Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-03-31 07:44:51 INFO
TEST-RUNNER
Test instance sd8BIVrjE2bmFLS created
baseUrl
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "plain_fapi",
  "fapi_response_mode": "jarm"
}
alias
oidc-provider-by_value-private_key_jwt-plain_fapi-jarm
description
PlusAuth FAPI-RW-ID2 Conformance
planId
MBPNNQfIQUx6q
config
{
  "alias": "oidc-provider-by_value-private_key_jwt-plain_fapi-jarm",
  "server": {
    "discoveryUrl": "https://certification.plusauth.com/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "pkjwt-one",
    "scope": "openid offline_access",
    "jwks": {
      "keys": [
        {
          "e": "AQAB",
          "n": "zQAzeDYb9PES5Ool_oQMWKGXXTJIfLrjOkHkD5ECFu3ia-K2-3jYmvGXBMpZYan5KFZNU2HwK93HhHImZX7EKvnVWO_ihE_9LMec_Fw0AcMHNz3z9hxMiWH4pu39zNE_0E1jXoFxbOhDlMX28c8f8wk5ZHqkxkYhwvorOWeV3EBHcgfM6-IpzhDNcUo8xPWN6d_dn6BZK-ovyG6kZvC7qYLcQqjqt7Zn73plvJawfXpj89iUURz_xGqqk6RFZ1ZXzEN81sOzTdyjNYvJB0zXswm0gHcuZ4i9qKMt7gg_xgoMntH3mleVexHMTY1q3_zvVRgYnJfgcu_XmvOEDW08CQ",
          "d": "FMnubkRedWp1Fg3AqJzPe7V3WhYdT7jMDj5cWE_GPHkHOxWUpM_Od3gEbpHumn7YK4UE9m26I1isQPwqdKR0VD9dqVU6TVynOgFMJDNdeshCVRHNSan5AP2Ub6k20axuojsW1qCd1gN_xviEYGU2wjivP0dIqmq2RcWE2J9ujRUxF0gNSVUrsZXJhV6wBrmp2fKg1i0laTJxwUaLOvhQFjG4Yh3ZBsZ67MTEkR7VhBZkGmK0aunBkBON1Vqj3g_rbk577mdPnA_V4iB_VXP7CXSg-Fo1df7AFiHFSwdptuvVJSiAXfgadqIFGjuqIrqdI7fe8cjbW4v3RM85p-GGAQ",
          "p": "9Ugt6mwFL4-1nsx0PTFYuII_3OXmb9QTOGddefcwDu_2vbQD4qa6JhBRM6EArEL5MgBQ0Vtip_I2PPq46gN064htmJ6-J1P0guS3to1K2-Q0haWM43qDCi5J8cZIHzP3TXedSbYi71CAsDfdCpIXfWDwqWQgupCNPa1zYiE8k6E",
          "q": "1fVrsocqDchGkfq55wYasV2Xa9sB9WzMwrIF-cRIJTGohkH7bM8i3YTiHU_DrQ_n4Wpyd8jidkIFq0U8qbYqjWIJurzdo-HkWntDGxtae3ukyUe5w_Is_Nyn1jO9yZS1wh6XTqc_9QaSMs0qd_Cmgm1fzSTnvBgvL1pqFNxGT2k",
          "dp": "gbdpaPc1iuCieVfBBXeqZvGjGoyO4Ic0nvizS8Q5Kz0mrU6dW2k3OtgYSYiVFYTZyuK12vJMa2tB2d_ymPe5BrMA2tzgzWWuAuc4bReuBjpauG9D4i2xTVoLiwyEqdPOrq5ahVgIg618UTVJ9cQrHgh9XefxExlNSNgJFFVlduE",
          "dq": "YQlkpdxtc0DA2NYo2CFJm-WBllYGpmOI3khVM3kU62GBOBrWx_uNqX_p-TdC3MuY9AAOGEuQgefhoFLPd3z6AZNULFAaCYiaw3qh7bpTKCvkibExDDBavPfqWtium60JXhf3saFi_WLUjZvFRg5rxj2KtISnYQRq6gQMlpdsf_k",
          "qi": "5k5c8cTo1oBncpHMZa3bGBzzIcC4bxloaFZlMMWFm3dEEmgUlt7vxRrehD64Ed0V4Ilq22Gg3wbvFL39LD0iCU41tB4HAGN2onevRw5cgwqpLW7lkM1f9VxHiep5iE35HO9yE3f_Fa4Kg4dJm13ftDzuLoJ5yhiVneKjtkTzA8w",
          "kty": "RSA",
          "kid": "A_2wqWqrn6IIPVsaws9afUhR7CWtJLIOCKIr6hgsGzQ",
          "alg": "PS256",
          "use": "sig"
        }
      ]
    }
  },
  "mtls": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA2MRYwFAYDVQQDEw1jZXJ0\naWZpY2F0aW9uMQswCQYDVQQGEwJUUjEPMA0GA1UEBxMGQW5rYXJhMB4XDTIwMTIx\nNTEyMjA0OFoXDTIxMTIxNTEyMjA0OFowNjEWMBQGA1UEAxMNY2VydGlmaWNhdGlv\nbjELMAkGA1UEBhMCVFIxDzANBgNVBAcTBkFua2FyYTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAPP5boBMe9pGmPtzL6QQHcpWivIW9NgZg9w6o95l/ZZj\nMTEuQImu4UrU9rWkDEuJwLl9zE+lQi6iiHfX9CoQ6Rmi0VYY+r74JmVftbkyTaha\nP9U6oIC3/AALRtQLwfxj7fUwMF5mylCT0TGmjGLYiEpuhHqfLDFOttpAscxeCAPR\n6vfbh9fl9J589pDpxvqb8yf/faRxXZkHpAzNev2ZCTToHoxFDGd8uiPuQEcHm0I9\nGpKhmFNRmoog5jint/DN5+DrEGoJD+O18cZi2ajQfUV8bWDGRCBFalNXEjsDnXXg\nz/0GRY2N1oxL6Wvcolpb0YuNgF+AfiLKReXDb/3YQgsCAwEAAaOBjTCBijAMBgNV\nHRMEBTADAQH/MAsGA1UdDwQEAwIC9DA7BgNVHSUENDAyBggrBgEFBQcDAQYIKwYB\nBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwgwEQYJYIZIAYb4QgEB\nBAQDAgD3MB0GA1UdDgQWBBTcNYIxrZfafySIEMjkCTIFxodKKjANBgkqhkiG9w0B\nAQUFAAOCAQEAcQaSBTib4gL7GbEbbCkYTsrD0Ygy/X1m/vikXIewIQL1954k2kXQ\nOr/enxSxV6Twk4e/ngQ/eLOCQJe3CTje8uYEIhkZ6Ms8txEWsNqVri0x772mtvDR\npgCsa/RgKvddcpsyyK4tRNtfTSLLkPYTZ/MU0liMK3zC+9Vx02EwrOSMeqkGk6Zu\nXmUfzs5r4D7X2YWo1qEcKrl20oByhEaluD6tuPFZs7tR/cEE0i31hPcXa4oWHVNo\nxPLsmBxlOxvG6R4fdsj0OV2ONtzot3gRaIMwxGEDSRKtETB7JImH2ijvbZoe+S8B\nx9bSsC5vZyxuchAUYNSHnRyPMcY0Cg5kmg\u003d\u003d\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDz+W6ATHvaRpj7\ncy+kEB3KVoryFvTYGYPcOqPeZf2WYzExLkCJruFK1Pa1pAxLicC5fcxPpUIuooh3\n1/QqEOkZotFWGPq++CZlX7W5Mk2oWj/VOqCAt/wAC0bUC8H8Y+31MDBeZspQk9Ex\npoxi2IhKboR6nywxTrbaQLHMXggD0er324fX5fSefPaQ6cb6m/Mn/32kcV2ZB6QM\nzXr9mQk06B6MRQxnfLoj7kBHB5tCPRqSoZhTUZqKIOY4p7fwzefg6xBqCQ/jtfHG\nYtmo0H1FfG1gxkQgRWpTVxI7A5114M/9BkWNjdaMS+lr3KJaW9GLjYBfgH4iykXl\nw2/92EILAgMBAAECggEBAOAi1xGnMmFlWkYnnCztYXDx8NRXorilOC6q8MDwkfgH\nSLoV89SJhRBqdfyJqYH8G8JNf9XrzNFrIFR5YScEQiH7IrYmXLX049FeDGUHgbCY\nuOv74FhgrnKb6YYFB0IHzCTlEIqphFRieF1U1MQ6iXtX7P16He9ukS4RIUbPXC2k\ncTK6sSvILdOVztKaZMrqXsfMiX1HM9qIDAmSK999U60