Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-01-21 15:42:03 INFO
TEST-RUNNER
Test instance d1pm6yaD3irKlsh created
baseUrl
https://www.certification.openid.net/test/a/roboot-fapi-ciba-poll-mtls-v1-final
variant
{
  "client_auth_type": "mtls",
  "ciba_mode": "poll",
  "fapi_profile": "plain_fapi",
  "client_registration": "static_client"
}
alias
roboot-fapi-ciba-poll-mtls-v1-final
description
FAPI CIBA MTLS Poll
planId
xPBU37aQKJBbJ
config
{
  "alias": "roboot-fapi-ciba-poll-mtls-v1-final",
  "description": "FAPI CIBA MTLS Poll",
  "server": {
    "discoveryUrl": "https://emea-conformance.ping-eng.com:9031/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "conformance1",
    "scope": "openid test",
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "d": "QPg1PBy12DhqqGeiuWBoIdhrfbOutP8nfSND46mdTgU",
          "use": "sig",
          "crv": "P-256",
          "kid": "2HKyz2Uc4F8hRcwyuPgA5Eg_salnEe7pfujUkvj2yew",
          "x": "NK3-2enqupOW-PGDSp2X2vrtqFIVnsVMciZdVwa7p8Q",
          "y": "Yrp1yMUYXZcWbHRzsXlH94v2SJZs0lxRbbCpvo1kcUw",
          "alg": "ES256"
        }
      ]
    },
    "hint_type": "login_hint",
    "hint_value": "patrick"
  },
  "mtls": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNV\nBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQG\nA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5n\nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQw\nIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERl\nbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07z\nEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1\nd8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ3\n3nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKj\nBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL\n42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0Iw\nQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwt\nZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEm\nIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAAB\nPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxN\nUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xj\ns7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhus\nexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmF\nG9y5Fqs\u003d\n-----END CERTIFICATE-----",
    "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az\n202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl\n+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fy\negVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgp\ntqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTg\njhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8\nqafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky\n0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCB\nr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7\nzrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k\n2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3\nZ7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/\nTSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/\nXgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1Tp\nZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7\nL92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfg\ng6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznX\nNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4H\nCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEje\nh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85\nJIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/I\nrb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetd\nlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+Fd\nR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7Uqy\nZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P\n-----END RSA PRIVATE KEY-----",
    "ca": "-----BEGIN CERTIFICATE-----\nMIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJH\nQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoM\nDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBE\nZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UE\nBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYD\nVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1Bpbmcg\nVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte48\n3946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YM\niVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HW\nS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS\n6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuW\npgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6h\nP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6\naewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/W\nCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTY\nlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mA\nXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChP\nNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC\n/Eat5g\u003d\u003d\n-----END CERTIFICATE-----"
  },
  "client2": {
    "client_id": "conformance2",
    "scope": "openid test",
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "d": "MTbmR5F_tN0zlvVrwESkMNHB-ZLoRpk3dlxHYged3Ik",
          "use": "sig",
          "crv": "P-256",
          "kid": "6waBCAJKuKMvSU3k540XHPx_4gJx01tmQh8giaYjj1k",
          "x": "XW7xFTCnyPLhhWb_dE0fIIavYTbilf3HDsUELAC5SwI",
          "y": "sm9SrdwPWJ_oQ5tbsDMi6xnsaoLWZLTFyy0L2q5vURE",
          "alg": "ES256"
        }
      ]
    },
    "acr_value": "high"
  },
  "mtls2": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDkTCCAnmgAwIBAgIJAOLiBx6+gpndMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNV\nBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQG\nA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5n\nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQyNzM5WhcNMjIwMjA1MTQyNzM5WjBaMSQw\nIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIxDTALBgNVBAsMBERl\nbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkq\nhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTG\nPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46D\nJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBm\nwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B\n5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7y\nms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABo0Iw\nQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwt\nZmFwaS1jaWJhLWNsaWVudDIwDQYJKoZIhvcNAQELBQADggEBAAqCOmoKF4tCpTRV\ndVnfFGoQ7Zqv4HDt2mM7Uq/5qlaj0h0aMaHUO+w3ouNdNuFxjww0d9BDjXDatOSl\nWKitS2eTc1AdSACIsxtIVrp7CarJPoCA3YwiSKaGGxgByIdx5EINCgqcm2AaP7nC\nb5oLPNawJCASvFT4lEUCwkPKRuxOd36lWIH9mKVjhsfRMrnUfrccAuXCpg+qzbl4\nWHS1ZVKi93qLrBWp7AphhbeZ8tsrkkEQcXiYHdkdZnrpctcrMPODnNLwX1Bw0acY\ndwuLHfvb1k8zW/Tn5pzDLc5A401sZswxu4l8oRQtFeIV1qgZUvGmvJ4qbQF997SK\nvmmVwUw\u003d\n-----END CERTIFICATE-----",
    "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0if\nq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V\n6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQs\nhiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatv\nh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fu\nZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABAoIBAEizzjTi8x/RaPs4\nSVKUYRFMnUsO5fRNrn1Cq7IJYovI/rUyEHtJNLK3vrtYYY74tjzHR/+xKFzMHg35\n9JbKb2Iqo7j/mJG75AENBrCgauNowVW7y/4pU03SyhLOQrKN30w1Qj7RH0eDrYI5\n8kOkJOf0ev285BGn06hcALs+AVDBBh6CSbD0jR3Z4ZrlTeCk+91JYGmSdJAIjBd6\n5mUAaiJ6g0oEI22BL9StlOIAg6XD3xAJ//CcrumvA3AwMYoE+e1F0HjlVkpIHmAl\n1cr+4muPC80/YKnC5s9Bwvq/EeJhfVMsnaBQYiobcKr7QNW2WUn1gfYQM3jo3Shb\ncraGYjECgYEA6QP0Dz2h6jw1FLaC0Q9/xNnCvJSeLx6gb1s/cqVgNWjTVZoq2mv6\nak9wJ0emq7nf5+Gbj22bIGiC/dQNLTjCFEbDW2bzgiMYWLDCu+xHHcRql5JixZrX\n4fy53qlXpKOncMu1nd0T77aTOb4yKhqF8yp7p0ayR4qyB/tqsQNniSMCgYEA1Cde\n41Wsp+ECT+g/siAFgDTwRWZj2l5zrhsPJpAhMnUn9kgn14b9Ag8Z7mBZZTP1eTVy\ni27tSKT1hVKH6X4jlB5WWGSg78x2XUq9YdWZ4fIL6g5vWfHMZVHcZp2AcTsF5GKX\nLRxFPphmCIr2fBPNbvcGXyhABX71oB/T+93m+40CgYBQaDvU8oioAqSyhBR6PeXy\nMM7BMmuviNsF8i/fyO99HrImjO+StcYQ316tP01lXtvD8ZczlDf+o/Hn0z/Exhw6\n0Pxi0xDebGvfVwerv2n+/KNnsG0DEV7DrekZy8fhmVOTWchPNFXH13HQcDBxVPu6\nIIPRAlVM2LB8jqaPdMRKjwKBgBMzGPBD8aMjxtzKbPFG2piWsePl90Vs5NUt17oq\nswZo+dvc/dYQflcwXK1pBM4W3LFCeAJMYKcBXsLZDDnCU5/0+uV2/eWVwGSC/g6b\nkRiUmiVtdwBR1KiatvKGcHhO2iKoFXxcoZufmSROxy3FcQMI0gfMkbatnbcHCl0x\n4NSFAoGBANUjORpeHOjACkC5K223B7EMTKTafWFAeiHlxspIKXhTXCy7kPvP/g3B\naVhTqmWvpaxeI13HpQsxGjlwQSd7LO8T42nsX/VIpt3mOokQ/hdU/RvYZDJFclDz\n6M0VjCsshxg+dh8CEfrMAeZ36SXKIqdjXfLQ8yeeQF+fJNHzeXPB\n-----END RSA PRIVATE KEY-----\n",
    "ca": "-----BEGIN CERTIFICATE-----\nMIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJH\nQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoM\nDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBE\nZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UE\nBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYD\nVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1Bpbmcg\nVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte48\n3946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YM\niVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HW\nS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS\n6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuW\npgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6h\nP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6\naewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/W\nCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTY\nlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mA\nXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChP\nNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC\n/Eat5g\u003d\u003d\n-----END CERTIFICATE-----"
  },
  "resource": {
    "resourceUrl": "https://emea-conformance.ping-eng.com:3000/get"
  }
}
testName
fapi-ciba-id1-refresh-token
2021-01-21 15:42:03 SUCCESS
CreateCIBANotificationEndpointUri
Created ciba notification endpoint URI
notification_uri
https://www.certification.openid.net/test/a/roboot-fapi-ciba-poll-mtls-v1-final/ciba-notification-endpoint
2021-01-21 15:42:03
GetDynamicServerConfiguration
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9031/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-01-21 15:42:04 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:03 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003d99mlfTm6NOUS9hF9WbIkq7;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "content-length": "3631"
}
response_body
{
  "issuer": "https://emea-conformance.ping-eng.com:9031",
  "authorization_endpoint": "https://emea-conformance.ping-eng.com:9031/as/authorization.oauth2",
  "token_endpoint": "https://emea-conformance.ping-eng.com:9032/as/token.oauth2",
  "revocation_endpoint": "https://emea-conformance.ping-eng.com:9031/as/revoke_token.oauth2",
  "userinfo_endpoint": "https://emea-conformance.ping-eng.com:9031/idp/userinfo.openid",
  "introspection_endpoint": "https://emea-conformance.ping-eng.com:9031/as/introspect.oauth2",
  "jwks_uri": "https://emea-conformance.ping-eng.com:9031/pf/JWKS",
  "registration_endpoint": "https://emea-conformance.ping-eng.com:9031/as/clients.oauth2",
  "ping_revoked_sris_endpoint": "https://emea-conformance.ping-eng.com:9031/pf-ws/rest/sessionMgmt/revokedSris",
  "ping_session_management_sris_endpoint": "https://emea-conformance.ping-eng.com:9031/pf-ws/rest/sessionMgmt/sessions",
  "ping_end_session_endpoint": "https://emea-conformance.ping-eng.com:9031/idp/startSLO.ping",
  "device_authorization_endpoint": "https://emea-conformance.ping-eng.com:9031/as/device_authz.oauth2",
  "scopes_supported": [ "test", "openid" ],
  "claims_supported": [ "sub" ],
  "response_types_supported": [ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ],
  "response_modes_supported": [ "fragment", "query", "form_post" ],
  "grant_types_supported": [ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:pingidentity.com:oauth2:grant_type:validate_bearer", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer", "urn:ietf:params:oauth:grant-type:device_code", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:openid:params:grant-type:ciba" ],
  "subject_types_supported": [ "public", "pairwise" ],
  "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
    "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "private_key_jwt" , "tls_client_auth"],
  "token_endpoint_auth_signing_alg_values_supported":  [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "claim_types_supported": [ "normal" ],
  "claims_parameter_supported": false,
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "request_object_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "id_token_encryption_alg_values_supported": [ "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "RSA-OAEP" ],
  "id_token_encryption_enc_values_supported": [ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ],
  "backchannel_authentication_endpoint": "https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba",
  "backchannel_token_delivery_modes_supported": [ "poll", "ping" ],
  "backchannel_authentication_request_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "backchannel_user_code_parameter_supported": false,
  "code_challenge_methods_supported": [ "plain", "S256" ],
  "tls_client_certificate_bound_access_tokens": true,
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://emea-conformance.ping-eng.com:9032/as/token.oauth2",
  "backchannel_authentication_endpoint": "https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba"}
}
2021-01-21 15:42:04
GetDynamicServerConfiguration
Downloaded server configuration
server_config_string
{
  "issuer": "https://emea-conformance.ping-eng.com:9031",
  "authorization_endpoint": "https://emea-conformance.ping-eng.com:9031/as/authorization.oauth2",
  "token_endpoint": "https://emea-conformance.ping-eng.com:9032/as/token.oauth2",
  "revocation_endpoint": "https://emea-conformance.ping-eng.com:9031/as/revoke_token.oauth2",
  "userinfo_endpoint": "https://emea-conformance.ping-eng.com:9031/idp/userinfo.openid",
  "introspection_endpoint": "https://emea-conformance.ping-eng.com:9031/as/introspect.oauth2",
  "jwks_uri": "https://emea-conformance.ping-eng.com:9031/pf/JWKS",
  "registration_endpoint": "https://emea-conformance.ping-eng.com:9031/as/clients.oauth2",
  "ping_revoked_sris_endpoint": "https://emea-conformance.ping-eng.com:9031/pf-ws/rest/sessionMgmt/revokedSris",
  "ping_session_management_sris_endpoint": "https://emea-conformance.ping-eng.com:9031/pf-ws/rest/sessionMgmt/sessions",
  "ping_end_session_endpoint": "https://emea-conformance.ping-eng.com:9031/idp/startSLO.ping",
  "device_authorization_endpoint": "https://emea-conformance.ping-eng.com:9031/as/device_authz.oauth2",
  "scopes_supported": [ "test", "openid" ],
  "claims_supported": [ "sub" ],
  "response_types_supported": [ "code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token" ],
  "response_modes_supported": [ "fragment", "query", "form_post" ],
  "grant_types_supported": [ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:pingidentity.com:oauth2:grant_type:validate_bearer", "urn:ietf:params:oauth:grant-type:jwt-bearer", "urn:ietf:params:oauth:grant-type:saml2-bearer", "urn:ietf:params:oauth:grant-type:device_code", "urn:ietf:params:oauth:grant-type:token-exchange", "urn:openid:params:grant-type:ciba" ],
  "subject_types_supported": [ "public", "pairwise" ],
  "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
    "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "private_key_jwt" , "tls_client_auth"],
  "token_endpoint_auth_signing_alg_values_supported":  [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "claim_types_supported": [ "normal" ],
  "claims_parameter_supported": false,
  "request_parameter_supported": true,
  "request_uri_parameter_supported": false,
  "request_object_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "id_token_encryption_alg_values_supported": [ "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "RSA-OAEP" ],
  "id_token_encryption_enc_values_supported": [ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ],
