QGa7IuzDtYBBo6l7nenHqRJkagWgS7sZDaBYqM9_vkT61_kt3fjARBaqA0C_YBuVB5qb_DM"
    }
  ]
}

2021-08-23 21:24:53	SUCCESS	ValidateMTLSCertificatesAsX509 Mutual TLS authentication cert validated as X.509

2021-08-23 21:24:53

(1) More

SUCCESS

GetResourceEndpointConfiguration

Found a resource endpoint object

resourceUrl

https://par-what-is-it-good-for.ping-eng.com:3000/ext/open-banking/v3.1/aisp/

2021-08-23 21:24:53

(1) More

SUCCESS

SetProtectedResourceUrlToAccountsEndpoint

Set protected resource URL

protected_resource_url

https://par-what-is-it-good-for.ping-eng.com:3000/ext/open-banking/v3.1/aisp/accounts

2021-08-23 21:24:53

(1) More

SUCCESS

ExtractTLSTestValuesFromResourceConfiguration

Extracted TLS information from resource endpoint

resource_endpoint

{
  "testHost": "par-what-is-it-good-for.ping-eng.com",
  "testPort": 3000
}

2021-08-23 21:24:53

(2) More

SUCCESS

ExtractTLSTestValuesFromOBResourceConfiguration

Extracted TLS information from resource endpoint

accounts_resource_endpoint	{ "testHost": "par-what-is-it-good-for.ping-eng.com", "testPort": 3000 }
accounts_request_endpoint	{ "testHost": "par-what-is-it-good-for.ping-eng.com", "testPort": 3000 }

2021-08-23 21:24:53		fapi1-advanced-final-ensure-request-object-without-scope-fails Setup Done

Use client_credentials grant to obtain OpenBanking UK intent_id

2021-08-23 21:24:53

(2) More

SUCCESS

CreateTokenEndpointRequestForClientCredentialsGrant

grant_type	client_credentials
scope	openid other

2021-08-23 21:24:53

(2) More

SUCCESS

SetAccountScopeOnTokenEndpointRequest

Set scope parameter to accounts for OB testing

grant_type	client_credentials
scope	accounts

2021-08-23 21:24:53

(3) More

AddClientIdToTokenEndpointRequest

grant_type	client_credentials
scope	accounts
client_id	c__fapi-mtls-jar1

2021-08-23 21:24:53

(5) More

CallTokenEndpoint

HTTP request

request_uri	https://par-what-is-it-good-for.ping-eng.com:9032/as/token.oauth2
request_method	POST
request_headers	{ "accept": "application/json;charset\u003dUTF-8", "accept-charset": "utf-8", "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8", "content-length": "72" }
request_body	grant_type=client_credentials&scope=accounts&client_id=c__fapi-mtls-jar1
request_mutual_tls	{ "cert": "MIICmzCCAkGgAwIBAgIBEDAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2MTQxODUyNDlaFw0yMjA2MjQxODUyNDlaMDUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDTzEZMBcGA1UEAwwQcGFzc3dvcmQxIGlzIGZ1bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANz7e9keCgR6wkiSGpEzNPz+AmclSkhBQdHgbNoO/hKKt57/NE0Ruyts1ESDpmS69R4BccKDZOFD2PsF+DywykI8W/OipgDP7HjpYuyWgNIdMVHjFcUtILrc3mt0iABR9sfu8UwnqvSV6i7Mxauozv6C3zp7iPmBljiFzOkwudBxiBm5mwZItMwPbpcdqa9EEPub74/zFgKxhEp/0toVuVg7GZVt76uCQrdlzRtvKOltKi7voxXtCN0hp012tVgJbzvQPeSJrHVJN1jH0bqbEVVsljo6/z5Ur6/+M+tE6s43WIbTtgMH1foHmhwpiOaxGGPcRMvxjfVVJdSsL94Py9ECAwEAAaNyMHAwCQYDVR0TBAIwADAfBgNVHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4YW1wbGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIQCSPVITgusQsgLb5rVZPxIdBuAJ2cwPet4GcIXROebbLAIgb0Sq197/+QZkXNl9uUt8VwiA6UX5eZ2bgIbNQizr5BA\u003d", "key": "MIIEpAIBAAKCAQEA3Pt72R4KBHrCSJIakTM0/P4CZyVKSEFB0eBs2g7+Eoq3nv80TRG7K2zURIOmZLr1HgFxwoNk4UPY+wX4PLDKQjxb86KmAM/seOli7JaA0h0xUeMVxS0gutzea3SIAFH2x+7xTCeq9JXqLszFq6jO/oLfOnuI+YGWOIXM6TC50HGIGbmbBki0zA9ulx2pr0QQ+5vvj/MWArGESn/S2hW5WDsZlW3vq4JCt2XNG28o6W0qLu+jFe0I3SGnTXa1WAlvO9A95ImsdUk3WMfRupsRVWyWOjr/PlSvr/4z60TqzjdYhtO2AwfV+geaHCmI5rEYY9xEy/GN9VUl1Kwv3g/L0QIDAQABAoIBAQC/Yy9IQ7P5XTiXEbLgvrDNzFDYdHt5SMtwsiaUVRfHh0yw7+akOQ8Z9Q+Cp2KdKy7P5gBYruPYFaL/BZSRO6xw4UXiJKQRYAM2VSvQLCk10QK+ISbhtsv6CwC3oB2J6XMKhe+GPXTakFxaXA93NKTR2Rbs18EyFwG7wmZOMF0+IPnEDUY+qY9DP2aDkLQiqrH+RF1i0eJXLkhhL2UFNCDpW7f5iR6y2RUtpq4rHO9aDrGS7W+tzIZEfQpP+x6dEBg9SrHqE7zwaWIXuTlwypVRbZRuQqbFQzFAAJPIBWylSs/oypYhPJvhHAG9yCQR79exARbuWXdJyCYaGTxc+5ABAoGBAPV33BO7fZeISXdYKwDBKCKfVI9q4ssps/TYpCEKXQ8omrdYJrsDcv9rRCJedb250AW3hLJ/18JXjgnFq+o919fe60HE+b833NzzeMs26AFmvsuWvV1yXvSIwbMp6LhrzUmrsOdIrhbk8V2tIOpfySrWQUt6LS2jpeEXZSW5XKyhAoGBAOZ2rgjYDek2kss/tYnrsmg0RYTX9dI4tmi7P92YCsJfRQTMznBj1HxP8FNyxrZ1AgK5BNESgpW3dnd6RekfG04OecDkQSDtJiBxhoOQj//SYLHMDP+JmMFPD/YErulFQz8nOJsT5KNYhi9T9sAcFhrwrqzBp6E3KsbgR5+10iExAoGBAJssAvaCXnltUSvdk4mtkUaZvCXRZr8RhM4yKUctuvg7LdrbIdi07HxkfbTQS9P843DJu1vvjyAuov6wc+Xm5Ex1gfiYoVxs3vTaALFN60n/fntKtjiddUNWNESjKJd0plh87Z63hj24yo/yQs2Gca/fs3UYLfkc616ooGtBi0EhAoGAIhQsmfww2mqKfGmYU6O5xvTrzsAMhqCCQKxnvkHMXX+u+g26/R2V/yfm9sADKFnXCUYIs03UZ4UwjGxVSCqkY/95+48FHnRS7fs7k9rdoEugpsnwphzXrMYfKxb4MmBemEkZcr0XUxw1A2ycET5V+nfarIsaWZmJxszFapV9VBECgYBBrwBJdKtYQTh8+mJJtt5Cv+f6Ynw4QIG8HYssMq1CkFV3gcJFMgIhbdyI6yXnwhsk1EtgZYSvOkMym/mJNhyojvzsjUg7bkTivVFeMUy5n89i6T/KqqGH8zabTXrA/W3fAj6r58+93+20ZRqVFrhFVxHq9/2rq58b83CRxsHB1w\u003d\u003d", "ca": "MIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkGA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50aWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEzMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54RC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtWCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAfBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxomIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3RRX5gP7kuu2KGMg\u003d\u003d" }