HtojRuWtfNkAnLk/hY5FN\nOIKfaxbizDkUoGjeAkRSCvp44D6wp9cy0JCbv1cOLeQnnywZskp790ikmqZORXHz\n0naCHBpMVR57QfLgOk+HiZh+amOG9O7RT8CmGQ5VJwECgYEA/Cm0j6vn5wxc1UDs\ntQcxdVxRWokr4a7HtvvmETzk0jp7MTXHGTRzRDgIJrZyr8Jibu8JEFixoufuvtxc\nUuojApnR/3LVoy0vRF1qw40tfuoWLN8ZlPTk5ljQvAK698L67a2xb+NmmIS9AgdJ\nRPcOJk7jS1YV1eF+ooUoPBQniqkCgYEA96/T9InnOMnTyg+pBUZH9WJ02YYCQ8hA\ncT44WLzsU6SogcdjVyYkdkOrZVIy33JQDMmozN4Pl7pGdGHPzaXF+ZDTsoG1MyAh\n9XCsGJz5Tb00TZ7j3TVijIfpCRg0DU8OrwnrpdqxAdgjnhBGtL2Si5o9wPfKegme\npFJLf1cXa5MCgYEA91p1u0U262cuHSZdy8otkuEnEHdkKzKGyBFbAmfIUgx50bDe\nB/RyaWXJYSgxYgV9BzLFolpOje2TPXftvIveIev/mePseu+U4Sv90atICKnZbNTA\nRGThsK9IulS3UNjbypBKcOYROuVifn3lOphaMevKfJkKPE7BKO0TpbNjglkCgYAX\nKtkWfHemNiqbMc/LcIF2kFkBp6k6kdaFQR6gHju0rygby3ydQDIU5ct4VLHxeI3I\nRGyHjRXESWYhqKx5PdJAv60tezhpqc3DWWCfhL9E6DemMwB5Rm8LWgMQGLV1sTlc\nYf8qqkP4OjFKrZcPfNPiPvEbxZGozJGMKS5qoMjOBQKBgEXrXmuUHZJSbAUc87w5\nISmlQT9kqYMaLhDJRYr4Ga3aB89XbJ1J9TgqCh7b++HF5P9l36s4Tn9bv8f+FFBc\nlGJKXfDNE2nqq1Mo9yn3D6Fc0Co0BUniTPHzKVd6JeQBoAXfGCbva/m7veEWvFac\nwhh6yrx2l9/AWrKn7zQPUFsx\n-----END PRIVATE KEY-----\n"
  },
  "client2": {
    "client_id": "pkjwt-two",
    "scope": "openid offline_access",
    "jwks": {
      "keys": [
        {
          "e": "AQAB",
          "n": "qzgcSLgS2vBm1Nmhc6_VdgF4SQzndM5SwejjqfPPLcKp2KV4vcwK03AmAHJHgB-q8ZQaiaW6AMvUsuBRiYmYGBya6zbcTCQywOpQZweQEiGftsMcLHpLLK0HbJsrxt_ZFVxa6_xW6oQeH37EPLn7RoNPXjl1aWmR-Cg_hN6wyTuSqfPNrXy6m8XKUwHrkrxAvjU5z5eQC3lAAZbGswLmm2yGbg9qNrc-3hjxnceb_lfrtmWi604QGo70xoZqJZh1PhYYSSbU6drOtDPWcJA8oX3SxYy6o5wjVGIsOo3Vb4fyhzNNzhWB3-z2KfcZHdxikc5SVfn38QTLixx-F42Vcw",
          "d": "MvPkvuNAgTUPdQI64MGP5ak0UZDshD8uM5SJw7bRjc2jW9yKXPkOs7NpK7LWglNqPLAVYacW_kuqRX0p5qMyxuIkXCEcV_BhxjU0riR7BFpLPEk95iKSon3vequG0I0m_gtY52dVuj6M9FR2M5gpJefHw8OXpEINdWsM1A6tT4TU8q8cju5n5K6y_jsIqf-claS18StInd0v8Cqi_V0euoxGzROAbsN2ewnpGgCWvxTUpSygDnZjD0Uad9zbuxQfOE4S8qphtOTadFEyu1v4J8tItKvKFn9gjP5XBkWHs5EJuajPs80u9L3x5SIFvgNCJNZIoN_9y9dQ_0OHNykt2Q",
          "p": "4uID1QMNgCpI6P4H5DjGu-cSNywVtiKEk9naHAvBDiSASfpxfKdWF9fumMAz3mPdhlQmMbNlNJO9JqJxeWh_J7tNRcBlrhfgaVbtUT0SHtsTYwlLED_PM8miZfAIy5C3ju9Rf0e8tQmtBj8v6xwGkGWQ8sDLkw-vsl5NqBcZA20",
          "q": "wTFTpf8ZTnxf8PP5S4dEXDmAIgZlnp336tCjHvpECVMWlvpx8tVUj6wuJuHVhO3LqfEYt4wfEy-o14NzzwSw5Kc-wgMB6U6rZeMdV8Ob5JMCAtdUTtS4EH85y5y_eghIdqtrfuSvr4A41zZs4uYPaqiQu05y_u5q8UOJHdG4kF8",
          "dp": "nkLQL39ApJ1aXIQO1yivoBTwROIQhwsO9d9p4FRmp0nY30G-dhh32ov6WD0CMWfx96itN9AOkZ1YvSFlDC5TPFDP9w7dHpJzLKfBRQDXqgRhQp0R6lTIYTSOfpLwX6ckE6VmcOWGgbYtJoVfFJ5pCcJ_WIYZuwyfH0ne25i5DwU",
          "dq": "nzXAYsdVGqpDArZ9FvJVss8sOl4dNtemLRxdobTLhwezUR758w49zt0td5ubNB4oPlfTb8gI_-3B7kGFmfCauwTdIlQKKjRL6f59-wrYGUnRWXgNIZ4KRoYiohr-bVoQJcPlJcDey_oWXb2bhG3l_JcIF2RyPodLGKL4h9uCh28",
          "qi": "Nf2_xFr89GpFHzfkQNPsipXHJiNgpA3IJIwsuuTPq_GeEyq8sjPVevlwBzqbYOVFJ1Xs1H6JW_OY4BoeS7eBjOodxf7uSInw7ocTiydupUC_mVCkYegjN_0vC2jZ2zm_sn0VBpAVZsSftjabk-LGDELQk0gVatA7Nrivh57C-wc",
          "kty": "RSA",
          "kid": "YdaGJq76SjDky4iSJBEGdart5978QLB86nMU9l3AqWI",
          "alg": "PS256",
          "use": "sig"
        }
      ]
    }
  },
  "mtls2": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA2MRYwFAYDVQQDEw1jZXJ0\naWZpY2F0aW9uMQswCQYDVQQGEwJUUjEPMA0GA1UEBxMGQW5rYXJhMB4XDTIwMTIx\nNTEyMjUzOFoXDTIxMTIxNTEyMjUzOFowNjEWMBQGA1UEAxMNY2VydGlmaWNhdGlv\nbjELMAkGA1UEBhMCVFIxDzANBgNVBAcTBkFua2FyYTCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAM9dAtlkj0DZMpd1jw1fDRn9vImy4SgvKh0cwLCeIFzW\nA7PBNzhhoDiqGgHvE8DdXED5zNK00DgJ6oPrDW0190JNOcwLC2PzRdN6k8DO3Aq/\n3EiFJS2fDeKmpJzX6y0XQbbYyGWDFswssDr8Mz9ibz2TyHviKpY+27rGl1nO17Kb\nc6AShyzZrQKkuwamlvdkuHYDhgjUw/dCaVaghj/Z3P2WIpq+KdlvzvqZ4xYwLpWc\n9HNaCf8mRwAPfrCWA3BhTmEW3G1mzvLX6o+l3W/ndxLv1xvKz9XAR5AiU60b7tvu\nGBhXzICqh6cGnhK0gJM/RciTV4n+ZWM9q8ARZKGMacMCAwEAAaOBjTCBijAMBgNV\nHRMEBTADAQH/MAsGA1UdDwQEAwIC9DA7BgNVHSUENDAyBggrBgEFBQcDAQYIKwYB\nBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwgwEQYJYIZIAYb4QgEB\nBAQDAgD3MB0GA1UdDgQWBBSO0NgBTsRJUWbms//ykKmI1D+7bTANBgkqhkiG9w0B\nAQUFAAOCAQEARZVfRXzBxvDrnmz5wkP9OMBl1hJ6tyryp7AF5BKnAAhHwDRhzqwX\nL7gNcQNOPC0EDX8FjICUFdGAPIU/7i1TyTC6/MH3gOPdBhA1v1IATjX6GZSqAKHW\nW85FV8Xr0usolKeG/6uPH9l8R7e8FmvX24XvcDrn+t7pJdmrb1nA9Uo+BteXb4pp\nJS3yhFGmBgXnlQeiYrfPkXosWB89PswD5NaeqP6Icsgp3U4MQWpKx9cE6bIQRTJh\ns+YJO+Vi8vQKyFPjZzctrLN5uYwUgb3fOaFln2IQPWLn6JORNfB7z2OYT5bwQqWQ\nXQGiw+sZ6gF114ze25j4MuvFH0vpA3OtDQ\u003d\u003d\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDPXQLZZI9A2TKX\ndY8NXw0Z/byJsuEoLyodHMCwniBc1gOzwTc4YaA4qhoB7xPA3VxA+czStNA4CeqD\n6w1tNfdCTTnMCwtj80XTepPAztwKv9xIhSUtnw3ipqSc1+stF0G22MhlgxbMLLA6\n/DM/Ym89k8h74iqWPtu6xpdZzteym3OgEocs2a0CpLsGppb3ZLh2A4YI1MP3QmlW\noIY/2dz9liKavinZb876meMWMC6VnPRzWgn/JkcAD36wlgNwYU5hFtxtZs7y1+qP\npd1v53cS79cbys/VwEeQIlOtG+7b7hgYV8yAqoenBp4StICTP0XIk1eJ/mVjPavA\nEWShjGnDAgMBAAECggEBAMHhmTRhzX84lREAHczGvp06nPmygsrrrlih9ZgtgNzM\nTZHYaiURQpk4kjCUtMdzMTqfVV79KGH9A4RsVZVzC8i2JAAfo3rEjtj4lwWDZEG4\nueIke2p4eKceYHM1fvId+JdZgaVIOByW+/9qpw/wnUnZz23lPSRViWTNId4ag5q+\nBzUuZ/SeT26IPZbYrKDQ0AzZx2oQ9Gb1RE0c1ZV8aDeFCtFL+ufkwjU042KZv4o2\nyjSBDHjp4hoh7qOSrayU5QDQGTZqH+/IYSpouf4vYD97zaXQQHQtIowis/oZRa9c\nDZicGG5B2MqEHH9yrurgONr6YM5ofkDO7S/NWEE5EAECgYEA6CLhPSQOShiRxBk+\nN3p3TELNlg1cDDsoZWoEHQqtaDy/db+i0v6H6wtunmegqGBKiCMgUqEGdOeZrdXs\naU1iLMNw3i600SrqQ5Hqaqu2jqbYuY32wsllc3nbi2+h54wKFCLOS7B/jmrv8LYY\nwIolMk1cGIWqgyxZEquPupuETgECgYEA5K4u6VSNzh0YT8j3uXjTwCJCAHobqLYy\nEOHcYx14ACi16U64bKWqRGIuBe7k8X6suqRerXMe2wTw+YXqBNMW2s2SXZsLZ04A\nZf1F6o6tAyo/Zs86crwM7QPScBW3IDnXXG0EAllf5vN5baB1p79gFKvQvXfDgx8x\nAqJB9eYS/8MCgYEAzf4FuefA9mePEmEEIN7/9iBhpwH76K6mTjghplPPRWyCyc5g\ngrNzkVP3uYFjw4aPHPduu2RBAoRyjxwCSf9tWyOjiMYRlntqnsNhLX9q5HOSZjZf\n/sIQ0MQV2koZdguC9hNc1TWuO4cRnJ06ocD0+QpE603R3c0AzdyIEqPmaAECgYEA\nltnQWFtOsAjBYOBRiigKh1QR9f6XAFQv8rMLjtaBspkoZx9myUT/bNzXP1K39BZ8\nGyMS0Zh/YjuAOxn7pfMZwHybcOQ2QY9S8/R/iptTxiK4cDmDdOxYGoHK7+VjR/7f\n8jh3zJTojpFOKOMQufekif5NVK8MahLJYdNnb662GcECgYBn/3e5gvaoYlnJSgAh\nVMFXIsB0vegYXtONGADecqBdvRybQUz1/me2LkKzmq9S5aSKFcrSJbq6xm+DcVQh\ngeOX0KdlgGLb7T+UyR9C4dhDRNgN8UD+Wog7WY38FpeXCTE/Crwrchdfr3Xphlzb\nAbp/VB7xWupHp9/1KZU/i+TXwA\u003d\u003d\n-----END PRIVATE KEY-----\n"
  },
  "resource": {
    "resourceUrl": "https://certification.plusauth.com/me",
    "institution_id": "xxxxx"
  },
  "browser": [
    {
      "match": "https://certification.plusauth.com/oauth/auth*",
      "tasks": [
        {
          "task": "Login",
          "optional": true,
          "match": "https://certification.plusauth.com/signin",
          "commands": [
            [
              "text",
              "name",
              "username",
              "foo"
            ],
            [
              "text",
              "name",
              "password",
              "bar"
            ],
            [
              "click",
              "class",
              "login-submit"
            ]
          ]
        },
        {
          "task": "Consent",
          "optional": true,
          "match": "https://certification.plusauth.com/signin/consent*",
          "commands": [
            [
              "click",
              "class",
              "login-submit"
            ]
          ]
        },
        {
          "task": "Verify Complete",
          "match": "https://*/test/a/oidc-provider-*/callback*",
          "commands": [
            [
              "wait",
              "id",
              "submission_complete",
              10
            ]
          ]
        }
      ]
    }
  ],
  "description": "PlusAuth FAPI-RW-ID2 Conformance"
}
testName
fapi-rw-id2-ensure-response-type-code-fails
2021-03-31 07:44:51 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback
2021-03-31 07:44:51
GetDynamicServerConfiguration
HTTP request
request_uri
https://certification.plusauth.com/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-03-31 07:44:52 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "vary": "Origin",
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "4735",
  "date": "Wed, 31 Mar 2021 07:44:52 GMT",
  "connection": "keep-alive",
  "keep-alive": "timeout\u003d5"
}
response_body
{"acr_values_supported":["urn:mace:incommon:iap:bronze","urn:mace:incommon:iap:silver"],"authorization_endpoint":"https://certification.plusauth.com/oauth/auth","device_authorization_endpoint":"https://certification.plusauth.com/oauth/device/auth","claims_parameter_supported":true,"claims_supported":["sub","birthdate","family_name","gender","given_name","locale","middle_name","name","username","nickname","picture","preferred_username","profile","updated_at","website","zoneinfo","email","email_verified","address","phone_number","phone_number_verified","metadata","roles","roleGroups","permissions","acr","sid","auth_time","iss","amr"],"code_challenge_methods_supported":["S256"],"end_session_endpoint":"https://certification.plusauth.com/logout","check_session_iframe":"https://certification.plusauth.com/session/check","grant_types_supported":["implicit","authorization_code","refresh_token","client_credentials","urn:ietf:params:oauth:grant-type:device_code","urn:ietf:params:oauth:grant-type:token-exchange"],"id_token_signing_alg_values_supported":["HS256","PS256","RS256","ES256","EdDSA"],"issuer":"https://certification.plusauth.com","jwks_uri":"https://certification.plusauth.com/.well-known/jwks.json","registration_endpoint":"https://certification.plusauth.com/oauth/reg","response_modes_supported":["form_post","fragment","query","web_message","jwt","query.jwt","fragment.jwt","form_post.jwt","web_message.jwt"],"response_types_supported":["code