  "backchannel_authentication_endpoint": "https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba",
  "backchannel_token_delivery_modes_supported": [ "poll", "ping" ],
  "backchannel_authentication_request_signing_alg_values_supported": [ "RS256", "RS384", "RS512", "ES256", "ES384", "ES512", "PS256", "PS384", "PS512" ],
  "backchannel_user_code_parameter_supported": false,
  "code_challenge_methods_supported": [ "plain", "S256" ],
  "tls_client_certificate_bound_access_tokens": true,
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://emea-conformance.ping-eng.com:9032/as/token.oauth2",
  "backchannel_authentication_endpoint": "https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba"}
}
2021-01-21 15:42:04 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://emea-conformance.ping-eng.com:9031
authorization_endpoint
https://emea-conformance.ping-eng.com:9031/as/authorization.oauth2
token_endpoint
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
revocation_endpoint
https://emea-conformance.ping-eng.com:9031/as/revoke_token.oauth2
userinfo_endpoint
https://emea-conformance.ping-eng.com:9031/idp/userinfo.openid
introspection_endpoint
https://emea-conformance.ping-eng.com:9031/as/introspect.oauth2
jwks_uri
https://emea-conformance.ping-eng.com:9031/pf/JWKS
registration_endpoint
https://emea-conformance.ping-eng.com:9031/as/clients.oauth2
ping_revoked_sris_endpoint
https://emea-conformance.ping-eng.com:9031/pf-ws/rest/sessionMgmt/revokedSris
ping_session_management_sris_endpoint
https://emea-conformance.ping-eng.com:9031/pf-ws/rest/sessionMgmt/sessions
ping_end_session_endpoint
https://emea-conformance.ping-eng.com:9031/idp/startSLO.ping
device_authorization_endpoint
https://emea-conformance.ping-eng.com:9031/as/device_authz.oauth2
scopes_supported
[
  "test",
  "openid"
]
claims_supported
[
  "sub"
]
response_types_supported
[
  "code",
  "token",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
response_modes_supported
[
  "fragment",
  "query",
  "form_post"
]
grant_types_supported
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "password",
  "client_credentials",
  "urn:pingidentity.com:oauth2:grant_type:validate_bearer",
  "urn:ietf:params:oauth:grant-type:jwt-bearer",
  "urn:ietf:params:oauth:grant-type:saml2-bearer",
  "urn:ietf:params:oauth:grant-type:device_code",
  "urn:ietf:params:oauth:grant-type:token-exchange",
  "urn:openid:params:grant-type:ciba"
]
subject_types_supported
[
  "public",
  "pairwise"
]
id_token_signing_alg_values_supported
[
  "none",
  "HS256",
  "HS384",
  "HS512",
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth"
]
token_endpoint_auth_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
false
request_parameter_supported
true
request_uri_parameter_supported
false
request_object_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
id_token_encryption_alg_values_supported
[
  "dir",
  "A128KW",
  "A192KW",
  "A256KW",
  "A128GCMKW",
  "A192GCMKW",
  "A256GCMKW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A192KW",
  "ECDH-ES+A256KW",
  "RSA-OAEP"
]
id_token_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A192CBC-HS384",
  "A256CBC-HS512",
  "A128GCM",
  "A192GCM",
  "A256GCM"
]
backchannel_authentication_endpoint
https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba
backchannel_token_delivery_modes_supported
[
  "poll",
  "ping"
]
backchannel_authentication_request_signing_alg_values_supported
[
  "RS256",
  "RS384",
  "RS512",
  "ES256",
  "ES384",
  "ES512",
  "PS256",
  "PS384",
  "PS512"
]
backchannel_user_code_parameter_supported
false
code_challenge_methods_supported
[
  "plain",
  "S256"
]
tls_client_certificate_bound_access_tokens
true
mtls_endpoint_aliases
{
  "token_endpoint": "https://emea-conformance.ping-eng.com:9032/as/token.oauth2",
  "backchannel_authentication_endpoint": "https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba"
}
2021-01-21 15:42:04 SUCCESS
AddMTLSEndpointAliasesToEnvironment
Added mtls_endpoint_aliases to environment
mtls_endpoint_aliases
{
  "token_endpoint": "https://emea-conformance.ping-eng.com:9032/as/token.oauth2",
  "backchannel_authentication_endpoint": "https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba"
}
2021-01-21 15:42:04 SUCCESS
CheckCIBAServerConfiguration
Found required server configuration keys
required
[
  "backchannel_authentication_endpoint",
  "token_endpoint",
  "issuer"
]
2021-01-21 15:42:04 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "emea-conformance.ping-eng.com",
  "testPort": 9031
}
authorization_endpoint
{
  "testHost": "emea-conformance.ping-eng.com",
  "testPort": 9031
}
token_endpoint
{
  "testHost": "emea-conformance.ping-eng.com",
  "testPort": 9032
}
userinfo_endpoint
{
  "testHost": "emea-conformance.ping-eng.com",
  "testPort": 9031
}
2021-01-21 15:42:04
FetchServerKeys
Fetching server key
jwks_uri
https://emea-conformance.ping-eng.com:9031/pf/JWKS
2021-01-21 15:42:04
FetchServerKeys
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9031/pf/JWKS
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-01-21 15:42:04 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:04 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dPtgbkUUBpwWkcVvD9wGXt8;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"keys":[{"kty":"EC","kid":"EXQV_y9TC1OfnM83rEwLWOIrzmU","use":"sig","x":"hNHvZVTVSO-qbjPM_XS-YhYXcHMfAxDRQUDwkfukoR4","y":"YDG2UzJkHuRxYEd7N_ohGvPQzDl84ZYaw2XsgKWKoeU","crv":"P-256"},{"kty":"EC","kid":"KvxGGZPwxfj4gsq2JXqFEgcwQFA","use":"sig","x":"Ac5hnMIa-drtQAS1ZZkfQvIS2tJim9IOGs6Gp-tbS0syMFjpsThlaOB9NeaFPGEjshLmSE4QJjJBvWCeer1fweNj","y":"ASs1ys7gg8w5oiiH-eFNAt8PISGhIkslWD1Bm2sQ1p5u939UlqTp3U5SaIU-wpG5ggPdEPkly6TE9KRycSoTg1Kr","crv":"P-521"},{"kty":"EC","kid":"WGV_9ai15AXwsi1YHnmLZpIIv9A","use":"sig","x":"B4lfWxXqv_iDM-xp0zPEjCKGzjPoaWBRlZk8za4_0_AgoEHXdvMTJ-JkYe1I3Nag","y":"pZFH997Zh09tGsWvvG2KjPrTGEUs2bVUv5eKIqLw0yS86VCgPj1wOX5VpvphORTH","crv":"P-384"},{"kty":"RSA","kid":"dHIY6Q4KI3NJPUDL6sbhv1IGn40","use":"sig","n":"gGIOUiMNdddk6NkbcSSvJJHSy5Fg9RGxpQ2vjpaj78moyKcecY44o50bUiYP8isOEjLYPffG-jkLKMbVUVYOvT43181RBRU8sUD2N5X6uCzLKUafAF-vB7RhTYpN1oeew7lnpUkXvXk5yg6mRDwF8eSiBldPS-MABSp0YiBjXEEU0y-MuJyzwf5ANJ7JYuVvo06ZJ7nuiTzh6gBQotn5t7O8o7dFu-GL9zuhOiryAF4FIM4DsEaVrO5twQutEiY6dmWEXWSrEKpmTorp7cmEtLI6WJXnhEKyfnbbo7VOZJyZu49w9Rq_cw70ETr4XKnD5YpvfOP-PP0Sw_3gJAy4BQ","e":"AQAB"},{"kty":"EC","kid":"5ux7tpMjt6DjmJA4vXPhrWvb2ko","use":"sig","x":"pVCPl3POPy3p7O0UpX4Vv56rSQzejk2_GbEFkI5ifEYkXodkndfqD_29h7JAKOEW","y":"vA3G9Cndjl6hFWOHlxIYEJIiIrm-p-06WhL8Y_z06jdSlWlHqB6vtfTaB4azXQ_c","crv":"P-384"},{"kty":"EC","kid":"DZKPmdul93whyB2Ejs-bvRa6o8Q","use":"sig","x":"iNk94QFDSU54ukjsKZeTXwIk9TUeGc_eoLgMTYMUSnE","y":"jjscdJzv7xyZTBx6UBfEsVsLjCharr4_1mStwahtICo","crv":"P-256"},{"kty":"RSA","kid":"bQkr5Bh_gSscNMUxg79mQEpC90o","use":"sig","n":"gu08lDoyl03hMteIrZMaRDd7qJKkIw3e1YNAIBNRMpqAA8RLpuWMkKvbP5TDWdrD6zVT6uyNzS4_ULgNbs6yzLo4QNpOinn0J4hdp9eVhj7wuG3prqnmYmEC9EdwuW_ybEgJRMApgNkxMQBV0p-Kxrax2HXo2aXif8yaJ5rRfwUM--PhpBvF7oYAKMazPbfLMsjSzuWsl2HkvgLPj2jbMB2ljbXurySdResp4xr6fqyjCbh9cXHWOgUwUzk6UuNmWqTltb_q03GQl-GypuT3WmFPcq_idUEMDo2dFg8Cej_93L5duWSVdWKMG03Q4mglDQ9qZ2rEJBFI0mbmdcgeVw","e":"AQAB"},{"kty":"EC","kid":"nFudxtMVwGB3gZh-x2Mdka49KbM","use":"sig","x":"AIcLHGRy0Z75WHnL_tgmes-vr4LESbdThkN9tdrO4rssSbj-Qra7ZIpwn0ry-Xqau-ASxhLDKtD0QsGlr5B9nFHq","y":"ARwaLSnYarBus8ohqPHgJbrGbAqK4PqqBJ3BdOc6E93DlSZMtRgEblU2R67Ebudmbep85HJLmb0lTPTNm_wYpVQ-","crv":"P-521"},{"kty":"RSA","kid":"JTfNDZoI0QT6c6-5IxJshb3zc8w","use":"enc","n":"pq-E_g7CpY4VZtFmsraRs466wCPXDYFaxtfjcnRJciZnSovjI2_SvTSINe9db-V3pRfIDyQiyhoKqQYK2Ime1zSahg9ZN2kKvIib7C-6byIXinfsSwLqYotfmbgnAhKWbkmLe0H1exjGlVNo3PbeffyGiCSXhJeLKjZbQY64tFRc8dsAZbPs-Z8JdJevfYFLFiLMwDgE72cno8qVr_u0Padad7nVS4COxUIhHOQYgpSmvUMEGboM3CsUM2og_TSbw_IO-3vQhqAAFY5z4quLiUBHQgG8XtvtY41vLTC1QE8QtklzdlDizzqVyi3-6jjJF5zwk7FKEC5i3YVcri80OQ","e":"AQAB"},{"kty":"EC","kid":"KzjAlSsbIOwVFiIIwCYCCbBqpIo","use":"enc","x":"HwQFbvooWaAq515UMdvmkO1UWPkNDdA_qZRa8IVFj9rNrJqCNoWdlqpj5FleNtp6","y":"VIcGW0nzSGg-q7T-2_ASoM0yV6Kdt6sZ2qs-TofYgc_KK5ELK51xXLYC2xo7fWIR","crv":"P-384"},{"kty":"EC","kid":"fFAQokYoa7US-nQ-gkuYSr6ecKw","use":"enc","x":"ACf2RdpVPGLjUCt3OUTauJxbPWy919U9JaDfYBTzwrbULjQJtz-Zh25Dh32b8AZuwMFRgaAczasWT0WEzwetFl6C","y":"AFw0YooEteyQTFCkWZRV6TDUPKsH00ORr1Wf3pzHWpzdqHsDM0zaZhscBEdKgoT1rkCR5QGoCqRgGHCRckS3yAlG","crv":"P-521"},{"kty":"EC","kid":"qql_YRt2axSrWYHdk1BizVZzaOw","use":"enc","x":"N29loZC6PUaj6I3kMqjheiw3xZ186lLpSatc-y3YvBs","y":"TjkmhRvQjwa9Kc23MQ365H8PtgP6Zy1qk3vqxW7aiiM","crv":"P-256"}]}
2021-01-21 15:42:04
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kty":"EC","kid":"EXQV_y9TC1OfnM83rEwLWOIrzmU","use":"sig","x":"hNHvZVTVSO-qbjPM_XS-YhYXcHMfAxDRQUDwkfukoR4","y":"YDG2UzJkHuRxYEd7N_ohGvPQzDl84ZYaw2XsgKWKoeU","crv":"P-256"},{"kty":"EC","kid":"KvxGGZPwxfj4gsq2JXqFEgcwQFA","use":"sig","x":"Ac5hnMIa-drtQAS1ZZkfQvIS2tJim9IOGs6Gp-tbS0syMFjpsThlaOB9NeaFPGEjshLmSE4QJjJBvWCeer1fweNj","y":"ASs1ys7gg8w5oiiH-eFNAt8PISGhIkslWD1Bm2sQ1p5u939UlqTp3U5SaIU-wpG5ggPdEPkly6TE9KRycSoTg1Kr","crv":"P-521"},{"kty":"EC","kid":"WGV_9ai15AXwsi1YHnmLZpIIv9A","use":"sig","x":"B4lfWxXqv_iDM-xp0zPEjCKGzjPoaWBRlZk8za4_0_AgoEHXdvMTJ-JkYe1I3Nag","y":"pZFH997Zh09tGsWvvG2KjPrTGEUs2bVUv5eKIqLw0yS86VCgPj1wOX5VpvphORTH","crv":"P-384"},{"kty":"RSA","kid":"dHIY6Q4KI3NJPUDL6sbhv1IGn40","use":"sig","n":"gGIOUiMNdddk6NkbcSSvJJHSy5Fg9RGxpQ2vjpaj78moyKcecY44o50bUiYP8isOEjLYPffG-jkLKMbVUVYOvT43181RBRU8sUD2N5X6uCzLKUafAF-vB7RhTYpN1oeew7lnpUkXvXk5yg6mRDwF8eSiBldPS-MABSp0YiBjXEEU0y-MuJyzwf5ANJ7JYuVvo06ZJ7nuiTzh6gBQotn5t7O8o7dFu-GL9zuhOiryAF4FIM4DsEaVrO5twQutEiY6dmWEXWSrEKpmTorp7cmEtLI6WJXnhEKyfnbbo7VOZJyZu49w9Rq_cw70ETr4XKnD5YpvfOP-PP0Sw_3gJAy4BQ","e":"AQAB"},{"kty":"EC","kid":"5ux7tpMjt6DjmJA4vXPhrWvb2ko","use":"sig","x":"pVCPl3POPy3p7O0UpX4Vv56rSQzejk2_GbEFkI5ifEYkXodkndfqD_29h7JAKOEW","y":"vA3G9Cndjl6hFWOHlxIYEJIiIrm-p-06WhL8Y_z06jdSlWlHqB6vtfTaB4azXQ_c","crv":"P-384"},{"kty":"EC","kid":"DZKPmdul93whyB2Ejs-bvRa6o8Q","use":"sig","x":"iNk94QFDSU54ukjsKZeTXwIk9TUeGc_eoLgMTYMUSnE","y":"jjscdJzv7xyZTBx6UBfEsVsLjCharr4_1mStwahtICo","crv":"P-256"},{"kty":"RSA","kid":"bQkr5Bh_gSscNMUxg79mQEpC90o","use":"sig","n":"gu08lDoyl03hMteIrZMaRDd7qJKkIw3e1YNAIBNRMpqAA8RLpuWMkKvbP5TDWdrD6zVT6uyNzS4_ULgNbs6yzLo4QNpOinn0J4hdp9eVhj7wuG3prqnmYmEC9EdwuW_ybEgJRMApgNkxMQBV0p-Kxrax2HXo2aXif8yaJ5rRfwUM--PhpBvF7oYAKMazPbfLMsjSzuWsl2HkvgLPj2jbMB2ljbXurySdResp4xr6fqyjCbh9cXHWOgUwUzk6UuNmWqTltb_q03GQl-GypuT3WmFPcq_idUEMDo2dFg8Cej_93L5duWSVdWKMG03Q4mglDQ9qZ2rEJBFI0mbmdcgeVw","e":"AQAB"},{"kty":"EC","kid":"nFudxtMVwGB3gZh-x2Mdka49KbM","use":"sig","x":"AIcLHGRy0Z75WHnL_tgmes-vr4LESbdThkN9tdrO4rssSbj-Qra7ZIpwn0ry-Xqau-ASxhLDKtD0QsGlr5B9nFHq","y":"ARwaLSnYarBus8ohqPHgJbrGbAqK4PqqBJ3BdOc6E93DlSZMtRgEblU2R67Ebudmbep85HJLmb0lTPTNm_wYpVQ-","crv":"P-521"},{"kty":"RSA","kid":"JTfNDZoI0QT6c6-5IxJshb3zc8w","use":"enc","n":"pq-E_g7CpY4VZtFmsraRs466wCPXDYFaxtfjcnRJciZnSovjI2_SvTSINe9db-V3pRfIDyQiyhoKqQYK2Ime1zSahg9ZN2kKvIib7C-6byIXinfsSwLqYotfmbgnAhKWbkmLe0H1exjGlVNo3PbeffyGiCSXhJeLKjZbQY64tFRc8dsAZbPs-Z8JdJevfYFLFiLMwDgE72cno8qVr_u0Padad7nVS4COxUIhHOQYgpSmvUMEGboM3CsUM2og_TSbw_IO-3vQhqAAFY5z4quLiUBHQgG8XtvtY41vLTC1QE8QtklzdlDizzqVyi3-6jjJF5zwk7FKEC5i3YVcri80OQ","e":"AQAB"},{"kty":"EC","kid":"KzjAlSsbIOwVFiIIwCYCCbBqpIo","use":"enc","x":"HwQFbvooWaAq515UMdvmkO1UWPkNDdA_qZRa8IVFj9rNrJqCNoWdlqpj5FleNtp6","y":"VIcGW0nzSGg-q7T-2_ASoM0yV6Kdt6sZ2qs-TofYgc_KK5ELK51xXLYC2xo7fWIR","crv":"P-384"},{"kty":"EC","kid":"fFAQokYoa7US-nQ-gkuYSr6ecKw","use":"enc","x":"ACf2RdpVPGLjUCt3OUTauJxbPWy919U9JaDfYBTzwrbULjQJtz-Zh25Dh32b8AZuwMFRgaAczasWT0WEzwetFl6C","y":"AFw0YooEteyQTFCkWZRV6TDUPKsH00ORr1Wf3pzHWpzdqHsDM0zaZhscBEdKgoT1rkCR5QGoCqRgGHCRckS3yAlG","crv":"P-521"},{"kty":"EC","kid":"qql_YRt2axSrWYHdk1BizVZzaOw","use":"enc","x":"N29loZC6PUaj6I3kMqjheiw3xZ186lLpSatc-y3YvBs","y":"TjkmhRvQjwa9Kc23MQ365H8PtgP6Zy1qk3vqxW7aiiM","crv":"P-256"}]}
2021-01-21 15:42:04 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "kid": "EXQV_y9TC1OfnM83rEwLWOIrzmU",
      "use": "sig",
      "x": "hNHvZVTVSO-qbjPM_XS-YhYXcHMfAxDRQUDwkfukoR4",
      "y": "YDG2UzJkHuRxYEd7N_ohGvPQzDl84ZYaw2XsgKWKoeU",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "KvxGGZPwxfj4gsq2JXqFEgcwQFA",
      "use": "sig",
      "x": "Ac5hnMIa-drtQAS1ZZkfQvIS2tJim9IOGs6Gp-tbS0syMFjpsThlaOB9NeaFPGEjshLmSE4QJjJBvWCeer1fweNj",
      "y": "ASs1ys7gg8w5oiiH-eFNAt8PISGhIkslWD1Bm2sQ1p5u939UlqTp3U5SaIU-wpG5ggPdEPkly6TE9KRycSoTg1Kr",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "WGV_9ai15AXwsi1YHnmLZpIIv9A",
      "use": "sig",
      "x": "B4lfWxXqv_iDM-xp0zPEjCKGzjPoaWBRlZk8za4_0_AgoEHXdvMTJ-JkYe1I3Nag",
      "y": "pZFH997Zh09tGsWvvG2KjPrTGEUs2bVUv5eKIqLw0yS86VCgPj1wOX5VpvphORTH",
      "crv": "P-384"
    },
    {
      "kty": "RSA",
      "kid": "dHIY6Q4KI3NJPUDL6sbhv1IGn40",
      "use": "sig",
      "n": "gGIOUiMNdddk6NkbcSSvJJHSy5Fg9RGxpQ2vjpaj78moyKcecY44o50bUiYP8isOEjLYPffG-jkLKMbVUVYOvT43181RBRU8sUD2N5X6uCzLKUafAF-vB7RhTYpN1oeew7lnpUkXvXk5yg6mRDwF8eSiBldPS-MABSp0YiBjXEEU0y-MuJyzwf5ANJ7JYuVvo06ZJ7nuiTzh6gBQotn5t7O8o7dFu-GL9zuhOiryAF4FIM4DsEaVrO5twQutEiY6dmWEXWSrEKpmTorp7cmEtLI6WJXnhEKyfnbbo7VOZJyZu49w9Rq_cw70ETr4XKnD5YpvfOP-PP0Sw_3gJAy4BQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "5ux7tpMjt6DjmJA4vXPhrWvb2ko",
      "use": "sig",
      "x": "pVCPl3POPy3p7O0UpX4Vv56rSQzejk2_GbEFkI5ifEYkXodkndfqD_29h7JAKOEW",
      "y": "vA3G9Cndjl6hFWOHlxIYEJIiIrm-p-06WhL8Y_z06jdSlWlHqB6vtfTaB4azXQ_c",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "DZKPmdul93whyB2Ejs-bvRa6o8Q",
      "use": "sig",
      "x": "iNk94QFDSU54ukjsKZeTXwIk9TUeGc_eoLgMTYMUSnE",
      "y": "jjscdJzv7xyZTBx6UBfEsVsLjCharr4_1mStwahtICo",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "bQkr5Bh_gSscNMUxg79mQEpC90o",
      "use": "sig",
      "n": "gu08lDoyl03hMteIrZMaRDd7qJKkIw3e1YNAIBNRMpqAA8RLpuWMkKvbP5TDWdrD6zVT6uyNzS4_ULgNbs6yzLo4QNpOinn0J4hdp9eVhj7wuG3prqnmYmEC9EdwuW_ybEgJRMApgNkxMQBV0p-Kxrax2HXo2aXif8yaJ5rRfwUM--PhpBvF7oYAKMazPbfLMsjSzuWsl2HkvgLPj2jbMB2ljbXurySdResp4xr6fqyjCbh9cXHWOgUwUzk6UuNmWqTltb_q03GQl-GypuT3WmFPcq_idUEMDo2dFg8Cej_93L5duWSVdWKMG03Q4mglDQ9qZ2rEJBFI0mbmdcgeVw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "nFudxtMVwGB3gZh-x2Mdka49KbM",
      "use": "sig",
      "x": "AIcLHGRy0Z75WHnL_tgmes-vr4LESbdThkN9tdrO4rssSbj-Qra7ZIpwn0ry-Xqau-ASxhLDKtD0QsGlr5B9nFHq",
      "y": "ARwaLSnYarBus8ohqPHgJbrGbAqK4PqqBJ3BdOc6E93DlSZMtRgEblU2R67Ebudmbep85HJLmb0lTPTNm_wYpVQ-",
      "crv": "P-521"
    },
    {
      "kty": "RSA",
      "kid": "JTfNDZoI0QT6c6-5IxJshb3zc8w",
      "use": "enc",
      "n": "pq-E_g7CpY4VZtFmsraRs466wCPXDYFaxtfjcnRJciZnSovjI2_SvTSINe9db-V3pRfIDyQiyhoKqQYK2Ime1zSahg9ZN2kKvIib7C-6byIXinfsSwLqYotfmbgnAhKWbkmLe0H1exjGlVNo3PbeffyGiCSXhJeLKjZbQY64tFRc8dsAZbPs-Z8JdJevfYFLFiLMwDgE72cno8qVr_u0Padad7nVS4COxUIhHOQYgpSmvUMEGboM3CsUM2og_TSbw_IO-3vQhqAAFY5z4quLiUBHQgG8XtvtY41vLTC1QE8QtklzdlDizzqVyi3-6jjJF5zwk7FKEC5i3YVcri80OQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "KzjAlSsbIOwVFiIIwCYCCbBqpIo",
      "use": "enc",
      "x": "HwQFbvooWaAq515UMdvmkO1UWPkNDdA_qZRa8IVFj9rNrJqCNoWdlqpj5FleNtp6",
      "y": "VIcGW0nzSGg-q7T-2_ASoM0yV6Kdt6sZ2qs-TofYgc_KK5ELK51xXLYC2xo7fWIR",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "fFAQokYoa7US-nQ-gkuYSr6ecKw",
      "use": "enc",
      "x": "ACf2RdpVPGLjUCt3OUTauJxbPWy919U9JaDfYBTzwrbULjQJtz-Zh25Dh32b8AZuwMFRgaAczasWT0WEzwetFl6C",
      "y": "AFw0YooEteyQTFCkWZRV6TDUPKsH00ORr1Wf3pzHWpzdqHsDM0zaZhscBEdKgoT1rkCR5QGoCqRgGHCRckS3yAlG",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "qql_YRt2axSrWYHdk1BizVZzaOw",
      "use": "enc",
      "x": "N29loZC6PUaj6I3kMqjheiw3xZ186lLpSatc-y3YvBs",
      "y": "TjkmhRvQjwa9Kc23MQ365H8PtgP6Zy1qk3vqxW7aiiM",
      "crv": "P-256"
    }
  ]
}
2021-01-21 15:42:04 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "kid": "EXQV_y9TC1OfnM83rEwLWOIrzmU",
      "use": "sig",
      "x": "hNHvZVTVSO-qbjPM_XS-YhYXcHMfAxDRQUDwkfukoR4",
      "y": "YDG2UzJkHuRxYEd7N_ohGvPQzDl84ZYaw2XsgKWKoeU",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "KvxGGZPwxfj4gsq2JXqFEgcwQFA",