2021-08-23 21:24:54

(4) More

RESPONSE

CallTokenEndpoint

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "date": "Mon, 23 Aug 2021 21:24:54 GMT", "x-frame-options": "SAMEORIGIN", "referrer-policy": "origin", "cache-control": "no-cache, no-store", "pragma": "no-cache", "expires": "Thu, 01 Jan 1970 00:00:00 GMT", "content-type": "application/json;charset\u003dutf-8", "set-cookie": "PF\u003dteaY6dweXmf1SuMq0rrKAK; Path\u003d/; Secure; HttpOnly; SameSite\u003dNone", "transfer-encoding": "chunked" }
response_body	{"access_token":"eyJhbGciOiJFUzI1NiIsImtpZCI6IllZN0RlYXdKVVQyeXNsOHUydjNtb0l3bzdDSSIsInBpLmF0bSI6Imx1eWcifQ.eyJzY29wZSI6ImFjY291bnRzIiwiY2xpZW50X2lkIjoiY19fZmFwaS1tdGxzLWphcjEiLCJleHAiOjE2Mjk3NTc0OTR9.o7VQJEOBNHxCLvxjxHQwrrNlehKVMDcyhI8eqc8QriQEkupd6L0FgLXxhIRGem--k3j3TH4x0R6JCH5CEia2Lg","token_type":"Bearer","expires_in":3599}

2021-08-23 21:24:54

(1) More

CallTokenEndpoint

Token endpoint response

token_endpoint_response

{"access_token":"eyJhbGciOiJFUzI1NiIsImtpZCI6IllZN0RlYXdKVVQyeXNsOHUydjNtb0l3bzdDSSIsInBpLmF0bSI6Imx1eWcifQ.eyJzY29wZSI6ImFjY291bnRzIiwiY2xpZW50X2lkIjoiY19fZmFwaS1tdGxzLWphcjEiLCJleHAiOjE2Mjk3NTc0OTR9.o7VQJEOBNHxCLvxjxHQwrrNlehKVMDcyhI8eqc8QriQEkupd6L0FgLXxhIRGem--k3j3TH4x0R6JCH5CEia2Lg","token_type":"Bearer","expires_in":3599}