id_token token","code id_token","code token","code","token","id_token token","id_token","none"],"scopes_supported":["openid","offline_access","profile","email","address","phone","metadata","rbac"],"subject_types_supported":["public","pairwise"],"token_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],"token_endpoint_auth_signing_alg_values_supported":["HS256","RS256","PS256","ES256","EdDSA"],"token_endpoint":"https://certification.plusauth.com/oauth/token","pushed_authorization_request_endpoint":"https://certification.plusauth.com/oauth/request","request_object_signing_alg_values_supported":["HS256","RS256","PS256","ES256","EdDSA"],"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"userinfo_endpoint":"https://certification.plusauth.com/me","userinfo_signing_alg_values_supported":["HS256","PS256","RS256","ES256","EdDSA"],"authorization_signing_alg_values_supported":["HS256","PS256","RS256","ES256","EdDSA"],"introspection_endpoint":"https://certification.plusauth.com/oauth/introspect","introspection_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],"introspection_endpoint_auth_signing_alg_values_supported":["HS256","RS256","PS256","ES256","EdDSA"],"introspection_signing_alg_values_supported":["HS256","PS256","RS256","ES256","EdDSA"],"revocation_endpoint":"https://certification.plusauth.com/oauth/token/revocation","revocation_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],"revocation_endpoint_auth_signing_alg_values_supported":["HS256","RS256","PS256","ES256","EdDSA"],"id_token_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"id_token_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"userinfo_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"userinfo_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"introspection_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"introspection_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"authorization_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"authorization_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"request_object_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"request_object_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"backchannel_logout_supported":true,"backchannel_logout_session_supported":true,"frontchannel_logout_supported":true,"frontchannel_logout_session_supported":true,"tls_client_certificate_bound_access_tokens":true,"claim_types_supported":["normal"]}
2021-03-31 07:44:52
GetDynamicServerConfiguration
Downloaded server configuration
server_config_string
{"acr_values_supported":["urn:mace:incommon:iap:bronze","urn:mace:incommon:iap:silver"],"authorization_endpoint":"https://certification.plusauth.com/oauth/auth","device_authorization_endpoint":"https://certification.plusauth.com/oauth/device/auth","claims_parameter_supported":true,"claims_supported":["sub","birthdate","family_name","gender","given_name","locale","middle_name","name","username","nickname","picture","preferred_username","profile","updated_at","website","zoneinfo","email","email_verified","address","phone_number","phone_number_verified","metadata","roles","roleGroups","permissions","acr","sid","auth_time","iss","amr"],"code_challenge_methods_supported":["S256"],"end_session_endpoint":"https://certification.plusauth.com/logout","check_session_iframe":"https://certification.plusauth.com/session/check","grant_types_supported":["implicit","authorization_code","refresh_token","client_credentials","urn:ietf:params:oauth:grant-type:device_code","urn:ietf:params:oauth:grant-type:token-exchange"],"id_token_signing_alg_values_supported":["HS256","PS256","RS256","ES256","EdDSA"],"issuer":"https://certification.plusauth.com","jwks_uri":"https://certification.plusauth.com/.well-known/jwks.json","registration_endpoint":"https://certification.plusauth.com/oauth/reg","response_modes_supported":["form_post","fragment","query","web_message","jwt","query.jwt","fragment.jwt","form_post.jwt","web_message.jwt"],"response_types_supported":["code