      "use": "sig",
      "x": "Ac5hnMIa-drtQAS1ZZkfQvIS2tJim9IOGs6Gp-tbS0syMFjpsThlaOB9NeaFPGEjshLmSE4QJjJBvWCeer1fweNj",
      "y": "ASs1ys7gg8w5oiiH-eFNAt8PISGhIkslWD1Bm2sQ1p5u939UlqTp3U5SaIU-wpG5ggPdEPkly6TE9KRycSoTg1Kr",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "WGV_9ai15AXwsi1YHnmLZpIIv9A",
      "use": "sig",
      "x": "B4lfWxXqv_iDM-xp0zPEjCKGzjPoaWBRlZk8za4_0_AgoEHXdvMTJ-JkYe1I3Nag",
      "y": "pZFH997Zh09tGsWvvG2KjPrTGEUs2bVUv5eKIqLw0yS86VCgPj1wOX5VpvphORTH",
      "crv": "P-384"
    },
    {
      "kty": "RSA",
      "kid": "dHIY6Q4KI3NJPUDL6sbhv1IGn40",
      "use": "sig",
      "n": "gGIOUiMNdddk6NkbcSSvJJHSy5Fg9RGxpQ2vjpaj78moyKcecY44o50bUiYP8isOEjLYPffG-jkLKMbVUVYOvT43181RBRU8sUD2N5X6uCzLKUafAF-vB7RhTYpN1oeew7lnpUkXvXk5yg6mRDwF8eSiBldPS-MABSp0YiBjXEEU0y-MuJyzwf5ANJ7JYuVvo06ZJ7nuiTzh6gBQotn5t7O8o7dFu-GL9zuhOiryAF4FIM4DsEaVrO5twQutEiY6dmWEXWSrEKpmTorp7cmEtLI6WJXnhEKyfnbbo7VOZJyZu49w9Rq_cw70ETr4XKnD5YpvfOP-PP0Sw_3gJAy4BQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "5ux7tpMjt6DjmJA4vXPhrWvb2ko",
      "use": "sig",
      "x": "pVCPl3POPy3p7O0UpX4Vv56rSQzejk2_GbEFkI5ifEYkXodkndfqD_29h7JAKOEW",
      "y": "vA3G9Cndjl6hFWOHlxIYEJIiIrm-p-06WhL8Y_z06jdSlWlHqB6vtfTaB4azXQ_c",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "DZKPmdul93whyB2Ejs-bvRa6o8Q",
      "use": "sig",
      "x": "iNk94QFDSU54ukjsKZeTXwIk9TUeGc_eoLgMTYMUSnE",
      "y": "jjscdJzv7xyZTBx6UBfEsVsLjCharr4_1mStwahtICo",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "bQkr5Bh_gSscNMUxg79mQEpC90o",
      "use": "sig",
      "n": "gu08lDoyl03hMteIrZMaRDd7qJKkIw3e1YNAIBNRMpqAA8RLpuWMkKvbP5TDWdrD6zVT6uyNzS4_ULgNbs6yzLo4QNpOinn0J4hdp9eVhj7wuG3prqnmYmEC9EdwuW_ybEgJRMApgNkxMQBV0p-Kxrax2HXo2aXif8yaJ5rRfwUM--PhpBvF7oYAKMazPbfLMsjSzuWsl2HkvgLPj2jbMB2ljbXurySdResp4xr6fqyjCbh9cXHWOgUwUzk6UuNmWqTltb_q03GQl-GypuT3WmFPcq_idUEMDo2dFg8Cej_93L5duWSVdWKMG03Q4mglDQ9qZ2rEJBFI0mbmdcgeVw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "nFudxtMVwGB3gZh-x2Mdka49KbM",
      "use": "sig",
      "x": "AIcLHGRy0Z75WHnL_tgmes-vr4LESbdThkN9tdrO4rssSbj-Qra7ZIpwn0ry-Xqau-ASxhLDKtD0QsGlr5B9nFHq",
      "y": "ARwaLSnYarBus8ohqPHgJbrGbAqK4PqqBJ3BdOc6E93DlSZMtRgEblU2R67Ebudmbep85HJLmb0lTPTNm_wYpVQ-",
      "crv": "P-521"
    },
    {
      "kty": "RSA",
      "kid": "JTfNDZoI0QT6c6-5IxJshb3zc8w",
      "use": "enc",
      "n": "pq-E_g7CpY4VZtFmsraRs466wCPXDYFaxtfjcnRJciZnSovjI2_SvTSINe9db-V3pRfIDyQiyhoKqQYK2Ime1zSahg9ZN2kKvIib7C-6byIXinfsSwLqYotfmbgnAhKWbkmLe0H1exjGlVNo3PbeffyGiCSXhJeLKjZbQY64tFRc8dsAZbPs-Z8JdJevfYFLFiLMwDgE72cno8qVr_u0Padad7nVS4COxUIhHOQYgpSmvUMEGboM3CsUM2og_TSbw_IO-3vQhqAAFY5z4quLiUBHQgG8XtvtY41vLTC1QE8QtklzdlDizzqVyi3-6jjJF5zwk7FKEC5i3YVcri80OQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "KzjAlSsbIOwVFiIIwCYCCbBqpIo",
      "use": "enc",
      "x": "HwQFbvooWaAq515UMdvmkO1UWPkNDdA_qZRa8IVFj9rNrJqCNoWdlqpj5FleNtp6",
      "y": "VIcGW0nzSGg-q7T-2_ASoM0yV6Kdt6sZ2qs-TofYgc_KK5ELK51xXLYC2xo7fWIR",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "fFAQokYoa7US-nQ-gkuYSr6ecKw",
      "use": "enc",
      "x": "ACf2RdpVPGLjUCt3OUTauJxbPWy919U9JaDfYBTzwrbULjQJtz-Zh25Dh32b8AZuwMFRgaAczasWT0WEzwetFl6C",
      "y": "AFw0YooEteyQTFCkWZRV6TDUPKsH00ORr1Wf3pzHWpzdqHsDM0zaZhscBEdKgoT1rkCR5QGoCqRgGHCRckS3yAlG",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "qql_YRt2axSrWYHdk1BizVZzaOw",
      "use": "enc",
      "x": "N29loZC6PUaj6I3kMqjheiw3xZ186lLpSatc-y3YvBs",
      "y": "TjkmhRvQjwa9Kc23MQ365H8PtgP6Zy1qk3vqxW7aiiM",
      "crv": "P-256"
    }
  ]
}
2021-01-21 15:42:04 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-01-21 15:42:04 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2021-01-21 15:42:04 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-01-21 15:42:04 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "kid": "EXQV_y9TC1OfnM83rEwLWOIrzmU",
      "use": "sig",
      "x": "hNHvZVTVSO-qbjPM_XS-YhYXcHMfAxDRQUDwkfukoR4",
      "y": "YDG2UzJkHuRxYEd7N_ohGvPQzDl84ZYaw2XsgKWKoeU",
      "crv": "P-256"
    },
    {
      "kty": "EC",
      "kid": "KvxGGZPwxfj4gsq2JXqFEgcwQFA",
      "use": "sig",
      "x": "Ac5hnMIa-drtQAS1ZZkfQvIS2tJim9IOGs6Gp-tbS0syMFjpsThlaOB9NeaFPGEjshLmSE4QJjJBvWCeer1fweNj",
      "y": "ASs1ys7gg8w5oiiH-eFNAt8PISGhIkslWD1Bm2sQ1p5u939UlqTp3U5SaIU-wpG5ggPdEPkly6TE9KRycSoTg1Kr",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "WGV_9ai15AXwsi1YHnmLZpIIv9A",
      "use": "sig",
      "x": "B4lfWxXqv_iDM-xp0zPEjCKGzjPoaWBRlZk8za4_0_AgoEHXdvMTJ-JkYe1I3Nag",
      "y": "pZFH997Zh09tGsWvvG2KjPrTGEUs2bVUv5eKIqLw0yS86VCgPj1wOX5VpvphORTH",
      "crv": "P-384"
    },
    {
      "kty": "RSA",
      "kid": "dHIY6Q4KI3NJPUDL6sbhv1IGn40",
      "use": "sig",
      "n": "gGIOUiMNdddk6NkbcSSvJJHSy5Fg9RGxpQ2vjpaj78moyKcecY44o50bUiYP8isOEjLYPffG-jkLKMbVUVYOvT43181RBRU8sUD2N5X6uCzLKUafAF-vB7RhTYpN1oeew7lnpUkXvXk5yg6mRDwF8eSiBldPS-MABSp0YiBjXEEU0y-MuJyzwf5ANJ7JYuVvo06ZJ7nuiTzh6gBQotn5t7O8o7dFu-GL9zuhOiryAF4FIM4DsEaVrO5twQutEiY6dmWEXWSrEKpmTorp7cmEtLI6WJXnhEKyfnbbo7VOZJyZu49w9Rq_cw70ETr4XKnD5YpvfOP-PP0Sw_3gJAy4BQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "5ux7tpMjt6DjmJA4vXPhrWvb2ko",
      "use": "sig",
      "x": "pVCPl3POPy3p7O0UpX4Vv56rSQzejk2_GbEFkI5ifEYkXodkndfqD_29h7JAKOEW",
      "y": "vA3G9Cndjl6hFWOHlxIYEJIiIrm-p-06WhL8Y_z06jdSlWlHqB6vtfTaB4azXQ_c",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "DZKPmdul93whyB2Ejs-bvRa6o8Q",
      "use": "sig",
      "x": "iNk94QFDSU54ukjsKZeTXwIk9TUeGc_eoLgMTYMUSnE",
      "y": "jjscdJzv7xyZTBx6UBfEsVsLjCharr4_1mStwahtICo",
      "crv": "P-256"
    },
    {
      "kty": "RSA",
      "kid": "bQkr5Bh_gSscNMUxg79mQEpC90o",
      "use": "sig",
      "n": "gu08lDoyl03hMteIrZMaRDd7qJKkIw3e1YNAIBNRMpqAA8RLpuWMkKvbP5TDWdrD6zVT6uyNzS4_ULgNbs6yzLo4QNpOinn0J4hdp9eVhj7wuG3prqnmYmEC9EdwuW_ybEgJRMApgNkxMQBV0p-Kxrax2HXo2aXif8yaJ5rRfwUM--PhpBvF7oYAKMazPbfLMsjSzuWsl2HkvgLPj2jbMB2ljbXurySdResp4xr6fqyjCbh9cXHWOgUwUzk6UuNmWqTltb_q03GQl-GypuT3WmFPcq_idUEMDo2dFg8Cej_93L5duWSVdWKMG03Q4mglDQ9qZ2rEJBFI0mbmdcgeVw",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "nFudxtMVwGB3gZh-x2Mdka49KbM",
      "use": "sig",
      "x": "AIcLHGRy0Z75WHnL_tgmes-vr4LESbdThkN9tdrO4rssSbj-Qra7ZIpwn0ry-Xqau-ASxhLDKtD0QsGlr5B9nFHq",
      "y": "ARwaLSnYarBus8ohqPHgJbrGbAqK4PqqBJ3BdOc6E93DlSZMtRgEblU2R67Ebudmbep85HJLmb0lTPTNm_wYpVQ-",
      "crv": "P-521"
    },
    {
      "kty": "RSA",
      "kid": "JTfNDZoI0QT6c6-5IxJshb3zc8w",
      "use": "enc",
      "n": "pq-E_g7CpY4VZtFmsraRs466wCPXDYFaxtfjcnRJciZnSovjI2_SvTSINe9db-V3pRfIDyQiyhoKqQYK2Ime1zSahg9ZN2kKvIib7C-6byIXinfsSwLqYotfmbgnAhKWbkmLe0H1exjGlVNo3PbeffyGiCSXhJeLKjZbQY64tFRc8dsAZbPs-Z8JdJevfYFLFiLMwDgE72cno8qVr_u0Padad7nVS4COxUIhHOQYgpSmvUMEGboM3CsUM2og_TSbw_IO-3vQhqAAFY5z4quLiUBHQgG8XtvtY41vLTC1QE8QtklzdlDizzqVyi3-6jjJF5zwk7FKEC5i3YVcri80OQ",
      "e": "AQAB"
    },
    {
      "kty": "EC",
      "kid": "KzjAlSsbIOwVFiIIwCYCCbBqpIo",
      "use": "enc",
      "x": "HwQFbvooWaAq515UMdvmkO1UWPkNDdA_qZRa8IVFj9rNrJqCNoWdlqpj5FleNtp6",
      "y": "VIcGW0nzSGg-q7T-2_ASoM0yV6Kdt6sZ2qs-TofYgc_KK5ELK51xXLYC2xo7fWIR",
      "crv": "P-384"
    },
    {
      "kty": "EC",
      "kid": "fFAQokYoa7US-nQ-gkuYSr6ecKw",
      "use": "enc",
      "x": "ACf2RdpVPGLjUCt3OUTauJxbPWy919U9JaDfYBTzwrbULjQJtz-Zh25Dh32b8AZuwMFRgaAczasWT0WEzwetFl6C",
      "y": "AFw0YooEteyQTFCkWZRV6TDUPKsH00ORr1Wf3pzHWpzdqHsDM0zaZhscBEdKgoT1rkCR5QGoCqRgGHCRckS3yAlG",
      "crv": "P-521"
    },
    {
      "kty": "EC",
      "kid": "qql_YRt2axSrWYHdk1BizVZzaOw",
      "use": "enc",
      "x": "N29loZC6PUaj6I3kMqjheiw3xZ186lLpSatc-y3YvBs",
      "y": "TjkmhRvQjwa9Kc23MQ365H8PtgP6Zy1qk3vqxW7aiiM",
      "crv": "P-256"
    }
  ]
}
Verify First client: static client configuration
2021-01-21 15:42:04 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
conformance1
scope
openid test
jwks
{
  "keys": [
    {
      "kty": "EC",
      "d": "QPg1PBy12DhqqGeiuWBoIdhrfbOutP8nfSND46mdTgU",
      "use": "sig",
      "crv": "P-256",
      "kid": "2HKyz2Uc4F8hRcwyuPgA5Eg_salnEe7pfujUkvj2yew",
      "x": "NK3-2enqupOW-PGDSp2X2vrtqFIVnsVMciZdVwa7p8Q",
      "y": "Yrp1yMUYXZcWbHRzsXlH94v2SJZs0lxRbbCpvo1kcUw",
      "alg": "ES256"
    }
  ]
}
hint_type
login_hint
hint_value
patrick
2021-01-21 15:42:04 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2021-01-21 15:42:04 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "d": "QPg1PBy12DhqqGeiuWBoIdhrfbOutP8nfSND46mdTgU",
      "use": "sig",
      "crv": "P-256",
      "kid": "2HKyz2Uc4F8hRcwyuPgA5Eg_salnEe7pfujUkvj2yew",
      "x": "NK3-2enqupOW-PGDSp2X2vrtqFIVnsVMciZdVwa7p8Q",
      "y": "Yrp1yMUYXZcWbHRzsXlH94v2SJZs0lxRbbCpvo1kcUw",
      "alg": "ES256"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "2HKyz2Uc4F8hRcwyuPgA5Eg_salnEe7pfujUkvj2yew",
      "x": "NK3-2enqupOW-PGDSp2X2vrtqFIVnsVMciZdVwa7p8Q",
      "y": "Yrp1yMUYXZcWbHRzsXlH94v2SJZs0lxRbbCpvo1kcUw",
      "alg": "ES256"
    }
  ]
}
2021-01-21 15:42:04 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2021-01-21 15:42:04 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEmIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAABPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxNUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xjs7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhusexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmFG9y5Fqs=
key
MIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8qafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCBr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7zrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3Z7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/TSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/XgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1TpZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7L92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfgg6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznXNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4HCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEjeh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85JIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/Irb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetdlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+FdR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7UqyZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P
ca
MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g==
2021-01-21 15:42:04 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2021-01-21 15:42:04 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-01-21 15:42:04 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2021-01-21 15:42:04 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "d": "QPg1PBy12DhqqGeiuWBoIdhrfbOutP8nfSND46mdTgU",
      "use": "sig",
      "crv": "P-256",
      "kid": "2HKyz2Uc4F8hRcwyuPgA5Eg_salnEe7pfujUkvj2yew",
      "x": "NK3-2enqupOW-PGDSp2X2vrtqFIVnsVMciZdVwa7p8Q",
      "y": "Yrp1yMUYXZcWbHRzsXlH94v2SJZs0lxRbbCpvo1kcUw",
      "alg": "ES256"
    }
  ]
}
2021-01-21 15:42:04 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify Second client: static client configuration
2021-01-21 15:42:04 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
conformance2
scope
openid test
jwks
{
  "keys": [
    {
      "kty": "EC",
      "d": "MTbmR5F_tN0zlvVrwESkMNHB-ZLoRpk3dlxHYged3Ik",
      "use": "sig",
      "crv": "P-256",
      "kid": "6waBCAJKuKMvSU3k540XHPx_4gJx01tmQh8giaYjj1k",
      "x": "XW7xFTCnyPLhhWb_dE0fIIavYTbilf3HDsUELAC5SwI",
      "y": "sm9SrdwPWJ_oQ5tbsDMi6xnsaoLWZLTFyy0L2q5vURE",
      "alg": "ES256"
    }
  ]
}
acr_value
high
2021-01-21 15:42:04 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2021-01-21 15:42:04 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "d": "MTbmR5F_tN0zlvVrwESkMNHB-ZLoRpk3dlxHYged3Ik",
      "use": "sig",
      "crv": "P-256",
      "kid": "6waBCAJKuKMvSU3k540XHPx_4gJx01tmQh8giaYjj1k",
      "x": "XW7xFTCnyPLhhWb_dE0fIIavYTbilf3HDsUELAC5SwI",
      "y": "sm9SrdwPWJ_oQ5tbsDMi6xnsaoLWZLTFyy0L2q5vURE",
      "alg": "ES256"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "6waBCAJKuKMvSU3k540XHPx_4gJx01tmQh8giaYjj1k",
      "x": "XW7xFTCnyPLhhWb_dE0fIIavYTbilf3HDsUELAC5SwI",
      "y": "sm9SrdwPWJ_oQ5tbsDMi6xnsaoLWZLTFyy0L2q5vURE",
      "alg": "ES256"
    }
  ]
}
2021-01-21 15:42:04 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2021-01-21 15:42:04 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpndMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQyNzM5WhcNMjIwMjA1MTQyNzM5WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIxDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIwDQYJKoZIhvcNAQELBQADggEBAAqCOmoKF4tCpTRVdVnfFGoQ7Zqv4HDt2mM7Uq/5qlaj0h0aMaHUO+w3ouNdNuFxjww0d9BDjXDatOSlWKitS2eTc1AdSACIsxtIVrp7CarJPoCA3YwiSKaGGxgByIdx5EINCgqcm2AaP7nCb5oLPNawJCASvFT4lEUCwkPKRuxOd36lWIH9mKVjhsfRMrnUfrccAuXCpg+qzbl4WHS1ZVKi93qLrBWp7AphhbeZ8tsrkkEQcXiYHdkdZnrpctcrMPODnNLwX1Bw0acYdwuLHfvb1k8zW/Tn5pzDLc5A401sZswxu4l8oRQtFeIV1qgZUvGmvJ4qbQF997SKvmmVwUw=
key
MIIEowIBAAKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABAoIBAEizzjTi8x/RaPs4SVKUYRFMnUsO5fRNrn1Cq7IJYovI/rUyEHtJNLK3vrtYYY74tjzHR/+xKFzMHg359JbKb2Iqo7j/mJG75AENBrCgauNowVW7y/4pU03SyhLOQrKN30w1Qj7RH0eDrYI58kOkJOf0ev285BGn06hcALs+AVDBBh6CSbD0jR3Z4ZrlTeCk+91JYGmSdJAIjBd65mUAaiJ6g0oEI22BL9StlOIAg6XD3xAJ//CcrumvA3AwMYoE+e1F0HjlVkpIHmAl1cr+4muPC80/YKnC5s9Bwvq/EeJhfVMsnaBQYiobcKr7QNW2WUn1gfYQM3jo3ShbcraGYjECgYEA6QP0Dz2h6jw1FLaC0Q9/xNnCvJSeLx6gb1s/cqVgNWjTVZoq2mv6ak9wJ0emq7nf5+Gbj22bIGiC/dQNLTjCFEbDW2bzgiMYWLDCu+xHHcRql5JixZrX4fy53qlXpKOncMu1nd0T77aTOb4yKhqF8yp7p0ayR4qyB/tqsQNniSMCgYEA1Cde41Wsp+ECT+g/siAFgDTwRWZj2l5zrhsPJpAhMnUn9kgn14b9Ag8Z7mBZZTP1eTVyi27tSKT1hVKH6X4jlB5WWGSg78x2XUq9YdWZ4fIL6g5vWfHMZVHcZp2AcTsF5GKXLRxFPphmCIr2fBPNbvcGXyhABX71oB/T+93m+40CgYBQaDvU8oioAqSyhBR6PeXyMM7BMmuviNsF8i/fyO99HrImjO+StcYQ316tP01lXtvD8ZczlDf+o/Hn0z/Exhw60Pxi0xDebGvfVwerv2n+/KNnsG0DEV7DrekZy8fhmVOTWchPNFXH13HQcDBxVPu6IIPRAlVM2LB8jqaPdMRKjwKBgBMzGPBD8aMjxtzKbPFG2piWsePl90Vs5NUt17oqswZo+dvc/dYQflcwXK1pBM4W3LFCeAJMYKcBXsLZDDnCU5/0+uV2/eWVwGSC/g6bkRiUmiVtdwBR1KiatvKGcHhO2iKoFXxcoZufmSROxy3FcQMI0gfMkbatnbcHCl0x4NSFAoGBANUjORpeHOjACkC5K223B7EMTKTafWFAeiHlxspIKXhTXCy7kPvP/g3BaVhTqmWvpaxeI13HpQsxGjlwQSd7LO8T42nsX/VIpt3mOokQ/hdU/RvYZDJFclDz6M0VjCsshxg+dh8CEfrMAeZ36SXKIqdjXfLQ8yeeQF+fJNHzeXPB
ca
MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g==
2021-01-21 15:42:04 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2021-01-21 15:42:04 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-01-21 15:42:04 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2021-01-21 15:42:04 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "d": "MTbmR5F_tN0zlvVrwESkMNHB-ZLoRpk3dlxHYged3Ik",
      "use": "sig",
      "crv": "P-256",
      "kid": "6waBCAJKuKMvSU3k540XHPx_4gJx01tmQh8giaYjj1k",
      "x": "XW7xFTCnyPLhhWb_dE0fIIavYTbilf3HDsUELAC5SwI",
      "y": "sm9SrdwPWJ_oQ5tbsDMi6xnsaoLWZLTFyy0L2q5vURE",
      "alg": "ES256"
    }
  ]
}
2021-01-21 15:42:04 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2021-01-21 15:42:04 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://emea-conformance.ping-eng.com:3000/get
2021-01-21 15:42:04 SUCCESS
SetProtectedResourceUrlToSingleResourceEndpoint
Set protected resource URL
protected_resource_url
https://emea-conformance.ping-eng.com:3000/get
2021-01-21 15:42:04 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "emea-conformance.ping-eng.com",
  "testPort": 3000
}
2021-01-21 15:42:04 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "emea-conformance.ping-eng.com",
  "testPort": 3000
}
accounts_request_endpoint
{
  "testHost": "emea-conformance.ping-eng.com",
  "testPort": 3000
}
2021-01-21 15:42:04
fapi-ciba-id1-refresh-token
Setup Done
Call backchannel authentication endpoint
2021-01-21 15:42:04 SUCCESS
CreateEmptyAuthorizationEndpointRequest
Created empty authorization endpoint request
2021-01-21 15:42:04 SUCCESS
AddScopeToAuthorizationEndpointRequest