2021-08-23 21:24:54

(3) More

SUCCESS

CallTokenEndpoint

Parsed token endpoint response

access_token	eyJhbGciOiJFUzI1NiIsImtpZCI6IllZN0RlYXdKVVQyeXNsOHUydjNtb0l3bzdDSSIsInBpLmF0bSI6Imx1eWcifQ.eyJzY29wZSI6ImFjY291bnRzIiwiY2xpZW50X2lkIjoiY19fZmFwaS1tdGxzLWphcjEiLCJleHAiOjE2Mjk3NTc0OTR9.o7VQJEOBNHxCLvxjxHQwrrNlehKVMDcyhI8eqc8QriQEkupd6L0FgLXxhIRGem--k3j3TH4x0R6JCH5CEia2Lg
token_type	Bearer
expires_in	3599

2021-08-23 21:24:54	SUCCESS	CheckIfTokenEndpointResponseError No error from token endpoint

2021-08-23 21:24:54

(1) More

SUCCESS

CheckForAccessTokenValue

Found an access token

access_token

eyJhbGciOiJFUzI1NiIsImtpZCI6IllZN0RlYXdKVVQyeXNsOHUydjNtb0l3bzdDSSIsInBpLmF0bSI6Imx1eWcifQ.eyJzY29wZSI6ImFjY291bnRzIiwiY2xpZW50X2lkIjoiY19fZmFwaS1tdGxzLWphcjEiLCJleHAiOjE2Mjk3NTc0OTR9.o7VQJEOBNHxCLvxjxHQwrrNlehKVMDcyhI8eqc8QriQEkupd6L0FgLXxhIRGem--k3j3TH4x0R6JCH5CEia2Lg

2021-08-23 21:24:54

(2) More

SUCCESS

ExtractAccessTokenFromTokenResponse

Extracted the access token

value	eyJhbGciOiJFUzI1NiIsImtpZCI6IllZN0RlYXdKVVQyeXNsOHUydjNtb0l3bzdDSSIsInBpLmF0bSI6Imx1eWcifQ.eyJzY29wZSI6ImFjY291bnRzIiwiY2xpZW50X2lkIjoiY19fZmFwaS1tdGxzLWphcjEiLCJleHAiOjE2Mjk3NTc0OTR9.o7VQJEOBNHxCLvxjxHQwrrNlehKVMDcyhI8eqc8QriQEkupd6L0FgLXxhIRGem--k3j3TH4x0R6JCH5CEia2Lg
type	Bearer

2021-08-23 21:24:54

(1) More

SUCCESS

RFC6749-5.1 RFC6749-4.4.3

ExtractExpiresInFromTokenEndpointResponse

Extracted 'expires_in'

expires_in

2021-08-23 21:24:54

(1) More

SUCCESS

RFC6749-5.1

ValidateExpiresIn

expires_in passed all validation checks

expires_in

2021-08-23 21:24:54

(1) More

CreateEmptyResourceEndpointRequestHeaders

Created empty headers

resource_endpoint_request_headers

{}

2021-08-23 21:24:54

(1) More

SUCCESS

AddFAPIAuthDateToResourceEndpointRequest

Added x-fapi-auth-date to resource endpoint request headers

resource_endpoint_request_headers

{
  "x-fapi-auth-date": "Mon, 23 Aug 2021 21:24:54 GMT"
}

2021-08-23 21:24:54

(1) More

SUCCESS

CreateCreateAccountRequestRequest

account_requests_endpoint_request

{
  "Data": {
    "Permissions": [
      "ReadAccountsBasic"
    ]
  },
  "Risk": {}
}

2021-08-23 21:24:54

(1) More

CallAccountRequestsEndpointWithBearerToken

Found '/v3.' in the resource url, using OB V3 API 'account-access-consents'

