Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-04-30 10:01:08 INFO
TEST-RUNNER
Test instance 2gr3VLKYZKaUa7G created
baseUrl
https://www.certification.openid.net/test/a/keycloak
variant
{
  "client_auth_type": "mtls",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "plain_fapi",
  "fapi_response_mode": "plain_response"
}
alias
keycloak
description
FAPI-RW-ID2: Keycloak test with mtls client authentication (RequestObject:ES256/IDToken:ES256)
planId
GkrosYdbQ1Zzh
config
{
  "alias": "keycloak",
  "description": "FAPI-RW-ID2: Keycloak test with mtls client authentication (RequestObject:ES256/IDToken:ES256)",
  "server": {
    "discoveryUrl": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "client11-mtls-ES256-ES256",
    "scope": "openid email",
    "jwks": {
      "keys": [
        {
          "use": "sig",
          "kty": "EC",
          "kid": "client1-ES256",
          "crv": "P-256",
          "alg": "ES256",
          "x": "KhIuh2un6UWcBCIQqr5s3lSN42mrp5kjdf3JrasR1E4",
          "y": "bUIXyjZ6Q7-fLu-mp56OJjEHOAbGd3X30EMhS7SG-Vw",
          "d": "zngKYq2KBIRGiawAAZQJ0K_ZxL3VyZbOHYScKtrOWX0"
        }
      ]
    }
  },
  "client2": {
    "client_id": "client12-mtls-ES256-ES256",
    "scope": "openid email",
    "jwks": {
      "keys": [
        {
          "use": "sig",
          "kty": "EC",
          "kid": "client2-ES256",
          "crv": "P-256",
          "alg": "ES256",
          "x": "X1K2NP56XffP8ZvkSJiD3ZiaD6A1forvWkZ2AzqbyME",
          "y": "S2GQUKAw0gW5kT-lEehLkt02PxA6CukInQhvo1hWcNo",
          "d": "xDb8I6rF-rMPo5MV-rZSZZRwk1-TYJCm6SK4JGeP7Gk"
        }
      ]
    }
  },
  "mtls": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDKDCCAs6gAwIBAgIUXl6GT8Ex1EENFSPveDA8fUoqHAwwCgYIKoZIzj0EAwIw\ndjELMAkGA1UEBhMCSlAxEzARBgNVBAgTClByaXZhdGUgQ0ExFzAVBgNVBAoTDlNl\nY3VyZSBPU1MgU2lnMRYwFAYDVQQLEw1LZXljbG9hay1mYXBpMSEwHwYDVQQDExhL\nZXljbG9hay1mYXBpIFByaXZhdGUgQ0EwHhcNMTkwNTIxMDIwNDAwWhcNMjQwNTE5\nMDIwNDAwWjBhMQswCQYDVQQGEwJKUDEPMA0GA1UECBMGQ2xpZW50MRcwFQYDVQQK\nEw5TZWN1cmUgT1NTIFNpZzEWMBQGA1UECxMNS2V5Y2xvYWstZmFwaTEQMA4GA1UE\nAxMHY2xpZW50MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM74QUE+\nRfLtdHCKj1QXRQkj30AtveZa/7jbBpHYJCoSGA4bzuNE04HTK02hwtBO0J0bvbRy\n14BYHimwhUY6n7gtZKex3JQ39QC2UHbIOtIQXvCgbn6K4iU6WrUbCK4I8p77gIk4\nMXQmsCQokAtxsF1eq/RyLhRJXo/aTwcHDWcb5n8jFGmpOJyhmPEXwtzqMZwO9Y+a\nI3d5P/xHXnb84zrgRJH2YMzTKOfGt72I8Ag34ITTQUxox5RUMMGwqlzN6bEYIF9l\nyCcd3kCSgyp4b4wNBc5h5g3GPDBTCUx3z07oQ50LR7AAICevHvWGlUxXtX+MYc6+\nMvjb3l/e+EEldb0CAwEAAaOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAww\nCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURPpQRYqk1GU0v615\n9IJV4fo7s8YwHwYDVR0jBBgwFoAUJmT6o2FQqWh2KBGYB3nfWHkAtEgwCwYDVR0R\nBAQwAoIAMAoGCCqGSM49BAMCA0gAMEUCIHImOqdaMfLN1M7i4wfXKIGnJHDlEv8B\n3jASpdlMb35IAiEA5oj7fyh0KxGG9Z4kUGusBUYidOemP81CtyOPzg1A64w\u003d\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAzvhBQT5F8u10cIqPVBdFCSPfQC295lr/uNsGkdgkKhIYDhvO\n40TTgdMrTaHC0E7QnRu9tHLXgFgeKbCFRjqfuC1kp7HclDf1ALZQdsg60hBe8KBu\nforiJTpatRsIrgjynvuAiTgxdCawJCiQC3GwXV6r9HIuFElej9pPBwcNZxvmfyMU\naak4nKGY8RfC3OoxnA71j5ojd3k//EdedvzjOuBEkfZgzNMo58a3vYjwCDfghNNB\nTGjHlFQwwbCqXM3psRggX2XIJx3eQJKDKnhvjA0FzmHmDcY8MFMJTHfPTuhDnQtH\nsAAgJ68e9YaVTFe1f4xhzr4y+NveX974QSV1vQIDAQABAoIBAQCbyK7NXgMmi+b2\nAsVJZU54R8D1vLhQWDRdPrceNdNau03R6Mp7tEWDVaAlidlqE7jgWI4c8cgVeb4S\nYSSfrOalqb02oCDIi6nlRFUiYyorDVl4wzkIFJ+Np/O4l8WbwW5ljia8okhPBgPU\n45cwlf1K+kRx9TOL34HGw2pyfrNu5G1NWs3a30qHVc5FnKBgJq4PZgxtTC15DoQ4\nU8IF7M9XYlXOkx3zSOjk2mpQaOPDeRWBwoFsoxqOl+x3/u9rhiGW+9OXEltq+AKA\nlsZ4QVfvmjIZ65c5SJwrV+OhLIKOoA8TzheBGKZ4vkKt17GxWsm7KP1afh1fqc5C\nd1lE0e1BAoGBAPI5SKi+HKuMsWY6YLv0c6j/FHJ/ZnSLLYc6/edfXso0djuz7BOf\nmLjgnntDrWTf6jWJ14DMDZVaohFr69eham8N9H9bQl7tpdtswRL0IVfOZYbEBbQk\n57/l5yADZcxvOMne/yh8K8LARYdFe5WDHCijgLhqmENenRHhHUjAuPVxAoGBANq9\nrnqQ6j4n2GEx+YhIKOflCUWwUe9XQ8pdQwniDQkQ3imOsOLn/nMXUO1oUMbaH0cb\nQ0+e5QGW74alTaFkQxBeSTbvZplMtwgaKDl2GzlYFPUxSLkAf5crChjT0z5t74Rv\nChCvoLLxXXD+PmkC1Hpub78bfEwqit54fVGMJW8NAoGBAMzk8fZzYnMmvwU3io5T\nOOcSZqx34iXheTC0EQT/4oHvILhd+OucjCaPMuAYHnt/AXIqWJYFhdP557AO91/e\nlda9Gj4E5z6/jhXvh97Njcrlt3HpLN32fecQxZKJ7TmiN4pjzLjlWGsUE3xapTCS\nyGYD8KWO3Z/XT8xI/WmGRK6xAoGBAMBmaUr7nl4vk/7iAzehKQHYDpDSpy8bldAw\nuh++SnL3+EGbdfEP2FsJXjCEOdC+2RYlX85v18TPKz5GtgLIesix9jow1xDuTmv8\n/faU8Rs+Y6jLwcigLJodzFLMNxnJfw0A0lyc7n+XF/akWubpC1XpP7dcCLfCD8Xh\nO3F4EREdAoGAQRNaIHonLPVg+cZAVR6DAKj7l20tE1THRfHrkJDoM661hl7EnPL3\n0SoLJyKYh3uil+/XAMtdegE5nrumg25FKdDY+JvSSvqEI0dLqKZzc6PBRau3+KVU\nVAYQtvtH7E2uJ7oFzFepTp2mq1I7+BYEmTIaPDJvf/l5gz+vy+voLrs\u003d\n-----END RSA PRIVATE KEY-----\n"
  },
  "mtls2": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDJjCCAs6gAwIBAgIUKHCTpsodVknyAZC7gFy3hZZqTtEwCgYIKoZIzj0EAwIw\ndjELMAkGA1UEBhMCSlAxEzARBgNVBAgTClByaXZhdGUgQ0ExFzAVBgNVBAoTDlNl\nY3VyZSBPU1MgU2lnMRYwFAYDVQQLEw1LZXljbG9hay1mYXBpMSEwHwYDVQQDExhL\nZXljbG9hay1mYXBpIFByaXZhdGUgQ0EwHhcNMTkwNTIxMDIwNDAwWhcNMjQwNTE5\nMDIwNDAwWjBhMQswCQYDVQQGEwJKUDEPMA0GA1UECBMGQ2xpZW50MRcwFQYDVQQK\nEw5TZWN1cmUgT1NTIFNpZzEWMBQGA1UECxMNS2V5Y2xvYWstZmFwaTEQMA4GA1UE\nAxMHY2xpZW50MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMlwHpEQ\nVCrBo1yRmKACefdDiGLunW+REQHmTWUTEokWdVCsMGjqns1E4h68nmXVApXtyuGL\nF3IVzJrUQ6DQXCKdPpmoFplD6aC0CdFVouY8XULyny8d1aNl+1nrFFaiamW2JxD9\nPbtUKfE/TVMM+bums+gHW63KrJo7OnfEC0wvuEwY4vVDvL5DhxoURTU8YhBUxDvA\nnfQfD4TJEVqEiIt/0vTwrdEoRlHTwaJadcyKdUKvNVG1O1RGlsPm63qS2XkG4Qvw\nasIuhoxuUZbr74S9mlDQV33k/XCWj/nOr+58xCaXNKGOI9TlFA4+YUclJxy/GeBZ\nB0OmSitP5swqpCkCAwEAAaOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAww\nCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUT8nMrrlLi/LQTlb3\nk6QnqLwpGT0wHwYDVR0jBBgwFoAUJmT6o2FQqWh2KBGYB3nfWHkAtEgwCwYDVR0R\nBAQwAoIAMAoGCCqGSM49BAMCA0YAMEMCID4FMD7NJZFeO4X26GifL4ODr/vK+Nje\noAcnXdYo5WX7Ah8OifloGxnCplM7doLaG+LaE8r9VEi6QyD29NAIPUPe\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEAyXAekRBUKsGjXJGYoAJ590OIYu6db5ERAeZNZRMSiRZ1UKww\naOqezUTiHryeZdUCle3K4YsXchXMmtRDoNBcIp0+magWmUPpoLQJ0VWi5jxdQvKf\nLx3Vo2X7WesUVqJqZbYnEP09u1Qp8T9NUwz5u6az6Adbrcqsmjs6d8QLTC+4TBji\n9UO8vkOHGhRFNTxiEFTEO8Cd9B8PhMkRWoSIi3/S9PCt0ShGUdPBolp1zIp1Qq81\nUbU7VEaWw+brepLZeQbhC/Bqwi6GjG5RluvvhL2aUNBXfeT9cJaP+c6v7nzEJpc0\noY4j1OUUDj5hRyUnHL8Z4FkHQ6ZKK0/mzCqkKQIDAQABAoIBAC6BHe1rkaLVVXuX\neV7nc3TsOF5urBYHrZ98pb2B67OOZcMcHYj7MXI+Rt3FuePUi2ZFoaL0U5NZCQVt\nn7dOoxayqrMapSz5CsS5C9MyLAtvQDCmhq1/+8RfVOnrZaSilmGo7df0Pv4ybgRu\nEtHrmvQBhmM436d9tN9ecR8ZOWp66Luy1GVM6rwH6ceOc46ZHUwoumN0kQt/G72G\n0QRbt7iGle/s11TzEKh3YaR9gkS+KPm5K+iPzSP1FxDiwSrKLRQJSjANrzTKEkuQ\nyDm7MSYm23guxosA/4Oyaa+7SDEqk9509yiDp51HK9fFJWnuBoDt7iduz0VJVqHg\nq0lE9wECgYEA08hkjl9PKMTX8vN9cOX+0W4en3K10Jjonw4d2gS2dIyb8o7B4ulb\nfGpleMAmcyGuG+k8fC8nSjqYSx4YHPunbmK1O4PCGTi8r6BtD9zW8opJVi+ImMsa\nn8l8bUASOuOFrHhvnB/JZS3yoOZVE8ey6/5QtSjwbn6I7dAvXXgT5pkCgYEA837O\nFMLfbWoYvdEa9LXmXGWagQe7Ta09BGbJ1Qs1hpuZJl8qK0kVWTDURtr5yu24r7YQ\n3S3cqKcg3FB3XO+vjreYKl2Cww/v8Wy/glGgqkAhd0dP9K1Q8F8XeQPlrPkNANrG\njIlNFYmg163EDwLJ+IoRr+t43KbIoGvsb9kTdBECgYEAh1keys6mrIuA58gtdyXG\nQNp7v7Nz9yiCIoTHFzrD0KC8WbxatUYmLdFhoFZNPG9d8oCRI1yPY6UnB3roNj2u\nt6Fl6e8+8ReNn0CL8wNUbBVs4SPnzJ6hGVWPq9Ky0+fs2ljuG31FHODMm4AZB1ct\nRh12PxE296buo+3VF4tSTKECgYEA4dUW73x52rHPNqWs+Y+HkuSNMuTn3DgzYlSv\nFw+pWioQFd2nb7P9v9Yg24KWsJZgd19GLs0tXaJ8QLnEqwaGbbhrwccu0xmB8glp\naUWp3J1ULJuQVZ81dWrMi2mI6C+o1sUR5yAkxTf7XG4Ga+GrTv9HPkEHvKZXZyoR\nhP7xIvECgYB6S0i6ruOAFq2iMyGoX83RlWjo+WrGqSVWfzRZ43rFQ3MBEIlkQD3K\n6+Y+v0MMlgrN3VQTi31IW42ftgOIiy7ZndMvBaQd2Zp4POtNISsRysQJcewPwbL0\nVXsalNqW+Rl8PDzrd6s13wYogMuWrwmbPphC04LdBhZb6nX6KVkn0A\u003d\u003d\n-----END RSA PRIVATE KEY-----\n"
  },
  "resource": {
    "resourceUrl": "https://gw-dev-direct.apps.brazilob.a7z0.p1.openshiftapps.com/brazil-aisp/fapi",
    "institution_id": "xxx"
  },
  "browser": [
    {
      "match": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/openid-connect/auth*",
      "tasks": [
        {
          "task": "Initial Login",
          "match": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/openid-connect/auth*",
          "commands": [
            [
              "text",
              "name",
              "username",
              "john"
            ],
            [
              "text",
              "name",
              "password",
              "john"
            ],
            [
              "click",
              "name",
              "login"
            ]
          ]
        },
        {
          "task": "Verify Complete",
          "match": "https://*/test/a/keycloak/callback*",
          "commands": [
            [
              "wait",
              "id",
              "submission_complete",
              10
            ]
          ]
        }
      ]
    }
  ]
}
testName
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
2021-04-30 10:01:08 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/keycloak/callback
2021-04-30 10:01:08
GetDynamicServerConfiguration
HTTP request
request_uri
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-04-30 10:01:09 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-cache, must-revalidate, no-transform, no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "no-referrer",
  "date": "Fri, 30 Apr 2021 10:01:09 GMT",
  "connection": "keep-alive",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "x-content-type-options": "nosniff",
  "content-type": "application/json",
  "content-length": "3621"
}
response_body
{"issuer":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test","authorization_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/auth","token_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token","introspection_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token/introspect","userinfo_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/userinfo","end_session_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/logout","jwks_uri":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/certs","check_session_iframe":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/login-status-iframe.html","grant_types_supported":["authorization_code","implicit","refresh_token","password","client_credentials"],"response_types_supported":["code","none","id_token","token","id_token token","code id_token","code token","code id_token token"],"subject_types_supported":["public","pairwise"],"id_token_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512"],"id_token_encryption_alg_values_supported":["RSA-OAEP","RSA-OAEP-256","RSA1_5"],"id_token_encryption_enc_values_supported":["A256GCM","A192GCM","A128GCM","A128CBC-HS256","A192CBC-HS384","A256CBC-HS512"],"userinfo_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512","none"],"request_object_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512","none"],"response_modes_supported":["query","fragment","form_post"],"registration_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/clients-registrations/openid-connect","token_endpoint_auth_methods_supported":["private_key_jwt","client_secret_basic","client_secret_post","tls_client_auth","client_secret_jwt"],"token_endpoint_auth_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512"],"claims_supported":["aud","sub","iss","auth_time","name","given_name","family_name","preferred_username","email","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"scopes_supported":["openid","roles","web-origins","microprofile-jwt","offline_access","profile","email","address","phone"],"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"code_challenge_methods_supported":["plain","S256"],"tls_client_certificate_bound_access_tokens":true,"revocation_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/revoke","revocation_endpoint_auth_methods_supported":["private_key_jwt","client_secret_basic","client_secret_post","tls_client_auth","client_secret_jwt"],"revocation_endpoint_auth_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512"],"backchannel_logout_supported":true,"backchannel_logout_session_supported":true}
2021-04-30 10:01:09
GetDynamicServerConfiguration
Downloaded server configuration
server_config_string
{"issuer":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test","authorization_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/auth","token_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token","introspection_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token/introspect","userinfo_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/userinfo","end_session_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/logout","jwks_uri":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/certs","check_session_iframe":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/login-status-iframe.html","grant_types_supported":["authorization_code","implicit","refresh_token","password","client_credentials"],"response_types_supported":["code","none","id_token","token","id_token token","code id_token","code token","code id_token token"],"subject_types_supported":["public","pairwise"],"id_token_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512"],"id_token_encryption_alg_values_supported":["RSA-OAEP","RSA-OAEP-256","RSA1_5"],"id_token_encryption_enc_values_supported":["A256GCM","A192GCM","A128GCM","A128CBC-HS256","A192CBC-HS384","A256CBC-HS512"],"userinfo_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512","none"],"request_object_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512","none"],"response_modes_supported":["query","fragment","form_post"],"registration_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/clients-registrations/openid-connect","token_endpoint_auth_methods_supported":["private_key_jwt","client_secret_basic","client_secret_post","tls_client_auth","client_secret_jwt"],"token_endpoint_auth_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512"],"claims_supported":["aud","sub","iss","auth_time","name","given_name","family_name","preferred_username","email","acr"],"claim_types_supported":["normal"],"claims_parameter_supported":true,"scopes_supported":["openid","roles","web-origins","microprofile-jwt","offline_access","profile","email","address","phone"],"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"code_challenge_methods_supported":["plain","S256"],"tls_client_certificate_bound_access_tokens":true,"revocation_endpoint":"https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/revoke","revocation_endpoint_auth_methods_supported":["private_key_jwt","client_secret_basic","client_secret_post","tls_client_auth","client_secret_jwt"],"revocation_endpoint_auth_signing_alg_values_supported":["PS384","ES384","RS384","HS256","HS512","ES256","RS256","HS384","ES512","PS256","PS512","RS512"],"backchannel_logout_supported":true,"backchannel_logout_session_supported":true}