Added scope of 'openid test' to authorization endpoint request
scope
openid test
2021-01-21 15:42:04 SUCCESS
AddHintToAuthorizationEndpointRequest
Added hint to authorization endpoint request
login_hint
patrick
2021-01-21 15:42:04 SUCCESS
AddBindingMessageToAuthorizationEndpointRequest
Added binding message to authorization endpoint request
binding_message
1234
2021-01-21 15:42:04 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "scope": "openid test",
  "login_hint": "patrick",
  "binding_message": "1234"
}
2021-01-21 15:42:04 SUCCESS
AddIatToRequestObject
Added iat to request object claims
iat
1.611243724E9
2021-01-21 15:42:04 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.611244024E9
2021-01-21 15:42:04 SUCCESS
AddNbfToRequestObject
Added nbf to request object claims
nbf
1.611243724E9
2021-01-21 15:42:04 SUCCESS
AddJtiToRequestObject
Added jti to request object claims
jti
xA4Spn3CT3PUpuasA3i7
2021-01-21 15:42:04 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://emea-conformance.ping-eng.com:9031
2021-01-21 15:42:04 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
conformance1
2021-01-21 15:42:04 SUCCESS
SignRequestObject
Signed the request object
claims
{"aud":"https:\/\/emea-conformance.ping-eng.com:9031","login_hint":"patrick","nbf":1611243724,"scope":"openid test","iss":"conformance1","binding_message":"1234","exp":1611244024,"iat":1611243724,"jti":"xA4Spn3CT3PUpuasA3i7"}
header
{"kid":"2HKyz2Uc4F8hRcwyuPgA5Eg_salnEe7pfujUkvj2yew","alg":"ES256"}
request_object
eyJraWQiOiIySEt5ejJVYzRGOGhSY3d5dVBnQTVFZ19zYWxuRWU3cGZ1alVrdmoyeWV3IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImxvZ2luX2hpbnQiOiJwYXRyaWNrIiwibmJmIjoxNjExMjQzNzI0LCJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiaXNzIjoiY29uZm9ybWFuY2UxIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTYxMTI0NDAyNCwiaWF0IjoxNjExMjQzNzI0LCJqdGkiOiJ4QTRTcG4zQ1QzUFVwdWFzQTNpNyJ9.OPRw4S0_YLqjPZsbuw2e6Y4CKZNbWANI17jCmrY0-xdspGQ6OpHXSO5v4-sVKEfML76hdnOBundenIG_9aUDew
key
{"kty":"EC","d":"QPg1PBy12DhqqGeiuWBoIdhrfbOutP8nfSND46mdTgU","use":"sig","crv":"P-256","kid":"2HKyz2Uc4F8hRcwyuPgA5Eg_salnEe7pfujUkvj2yew","x":"NK3-2enqupOW-PGDSp2X2vrtqFIVnsVMciZdVwa7p8Q","y":"Yrp1yMUYXZcWbHRzsXlH94v2SJZs0lxRbbCpvo1kcUw","alg":"ES256"}
2021-01-21 15:42:04 SUCCESS
CreateBackchannelAuthenticationEndpointRequest
Created backchannel authentication endpoint request
2021-01-21 15:42:04
AddRequestToBackchannelAuthenticationEndpointRequest
request
eyJraWQiOiIySEt5ejJVYzRGOGhSY3d5dVBnQTVFZ19zYWxuRWU3cGZ1alVrdmoyeWV3IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImxvZ2luX2hpbnQiOiJwYXRyaWNrIiwibmJmIjoxNjExMjQzNzI0LCJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiaXNzIjoiY29uZm9ybWFuY2UxIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTYxMTI0NDAyNCwiaWF0IjoxNjExMjQzNzI0LCJqdGkiOiJ4QTRTcG4zQ1QzUFVwdWFzQTNpNyJ9.OPRw4S0_YLqjPZsbuw2e6Y4CKZNbWANI17jCmrY0-xdspGQ6OpHXSO5v4-sVKEfML76hdnOBundenIG_9aUDew
2021-01-21 15:42:04 SUCCESS
EnsureServerConfigurationSupportsMTLS
Found supported MTLS method
method
tls_client_auth
2021-01-21 15:42:04
AddClientIdToBackchannelAuthenticationEndpointRequest
request
eyJraWQiOiIySEt5ejJVYzRGOGhSY3d5dVBnQTVFZ19zYWxuRWU3cGZ1alVrdmoyeWV3IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImxvZ2luX2hpbnQiOiJwYXRyaWNrIiwibmJmIjoxNjExMjQzNzI0LCJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiaXNzIjoiY29uZm9ybWFuY2UxIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTYxMTI0NDAyNCwiaWF0IjoxNjExMjQzNzI0LCJqdGkiOiJ4QTRTcG4zQ1QzUFVwdWFzQTNpNyJ9.OPRw4S0_YLqjPZsbuw2e6Y4CKZNbWANI17jCmrY0-xdspGQ6OpHXSO5v4-sVKEfML76hdnOBundenIG_9aUDew
client_id
conformance1
2021-01-21 15:42:04
CallBackchannelAuthenticationEndpoint
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "509"
}
request_body
request=eyJraWQiOiIySEt5ejJVYzRGOGhSY3d5dVBnQTVFZ19zYWxuRWU3cGZ1alVrdmoyeWV3IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImxvZ2luX2hpbnQiOiJwYXRyaWNrIiwibmJmIjoxNjExMjQzNzI0LCJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiaXNzIjoiY29uZm9ybWFuY2UxIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTYxMTI0NDAyNCwiaWF0IjoxNjExMjQzNzI0LCJqdGkiOiJ4QTRTcG4zQ1QzUFVwdWFzQTNpNyJ9.OPRw4S0_YLqjPZsbuw2e6Y4CKZNbWANI17jCmrY0-xdspGQ6OpHXSO5v4-sVKEfML76hdnOBundenIG_9aUDew&client_id=conformance1
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEmIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAABPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxNUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xjs7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhusexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmFG9y5Fqs\u003d",
  "key": "MIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8qafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCBr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7zrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3Z7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/TSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/XgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1TpZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7L92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfgg6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznXNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4HCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEjeh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85JIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/Irb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetdlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+FdR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7UqyZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:05 RESPONSE
CallBackchannelAuthenticationEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:04 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003deMOoTzwlYP2u0L6VKrjR8j;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"auth_req_id":"i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg","interval":3,"expires_in":120}
2021-01-21 15:42:05
CallBackchannelAuthenticationEndpoint
Backchannel Authentication endpoint response
backchannel_authentication_endpoint_response
{"auth_req_id":"i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg","interval":3,"expires_in":120}
2021-01-21 15:42:05 SUCCESS
CallBackchannelAuthenticationEndpoint
Parsed backchannel authentication endpoint response
auth_req_id
i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg
interval
3
expires_in
120
2021-01-21 15:42:05 SUCCESS
CheckBackchannelAuthenticationEndpointHttpStatus200
Backchannel authentication endpoint http status code was 200
2021-01-21 15:42:05 SUCCESS
CheckBackchannelAuthenticationEndpointContentType
Backchannel authentication endpoint Content-Type: header is application/json
2021-01-21 15:42:05 SUCCESS
CheckIfBackchannelAuthenticationEndpointResponseError
No error from Backchannel authentication endpoint
2021-01-21 15:42:05 SUCCESS
ValidateAuthenticationRequestId
auth_req_id passed all validation checks
2021-01-21 15:42:05 SUCCESS
EnsureMinimumAuthenticationRequestIdLength
auth_req_id is of sufficient length
actual
464
required
128
2021-01-21 15:42:05 SUCCESS
EnsureMinimumAuthenticationRequestIdEntropy
Calculated shannon entropy seems sufficient
actual
307.00801021523563
expected
96.0
2021-01-21 15:42:05 SUCCESS
EnsureRecommendedAuthenticationRequestIdEntropy
Calculated entropy
actual
307.00801021523563
recommended
160.0
2021-01-21 15:42:05 SUCCESS
ValidateAuthenticationRequestIdExpiresIn
expires_in passed all validation checks
expires_in
120
2021-01-21 15:42:05 SUCCESS
ValidateAuthenticationRequestIdInterval
interval passed all validation checks
interval
3
Call token endpoint expecting pending
2021-01-21 15:42:05 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
grant_type
urn:openid:params:grant-type:ciba
2021-01-21 15:42:05
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg
2021-01-21 15:42:05 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg
client_id
conformance1
2021-01-21 15:42:05
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "146"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg&client_id=conformance1
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEmIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAABPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxNUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xjs7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhusexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmFG9y5Fqs\u003d",
  "key": "MIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8qafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCBr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7zrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3Z7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/TSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/XgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1TpZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7L92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfgg6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznXNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4HCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEjeh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85JIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/Irb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetdlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+FdR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7UqyZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:05 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:05 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dd7guO8hAZsf5gmZwWWPB4v;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"error_description":"Pending user authorization","error":"authorization_pending"}
2021-01-21 15:42:05 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
Pending user authorization
error
authorization_pending
2021-01-21 15:42:05 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Verify token endpoint response is pending or slow_down
2021-01-21 15:42:05 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2021-01-21 15:42:05 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
authorization_pending
2021-01-21 15:42:05 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
Pending user authorization
2021-01-21 15:42:05 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
Pending user authorization
2021-01-21 15:42:05 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2021-01-21 15:42:05 SUCCESS
EnsureErrorTokenEndpointSlowdownOrAuthorizationPending
error met 'slow_down' or 'authorization_pending'
error
authorization_pending
Call token endpoint expecting pending (second time)
2021-01-21 15:42:10 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
grant_type
urn:openid:params:grant-type:ciba
2021-01-21 15:42:10
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg
2021-01-21 15:42:10 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg
client_id
conformance1
2021-01-21 15:42:10
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "146"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg&client_id=conformance1
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEmIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAABPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxNUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xjs7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhusexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmFG9y5Fqs\u003d",
  "key": "MIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8qafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCBr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7zrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3Z7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/TSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/XgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1TpZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7L92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfgg6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznXNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4HCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEjeh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85JIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/Irb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetdlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+FdR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7UqyZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:11 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:11 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003djMpWPrhZp0krAW2bESHSAR;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"error_description":"Pending user authorization","error":"authorization_pending"}
2021-01-21 15:42:11 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
Pending user authorization
error
authorization_pending
2021-01-21 15:42:11 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Verify token endpoint response is pending or slow_down
2021-01-21 15:42:11 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2021-01-21 15:42:11 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
authorization_pending
2021-01-21 15:42:11 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
Pending user authorization
2021-01-21 15:42:11 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
Pending user authorization
2021-01-21 15:42:11 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2021-01-21 15:42:11 SUCCESS
EnsureErrorTokenEndpointSlowdownOrAuthorizationPending
error met 'slow_down' or 'authorization_pending'
error
authorization_pending
2021-01-21 15:42:11
CallAutomatedCibaApprovalEndpoint
If your server supports automated testing, you can set 'automated_ciba_approval_url' in your configuration to a url like https://cibasim.example.com/action?token={auth_req_id}&type={action} (auth_req_id will be automatically substituted for the current auth_req_id by the conformance suite, action will be allow or deny depending on the test)
Polling token endpoint waiting for user to authenticate
2021-01-21 15:42:16 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
grant_type
urn:openid:params:grant-type:ciba
2021-01-21 15:42:16
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg
2021-01-21 15:42:16 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg
client_id
conformance1
2021-01-21 15:42:16
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "146"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=i_4187TbCGHZoqts2jkUflF_oAx2BwBgCaFELYdwFRyuJIHZVibUkXmzRg&client_id=conformance1
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEmIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAABPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxNUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xjs7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhusexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmFG9y5Fqs\u003d",