id_token token","code id_token","code token","code","token","id_token token","id_token","none"],"scopes_supported":["openid","offline_access","profile","email","address","phone","metadata","rbac"],"subject_types_supported":["public","pairwise"],"token_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],"token_endpoint_auth_signing_alg_values_supported":["HS256","RS256","PS256","ES256","EdDSA"],"token_endpoint":"https://certification.plusauth.com/oauth/token","pushed_authorization_request_endpoint":"https://certification.plusauth.com/oauth/request","request_object_signing_alg_values_supported":["HS256","RS256","PS256","ES256","EdDSA"],"request_parameter_supported":true,"request_uri_parameter_supported":true,"require_request_uri_registration":true,"userinfo_endpoint":"https://certification.plusauth.com/me","userinfo_signing_alg_values_supported":["HS256","PS256","RS256","ES256","EdDSA"],"authorization_signing_alg_values_supported":["HS256","PS256","RS256","ES256","EdDSA"],"introspection_endpoint":"https://certification.plusauth.com/oauth/introspect","introspection_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],"introspection_endpoint_auth_signing_alg_values_supported":["HS256","RS256","PS256","ES256","EdDSA"],"introspection_signing_alg_values_supported":["HS256","PS256","RS256","ES256","EdDSA"],"revocation_endpoint":"https://certification.plusauth.com/oauth/token/revocation","revocation_endpoint_auth_methods_supported":["none","client_secret_basic","client_secret_jwt","client_secret_post","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],"revocation_endpoint_auth_signing_alg_values_supported":["HS256","RS256","PS256","ES256","EdDSA"],"id_token_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"id_token_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"userinfo_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"userinfo_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"introspection_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"introspection_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"authorization_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"authorization_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"request_object_encryption_alg_values_supported":["A128KW","A256KW","ECDH-ES","ECDH-ES+A128KW","ECDH-ES+A256KW","RSA-OAEP"],"request_object_encryption_enc_values_supported":["A128CBC-HS256","A128GCM","A256CBC-HS512","A256GCM"],"backchannel_logout_supported":true,"backchannel_logout_session_supported":true,"frontchannel_logout_supported":true,"frontchannel_logout_session_supported":true,"tls_client_certificate_bound_access_tokens":true,"claim_types_supported":["normal"]}
2021-03-31 07:44:52 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
acr_values_supported
[
  "urn:mace:incommon:iap:bronze",
  "urn:mace:incommon:iap:silver"
]
authorization_endpoint
https://certification.plusauth.com/oauth/auth
device_authorization_endpoint
https://certification.plusauth.com/oauth/device/auth
claims_parameter_supported
true
claims_supported
[
  "sub",
  "birthdate",
  "family_name",
  "gender",
  "given_name",
  "locale",
  "middle_name",
  "name",
  "username",
  "nickname",
  "picture",
  "preferred_username",
  "profile",
  "updated_at",
  "website",
  "zoneinfo",
  "email",
  "email_verified",
  "address",
  "phone_number",
  "phone_number_verified",
  "metadata",
  "roles",
  "roleGroups",
  "permissions",
  "acr",
  "sid",
  "auth_time",
  "iss",
  "amr"
]
code_challenge_methods_supported
[
  "S256"
]
end_session_endpoint
https://certification.plusauth.com/logout
check_session_iframe
https://certification.plusauth.com/session/check
grant_types_supported
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "client_credentials",
  "urn:ietf:params:oauth:grant-type:device_code",
  "urn:ietf:params:oauth:grant-type:token-exchange"
]
id_token_signing_alg_values_supported
[
  "HS256",
  "PS256",
  "RS256",
  "ES256",
  "EdDSA"
]
issuer
https://certification.plusauth.com
jwks_uri
https://certification.plusauth.com/.well-known/jwks.json
registration_endpoint
https://certification.plusauth.com/oauth/reg
response_modes_supported
[
  "form_post",
  "fragment",
  "query",
  "web_message",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt",