2021-04-30 10:01:09 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test
authorization_endpoint
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/auth
token_endpoint
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token
introspection_endpoint
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token/introspect
userinfo_endpoint
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/userinfo
end_session_endpoint
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/logout
jwks_uri
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/certs
check_session_iframe
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/login-status-iframe.html
grant_types_supported
[
  "authorization_code",
  "implicit",
  "refresh_token",
  "password",
  "client_credentials"
]
response_types_supported
[
  "code",
  "none",
  "id_token",
  "token",
  "id_token token",
  "code id_token",
  "code token",
  "code id_token token"
]
subject_types_supported
[
  "public",
  "pairwise"
]
id_token_signing_alg_values_supported
[
  "PS384",
  "ES384",
  "RS384",
  "HS256",
  "HS512",
  "ES256",
  "RS256",
  "HS384",
  "ES512",
  "PS256",
  "PS512",
  "RS512"
]
id_token_encryption_alg_values_supported
[
  "RSA-OAEP",
  "RSA-OAEP-256",
  "RSA1_5"
]
id_token_encryption_enc_values_supported
[
  "A256GCM",
  "A192GCM",
  "A128GCM",
  "A128CBC-HS256",
  "A192CBC-HS384",
  "A256CBC-HS512"
]
userinfo_signing_alg_values_supported
[
  "PS384",
  "ES384",
  "RS384",
  "HS256",
  "HS512",
  "ES256",
  "RS256",
  "HS384",
  "ES512",
  "PS256",
  "PS512",
  "RS512",
  "none"
]
request_object_signing_alg_values_supported
[
  "PS384",
  "ES384",
  "RS384",
  "HS256",
  "HS512",
  "ES256",
  "RS256",
  "HS384",
  "ES512",
  "PS256",
  "PS512",
  "RS512",
  "none"
]
response_modes_supported
[
  "query",
  "fragment",
  "form_post"
]
registration_endpoint
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/clients-registrations/openid-connect
token_endpoint_auth_methods_supported
[
  "private_key_jwt",
  "client_secret_basic",
  "client_secret_post",
  "tls_client_auth",
  "client_secret_jwt"
]
token_endpoint_auth_signing_alg_values_supported
[
  "PS384",
  "ES384",
  "RS384",
  "HS256",
  "HS512",
  "ES256",
  "RS256",
  "HS384",
  "ES512",
  "PS256",
  "PS512",
  "RS512"
]
claims_supported
[
  "aud",
  "sub",
  "iss",
  "auth_time",
  "name",
  "given_name",
  "family_name",
  "preferred_username",
  "email",
  "acr"
]
claim_types_supported
[
  "normal"
]
claims_parameter_supported
true
scopes_supported
[
  "openid",
  "roles",
  "web-origins",
  "microprofile-jwt",
  "offline_access",
  "profile",
  "email",
  "address",
  "phone"
]
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
code_challenge_methods_supported
[
  "plain",
  "S256"
]
tls_client_certificate_bound_access_tokens
true
revocation_endpoint
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/revoke
revocation_endpoint_auth_methods_supported
[
  "private_key_jwt",
  "client_secret_basic",
  "client_secret_post",
  "tls_client_auth",
  "client_secret_jwt"
]
revocation_endpoint_auth_signing_alg_values_supported
[
  "PS384",
  "ES384",
  "RS384",
  "HS256",
  "HS512",
  "ES256",
  "RS256",
  "HS384",
  "ES512",
  "PS256",
  "PS512",
  "RS512"
]
backchannel_logout_supported
true
backchannel_logout_session_supported
true
2021-04-30 10:01:09 INFO
AddMTLSEndpointAliasesToEnvironment
The mtls_endpoint_aliases is not present in the server configuration
server
{
  "issuer": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test",
  "authorization_endpoint": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/auth",
  "token_endpoint": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token",
  "introspection_endpoint": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token/introspect",
  "userinfo_endpoint": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/userinfo",
  "end_session_endpoint": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/logout",
  "jwks_uri": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/certs",
  "check_session_iframe": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/login-status-iframe.html",
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "refresh_token",
    "password",
    "client_credentials"
  ],
  "response_types_supported": [
    "code",
    "none",
    "id_token",
    "token",
    "id_token token",
    "code id_token",
    "code token",
    "code id_token token"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "id_token_signing_alg_values_supported": [
    "PS384",
    "ES384",
    "RS384",
    "HS256",
    "HS512",
    "ES256",
    "RS256",
    "HS384",
    "ES512",
    "PS256",
    "PS512",
    "RS512"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA1_5"
  ],
  "id_token_encryption_enc_values_supported": [
    "A256GCM",
    "A192GCM",
    "A128GCM",
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512"
  ],
  "userinfo_signing_alg_values_supported": [
    "PS384",
    "ES384",
    "RS384",
    "HS256",
    "HS512",
    "ES256",
    "RS256",
    "HS384",
    "ES512",
    "PS256",
    "PS512",
    "RS512",
    "none"
  ],
  "request_object_signing_alg_values_supported": [
    "PS384",
    "ES384",
    "RS384",
    "HS256",
    "HS512",
    "ES256",
    "RS256",
    "HS384",
    "ES512",
    "PS256",
    "PS512",
    "RS512",
    "none"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "registration_endpoint": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/clients-registrations/openid-connect",
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt",
    "client_secret_basic",
    "client_secret_post",
    "tls_client_auth",
    "client_secret_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS384",
    "ES384",
    "RS384",
    "HS256",
    "HS512",
    "ES256",
    "RS256",
    "HS384",
    "ES512",
    "PS256",
    "PS512",
    "RS512"
  ],
  "claims_supported": [
    "aud",
    "sub",
    "iss",
    "auth_time",
    "name",
    "given_name",
    "family_name",
    "preferred_username",
    "email",
    "acr"
  ],
  "claim_types_supported": [
    "normal"
  ],
  "claims_parameter_supported": true,
  "scopes_supported": [
    "openid",
    "roles",
    "web-origins",
    "microprofile-jwt",
    "offline_access",
    "profile",
    "email",
    "address",
    "phone"
  ],
  "request_parameter_supported": true,
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": true,
  "code_challenge_methods_supported": [
    "plain",
    "S256"
  ],
  "tls_client_certificate_bound_access_tokens": true,
  "revocation_endpoint": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/revoke",
  "revocation_endpoint_auth_methods_supported": [
    "private_key_jwt",
    "client_secret_basic",
    "client_secret_post",
    "tls_client_auth",
    "client_secret_jwt"
  ],
  "revocation_endpoint_auth_signing_alg_values_supported": [
    "PS384",
    "ES384",
    "RS384",
    "HS256",
    "HS512",
    "ES256",
    "RS256",
    "HS384",
    "ES512",
    "PS256",
    "PS512",
    "RS512"
  ],
  "backchannel_logout_supported": true,
  "backchannel_logout_session_supported": true
}
2021-04-30 10:01:09 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-04-30 10:01:09 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com",
  "testPort": 443
}
2021-04-30 10:01:09
FetchServerKeys
Fetching server key
jwks_uri
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/certs
2021-04-30 10:01:09
FetchServerKeys
HTTP request
request_uri
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/certs
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-04-30 10:01:09 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-cache",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "no-referrer",
  "date": "Fri, 30 Apr 2021 10:01:09 GMT",
  "connection": "keep-alive",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "x-content-type-options": "nosniff",
  "content-type": "application/json",
  "content-length": "3111"
}
response_body
{"keys":[{"kid":"xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64","kty":"EC","alg":"ES256","use":"sig","crv":"P-256","x":"Lybsovf5hDRWucOoKfakkFo6XRjWgeASlbJg0TAU6ts","y":"nAKR-V-A_XZO-xOuUCdxPusUXQPdy0J079VYrYO9oeQ"},{"kid":"SC-uY3bJnyeTpaaqQB0dYTYPZMo7WitRp5dEqoDl8FQ","kty":"RSA","alg":"RS256","use":"sig","n":"j8TbzjhUPnSbTlXdn-x6d33icEek6DBlUHPKBVK_oTQ2QuAoJE2KdSFqONyI6CZvyo6w4KE-AQlPkMT5HyR5ICDoTai0yMP-HXA9reA5giDAObbjLiAEL4C25SSi5YeM7RmS6ZlTRZJ3vUSuQX9rc-iBnbpgyBFQjHI-XrkaJrTEr-mFrX3IYG3J3SJpy-aknWvDFH5rhtNknADhjcuIlPQYMO3yRcLWprqO8fRvNis0AACEKwo-GzF1g3ByxBYocWVl22ggqvQ453_OU4giSn9HQZK5_xKEYsGA6jdBIpxowCEUwBaFKrGkZqtm7XQuoYjCJrhJfuRh7udjX9smvQ","e":"AQAB","x5c":["MIIClzCCAX8CBgF42lxs+zANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI/E2844VD50m05V3Z/send94nBHpOgwZVBzygVSv6E0NkLgKCRNinUhajjciOgmb8qOsOChPgEJT5DE+R8keSAg6E2otMjD/h1wPa3gOYIgwDm24y4gBC+AtuUkouWHjO0ZkumZU0WSd71ErkF/a3PogZ26YMgRUIxyPl65Gia0xK/pha19yGBtyd0iacvmpJ1rwxR+a4bTZJwA4Y3LiJT0GDDt8kXC1qa6jvH0bzYrNAAAhCsKPhsxdYNwcsQWKHFlZdtoIKr0OOd/zlOIIkp/R0GSuf8ShGLBgOo3QSKcaMAhFMAWhSqxpGarZu10LqGIwia4SX7kYe7nY1/bJr0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAgL2u6o8mbTNb9VXZdN1GTyBQlIUAzhRK/a04i3Rz2uqElLurPo4QBhSoTXnqbAUnYqVOzs9hbA6w65EjMOjYmcXcVYOarNBEWEWIkKR9O+Hk7wqbD7ScYVjBhQnJ5N7W1JA3kC7ZKZhpe3sSIJLxc6DXuB9Eo/mCseXLX7Mydn3cHq7I4YFwQyRf8XqIuXBGvXL5tbfBZ9ie6XUvdGBgXLWaJNU54PSloEMTF8vIZ/zjMcl2EjTfhe+xT/53hO5pzCPG9KkPF8zUaAD+M+jP9R44tWyhkYN1+eZf+cfIhyetcneSc7xDSaF30Aw1Rxx+6q1ZDhAsI9QPTMcDs8j9FA=="],"x5t":"rjEjauFRe5Wx-LszIQX7LLFmnz8","x5t#S256":"0VzDVRJbyhFafD-YPd0fa7bB4Gvu4he78VPP17cAItQ"},{"kid":"QU9sUz8SX134GzIyTBVy6HtMB-tJ_RmNgKhPQiYRId8","kty":"RSA","alg":"PS256","use":"sig","n":"hrDCotmXed_3MpmUEMPC-ZaQeflhNNkA2a9genCuFFZreFiiDhVt7hO4_8Ko98Lik7UF1dWzG4hAtekQHvB-oEfcXO387KGCs5zisJ0pVRmZyUeUsGclc8tFEDmyLn1ajRj5d4XIsA5vVmmWa3YiJHN6mLYXtgg8FFoBXMvf0Ew94c4uC0Z0__ix-rN0vnQoBEdTxS17VT0v_g52CLMWXsD5X5DQ2EkRsGYOH_aJwnVGo9-hSZWWGMqIra7BZVsJkTL0H-4fr6HzlU8qqwnGvgbWkG_vHIr1E4dK_lxnE58KNCI24VImtmVxRfPYMbMFByoukwQqjSW0ZIN5B0nFMQ","e":"AQAB","x5c":["MIIClzCCAX8CBgF42lxtjDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIawwqLZl3nf9zKZlBDDwvmWkHn5YTTZANmvYHpwrhRWa3hYog4Vbe4TuP/CqPfC4pO1BdXVsxuIQLXpEB7wfqBH3Fzt/OyhgrOc4rCdKVUZmclHlLBnJXPLRRA5si59Wo0Y+XeFyLAOb1Zplmt2IiRzepi2F7YIPBRaAVzL39BMPeHOLgtGdP/4sfqzdL50KARHU8Ute1U9L/4OdgizFl7A+V+Q0NhJEbBmDh/2icJ1RqPfoUmVlhjKiK2uwWVbCZEy9B/uH6+h85VPKqsJxr4G1pBv7xyK9ROHSv5cZxOfCjQiNuFSJrZlcUXz2DGzBQcqLpMEKo0ltGSDeQdJxTECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAJnw/2VFZx3fukDnEpMoEowW26a83ish/A66ZKRlyYAQlqIFqhWdU/KWjJri85l23/E9BfW3CW1/+dvanSFaqQ6KiYagQY8sCi6nXr9bxczxm06Ny/yh9eIy3wVk/BEVmP+i5/U2bkrbfI+f8ITaG2nV7dZgWzrDYx5Mvv8ZZ1aJRIldBMjs6PBAzvw3ZQQuj/6G1CTQkx5lMDLDb/0P9aZ0zlljGG+BZdgcjvln1u/n3Q8j3FVOOA+F5hIaLuEf4b+4wvVKbzUo/A3W8NVQ3gHhsMKYbX6OsKVCY9d061XTC9jyicWjeBpFHFpODZh1HV4LaKjLLDBsPwKdTTmaULw=="],"x5t":"Kqsoj7yFdoNQBuqNCQYxG641omk","x5t#S256":"5MOyu0gs-SFWSdSuvO1qiGrsgvDRq3ZpkSu_KKS56h4"}]}
2021-04-30 10:01:09