resource_endpoint

https://par-what-is-it-good-for.ping-eng.com:3000/ext/open-banking/v3.1/aisp/

2021-08-23 21:24:54

(5) More

CallAccountRequestsEndpointWithBearerToken

HTTP request

request_uri	https://par-what-is-it-good-for.ping-eng.com:3000/ext/open-banking/v3.1/aisp/account-access-consents
request_method	POST
request_headers	{ "accept": "application/json;charset\u003dUTF-8", "x-fapi-auth-date": "Mon, 23 Aug 2021 21:24:54 GMT", "accept-charset": "utf-8", "content-type": "application/json;charset\u003dUTF-8", "authorization": "Bearer eyJhbGciOiJFUzI1NiIsImtpZCI6IllZN0RlYXdKVVQyeXNsOHUydjNtb0l3bzdDSSIsInBpLmF0bSI6Imx1eWcifQ.eyJzY29wZSI6ImFjY291bnRzIiwiY2xpZW50X2lkIjoiY19fZmFwaS1tdGxzLWphcjEiLCJleHAiOjE2Mjk3NTc0OTR9.o7VQJEOBNHxCLvxjxHQwrrNlehKVMDcyhI8eqc8QriQEkupd6L0FgLXxhIRGem--k3j3TH4x0R6JCH5CEia2Lg", "content-length": "56" }
request_body	{"Data":{"Permissions":["ReadAccountsBasic"]},"Risk":{}}
request_mutual_tls	{ "cert": "MIICmzCCAkGgAwIBAgIBEDAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMTA2MTQxODUyNDlaFw0yMjA2MjQxODUyNDlaMDUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDTzEZMBcGA1UEAwwQcGFzc3dvcmQxIGlzIGZ1bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANz7e9keCgR6wkiSGpEzNPz+AmclSkhBQdHgbNoO/hKKt57/NE0Ruyts1ESDpmS69R4BccKDZOFD2PsF+DywykI8W/OipgDP7HjpYuyWgNIdMVHjFcUtILrc3mt0iABR9sfu8UwnqvSV6i7Mxauozv6C3zp7iPmBljiFzOkwudBxiBm5mwZItMwPbpcdqa9EEPub74/zFgKxhEp/0toVuVg7GZVt76uCQrdlzRtvKOltKi7voxXtCN0hp012tVgJbzvQPeSJrHVJN1jH0bqbEVVsljo6/z5Ur6/+M+tE6s43WIbTtgMH1foHmhwpiOaxGGPcRMvxjfVVJdSsL94Py9ECAwEAAaNyMHAwCQYDVR0TBAIwADAfBgNVHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4YW1wbGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIQCSPVITgusQsgLb5rVZPxIdBuAJ2cwPet4GcIXROebbLAIgb0Sq197/+QZkXNl9uUt8VwiA6UX5eZ2bgIbNQizr5BA\u003d", "key": "MIIEpAIBAAKCAQEA3Pt72R4KBHrCSJIakTM0/P4CZyVKSEFB0eBs2g7+Eoq3nv80TRG7K2zURIOmZLr1HgFxwoNk4UPY+wX4PLDKQjxb86KmAM/seOli7JaA0h0xUeMVxS0gutzea3SIAFH2x+7xTCeq9JXqLszFq6jO/oLfOnuI+YGWOIXM6TC50HGIGbmbBki0zA9ulx2pr0QQ+5vvj/MWArGESn/S2hW5WDsZlW3vq4JCt2XNG28o6W0qLu+jFe0I3SGnTXa1WAlvO9A95ImsdUk3WMfRupsRVWyWOjr/PlSvr/4z60TqzjdYhtO2AwfV+geaHCmI5rEYY9xEy/GN9VUl1Kwv3g/L0QIDAQABAoIBAQC/Yy9IQ7P5XTiXEbLgvrDNzFDYdHt5SMtwsiaUVRfHh0yw7+akOQ8Z9Q+Cp2KdKy7P5gBYruPYFaL/BZSRO6xw4UXiJKQRYAM2VSvQLCk10QK+ISbhtsv6CwC3oB2J6XMKhe+GPXTakFxaXA93NKTR2Rbs18EyFwG7wmZOMF0+IPnEDUY+qY9DP2aDkLQiqrH+RF1i0eJXLkhhL2UFNCDpW7f5iR6y2RUtpq4rHO9aDrGS7W+tzIZEfQpP+x6dEBg9SrHqE7zwaWIXuTlwypVRbZRuQqbFQzFAAJPIBWylSs/oypYhPJvhHAG9yCQR79exARbuWXdJyCYaGTxc+5ABAoGBAPV33BO7fZeISXdYKwDBKCKfVI9q4ssps/TYpCEKXQ8omrdYJrsDcv9rRCJedb250AW3hLJ/18JXjgnFq+o919fe60HE+b833NzzeMs26AFmvsuWvV1yXvSIwbMp6LhrzUmrsOdIrhbk8V2tIOpfySrWQUt6LS2jpeEXZSW5XKyhAoGBAOZ2rgjYDek2kss/tYnrsmg0RYTX9dI4tmi7P92YCsJfRQTMznBj1HxP8FNyxrZ1AgK5BNESgpW3dnd6RekfG04OecDkQSDtJiBxhoOQj//SYLHMDP+JmMFPD/YErulFQz8nOJsT5KNYhi9T9sAcFhrwrqzBp6E3KsbgR5+10iExAoGBAJssAvaCXnltUSvdk4mtkUaZvCXRZr8RhM4yKUctuvg7LdrbIdi07HxkfbTQS9P843DJu1vvjyAuov6wc+Xm5Ex1gfiYoVxs3vTaALFN60n/fntKtjiddUNWNESjKJd0plh87Z63hj24yo/yQs2Gca/fs3UYLfkc616ooGtBi0EhAoGAIhQsmfww2mqKfGmYU6O5xvTrzsAMhqCCQKxnvkHMXX+u+g26/R2V/yfm9sADKFnXCUYIs03UZ4UwjGxVSCqkY/95+48FHnRS7fs7k9rdoEugpsnwphzXrMYfKxb4MmBemEkZcr0XUxw1A2ycET5V+nfarIsaWZmJxszFapV9VBECgYBBrwBJdKtYQTh8+mJJtt5Cv+f6Ynw4QIG8HYssMq1CkFV3gcJFMgIhbdyI6yXnwhsk1EtgZYSvOkMym/mJNhyojvzsjUg7bkTivVFeMUy5n89i6T/KqqGH8zabTXrA/W3fAj6r58+93+20ZRqVFrhFVxHq9/2rq58b83CRxsHB1w\u003d\u003d", "ca": "MIIB5jCCAYugAwIBAgIBFjAKBggqhkjOPQQDAjBWMQswCQYDVQQGEwJVUzEbMBkGA1UECgwSTGV0J3MgQXV0aGVudGljYXRlMSowKAYDVQQDDCFMZXQncyBBdXRoZW50aWNhdGUgUm9vdCBBdXRob3JpdHkwHhcNMjAwMTE0MjEzMjMwWhcNMzAwMTExMjEzMjMwWjA6MRswGQYDVQQKDBJMZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJf+aA54RC5pyLAR5yfXVYmNpgd+CGUTDp2KOGhc0gK91zxhHesEYkdXkpS2UN8Kati+yHtWCV3kkhCngGyv7RqjZjBkMB0GA1UdDgQWBBRm3WjLa38lbEYCuiCPct0ZaSED2DAfBgNVHSMEGDAWgBTEA2Q6eecKu9g9yb5glbkhhVINGDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEA5pLvaFwRRkxomIAtDIwg9D7gC1xzxBl4r28EzmSO1pcCIQCJUShpSXO9HDIQMUgH69fNDEMHXD3RRX5gP7kuu2KGMg\u003d\u003d" }