  "web_message.jwt"
]
response_types_supported
[
  "code id_token token",
  "code id_token",
  "code token",
  "code",
  "token",
  "id_token token",
  "id_token",
  "none"
]
scopes_supported
[
  "openid",
  "offline_access",
  "profile",
  "email",
  "address",
  "phone",
  "metadata",
  "rbac"
]
subject_types_supported
[
  "public",
  "pairwise"
]
token_endpoint_auth_methods_supported
[
  "none",
  "client_secret_basic",
  "client_secret_jwt",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth",
  "self_signed_tls_client_auth"
]
token_endpoint_auth_signing_alg_values_supported
[
  "HS256",
  "RS256",
  "PS256",
  "ES256",
  "EdDSA"
]
token_endpoint
https://certification.plusauth.com/oauth/token
pushed_authorization_request_endpoint
https://certification.plusauth.com/oauth/request
request_object_signing_alg_values_supported
[
  "HS256",
  "RS256",
  "PS256",
  "ES256",
  "EdDSA"
]
request_parameter_supported
true
request_uri_parameter_supported
true
require_request_uri_registration
true
userinfo_endpoint
https://certification.plusauth.com/me
userinfo_signing_alg_values_supported
[
  "HS256",
  "PS256",
  "RS256",
  "ES256",
  "EdDSA"
]
authorization_signing_alg_values_supported
[
  "HS256",
  "PS256",
  "RS256",
  "ES256",
  "EdDSA"
]
introspection_endpoint
https://certification.plusauth.com/oauth/introspect
introspection_endpoint_auth_methods_supported
[
  "none",
  "client_secret_basic",
  "client_secret_jwt",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth",
  "self_signed_tls_client_auth"
]
introspection_endpoint_auth_signing_alg_values_supported
[
  "HS256",
  "RS256",
  "PS256",
  "ES256",
  "EdDSA"
]
introspection_signing_alg_values_supported
[
  "HS256",
  "PS256",
  "RS256",
  "ES256",
  "EdDSA"
]
revocation_endpoint
https://certification.plusauth.com/oauth/token/revocation
revocation_endpoint_auth_methods_supported
[
  "none",
  "client_secret_basic",
  "client_secret_jwt",
  "client_secret_post",
  "private_key_jwt",
  "tls_client_auth",
  "self_signed_tls_client_auth"
]
revocation_endpoint_auth_signing_alg_values_supported
[
  "HS256",
  "RS256",
  "PS256",
  "ES256",
  "EdDSA"
]
id_token_encryption_alg_values_supported
[
  "A128KW",
  "A256KW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A256KW",
  "RSA-OAEP"
]
id_token_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A256CBC-HS512",
  "A256GCM"
]
userinfo_encryption_alg_values_supported
[
  "A128KW",
  "A256KW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A256KW",
  "RSA-OAEP"
]
userinfo_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A256CBC-HS512",
  "A256GCM"
]
introspection_encryption_alg_values_supported
[
  "A128KW",
  "A256KW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A256KW",
  "RSA-OAEP"
]
introspection_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A256CBC-HS512",
  "A256GCM"
]
authorization_encryption_alg_values_supported
[
  "A128KW",
  "A256KW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A256KW",
  "RSA-OAEP"
]
authorization_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A256CBC-HS512",
  "A256GCM"
]
request_object_encryption_alg_values_supported
[
  "A128KW",
  "A256KW",
  "ECDH-ES",
  "ECDH-ES+A128KW",
  "ECDH-ES+A256KW",
  "RSA-OAEP"
]
request_object_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A256CBC-HS512",
  "A256GCM"
]
backchannel_logout_supported
true
backchannel_logout_session_supported
true
frontchannel_logout_supported
true
frontchannel_logout_session_supported
true
tls_client_certificate_bound_access_tokens
true
claim_types_supported
[
  "normal"
]
2021-03-31 07:44:52 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-03-31 07:44:52 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
{
  "testHost": "certification.plusauth.com",
  "testPort": 443
}
authorization_endpoint
{
  "testHost": "certification.plusauth.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "certification.plusauth.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "certification.plusauth.com",
  "testPort": 443
}
2021-03-31 07:44:52
FetchServerKeys
Fetching server key
jwks_uri
https://certification.plusauth.com/.well-known/jwks.json
2021-03-31 07:44:52
FetchServerKeys
HTTP request
request_uri
https://certification.plusauth.com/.well-known/jwks.json
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-03-31 07:44:52 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "vary": "Origin",