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kid":"xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64","kty":"EC","alg":"ES256","use":"sig","crv":"P-256","x":"Lybsovf5hDRWucOoKfakkFo6XRjWgeASlbJg0TAU6ts","y":"nAKR-V-A_XZO-xOuUCdxPusUXQPdy0J079VYrYO9oeQ"},{"kid":"SC-uY3bJnyeTpaaqQB0dYTYPZMo7WitRp5dEqoDl8FQ","kty":"RSA","alg":"RS256","use":"sig","n":"j8TbzjhUPnSbTlXdn-x6d33icEek6DBlUHPKBVK_oTQ2QuAoJE2KdSFqONyI6CZvyo6w4KE-AQlPkMT5HyR5ICDoTai0yMP-HXA9reA5giDAObbjLiAEL4C25SSi5YeM7RmS6ZlTRZJ3vUSuQX9rc-iBnbpgyBFQjHI-XrkaJrTEr-mFrX3IYG3J3SJpy-aknWvDFH5rhtNknADhjcuIlPQYMO3yRcLWprqO8fRvNis0AACEKwo-GzF1g3ByxBYocWVl22ggqvQ453_OU4giSn9HQZK5_xKEYsGA6jdBIpxowCEUwBaFKrGkZqtm7XQuoYjCJrhJfuRh7udjX9smvQ","e":"AQAB","x5c":["MIIClzCCAX8CBgF42lxs+zANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI/E2844VD50m05V3Z/send94nBHpOgwZVBzygVSv6E0NkLgKCRNinUhajjciOgmb8qOsOChPgEJT5DE+R8keSAg6E2otMjD/h1wPa3gOYIgwDm24y4gBC+AtuUkouWHjO0ZkumZU0WSd71ErkF/a3PogZ26YMgRUIxyPl65Gia0xK/pha19yGBtyd0iacvmpJ1rwxR+a4bTZJwA4Y3LiJT0GDDt8kXC1qa6jvH0bzYrNAAAhCsKPhsxdYNwcsQWKHFlZdtoIKr0OOd/zlOIIkp/R0GSuf8ShGLBgOo3QSKcaMAhFMAWhSqxpGarZu10LqGIwia4SX7kYe7nY1/bJr0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAgL2u6o8mbTNb9VXZdN1GTyBQlIUAzhRK/a04i3Rz2uqElLurPo4QBhSoTXnqbAUnYqVOzs9hbA6w65EjMOjYmcXcVYOarNBEWEWIkKR9O+Hk7wqbD7ScYVjBhQnJ5N7W1JA3kC7ZKZhpe3sSIJLxc6DXuB9Eo/mCseXLX7Mydn3cHq7I4YFwQyRf8XqIuXBGvXL5tbfBZ9ie6XUvdGBgXLWaJNU54PSloEMTF8vIZ/zjMcl2EjTfhe+xT/53hO5pzCPG9KkPF8zUaAD+M+jP9R44tWyhkYN1+eZf+cfIhyetcneSc7xDSaF30Aw1Rxx+6q1ZDhAsI9QPTMcDs8j9FA=="],"x5t":"rjEjauFRe5Wx-LszIQX7LLFmnz8","x5t#S256":"0VzDVRJbyhFafD-YPd0fa7bB4Gvu4he78VPP17cAItQ"},{"kid":"QU9sUz8SX134GzIyTBVy6HtMB-tJ_RmNgKhPQiYRId8","kty":"RSA","alg":"PS256","use":"sig","n":"hrDCotmXed_3MpmUEMPC-ZaQeflhNNkA2a9genCuFFZreFiiDhVt7hO4_8Ko98Lik7UF1dWzG4hAtekQHvB-oEfcXO387KGCs5zisJ0pVRmZyUeUsGclc8tFEDmyLn1ajRj5d4XIsA5vVmmWa3YiJHN6mLYXtgg8FFoBXMvf0Ew94c4uC0Z0__ix-rN0vnQoBEdTxS17VT0v_g52CLMWXsD5X5DQ2EkRsGYOH_aJwnVGo9-hSZWWGMqIra7BZVsJkTL0H-4fr6HzlU8qqwnGvgbWkG_vHIr1E4dK_lxnE58KNCI24VImtmVxRfPYMbMFByoukwQqjSW0ZIN5B0nFMQ","e":"AQAB","x5c":["MIIClzCCAX8CBgF42lxtjDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIawwqLZl3nf9zKZlBDDwvmWkHn5YTTZANmvYHpwrhRWa3hYog4Vbe4TuP/CqPfC4pO1BdXVsxuIQLXpEB7wfqBH3Fzt/OyhgrOc4rCdKVUZmclHlLBnJXPLRRA5si59Wo0Y+XeFyLAOb1Zplmt2IiRzepi2F7YIPBRaAVzL39BMPeHOLgtGdP/4sfqzdL50KARHU8Ute1U9L/4OdgizFl7A+V+Q0NhJEbBmDh/2icJ1RqPfoUmVlhjKiK2uwWVbCZEy9B/uH6+h85VPKqsJxr4G1pBv7xyK9ROHSv5cZxOfCjQiNuFSJrZlcUXz2DGzBQcqLpMEKo0ltGSDeQdJxTECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAJnw/2VFZx3fukDnEpMoEowW26a83ish/A66ZKRlyYAQlqIFqhWdU/KWjJri85l23/E9BfW3CW1/+dvanSFaqQ6KiYagQY8sCi6nXr9bxczxm06Ny/yh9eIy3wVk/BEVmP+i5/U2bkrbfI+f8ITaG2nV7dZgWzrDYx5Mvv8ZZ1aJRIldBMjs6PBAzvw3ZQQuj/6G1CTQkx5lMDLDb/0P9aZ0zlljGG+BZdgcjvln1u/n3Q8j3FVOOA+F5hIaLuEf4b+4wvVKbzUo/A3W8NVQ3gHhsMKYbX6OsKVCY9d061XTC9jyicWjeBpFHFpODZh1HV4LaKjLLDBsPwKdTTmaULw=="],"x5t":"Kqsoj7yFdoNQBuqNCQYxG641omk","x5t#S256":"5MOyu0gs-SFWSdSuvO1qiGrsgvDRq3ZpkSu_KKS56h4"}]}
2021-04-30 10:01:09 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kid": "xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64",
      "kty": "EC",
      "alg": "ES256",
      "use": "sig",
      "crv": "P-256",
      "x": "Lybsovf5hDRWucOoKfakkFo6XRjWgeASlbJg0TAU6ts",
      "y": "nAKR-V-A_XZO-xOuUCdxPusUXQPdy0J079VYrYO9oeQ"
    },
    {
      "kid": "SC-uY3bJnyeTpaaqQB0dYTYPZMo7WitRp5dEqoDl8FQ",
      "kty": "RSA",
      "alg": "RS256",
      "use": "sig",
      "n": "j8TbzjhUPnSbTlXdn-x6d33icEek6DBlUHPKBVK_oTQ2QuAoJE2KdSFqONyI6CZvyo6w4KE-AQlPkMT5HyR5ICDoTai0yMP-HXA9reA5giDAObbjLiAEL4C25SSi5YeM7RmS6ZlTRZJ3vUSuQX9rc-iBnbpgyBFQjHI-XrkaJrTEr-mFrX3IYG3J3SJpy-aknWvDFH5rhtNknADhjcuIlPQYMO3yRcLWprqO8fRvNis0AACEKwo-GzF1g3ByxBYocWVl22ggqvQ453_OU4giSn9HQZK5_xKEYsGA6jdBIpxowCEUwBaFKrGkZqtm7XQuoYjCJrhJfuRh7udjX9smvQ",
      "e": "AQAB",
      "x5c": [
        "MIIClzCCAX8CBgF42lxs+zANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI/E2844VD50m05V3Z/send94nBHpOgwZVBzygVSv6E0NkLgKCRNinUhajjciOgmb8qOsOChPgEJT5DE+R8keSAg6E2otMjD/h1wPa3gOYIgwDm24y4gBC+AtuUkouWHjO0ZkumZU0WSd71ErkF/a3PogZ26YMgRUIxyPl65Gia0xK/pha19yGBtyd0iacvmpJ1rwxR+a4bTZJwA4Y3LiJT0GDDt8kXC1qa6jvH0bzYrNAAAhCsKPhsxdYNwcsQWKHFlZdtoIKr0OOd/zlOIIkp/R0GSuf8ShGLBgOo3QSKcaMAhFMAWhSqxpGarZu10LqGIwia4SX7kYe7nY1/bJr0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAgL2u6o8mbTNb9VXZdN1GTyBQlIUAzhRK/a04i3Rz2uqElLurPo4QBhSoTXnqbAUnYqVOzs9hbA6w65EjMOjYmcXcVYOarNBEWEWIkKR9O+Hk7wqbD7ScYVjBhQnJ5N7W1JA3kC7ZKZhpe3sSIJLxc6DXuB9Eo/mCseXLX7Mydn3cHq7I4YFwQyRf8XqIuXBGvXL5tbfBZ9ie6XUvdGBgXLWaJNU54PSloEMTF8vIZ/zjMcl2EjTfhe+xT/53hO5pzCPG9KkPF8zUaAD+M+jP9R44tWyhkYN1+eZf+cfIhyetcneSc7xDSaF30Aw1Rxx+6q1ZDhAsI9QPTMcDs8j9FA\u003d\u003d"
      ],
      "x5t": "rjEjauFRe5Wx-LszIQX7LLFmnz8",
      "x5t#S256": "0VzDVRJbyhFafD-YPd0fa7bB4Gvu4he78VPP17cAItQ"
    },
    {
      "kid": "QU9sUz8SX134GzIyTBVy6HtMB-tJ_RmNgKhPQiYRId8",
      "kty": "RSA",
      "alg": "PS256",
      "use": "sig",
      "n": "hrDCotmXed_3MpmUEMPC-ZaQeflhNNkA2a9genCuFFZreFiiDhVt7hO4_8Ko98Lik7UF1dWzG4hAtekQHvB-oEfcXO387KGCs5zisJ0pVRmZyUeUsGclc8tFEDmyLn1ajRj5d4XIsA5vVmmWa3YiJHN6mLYXtgg8FFoBXMvf0Ew94c4uC0Z0__ix-rN0vnQoBEdTxS17VT0v_g52CLMWXsD5X5DQ2EkRsGYOH_aJwnVGo9-hSZWWGMqIra7BZVsJkTL0H-4fr6HzlU8qqwnGvgbWkG_vHIr1E4dK_lxnE58KNCI24VImtmVxRfPYMbMFByoukwQqjSW0ZIN5B0nFMQ",
      "e": "AQAB",
      "x5c": [
        "MIIClzCCAX8CBgF42lxtjDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIawwqLZl3nf9zKZlBDDwvmWkHn5YTTZANmvYHpwrhRWa3hYog4Vbe4TuP/CqPfC4pO1BdXVsxuIQLXpEB7wfqBH3Fzt/OyhgrOc4rCdKVUZmclHlLBnJXPLRRA5si59Wo0Y+XeFyLAOb1Zplmt2IiRzepi2F7YIPBRaAVzL39BMPeHOLgtGdP/4sfqzdL50KARHU8Ute1U9L/4OdgizFl7A+V+Q0NhJEbBmDh/2icJ1RqPfoUmVlhjKiK2uwWVbCZEy9B/uH6+h85VPKqsJxr4G1pBv7xyK9ROHSv5cZxOfCjQiNuFSJrZlcUXz2DGzBQcqLpMEKo0ltGSDeQdJxTECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAJnw/2VFZx3fukDnEpMoEowW26a83ish/A66ZKRlyYAQlqIFqhWdU/KWjJri85l23/E9BfW3CW1/+dvanSFaqQ6KiYagQY8sCi6nXr9bxczxm06Ny/yh9eIy3wVk/BEVmP+i5/U2bkrbfI+f8ITaG2nV7dZgWzrDYx5Mvv8ZZ1aJRIldBMjs6PBAzvw3ZQQuj/6G1CTQkx5lMDLDb/0P9aZ0zlljGG+BZdgcjvln1u/n3Q8j3FVOOA+F5hIaLuEf4b+4wvVKbzUo/A3W8NVQ3gHhsMKYbX6OsKVCY9d061XTC9jyicWjeBpFHFpODZh1HV4LaKjLLDBsPwKdTTmaULw\u003d\u003d"
      ],
      "x5t": "Kqsoj7yFdoNQBuqNCQYxG641omk",
      "x5t#S256": "5MOyu0gs-SFWSdSuvO1qiGrsgvDRq3ZpkSu_KKS56h4"
    }
  ]
}
2021-04-30 10:01:09 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kid": "xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64",
      "kty": "EC",
      "alg": "ES256",
      "use": "sig",
      "crv": "P-256",
      "x": "Lybsovf5hDRWucOoKfakkFo6XRjWgeASlbJg0TAU6ts",
      "y": "nAKR-V-A_XZO-xOuUCdxPusUXQPdy0J079VYrYO9oeQ"
    },
    {
      "kid": "SC-uY3bJnyeTpaaqQB0dYTYPZMo7WitRp5dEqoDl8FQ",
      "kty": "RSA",
      "alg": "RS256",
      "use": "sig",
      "n": "j8TbzjhUPnSbTlXdn-x6d33icEek6DBlUHPKBVK_oTQ2QuAoJE2KdSFqONyI6CZvyo6w4KE-AQlPkMT5HyR5ICDoTai0yMP-HXA9reA5giDAObbjLiAEL4C25SSi5YeM7RmS6ZlTRZJ3vUSuQX9rc-iBnbpgyBFQjHI-XrkaJrTEr-mFrX3IYG3J3SJpy-aknWvDFH5rhtNknADhjcuIlPQYMO3yRcLWprqO8fRvNis0AACEKwo-GzF1g3ByxBYocWVl22ggqvQ453_OU4giSn9HQZK5_xKEYsGA6jdBIpxowCEUwBaFKrGkZqtm7XQuoYjCJrhJfuRh7udjX9smvQ",
      "e": "AQAB",
      "x5c": [
        "MIIClzCCAX8CBgF42lxs+zANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI/E2844VD50m05V3Z/send94nBHpOgwZVBzygVSv6E0NkLgKCRNinUhajjciOgmb8qOsOChPgEJT5DE+R8keSAg6E2otMjD/h1wPa3gOYIgwDm24y4gBC+AtuUkouWHjO0ZkumZU0WSd71ErkF/a3PogZ26YMgRUIxyPl65Gia0xK/pha19yGBtyd0iacvmpJ1rwxR+a4bTZJwA4Y3LiJT0GDDt8kXC1qa6jvH0bzYrNAAAhCsKPhsxdYNwcsQWKHFlZdtoIKr0OOd/zlOIIkp/R0GSuf8ShGLBgOo3QSKcaMAhFMAWhSqxpGarZu10LqGIwia4SX7kYe7nY1/bJr0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAgL2u6o8mbTNb9VXZdN1GTyBQlIUAzhRK/a04i3Rz2uqElLurPo4QBhSoTXnqbAUnYqVOzs9hbA6w65EjMOjYmcXcVYOarNBEWEWIkKR9O+Hk7wqbD7ScYVjBhQnJ5N7W1JA3kC7ZKZhpe3sSIJLxc6DXuB9Eo/mCseXLX7Mydn3cHq7I4YFwQyRf8XqIuXBGvXL5tbfBZ9ie6XUvdGBgXLWaJNU54PSloEMTF8vIZ/zjMcl2EjTfhe+xT/53hO5pzCPG9KkPF8zUaAD+M+jP9R44tWyhkYN1+eZf+cfIhyetcneSc7xDSaF30Aw1Rxx+6q1ZDhAsI9QPTMcDs8j9FA\u003d\u003d"
      ],
      "x5t": "rjEjauFRe5Wx-LszIQX7LLFmnz8",
      "x5t#S256": "0VzDVRJbyhFafD-YPd0fa7bB4Gvu4he78VPP17cAItQ"
    },
    {
      "kid": "QU9sUz8SX134GzIyTBVy6HtMB-tJ_RmNgKhPQiYRId8",
      "kty": "RSA",
      "alg": "PS256",
      "use": "sig",
      "n": "hrDCotmXed_3MpmUEMPC-ZaQeflhNNkA2a9genCuFFZreFiiDhVt7hO4_8Ko98Lik7UF1dWzG4hAtekQHvB-oEfcXO387KGCs5zisJ0pVRmZyUeUsGclc8tFEDmyLn1ajRj5d4XIsA5vVmmWa3YiJHN6mLYXtgg8FFoBXMvf0Ew94c4uC0Z0__ix-rN0vnQoBEdTxS17VT0v_g52CLMWXsD5X5DQ2EkRsGYOH_aJwnVGo9-hSZWWGMqIra7BZVsJkTL0H-4fr6HzlU8qqwnGvgbWkG_vHIr1E4dK_lxnE58KNCI24VImtmVxRfPYMbMFByoukwQqjSW0ZIN5B0nFMQ",
      "e": "AQAB",
      "x5c": [
        "MIIClzCCAX8CBgF42lxtjDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIawwqLZl3nf9zKZlBDDwvmWkHn5YTTZANmvYHpwrhRWa3hYog4Vbe4TuP/CqPfC4pO1BdXVsxuIQLXpEB7wfqBH3Fzt/OyhgrOc4rCdKVUZmclHlLBnJXPLRRA5si59Wo0Y+XeFyLAOb1Zplmt2IiRzepi2F7YIPBRaAVzL39BMPeHOLgtGdP/4sfqzdL50KARHU8Ute1U9L/4OdgizFl7A+V+Q0NhJEbBmDh/2icJ1RqPfoUmVlhjKiK2uwWVbCZEy9B/uH6+h85VPKqsJxr4G1pBv7xyK9ROHSv5cZxOfCjQiNuFSJrZlcUXz2DGzBQcqLpMEKo0ltGSDeQdJxTECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAJnw/2VFZx3fukDnEpMoEowW26a83ish/A66ZKRlyYAQlqIFqhWdU/KWjJri85l23/E9BfW3CW1/+dvanSFaqQ6KiYagQY8sCi6nXr9bxczxm06Ny/yh9eIy3wVk/BEVmP+i5/U2bkrbfI+f8ITaG2nV7dZgWzrDYx5Mvv8ZZ1aJRIldBMjs6PBAzvw3ZQQuj/6G1CTQkx5lMDLDb/0P9aZ0zlljGG+BZdgcjvln1u/n3Q8j3FVOOA+F5hIaLuEf4b+4wvVKbzUo/A3W8NVQ3gHhsMKYbX6OsKVCY9d061XTC9jyicWjeBpFHFpODZh1HV4LaKjLLDBsPwKdTTmaULw\u003d\u003d"
      ],
      "x5t": "Kqsoj7yFdoNQBuqNCQYxG641omk",
      "x5t#S256": "5MOyu0gs-SFWSdSuvO1qiGrsgvDRq3ZpkSu_KKS56h4"
    }
  ]
}
2021-04-30 10:01:09 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-04-30 10:01:09 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2021-04-30 10:01:09 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-04-30 10:01:09 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "kid": "xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64",
      "kty": "EC",
      "alg": "ES256",
      "use": "sig",
      "crv": "P-256",
      "x": "Lybsovf5hDRWucOoKfakkFo6XRjWgeASlbJg0TAU6ts",
      "y": "nAKR-V-A_XZO-xOuUCdxPusUXQPdy0J079VYrYO9oeQ"
    },
    {
      "kid": "SC-uY3bJnyeTpaaqQB0dYTYPZMo7WitRp5dEqoDl8FQ",
      "kty": "RSA",
      "alg": "RS256",
      "use": "sig",
      "n": "j8TbzjhUPnSbTlXdn-x6d33icEek6DBlUHPKBVK_oTQ2QuAoJE2KdSFqONyI6CZvyo6w4KE-AQlPkMT5HyR5ICDoTai0yMP-HXA9reA5giDAObbjLiAEL4C25SSi5YeM7RmS6ZlTRZJ3vUSuQX9rc-iBnbpgyBFQjHI-XrkaJrTEr-mFrX3IYG3J3SJpy-aknWvDFH5rhtNknADhjcuIlPQYMO3yRcLWprqO8fRvNis0AACEKwo-GzF1g3ByxBYocWVl22ggqvQ453_OU4giSn9HQZK5_xKEYsGA6jdBIpxowCEUwBaFKrGkZqtm7XQuoYjCJrhJfuRh7udjX9smvQ",
      "e": "AQAB",
      "x5c": [
        "MIIClzCCAX8CBgF42lxs+zANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI/E2844VD50m05V3Z/send94nBHpOgwZVBzygVSv6E0NkLgKCRNinUhajjciOgmb8qOsOChPgEJT5DE+R8keSAg6E2otMjD/h1wPa3gOYIgwDm24y4gBC+AtuUkouWHjO0ZkumZU0WSd71ErkF/a3PogZ26YMgRUIxyPl65Gia0xK/pha19yGBtyd0iacvmpJ1rwxR+a4bTZJwA4Y3LiJT0GDDt8kXC1qa6jvH0bzYrNAAAhCsKPhsxdYNwcsQWKHFlZdtoIKr0OOd/zlOIIkp/R0GSuf8ShGLBgOo3QSKcaMAhFMAWhSqxpGarZu10LqGIwia4SX7kYe7nY1/bJr0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAgL2u6o8mbTNb9VXZdN1GTyBQlIUAzhRK/a04i3Rz2uqElLurPo4QBhSoTXnqbAUnYqVOzs9hbA6w65EjMOjYmcXcVYOarNBEWEWIkKR9O+Hk7wqbD7ScYVjBhQnJ5N7W1JA3kC7ZKZhpe3sSIJLxc6DXuB9Eo/mCseXLX7Mydn3cHq7I4YFwQyRf8XqIuXBGvXL5tbfBZ9ie6XUvdGBgXLWaJNU54PSloEMTF8vIZ/zjMcl2EjTfhe+xT/53hO5pzCPG9KkPF8zUaAD+M+jP9R44tWyhkYN1+eZf+cfIhyetcneSc7xDSaF30Aw1Rxx+6q1ZDhAsI9QPTMcDs8j9FA\u003d\u003d"
      ],
      "x5t": "rjEjauFRe5Wx-LszIQX7LLFmnz8",
      "x5t#S256": "0VzDVRJbyhFafD-YPd0fa7bB4Gvu4he78VPP17cAItQ"
    },
    {
      "kid": "QU9sUz8SX134GzIyTBVy6HtMB-tJ_RmNgKhPQiYRId8",
      "kty": "RSA",
      "alg": "PS256",
      "use": "sig",
      "n": "hrDCotmXed_3MpmUEMPC-ZaQeflhNNkA2a9genCuFFZreFiiDhVt7hO4_8Ko98Lik7UF1dWzG4hAtekQHvB-oEfcXO387KGCs5zisJ0pVRmZyUeUsGclc8tFEDmyLn1ajRj5d4XIsA5vVmmWa3YiJHN6mLYXtgg8FFoBXMvf0Ew94c4uC0Z0__ix-rN0vnQoBEdTxS17VT0v_g52CLMWXsD5X5DQ2EkRsGYOH_aJwnVGo9-hSZWWGMqIra7BZVsJkTL0H-4fr6HzlU8qqwnGvgbWkG_vHIr1E4dK_lxnE58KNCI24VImtmVxRfPYMbMFByoukwQqjSW0ZIN5B0nFMQ",
      "e": "AQAB",
      "x5c": [
        "MIIClzCCAX8CBgF42lxtjDANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDAR0ZXN0MB4XDTIxMDQxNjExMDQ1M1oXDTMxMDQxNjExMDYzM1owDzENMAsGA1UEAwwEdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIawwqLZl3nf9zKZlBDDwvmWkHn5YTTZANmvYHpwrhRWa3hYog4Vbe4TuP/CqPfC4pO1BdXVsxuIQLXpEB7wfqBH3Fzt/OyhgrOc4rCdKVUZmclHlLBnJXPLRRA5si59Wo0Y+XeFyLAOb1Zplmt2IiRzepi2F7YIPBRaAVzL39BMPeHOLgtGdP/4sfqzdL50KARHU8Ute1U9L/4OdgizFl7A+V+Q0NhJEbBmDh/2icJ1RqPfoUmVlhjKiK2uwWVbCZEy9B/uH6+h85VPKqsJxr4G1pBv7xyK9ROHSv5cZxOfCjQiNuFSJrZlcUXz2DGzBQcqLpMEKo0ltGSDeQdJxTECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAJnw/2VFZx3fukDnEpMoEowW26a83ish/A66ZKRlyYAQlqIFqhWdU/KWjJri85l23/E9BfW3CW1/+dvanSFaqQ6KiYagQY8sCi6nXr9bxczxm06Ny/yh9eIy3wVk/BEVmP+i5/U2bkrbfI+f8ITaG2nV7dZgWzrDYx5Mvv8ZZ1aJRIldBMjs6PBAzvw3ZQQuj/6G1CTQkx5lMDLDb/0P9aZ0zlljGG+BZdgcjvln1u/n3Q8j3FVOOA+F5hIaLuEf4b+4wvVKbzUo/A3W8NVQ3gHhsMKYbX6OsKVCY9d061XTC9jyicWjeBpFHFpODZh1HV4LaKjLLDBsPwKdTTmaULw\u003d\u003d"
      ],
      "x5t": "Kqsoj7yFdoNQBuqNCQYxG641omk",
      "x5t#S256": "5MOyu0gs-SFWSdSuvO1qiGrsgvDRq3ZpkSu_KKS56h4"
    }
  ]
}
2021-04-30 10:01:09 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
client11-mtls-ES256-ES256
scope
openid email
jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "EC",
      "kid": "client1-ES256",
      "crv": "P-256",
      "alg": "ES256",
      "x": "KhIuh2un6UWcBCIQqr5s3lSN42mrp5kjdf3JrasR1E4",
      "y": "bUIXyjZ6Q7-fLu-mp56OJjEHOAbGd3X30EMhS7SG-Vw",
      "d": "zngKYq2KBIRGiawAAZQJ0K_ZxL3VyZbOHYScKtrOWX0"
    }
  ]
}
2021-04-30 10:01:09
ValidateMTLSCertificatesHeader
No certificate authority found for MTLS
2021-04-30 10:01:09 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2021-04-30 10:01:09
ExtractMTLSCertificatesFromConfiguration
No certificate authority found for MTLS
2021-04-30 10:01:09 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDKDCCAs6gAwIBAgIUXl6GT8Ex1EENFSPveDA8fUoqHAwwCgYIKoZIzj0EAwIwdjELMAkGA1UEBhMCSlAxEzARBgNVBAgTClByaXZhdGUgQ0ExFzAVBgNVBAoTDlNlY3VyZSBPU1MgU2lnMRYwFAYDVQQLEw1LZXljbG9hay1mYXBpMSEwHwYDVQQDExhLZXljbG9hay1mYXBpIFByaXZhdGUgQ0EwHhcNMTkwNTIxMDIwNDAwWhcNMjQwNTE5MDIwNDAwWjBhMQswCQYDVQQGEwJKUDEPMA0GA1UECBMGQ2xpZW50MRcwFQYDVQQKEw5TZWN1cmUgT1NTIFNpZzEWMBQGA1UECxMNS2V5Y2xvYWstZmFwaTEQMA4GA1UEAxMHY2xpZW50MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM74QUE+RfLtdHCKj1QXRQkj30AtveZa/7jbBpHYJCoSGA4bzuNE04HTK02hwtBO0J0bvbRy14BYHimwhUY6n7gtZKex3JQ39QC2UHbIOtIQXvCgbn6K4iU6WrUbCK4I8p77gIk4MXQmsCQokAtxsF1eq/RyLhRJXo/aTwcHDWcb5n8jFGmpOJyhmPEXwtzqMZwO9Y+aI3d5P/xHXnb84zrgRJH2YMzTKOfGt72I8Ag34ITTQUxox5RUMMGwqlzN6bEYIF9lyCcd3kCSgyp4b4wNBc5h5g3GPDBTCUx3z07oQ50LR7AAICevHvWGlUxXtX+MYc6+Mvjb3l/e+EEldb0CAwEAAaOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURPpQRYqk1GU0v6159IJV4fo7s8YwHwYDVR0jBBgwFoAUJmT6o2FQqWh2KBGYB3nfWHkAtEgwCwYDVR0RBAQwAoIAMAoGCCqGSM49BAMCA0gAMEUCIHImOqdaMfLN1M7i4wfXKIGnJHDlEv8B3jASpdlMb35IAiEA5oj7fyh0KxGG9Z4kUGusBUYidOemP81CtyOPzg1A64w=