2021-08-23 21:24:54

(4) More

RESPONSE

CallAccountRequestsEndpointWithBearerToken

HTTP response

response_status_code	200 OK
response_status_text	OK
response_headers	{ "date": "Mon, 23 Aug 2021 21:24:54 GMT", "x-frame-options": "SAMEORIGIN", "referrer-policy": "origin", "cache-control": "no-cache, no-store", "pragma": "no-cache", "expires": "Thu, 01 Jan 1970 00:00:00 GMT", "content-type": "application/json;charset\u003dutf-8", "set-cookie": "PF\u003ddmX4JSTu10VJ04ji8hzGRW; Path\u003d/; Secure; HttpOnly; SameSite\u003dNone", "transfer-encoding": "chunked", "x-fapi-interaction-id": "5f56d493-dcc2-4638-972a-84de41f2cc43" }
response_body	{"Meta":{"TotalPages":1},"Data":{"Permissions":["ReadAccountsBasic"],"ConsentId":"e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b","Status":"AwaitingAuthorisation"},"Risk":{}}

2021-08-23 21:24:54

(1) More

CallAccountRequestsEndpointWithBearerToken

Account requests endpoint response

account_requests_endpoint_response

{"Meta":{"TotalPages":1},"Data":{"Permissions":["ReadAccountsBasic"],"ConsentId":"e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b","Status":"AwaitingAuthorisation"},"Risk":{}}

2021-08-23 21:24:54

(2) More

SUCCESS

CallAccountRequestsEndpointWithBearerToken

Parsed account requests endpoint response

headers

{
  "date": "Mon, 23 Aug 2021 21:24:54 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003ddmX4JSTu10VJ04ji8hzGRW; Path\u003d/; Secure; HttpOnly; SameSite\u003dNone",
  "transfer-encoding": "chunked",
  "x-fapi-interaction-id": "5f56d493-dcc2-4638-972a-84de41f2cc43"
}

body

{"Meta":{"TotalPages":1},"Data":{"Permissions":["ReadAccountsBasic"],"ConsentId":"e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b","Status":"AwaitingAuthorisation"},"Risk":{}}

2021-08-23 21:24:54	SUCCESS	CheckIfAccountRequestsEndpointResponseError No error from account requests endpoint

2021-08-23 21:24:54

(1) More

SUCCESS

FAPI1-BASE-6.2.1-11 FAPI-R-6.2.1-11

CheckForFAPIInteractionIdInResourceResponse

Found x-fapi-interaction-id

interaction_id

5f56d493-dcc2-4638-972a-84de41f2cc43

2021-08-23 21:24:54

(1) More

SUCCESS

ExtractAccountRequestIdFromAccountRequestsEndpointResponse

Extracted the account request ID

account_request_id

e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b

Make request to authorization endpoint

2021-08-23 21:24:54

(3) More

SUCCESS

CreateAuthorizationEndpointRequestFromClientInformation

Created authorization endpoint request

client_id	c__fapi-mtls-jar1
redirect_uri	https://www.certification.openid.net/test/a/pi/callback
scope	openid other

2021-08-23 21:24:54

(1) More

SUCCESS

AddAccountRequestIdToAuthorizationEndpointRequest

Added openbanking_intent_id claim to authorization_endpoint_request

authorization_endpoint_request

{
  "client_id": "c__fapi-mtls-jar1",
  "redirect_uri": "https://www.certification.openid.net/test/a/pi/callback",
  "scope": "openid other",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b",
        "essential": true
      }
    }
  }
}

2021-08-23 21:24:54

(1) More

SUCCESS

OpenBankingUkAddMultipleAcrClaimsToAuthorizationEndpointRequest

Added acr to request as an essential id_token claim

authorization_endpoint_request

{
  "client_id": "c__fapi-mtls-jar1",
  "redirect_uri": "https://www.certification.openid.net/test/a/pi/callback",
  "scope": "openid other",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b",
        "essential": true
      },
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      }
    }
  }
}

2021-08-23 21:24:54

(2) More

CreateRandomStateValue

Created state value

requested_state_length	10
state	8FG5jWMiEn

2021-08-23 21:24:54

(5) More

SUCCESS

AddStateToAuthorizationEndpointRequest

Added state parameter to request

client_id	c__fapi-mtls-jar1
redirect_uri	https://www.certification.openid.net/test/a/pi/callback
scope	openid other
claims	{ "id_token": { "openbanking_intent_id": { "value": "e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b", "essential": true }, "acr": { "values": [ "urn:openbanking:psd2:sca", "urn:openbanking:psd2:ca" ], "essential": true } } }
state	8FG5jWMiEn