  "key": "MIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8qafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCBr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7zrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3Z7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/TSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/XgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1TpZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7L92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfgg6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznXNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4HCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEjeh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85JIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/Irb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetdlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+FdR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7UqyZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:17 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:16 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dJziOrHfmWrtbQFyRJZxB82;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"access_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM3fQ.NiUDWNBALiB6pwQSXLiGgGhuorkxFdW9lhjC_QmARVBJWh6rkgJMv01NnZLJ_taOVDHaSSedgmu8G1vvavxob_QYm7QZFEyFlYj_fbSH1ZqB5bvghnM7pRAC8RXOvlPJvI8gCZraE8RZo2HeFFsIcWNWF7XH3Qmb8xsH2jSm8OmD--dllpRNVtENomGXwExyVAyufEWvb_vY2CjDdN1r3-QUPQhGKwvEBC6TVoRUoLClprhzxZ_LLx934nU4JtGd8l-Iaig_E-XpPAcx-b-jE5JlEb4jNM_2NfB6--ma3VVqsgUGydjPcsXkOC65IpEa2LJNf8EGqRZ_4qycIhuHPA","refresh_token":"jvgOrwtq3rcw6FxR9E2nBn2C98yi7OanvYWn9QTqtr","scope":"openid test","id_token":"eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UxIiwianRpIjoiQWVjSVp2UTJOTnpPY1I3VERhdFB1MyIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0MzczNywiZXhwIjoxNjExMjQ0MDM3fQ.9Iy_S0FDpDKw-81913Iu_PDVDVrIZbije12JXqH8flNT-E1rkBo-jev7_lBFnCcn2GM0DCn25xXrxj-A6vmTMw","token_type":"Bearer","expires_in":7199}
2021-01-21 15:42:17 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM3fQ.NiUDWNBALiB6pwQSXLiGgGhuorkxFdW9lhjC_QmARVBJWh6rkgJMv01NnZLJ_taOVDHaSSedgmu8G1vvavxob_QYm7QZFEyFlYj_fbSH1ZqB5bvghnM7pRAC8RXOvlPJvI8gCZraE8RZo2HeFFsIcWNWF7XH3Qmb8xsH2jSm8OmD--dllpRNVtENomGXwExyVAyufEWvb_vY2CjDdN1r3-QUPQhGKwvEBC6TVoRUoLClprhzxZ_LLx934nU4JtGd8l-Iaig_E-XpPAcx-b-jE5JlEb4jNM_2NfB6--ma3VVqsgUGydjPcsXkOC65IpEa2LJNf8EGqRZ_4qycIhuHPA
refresh_token
jvgOrwtq3rcw6FxR9E2nBn2C98yi7OanvYWn9QTqtr
scope
openid test
id_token
eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UxIiwianRpIjoiQWVjSVp2UTJOTnpPY1I3VERhdFB1MyIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0MzczNywiZXhwIjoxNjExMjQ0MDM3fQ.9Iy_S0FDpDKw-81913Iu_PDVDVrIZbije12JXqH8flNT-E1rkBo-jev7_lBFnCcn2GM0DCn25xXrxj-A6vmTMw
token_type
Bearer
expires_in
7199
2021-01-21 15:42:17 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Verify token endpoint response
2021-01-21 15:42:17 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2021-01-21 15:42:17 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-cache, no-store
pragma_header
no-cache
2021-01-21 15:42:17 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-01-21 15:42:17 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM3fQ.NiUDWNBALiB6pwQSXLiGgGhuorkxFdW9lhjC_QmARVBJWh6rkgJMv01NnZLJ_taOVDHaSSedgmu8G1vvavxob_QYm7QZFEyFlYj_fbSH1ZqB5bvghnM7pRAC8RXOvlPJvI8gCZraE8RZo2HeFFsIcWNWF7XH3Qmb8xsH2jSm8OmD--dllpRNVtENomGXwExyVAyufEWvb_vY2CjDdN1r3-QUPQhGKwvEBC6TVoRUoLClprhzxZ_LLx934nU4JtGd8l-Iaig_E-XpPAcx-b-jE5JlEb4jNM_2NfB6--ma3VVqsgUGydjPcsXkOC65IpEa2LJNf8EGqRZ_4qycIhuHPA
2021-01-21 15:42:17 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM3fQ.NiUDWNBALiB6pwQSXLiGgGhuorkxFdW9lhjC_QmARVBJWh6rkgJMv01NnZLJ_taOVDHaSSedgmu8G1vvavxob_QYm7QZFEyFlYj_fbSH1ZqB5bvghnM7pRAC8RXOvlPJvI8gCZraE8RZo2HeFFsIcWNWF7XH3Qmb8xsH2jSm8OmD--dllpRNVtENomGXwExyVAyufEWvb_vY2CjDdN1r3-QUPQhGKwvEBC6TVoRUoLClprhzxZ_LLx934nU4JtGd8l-Iaig_E-XpPAcx-b-jE5JlEb4jNM_2NfB6--ma3VVqsgUGydjPcsXkOC65IpEa2LJNf8EGqRZ_4qycIhuHPA
type
Bearer
2021-01-21 15:42:17 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2021-01-21 15:42:17 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2021-01-21 15:42:17 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
jvgOrwtq3rcw6FxR9E2nBn2C98yi7OanvYWn9QTqtr
2021-01-21 15:42:17 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
336
required
128
2021-01-21 15:42:17 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
196.967556752381
expected
96.0
2021-01-21 15:42:17 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
4784
required
128
2021-01-21 15:42:17 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
3515.0161469895897
expected
96.0
2021-01-21 15:42:17 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UxIiwianRpIjoiQWVjSVp2UTJOTnpPY1I3VERhdFB1MyIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0MzczNywiZXhwIjoxNjExMjQ0MDM3fQ.9Iy_S0FDpDKw-81913Iu_PDVDVrIZbije12JXqH8flNT-E1rkBo-jev7_lBFnCcn2GM0DCn25xXrxj-A6vmTMw
header
{
  "kid": "DZKPmdul93whyB2Ejs-bvRa6o8Q",
  "alg": "ES256"
}
claims
{
  "sub": "patrick",
  "aud": "conformance1",
  "iss": "https://emea-conformance.ping-eng.com:9031",
  "exp": 1611244037,
  "iat": 1611243737,
  "jti": "AecIZvQ2NNzOcR7TDatPu3"
}
2021-01-21 15:42:17 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2021-01-21 15:42:17 SUCCESS
EnsureIdTokenContainsKid
kid was found in the ID token header
kid
DZKPmdul93whyB2Ejs-bvRa6o8Q
2021-01-21 15:42:17 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UxIiwianRpIjoiQWVjSVp2UTJOTnpPY1I3VERhdFB1MyIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0MzczNywiZXhwIjoxNjExMjQ0MDM3fQ.9Iy_S0FDpDKw-81913Iu_PDVDVrIZbije12JXqH8flNT-E1rkBo-jev7_lBFnCcn2GM0DCn25xXrxj-A6vmTMw
2021-01-21 15:42:17 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UxIiwianRpIjoiQWVjSVp2UTJOTnpPY1I3VERhdFB1MyIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0MzczNywiZXhwIjoxNjExMjQ0MDM3fQ.9Iy_S0FDpDKw-81913Iu_PDVDVrIZbije12JXqH8flNT-E1rkBo-jev7_lBFnCcn2GM0DCn25xXrxj-A6vmTMw
2021-01-21 15:42:17 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
patrick
2021-01-21 15:42:17 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
ES256
2021-01-21 15:42:17 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2021-01-21 15:42:17 INFO
FAPIValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2021-01-21 15:42:17 INFO
FAPICIBAValidateIdTokenAuthRequestIdClaims
Skipped evaluation due to missing required element: id_token claims.urn:openid:params:jwt:claim:auth_req_id
path
claims.urn:openid:params:jwt:claim:auth_req_id
mapped
object
id_token
2021-01-21 15:42:17 SUCCESS
ValidateIdTokenNotIncludeCHashAndSHash
id_token claims correctly does not contain 'c_hash' and 's_hash'
claims
{
  "sub": "patrick",
  "aud": "conformance1",
  "iss": "https://emea-conformance.ping-eng.com:9031",
  "exp": 1611244037,
  "iat": 1611243737,
  "jti": "AecIZvQ2NNzOcR7TDatPu3"
}
2021-01-21 15:42:17 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2021-01-21 15:42:17 INFO
ExtractRtHash
Couldn't find urn:openid:params:jwt:claim:rt_hash claim in the ID token
2021-01-21 15:42:17 INFO
FAPICIBAValidateRtHash
Skipped evaluation due to missing required object: rt_hash
expected
rt_hash
mapped
2021-01-21 15:42:17 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Check for refresh token
2021-01-21 15:42:17 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
jvgOrwtq3rcw6FxR9E2nBn2C98yi7OanvYWn9QTqtr
2021-01-21 15:42:17 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "password",
  "client_credentials",
  "urn:pingidentity.com:oauth2:grant_type:validate_bearer",
  "urn:ietf:params:oauth:grant-type:jwt-bearer",
  "urn:ietf:params:oauth:grant-type:saml2-bearer",
  "urn:ietf:params:oauth:grant-type:device_code",
  "urn:ietf:params:oauth:grant-type:token-exchange",
  "urn:openid:params:grant-type:ciba"
]
2021-01-21 15:42:17 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2021-01-21 15:42:17 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
jvgOrwtq3rcw6FxR9E2nBn2C98yi7OanvYWn9QTqtr
2021-01-21 15:42:17 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid test' to token endpoint request
grant_type
refresh_token
refresh_token
jvgOrwtq3rcw6FxR9E2nBn2C98yi7OanvYWn9QTqtr
scope
openid test
2021-01-21 15:42:17 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
refresh_token
refresh_token
jvgOrwtq3rcw6FxR9E2nBn2C98yi7OanvYWn9QTqtr
scope
openid test
client_id
conformance1
2021-01-21 15:42:17 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2021-01-21 15:42:18 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2021-01-21 15:42:18
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "122"
}
request_body
grant_type=refresh_token&refresh_token=jvgOrwtq3rcw6FxR9E2nBn2C98yi7OanvYWn9QTqtr&scope=openid+test&client_id=conformance1
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEmIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAABPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxNUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xjs7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhusexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmFG9y5Fqs\u003d",
  "key": "MIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8qafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCBr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7zrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3Z7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/TSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/XgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1TpZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7L92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfgg6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznXNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4HCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEjeh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85JIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/Irb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetdlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+FdR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7UqyZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:18 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:18 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dzYdqL66jmM6BpaLWn2Y4Ux;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"access_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM4fQ.fm2yiyMUTutRzmLcWWydnSw0hOqYChu2DYFi0ODEAO7CC7w6zxcS8ALW3MTNJwTyBs2xVH_1dcnIDhypYa1JlfN0NYSfnDWFlK7zDD3Dtlv4WJZZmOMESC2-cT99-10J0vJ_4PQH54Eo6YWt3VTqHeTYvGr6xwyeugyRznNUZTfOxuvDcwhELrxF8o8-BBJmCWy3IGOHEMA6OKqbyvdUNjtX4ocJ6Fz9yF_6f0fNFTCe8h_T9_stIXAgQBYPzMz3y8bwswNrLF6vpc9yIdZFyG_nOCXObz6zNvhlTi5Lx_kocjzSFoB9-hzCjTghQ9qvL5rbd43dEeFNIgAdme5fMA","token_type":"Bearer","expires_in":7199}
2021-01-21 15:42:18 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM4fQ.fm2yiyMUTutRzmLcWWydnSw0hOqYChu2DYFi0ODEAO7CC7w6zxcS8ALW3MTNJwTyBs2xVH_1dcnIDhypYa1JlfN0NYSfnDWFlK7zDD3Dtlv4WJZZmOMESC2-cT99-10J0vJ_4PQH54Eo6YWt3VTqHeTYvGr6xwyeugyRznNUZTfOxuvDcwhELrxF8o8-BBJmCWy3IGOHEMA6OKqbyvdUNjtX4ocJ6Fz9yF_6f0fNFTCe8h_T9_stIXAgQBYPzMz3y8bwswNrLF6vpc9yIdZFyG_nOCXObz6zNvhlTi5Lx_kocjzSFoB9-hzCjTghQ9qvL5rbd43dEeFNIgAdme5fMA
token_type
Bearer
expires_in
7199
2021-01-21 15:42:18 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2021-01-21 15:42:18 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2021-01-21 15:42:18 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-cache, no-store
pragma_header
no-cache
2021-01-21 15:42:18 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-01-21 15:42:18 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM4fQ.fm2yiyMUTutRzmLcWWydnSw0hOqYChu2DYFi0ODEAO7CC7w6zxcS8ALW3MTNJwTyBs2xVH_1dcnIDhypYa1JlfN0NYSfnDWFlK7zDD3Dtlv4WJZZmOMESC2-cT99-10J0vJ_4PQH54Eo6YWt3VTqHeTYvGr6xwyeugyRznNUZTfOxuvDcwhELrxF8o8-BBJmCWy3IGOHEMA6OKqbyvdUNjtX4ocJ6Fz9yF_6f0fNFTCe8h_T9_stIXAgQBYPzMz3y8bwswNrLF6vpc9yIdZFyG_nOCXObz6zNvhlTi5Lx_kocjzSFoB9-hzCjTghQ9qvL5rbd43dEeFNIgAdme5fMA
type
Bearer
2021-01-21 15:42:18 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2021-01-21 15:42:18 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
3494.114143069484
expected
96.0
2021-01-21 15:42:18 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2021-01-21 15:42:18 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2021-01-21 15:42:18 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2021-01-21 15:42:18 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM3fQ.NiUDWNBALiB6pwQSXLiGgGhuorkxFdW9lhjC_QmARVBJWh6rkgJMv01NnZLJ_taOVDHaSSedgmu8G1vvavxob_QYm7QZFEyFlYj_fbSH1ZqB5bvghnM7pRAC8RXOvlPJvI8gCZraE8RZo2HeFFsIcWNWF7XH3Qmb8xsH2jSm8OmD--dllpRNVtENomGXwExyVAyufEWvb_vY2CjDdN1r3-QUPQhGKwvEBC6TVoRUoLClprhzxZ_LLx934nU4JtGd8l-Iaig_E-XpPAcx-b-jE5JlEb4jNM_2NfB6--ma3VVqsgUGydjPcsXkOC65IpEa2LJNf8EGqRZ_4qycIhuHPA
second_access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM4fQ.fm2yiyMUTutRzmLcWWydnSw0hOqYChu2DYFi0ODEAO7CC7w6zxcS8ALW3MTNJwTyBs2xVH_1dcnIDhypYa1JlfN0NYSfnDWFlK7zDD3Dtlv4WJZZmOMESC2-cT99-10J0vJ_4PQH54Eo6YWt3VTqHeTYvGr6xwyeugyRznNUZTfOxuvDcwhELrxF8o8-BBJmCWy3IGOHEMA6OKqbyvdUNjtX4ocJ6Fz9yF_6f0fNFTCe8h_T9_stIXAgQBYPzMz3y8bwswNrLF6vpc9yIdZFyG_nOCXObz6zNvhlTi5Lx_kocjzSFoB9-hzCjTghQ9qvL5rbd43dEeFNIgAdme5fMA
2021-01-21 15:42:18 INFO
ExtractIdTokenFromTokenResponse
Couldn't find id_token in token_endpoint_response
2021-01-21 15:42:18 INFO
ExtractRefreshTokenFromTokenResponse
Token endpoint response does not contain a refresh token
2021-01-21 15:42:18 INFO
EnsureMinimumRefreshTokenLength
Skipped evaluation due to missing required element: token_endpoint_response refresh_token
path
refresh_token
mapped
object
token_endpoint_response
2021-01-21 15:42:18 INFO
EnsureMinimumRefreshTokenEntropy
Skipped evaluation due to missing required element: token_endpoint_response refresh_token
path
refresh_token
mapped
object
token_endpoint_response
2021-01-21 15:42:18 INFO
CompareIdTokenClaims
Skipped evaluation due to missing required object: second_id_token
expected
second_id_token
mapped
second_id_token
Resource server endpoint tests
2021-01-21 15:42:18
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2021-01-21 15:42:18 SUCCESS
AddFAPIAuthDateToResourceEndpointRequest
Added x-fapi-auth-date to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Thu, 21 Jan 2021 15:42:18 GMT"
}
2021-01-21 15:42:18
CreateRandomFAPIInteractionId
Created interaction ID
fapi_interaction_id
49422ec9-146d-4e38-aeed-c2297e9ac207
2021-01-21 15:42:18
AddFAPIInteractionIdToResourceEndpointRequest
Condition ran but did not log anything
2021-01-21 15:42:18
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP request
request_uri
https://emea-conformance.ping-eng.com:3000/get
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "x-fapi-auth-date": "Thu, 21 Jan 2021 15:42:18 GMT",
  "x-fapi-interaction-id": "49422ec9-146d-4e38-aeed-c2297e9ac207",
  "authorization": "Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM4fQ.fm2yiyMUTutRzmLcWWydnSw0hOqYChu2DYFi0ODEAO7CC7w6zxcS8ALW3MTNJwTyBs2xVH_1dcnIDhypYa1JlfN0NYSfnDWFlK7zDD3Dtlv4WJZZmOMESC2-cT99-10J0vJ_4PQH54Eo6YWt3VTqHeTYvGr6xwyeugyRznNUZTfOxuvDcwhELrxF8o8-BBJmCWy3IGOHEMA6OKqbyvdUNjtX4ocJ6Fz9yF_6f0fNFTCe8h_T9_stIXAgQBYPzMz3y8bwswNrLF6vpc9yIdZFyG_nOCXObz6zNvhlTi5Lx_kocjzSFoB9-hzCjTghQ9qvL5rbd43dEeFNIgAdme5fMA",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEmIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAABPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxNUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xjs7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhusexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmFG9y5Fqs\u003d",
  "key": "MIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8qafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCBr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7zrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3Z7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/TSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/XgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1TpZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7L92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfgg6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznXNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4HCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEjeh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85JIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/Irb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetdlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+FdR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7UqyZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:19 RESPONSE
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:19 GMT",
  "content-type": "application/json",
  "content-length": "1190",
  "server": "gunicorn/19.9.0",
  "access-control-allow-origin": "*",
  "access-control-allow-credentials": "true",