key
MIIEpQIBAAKCAQEAzvhBQT5F8u10cIqPVBdFCSPfQC295lr/uNsGkdgkKhIYDhvO40TTgdMrTaHC0E7QnRu9tHLXgFgeKbCFRjqfuC1kp7HclDf1ALZQdsg60hBe8KBuforiJTpatRsIrgjynvuAiTgxdCawJCiQC3GwXV6r9HIuFElej9pPBwcNZxvmfyMUaak4nKGY8RfC3OoxnA71j5ojd3k//EdedvzjOuBEkfZgzNMo58a3vYjwCDfghNNBTGjHlFQwwbCqXM3psRggX2XIJx3eQJKDKnhvjA0FzmHmDcY8MFMJTHfPTuhDnQtHsAAgJ68e9YaVTFe1f4xhzr4y+NveX974QSV1vQIDAQABAoIBAQCbyK7NXgMmi+b2AsVJZU54R8D1vLhQWDRdPrceNdNau03R6Mp7tEWDVaAlidlqE7jgWI4c8cgVeb4SYSSfrOalqb02oCDIi6nlRFUiYyorDVl4wzkIFJ+Np/O4l8WbwW5ljia8okhPBgPU45cwlf1K+kRx9TOL34HGw2pyfrNu5G1NWs3a30qHVc5FnKBgJq4PZgxtTC15DoQ4U8IF7M9XYlXOkx3zSOjk2mpQaOPDeRWBwoFsoxqOl+x3/u9rhiGW+9OXEltq+AKAlsZ4QVfvmjIZ65c5SJwrV+OhLIKOoA8TzheBGKZ4vkKt17GxWsm7KP1afh1fqc5Cd1lE0e1BAoGBAPI5SKi+HKuMsWY6YLv0c6j/FHJ/ZnSLLYc6/edfXso0djuz7BOfmLjgnntDrWTf6jWJ14DMDZVaohFr69eham8N9H9bQl7tpdtswRL0IVfOZYbEBbQk57/l5yADZcxvOMne/yh8K8LARYdFe5WDHCijgLhqmENenRHhHUjAuPVxAoGBANq9rnqQ6j4n2GEx+YhIKOflCUWwUe9XQ8pdQwniDQkQ3imOsOLn/nMXUO1oUMbaH0cbQ0+e5QGW74alTaFkQxBeSTbvZplMtwgaKDl2GzlYFPUxSLkAf5crChjT0z5t74RvChCvoLLxXXD+PmkC1Hpub78bfEwqit54fVGMJW8NAoGBAMzk8fZzYnMmvwU3io5TOOcSZqx34iXheTC0EQT/4oHvILhd+OucjCaPMuAYHnt/AXIqWJYFhdP557AO91/elda9Gj4E5z6/jhXvh97Njcrlt3HpLN32fecQxZKJ7TmiN4pjzLjlWGsUE3xapTCSyGYD8KWO3Z/XT8xI/WmGRK6xAoGBAMBmaUr7nl4vk/7iAzehKQHYDpDSpy8bldAwuh++SnL3+EGbdfEP2FsJXjCEOdC+2RYlX85v18TPKz5GtgLIesix9jow1xDuTmv8/faU8Rs+Y6jLwcigLJodzFLMNxnJfw0A0lyc7n+XF/akWubpC1XpP7dcCLfCD8XhO3F4EREdAoGAQRNaIHonLPVg+cZAVR6DAKj7l20tE1THRfHrkJDoM661hl7EnPL30SoLJyKYh3uil+/XAMtdegE5nrumg25FKdDY+JvSSvqEI0dLqKZzc6PBRau3+KVUVAYQtvtH7E2uJ7oFzFepTp2mq1I7+BYEmTIaPDJvf/l5gz+vy+voLrs=
2021-04-30 10:01:09 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2021-04-30 10:01:09 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "EC",
      "kid": "client1-ES256",
      "crv": "P-256",
      "alg": "ES256",
      "x": "KhIuh2un6UWcBCIQqr5s3lSN42mrp5kjdf3JrasR1E4",
      "y": "bUIXyjZ6Q7-fLu-mp56OJjEHOAbGd3X30EMhS7SG-Vw",
      "d": "zngKYq2KBIRGiawAAZQJ0K_ZxL3VyZbOHYScKtrOWX0"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "client1-ES256",
      "x": "KhIuh2un6UWcBCIQqr5s3lSN42mrp5kjdf3JrasR1E4",
      "y": "bUIXyjZ6Q7-fLu-mp56OJjEHOAbGd3X30EMhS7SG-Vw",
      "alg": "ES256"
    }
  ]
}
2021-04-30 10:01:09 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2021-04-30 10:01:09 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-04-30 10:01:09 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2021-04-30 10:01:09 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "EC",
      "kid": "client1-ES256",
      "crv": "P-256",
      "alg": "ES256",
      "x": "KhIuh2un6UWcBCIQqr5s3lSN42mrp5kjdf3JrasR1E4",
      "y": "bUIXyjZ6Q7-fLu-mp56OJjEHOAbGd3X30EMhS7SG-Vw",
      "d": "zngKYq2KBIRGiawAAZQJ0K_ZxL3VyZbOHYScKtrOWX0"
    }
  ]
}
2021-04-30 10:01:09 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify configuration of second client
2021-04-30 10:01:09 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
client12-mtls-ES256-ES256
scope
openid email
jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "EC",
      "kid": "client2-ES256",
      "crv": "P-256",
      "alg": "ES256",
      "x": "X1K2NP56XffP8ZvkSJiD3ZiaD6A1forvWkZ2AzqbyME",
      "y": "S2GQUKAw0gW5kT-lEehLkt02PxA6CukInQhvo1hWcNo",
      "d": "xDb8I6rF-rMPo5MV-rZSZZRwk1-TYJCm6SK4JGeP7Gk"
    }
  ]
}
2021-04-30 10:01:09
ValidateMTLSCertificates2Header
No certificate authority found for MTLS
2021-04-30 10:01:09 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2021-04-30 10:01:09
ExtractMTLSCertificates2FromConfiguration
No certificate authority found for MTLS
2021-04-30 10:01:09 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDJjCCAs6gAwIBAgIUKHCTpsodVknyAZC7gFy3hZZqTtEwCgYIKoZIzj0EAwIwdjELMAkGA1UEBhMCSlAxEzARBgNVBAgTClByaXZhdGUgQ0ExFzAVBgNVBAoTDlNlY3VyZSBPU1MgU2lnMRYwFAYDVQQLEw1LZXljbG9hay1mYXBpMSEwHwYDVQQDExhLZXljbG9hay1mYXBpIFByaXZhdGUgQ0EwHhcNMTkwNTIxMDIwNDAwWhcNMjQwNTE5MDIwNDAwWjBhMQswCQYDVQQGEwJKUDEPMA0GA1UECBMGQ2xpZW50MRcwFQYDVQQKEw5TZWN1cmUgT1NTIFNpZzEWMBQGA1UECxMNS2V5Y2xvYWstZmFwaTEQMA4GA1UEAxMHY2xpZW50MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMlwHpEQVCrBo1yRmKACefdDiGLunW+REQHmTWUTEokWdVCsMGjqns1E4h68nmXVApXtyuGLF3IVzJrUQ6DQXCKdPpmoFplD6aC0CdFVouY8XULyny8d1aNl+1nrFFaiamW2JxD9PbtUKfE/TVMM+bums+gHW63KrJo7OnfEC0wvuEwY4vVDvL5DhxoURTU8YhBUxDvAnfQfD4TJEVqEiIt/0vTwrdEoRlHTwaJadcyKdUKvNVG1O1RGlsPm63qS2XkG4QvwasIuhoxuUZbr74S9mlDQV33k/XCWj/nOr+58xCaXNKGOI9TlFA4+YUclJxy/GeBZB0OmSitP5swqpCkCAwEAAaOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUT8nMrrlLi/LQTlb3k6QnqLwpGT0wHwYDVR0jBBgwFoAUJmT6o2FQqWh2KBGYB3nfWHkAtEgwCwYDVR0RBAQwAoIAMAoGCCqGSM49BAMCA0YAMEMCID4FMD7NJZFeO4X26GifL4ODr/vK+NjeoAcnXdYo5WX7Ah8OifloGxnCplM7doLaG+LaE8r9VEi6QyD29NAIPUPe
key
MIIEpAIBAAKCAQEAyXAekRBUKsGjXJGYoAJ590OIYu6db5ERAeZNZRMSiRZ1UKwwaOqezUTiHryeZdUCle3K4YsXchXMmtRDoNBcIp0+magWmUPpoLQJ0VWi5jxdQvKfLx3Vo2X7WesUVqJqZbYnEP09u1Qp8T9NUwz5u6az6Adbrcqsmjs6d8QLTC+4TBji9UO8vkOHGhRFNTxiEFTEO8Cd9B8PhMkRWoSIi3/S9PCt0ShGUdPBolp1zIp1Qq81UbU7VEaWw+brepLZeQbhC/Bqwi6GjG5RluvvhL2aUNBXfeT9cJaP+c6v7nzEJpc0oY4j1OUUDj5hRyUnHL8Z4FkHQ6ZKK0/mzCqkKQIDAQABAoIBAC6BHe1rkaLVVXuXeV7nc3TsOF5urBYHrZ98pb2B67OOZcMcHYj7MXI+Rt3FuePUi2ZFoaL0U5NZCQVtn7dOoxayqrMapSz5CsS5C9MyLAtvQDCmhq1/+8RfVOnrZaSilmGo7df0Pv4ybgRuEtHrmvQBhmM436d9tN9ecR8ZOWp66Luy1GVM6rwH6ceOc46ZHUwoumN0kQt/G72G0QRbt7iGle/s11TzEKh3YaR9gkS+KPm5K+iPzSP1FxDiwSrKLRQJSjANrzTKEkuQyDm7MSYm23guxosA/4Oyaa+7SDEqk9509yiDp51HK9fFJWnuBoDt7iduz0VJVqHgq0lE9wECgYEA08hkjl9PKMTX8vN9cOX+0W4en3K10Jjonw4d2gS2dIyb8o7B4ulbfGpleMAmcyGuG+k8fC8nSjqYSx4YHPunbmK1O4PCGTi8r6BtD9zW8opJVi+ImMsan8l8bUASOuOFrHhvnB/JZS3yoOZVE8ey6/5QtSjwbn6I7dAvXXgT5pkCgYEA837OFMLfbWoYvdEa9LXmXGWagQe7Ta09BGbJ1Qs1hpuZJl8qK0kVWTDURtr5yu24r7YQ3S3cqKcg3FB3XO+vjreYKl2Cww/v8Wy/glGgqkAhd0dP9K1Q8F8XeQPlrPkNANrGjIlNFYmg163EDwLJ+IoRr+t43KbIoGvsb9kTdBECgYEAh1keys6mrIuA58gtdyXGQNp7v7Nz9yiCIoTHFzrD0KC8WbxatUYmLdFhoFZNPG9d8oCRI1yPY6UnB3roNj2ut6Fl6e8+8ReNn0CL8wNUbBVs4SPnzJ6hGVWPq9Ky0+fs2ljuG31FHODMm4AZB1ctRh12PxE296buo+3VF4tSTKECgYEA4dUW73x52rHPNqWs+Y+HkuSNMuTn3DgzYlSvFw+pWioQFd2nb7P9v9Yg24KWsJZgd19GLs0tXaJ8QLnEqwaGbbhrwccu0xmB8glpaUWp3J1ULJuQVZ81dWrMi2mI6C+o1sUR5yAkxTf7XG4Ga+GrTv9HPkEHvKZXZyoRhP7xIvECgYB6S0i6ruOAFq2iMyGoX83RlWjo+WrGqSVWfzRZ43rFQ3MBEIlkQD3K6+Y+v0MMlgrN3VQTi31IW42ftgOIiy7ZndMvBaQd2Zp4POtNISsRysQJcewPwbL0VXsalNqW+Rl8PDzrd6s13wYogMuWrwmbPphC04LdBhZb6nX6KVkn0A==
2021-04-30 10:01:09 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2021-04-30 10:01:09 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "EC",
      "kid": "client2-ES256",
      "crv": "P-256",
      "alg": "ES256",
      "x": "X1K2NP56XffP8ZvkSJiD3ZiaD6A1forvWkZ2AzqbyME",
      "y": "S2GQUKAw0gW5kT-lEehLkt02PxA6CukInQhvo1hWcNo",
      "d": "xDb8I6rF-rMPo5MV-rZSZZRwk1-TYJCm6SK4JGeP7Gk"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "use": "sig",
      "crv": "P-256",
      "kid": "client2-ES256",
      "x": "X1K2NP56XffP8ZvkSJiD3ZiaD6A1forvWkZ2AzqbyME",
      "y": "S2GQUKAw0gW5kT-lEehLkt02PxA6CukInQhvo1hWcNo",
      "alg": "ES256"
    }
  ]
}
2021-04-30 10:01:09 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2021-04-30 10:01:09 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-04-30 10:01:09 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2021-04-30 10:01:09 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "use": "sig",
      "kty": "EC",
      "kid": "client2-ES256",
      "crv": "P-256",
      "alg": "ES256",
      "x": "X1K2NP56XffP8ZvkSJiD3ZiaD6A1forvWkZ2AzqbyME",
      "y": "S2GQUKAw0gW5kT-lEehLkt02PxA6CukInQhvo1hWcNo",
      "d": "xDb8I6rF-rMPo5MV-rZSZZRwk1-TYJCm6SK4JGeP7Gk"
    }
  ]
}
2021-04-30 10:01:09 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2021-04-30 10:01:09 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://gw-dev-direct.apps.brazilob.a7z0.p1.openshiftapps.com/brazil-aisp/fapi
institution_id
xxx
2021-04-30 10:01:09 SUCCESS
SetProtectedResourceUrlToSingleResourceEndpoint
Set protected resource URL
protected_resource_url
https://gw-dev-direct.apps.brazilob.a7z0.p1.openshiftapps.com/brazil-aisp/fapi
2021-04-30 10:01:09 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "gw-dev-direct.apps.brazilob.a7z0.p1.openshiftapps.com",
  "testPort": 443
}
2021-04-30 10:01:09 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "gw-dev-direct.apps.brazilob.a7z0.p1.openshiftapps.com",
  "testPort": 443
}
accounts_request_endpoint
{
  "testHost": "gw-dev-direct.apps.brazilob.a7z0.p1.openshiftapps.com",
  "testPort": 443
}
2021-04-30 10:01:10
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Setup Done
Make request to authorization endpoint
2021-04-30 10:01:10 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
client11-mtls-ES256-ES256
redirect_uri
https://www.certification.openid.net/test/a/keycloak/callback
scope
openid email
2021-04-30 10:01:10 SUCCESS
AddAcrClaimToAuthorizationEndpointRequest
Added acr claim to authorization_endpoint_request
authorization_endpoint_request
{
  "client_id": "client11-mtls-ES256-ES256",
  "redirect_uri": "https://www.certification.openid.net/test/a/keycloak/callback",
  "scope": "openid email",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  }
}
2021-04-30 10:01:10
CreateRandomStateValue
Created state value
requested_state_length
10
state
YGyVZfQvGI
2021-04-30 10:01:10 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
client11-mtls-ES256-ES256
redirect_uri
https://www.certification.openid.net/test/a/keycloak/callback
scope
openid email
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
YGyVZfQvGI
2021-04-30 10:01:10
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
CyoSz8eWqr
2021-04-30 10:01:10 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
client11-mtls-ES256-ES256
redirect_uri
https://www.certification.openid.net/test/a/keycloak/callback
scope
openid email
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
YGyVZfQvGI
nonce
CyoSz8eWqr
2021-04-30 10:01:10 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCodeIdtoken
Added response_type parameter to request
client_id
client11-mtls-ES256-ES256
redirect_uri
https://www.certification.openid.net/test/a/keycloak/callback
scope
openid email
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
YGyVZfQvGI
nonce
CyoSz8eWqr
response_type
code id_token
2021-04-30 10:01:10 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "client11-mtls-ES256-ES256",
  "redirect_uri": "https://www.certification.openid.net/test/a/keycloak/callback",
  "scope": "openid email",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "state": "YGyVZfQvGI",
  "nonce": "CyoSz8eWqr",
  "response_type": "code id_token"
}
2021-04-30 10:01:10 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.61977717E9
2021-04-30 10:01:10 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test
2021-04-30 10:01:10 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
client11-mtls-ES256-ES256
2021-04-30 10:01:10 SUCCESS
AddClientIdToRequestObject
Added client_id to request object claims
client_id
client11-mtls-ES256-ES256
2021-04-30 10:01:10 SUCCESS
SignRequestObject
Signed the request object
claims
{"aud":"https:\/\/keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com\/auth\/realms\/test","scope":"openid email","claims":{"id_token":{"acr":{"value":"urn:mace:incommon:iap:silver","essential":true}}},"iss":"client11-mtls-ES256-ES256","response_type":"code id_token","redirect_uri":"https:\/\/www.certification.openid.net\/test\/a\/keycloak\/callback","state":"YGyVZfQvGI","exp":1619777170,"nonce":"CyoSz8eWqr","client_id":"client11-mtls-ES256-ES256"}
header
{"kid":"client1-ES256","alg":"ES256"}
request_object
eyJraWQiOiJjbGllbnQxLUVTMjU2IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wva2V5Y2xvYWstZGlyZWN0LWJyYXppbC1vYi5hcHBzLmJyYXppbG9iLmE3ejAucDEub3BlbnNoaWZ0YXBwcy5jb21cL2F1dGhcL3JlYWxtc1wvdGVzdCIsInNjb3BlIjoib3BlbmlkIGVtYWlsIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9rZXljbG9ha1wvY2FsbGJhY2siLCJzdGF0ZSI6IllHeVZaZlF2R0kiLCJleHAiOjE2MTk3NzcxNzAsIm5vbmNlIjoiQ3lvU3o4ZVdxciIsImNsaWVudF9pZCI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYifQ.kCTW3pKaZX9bpzY2tiCM5ldg6EZTy50-JESJVsuVwmV2zsYgkAaWjWjzfhlL-p2PZtIILX1bMgn5LooOAgsIQQ
key
{"kty":"EC","d":"zngKYq2KBIRGiawAAZQJ0K_ZxL3VyZbOHYScKtrOWX0","use":"sig","crv":"P-256","kid":"client1-ES256","x":"KhIuh2un6UWcBCIQqr5s3lSN42mrp5kjdf3JrasR1E4","y":"bUIXyjZ6Q7-fLu-mp56OJjEHOAbGd3X30EMhS7SG-Vw","alg":"ES256"}
2021-04-30 10:01:10 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/auth?request=eyJraWQiOiJjbGllbnQxLUVTMjU2IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wva2V5Y2xvYWstZGlyZWN0LWJyYXppbC1vYi5hcHBzLmJyYXppbG9iLmE3ejAucDEub3BlbnNoaWZ0YXBwcy5jb21cL2F1dGhcL3JlYWxtc1wvdGVzdCIsInNjb3BlIjoib3BlbmlkIGVtYWlsIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9rZXljbG9ha1wvY2FsbGJhY2siLCJzdGF0ZSI6IllHeVZaZlF2R0kiLCJleHAiOjE2MTk3NzcxNzAsIm5vbmNlIjoiQ3lvU3o4ZVdxciIsImNsaWVudF9pZCI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYifQ.kCTW3pKaZX9bpzY2tiCM5ldg6EZTy50-JESJVsuVwmV2zsYgkAaWjWjzfhlL-p2PZtIILX1bMgn5LooOAgsIQQ&client_id=client11-mtls-ES256-ES256&redirect_uri=https://www.certification.openid.net/test/a/keycloak/callback&scope=openid%20email&response_type=code%20id_token