2021-08-23 21:24:54

(2) More

CreateRandomNonceValue

Created nonce value

requested_nonce_length	10
nonce	ptU8QKyX91

2021-08-23 21:24:54

(6) More

SUCCESS

AddNonceToAuthorizationEndpointRequest

Added nonce parameter to request

client_id	c__fapi-mtls-jar1
redirect_uri	https://www.certification.openid.net/test/a/pi/callback
scope	openid other
claims	{ "id_token": { "openbanking_intent_id": { "value": "e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b", "essential": true }, "acr": { "values": [ "urn:openbanking:psd2:sca", "urn:openbanking:psd2:ca" ], "essential": true } } }
state	8FG5jWMiEn
nonce	ptU8QKyX91

2021-08-23 21:24:54

(7) More

SUCCESS

SetAuthorizationEndpointRequestResponseTypeToCodeIdtoken

Added response_type parameter to request

client_id	c__fapi-mtls-jar1
redirect_uri	https://www.certification.openid.net/test/a/pi/callback
scope	openid other
claims	{ "id_token": { "openbanking_intent_id": { "value": "e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b", "essential": true }, "acr": { "values": [ "urn:openbanking:psd2:sca", "urn:openbanking:psd2:ca" ], "essential": true } } }
state	8FG5jWMiEn
nonce	ptU8QKyX91
response_type	code id_token

2021-08-23 21:24:54

(1) More

SUCCESS

ConvertAuthorizationEndpointRequestToRequestObject

Created request object claims

request_object_claims

{
  "client_id": "c__fapi-mtls-jar1",
  "redirect_uri": "https://www.certification.openid.net/test/a/pi/callback",
  "scope": "openid other",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b",
        "essential": true
      },
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      }
    }
  },
  "state": "8FG5jWMiEn",
  "nonce": "ptU8QKyX91",
  "response_type": "code id_token"
}

2021-08-23 21:24:54

(1) More

SUCCESS

RemoveScopeFromRequestObject

Removed scope value from request object claims

request_object_claims

{
  "client_id": "c__fapi-mtls-jar1",
  "redirect_uri": "https://www.certification.openid.net/test/a/pi/callback",
  "claims": {
    "id_token": {
      "openbanking_intent_id": {
        "value": "e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b",
        "essential": true
      },
      "acr": {
        "values": [
          "urn:openbanking:psd2:sca",
          "urn:openbanking:psd2:ca"
        ],
        "essential": true
      }
    }
  },
  "state": "8FG5jWMiEn",
  "nonce": "ptU8QKyX91",
  "response_type": "code id_token"
}