  "x-fapi-interaction-id": "49422ec9-146d-4e38-aeed-c2297e9ac207"
}
response_body
{
  "args": {}, 
  "headers": {
    "Accept": "application/json;charset=UTF-8", 
    "Accept-Charset": "utf-8", 
    "Accept-Encoding": "gzip,deflate", 
    "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM4fQ.fm2yiyMUTutRzmLcWWydnSw0hOqYChu2DYFi0ODEAO7CC7w6zxcS8ALW3MTNJwTyBs2xVH_1dcnIDhypYa1JlfN0NYSfnDWFlK7zDD3Dtlv4WJZZmOMESC2-cT99-10J0vJ_4PQH54Eo6YWt3VTqHeTYvGr6xwyeugyRznNUZTfOxuvDcwhELrxF8o8-BBJmCWy3IGOHEMA6OKqbyvdUNjtX4ocJ6Fz9yF_6f0fNFTCe8h_T9_stIXAgQBYPzMz3y8bwswNrLF6vpc9yIdZFyG_nOCXObz6zNvhlTi5Lx_kocjzSFoB9-hzCjTghQ9qvL5rbd43dEeFNIgAdme5fMA", 
    "Host": "emea-conformance.ping-eng.com", 
    "User-Agent": "Apache-HttpClient/4.5.5 (Java/11.0.9.1)", 
    "X-Amzn-Trace-Id": "Root=1-6009a0db-08a51ec85874866037eaa4ff", 
    "X-Fapi-Auth-Date": "Thu, 21 Jan 2021 15:42:18 GMT", 
    "X-Fapi-Interaction-Id": "49422ec9-146d-4e38-aeed-c2297e9ac207"
  }, 
  "origin": "35.185.61.217, 54.74.38.30", 
  "url": "https://emea-conformance.ping-eng.com/get"
}
2021-01-21 15:42:19 SUCCESS
CallProtectedResourceWithBearerTokenAndCustomHeaders
Got a response from the resource endpoint
headers
{
  "date": "Thu, 21 Jan 2021 15:42:19 GMT",
  "content-type": "application/json",
  "content-length": "1190",
  "server": "gunicorn/19.9.0",
  "access-control-allow-origin": "*",
  "access-control-allow-credentials": "true",
  "x-fapi-interaction-id": "49422ec9-146d-4e38-aeed-c2297e9ac207"
}
status_code
{
  "code": 200
}
body
{
  "args": {}, 
  "headers": {
    "Accept": "application/json;charset=UTF-8", 
    "Accept-Charset": "utf-8", 
    "Accept-Encoding": "gzip,deflate", 
    "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UxIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6Ilk3UFRxeE9rZzhjY2xrTm5MaEJsYURzZzNfbTAwMkF2bkc4c2VGQ3c2OTAifSwiZXhwIjoxNjExMjUwOTM4fQ.fm2yiyMUTutRzmLcWWydnSw0hOqYChu2DYFi0ODEAO7CC7w6zxcS8ALW3MTNJwTyBs2xVH_1dcnIDhypYa1JlfN0NYSfnDWFlK7zDD3Dtlv4WJZZmOMESC2-cT99-10J0vJ_4PQH54Eo6YWt3VTqHeTYvGr6xwyeugyRznNUZTfOxuvDcwhELrxF8o8-BBJmCWy3IGOHEMA6OKqbyvdUNjtX4ocJ6Fz9yF_6f0fNFTCe8h_T9_stIXAgQBYPzMz3y8bwswNrLF6vpc9yIdZFyG_nOCXObz6zNvhlTi5Lx_kocjzSFoB9-hzCjTghQ9qvL5rbd43dEeFNIgAdme5fMA", 
    "Host": "emea-conformance.ping-eng.com", 
    "User-Agent": "Apache-HttpClient/4.5.5 (Java/11.0.9.1)", 
    "X-Amzn-Trace-Id": "Root=1-6009a0db-08a51ec85874866037eaa4ff", 
    "X-Fapi-Auth-Date": "Thu, 21 Jan 2021 15:42:18 GMT", 
    "X-Fapi-Interaction-Id": "49422ec9-146d-4e38-aeed-c2297e9ac207"
  }, 
  "origin": "35.185.61.217, 54.74.38.30", 
  "url": "https://emea-conformance.ping-eng.com/get"
}
2021-01-21 15:42:19 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Thu, 21 Jan 2021 15:42:19 GMT
skew
473
2021-01-21 15:42:19 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
49422ec9-146d-4e38-aeed-c2297e9ac207
2021-01-21 15:42:19 SUCCESS
EnsureMatchingFAPIInteractionId
Interaction ID matched
fapi_interaction_id
49422ec9-146d-4e38-aeed-c2297e9ac207
2021-01-21 15:42:19 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is JSON
content_type
application/json
Second client: Call backchannel authentication endpoint
2021-01-21 15:42:19 SUCCESS
CreateEmptyAuthorizationEndpointRequest
Created empty authorization endpoint request
2021-01-21 15:42:19 SUCCESS
AddScopeToAuthorizationEndpointRequest
Added scope of 'openid test' to authorization endpoint request
scope
openid test
2021-01-21 15:42:19 SUCCESS
AddHintToAuthorizationEndpointRequest
Added hint to authorization endpoint request
login_hint
patrick
2021-01-21 15:42:19 SUCCESS
AddBindingMessageToAuthorizationEndpointRequest
Added binding message to authorization endpoint request
binding_message
1234
2021-01-21 15:42:19 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "scope": "openid test",
  "login_hint": "patrick",
  "binding_message": "1234"
}
2021-01-21 15:42:19 SUCCESS
AddIatToRequestObject
Added iat to request object claims
iat
1.611243739E9
2021-01-21 15:42:19 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.611244039E9
2021-01-21 15:42:19 SUCCESS
AddNbfToRequestObject
Added nbf to request object claims
nbf
1.611243739E9
2021-01-21 15:42:19 SUCCESS
AddJtiToRequestObject
Added jti to request object claims
jti
A50KLWgo50MSoIfmOgCL
2021-01-21 15:42:19 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://emea-conformance.ping-eng.com:9031
2021-01-21 15:42:19 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
conformance2
2021-01-21 15:42:19 SUCCESS
SignRequestObject
Signed the request object
claims
{"aud":"https:\/\/emea-conformance.ping-eng.com:9031","login_hint":"patrick","nbf":1611243739,"scope":"openid test","iss":"conformance2","binding_message":"1234","exp":1611244039,"iat":1611243739,"jti":"A50KLWgo50MSoIfmOgCL"}
header
{"kid":"6waBCAJKuKMvSU3k540XHPx_4gJx01tmQh8giaYjj1k","alg":"ES256"}
request_object
eyJraWQiOiI2d2FCQ0FKS3VLTXZTVTNrNTQwWEhQeF80Z0p4MDF0bVFoOGdpYVlqajFrIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImxvZ2luX2hpbnQiOiJwYXRyaWNrIiwibmJmIjoxNjExMjQzNzM5LCJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiaXNzIjoiY29uZm9ybWFuY2UyIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTYxMTI0NDAzOSwiaWF0IjoxNjExMjQzNzM5LCJqdGkiOiJBNTBLTFdnbzUwTVNvSWZtT2dDTCJ9.BAWsPapyakYsrpPluLnvM8Ph0kYhED24OZRXQwxO2bv8mKe0hqlXUoqZjfZXZ3JlQf_JF41RILafZjtZpVijlg
key
{"kty":"EC","d":"MTbmR5F_tN0zlvVrwESkMNHB-ZLoRpk3dlxHYged3Ik","use":"sig","crv":"P-256","kid":"6waBCAJKuKMvSU3k540XHPx_4gJx01tmQh8giaYjj1k","x":"XW7xFTCnyPLhhWb_dE0fIIavYTbilf3HDsUELAC5SwI","y":"sm9SrdwPWJ_oQ5tbsDMi6xnsaoLWZLTFyy0L2q5vURE","alg":"ES256"}
2021-01-21 15:42:19 SUCCESS
CreateBackchannelAuthenticationEndpointRequest
Created backchannel authentication endpoint request
2021-01-21 15:42:19
AddRequestToBackchannelAuthenticationEndpointRequest
request
eyJraWQiOiI2d2FCQ0FKS3VLTXZTVTNrNTQwWEhQeF80Z0p4MDF0bVFoOGdpYVlqajFrIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImxvZ2luX2hpbnQiOiJwYXRyaWNrIiwibmJmIjoxNjExMjQzNzM5LCJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiaXNzIjoiY29uZm9ybWFuY2UyIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTYxMTI0NDAzOSwiaWF0IjoxNjExMjQzNzM5LCJqdGkiOiJBNTBLTFdnbzUwTVNvSWZtT2dDTCJ9.BAWsPapyakYsrpPluLnvM8Ph0kYhED24OZRXQwxO2bv8mKe0hqlXUoqZjfZXZ3JlQf_JF41RILafZjtZpVijlg
2021-01-21 15:42:19 SUCCESS
EnsureServerConfigurationSupportsMTLS
Found supported MTLS method
method
tls_client_auth
2021-01-21 15:42:19
AddClientIdToBackchannelAuthenticationEndpointRequest
request
eyJraWQiOiI2d2FCQ0FKS3VLTXZTVTNrNTQwWEhQeF80Z0p4MDF0bVFoOGdpYVlqajFrIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImxvZ2luX2hpbnQiOiJwYXRyaWNrIiwibmJmIjoxNjExMjQzNzM5LCJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiaXNzIjoiY29uZm9ybWFuY2UyIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTYxMTI0NDAzOSwiaWF0IjoxNjExMjQzNzM5LCJqdGkiOiJBNTBLTFdnbzUwTVNvSWZtT2dDTCJ9.BAWsPapyakYsrpPluLnvM8Ph0kYhED24OZRXQwxO2bv8mKe0hqlXUoqZjfZXZ3JlQf_JF41RILafZjtZpVijlg
client_id
conformance2
2021-01-21 15:42:19
CallBackchannelAuthenticationEndpoint
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/bc-auth.ciba
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "509"
}
request_body
request=eyJraWQiOiI2d2FCQ0FKS3VLTXZTVTNrNTQwWEhQeF80Z0p4MDF0bVFoOGdpYVlqajFrIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImxvZ2luX2hpbnQiOiJwYXRyaWNrIiwibmJmIjoxNjExMjQzNzM5LCJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiaXNzIjoiY29uZm9ybWFuY2UyIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTYxMTI0NDAzOSwiaWF0IjoxNjExMjQzNzM5LCJqdGkiOiJBNTBLTFdnbzUwTVNvSWZtT2dDTCJ9.BAWsPapyakYsrpPluLnvM8Ph0kYhED24OZRXQwxO2bv8mKe0hqlXUoqZjfZXZ3JlQf_JF41RILafZjtZpVijlg&client_id=conformance2
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpndMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQyNzM5WhcNMjIwMjA1MTQyNzM5WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIxDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIwDQYJKoZIhvcNAQELBQADggEBAAqCOmoKF4tCpTRVdVnfFGoQ7Zqv4HDt2mM7Uq/5qlaj0h0aMaHUO+w3ouNdNuFxjww0d9BDjXDatOSlWKitS2eTc1AdSACIsxtIVrp7CarJPoCA3YwiSKaGGxgByIdx5EINCgqcm2AaP7nCb5oLPNawJCASvFT4lEUCwkPKRuxOd36lWIH9mKVjhsfRMrnUfrccAuXCpg+qzbl4WHS1ZVKi93qLrBWp7AphhbeZ8tsrkkEQcXiYHdkdZnrpctcrMPODnNLwX1Bw0acYdwuLHfvb1k8zW/Tn5pzDLc5A401sZswxu4l8oRQtFeIV1qgZUvGmvJ4qbQF997SKvmmVwUw\u003d",
  "key": "MIIEowIBAAKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABAoIBAEizzjTi8x/RaPs4SVKUYRFMnUsO5fRNrn1Cq7IJYovI/rUyEHtJNLK3vrtYYY74tjzHR/+xKFzMHg359JbKb2Iqo7j/mJG75AENBrCgauNowVW7y/4pU03SyhLOQrKN30w1Qj7RH0eDrYI58kOkJOf0ev285BGn06hcALs+AVDBBh6CSbD0jR3Z4ZrlTeCk+91JYGmSdJAIjBd65mUAaiJ6g0oEI22BL9StlOIAg6XD3xAJ//CcrumvA3AwMYoE+e1F0HjlVkpIHmAl1cr+4muPC80/YKnC5s9Bwvq/EeJhfVMsnaBQYiobcKr7QNW2WUn1gfYQM3jo3ShbcraGYjECgYEA6QP0Dz2h6jw1FLaC0Q9/xNnCvJSeLx6gb1s/cqVgNWjTVZoq2mv6ak9wJ0emq7nf5+Gbj22bIGiC/dQNLTjCFEbDW2bzgiMYWLDCu+xHHcRql5JixZrX4fy53qlXpKOncMu1nd0T77aTOb4yKhqF8yp7p0ayR4qyB/tqsQNniSMCgYEA1Cde41Wsp+ECT+g/siAFgDTwRWZj2l5zrhsPJpAhMnUn9kgn14b9Ag8Z7mBZZTP1eTVyi27tSKT1hVKH6X4jlB5WWGSg78x2XUq9YdWZ4fIL6g5vWfHMZVHcZp2AcTsF5GKXLRxFPphmCIr2fBPNbvcGXyhABX71oB/T+93m+40CgYBQaDvU8oioAqSyhBR6PeXyMM7BMmuviNsF8i/fyO99HrImjO+StcYQ316tP01lXtvD8ZczlDf+o/Hn0z/Exhw60Pxi0xDebGvfVwerv2n+/KNnsG0DEV7DrekZy8fhmVOTWchPNFXH13HQcDBxVPu6IIPRAlVM2LB8jqaPdMRKjwKBgBMzGPBD8aMjxtzKbPFG2piWsePl90Vs5NUt17oqswZo+dvc/dYQflcwXK1pBM4W3LFCeAJMYKcBXsLZDDnCU5/0+uV2/eWVwGSC/g6bkRiUmiVtdwBR1KiatvKGcHhO2iKoFXxcoZufmSROxy3FcQMI0gfMkbatnbcHCl0x4NSFAoGBANUjORpeHOjACkC5K223B7EMTKTafWFAeiHlxspIKXhTXCy7kPvP/g3BaVhTqmWvpaxeI13HpQsxGjlwQSd7LO8T42nsX/VIpt3mOokQ/hdU/RvYZDJFclDz6M0VjCsshxg+dh8CEfrMAeZ36SXKIqdjXfLQ8yeeQF+fJNHzeXPB",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:20 RESPONSE
CallBackchannelAuthenticationEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:19 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dCEf0AlvsMneye4I3uzpKpx;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"auth_req_id":"PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw","interval":3,"expires_in":120}
2021-01-21 15:42:20
CallBackchannelAuthenticationEndpoint
Backchannel Authentication endpoint response
backchannel_authentication_endpoint_response
{"auth_req_id":"PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw","interval":3,"expires_in":120}
2021-01-21 15:42:20 SUCCESS
CallBackchannelAuthenticationEndpoint
Parsed backchannel authentication endpoint response
auth_req_id
PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw
interval
3
expires_in
120
2021-01-21 15:42:20 SUCCESS
CheckBackchannelAuthenticationEndpointHttpStatus200
Backchannel authentication endpoint http status code was 200
2021-01-21 15:42:20 SUCCESS
CheckBackchannelAuthenticationEndpointContentType
Backchannel authentication endpoint Content-Type: header is application/json
2021-01-21 15:42:20 SUCCESS
CheckIfBackchannelAuthenticationEndpointResponseError
No error from Backchannel authentication endpoint
2021-01-21 15:42:20 SUCCESS
ValidateAuthenticationRequestId
auth_req_id passed all validation checks
2021-01-21 15:42:20 SUCCESS
EnsureMinimumAuthenticationRequestIdLength
auth_req_id is of sufficient length
actual
464
required
128
2021-01-21 15:42:20 SUCCESS
EnsureMinimumAuthenticationRequestIdEntropy
Calculated shannon entropy seems sufficient
actual
286.7433477087453
expected
96.0
2021-01-21 15:42:20 SUCCESS
EnsureRecommendedAuthenticationRequestIdEntropy
Calculated entropy
actual
286.7433477087453
recommended
160.0
2021-01-21 15:42:20 SUCCESS
ValidateAuthenticationRequestIdExpiresIn
expires_in passed all validation checks
expires_in
120
2021-01-21 15:42:20 SUCCESS
ValidateAuthenticationRequestIdInterval
interval passed all validation checks
interval
3
Second client: Call token endpoint expecting pending
2021-01-21 15:42:20 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
grant_type
urn:openid:params:grant-type:ciba
2021-01-21 15:42:20
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw
2021-01-21 15:42:20 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw
client_id
conformance2
2021-01-21 15:42:20
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "146"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw&client_id=conformance2
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpndMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQyNzM5WhcNMjIwMjA1MTQyNzM5WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIxDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIwDQYJKoZIhvcNAQELBQADggEBAAqCOmoKF4tCpTRVdVnfFGoQ7Zqv4HDt2mM7Uq/5qlaj0h0aMaHUO+w3ouNdNuFxjww0d9BDjXDatOSlWKitS2eTc1AdSACIsxtIVrp7CarJPoCA3YwiSKaGGxgByIdx5EINCgqcm2AaP7nCb5oLPNawJCASvFT4lEUCwkPKRuxOd36lWIH9mKVjhsfRMrnUfrccAuXCpg+qzbl4WHS1ZVKi93qLrBWp7AphhbeZ8tsrkkEQcXiYHdkdZnrpctcrMPODnNLwX1Bw0acYdwuLHfvb1k8zW/Tn5pzDLc5A401sZswxu4l8oRQtFeIV1qgZUvGmvJ4qbQF997SKvmmVwUw\u003d",
  "key": "MIIEowIBAAKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABAoIBAEizzjTi8x/RaPs4SVKUYRFMnUsO5fRNrn1Cq7IJYovI/rUyEHtJNLK3vrtYYY74tjzHR/+xKFzMHg359JbKb2Iqo7j/mJG75AENBrCgauNowVW7y/4pU03SyhLOQrKN30w1Qj7RH0eDrYI58kOkJOf0ev285BGn06hcALs+AVDBBh6CSbD0jR3Z4ZrlTeCk+91JYGmSdJAIjBd65mUAaiJ6g0oEI22BL9StlOIAg6XD3xAJ//CcrumvA3AwMYoE+e1F0HjlVkpIHmAl1cr+4muPC80/YKnC5s9Bwvq/EeJhfVMsnaBQYiobcKr7QNW2WUn1gfYQM3jo3ShbcraGYjECgYEA6QP0Dz2h6jw1FLaC0Q9/xNnCvJSeLx6gb1s/cqVgNWjTVZoq2mv6ak9wJ0emq7nf5+Gbj22bIGiC/dQNLTjCFEbDW2bzgiMYWLDCu+xHHcRql5JixZrX4fy53qlXpKOncMu1nd0T77aTOb4yKhqF8yp7p0ayR4qyB/tqsQNniSMCgYEA1Cde41Wsp+ECT+g/siAFgDTwRWZj2l5zrhsPJpAhMnUn9kgn14b9Ag8Z7mBZZTP1eTVyi27tSKT1hVKH6X4jlB5WWGSg78x2XUq9YdWZ4fIL6g5vWfHMZVHcZp2AcTsF5GKXLRxFPphmCIr2fBPNbvcGXyhABX71oB/T+93m+40CgYBQaDvU8oioAqSyhBR6PeXyMM7BMmuviNsF8i/fyO99HrImjO+StcYQ316tP01lXtvD8ZczlDf+o/Hn0z/Exhw60Pxi0xDebGvfVwerv2n+/KNnsG0DEV7DrekZy8fhmVOTWchPNFXH13HQcDBxVPu6IIPRAlVM2LB8jqaPdMRKjwKBgBMzGPBD8aMjxtzKbPFG2piWsePl90Vs5NUt17oqswZo+dvc/dYQflcwXK1pBM4W3LFCeAJMYKcBXsLZDDnCU5/0+uV2/eWVwGSC/g6bkRiUmiVtdwBR1KiatvKGcHhO2iKoFXxcoZufmSROxy3FcQMI0gfMkbatnbcHCl0x4NSFAoGBANUjORpeHOjACkC5K223B7EMTKTafWFAeiHlxspIKXhTXCy7kPvP/g3BaVhTqmWvpaxeI13HpQsxGjlwQSd7LO8T42nsX/VIpt3mOokQ/hdU/RvYZDJFclDz6M0VjCsshxg+dh8CEfrMAeZ36SXKIqdjXfLQ8yeeQF+fJNHzeXPB",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:20 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:20 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dkGl58MFeocGYcJsXXocjAa;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"error_description":"Pending user authorization","error":"authorization_pending"}
2021-01-21 15:42:20 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
Pending user authorization
error
authorization_pending
2021-01-21 15:42:20 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Second client: Verify token endpoint response is pending or slow_down
2021-01-21 15:42:20 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2021-01-21 15:42:20 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
authorization_pending
2021-01-21 15:42:20 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
Pending user authorization
2021-01-21 15:42:20 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
Pending user authorization
2021-01-21 15:42:20 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2021-01-21 15:42:20 SUCCESS
EnsureErrorTokenEndpointSlowdownOrAuthorizationPending
error met 'slow_down' or 'authorization_pending'
error
authorization_pending
Second client: Call token endpoint expecting pending (second time)
2021-01-21 15:42:25 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
grant_type
urn:openid:params:grant-type:ciba
2021-01-21 15:42:25
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw
2021-01-21 15:42:25 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw
client_id
conformance2
2021-01-21 15:42:25
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "146"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw&client_id=conformance2