2021-04-30 10:01:10 REDIRECT
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Redirecting to authorization endpoint
redirect_to
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/auth?request=eyJraWQiOiJjbGllbnQxLUVTMjU2IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wva2V5Y2xvYWstZGlyZWN0LWJyYXppbC1vYi5hcHBzLmJyYXppbG9iLmE3ejAucDEub3BlbnNoaWZ0YXBwcy5jb21cL2F1dGhcL3JlYWxtc1wvdGVzdCIsInNjb3BlIjoib3BlbmlkIGVtYWlsIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9rZXljbG9ha1wvY2FsbGJhY2siLCJzdGF0ZSI6IllHeVZaZlF2R0kiLCJleHAiOjE2MTk3NzcxNzAsIm5vbmNlIjoiQ3lvU3o4ZVdxciIsImNsaWVudF9pZCI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYifQ.kCTW3pKaZX9bpzY2tiCM5ldg6EZTy50-JESJVsuVwmV2zsYgkAaWjWjzfhlL-p2PZtIILX1bMgn5LooOAgsIQQ&client_id=client11-mtls-ES256-ES256&redirect_uri=https://www.certification.openid.net/test/a/keycloak/callback&scope=openid%20email&response_type=code%20id_token
2021-04-30 10:01:17 INCOMING
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Incoming HTTP request to test instance 2gr3VLKYZKaUa7G
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"90\", \"Google Chrome\";v\u003d\"90\"",
  "sec-ch-ua-mobile": "?0",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-IN,en;q\u003d0.9",
  "cookie": "__utma\u003d201319536.1907545603.1619774306.1619774306.1619774306.1; __utmc\u003d201319536; __utmz\u003d201319536.1619774306.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); JSESSIONID\u003d517BF0F99147B4FEB9E13934F53487AB",
  "x-mci-psu-ip-addr": "127.0.0.1",
  "x-mci-access-scope": "AIS",
  "x-mci-aspsp-entid": "ZEN-GBBUS",
  "x-mci-access-country": "GB",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
callback
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-04-30 10:01:17 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/BlCG9c6z1aG1SPm4yLM9",
  "fullUrl": "https://www.certification.openid.net/test/a/keycloak/implicit/BlCG9c6z1aG1SPm4yLM9"
}
2021-04-30 10:01:17 OUTGOING
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Response to HTTP request to test instance 2gr3VLKYZKaUa7G
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/keycloak/implicit/BlCG9c6z1aG1SPm4yLM9, returnUrl=/log-detail.html?log=2gr3VLKYZKaUa7G}]
outgoing_path
callback
2021-04-30 10:01:19 INCOMING
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Incoming HTTP request to test instance 2gr3VLKYZKaUa7G
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"90\", \"Google Chrome\";v\u003d\"90\"",
  "accept": "*/*",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36",
  "content-type": "text/plain",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/keycloak/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-IN,en;q\u003d0.9",
  "cookie": "__utma\u003d201319536.1907545603.1619774306.1619774306.1619774306.1; __utmc\u003d201319536; __utmz\u003d201319536.1619774306.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); JSESSIONID\u003d517BF0F99147B4FEB9E13934F53487AB",
  "x-mci-psu-ip-addr": "127.0.0.1",
  "x-mci-access-scope": "AIS",
  "x-mci-aspsp-entid": "ZEN-GBBUS",
  "x-mci-access-country": "GB",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "1151",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/BlCG9c6z1aG1SPm4yLM9
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
#state=YGyVZfQvGI&session_state=9f1c7954-1a69-4651-bb34-02cb1afbc13c&code=af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54&id_token=eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzcsImlhdCI6MTYxOTc3Njg3NywiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIxODcxYWJlMy1iNTg1LTQ0YzktODAxNy1lNzU1YWNkODkzZmMiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImNfaGFzaCI6IjVsaHlMODZzdUJ5NmhxWTg0eXljTVEiLCJhY3IiOiIwIiwic19oYXNoIjoiOTJXLXdGek02Y3VXbEhmTndlRkt0ZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.S1kruVY8EY2Bhjte9fpb6BNI5-npfvKj4NilGiqiJcQr3E2eQXoakEKd6I8ov5xHC2HXvQrFO6cu1QqWneKb_w
2021-04-30 10:01:19 OUTGOING
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Response to HTTP request to test instance 2gr3VLKYZKaUa7G
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/BlCG9c6z1aG1SPm4yLM9
2021-04-30 10:01:19
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "state",
    "value": "YGyVZfQvGI"
  },
  {
    "name": "session_state",
    "value": "9f1c7954-1a69-4651-bb34-02cb1afbc13c"
  },
  {
    "name": "code",
    "value": "af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54"
  },
  {
    "name": "id_token",
    "value": "eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzcsImlhdCI6MTYxOTc3Njg3NywiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIxODcxYWJlMy1iNTg1LTQ0YzktODAxNy1lNzU1YWNkODkzZmMiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImNfaGFzaCI6IjVsaHlMODZzdUJ5NmhxWTg0eXljTVEiLCJhY3IiOiIwIiwic19oYXNoIjoiOTJXLXdGek02Y3VXbEhmTndlRkt0ZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.S1kruVY8EY2Bhjte9fpb6BNI5-npfvKj4NilGiqiJcQr3E2eQXoakEKd6I8ov5xHC2HXvQrFO6cu1QqWneKb_w"
  }
]
2021-04-30 10:01:19 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
state
YGyVZfQvGI
session_state
9f1c7954-1a69-4651-bb34-02cb1afbc13c
code
af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54
id_token
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzcsImlhdCI6MTYxOTc3Njg3NywiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIxODcxYWJlMy1iNTg1LTQ0YzktODAxNy1lNzU1YWNkODkzZmMiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImNfaGFzaCI6IjVsaHlMODZzdUJ5NmhxWTg0eXljTVEiLCJhY3IiOiIwIiwic19oYXNoIjoiOTJXLXdGek02Y3VXbEhmTndlRkt0ZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.S1kruVY8EY2Bhjte9fpb6BNI5-npfvKj4NilGiqiJcQr3E2eQXoakEKd6I8ov5xHC2HXvQrFO6cu1QqWneKb_w
2021-04-30 10:01:19 REDIRECT-IN
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"90\", \"Google Chrome\";v\u003d\"90\"",
  "sec-ch-ua-mobile": "?0",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-IN,en;q\u003d0.9",
  "cookie": "__utma\u003d201319536.1907545603.1619774306.1619774306.1619774306.1; __utmc\u003d201319536; __utmz\u003d201319536.1619774306.1.1.utmcsr\u003d(direct)|utmccn\u003d(direct)|utmcmd\u003d(none); JSESSIONID\u003d517BF0F99147B4FEB9E13934F53487AB",
  "x-mci-psu-ip-addr": "127.0.0.1",
  "x-mci-access-scope": "AIS",
  "x-mci-aspsp-entid": "ZEN-GBBUS",
  "x-mci-access-country": "GB",
  "x-ssl-cipher": "ECDHE-RSA-AES128-GCM-SHA256",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "state": "YGyVZfQvGI",
  "session_state": "9f1c7954-1a69-4651-bb34-02cb1afbc13c",
  "code": "af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54",
  "id_token": "eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzcsImlhdCI6MTYxOTc3Njg3NywiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIxODcxYWJlMy1iNTg1LTQ0YzktODAxNy1lNzU1YWNkODkzZmMiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImNfaGFzaCI6IjVsaHlMODZzdUJ5NmhxWTg0eXljTVEiLCJhY3IiOiIwIiwic19oYXNoIjoiOTJXLXdGek02Y3VXbEhmTndlRkt0ZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.S1kruVY8EY2Bhjte9fpb6BNI5-npfvKj4NilGiqiJcQr3E2eQXoakEKd6I8ov5xHC2HXvQrFO6cu1QqWneKb_w"
}
post_body
Verify authorization endpoint response
2021-04-30 10:01:19 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2021-04-30 10:01:19 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2021-04-30 10:01:19 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2021-04-30 10:01:19 SUCCESS
RejectStateInUrlQueryForHybridFlow
state is correctly not present in URL query returned from authorization endpoint (as in the hybrid flow it must be returned in the URL fragment/hash only)
2021-04-30 10:01:19 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2021-04-30 10:01:19 SUCCESS
ValidateSuccessfulHybridResponseFromAuthorizationEndpoint
authorization endpoint response does not include unexpected parameters
state
YGyVZfQvGI
session_state
9f1c7954-1a69-4651-bb34-02cb1afbc13c
code
af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54
id_token
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzcsImlhdCI6MTYxOTc3Njg3NywiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIxODcxYWJlMy1iNTg1LTQ0YzktODAxNy1lNzU1YWNkODkzZmMiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImNfaGFzaCI6IjVsaHlMODZzdUJ5NmhxWTg0eXljTVEiLCJhY3IiOiIwIiwic19oYXNoIjoiOTJXLXdGek02Y3VXbEhmTndlRkt0ZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.S1kruVY8EY2Bhjte9fpb6BNI5-npfvKj4NilGiqiJcQr3E2eQXoakEKd6I8ov5xHC2HXvQrFO6cu1QqWneKb_w
2021-04-30 10:01:19 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
YGyVZfQvGI
2021-04-30 10:01:19
ValidateIssInAuthorizationResponse
No 'iss' value in authorization response.
2021-04-30 10:01:19 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54
2021-04-30 10:01:19 SUCCESS
EnsureMinimumAuthorizationCodeLength
Authorization code is of sufficient length
actual
880
required
128
2021-04-30 10:01:19 SUCCESS
EnsureMinimumAuthorizationCodeEntropy
Calculated shannon entropy seems sufficient
actual
437.8183374111698
expected
96.0
2021-04-30 10:01:19 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzcsImlhdCI6MTYxOTc3Njg3NywiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIxODcxYWJlMy1iNTg1LTQ0YzktODAxNy1lNzU1YWNkODkzZmMiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImNfaGFzaCI6IjVsaHlMODZzdUJ5NmhxWTg0eXljTVEiLCJhY3IiOiIwIiwic19oYXNoIjoiOTJXLXdGek02Y3VXbEhmTndlRkt0ZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.S1kruVY8EY2Bhjte9fpb6BNI5-npfvKj4NilGiqiJcQr3E2eQXoakEKd6I8ov5xHC2HXvQrFO6cu1QqWneKb_w
header
{
  "kid": "xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64",
  "typ": "JWT",
  "alg": "ES256"
}
claims
{
  "sub": "fa54a479-43b4-400e-89ea-9c0fda0afe5e",
  "email_verified": false,
  "iss": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test",
  "typ": "ID",
  "preferred_username": "john",
  "nonce": "CyoSz8eWqr",
  "aud": "client11-mtls-ES256-ES256",
  "c_hash": "5lhyL86suBy6hqY84yycMQ",
  "acr": "urn:mace:incommon:iap:silver",
  "s_hash": "92W-wFzM6cuWlHfNweFKtg",
  "azp": "client11-mtls-ES256-ES256",
  "auth_time": 1619774534,
  "exp": 1619777177,
  "session_state": "9f1c7954-1a69-4651-bb34-02cb1afbc13c",
  "iat": 1619776877,
  "jti": "1871abe3-b585-44c9-8017-e755acd893fc"
}
2021-04-30 10:01:19 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2021-04-30 10:01:19 SUCCESS
EnsureIdTokenContainsKid
kid was found in the ID token header
kid
xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64
2021-04-30 10:01:19 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
CyoSz8eWqr
2021-04-30 10:01:19 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:mace:incommon:iap:silver
requested
[
  "urn:mace:incommon:iap:silver"
]
2021-04-30 10:01:19 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzcsImlhdCI6MTYxOTc3Njg3NywiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIxODcxYWJlMy1iNTg1LTQ0YzktODAxNy1lNzU1YWNkODkzZmMiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImNfaGFzaCI6IjVsaHlMODZzdUJ5NmhxWTg0eXljTVEiLCJhY3IiOiIwIiwic19oYXNoIjoiOTJXLXdGek02Y3VXbEhmTndlRkt0ZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.S1kruVY8EY2Bhjte9fpb6BNI5-npfvKj4NilGiqiJcQr3E2eQXoakEKd6I8ov5xHC2HXvQrFO6cu1QqWneKb_w
2021-04-30 10:01:19 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzcsImlhdCI6MTYxOTc3Njg3NywiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIxODcxYWJlMy1iNTg1LTQ0YzktODAxNy1lNzU1YWNkODkzZmMiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImNfaGFzaCI6IjVsaHlMODZzdUJ5NmhxWTg0eXljTVEiLCJhY3IiOiIwIiwic19oYXNoIjoiOTJXLXdGek02Y3VXbEhmTndlRkt0ZyIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.S1kruVY8EY2Bhjte9fpb6BNI5-npfvKj4NilGiqiJcQr3E2eQXoakEKd6I8ov5xHC2HXvQrFO6cu1QqWneKb_w
2021-04-30 10:01:19 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
fa54a479-43b4-400e-89ea-9c0fda0afe5e
2021-04-30 10:01:19 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
ES256
2021-04-30 10:01:19 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2021-04-30 10:01:19 INFO
FAPIValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2021-04-30 10:01:19 SUCCESS
ExtractSHash
Extracted s_hash from ID Token
s_hash
92W-wFzM6cuWlHfNweFKtg
alg
ES256
2021-04-30 10:01:19 SUCCESS
ValidateSHash
s_hash validated successfully
expected_hash
92W-wFzM6cuWlHfNweFKtg
unhashed_value
YGyVZfQvGI
id_token_hash
92W-wFzM6cuWlHfNweFKtg
2021-04-30 10:01:19 SUCCESS
ExtractCHash
Extracted c_hash from ID Token
c_hash
5lhyL86suBy6hqY84yycMQ
alg
ES256
2021-04-30 10:01:19 SUCCESS
ValidateCHash
c_hash validated successfully
expected_hash
5lhyL86suBy6hqY84yycMQ
unhashed_value
af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54
id_token_hash
5lhyL86suBy6hqY84yycMQ
Call token endpoint
2021-04-30 10:01:19 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
grant_type
authorization_code
code
af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54
redirect_uri
https://www.certification.openid.net/test/a/keycloak/callback
2021-04-30 10:01:19 SUCCESS
AddClientIdToTokenEndpointRequest
grant_type
authorization_code
code
af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54
redirect_uri
https://www.certification.openid.net/test/a/keycloak/callback
client_id
client11-mtls-ES256-ES256
2021-04-30 10:01:19
CallTokenEndpoint
HTTP request
request_uri
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "270"
}
request_body
grant_type=authorization_code&code=af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fkeycloak%2Fcallback&client_id=client11-mtls-ES256-ES256
request_mutual_tls