2021-08-23 21:24:54

(1) More

SUCCESS

FAPI1-ADV-5.2.2-17

AddNbfToRequestObject

Added nbf to request object claims

nbf	1.629753894E9

2021-08-23 21:24:54

(1) More

SUCCESS

FAPI1-ADV-5.2.2-13

AddExpToRequestObject

Added exp to request object claims

exp	1.629754194E9

2021-08-23 21:24:54

(1) More

SUCCESS

FAPI1-ADV-5.2.2-14

AddAudToRequestObject

Added aud to request object claims

aud	https://par-what-is-it-good-for.ping-eng.com:9031

2021-08-23 21:24:54

(1) More

SUCCESS

OIDCC-6.1

AddIssToRequestObject

Added iss to request object claims

iss	c__fapi-mtls-jar1

2021-08-23 21:24:54

(1) More

SUCCESS

FAPI1-ADV-5.2.3-8

AddClientIdToRequestObject

Added client_id to request object claims

client_id

c__fapi-mtls-jar1

2021-08-23 21:24:54

(4) More

SUCCESS

SignRequestObject

Signed the request object

claims	{"aud":"https:\/\/par-what-is-it-good-for.ping-eng.com:9031","nbf":1629753894,"claims":{"id_token":{"acr":{"values":["urn:openbanking:psd2:sca","urn:openbanking:psd2:ca"],"essential":true},"openbanking_intent_id":{"value":"e2736c9f-eef0-4c2c-8387-1b7eb5aaa04b","essential":true}}},"iss":"c__fapi-mtls-jar1","response_type":"code id_token","redirect_uri":"https:\/\/www.certification.openid.net\/test\/a\/pi\/callback","state":"8FG5jWMiEn","exp":1629754194,"nonce":"ptU8QKyX91","client_id":"c__fapi-mtls-jar1"}
header	{"kid":"-WBaQw","alg":"PS256"}
request_object	eyJraWQiOiItV0JhUXciLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvcGFyLXdoYXQtaXMtaXQtZ29vZC1mb3IucGluZy1lbmcuY29tOjkwMzEiLCJuYmYiOjE2Mjk3NTM4OTQsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsInVybjpvcGVuYmFua2luZzpwc2QyOmNhIl0sImVzc2VudGlhbCI6dHJ1ZX0sIm9wZW5iYW5raW5nX2ludGVudF9pZCI6eyJ2YWx1ZSI6ImUyNzM2YzlmLWVlZjAtNGMyYy04Mzg3LTFiN2ViNWFhYTA0YiIsImVzc2VudGlhbCI6dHJ1ZX19fSwiaXNzIjoiY19fZmFwaS1tdGxzLWphcjEiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9waVwvY2FsbGJhY2siLCJzdGF0ZSI6IjhGRzVqV01pRW4iLCJleHAiOjE2Mjk3NTQxOTQsIm5vbmNlIjoicHRVOFFLeVg5MSIsImNsaWVudF9pZCI6ImNfX2ZhcGktbXRscy1qYXIxIn0.IskuLVQkWdYxi5lZONqwTMXgdqyA89aAYoMsrXiRksx_ojebkPEcAYsGsPBV_MX22BdWblPhjQyb5kETu-8g6h79q91vBELj6n28BFeb9N2bY1YrDR75ijj2zTs7p52317xkGo65vOqGAc3JgeCgzhlLZk8fdSxDxzrOXBnvYtG_wS5v3jK14PgsVptvXKaTtXfEI1rvaKygeUpwsl2BkeoFBenLAgnCG6eEWmgB8-ArKDBNqBu0JzYQD-kT-xYCOabldtiSr2q8tqZh5Ijl0QUENM6f3tO-aRJZiixLrUzv4Eq7MUx9Oyovg6wjTaG014PX4DLxlVBiV1kW_h94GQ
key	{"p":"8t4drc_3MIo_j8tEjnFqyUoxYPRNcyoQSk6lJLr9ILhnBiiXfZZHUOP2f3Jmcr4zaj-D_gSq41CiGrBAhuGG0TnFLeGjBwDUyhRxUyj41k0edvD31HPmeJ2No7aeYOoCIBw5SwjthVHnsNQGWtc6rfd0kpuEsbaEmE9RahBL1RM","kty":"RSA","q":"8Ieb4MHC_CYAbQkGYJPqw8BTUh3m3SzlX1UxwJfir7k1KJ2JDT90ZWJtFYLRgIwNWttyPXcCDzbwqBqgnLB_AVBO7n6Z9lKALftEHv24mZdXeNOqbuzy_EcvrZSZkG2xBUyc3__mVhpVNA77qqbxLeTyHyrMjzxFqLwdSfOKoWk","d":"RJGACCAOOXZUB_b_Mk2_hhzLqUldaLrV6_Dngnxw0_ByOGXJfoI1u3LdIZRndXNSPOQ0bWXyR5c4Mp7vdB4onP8JiXQA8zix4SLOWqgY2bU0veFlVCW26aS4zAUGK1O0nUdqgoCQqx0QXA_bEEuNmIQsTSxjlH4eE1Oo5ehbLJgoZpHYQloK4Fgby3qTddmIeXJ7LCxbvTYK-uAL-5vfyLgrkjIckVIDfG92x-FrUDyr1qoLtRHrMuuDMQG-zQms0HyNNXfjBfq9oIDLB9h7mPTguYBoS8k63D6ogpD7UYJUOFUgAm_y-DZUib9YBEXxMJmO2peVL08sF25XKf1XEQ","e":"AQAB","use":"sig","kid":"-WBaQw","qi":"3MZv7p5pyEFFotF6QUgK8qErkI3Y15rerOd61tyctGFOxqduTdCTpcR6ZDsWiBK_FOubhih9c-3Kw74-T3EHC_ZzL-yMDLGnxtOkdMB0eY60TOfqLOUeckw2JFC7s-HssIDrOmnk98FW6gE1HuDilj0rhIaOXH1gBKwkgVEkr2A","dp":"pPi1xkw-x60Q8fcMMYnfFK4eDpLETVckS6VSTjnqGaDI8oj-JmO_O7YtyXKHHqgOOry8Rv8aqWArTN-uZTCqqFKKmtjrKaWp5T6vn-Jz7PXjnL2gSqMTyZiUDsHMoV4zZWZmkI6W8Pmq3RWY33nVtTgi6jdTkne9Z8xxLA-3wxs","alg":"PS256","dq":"nSA5V-27rnQ0uwW2QMjgB9hPlckq0zlM7aX9xk5yK1DVxR6ENT9KjiBqGi9HJK5Y2w2X50ci9UVymJ4sZa92iCkqJupVMXBbg64spgIg4VTYM3oyUBxB70OhhccZOhwuE8Qkhr_ofD7fgg53oNdFnjF9aZbP4pIA_2VDzNdnrGE","n":"5DDi1k_FDcYRRGdp2J-ofDpQIVgbYNY3Bi9-QbL0rq2tDEI34DmrSmDNWLdBS3j06gYF3uHMQXw1N9JfYNrEDFGriQxXgLrX_4p6PZ-qvxgRaFK4A_3NyZRD-KPSnDNs6PPDwlFxwTwXDMFerXlSxNyw3QBPDHZu56X-fIajKBovMbQvlYo_iveRp9oixw2kRWE0r2AvpzqdXguUwtZlCUnE9mCWhvAFCDLSycbUspmiw8-4M8UumS8U9NQBxM4eEZ3WSFv8ooJRvEHVvGcL5ITUdgOqiD6xRQIEVuYEo-lZx8AwuPvcrEBjQZ31_g9vUmG4tJQlffEaF8ZNRVlXyw"}