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpndMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQyNzM5WhcNMjIwMjA1MTQyNzM5WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIxDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIwDQYJKoZIhvcNAQELBQADggEBAAqCOmoKF4tCpTRVdVnfFGoQ7Zqv4HDt2mM7Uq/5qlaj0h0aMaHUO+w3ouNdNuFxjww0d9BDjXDatOSlWKitS2eTc1AdSACIsxtIVrp7CarJPoCA3YwiSKaGGxgByIdx5EINCgqcm2AaP7nCb5oLPNawJCASvFT4lEUCwkPKRuxOd36lWIH9mKVjhsfRMrnUfrccAuXCpg+qzbl4WHS1ZVKi93qLrBWp7AphhbeZ8tsrkkEQcXiYHdkdZnrpctcrMPODnNLwX1Bw0acYdwuLHfvb1k8zW/Tn5pzDLc5A401sZswxu4l8oRQtFeIV1qgZUvGmvJ4qbQF997SKvmmVwUw\u003d",
  "key": "MIIEowIBAAKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABAoIBAEizzjTi8x/RaPs4SVKUYRFMnUsO5fRNrn1Cq7IJYovI/rUyEHtJNLK3vrtYYY74tjzHR/+xKFzMHg359JbKb2Iqo7j/mJG75AENBrCgauNowVW7y/4pU03SyhLOQrKN30w1Qj7RH0eDrYI58kOkJOf0ev285BGn06hcALs+AVDBBh6CSbD0jR3Z4ZrlTeCk+91JYGmSdJAIjBd65mUAaiJ6g0oEI22BL9StlOIAg6XD3xAJ//CcrumvA3AwMYoE+e1F0HjlVkpIHmAl1cr+4muPC80/YKnC5s9Bwvq/EeJhfVMsnaBQYiobcKr7QNW2WUn1gfYQM3jo3ShbcraGYjECgYEA6QP0Dz2h6jw1FLaC0Q9/xNnCvJSeLx6gb1s/cqVgNWjTVZoq2mv6ak9wJ0emq7nf5+Gbj22bIGiC/dQNLTjCFEbDW2bzgiMYWLDCu+xHHcRql5JixZrX4fy53qlXpKOncMu1nd0T77aTOb4yKhqF8yp7p0ayR4qyB/tqsQNniSMCgYEA1Cde41Wsp+ECT+g/siAFgDTwRWZj2l5zrhsPJpAhMnUn9kgn14b9Ag8Z7mBZZTP1eTVyi27tSKT1hVKH6X4jlB5WWGSg78x2XUq9YdWZ4fIL6g5vWfHMZVHcZp2AcTsF5GKXLRxFPphmCIr2fBPNbvcGXyhABX71oB/T+93m+40CgYBQaDvU8oioAqSyhBR6PeXyMM7BMmuviNsF8i/fyO99HrImjO+StcYQ316tP01lXtvD8ZczlDf+o/Hn0z/Exhw60Pxi0xDebGvfVwerv2n+/KNnsG0DEV7DrekZy8fhmVOTWchPNFXH13HQcDBxVPu6IIPRAlVM2LB8jqaPdMRKjwKBgBMzGPBD8aMjxtzKbPFG2piWsePl90Vs5NUt17oqswZo+dvc/dYQflcwXK1pBM4W3LFCeAJMYKcBXsLZDDnCU5/0+uV2/eWVwGSC/g6bkRiUmiVtdwBR1KiatvKGcHhO2iKoFXxcoZufmSROxy3FcQMI0gfMkbatnbcHCl0x4NSFAoGBANUjORpeHOjACkC5K223B7EMTKTafWFAeiHlxspIKXhTXCy7kPvP/g3BaVhTqmWvpaxeI13HpQsxGjlwQSd7LO8T42nsX/VIpt3mOokQ/hdU/RvYZDJFclDz6M0VjCsshxg+dh8CEfrMAeZ36SXKIqdjXfLQ8yeeQF+fJNHzeXPB",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:25 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:25 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dvBiZFA4CaNVYE8ppGyI8ZC;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"error_description":"Pending user authorization","error":"authorization_pending"}
2021-01-21 15:42:25 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
Pending user authorization
error
authorization_pending
2021-01-21 15:42:25 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Second client: Verify token endpoint response is pending or slow_down
2021-01-21 15:42:25 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2021-01-21 15:42:25 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
authorization_pending
2021-01-21 15:42:25 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
Pending user authorization
2021-01-21 15:42:25 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
Pending user authorization
2021-01-21 15:42:25 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2021-01-21 15:42:25 SUCCESS
EnsureErrorTokenEndpointSlowdownOrAuthorizationPending
error met 'slow_down' or 'authorization_pending'
error
authorization_pending
2021-01-21 15:42:25
CallAutomatedCibaApprovalEndpoint
If your server supports automated testing, you can set 'automated_ciba_approval_url' in your configuration to a url like https://cibasim.example.com/action?token={auth_req_id}&type={action} (auth_req_id will be automatically substituted for the current auth_req_id by the conformance suite, action will be allow or deny depending on the test)
Second client: Polling token endpoint waiting for user to authenticate
2021-01-21 15:42:31 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
grant_type
urn:openid:params:grant-type:ciba
2021-01-21 15:42:31
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw
2021-01-21 15:42:31 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw
client_id
conformance2
2021-01-21 15:42:31
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "146"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=PbTTtJw8ne_ehiAQeUi3H5Zy-LBlJQBgCaFTEAio5QzJ-TvSeg5vlI7USw&client_id=conformance2
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpndMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQyNzM5WhcNMjIwMjA1MTQyNzM5WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIxDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIwDQYJKoZIhvcNAQELBQADggEBAAqCOmoKF4tCpTRVdVnfFGoQ7Zqv4HDt2mM7Uq/5qlaj0h0aMaHUO+w3ouNdNuFxjww0d9BDjXDatOSlWKitS2eTc1AdSACIsxtIVrp7CarJPoCA3YwiSKaGGxgByIdx5EINCgqcm2AaP7nCb5oLPNawJCASvFT4lEUCwkPKRuxOd36lWIH9mKVjhsfRMrnUfrccAuXCpg+qzbl4WHS1ZVKi93qLrBWp7AphhbeZ8tsrkkEQcXiYHdkdZnrpctcrMPODnNLwX1Bw0acYdwuLHfvb1k8zW/Tn5pzDLc5A401sZswxu4l8oRQtFeIV1qgZUvGmvJ4qbQF997SKvmmVwUw\u003d",
  "key": "MIIEowIBAAKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABAoIBAEizzjTi8x/RaPs4SVKUYRFMnUsO5fRNrn1Cq7IJYovI/rUyEHtJNLK3vrtYYY74tjzHR/+xKFzMHg359JbKb2Iqo7j/mJG75AENBrCgauNowVW7y/4pU03SyhLOQrKN30w1Qj7RH0eDrYI58kOkJOf0ev285BGn06hcALs+AVDBBh6CSbD0jR3Z4ZrlTeCk+91JYGmSdJAIjBd65mUAaiJ6g0oEI22BL9StlOIAg6XD3xAJ//CcrumvA3AwMYoE+e1F0HjlVkpIHmAl1cr+4muPC80/YKnC5s9Bwvq/EeJhfVMsnaBQYiobcKr7QNW2WUn1gfYQM3jo3ShbcraGYjECgYEA6QP0Dz2h6jw1FLaC0Q9/xNnCvJSeLx6gb1s/cqVgNWjTVZoq2mv6ak9wJ0emq7nf5+Gbj22bIGiC/dQNLTjCFEbDW2bzgiMYWLDCu+xHHcRql5JixZrX4fy53qlXpKOncMu1nd0T77aTOb4yKhqF8yp7p0ayR4qyB/tqsQNniSMCgYEA1Cde41Wsp+ECT+g/siAFgDTwRWZj2l5zrhsPJpAhMnUn9kgn14b9Ag8Z7mBZZTP1eTVyi27tSKT1hVKH6X4jlB5WWGSg78x2XUq9YdWZ4fIL6g5vWfHMZVHcZp2AcTsF5GKXLRxFPphmCIr2fBPNbvcGXyhABX71oB/T+93m+40CgYBQaDvU8oioAqSyhBR6PeXyMM7BMmuviNsF8i/fyO99HrImjO+StcYQ316tP01lXtvD8ZczlDf+o/Hn0z/Exhw60Pxi0xDebGvfVwerv2n+/KNnsG0DEV7DrekZy8fhmVOTWchPNFXH13HQcDBxVPu6IIPRAlVM2LB8jqaPdMRKjwKBgBMzGPBD8aMjxtzKbPFG2piWsePl90Vs5NUt17oqswZo+dvc/dYQflcwXK1pBM4W3LFCeAJMYKcBXsLZDDnCU5/0+uV2/eWVwGSC/g6bkRiUmiVtdwBR1KiatvKGcHhO2iKoFXxcoZufmSROxy3FcQMI0gfMkbatnbcHCl0x4NSFAoGBANUjORpeHOjACkC5K223B7EMTKTafWFAeiHlxspIKXhTXCy7kPvP/g3BaVhTqmWvpaxeI13HpQsxGjlwQSd7LO8T42nsX/VIpt3mOokQ/hdU/RvYZDJFclDz6M0VjCsshxg+dh8CEfrMAeZ36SXKIqdjXfLQ8yeeQF+fJNHzeXPB",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:31 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:31 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dahk3cYlK5v7JkR7gV1ARZp;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"access_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUxfQ.MeQ6xLUft-IH2wk78jVPDQrJjNQMs24yzsduDSYHdFG2HWCcZg9xgQ2HBziwqx-8QP2fdK1Y2UBIZxyNxq51keGEOhqfMDBZvhWBMXRYoOsxvQdXQHa5zaqnNmBblz6dXDoRUE2AVRtZF50aEwt4Joe3RJL3WHTaESYxTS8dRiqw5V6VgU0_pize0YBwcBQfXI7ygUuGI7nTxHr3SSZcMiteDNa8p9OuUh9yZ234IiHtCIk__VRSjVLUWBUOYR9MBHCNSs-z1CJGQqsYlfVg9o3TYFIg6TglNxZERY4PphoHyDGhuLsOOFmlJtCQ_uOJJmDAyEmFy5TGcO-WRFl2Lw","refresh_token":"y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy","scope":"openid test","id_token":"eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UyIiwianRpIjoidXFLWWFmWmpZQUZVWXBVOWdMdG1ZVSIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0Mzc1MSwiZXhwIjoxNjExMjQ0MDUxfQ.-voRCp0PjrNhjavNl2cgRQK1x-iNeTg0zFzet_93U70e17GXOIDv5gZUyo9ljrPUuzhU5Am3tIt_0Wk1BqlzNA","token_type":"Bearer","expires_in":7199}
2021-01-21 15:42:31 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUxfQ.MeQ6xLUft-IH2wk78jVPDQrJjNQMs24yzsduDSYHdFG2HWCcZg9xgQ2HBziwqx-8QP2fdK1Y2UBIZxyNxq51keGEOhqfMDBZvhWBMXRYoOsxvQdXQHa5zaqnNmBblz6dXDoRUE2AVRtZF50aEwt4Joe3RJL3WHTaESYxTS8dRiqw5V6VgU0_pize0YBwcBQfXI7ygUuGI7nTxHr3SSZcMiteDNa8p9OuUh9yZ234IiHtCIk__VRSjVLUWBUOYR9MBHCNSs-z1CJGQqsYlfVg9o3TYFIg6TglNxZERY4PphoHyDGhuLsOOFmlJtCQ_uOJJmDAyEmFy5TGcO-WRFl2Lw
refresh_token
y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy
scope
openid test
id_token
eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UyIiwianRpIjoidXFLWWFmWmpZQUZVWXBVOWdMdG1ZVSIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0Mzc1MSwiZXhwIjoxNjExMjQ0MDUxfQ.-voRCp0PjrNhjavNl2cgRQK1x-iNeTg0zFzet_93U70e17GXOIDv5gZUyo9ljrPUuzhU5Am3tIt_0Wk1BqlzNA
token_type
Bearer
expires_in
7199
2021-01-21 15:42:31 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Second client: Verify token endpoint response
2021-01-21 15:42:31 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2021-01-21 15:42:31 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-cache, no-store
pragma_header
no-cache
2021-01-21 15:42:31 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-01-21 15:42:31 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUxfQ.MeQ6xLUft-IH2wk78jVPDQrJjNQMs24yzsduDSYHdFG2HWCcZg9xgQ2HBziwqx-8QP2fdK1Y2UBIZxyNxq51keGEOhqfMDBZvhWBMXRYoOsxvQdXQHa5zaqnNmBblz6dXDoRUE2AVRtZF50aEwt4Joe3RJL3WHTaESYxTS8dRiqw5V6VgU0_pize0YBwcBQfXI7ygUuGI7nTxHr3SSZcMiteDNa8p9OuUh9yZ234IiHtCIk__VRSjVLUWBUOYR9MBHCNSs-z1CJGQqsYlfVg9o3TYFIg6TglNxZERY4PphoHyDGhuLsOOFmlJtCQ_uOJJmDAyEmFy5TGcO-WRFl2Lw
2021-01-21 15:42:31 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUxfQ.MeQ6xLUft-IH2wk78jVPDQrJjNQMs24yzsduDSYHdFG2HWCcZg9xgQ2HBziwqx-8QP2fdK1Y2UBIZxyNxq51keGEOhqfMDBZvhWBMXRYoOsxvQdXQHa5zaqnNmBblz6dXDoRUE2AVRtZF50aEwt4Joe3RJL3WHTaESYxTS8dRiqw5V6VgU0_pize0YBwcBQfXI7ygUuGI7nTxHr3SSZcMiteDNa8p9OuUh9yZ234IiHtCIk__VRSjVLUWBUOYR9MBHCNSs-z1CJGQqsYlfVg9o3TYFIg6TglNxZERY4PphoHyDGhuLsOOFmlJtCQ_uOJJmDAyEmFy5TGcO-WRFl2Lw
type
Bearer
2021-01-21 15:42:31 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2021-01-21 15:42:31 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2021-01-21 15:42:31 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy
2021-01-21 15:42:31 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
336
required
128
2021-01-21 15:42:31 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
195.72244425454448
expected
96.0
2021-01-21 15:42:31 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
4784
required
128
2021-01-21 15:42:31 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
3490.498092031456
expected
96.0
2021-01-21 15:42:31 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UyIiwianRpIjoidXFLWWFmWmpZQUZVWXBVOWdMdG1ZVSIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0Mzc1MSwiZXhwIjoxNjExMjQ0MDUxfQ.-voRCp0PjrNhjavNl2cgRQK1x-iNeTg0zFzet_93U70e17GXOIDv5gZUyo9ljrPUuzhU5Am3tIt_0Wk1BqlzNA
header
{
  "kid": "DZKPmdul93whyB2Ejs-bvRa6o8Q",
  "alg": "ES256"
}
claims
{
  "sub": "patrick",
  "aud": "conformance2",
  "iss": "https://emea-conformance.ping-eng.com:9031",
  "exp": 1611244051,
  "iat": 1611243751,
  "jti": "uqKYafZjYAFUYpU9gLtmYU"
}
2021-01-21 15:42:31 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2021-01-21 15:42:31 SUCCESS
EnsureIdTokenContainsKid
kid was found in the ID token header
kid
DZKPmdul93whyB2Ejs-bvRa6o8Q
2021-01-21 15:42:31 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UyIiwianRpIjoidXFLWWFmWmpZQUZVWXBVOWdMdG1ZVSIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0Mzc1MSwiZXhwIjoxNjExMjQ0MDUxfQ.-voRCp0PjrNhjavNl2cgRQK1x-iNeTg0zFzet_93U70e17GXOIDv5gZUyo9ljrPUuzhU5Am3tIt_0Wk1BqlzNA
2021-01-21 15:42:31 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJFUzI1NiIsImtpZCI6IkRaS1BtZHVsOTN3aHlCMkVqcy1idlJhNm84USJ9.eyJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiY29uZm9ybWFuY2UyIiwianRpIjoidXFLWWFmWmpZQUZVWXBVOWdMdG1ZVSIsImlzcyI6Imh0dHBzOi8vZW1lYS1jb25mb3JtYW5jZS5waW5nLWVuZy5jb206OTAzMSIsImlhdCI6MTYxMTI0Mzc1MSwiZXhwIjoxNjExMjQ0MDUxfQ.-voRCp0PjrNhjavNl2cgRQK1x-iNeTg0zFzet_93U70e17GXOIDv5gZUyo9ljrPUuzhU5Am3tIt_0Wk1BqlzNA
2021-01-21 15:42:31 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
patrick
2021-01-21 15:42:31 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
ES256
2021-01-21 15:42:31 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2021-01-21 15:42:31 INFO
FAPIValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2021-01-21 15:42:31 INFO
FAPICIBAValidateIdTokenAuthRequestIdClaims
Skipped evaluation due to missing required element: id_token claims.urn:openid:params:jwt:claim:auth_req_id
path
claims.urn:openid:params:jwt:claim:auth_req_id
mapped
object
id_token
2021-01-21 15:42:31 SUCCESS
ValidateIdTokenNotIncludeCHashAndSHash
id_token claims correctly does not contain 'c_hash' and 's_hash'
claims
{
  "sub": "patrick",
  "aud": "conformance2",
  "iss": "https://emea-conformance.ping-eng.com:9031",
  "exp": 1611244051,
  "iat": 1611243751,
  "jti": "uqKYafZjYAFUYpU9gLtmYU"
}
2021-01-21 15:42:31 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2021-01-21 15:42:31 INFO
ExtractRtHash
Couldn't find urn:openid:params:jwt:claim:rt_hash claim in the ID token
2021-01-21 15:42:31 INFO
FAPICIBAValidateRtHash
Skipped evaluation due to missing required object: rt_hash
expected
rt_hash
mapped
2021-01-21 15:42:31 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Second client: Check for refresh token
2021-01-21 15:42:31 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy
2021-01-21 15:42:31 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "password",
  "client_credentials",
  "urn:pingidentity.com:oauth2:grant_type:validate_bearer",
  "urn:ietf:params:oauth:grant-type:jwt-bearer",
  "urn:ietf:params:oauth:grant-type:saml2-bearer",
  "urn:ietf:params:oauth:grant-type:device_code",
  "urn:ietf:params:oauth:grant-type:token-exchange",
  "urn:openid:params:grant-type:ciba"
]
2021-01-21 15:42:31 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2021-01-21 15:42:31 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy
2021-01-21 15:42:31 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
refresh_token
refresh_token
y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy
client_id
conformance2
2021-01-21 15:42:31 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2021-01-21 15:42:32 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2021-01-21 15:42:32
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "104"
}
request_body
grant_type=refresh_token&refresh_token=y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy&client_id=conformance2
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpndMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQyNzM5WhcNMjIwMjA1MTQyNzM5WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIxDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIwDQYJKoZIhvcNAQELBQADggEBAAqCOmoKF4tCpTRVdVnfFGoQ7Zqv4HDt2mM7Uq/5qlaj0h0aMaHUO+w3ouNdNuFxjww0d9BDjXDatOSlWKitS2eTc1AdSACIsxtIVrp7CarJPoCA3YwiSKaGGxgByIdx5EINCgqcm2AaP7nCb5oLPNawJCASvFT4lEUCwkPKRuxOd36lWIH9mKVjhsfRMrnUfrccAuXCpg+qzbl4WHS1ZVKi93qLrBWp7AphhbeZ8tsrkkEQcXiYHdkdZnrpctcrMPODnNLwX1Bw0acYdwuLHfvb1k8zW/Tn5pzDLc5A401sZswxu4l8oRQtFeIV1qgZUvGmvJ4qbQF997SKvmmVwUw\u003d",
  "key": "MIIEowIBAAKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABAoIBAEizzjTi8x/RaPs4SVKUYRFMnUsO5fRNrn1Cq7IJYovI/rUyEHtJNLK3vrtYYY74tjzHR/+xKFzMHg359JbKb2Iqo7j/mJG75AENBrCgauNowVW7y/4pU03SyhLOQrKN30w1Qj7RH0eDrYI58kOkJOf0ev285BGn06hcALs+AVDBBh6CSbD0jR3Z4ZrlTeCk+91JYGmSdJAIjBd65mUAaiJ6g0oEI22BL9StlOIAg6XD3xAJ//CcrumvA3AwMYoE+e1F0HjlVkpIHmAl1cr+4muPC80/YKnC5s9Bwvq/EeJhfVMsnaBQYiobcKr7QNW2WUn1gfYQM3jo3ShbcraGYjECgYEA6QP0Dz2h6jw1FLaC0Q9/xNnCvJSeLx6gb1s/cqVgNWjTVZoq2mv6ak9wJ0emq7nf5+Gbj22bIGiC/dQNLTjCFEbDW2bzgiMYWLDCu+xHHcRql5JixZrX4fy53qlXpKOncMu1nd0T77aTOb4yKhqF8yp7p0ayR4qyB/tqsQNniSMCgYEA1Cde41Wsp+ECT+g/siAFgDTwRWZj2l5zrhsPJpAhMnUn9kgn14b9Ag8Z7mBZZTP1eTVyi27tSKT1hVKH6X4jlB5WWGSg78x2XUq9YdWZ4fIL6g5vWfHMZVHcZp2AcTsF5GKXLRxFPphmCIr2fBPNbvcGXyhABX71oB/T+93m+40CgYBQaDvU8oioAqSyhBR6PeXyMM7BMmuviNsF8i/fyO99HrImjO+StcYQ316tP01lXtvD8ZczlDf+o/Hn0z/Exhw60Pxi0xDebGvfVwerv2n+/KNnsG0DEV7DrekZy8fhmVOTWchPNFXH13HQcDBxVPu6IIPRAlVM2LB8jqaPdMRKjwKBgBMzGPBD8aMjxtzKbPFG2piWsePl90Vs5NUt17oqswZo+dvc/dYQflcwXK1pBM4W3LFCeAJMYKcBXsLZDDnCU5/0+uV2/eWVwGSC/g6bkRiUmiVtdwBR1KiatvKGcHhO2iKoFXxcoZufmSROxy3FcQMI0gfMkbatnbcHCl0x4NSFAoGBANUjORpeHOjACkC5K223B7EMTKTafWFAeiHlxspIKXhTXCy7kPvP/g3BaVhTqmWvpaxeI13HpQsxGjlwQSd7LO8T42nsX/VIpt3mOokQ/hdU/RvYZDJFclDz6M0VjCsshxg+dh8CEfrMAeZ36SXKIqdjXfLQ8yeeQF+fJNHzeXPB",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:32 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:32 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003dGTW0hPabLQFKLRYbFe0DnU;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"access_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUyfQ.A-oxj9BffO6rfDaxX9P7Ln4eNXZ_N9VB-exH1E-w9Pl3AG_QekGnNUQzfTIHApu5QgRrXK_X0X47d8g39TLRX11FqTAqusRhtZ1bEdYMIbC1ZtBJPDQgJMuKxxqHnLZl_Fu5vDPemXcHg5mC6EXGoxJtFnVqbBR5FX6whEpaU7Fb-8pypC_sgbmvnYCAyj7gk8lWP6PARANj8xlo_VAqNtplTK-1srk2d_j42hX18eqzzTGEDEyWcpYnC2cGdxtGIrW48xZx2urwUuICSR9Q0b1NuM5GqWT6au968nhyOloGH8jUVcO7m6tKifstducw9EDDE38Ly3WDQvhXyrf3kg","token_type":"Bearer","expires_in":7199}