{
  "cert": "MIIDKDCCAs6gAwIBAgIUXl6GT8Ex1EENFSPveDA8fUoqHAwwCgYIKoZIzj0EAwIwdjELMAkGA1UEBhMCSlAxEzARBgNVBAgTClByaXZhdGUgQ0ExFzAVBgNVBAoTDlNlY3VyZSBPU1MgU2lnMRYwFAYDVQQLEw1LZXljbG9hay1mYXBpMSEwHwYDVQQDExhLZXljbG9hay1mYXBpIFByaXZhdGUgQ0EwHhcNMTkwNTIxMDIwNDAwWhcNMjQwNTE5MDIwNDAwWjBhMQswCQYDVQQGEwJKUDEPMA0GA1UECBMGQ2xpZW50MRcwFQYDVQQKEw5TZWN1cmUgT1NTIFNpZzEWMBQGA1UECxMNS2V5Y2xvYWstZmFwaTEQMA4GA1UEAxMHY2xpZW50MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM74QUE+RfLtdHCKj1QXRQkj30AtveZa/7jbBpHYJCoSGA4bzuNE04HTK02hwtBO0J0bvbRy14BYHimwhUY6n7gtZKex3JQ39QC2UHbIOtIQXvCgbn6K4iU6WrUbCK4I8p77gIk4MXQmsCQokAtxsF1eq/RyLhRJXo/aTwcHDWcb5n8jFGmpOJyhmPEXwtzqMZwO9Y+aI3d5P/xHXnb84zrgRJH2YMzTKOfGt72I8Ag34ITTQUxox5RUMMGwqlzN6bEYIF9lyCcd3kCSgyp4b4wNBc5h5g3GPDBTCUx3z07oQ50LR7AAICevHvWGlUxXtX+MYc6+Mvjb3l/e+EEldb0CAwEAAaOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURPpQRYqk1GU0v6159IJV4fo7s8YwHwYDVR0jBBgwFoAUJmT6o2FQqWh2KBGYB3nfWHkAtEgwCwYDVR0RBAQwAoIAMAoGCCqGSM49BAMCA0gAMEUCIHImOqdaMfLN1M7i4wfXKIGnJHDlEv8B3jASpdlMb35IAiEA5oj7fyh0KxGG9Z4kUGusBUYidOemP81CtyOPzg1A64w\u003d",
  "key": "MIIEpQIBAAKCAQEAzvhBQT5F8u10cIqPVBdFCSPfQC295lr/uNsGkdgkKhIYDhvO40TTgdMrTaHC0E7QnRu9tHLXgFgeKbCFRjqfuC1kp7HclDf1ALZQdsg60hBe8KBuforiJTpatRsIrgjynvuAiTgxdCawJCiQC3GwXV6r9HIuFElej9pPBwcNZxvmfyMUaak4nKGY8RfC3OoxnA71j5ojd3k//EdedvzjOuBEkfZgzNMo58a3vYjwCDfghNNBTGjHlFQwwbCqXM3psRggX2XIJx3eQJKDKnhvjA0FzmHmDcY8MFMJTHfPTuhDnQtHsAAgJ68e9YaVTFe1f4xhzr4y+NveX974QSV1vQIDAQABAoIBAQCbyK7NXgMmi+b2AsVJZU54R8D1vLhQWDRdPrceNdNau03R6Mp7tEWDVaAlidlqE7jgWI4c8cgVeb4SYSSfrOalqb02oCDIi6nlRFUiYyorDVl4wzkIFJ+Np/O4l8WbwW5ljia8okhPBgPU45cwlf1K+kRx9TOL34HGw2pyfrNu5G1NWs3a30qHVc5FnKBgJq4PZgxtTC15DoQ4U8IF7M9XYlXOkx3zSOjk2mpQaOPDeRWBwoFsoxqOl+x3/u9rhiGW+9OXEltq+AKAlsZ4QVfvmjIZ65c5SJwrV+OhLIKOoA8TzheBGKZ4vkKt17GxWsm7KP1afh1fqc5Cd1lE0e1BAoGBAPI5SKi+HKuMsWY6YLv0c6j/FHJ/ZnSLLYc6/edfXso0djuz7BOfmLjgnntDrWTf6jWJ14DMDZVaohFr69eham8N9H9bQl7tpdtswRL0IVfOZYbEBbQk57/l5yADZcxvOMne/yh8K8LARYdFe5WDHCijgLhqmENenRHhHUjAuPVxAoGBANq9rnqQ6j4n2GEx+YhIKOflCUWwUe9XQ8pdQwniDQkQ3imOsOLn/nMXUO1oUMbaH0cbQ0+e5QGW74alTaFkQxBeSTbvZplMtwgaKDl2GzlYFPUxSLkAf5crChjT0z5t74RvChCvoLLxXXD+PmkC1Hpub78bfEwqit54fVGMJW8NAoGBAMzk8fZzYnMmvwU3io5TOOcSZqx34iXheTC0EQT/4oHvILhd+OucjCaPMuAYHnt/AXIqWJYFhdP557AO91/elda9Gj4E5z6/jhXvh97Njcrlt3HpLN32fecQxZKJ7TmiN4pjzLjlWGsUE3xapTCSyGYD8KWO3Z/XT8xI/WmGRK6xAoGBAMBmaUr7nl4vk/7iAzehKQHYDpDSpy8bldAwuh++SnL3+EGbdfEP2FsJXjCEOdC+2RYlX85v18TPKz5GtgLIesix9jow1xDuTmv8/faU8Rs+Y6jLwcigLJodzFLMNxnJfw0A0lyc7n+XF/akWubpC1XpP7dcCLfCD8XhO3F4EREdAoGAQRNaIHonLPVg+cZAVR6DAKj7l20tE1THRfHrkJDoM661hl7EnPL30SoLJyKYh3uil+/XAMtdegE5nrumg25FKdDY+JvSSvqEI0dLqKZzc6PBRau3+KVUVAYQtvtH7E2uJ7oFzFepTp2mq1I7+BYEmTIaPDJvf/l5gz+vy+voLrs\u003d"
}
2021-04-30 10:01:19 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "pragma": "no-cache",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "no-referrer",
  "date": "Fri, 30 Apr 2021 10:01:19 GMT",
  "connection": "keep-alive",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "x-content-type-options": "nosniff",
  "content-type": "application/json",
  "content-length": "4300"
}
response_body
{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJTQy11WTNiSm55ZVRwYWFxUUIwZFlUWVBaTW83V2l0UnA1ZEVxb0RsOEZRIn0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIzM2E0OTFhZS02ZWQyLTRlYWEtOGNhNC1mMmQyZDJjNGVkOWYiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJyZXNvdXJjZS1zZXJ2ZXIiLCJzdWIiOiJmYTU0YTQ3OS00M2I0LTQwMGUtODllYS05YzBmZGEwYWZlNWUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtMi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC03LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTguY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2NvbmZvcm1hbmNlLXN1aXRlLmtleWNsb2FrLWZhcGkub3JnIiwiaHR0cHM6Ly9sb2NhbGhvc3QuZW1vYml4LmNvLnVrIiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtOS5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC0xLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vbG9jYWxob3N0LmVtb2JpeC5jby51azo4NDQzIiwiaHR0cHM6Ly9zdGFnaW5nLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTUuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2RlbW8uY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTMuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0Il0sImNuZiI6eyJ4NXQjUzI1NiI6IjdncndWY0JRbVgxb0h3X1VGWG1zWWV4LXF1OVVEaEhncEZLTUs3NkVlWDgifSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obiJ9.GVyAauuoXzGXA3tYu6DyaGxx7MEwn9vcUtwk6q7ohuf1VKS-v5XzSUHgaynxR7FsjLobzCbk89Vd4lj15_Adk_WkXYu4VfTK7hlWXwhnNh4i8SYWoKl8cw-XFncQ5rATdefSizM8Zg0jrysjvFUZ8r-ilkWgIx3CiFONVGQhd2ZAduE206OMYhAZNEV1EEPcGFG5uiA926SdFZ7wPDEfRg81S87B-pQRUt9EA6AIQ2_uvG0rs5-CkGfViB2kaR-k77KzpMYUE_3ILhPDk7E_AudBQhWcAA-9rUsKTJhyp-7KqH9Kj-3z50Jlh-Mdgs4klraI2qCZ3CDHImfIADbcjQ","expires_in":300,"refresh_expires_in":1800,"refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkNjQ3OTBhOC1lOGVmLTRhMTUtYjVlYi00NmM1MWQ0OTE0ZTYifQ.eyJleHAiOjE2MTk3Nzg2NzksImlhdCI6MTYxOTc3Njg3OSwianRpIjoiYTA0MDQ5ODQtYjg3NS00ZmEzLThmMjUtNmI0OTYwMzk1YWYzIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay1kaXJlY3QtYnJhemlsLW9iLmFwcHMuYnJhemlsb2IuYTd6MC5wMS5vcGVuc2hpZnRhcHBzLmNvbS9hdXRoL3JlYWxtcy90ZXN0IiwiYXVkIjoiaHR0cHM6Ly9rZXljbG9hay1kaXJlY3QtYnJhemlsLW9iLmFwcHMuYnJhemlsb2IuYTd6MC5wMS5vcGVuc2hpZnRhcHBzLmNvbS9hdXRoL3JlYWxtcy90ZXN0Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYiLCJub25jZSI6IkN5b1N6OGVXcXIiLCJzZXNzaW9uX3N0YXRlIjoiOWYxYzc5NTQtMWE2OS00NjUxLWJiMzQtMDJjYjFhZmJjMTNjIiwiY25mIjp7Ing1dCNTMjU2IjoiN2dyd1ZjQlFtWDFvSHdfVUZYbXNZZXgtcXU5VURoSGdwRktNSzc2RWVYOCJ9LCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIn0.p5s25k8fJX96VwCIo88Cf8bvHNbjSH_11SYJN4tL6yU","token_type":"Bearer","id_token":"eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiI4NmUzMDY5Yi1jNTNkLTRmM2EtYWIyMi03ZGM0MzYxMDUxYWQiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImF0X2hhc2giOiJ4RnNuZWFjNHRtTG13WmNfZlk1M0N3IiwiYWNyIjoiMCIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.N5po2n5v46V52-WYfdanyD_XfBz5tij9gKuN2o5k1SVi8AJsJs-gcBObluP-JxvR41FK3lZnMNxlOnWRHbABxw","not-before-policy":1618992050,"session_state":"9f1c7954-1a69-4651-bb34-02cb1afbc13c","scope":"openid profile email"}
2021-04-30 10:01:19
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJTQy11WTNiSm55ZVRwYWFxUUIwZFlUWVBaTW83V2l0UnA1ZEVxb0RsOEZRIn0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIzM2E0OTFhZS02ZWQyLTRlYWEtOGNhNC1mMmQyZDJjNGVkOWYiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJyZXNvdXJjZS1zZXJ2ZXIiLCJzdWIiOiJmYTU0YTQ3OS00M2I0LTQwMGUtODllYS05YzBmZGEwYWZlNWUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtMi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC03LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTguY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2NvbmZvcm1hbmNlLXN1aXRlLmtleWNsb2FrLWZhcGkub3JnIiwiaHR0cHM6Ly9sb2NhbGhvc3QuZW1vYml4LmNvLnVrIiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtOS5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC0xLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vbG9jYWxob3N0LmVtb2JpeC5jby51azo4NDQzIiwiaHR0cHM6Ly9zdGFnaW5nLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTUuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2RlbW8uY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTMuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0Il0sImNuZiI6eyJ4NXQjUzI1NiI6IjdncndWY0JRbVgxb0h3X1VGWG1zWWV4LXF1OVVEaEhncEZLTUs3NkVlWDgifSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obiJ9.GVyAauuoXzGXA3tYu6DyaGxx7MEwn9vcUtwk6q7ohuf1VKS-v5XzSUHgaynxR7FsjLobzCbk89Vd4lj15_Adk_WkXYu4VfTK7hlWXwhnNh4i8SYWoKl8cw-XFncQ5rATdefSizM8Zg0jrysjvFUZ8r-ilkWgIx3CiFONVGQhd2ZAduE206OMYhAZNEV1EEPcGFG5uiA926SdFZ7wPDEfRg81S87B-pQRUt9EA6AIQ2_uvG0rs5-CkGfViB2kaR-k77KzpMYUE_3ILhPDk7E_AudBQhWcAA-9rUsKTJhyp-7KqH9Kj-3z50Jlh-Mdgs4klraI2qCZ3CDHImfIADbcjQ","expires_in":300,"refresh_expires_in":1800,"refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkNjQ3OTBhOC1lOGVmLTRhMTUtYjVlYi00NmM1MWQ0OTE0ZTYifQ.eyJleHAiOjE2MTk3Nzg2NzksImlhdCI6MTYxOTc3Njg3OSwianRpIjoiYTA0MDQ5ODQtYjg3NS00ZmEzLThmMjUtNmI0OTYwMzk1YWYzIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay1kaXJlY3QtYnJhemlsLW9iLmFwcHMuYnJhemlsb2IuYTd6MC5wMS5vcGVuc2hpZnRhcHBzLmNvbS9hdXRoL3JlYWxtcy90ZXN0IiwiYXVkIjoiaHR0cHM6Ly9rZXljbG9hay1kaXJlY3QtYnJhemlsLW9iLmFwcHMuYnJhemlsb2IuYTd6MC5wMS5vcGVuc2hpZnRhcHBzLmNvbS9hdXRoL3JlYWxtcy90ZXN0Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYiLCJub25jZSI6IkN5b1N6OGVXcXIiLCJzZXNzaW9uX3N0YXRlIjoiOWYxYzc5NTQtMWE2OS00NjUxLWJiMzQtMDJjYjFhZmJjMTNjIiwiY25mIjp7Ing1dCNTMjU2IjoiN2dyd1ZjQlFtWDFvSHdfVUZYbXNZZXgtcXU5VURoSGdwRktNSzc2RWVYOCJ9LCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIn0.p5s25k8fJX96VwCIo88Cf8bvHNbjSH_11SYJN4tL6yU","token_type":"Bearer","id_token":"eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiI4NmUzMDY5Yi1jNTNkLTRmM2EtYWIyMi03ZGM0MzYxMDUxYWQiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImF0X2hhc2giOiJ4RnNuZWFjNHRtTG13WmNfZlk1M0N3IiwiYWNyIjoiMCIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.N5po2n5v46V52-WYfdanyD_XfBz5tij9gKuN2o5k1SVi8AJsJs-gcBObluP-JxvR41FK3lZnMNxlOnWRHbABxw","not-before-policy":1618992050,"session_state":"9f1c7954-1a69-4651-bb34-02cb1afbc13c","scope":"openid profile email"}
2021-04-30 10:01:19 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJTQy11WTNiSm55ZVRwYWFxUUIwZFlUWVBaTW83V2l0UnA1ZEVxb0RsOEZRIn0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIzM2E0OTFhZS02ZWQyLTRlYWEtOGNhNC1mMmQyZDJjNGVkOWYiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJyZXNvdXJjZS1zZXJ2ZXIiLCJzdWIiOiJmYTU0YTQ3OS00M2I0LTQwMGUtODllYS05YzBmZGEwYWZlNWUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtMi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC03LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTguY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2NvbmZvcm1hbmNlLXN1aXRlLmtleWNsb2FrLWZhcGkub3JnIiwiaHR0cHM6Ly9sb2NhbGhvc3QuZW1vYml4LmNvLnVrIiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtOS5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC0xLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vbG9jYWxob3N0LmVtb2JpeC5jby51azo4NDQzIiwiaHR0cHM6Ly9zdGFnaW5nLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTUuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2RlbW8uY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTMuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0Il0sImNuZiI6eyJ4NXQjUzI1NiI6IjdncndWY0JRbVgxb0h3X1VGWG1zWWV4LXF1OVVEaEhncEZLTUs3NkVlWDgifSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obiJ9.GVyAauuoXzGXA3tYu6DyaGxx7MEwn9vcUtwk6q7ohuf1VKS-v5XzSUHgaynxR7FsjLobzCbk89Vd4lj15_Adk_WkXYu4VfTK7hlWXwhnNh4i8SYWoKl8cw-XFncQ5rATdefSizM8Zg0jrysjvFUZ8r-ilkWgIx3CiFONVGQhd2ZAduE206OMYhAZNEV1EEPcGFG5uiA926SdFZ7wPDEfRg81S87B-pQRUt9EA6AIQ2_uvG0rs5-CkGfViB2kaR-k77KzpMYUE_3ILhPDk7E_AudBQhWcAA-9rUsKTJhyp-7KqH9Kj-3z50Jlh-Mdgs4klraI2qCZ3CDHImfIADbcjQ
expires_in
300
refresh_expires_in
1800
refresh_token
eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkNjQ3OTBhOC1lOGVmLTRhMTUtYjVlYi00NmM1MWQ0OTE0ZTYifQ.eyJleHAiOjE2MTk3Nzg2NzksImlhdCI6MTYxOTc3Njg3OSwianRpIjoiYTA0MDQ5ODQtYjg3NS00ZmEzLThmMjUtNmI0OTYwMzk1YWYzIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay1kaXJlY3QtYnJhemlsLW9iLmFwcHMuYnJhemlsb2IuYTd6MC5wMS5vcGVuc2hpZnRhcHBzLmNvbS9hdXRoL3JlYWxtcy90ZXN0IiwiYXVkIjoiaHR0cHM6Ly9rZXljbG9hay1kaXJlY3QtYnJhemlsLW9iLmFwcHMuYnJhemlsb2IuYTd6MC5wMS5vcGVuc2hpZnRhcHBzLmNvbS9hdXRoL3JlYWxtcy90ZXN0Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYiLCJub25jZSI6IkN5b1N6OGVXcXIiLCJzZXNzaW9uX3N0YXRlIjoiOWYxYzc5NTQtMWE2OS00NjUxLWJiMzQtMDJjYjFhZmJjMTNjIiwiY25mIjp7Ing1dCNTMjU2IjoiN2dyd1ZjQlFtWDFvSHdfVUZYbXNZZXgtcXU5VURoSGdwRktNSzc2RWVYOCJ9LCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIn0.p5s25k8fJX96VwCIo88Cf8bvHNbjSH_11SYJN4tL6yU
token_type
Bearer
id_token
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiI4NmUzMDY5Yi1jNTNkLTRmM2EtYWIyMi03ZGM0MzYxMDUxYWQiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImF0X2hhc2giOiJ4RnNuZWFjNHRtTG13WmNfZlk1M0N3IiwiYWNyIjoiMCIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.N5po2n5v46V52-WYfdanyD_XfBz5tij9gKuN2o5k1SVi8AJsJs-gcBObluP-JxvR41FK3lZnMNxlOnWRHbABxw
not-before-policy
1618992050
session_state
9f1c7954-1a69-4651-bb34-02cb1afbc13c
scope
openid profile email
Verify token endpoint response
2021-04-30 10:01:19 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2021-04-30 10:01:19 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJTQy11WTNiSm55ZVRwYWFxUUIwZFlUWVBaTW83V2l0UnA1ZEVxb0RsOEZRIn0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIzM2E0OTFhZS02ZWQyLTRlYWEtOGNhNC1mMmQyZDJjNGVkOWYiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJyZXNvdXJjZS1zZXJ2ZXIiLCJzdWIiOiJmYTU0YTQ3OS00M2I0LTQwMGUtODllYS05YzBmZGEwYWZlNWUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtMi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC03LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTguY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2NvbmZvcm1hbmNlLXN1aXRlLmtleWNsb2FrLWZhcGkub3JnIiwiaHR0cHM6Ly9sb2NhbGhvc3QuZW1vYml4LmNvLnVrIiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtOS5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC0xLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vbG9jYWxob3N0LmVtb2JpeC5jby51azo4NDQzIiwiaHR0cHM6Ly9zdGFnaW5nLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTUuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2RlbW8uY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTMuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0Il0sImNuZiI6eyJ4NXQjUzI1NiI6IjdncndWY0JRbVgxb0h3X1VGWG1zWWV4LXF1OVVEaEhncEZLTUs3NkVlWDgifSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obiJ9.GVyAauuoXzGXA3tYu6DyaGxx7MEwn9vcUtwk6q7ohuf1VKS-v5XzSUHgaynxR7FsjLobzCbk89Vd4lj15_Adk_WkXYu4VfTK7hlWXwhnNh4i8SYWoKl8cw-XFncQ5rATdefSizM8Zg0jrysjvFUZ8r-ilkWgIx3CiFONVGQhd2ZAduE206OMYhAZNEV1EEPcGFG5uiA926SdFZ7wPDEfRg81S87B-pQRUt9EA6AIQ2_uvG0rs5-CkGfViB2kaR-k77KzpMYUE_3ILhPDk7E_AudBQhWcAA-9rUsKTJhyp-7KqH9Kj-3z50Jlh-Mdgs4klraI2qCZ3CDHImfIADbcjQ