2021-08-23 21:24:54

(1) More

SUCCESS

BuildRequestObjectByValueRedirectToAuthorizationEndpoint

Sending to authorization endpoint

redirect_to_authorization_endpoint

https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2?request=eyJraWQiOiItV0JhUXciLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvcGFyLXdoYXQtaXMtaXQtZ29vZC1mb3IucGluZy1lbmcuY29tOjkwMzEiLCJuYmYiOjE2Mjk3NTM4OTQsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsInVybjpvcGVuYmFua2luZzpwc2QyOmNhIl0sImVzc2VudGlhbCI6dHJ1ZX0sIm9wZW5iYW5raW5nX2ludGVudF9pZCI6eyJ2YWx1ZSI6ImUyNzM2YzlmLWVlZjAtNGMyYy04Mzg3LTFiN2ViNWFhYTA0YiIsImVzc2VudGlhbCI6dHJ1ZX19fSwiaXNzIjoiY19fZmFwaS1tdGxzLWphcjEiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9waVwvY2FsbGJhY2siLCJzdGF0ZSI6IjhGRzVqV01pRW4iLCJleHAiOjE2Mjk3NTQxOTQsIm5vbmNlIjoicHRVOFFLeVg5MSIsImNsaWVudF9pZCI6ImNfX2ZhcGktbXRscy1qYXIxIn0.IskuLVQkWdYxi5lZONqwTMXgdqyA89aAYoMsrXiRksx_ojebkPEcAYsGsPBV_MX22BdWblPhjQyb5kETu-8g6h79q91vBELj6n28BFeb9N2bY1YrDR75ijj2zTs7p52317xkGo65vOqGAc3JgeCgzhlLZk8fdSxDxzrOXBnvYtG_wS5v3jK14PgsVptvXKaTtXfEI1rvaKygeUpwsl2BkeoFBenLAgnCG6eEWmgB8-ArKDBNqBu0JzYQD-kT-xYCOabldtiSr2q8tqZh5Ijl0QUENM6f3tO-aRJZiixLrUzv4Eq7MUx9Oyovg6wjTaG014PX4DLxlVBiV1kW_h94GQ&client_id=c__fapi-mtls-jar1&redirect_uri=https://www.certification.openid.net/test/a/pi/callback&scope=openid%20other&response_type=code%20id_token

2021-08-23 21:24:54

(1) More

REDIRECT

fapi1-advanced-final-ensure-request-object-without-scope-fails

Redirecting to authorization endpoint

redirect_to

https://par-what-is-it-good-for.ping-eng.com:9031/as/authorization.oauth2?request=eyJraWQiOiItV0JhUXciLCJhbGciOiJQUzI1NiJ9.eyJhdWQiOiJodHRwczpcL1wvcGFyLXdoYXQtaXMtaXQtZ29vZC1mb3IucGluZy1lbmcuY29tOjkwMzEiLCJuYmYiOjE2Mjk3NTM4OTQsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpvcGVuYmFua2luZzpwc2QyOnNjYSIsInVybjpvcGVuYmFua2luZzpwc2QyOmNhIl0sImVzc2VudGlhbCI6dHJ1ZX0sIm9wZW5iYW5raW5nX2ludGVudF9pZCI6eyJ2YWx1ZSI6ImUyNzM2YzlmLWVlZjAtNGMyYy04Mzg3LTFiN2ViNWFhYTA0YiIsImVzc2VudGlhbCI6dHJ1ZX19fSwiaXNzIjoiY19fZmFwaS1tdGxzLWphcjEiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9waVwvY2FsbGJhY2siLCJzdGF0ZSI6IjhGRzVqV01pRW4iLCJleHAiOjE2Mjk3NTQxOTQsIm5vbmNlIjoicHRVOFFLeVg5MSIsImNsaWVudF9pZCI6ImNfX2ZhcGktbXRscy1qYXIxIn0.IskuLVQkWdYxi5lZONqwTMXgdqyA89aAYoMsrXiRksx_ojebkPEcAYsGsPBV_MX22BdWblPhjQyb5kETu-8g6h79q91vBELj6n28BFeb9N2bY1YrDR75ijj2zTs7p52317xkGo65vOqGAc3JgeCgzhlLZk8fdSxDxzrOXBnvYtG_wS5v3jK14PgsVptvXKaTtXfEI1rvaKygeUpwsl2BkeoFBenLAgnCG6eEWmgB8-ArKDBNqBu0JzYQD-kT-xYCOabldtiSr2q8tqZh5Ijl0QUENM6f3tO-aRJZiixLrUzv4Eq7MUx9Oyovg6wjTaG014PX4DLxlVBiV1kW_h94GQ&client_id=c__fapi-mtls-jar1&redirect_uri=https://www.certification.openid.net/test/a/pi/callback&scope=openid%20other&response_type=code%20id_token

2021-08-23 21:24:54

(2) More

REVIEW IMAGE

FAPI1-ADV-5.2.3-8

ExpectRequestObjectMissingScopeErrorPage

If the server does not return an invalid_request_object error back to the client, it must show an error page saying the request object is invalid as it is missing the 'scope' claim - upload a screenshot of the error page.

img
updatedAt	1629753910573

2021-08-23 21:25:25

(1) More

FINISHED

fapi1-advanced-final-ensure-request-object-without-scope-fails

Test has run to completion

testmodule_result

REVIEW

2021-08-23 21:25:40

(2) More

TEST-RUNNER

Alias has now been claimed by another test

alias	pi
new_test_id	PJqOoA2Yk15tYUn

Test Summary

Test Results