2021-01-21 15:42:32 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUyfQ.A-oxj9BffO6rfDaxX9P7Ln4eNXZ_N9VB-exH1E-w9Pl3AG_QekGnNUQzfTIHApu5QgRrXK_X0X47d8g39TLRX11FqTAqusRhtZ1bEdYMIbC1ZtBJPDQgJMuKxxqHnLZl_Fu5vDPemXcHg5mC6EXGoxJtFnVqbBR5FX6whEpaU7Fb-8pypC_sgbmvnYCAyj7gk8lWP6PARANj8xlo_VAqNtplTK-1srk2d_j42hX18eqzzTGEDEyWcpYnC2cGdxtGIrW48xZx2urwUuICSR9Q0b1NuM5GqWT6au968nhyOloGH8jUVcO7m6tKifstducw9EDDE38Ly3WDQvhXyrf3kg
token_type
Bearer
expires_in
7199
2021-01-21 15:42:32 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2021-01-21 15:42:32 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2021-01-21 15:42:32 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-cache, no-store
pragma_header
no-cache
2021-01-21 15:42:32 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-01-21 15:42:32 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUyfQ.A-oxj9BffO6rfDaxX9P7Ln4eNXZ_N9VB-exH1E-w9Pl3AG_QekGnNUQzfTIHApu5QgRrXK_X0X47d8g39TLRX11FqTAqusRhtZ1bEdYMIbC1ZtBJPDQgJMuKxxqHnLZl_Fu5vDPemXcHg5mC6EXGoxJtFnVqbBR5FX6whEpaU7Fb-8pypC_sgbmvnYCAyj7gk8lWP6PARANj8xlo_VAqNtplTK-1srk2d_j42hX18eqzzTGEDEyWcpYnC2cGdxtGIrW48xZx2urwUuICSR9Q0b1NuM5GqWT6au968nhyOloGH8jUVcO7m6tKifstducw9EDDE38Ly3WDQvhXyrf3kg
type
Bearer
2021-01-21 15:42:32 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2021-01-21 15:42:32 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
3523.8279210728415
expected
96.0
2021-01-21 15:42:32 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2021-01-21 15:42:32 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
7199
2021-01-21 15:42:32 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
7199
2021-01-21 15:42:32 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUxfQ.MeQ6xLUft-IH2wk78jVPDQrJjNQMs24yzsduDSYHdFG2HWCcZg9xgQ2HBziwqx-8QP2fdK1Y2UBIZxyNxq51keGEOhqfMDBZvhWBMXRYoOsxvQdXQHa5zaqnNmBblz6dXDoRUE2AVRtZF50aEwt4Joe3RJL3WHTaESYxTS8dRiqw5V6VgU0_pize0YBwcBQfXI7ygUuGI7nTxHr3SSZcMiteDNa8p9OuUh9yZ234IiHtCIk__VRSjVLUWBUOYR9MBHCNSs-z1CJGQqsYlfVg9o3TYFIg6TglNxZERY4PphoHyDGhuLsOOFmlJtCQ_uOJJmDAyEmFy5TGcO-WRFl2Lw
second_access_token
eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUyfQ.A-oxj9BffO6rfDaxX9P7Ln4eNXZ_N9VB-exH1E-w9Pl3AG_QekGnNUQzfTIHApu5QgRrXK_X0X47d8g39TLRX11FqTAqusRhtZ1bEdYMIbC1ZtBJPDQgJMuKxxqHnLZl_Fu5vDPemXcHg5mC6EXGoxJtFnVqbBR5FX6whEpaU7Fb-8pypC_sgbmvnYCAyj7gk8lWP6PARANj8xlo_VAqNtplTK-1srk2d_j42hX18eqzzTGEDEyWcpYnC2cGdxtGIrW48xZx2urwUuICSR9Q0b1NuM5GqWT6au968nhyOloGH8jUVcO7m6tKifstducw9EDDE38Ly3WDQvhXyrf3kg
2021-01-21 15:42:32 INFO
ExtractIdTokenFromTokenResponse
Couldn't find id_token in token_endpoint_response
2021-01-21 15:42:32 INFO
ExtractRefreshTokenFromTokenResponse
Token endpoint response does not contain a refresh token
2021-01-21 15:42:32 INFO
EnsureMinimumRefreshTokenLength
Skipped evaluation due to missing required element: token_endpoint_response refresh_token
path
refresh_token
mapped
object
token_endpoint_response
2021-01-21 15:42:32 INFO
EnsureMinimumRefreshTokenEntropy
Skipped evaluation due to missing required element: token_endpoint_response refresh_token
path
refresh_token
mapped
object
token_endpoint_response
2021-01-21 15:42:32 INFO
CompareIdTokenClaims
Skipped evaluation due to missing required object: second_id_token
expected
second_id_token
mapped
second_id_token
Second client: Resource server endpoint tests
2021-01-21 15:42:32
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2021-01-21 15:42:32
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP request
request_uri
https://emea-conformance.ping-eng.com:3000/get
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUyfQ.A-oxj9BffO6rfDaxX9P7Ln4eNXZ_N9VB-exH1E-w9Pl3AG_QekGnNUQzfTIHApu5QgRrXK_X0X47d8g39TLRX11FqTAqusRhtZ1bEdYMIbC1ZtBJPDQgJMuKxxqHnLZl_Fu5vDPemXcHg5mC6EXGoxJtFnVqbBR5FX6whEpaU7Fb-8pypC_sgbmvnYCAyj7gk8lWP6PARANj8xlo_VAqNtplTK-1srk2d_j42hX18eqzzTGEDEyWcpYnC2cGdxtGIrW48xZx2urwUuICSR9Q0b1NuM5GqWT6au968nhyOloGH8jUVcO7m6tKifstducw9EDDE38Ly3WDQvhXyrf3kg",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpndMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQyNzM5WhcNMjIwMjA1MTQyNzM5WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIxDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDIwDQYJKoZIhvcNAQELBQADggEBAAqCOmoKF4tCpTRVdVnfFGoQ7Zqv4HDt2mM7Uq/5qlaj0h0aMaHUO+w3ouNdNuFxjww0d9BDjXDatOSlWKitS2eTc1AdSACIsxtIVrp7CarJPoCA3YwiSKaGGxgByIdx5EINCgqcm2AaP7nCb5oLPNawJCASvFT4lEUCwkPKRuxOd36lWIH9mKVjhsfRMrnUfrccAuXCpg+qzbl4WHS1ZVKi93qLrBWp7AphhbeZ8tsrkkEQcXiYHdkdZnrpctcrMPODnNLwX1Bw0acYdwuLHfvb1k8zW/Tn5pzDLc5A401sZswxu4l8oRQtFeIV1qgZUvGmvJ4qbQF997SKvmmVwUw\u003d",
  "key": "MIIEowIBAAKCAQEAwRscFS1280kSNG3b9xhLl09bPKfsnFTGPXmrrUyjUbtXZ0ifq0Wo2MPmjOMlMvdcC1h3wwFZbz+2kIx3crhJq7trDGwrF46DJ0qjHeRwLQZrbk0V6YUhVl1rBv8U8h+vQqLLBkfm211I1WS1K0o7BATtfiQ/0FBmwkNzYt0KgfijdFQshiH/zk/vcxwpurQmjo52e/C7g1C1RhJ7k35IwCDU8ntW+Y0B5Ylf4HTTd/xmIatvh7tOfuSH36HeRmnb9nSg9giZMSIxLnIBVnB7rm1JVbyVTM7yms9RAY7yNvGOv/fuZ6iZLdoEPvLcmVlJcN3N3OKBQfm51xCOz+3ZRwIDAQABAoIBAEizzjTi8x/RaPs4SVKUYRFMnUsO5fRNrn1Cq7IJYovI/rUyEHtJNLK3vrtYYY74tjzHR/+xKFzMHg359JbKb2Iqo7j/mJG75AENBrCgauNowVW7y/4pU03SyhLOQrKN30w1Qj7RH0eDrYI58kOkJOf0ev285BGn06hcALs+AVDBBh6CSbD0jR3Z4ZrlTeCk+91JYGmSdJAIjBd65mUAaiJ6g0oEI22BL9StlOIAg6XD3xAJ//CcrumvA3AwMYoE+e1F0HjlVkpIHmAl1cr+4muPC80/YKnC5s9Bwvq/EeJhfVMsnaBQYiobcKr7QNW2WUn1gfYQM3jo3ShbcraGYjECgYEA6QP0Dz2h6jw1FLaC0Q9/xNnCvJSeLx6gb1s/cqVgNWjTVZoq2mv6ak9wJ0emq7nf5+Gbj22bIGiC/dQNLTjCFEbDW2bzgiMYWLDCu+xHHcRql5JixZrX4fy53qlXpKOncMu1nd0T77aTOb4yKhqF8yp7p0ayR4qyB/tqsQNniSMCgYEA1Cde41Wsp+ECT+g/siAFgDTwRWZj2l5zrhsPJpAhMnUn9kgn14b9Ag8Z7mBZZTP1eTVyi27tSKT1hVKH6X4jlB5WWGSg78x2XUq9YdWZ4fIL6g5vWfHMZVHcZp2AcTsF5GKXLRxFPphmCIr2fBPNbvcGXyhABX71oB/T+93m+40CgYBQaDvU8oioAqSyhBR6PeXyMM7BMmuviNsF8i/fyO99HrImjO+StcYQ316tP01lXtvD8ZczlDf+o/Hn0z/Exhw60Pxi0xDebGvfVwerv2n+/KNnsG0DEV7DrekZy8fhmVOTWchPNFXH13HQcDBxVPu6IIPRAlVM2LB8jqaPdMRKjwKBgBMzGPBD8aMjxtzKbPFG2piWsePl90Vs5NUt17oqswZo+dvc/dYQflcwXK1pBM4W3LFCeAJMYKcBXsLZDDnCU5/0+uV2/eWVwGSC/g6bkRiUmiVtdwBR1KiatvKGcHhO2iKoFXxcoZufmSROxy3FcQMI0gfMkbatnbcHCl0x4NSFAoGBANUjORpeHOjACkC5K223B7EMTKTafWFAeiHlxspIKXhTXCy7kPvP/g3BaVhTqmWvpaxeI13HpQsxGjlwQSd7LO8T42nsX/VIpt3mOokQ/hdU/RvYZDJFclDz6M0VjCsshxg+dh8CEfrMAeZ36SXKIqdjXfLQ8yeeQF+fJNHzeXPB",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:33 RESPONSE
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:33 GMT",
  "content-type": "application/json",
  "content-length": "1062",
  "server": "gunicorn/19.9.0",
  "access-control-allow-origin": "*",
  "access-control-allow-credentials": "true",
  "x-fapi-interaction-id": "061c4f94-1b2a-4554-8278-cbd5d72b3586"
}
response_body
{
  "args": {}, 
  "headers": {
    "Accept": "application/json;charset=UTF-8", 
    "Accept-Charset": "utf-8", 
    "Accept-Encoding": "gzip,deflate", 
    "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUyfQ.A-oxj9BffO6rfDaxX9P7Ln4eNXZ_N9VB-exH1E-w9Pl3AG_QekGnNUQzfTIHApu5QgRrXK_X0X47d8g39TLRX11FqTAqusRhtZ1bEdYMIbC1ZtBJPDQgJMuKxxqHnLZl_Fu5vDPemXcHg5mC6EXGoxJtFnVqbBR5FX6whEpaU7Fb-8pypC_sgbmvnYCAyj7gk8lWP6PARANj8xlo_VAqNtplTK-1srk2d_j42hX18eqzzTGEDEyWcpYnC2cGdxtGIrW48xZx2urwUuICSR9Q0b1NuM5GqWT6au968nhyOloGH8jUVcO7m6tKifstducw9EDDE38Ly3WDQvhXyrf3kg", 
    "Host": "emea-conformance.ping-eng.com", 
    "User-Agent": "Apache-HttpClient/4.5.5 (Java/11.0.9.1)", 
    "X-Amzn-Trace-Id": "Root=1-6009a0e9-3fa16bda61506eeb523389a0"
  }, 
  "origin": "35.185.61.217, 54.74.38.30", 
  "url": "https://emea-conformance.ping-eng.com/get"
}
2021-01-21 15:42:33 SUCCESS
CallProtectedResourceWithBearerTokenAndCustomHeaders
Got a response from the resource endpoint
headers
{
  "date": "Thu, 21 Jan 2021 15:42:33 GMT",
  "content-type": "application/json",
  "content-length": "1062",
  "server": "gunicorn/19.9.0",
  "access-control-allow-origin": "*",
  "access-control-allow-credentials": "true",
  "x-fapi-interaction-id": "061c4f94-1b2a-4554-8278-cbd5d72b3586"
}
status_code
{
  "code": 200
}
body
{
  "args": {}, 
  "headers": {
    "Accept": "application/json;charset=UTF-8", 
    "Accept-Charset": "utf-8", 
    "Accept-Encoding": "gzip,deflate", 
    "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6ImsxIiwicGkuYXRtIjoicTVqdSJ9.eyJzY29wZSI6Im9wZW5pZCB0ZXN0IiwiY2xpZW50X2lkIjoiY29uZm9ybWFuY2UyIiwic3ViIjoicGF0cmljayIsImNuZiI6eyJ4NXQjUzI1NiI6InJQWER3NWxJNnFEUFRhRE9vbC15bTNPWnpRdmZZb3FYUjZuNmtUVUN5VDAifSwiZXhwIjoxNjExMjUwOTUyfQ.A-oxj9BffO6rfDaxX9P7Ln4eNXZ_N9VB-exH1E-w9Pl3AG_QekGnNUQzfTIHApu5QgRrXK_X0X47d8g39TLRX11FqTAqusRhtZ1bEdYMIbC1ZtBJPDQgJMuKxxqHnLZl_Fu5vDPemXcHg5mC6EXGoxJtFnVqbBR5FX6whEpaU7Fb-8pypC_sgbmvnYCAyj7gk8lWP6PARANj8xlo_VAqNtplTK-1srk2d_j42hX18eqzzTGEDEyWcpYnC2cGdxtGIrW48xZx2urwUuICSR9Q0b1NuM5GqWT6au968nhyOloGH8jUVcO7m6tKifstducw9EDDE38Ly3WDQvhXyrf3kg", 
    "Host": "emea-conformance.ping-eng.com", 
    "User-Agent": "Apache-HttpClient/4.5.5 (Java/11.0.9.1)", 
    "X-Amzn-Trace-Id": "Root=1-6009a0e9-3fa16bda61506eeb523389a0"
  }, 
  "origin": "35.185.61.217, 54.74.38.30", 
  "url": "https://emea-conformance.ping-eng.com/get"
}
2021-01-21 15:42:33 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Thu, 21 Jan 2021 15:42:33 GMT
skew
461
2021-01-21 15:42:33 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
061c4f94-1b2a-4554-8278-cbd5d72b3586
2021-01-21 15:42:33 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is JSON
content_type
application/json
Attempting to use refresh_token issued to client 2 with client 1
2021-01-21 15:42:33 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy
2021-01-21 15:42:33 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid test' to token endpoint request
grant_type
refresh_token
refresh_token
y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy
scope
openid test
2021-01-21 15:42:33 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
refresh_token
refresh_token
y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy
scope
openid test
client_id
conformance1
2021-01-21 15:42:33
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://emea-conformance.ping-eng.com:9032/as/token.oauth2
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "122"
}
request_body
grant_type=refresh_token&refresh_token=y9Yx0E39shiihJJWiCTi6ntEFSd7x0d1Rzs3PEq5vy&scope=openid+test&client_id=conformance1
request_mutual_tls
{
  "cert": "MIIDkTCCAnmgAwIBAgIJAOLiBx6+gpncMA0GCSqGSIb3DQEBCwUAMHIxCzAJBgNVBAYTAkdCMRIwEAYDVQQIDAlNaWRkbGVzZXgxDzANBgNVBAcMBkxvbmRvbjEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEMMAoGA1UECwwDUlNBMRgwFgYDVQQDDA9QaW5nIFVLIERlbW8gQ0EwHhcNMjAwOTIzMTQwNjU0WhcNMjIwMjA1MTQwNjU0WjBaMSQwIgYDVQQDDBttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDExDTALBgNVBAsMBERlbW8xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxCzAJBgNVBAYTAkdCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABo0IwQDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAmBgNVHREEHzAdghttdGxzLXBvbGwtZmFwaS1jaWJhLWNsaWVudDEwDQYJKoZIhvcNAQELBQADggEBACZ7/UyxTg6hsUEmIjJKln/USY5sLq6MsrQgaqDwNuJ2BAyyrbIhldbNKBvC+swQjfbnisVYEKmmCAABPhV58U2YaEHOxfjzmfQ55duco0P4HulMhOvA/0jd+e0GFLF7eusEE4dw/RmiYjxNUpDjF9IgybjQkYPXLw+hfyhGsoKW38H1+x6ha7VTyJKp5W9AVj8/00vNswwvv3Xjs7C2mlogCEPFLPjc7jEQ4BRzkqBqQyi6MlNdgva3C6jDkSnXksdI9dZkrb4gNhusexwkbHkyet+unXxur9evqIISJsxELCMTxMocE++7XMJsPUT5FnomlXRK0jRztTmFG9y5Fqs\u003d",
  "key": "MIIEowIBAAKCAQEAqADFJnt3i/xbJupaTpc4P8oYrZINQ07zEhdf8Osr/+XGp/az202QtoMFyRqNcYZS9/U0ce+Vz/pcaleqUlaAVfgW2o3Dp4z1d8WjDDar86agcqwl+aI2rhKh3aQIEiOwHmaPvYlRmWZTotMdyxUvJLlMJq+m4fZ33nphW9gT+AhEM+fyegVPX+jgj8dk6CaqCcRr7050irHOWfotCZxq79PBCFi8NOKjBn/uHPibKVN+PGgptqPmkdGFrkg1+gnWjmtxROJlCjNgrRJxmgD3/DbvqvTen/aL42+JJRGA8dXwCYTgjhvdTrE9OlBiIPB+EAlYxk6g+3kMqg+cJ5WP1QIDAQABAoIBACvHd5idl/t8mWw8qafNNDU7Ps8MPjSKAEF4oeGwBtk6UVg3q4q8XbeR0RIkvzMUI87FsRL3sfxua2Ky0Yl/TRYZ/iqZwqCI1PaPI/vsy0ZE5466WXMB2GnoJRISyp+feSeS5mYnwIHO7oCBr0Pak1xohPWX1E8R4Q6yqWg7mIiLgtSWeaHNa3piQGcHXKwIPz/Xcw7M3embp+L7zrlgjuwR9i7+u2cSZexws4rQ3VyUggBjLVaBhF0w4CGzNBEdw7TXSXnh1JXZHc/k2zgk9IhPmdFFy4k1ZxVEc2GaExTsrjyJJxZmuEUTdszN6Gd42V+G5uweqbQ3Skl3Z7MfowECgYEAz3B/hWI3lKqc4TqYskU/MYcKYrCYP2IN19zOa8THzN91erhgiph/TSv+iryw1J3Fwg+xgc/nix3gtoj3492lrFkd0AvJ9eZPV+8C57rTFWT094sDvLH/XgXWGy7NS3IqefJr2y0gCpaTx92sl4O63sG00c1L0JuGRqKo1L4EE6ECgYEAz1TpZa8JlJOSxMMu0nv561VEM2xXsyDDHqcWcYi3WjWmdoGK+Glsw6DIzRAq30HN+UK7L92jlKTwhP8RsiHhUcXaM6DWQtWeAXjbS+r9IJnGJkfw8MbyhyLj65uVtvARlgfgg6G2rdEXrJTIK08nCg83zLDqQ04nvaczMhqFT7UCgYEArhP1H6T1iY/HiQbYXznXNyPg5kLV8NLDVTPaEfwXw2h+uNaDRauFoOhbemewaSxhaWIsDwi+gTM4gVXd2N4HCuPaLd3GxNFaIivUH0zbmKeZHycMoswoxelV7IfRBhAvbxitxEdRDTGhoGb5UEjeh9K8gBetGMl63EniLm2rFCECgYBeiyznNnta6jSKTysBxpD/lGFGRch0IaN4Td85JIvfsglXjtkNUB3N03rdr9qs9ff0C08Kk7otZU1ciGfMYBC8VkmbM2OhFII5z5/Irb6B6D1oZXPkiAQ+RVXDsa4CvtR2It9phwujlW6DP1FMFosJ1kiuqZoZ2QDcRetdlKRn5QKBgFctsC+KtuaFxEW23HrBCNqChyxijneRhjJVH1RDfrUSNikyFMDU2+FdR9bx4VXGiK077IxTGSEWkAEBhbm2jDl0Ik1rRMVzoKHR2kvUSNtxprp9tFcL7UqyZqGxA6UIIzOV0LbnnpFhYNgmH0AJS17V9sIIGtYXNArjzw4Kin4P",
  "ca": "MIIDYDCCAkgCCQCSYQOG55YnujANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJHQjESMBAGA1UECAwJTWlkZGxlc2V4MQ8wDQYDVQQHDAZMb25kb24xFjAUBgNVBAoMDVBpbmcgSWRlbnRpdHkxDDAKBgNVBAsMA1JTQTEYMBYGA1UEAwwPUGluZyBVSyBEZW1vIENBMB4XDTE5MDEwNzEwNTk1NVoXDTIxMTAyNzEwNTk1NVowcjELMAkGA1UEBhMCR0IxEjAQBgNVBAgMCU1pZGRsZXNleDEPMA0GA1UEBwwGTG9uZG9uMRYwFAYDVQQKDA1QaW5nIElkZW50aXR5MQwwCgYDVQQLDANSU0ExGDAWBgNVBAMMD1BpbmcgVUsgRGVtbyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMHte483946bvKmpt1nuj1+IMWoywAGOj8UQcPDrkKuBOQL5Sv8o4ScYjjN5jgryjwRx3YMiVpCTOLB1GXrj55lZO2RRxMURwCSwaHnaLiM4cVcqSF8dq8LOlsR6bXSjJnvB2HWS1CYQaJdF21m0pxKcH9NUsdq5aYCkP52xyYel+XOxszQX1FkvrpD3VXII5xCiGGS6eEb/Mo2+nwgyN+A/M1yaeN65ah8HZFngR85oElYx7fFOkm9VubhCt2ePEvkanuWpgp5VrI2ruVQr1tvToL2ydzEmBPzGkh/UtACsucXXwSE7fvw50dgbhrXtmJnWA6hP2Wm3Ifok0ViKc0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAN5fn4Ke+4nhe5r+6aewM8lJ+sY25ing1ByAj7m5tJcsh68irJIjpAm3kJz20DVZ+2JguB1HZUHUTYo/WCmwMzatLN2rv9in3uRS4d0FaIfKxFHjRFs1T1APXz7lMP5t3j1/uZwbmmTGqvKTYlocLQJpqnJURiuNrxw7mZcZ3KTVx5WCdk7caYvSgUTbs9ec+JzQG0keHinrHu0mAXDxxCWXsx/rQ4PTBI808iBiHR2MbTOXONN5jid4gk9/T8KKfOFG1AbaEhsGdkChPNQO4M12Q5TWwtWutjx/PdPaGKvSoquZkXk1L4meO3ADLngHX7lb2oRkfF0wIZMNC/Eat5g\u003d\u003d"
}
2021-01-21 15:42:33 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "date": "Thu, 21 Jan 2021 15:42:33 GMT",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "origin",
  "cache-control": "no-cache, no-store",
  "pragma": "no-cache",
  "expires": "Thu, 01 Jan 1970 00:00:00 GMT",
  "content-type": "application/json;charset\u003dutf-8",
  "set-cookie": "PF\u003d9u5JhWzxfAUNYk5E7QTo7U;Path\u003d/;Secure;HttpOnly;SameSite\u003dNone",
  "transfer-encoding": "chunked"
}
response_body
{"error_description":"Client id does not match the id of the client to whom the refresh token was issued. Grant revoked.","error":"invalid_grant"}
2021-01-21 15:42:33 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
Client id does not match the id of the client to whom the refresh token was issued. Grant revoked.
error
invalid_grant
2021-01-21 15:42:33 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2021-01-21 15:42:33 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2021-01-21 15:42:33 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2021-01-21 15:42:33 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
error
invalid_grant
2021-01-21 15:42:33 FINISHED
fapi-ciba-id1-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2021-01-21 15:42:33 INFO
UnregisterDynamicallyRegisteredClient
Skipped evaluation due to missing required string: registration_client_uri
expected
registration_client_uri
Unregister dynamically registered client2
2021-01-21 15:42:33 INFO
UnregisterDynamicallyRegisteredClient
Skipped evaluation due to missing required string: registration_client_uri
expected
registration_client_uri
2021-01-21 15:42:37
TEST-RUNNER
Alias has now been claimed by another test
alias
roboot-fapi-ciba-poll-mtls-v1-final
new_test_id
V25VwjbSyZKwljH
Test Results