2021-04-30 10:01:19 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJTQy11WTNiSm55ZVRwYWFxUUIwZFlUWVBaTW83V2l0UnA1ZEVxb0RsOEZRIn0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIzM2E0OTFhZS02ZWQyLTRlYWEtOGNhNC1mMmQyZDJjNGVkOWYiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJyZXNvdXJjZS1zZXJ2ZXIiLCJzdWIiOiJmYTU0YTQ3OS00M2I0LTQwMGUtODllYS05YzBmZGEwYWZlNWUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtMi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC03LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTguY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2NvbmZvcm1hbmNlLXN1aXRlLmtleWNsb2FrLWZhcGkub3JnIiwiaHR0cHM6Ly9sb2NhbGhvc3QuZW1vYml4LmNvLnVrIiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtOS5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC0xLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vbG9jYWxob3N0LmVtb2JpeC5jby51azo4NDQzIiwiaHR0cHM6Ly9zdGFnaW5nLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTUuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2RlbW8uY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTMuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0Il0sImNuZiI6eyJ4NXQjUzI1NiI6IjdncndWY0JRbVgxb0h3X1VGWG1zWWV4LXF1OVVEaEhncEZLTUs3NkVlWDgifSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obiJ9.GVyAauuoXzGXA3tYu6DyaGxx7MEwn9vcUtwk6q7ohuf1VKS-v5XzSUHgaynxR7FsjLobzCbk89Vd4lj15_Adk_WkXYu4VfTK7hlWXwhnNh4i8SYWoKl8cw-XFncQ5rATdefSizM8Zg0jrysjvFUZ8r-ilkWgIx3CiFONVGQhd2ZAduE206OMYhAZNEV1EEPcGFG5uiA926SdFZ7wPDEfRg81S87B-pQRUt9EA6AIQ2_uvG0rs5-CkGfViB2kaR-k77KzpMYUE_3ILhPDk7E_AudBQhWcAA-9rUsKTJhyp-7KqH9Kj-3z50Jlh-Mdgs4klraI2qCZ3CDHImfIADbcjQ
type
Bearer
2021-04-30 10:01:19 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
300
2021-04-30 10:01:19 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
300
2021-04-30 10:01:19 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkNjQ3OTBhOC1lOGVmLTRhMTUtYjVlYi00NmM1MWQ0OTE0ZTYifQ.eyJleHAiOjE2MTk3Nzg2NzksImlhdCI6MTYxOTc3Njg3OSwianRpIjoiYTA0MDQ5ODQtYjg3NS00ZmEzLThmMjUtNmI0OTYwMzk1YWYzIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay1kaXJlY3QtYnJhemlsLW9iLmFwcHMuYnJhemlsb2IuYTd6MC5wMS5vcGVuc2hpZnRhcHBzLmNvbS9hdXRoL3JlYWxtcy90ZXN0IiwiYXVkIjoiaHR0cHM6Ly9rZXljbG9hay1kaXJlY3QtYnJhemlsLW9iLmFwcHMuYnJhemlsb2IuYTd6MC5wMS5vcGVuc2hpZnRhcHBzLmNvbS9hdXRoL3JlYWxtcy90ZXN0Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImNsaWVudDExLW10bHMtRVMyNTYtRVMyNTYiLCJub25jZSI6IkN5b1N6OGVXcXIiLCJzZXNzaW9uX3N0YXRlIjoiOWYxYzc5NTQtMWE2OS00NjUxLWJiMzQtMDJjYjFhZmJjMTNjIiwiY25mIjp7Ing1dCNTMjU2IjoiN2dyd1ZjQlFtWDFvSHdfVUZYbXNZZXgtcXU5VURoSGdwRktNSzc2RWVYOCJ9LCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIn0.p5s25k8fJX96VwCIo88Cf8bvHNbjSH_11SYJN4tL6yU
2021-04-30 10:01:19 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
6992
required
128
2021-04-30 10:01:19 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
4945.610024643507
expected
96.0
2021-04-30 10:01:19 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
18232
required
128
2021-04-30 10:01:19 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
13093.519122171352
expected
96.0
2021-04-30 10:01:19 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiI4NmUzMDY5Yi1jNTNkLTRmM2EtYWIyMi03ZGM0MzYxMDUxYWQiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImF0X2hhc2giOiJ4RnNuZWFjNHRtTG13WmNfZlk1M0N3IiwiYWNyIjoiMCIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.N5po2n5v46V52-WYfdanyD_XfBz5tij9gKuN2o5k1SVi8AJsJs-gcBObluP-JxvR41FK3lZnMNxlOnWRHbABxw
header
{
  "kid": "xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64",
  "typ": "JWT",
  "alg": "ES256"
}
claims
{
  "at_hash": "xFsneac4tmLmwZc_fY53Cw",
  "sub": "fa54a479-43b4-400e-89ea-9c0fda0afe5e",
  "email_verified": false,
  "iss": "https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test",
  "typ": "ID",
  "preferred_username": "john",
  "nonce": "CyoSz8eWqr",
  "aud": "client11-mtls-ES256-ES256",
  "acr": "urn:mace:incommon:iap:silver",
  "azp": "client11-mtls-ES256-ES256",
  "auth_time": 1619774534,
  "exp": 1619777179,
  "session_state": "9f1c7954-1a69-4651-bb34-02cb1afbc13c",
  "iat": 1619776879,
  "jti": "86e3069b-c53d-4f3a-ab22-7dc4361051ad"
}
2021-04-30 10:01:19 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2021-04-30 10:01:19 SUCCESS
EnsureIdTokenContainsKid
kid was found in the ID token header
kid
xZoOVbDvoAK4qijpbhYZFQ1IveJlIgqlMRqaGhqT-64
2021-04-30 10:01:19 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
CyoSz8eWqr
2021-04-30 10:01:19 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:mace:incommon:iap:silver
requested
[
  "urn:mace:incommon:iap:silver"
]
2021-04-30 10:01:19 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiI4NmUzMDY5Yi1jNTNkLTRmM2EtYWIyMi03ZGM0MzYxMDUxYWQiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImF0X2hhc2giOiJ4RnNuZWFjNHRtTG13WmNfZlk1M0N3IiwiYWNyIjoiMCIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.N5po2n5v46V52-WYfdanyD_XfBz5tij9gKuN2o5k1SVi8AJsJs-gcBObluP-JxvR41FK3lZnMNxlOnWRHbABxw
2021-04-30 10:01:19 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJhbGciOiJFUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJ4Wm9PVmJEdm9BSzRxaWpwYmhZWkZRMUl2ZUpsSWdxbE1ScWFHaHFULTY0In0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiI4NmUzMDY5Yi1jNTNkLTRmM2EtYWIyMi03ZGM0MzYxMDUxYWQiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwic3ViIjoiZmE1NGE0NzktNDNiNC00MDBlLTg5ZWEtOWMwZmRhMGFmZTVlIiwidHlwIjoiSUQiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImF0X2hhc2giOiJ4RnNuZWFjNHRtTG13WmNfZlk1M0N3IiwiYWNyIjoiMCIsImFjciI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4ifQ.N5po2n5v46V52-WYfdanyD_XfBz5tij9gKuN2o5k1SVi8AJsJs-gcBObluP-JxvR41FK3lZnMNxlOnWRHbABxw
2021-04-30 10:01:19 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
fa54a479-43b4-400e-89ea-9c0fda0afe5e
2021-04-30 10:01:19 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
ES256
2021-04-30 10:01:19 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2021-04-30 10:01:19 INFO
FAPIValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2021-04-30 10:01:19 INFO
ExtractCHash
Couldn't find c_hash in ID token
2021-04-30 10:01:19 INFO
ExtractSHash
Couldn't find s_hash in ID token
2021-04-30 10:01:19 SUCCESS
ExtractAtHash
Extracted at_hash from ID Token
at_hash
xFsneac4tmLmwZc_fY53Cw
alg
ES256
2021-04-30 10:01:19 INFO
ValidateCHash
Skipped evaluation due to missing required object: c_hash
expected
c_hash
mapped
2021-04-30 10:01:19 INFO
ValidateSHash
Skipped evaluation due to missing required object: s_hash
expected
s_hash
mapped
2021-04-30 10:01:19 SUCCESS
ValidateAtHash
at_hash validated successfully
expected_hash
xFsneac4tmLmwZc_fY53Cw
unhashed_value
eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJTQy11WTNiSm55ZVRwYWFxUUIwZFlUWVBaTW83V2l0UnA1ZEVxb0RsOEZRIn0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIzM2E0OTFhZS02ZWQyLTRlYWEtOGNhNC1mMmQyZDJjNGVkOWYiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJyZXNvdXJjZS1zZXJ2ZXIiLCJzdWIiOiJmYTU0YTQ3OS00M2I0LTQwMGUtODllYS05YzBmZGEwYWZlNWUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtMi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC03LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTguY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2NvbmZvcm1hbmNlLXN1aXRlLmtleWNsb2FrLWZhcGkub3JnIiwiaHR0cHM6Ly9sb2NhbGhvc3QuZW1vYml4LmNvLnVrIiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtOS5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC0xLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vbG9jYWxob3N0LmVtb2JpeC5jby51azo4NDQzIiwiaHR0cHM6Ly9zdGFnaW5nLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTUuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2RlbW8uY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTMuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0Il0sImNuZiI6eyJ4NXQjUzI1NiI6IjdncndWY0JRbVgxb0h3X1VGWG1zWWV4LXF1OVVEaEhncEZLTUs3NkVlWDgifSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obiJ9.GVyAauuoXzGXA3tYu6DyaGxx7MEwn9vcUtwk6q7ohuf1VKS-v5XzSUHgaynxR7FsjLobzCbk89Vd4lj15_Adk_WkXYu4VfTK7hlWXwhnNh4i8SYWoKl8cw-XFncQ5rATdefSizM8Zg0jrysjvFUZ8r-ilkWgIx3CiFONVGQhd2ZAduE206OMYhAZNEV1EEPcGFG5uiA926SdFZ7wPDEfRg81S87B-pQRUt9EA6AIQ2_uvG0rs5-CkGfViB2kaR-k77KzpMYUE_3ILhPDk7E_AudBQhWcAA-9rUsKTJhyp-7KqH9Kj-3z50Jlh-Mdgs4klraI2qCZ3CDHImfIADbcjQ
id_token_hash
xFsneac4tmLmwZc_fY53Cw
Verify at_hash in the authorization endpoint id_token
2021-04-30 10:01:19 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2021-04-30 10:01:19 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Resource server endpoint tests
2021-04-30 10:01:19
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2021-04-30 10:01:19 SUCCESS
AddFAPIAuthDateToResourceEndpointRequest
Added x-fapi-auth-date to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Fri, 30 Apr 2021 10:01:19 GMT"
}
2021-04-30 10:01:19
AddIpV4FapiCustomerIpAddressToResourceEndpointRequest
Added x-fapi-customer-ip-address containing IPv4 address to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Fri, 30 Apr 2021 10:01:19 GMT",
  "x-fapi-customer-ip-address": "198.51.100.119"
}
2021-04-30 10:01:19
CreateRandomFAPIInteractionId
Created interaction ID
fapi_interaction_id
719fe2ac-11af-4ce0-ba37-f7f8a98d9b0d
2021-04-30 10:01:19
AddFAPIInteractionIdToResourceEndpointRequest
Condition ran but did not log anything
2021-04-30 10:01:19
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP request
request_uri
https://gw-dev-direct.apps.brazilob.a7z0.p1.openshiftapps.com/brazil-aisp/fapi
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "x-fapi-auth-date": "Fri, 30 Apr 2021 10:01:19 GMT",
  "x-fapi-customer-ip-address": "198.51.100.119",
  "x-fapi-interaction-id": "719fe2ac-11af-4ce0-ba37-f7f8a98d9b0d",
  "authorization": "Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJTQy11WTNiSm55ZVRwYWFxUUIwZFlUWVBaTW83V2l0UnA1ZEVxb0RsOEZRIn0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIzM2E0OTFhZS02ZWQyLTRlYWEtOGNhNC1mMmQyZDJjNGVkOWYiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJyZXNvdXJjZS1zZXJ2ZXIiLCJzdWIiOiJmYTU0YTQ3OS00M2I0LTQwMGUtODllYS05YzBmZGEwYWZlNWUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtMi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC03LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTguY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2NvbmZvcm1hbmNlLXN1aXRlLmtleWNsb2FrLWZhcGkub3JnIiwiaHR0cHM6Ly9sb2NhbGhvc3QuZW1vYml4LmNvLnVrIiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtOS5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC0xLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vbG9jYWxob3N0LmVtb2JpeC5jby51azo4NDQzIiwiaHR0cHM6Ly9zdGFnaW5nLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTUuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2RlbW8uY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTMuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0Il0sImNuZiI6eyJ4NXQjUzI1NiI6IjdncndWY0JRbVgxb0h3X1VGWG1zWWV4LXF1OVVEaEhncEZLTUs3NkVlWDgifSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obiJ9.GVyAauuoXzGXA3tYu6DyaGxx7MEwn9vcUtwk6q7ohuf1VKS-v5XzSUHgaynxR7FsjLobzCbk89Vd4lj15_Adk_WkXYu4VfTK7hlWXwhnNh4i8SYWoKl8cw-XFncQ5rATdefSizM8Zg0jrysjvFUZ8r-ilkWgIx3CiFONVGQhd2ZAduE206OMYhAZNEV1EEPcGFG5uiA926SdFZ7wPDEfRg81S87B-pQRUt9EA6AIQ2_uvG0rs5-CkGfViB2kaR-k77KzpMYUE_3ILhPDk7E_AudBQhWcAA-9rUsKTJhyp-7KqH9Kj-3z50Jlh-Mdgs4klraI2qCZ3CDHImfIADbcjQ",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIDKDCCAs6gAwIBAgIUXl6GT8Ex1EENFSPveDA8fUoqHAwwCgYIKoZIzj0EAwIwdjELMAkGA1UEBhMCSlAxEzARBgNVBAgTClByaXZhdGUgQ0ExFzAVBgNVBAoTDlNlY3VyZSBPU1MgU2lnMRYwFAYDVQQLEw1LZXljbG9hay1mYXBpMSEwHwYDVQQDExhLZXljbG9hay1mYXBpIFByaXZhdGUgQ0EwHhcNMTkwNTIxMDIwNDAwWhcNMjQwNTE5MDIwNDAwWjBhMQswCQYDVQQGEwJKUDEPMA0GA1UECBMGQ2xpZW50MRcwFQYDVQQKEw5TZWN1cmUgT1NTIFNpZzEWMBQGA1UECxMNS2V5Y2xvYWstZmFwaTEQMA4GA1UEAxMHY2xpZW50MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM74QUE+RfLtdHCKj1QXRQkj30AtveZa/7jbBpHYJCoSGA4bzuNE04HTK02hwtBO0J0bvbRy14BYHimwhUY6n7gtZKex3JQ39QC2UHbIOtIQXvCgbn6K4iU6WrUbCK4I8p77gIk4MXQmsCQokAtxsF1eq/RyLhRJXo/aTwcHDWcb5n8jFGmpOJyhmPEXwtzqMZwO9Y+aI3d5P/xHXnb84zrgRJH2YMzTKOfGt72I8Ag34ITTQUxox5RUMMGwqlzN6bEYIF9lyCcd3kCSgyp4b4wNBc5h5g3GPDBTCUx3z07oQ50LR7AAICevHvWGlUxXtX+MYc6+Mvjb3l/e+EEldb0CAwEAAaOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURPpQRYqk1GU0v6159IJV4fo7s8YwHwYDVR0jBBgwFoAUJmT6o2FQqWh2KBGYB3nfWHkAtEgwCwYDVR0RBAQwAoIAMAoGCCqGSM49BAMCA0gAMEUCIHImOqdaMfLN1M7i4wfXKIGnJHDlEv8B3jASpdlMb35IAiEA5oj7fyh0KxGG9Z4kUGusBUYidOemP81CtyOPzg1A64w\u003d",
  "key": "MIIEpQIBAAKCAQEAzvhBQT5F8u10cIqPVBdFCSPfQC295lr/uNsGkdgkKhIYDhvO40TTgdMrTaHC0E7QnRu9tHLXgFgeKbCFRjqfuC1kp7HclDf1ALZQdsg60hBe8KBuforiJTpatRsIrgjynvuAiTgxdCawJCiQC3GwXV6r9HIuFElej9pPBwcNZxvmfyMUaak4nKGY8RfC3OoxnA71j5ojd3k//EdedvzjOuBEkfZgzNMo58a3vYjwCDfghNNBTGjHlFQwwbCqXM3psRggX2XIJx3eQJKDKnhvjA0FzmHmDcY8MFMJTHfPTuhDnQtHsAAgJ68e9YaVTFe1f4xhzr4y+NveX974QSV1vQIDAQABAoIBAQCbyK7NXgMmi+b2AsVJZU54R8D1vLhQWDRdPrceNdNau03R6Mp7tEWDVaAlidlqE7jgWI4c8cgVeb4SYSSfrOalqb02oCDIi6nlRFUiYyorDVl4wzkIFJ+Np/O4l8WbwW5ljia8okhPBgPU45cwlf1K+kRx9TOL34HGw2pyfrNu5G1NWs3a30qHVc5FnKBgJq4PZgxtTC15DoQ4U8IF7M9XYlXOkx3zSOjk2mpQaOPDeRWBwoFsoxqOl+x3/u9rhiGW+9OXEltq+AKAlsZ4QVfvmjIZ65c5SJwrV+OhLIKOoA8TzheBGKZ4vkKt17GxWsm7KP1afh1fqc5Cd1lE0e1BAoGBAPI5SKi+HKuMsWY6YLv0c6j/FHJ/ZnSLLYc6/edfXso0djuz7BOfmLjgnntDrWTf6jWJ14DMDZVaohFr69eham8N9H9bQl7tpdtswRL0IVfOZYbEBbQk57/l5yADZcxvOMne/yh8K8LARYdFe5WDHCijgLhqmENenRHhHUjAuPVxAoGBANq9rnqQ6j4n2GEx+YhIKOflCUWwUe9XQ8pdQwniDQkQ3imOsOLn/nMXUO1oUMbaH0cbQ0+e5QGW74alTaFkQxBeSTbvZplMtwgaKDl2GzlYFPUxSLkAf5crChjT0z5t74RvChCvoLLxXXD+PmkC1Hpub78bfEwqit54fVGMJW8NAoGBAMzk8fZzYnMmvwU3io5TOOcSZqx34iXheTC0EQT/4oHvILhd+OucjCaPMuAYHnt/AXIqWJYFhdP557AO91/elda9Gj4E5z6/jhXvh97Njcrlt3HpLN32fecQxZKJ7TmiN4pjzLjlWGsUE3xapTCSyGYD8KWO3Z/XT8xI/WmGRK6xAoGBAMBmaUr7nl4vk/7iAzehKQHYDpDSpy8bldAwuh++SnL3+EGbdfEP2FsJXjCEOdC+2RYlX85v18TPKz5GtgLIesix9jow1xDuTmv8/faU8Rs+Y6jLwcigLJodzFLMNxnJfw0A0lyc7n+XF/akWubpC1XpP7dcCLfCD8XhO3F4EREdAoGAQRNaIHonLPVg+cZAVR6DAKj7l20tE1THRfHrkJDoM661hl7EnPL30SoLJyKYh3uil+/XAMtdegE5nrumg25FKdDY+JvSSvqEI0dLqKZzc6PBRau3+KVUVAYQtvtH7E2uJ7oFzFepTp2mq1I7+BYEmTIaPDJvf/l5gz+vy+voLrs\u003d"
}
2021-04-30 10:01:20 RESPONSE
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "openresty",
  "date": "Fri, 30 Apr 2021 10:01:20 GMT",
  "content-type": "application/json;charset\u003dUTF-8",
  "transfer-encoding": "chunked",
  "connection": "keep-alive",
  "x-fapi-interaction-id": "719fe2ac-11af-4ce0-ba37-f7f8a98d9b0d"
}
response_body
{
  "Status" : "available",
  "DateTime" : "2021-04-30T10:01:20.381Z"
}
2021-04-30 10:01:20 SUCCESS
CallProtectedResourceWithBearerTokenAndCustomHeaders
Got a response from the resource endpoint
headers
{
  "server": "openresty",
  "date": "Fri, 30 Apr 2021 10:01:20 GMT",
  "content-type": "application/json;charset\u003dUTF-8",
  "transfer-encoding": "chunked",
  "connection": "keep-alive",
  "x-fapi-interaction-id": "719fe2ac-11af-4ce0-ba37-f7f8a98d9b0d"
}
status_code
{
  "code": 200
}
body
{
  "Status" : "available",
  "DateTime" : "2021-04-30T10:01:20.381Z"
}
2021-04-30 10:01:20 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Fri, 30 Apr 2021 10:01:20 GMT
skew
443
2021-04-30 10:01:20 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
719fe2ac-11af-4ce0-ba37-f7f8a98d9b0d
2021-04-30 10:01:20 SUCCESS
EnsureMatchingFAPIInteractionId
Interaction ID matched
fapi_interaction_id
719fe2ac-11af-4ce0-ba37-f7f8a98d9b0d
2021-04-30 10:01:20 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is JSON
content_type
application/json;charset=UTF-8
Attempting reuse of authorisation code & testing if access token is revoked
2021-04-30 10:01:20 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2021-04-30 10:01:21 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2021-04-30 10:01:21
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://keycloak-direct-brazil-ob.apps.brazilob.a7z0.p1.openshiftapps.com/auth/realms/test/protocol/openid-connect/token
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "270"
}
request_body
grant_type=authorization_code&code=af860073-24c2-4fc0-b316-d1c4178a262d.9f1c7954-1a69-4651-bb34-02cb1afbc13c.57d1d9dd-c981-4b3b-b5c8-0713c8d25a54&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2Fkeycloak%2Fcallback&client_id=client11-mtls-ES256-ES256
request_mutual_tls
{
  "cert": "MIIDKDCCAs6gAwIBAgIUXl6GT8Ex1EENFSPveDA8fUoqHAwwCgYIKoZIzj0EAwIwdjELMAkGA1UEBhMCSlAxEzARBgNVBAgTClByaXZhdGUgQ0ExFzAVBgNVBAoTDlNlY3VyZSBPU1MgU2lnMRYwFAYDVQQLEw1LZXljbG9hay1mYXBpMSEwHwYDVQQDExhLZXljbG9hay1mYXBpIFByaXZhdGUgQ0EwHhcNMTkwNTIxMDIwNDAwWhcNMjQwNTE5MDIwNDAwWjBhMQswCQYDVQQGEwJKUDEPMA0GA1UECBMGQ2xpZW50MRcwFQYDVQQKEw5TZWN1cmUgT1NTIFNpZzEWMBQGA1UECxMNS2V5Y2xvYWstZmFwaTEQMA4GA1UEAxMHY2xpZW50MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM74QUE+RfLtdHCKj1QXRQkj30AtveZa/7jbBpHYJCoSGA4bzuNE04HTK02hwtBO0J0bvbRy14BYHimwhUY6n7gtZKex3JQ39QC2UHbIOtIQXvCgbn6K4iU6WrUbCK4I8p77gIk4MXQmsCQokAtxsF1eq/RyLhRJXo/aTwcHDWcb5n8jFGmpOJyhmPEXwtzqMZwO9Y+aI3d5P/xHXnb84zrgRJH2YMzTKOfGt72I8Ag34ITTQUxox5RUMMGwqlzN6bEYIF9lyCcd3kCSgyp4b4wNBc5h5g3GPDBTCUx3z07oQ50LR7AAICevHvWGlUxXtX+MYc6+Mvjb3l/e+EEldb0CAwEAAaOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURPpQRYqk1GU0v6159IJV4fo7s8YwHwYDVR0jBBgwFoAUJmT6o2FQqWh2KBGYB3nfWHkAtEgwCwYDVR0RBAQwAoIAMAoGCCqGSM49BAMCA0gAMEUCIHImOqdaMfLN1M7i4wfXKIGnJHDlEv8B3jASpdlMb35IAiEA5oj7fyh0KxGG9Z4kUGusBUYidOemP81CtyOPzg1A64w\u003d",
  "key": "MIIEpQIBAAKCAQEAzvhBQT5F8u10cIqPVBdFCSPfQC295lr/uNsGkdgkKhIYDhvO40TTgdMrTaHC0E7QnRu9tHLXgFgeKbCFRjqfuC1kp7HclDf1ALZQdsg60hBe8KBuforiJTpatRsIrgjynvuAiTgxdCawJCiQC3GwXV6r9HIuFElej9pPBwcNZxvmfyMUaak4nKGY8RfC3OoxnA71j5ojd3k//EdedvzjOuBEkfZgzNMo58a3vYjwCDfghNNBTGjHlFQwwbCqXM3psRggX2XIJx3eQJKDKnhvjA0FzmHmDcY8MFMJTHfPTuhDnQtHsAAgJ68e9YaVTFe1f4xhzr4y+NveX974QSV1vQIDAQABAoIBAQCbyK7NXgMmi+b2AsVJZU54R8D1vLhQWDRdPrceNdNau03R6Mp7tEWDVaAlidlqE7jgWI4c8cgVeb4SYSSfrOalqb02oCDIi6nlRFUiYyorDVl4wzkIFJ+Np/O4l8WbwW5ljia8okhPBgPU45cwlf1K+kRx9TOL34HGw2pyfrNu5G1NWs3a30qHVc5FnKBgJq4PZgxtTC15DoQ4U8IF7M9XYlXOkx3zSOjk2mpQaOPDeRWBwoFsoxqOl+x3/u9rhiGW+9OXEltq+AKAlsZ4QVfvmjIZ65c5SJwrV+OhLIKOoA8TzheBGKZ4vkKt17GxWsm7KP1afh1fqc5Cd1lE0e1BAoGBAPI5SKi+HKuMsWY6YLv0c6j/FHJ/ZnSLLYc6/edfXso0djuz7BOfmLjgnntDrWTf6jWJ14DMDZVaohFr69eham8N9H9bQl7tpdtswRL0IVfOZYbEBbQk57/l5yADZcxvOMne/yh8K8LARYdFe5WDHCijgLhqmENenRHhHUjAuPVxAoGBANq9rnqQ6j4n2GEx+YhIKOflCUWwUe9XQ8pdQwniDQkQ3imOsOLn/nMXUO1oUMbaH0cbQ0+e5QGW74alTaFkQxBeSTbvZplMtwgaKDl2GzlYFPUxSLkAf5crChjT0z5t74RvChCvoLLxXXD+PmkC1Hpub78bfEwqit54fVGMJW8NAoGBAMzk8fZzYnMmvwU3io5TOOcSZqx34iXheTC0EQT/4oHvILhd+OucjCaPMuAYHnt/AXIqWJYFhdP557AO91/elda9Gj4E5z6/jhXvh97Njcrlt3HpLN32fecQxZKJ7TmiN4pjzLjlWGsUE3xapTCSyGYD8KWO3Z/XT8xI/WmGRK6xAoGBAMBmaUr7nl4vk/7iAzehKQHYDpDSpy8bldAwuh++SnL3+EGbdfEP2FsJXjCEOdC+2RYlX85v18TPKz5GtgLIesix9jow1xDuTmv8/faU8Rs+Y6jLwcigLJodzFLMNxnJfw0A0lyc7n+XF/akWubpC1XpP7dcCLfCD8XhO3F4EREdAoGAQRNaIHonLPVg+cZAVR6DAKj7l20tE1THRfHrkJDoM661hl7EnPL30SoLJyKYh3uil+/XAMtdegE5nrumg25FKdDY+JvSSvqEI0dLqKZzc6PBRau3+KVUVAYQtvtH7E2uJ7oFzFepTp2mq1I7+BYEmTIaPDJvf/l5gz+vy+voLrs\u003d"
}
2021-04-30 10:01:22 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "cache-control": "no-store",
  "x-xss-protection": "1; mode\u003dblock",
  "pragma": "no-cache",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "no-referrer",
  "date": "Fri, 30 Apr 2021 10:01:22 GMT",
  "connection": "keep-alive",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "x-content-type-options": "nosniff",
  "content-type": "application/json",
  "content-length": "62"
}
response_body
{"error":"invalid_grant","error_description":"Code not valid"}
2021-04-30 10:01:22 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error
invalid_grant
error_description
Code not valid
2021-04-30 10:01:22 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2021-04-30 10:01:22 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2021-04-30 10:01:22 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
error
invalid_grant
2021-04-30 10:01:22 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2021-04-30 10:01:22 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
Code not valid
2021-04-30 10:01:22 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
Code not valid
2021-04-30 10:01:22 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2021-04-30 10:01:22
CallProtectedResourceWithBearerTokenExpectingError
HTTP request
request_uri
https://gw-dev-direct.apps.brazilob.a7z0.p1.openshiftapps.com/brazil-aisp/fapi
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "x-fapi-auth-date": "Fri, 30 Apr 2021 10:01:19 GMT",
  "x-fapi-customer-ip-address": "198.51.100.119",
  "x-fapi-interaction-id": "719fe2ac-11af-4ce0-ba37-f7f8a98d9b0d",
  "authorization": "Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJTQy11WTNiSm55ZVRwYWFxUUIwZFlUWVBaTW83V2l0UnA1ZEVxb0RsOEZRIn0.eyJleHAiOjE2MTk3NzcxNzksImlhdCI6MTYxOTc3Njg3OSwiYXV0aF90aW1lIjoxNjE5Nzc0NTM0LCJqdGkiOiIzM2E0OTFhZS02ZWQyLTRlYWEtOGNhNC1mMmQyZDJjNGVkOWYiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLWRpcmVjdC1icmF6aWwtb2IuYXBwcy5icmF6aWxvYi5hN3owLnAxLm9wZW5zaGlmdGFwcHMuY29tL2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJyZXNvdXJjZS1zZXJ2ZXIiLCJzdWIiOiJmYTU0YTQ3OS00M2I0LTQwMGUtODllYS05YzBmZGEwYWZlNWUiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQxMS1tdGxzLUVTMjU2LUVTMjU2Iiwibm9uY2UiOiJDeW9TejhlV3FyIiwic2Vzc2lvbl9zdGF0ZSI6IjlmMWM3OTU0LTFhNjktNDY1MS1iYjM0LTAyY2IxYWZiYzEzYyIsImFjciI6IjAiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtMi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC03LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTguY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNi5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2NvbmZvcm1hbmNlLXN1aXRlLmtleWNsb2FrLWZhcGkub3JnIiwiaHR0cHM6Ly9sb2NhbGhvc3QuZW1vYml4LmNvLnVrIiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtOS5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL3Jldmlldy1hcHAtZGV2LWJyYW5jaC0xLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vbG9jYWxob3N0LmVtb2JpeC5jby51azo4NDQzIiwiaHR0cHM6Ly9zdGFnaW5nLmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldCIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTUuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9yZXZpZXctYXBwLWRldi1icmFuY2gtNC5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQiLCJodHRwczovL2RlbW8uY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0IiwiaHR0cHM6Ly9sb2NhbGhvc3Q6ODQ0MyIsImh0dHBzOi8vcmV2aWV3LWFwcC1kZXYtYnJhbmNoLTMuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0Il0sImNuZiI6eyJ4NXQjUzI1NiI6IjdncndWY0JRbVgxb0h3X1VGWG1zWWV4LXF1OVVEaEhncEZLTUs3NkVlWDgifSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obiJ9.GVyAauuoXzGXA3tYu6DyaGxx7MEwn9vcUtwk6q7ohuf1VKS-v5XzSUHgaynxR7FsjLobzCbk89Vd4lj15_Adk_WkXYu4VfTK7hlWXwhnNh4i8SYWoKl8cw-XFncQ5rATdefSizM8Zg0jrysjvFUZ8r-ilkWgIx3CiFONVGQhd2ZAduE206OMYhAZNEV1EEPcGFG5uiA926SdFZ7wPDEfRg81S87B-pQRUt9EA6AIQ2_uvG0rs5-CkGfViB2kaR-k77KzpMYUE_3ILhPDk7E_AudBQhWcAA-9rUsKTJhyp-7KqH9Kj-3z50Jlh-Mdgs4klraI2qCZ3CDHImfIADbcjQ",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIDKDCCAs6gAwIBAgIUXl6GT8Ex1EENFSPveDA8fUoqHAwwCgYIKoZIzj0EAwIwdjELMAkGA1UEBhMCSlAxEzARBgNVBAgTClByaXZhdGUgQ0ExFzAVBgNVBAoTDlNlY3VyZSBPU1MgU2lnMRYwFAYDVQQLEw1LZXljbG9hay1mYXBpMSEwHwYDVQQDExhLZXljbG9hay1mYXBpIFByaXZhdGUgQ0EwHhcNMTkwNTIxMDIwNDAwWhcNMjQwNTE5MDIwNDAwWjBhMQswCQYDVQQGEwJKUDEPMA0GA1UECBMGQ2xpZW50MRcwFQYDVQQKEw5TZWN1cmUgT1NTIFNpZzEWMBQGA1UECxMNS2V5Y2xvYWstZmFwaTEQMA4GA1UEAxMHY2xpZW50MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM74QUE+RfLtdHCKj1QXRQkj30AtveZa/7jbBpHYJCoSGA4bzuNE04HTK02hwtBO0J0bvbRy14BYHimwhUY6n7gtZKex3JQ39QC2UHbIOtIQXvCgbn6K4iU6WrUbCK4I8p77gIk4MXQmsCQokAtxsF1eq/RyLhRJXo/aTwcHDWcb5n8jFGmpOJyhmPEXwtzqMZwO9Y+aI3d5P/xHXnb84zrgRJH2YMzTKOfGt72I8Ag34ITTQUxox5RUMMGwqlzN6bEYIF9lyCcd3kCSgyp4b4wNBc5h5g3GPDBTCUx3z07oQ50LR7AAICevHvWGlUxXtX+MYc6+Mvjb3l/e+EEldb0CAwEAAaOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQURPpQRYqk1GU0v6159IJV4fo7s8YwHwYDVR0jBBgwFoAUJmT6o2FQqWh2KBGYB3nfWHkAtEgwCwYDVR0RBAQwAoIAMAoGCCqGSM49BAMCA0gAMEUCIHImOqdaMfLN1M7i4wfXKIGnJHDlEv8B3jASpdlMb35IAiEA5oj7fyh0KxGG9Z4kUGusBUYidOemP81CtyOPzg1A64w\u003d",
  "key": "MIIEpQIBAAKCAQEAzvhBQT5F8u10cIqPVBdFCSPfQC295lr/uNsGkdgkKhIYDhvO40TTgdMrTaHC0E7QnRu9tHLXgFgeKbCFRjqfuC1kp7HclDf1ALZQdsg60hBe8KBuforiJTpatRsIrgjynvuAiTgxdCawJCiQC3GwXV6r9HIuFElej9pPBwcNZxvmfyMUaak4nKGY8RfC3OoxnA71j5ojd3k//EdedvzjOuBEkfZgzNMo58a3vYjwCDfghNNBTGjHlFQwwbCqXM3psRggX2XIJx3eQJKDKnhvjA0FzmHmDcY8MFMJTHfPTuhDnQtHsAAgJ68e9YaVTFe1f4xhzr4y+NveX974QSV1vQIDAQABAoIBAQCbyK7NXgMmi+b2AsVJZU54R8D1vLhQWDRdPrceNdNau03R6Mp7tEWDVaAlidlqE7jgWI4c8cgVeb4SYSSfrOalqb02oCDIi6nlRFUiYyorDVl4wzkIFJ+Np/O4l8WbwW5ljia8okhPBgPU45cwlf1K+kRx9TOL34HGw2pyfrNu5G1NWs3a30qHVc5FnKBgJq4PZgxtTC15DoQ4U8IF7M9XYlXOkx3zSOjk2mpQaOPDeRWBwoFsoxqOl+x3/u9rhiGW+9OXEltq+AKAlsZ4QVfvmjIZ65c5SJwrV+OhLIKOoA8TzheBGKZ4vkKt17GxWsm7KP1afh1fqc5Cd1lE0e1BAoGBAPI5SKi+HKuMsWY6YLv0c6j/FHJ/ZnSLLYc6/edfXso0djuz7BOfmLjgnntDrWTf6jWJ14DMDZVaohFr69eham8N9H9bQl7tpdtswRL0IVfOZYbEBbQk57/l5yADZcxvOMne/yh8K8LARYdFe5WDHCijgLhqmENenRHhHUjAuPVxAoGBANq9rnqQ6j4n2GEx+YhIKOflCUWwUe9XQ8pdQwniDQkQ3imOsOLn/nMXUO1oUMbaH0cbQ0+e5QGW74alTaFkQxBeSTbvZplMtwgaKDl2GzlYFPUxSLkAf5crChjT0z5t74RvChCvoLLxXXD+PmkC1Hpub78bfEwqit54fVGMJW8NAoGBAMzk8fZzYnMmvwU3io5TOOcSZqx34iXheTC0EQT/4oHvILhd+OucjCaPMuAYHnt/AXIqWJYFhdP557AO91/elda9Gj4E5z6/jhXvh97Njcrlt3HpLN32fecQxZKJ7TmiN4pjzLjlWGsUE3xapTCSyGYD8KWO3Z/XT8xI/WmGRK6xAoGBAMBmaUr7nl4vk/7iAzehKQHYDpDSpy8bldAwuh++SnL3+EGbdfEP2FsJXjCEOdC+2RYlX85v18TPKz5GtgLIesix9jow1xDuTmv8/faU8Rs+Y6jLwcigLJodzFLMNxnJfw0A0lyc7n+XF/akWubpC1XpP7dcCLfCD8XhO3F4EREdAoGAQRNaIHonLPVg+cZAVR6DAKj7l20tE1THRfHrkJDoM661hl7EnPL30SoLJyKYh3uil+/XAMtdegE5nrumg25FKdDY+JvSSvqEI0dLqKZzc6PBRau3+KVUVAYQtvtH7E2uJ7oFzFepTp2mq1I7+BYEmTIaPDJvf/l5gz+vy+voLrs\u003d"
}
2021-04-30 10:01:22 RESPONSE
CallProtectedResourceWithBearerTokenExpectingError
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "server": "openresty",
  "date": "Fri, 30 Apr 2021 10:01:22 GMT",
  "content-type": "application/json;charset\u003dUTF-8",
  "transfer-encoding": "chunked",
  "connection": "keep-alive",
  "x-fapi-interaction-id": "719fe2ac-11af-4ce0-ba37-f7f8a98d9b0d"
}
response_body
{
  "Status" : "available",
  "DateTime" : "2021-04-30T10:01:22.501Z"
}
2021-04-30 10:01:22 WARNING
CallProtectedResourceWithBearerTokenExpectingError
No error from resource endpoint
Status
available
DateTime
2021-04-30T10:01:22.501Z
2021-04-30 10:01:22 FINISHED
fapi-rw-id2-attempt-reuse-authorisation-code-after-one-second
Test has run to completion
testmodule_result
WARNING
Test Results