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "3248",
  "date": "Wed, 31 Mar 2021 07:44:52 GMT",
  "connection": "keep-alive",
  "keep-alive": "timeout\u003d5"
}
response_body
{"keys":[{"e":"AQAB","n":"wrVv1lBbX8AmPwcP6hrMsU2j2TiR4SHaM36DFpQOmSpzCofLH40jJMSBz0g8bPvwmaoW2N-D3tN9EKTcBWCWfXjjR2CsfWGsqnz1QDIq1hIgHxzgnEDrVgVri0zdCVRdTu01n9MK1iKMo0TF24w3X22tNjI5QgQLsJ4kqJPQYStEhW3OIrk_T3W-Y3S-AgaKGrr4EV3Zx3RjoObCvf9-NBTCkxCScasQ6gWjj_4ftBvK_pT0GzaObtDTDHRYFm7cS5WCnxM951WzlCqBYt5fpQbZRPYHZxubS_vCLD188vk10ZRSiLdDvCImfrmL324ZMvNCwn6_bgp1tf0X06rO1w","kty":"RSA","kid":"crorVsNL92n-vyLzl4qlcrpe9z0hSS9nMvyaKbKUXds","use":"sig"},{"crv":"P-256","x":"pus2plcFzciOvQRrAfwm45u2NHw-IhjZe0gk55vO--o","y":"McjUvdFc5nd2YEk9PLYw1HoHkYBBL42jtSoqAe4dCzM","kty":"EC","kid":"atDaXCMyhIUMZISEtmnBRX_C4BT7GoJUD4CMYWGbi_o","use":"sig"},{"crv":"P-256","x":"I8yVbnSd4WJjYH3age2eLK_S9sBtP8djG9y50X13yT0","y":"29Jzh2o85AU1LOzK-SamLLHpXT0O439upvRMvvaeMQA","kty":"EC","kid":"g6MupPz7xKWQ0tKtZLcjBlnA2JAv1VH1NWYtPbsDa2o","use":"enc"},{"crv":"secp256k1","x":"65X_LqUa4XNR3ShA8hLtG-1YDKXEdWHagihJkSspdSQ","y":"Mc8XQxxJnjSJjfcrd7hhlZMyQtHU4gANSFBzr1GsKKA","kty":"EC","kid":"cUJPqrATv3GVASHuCADHyW8p8C4wR5H_nTyaf5adzy0","use":"sig"},{"crv":"P-384","x":"rPUdhjvgdhRCox2456G0CIoKaTwZ8GnbYxwjf42QsT3VtPXi3p1c2RVs8XiDutrI","y":"B_lZyUrqzwwiGHRIf5rGIXwzSgrRCoN2Hv01PPnMMeMzHVExMQCpIlkZrXO9bDKm","kty":"EC","kid":"6JVT-_BVPkvO-MljZhfaMeYC-LmZjlWj0SlzJLRA4yk","use":"sig"},{"crv":"P-384","x":"cIPV-GMwYobrMFKUHmgzvaliMUtDwO73Ht7X1AQPIpfBDIS7ovnZkt90DzcPn59P","y":"4V2b3W7jRNZqANOc60LacK1pb62GVF5Dyn2Ra4wzbhRLGDVdD_UoazOW56TZ5tsl","kty":"EC","kid":"mIw-fa5LyZnypKpbddViJjWMjl8B5A-I5A31H_igCd8","use":"enc"},{"crv":"P-521","x":"AWyeRdPc35GRFdiu2dYhFgwcSJoUPw38qmUgG0VZSgsbdWWJxUv_iWWIux9hJono6f_qF-lq2At3xdGVBLR7BF5f","y":"AY7WKdsbjyaMZ4Wh8o8Uy5Bju9WxD6N1A7r5_8o5OFIeqD_hej9FxuQDWC4rxU7Ls84yVVtPRG81TaXRoKBxr5XZ","kty":"EC","kid":"w1A1G94s-hK5YrIqWgmV30gtOZ85yQCP3ZMOPTzbc-0","use":"sig"},{"crv":"Ed25519","x":"kAdD9v4ErkCNxQdNMrf4IIplW6YUYBMWkECnLxnZ2tk","kty":"OKP","kid":"ONnNDJq5ZuIAcJyRHpZyZSDcVFf78F1eRhoElXlYEr8","use":"sig"},{"crv":"P-521","x":"AErKX164tyXiv5BwPMyrjoUGyXJ5hX1X7sRgvI0mnbfZhCRnKL67-q5PmTP31OkzA4xQGmAOyBIZvNSJ1p8txIQ3","y":"ALRaE4Q3SLQPNAW_AXIOke34SFwXq2a5FiMHWY9zpJcmCQk9VJH7bG3AnHY_hxu2R-zC5caLy6TPcSzr9Dy4F0DX","kty":"EC","kid":"xKnQ0Rm1_EMwHefKR9UOt0IwCspmyr93L_GDMO_xqq8","use":"enc"},{"crv":"Ed448","x":"sNcFa_zimfHYOSQNS52N-nOX-CYG4dFXoTeuWHnulTj6Fn3heSObBl2NY5ifB9qyP4MHgnAtiboA","kty":"OKP","kid":"MCsSgS9d92FbCGRyBo91MYcXOtXF9qoOeXz65UR5EF8","use":"sig"},{"e":"AQAB","n":"q18zoa2EagO8rzK9svtdY3U2T7DiyZ6F6RUQcpF0AvUK1z4mANLlfhtasJ01BKSP25xLbO8xF72bOd07sQazQUMumKNuU1p8kzYH5yvXNRrFPg-G6r6NWzhT3qx5ov1jkdc2zqa8yj25DfXP6btFFYqfQoPBaFwSXxHLDOXLBfa5wuLnJFL8Yt6qm5aKaOOEJ_X8CfwKH_ajBUD4MhospWZbe9gyt7gKO28sdo8VdNFCq-OG9FWWCwDgS9AYfXOHIHMNvim6sOSsT__6ETkDqUxqYYPgsANARfASBYZs7FiJMv88Hjpa5BH60gbbdYWrCkq1vGh8u1nu0R6WfsxX6w","kty":"RSA","kid":"9dtTMGokAYuDGQjdE6lyhwR_wM0CgihB-BX6lk6-ZO4","use":"sig"},{"e":"AQAB","n":"xU_pU1APQpq581Q760Nd3UwDwKqjN62NPoXyPWxkTD15H2QDYkPMhbzY5J1TizMGGdegbeN--tnhBxMzIRxqcf83UBKvakYYJBr49dvXQSWqdpn8yG6STmO9kpG94vDQP49VBJ8YmXh6A5104_G2qXfQKe33cexKpJPKNedtDhUGUjOLzhYHjRIAGmWBsaLq5Dcbg1UtLEonzEznjKYPDUGhpE7Ao4eVeVEh0ZlFE3aocORW3xkT7uJFPq0pWBCHwD5PDPHtUQczDbbP4xn4Gr8r-vTHrxhv1WYH0NH61-YHqgG_csDat5ef3m0pJbzx7euitxxcr1bDuesB5g4fCQ","kty":"RSA","kid":"OVJpBKI4nfn-A3ZuYX6xkjNc7KhugIIm-y5Douaj6Sg","use":"enc"}]}
2021-03-31 07:44:52
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"e":"AQAB","n":"wrVv1lBbX8AmPwcP6hrMsU2j2TiR4SHaM36DFpQOmSpzCofLH40jJMSBz0g8bPvwmaoW2N-D3tN9EKTcBWCWfXjjR2CsfWGsqnz1QDIq1hIgHxzgnEDrVgVri0zdCVRdTu01n9MK1iKMo0TF24w3X22tNjI5QgQLsJ4kqJPQYStEhW3OIrk_T3W-Y3S-AgaKGrr4EV3Zx3RjoObCvf9-NBTCkxCScasQ6gWjj_4ftBvK_pT0GzaObtDTDHRYFm7cS5WCnxM951WzlCqBYt5fpQbZRPYHZxubS_vCLD188vk10ZRSiLdDvCImfrmL324ZMvNCwn6_bgp1tf0X06rO1w","kty":"RSA","kid":"crorVsNL92n-vyLzl4qlcrpe9z0hSS9nMvyaKbKUXds","use":"sig"},{"crv":"P-256","x":"pus2plcFzciOvQRrAfwm45u2NHw-IhjZe0gk55vO--o","y":"McjUvdFc5nd2YEk9PLYw1HoHkYBBL42jtSoqAe4dCzM","kty":"EC","kid":"atDaXCMyhIUMZISEtmnBRX_C4BT7GoJUD4CMYWGbi_o","use":"sig"},{"crv":"P-256","x":"I8yVbnSd4WJjYH3age2eLK_S9sBtP8djG9y50X13yT0","y":"29Jzh2o85AU1LOzK-SamLLHpXT0O439upvRMvvaeMQA","kty":"EC","kid":"g6MupPz7xKWQ0tKtZLcjBlnA2JAv1VH1NWYtPbsDa2o","use":"enc"},{"crv":"secp256k1","x":"65X_LqUa4XNR3ShA8hLtG-1YDKXEdWHagihJkSspdSQ","y":"Mc8XQxxJnjSJjfcrd7hhlZMyQtHU4gANSFBzr1GsKKA","kty":"EC","kid":"cUJPqrATv3GVASHuCADHyW8p8C4wR5H_nTyaf5adzy0","use":"sig"},{"crv":"P-384","x":"rPUdhjvgdhRCox2456G0CIoKaTwZ8GnbYxwjf42QsT3VtPXi3p1c2RVs8XiDutrI","y":"B_lZyUrqzwwiGHRIf5rGIXwzSgrRCoN2Hv01PPnMMeMzHVExMQCpIlkZrXO9bDKm","kty":"EC","kid":"6JVT-_BVPkvO-MljZhfaMeYC-LmZjlWj0SlzJLRA4yk","use":"sig"},{"crv":"P-384","x":"cIPV-GMwYobrMFKUHmgzvaliMUtDwO73Ht7X1AQPIpfBDIS7ovnZkt90DzcPn59P","y":"4V2b3W7jRNZqANOc60LacK1pb62GVF5Dyn2Ra4wzbhRLGDVdD_UoazOW56TZ5tsl","kty":"EC","kid":"mIw-fa5LyZnypKpbddViJjWMjl8B5A-I5A31H_igCd8","use":"enc"},{"crv":"P-521","x":"AWyeRdPc35GRFdiu2dYhFgwcSJoUPw38qmUgG0VZSgsbdWWJxUv_iWWIux9hJono6f_qF-lq2At3xdGVBLR7BF5f","y":"AY7WKdsbjyaMZ4Wh8o8Uy5Bju9WxD6N1A7r5_8o5OFIeqD_hej9FxuQDWC4rxU7Ls84yVVtPRG81TaXRoKBxr5XZ","kty":"EC","kid":"w1A1G94s-hK5YrIqWgmV30gtOZ85yQCP3ZMOPTzbc-0","use":"sig"},{"crv":"Ed25519","x":"kAdD9v4ErkCNxQdNMrf4IIplW6YUYBMWkECnLxnZ2tk","kty":"OKP","kid":"ONnNDJq5ZuIAcJyRHpZyZSDcVFf78F1eRhoElXlYEr8","use":"sig"},{"crv":"P-521","x":"AErKX164tyXiv5BwPMyrjoUGyXJ5hX1X7sRgvI0mnbfZhCRnKL67-q5PmTP31OkzA4xQGmAOyBIZvNSJ1p8txIQ3","y":"ALRaE4Q3SLQPNAW_AXIOke34SFwXq2a5FiMHWY9zpJcmCQk9VJH7bG3AnHY_hxu2R-zC5caLy6TPcSzr9Dy4F0DX","kty":"EC","kid":"xKnQ0Rm1_EMwHefKR9UOt0IwCspmyr93L_GDMO_xqq8","use":"enc"},{"crv":"Ed448","x":"sNcFa_zimfHYOSQNS52N-nOX-CYG4dFXoTeuWHnulTj6Fn3heSObBl2NY5ifB9qyP4MHgnAtiboA","kty":"OKP","kid":"MCsSgS9d92FbCGRyBo91MYcXOtXF9qoOeXz65UR5EF8","use":"sig"},{"e":"AQAB","n":"q18zoa2EagO8rzK9svtdY3U2T7DiyZ6F6RUQcpF0AvUK1z4mANLlfhtasJ01BKSP25xLbO8xF72bOd07sQazQUMumKNuU1p8kzYH5yvXNRrFPg-G6r6NWzhT3qx5ov1jkdc2zqa8yj25DfXP6btFFYqfQoPBaFwSXxHLDOXLBfa5wuLnJFL8Yt6qm5aKaOOEJ_X8CfwKH_ajBUD4MhospWZbe9gyt7gKO28sdo8VdNFCq-OG9FWWCwDgS9AYfXOHIHMNvim6sOSsT__6ETkDqUxqYYPgsANARfASBYZs7FiJMv88Hjpa5BH60gbbdYWrCkq1vGh8u1nu0R6WfsxX6w","kty":"RSA","kid":"9dtTMGokAYuDGQjdE6lyhwR_wM0CgihB-BX6lk6-ZO4","use":"sig"},{"e":"AQAB","n":"xU_pU1APQpq581Q760Nd3UwDwKqjN62NPoXyPWxkTD15H2QDYkPMhbzY5J1TizMGGdegbeN--tnhBxMzIRxqcf83UBKvakYYJBr49dvXQSWqdpn8yG6STmO9kpG94vDQP49VBJ8YmXh6A5104_G2qXfQKe33cexKpJPKNedtDhUGUjOLzhYHjRIAGmWBsaLq5Dcbg1UtLEonzEznjKYPDUGhpE7Ao4eVeVEh0ZlFE3aocORW3xkT7uJFPq0pWBCHwD5PDPHtUQczDbbP4xn4Gr8r-vTHrxhv1WYH0NH61-YHqgG_csDat5ef3m0pJbzx7euitxxcr1bDuesB5g4fCQ","kty":"RSA","kid":"OVJpBKI4nfn-A3ZuYX6xkjNc7KhugIIm-y5Douaj6Sg","use":"enc"}]}
2021-03-31 07:44:52 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "wrVv1lBbX8AmPwcP6hrMsU2j2TiR4SHaM36DFpQOmSpzCofLH40jJMSBz0g8bPvwmaoW2N-D3tN9EKTcBWCWfXjjR2CsfWGsqnz1QDIq1hIgHxzgnEDrVgVri0zdCVRdTu01n9MK1iKMo0TF24w3X22tNjI5QgQLsJ4kqJPQYStEhW3OIrk_T3W-Y3S-AgaKGrr4EV3Zx3RjoObCvf9-NBTCkxCScasQ6gWjj_4ftBvK_pT0GzaObtDTDHRYFm7cS5WCnxM951WzlCqBYt5fpQbZRPYHZxubS_vCLD188vk10ZRSiLdDvCImfrmL324ZMvNCwn6_bgp1tf0X06rO1w",
      "kty": "RSA",
      "kid": "crorVsNL92n-vyLzl4qlcrpe9z0hSS9nMvyaKbKUXds",
      "use": "sig"
    },
    {
      "crv": "P-256",
      "x": "pus2plcFzciOvQRrAfwm45u2NHw-IhjZe0gk55vO--o",
      "y": "McjUvdFc5nd2YEk9PLYw1HoHkYBBL42jtSoqAe4dCzM",
      "kty": "EC",
      "kid": "atDaXCMyhIUMZISEtmnBRX_C4BT7GoJUD4CMYWGbi_o",
      "use": "sig"
    },
    {
      "crv": "P-256",
      "x": "I8yVbnSd4WJjYH3age2eLK_S9sBtP8djG9y50X13yT0",
      "y": "29Jzh2o85AU1LOzK-SamLLHpXT0O439upvRMvvaeMQA",
      "kty": "EC",
      "kid": "g6MupPz7xKWQ0tKtZLcjBlnA2JAv1VH1NWYtPbsDa2o",
      "use": "enc"
    },
    {
      "crv": "secp256k1",
      "x": "65X_LqUa4XNR3ShA8hLtG-1YDKXEdWHagihJkSspdSQ",
      "y": "Mc8XQxxJnjSJjfcrd7hhlZMyQtHU4gANSFBzr1GsKKA",
      "kty": "EC",
      "kid": "cUJPqrATv3GVASHuCADHyW8p8C4wR5H_nTyaf5adzy0",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "rPUdhjvgdhRCox2456G0CIoKaTwZ8GnbYxwjf42QsT3VtPXi3p1c2RVs8XiDutrI",
      "y": "B_lZyUrqzwwiGHRIf5rGIXwzSgrRCoN2Hv01PPnMMeMzHVExMQCpIlkZrXO9bDKm",
      "kty": "EC",
      "kid": "6JVT-_BVPkvO-MljZhfaMeYC-LmZjlWj0SlzJLRA4yk",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "cIPV-GMwYobrMFKUHmgzvaliMUtDwO73Ht7X1AQPIpfBDIS7ovnZkt90DzcPn59P",
      "y": "4V2b3W7jRNZqANOc60LacK1pb62GVF5Dyn2Ra4wzbhRLGDVdD_UoazOW56TZ5tsl",
      "kty": "EC",
      "kid": "mIw-fa5LyZnypKpbddViJjWMjl8B5A-I5A31H_igCd8",
      "use": "enc"
    },
    {
      "crv": "P-521",
      "x": "AWyeRdPc35GRFdiu2dYhFgwcSJoUPw38qmUgG0VZSgsbdWWJxUv_iWWIux9hJono6f_qF-lq2At3xdGVBLR7BF5f",
      "y": "AY7WKdsbjyaMZ4Wh8o8Uy5Bju9WxD6N1A7r5_8o5OFIeqD_hej9FxuQDWC4rxU7Ls84yVVtPRG81TaXRoKBxr5XZ",
      "kty": "EC",
      "kid": "w1A1G94s-hK5YrIqWgmV30gtOZ85yQCP3ZMOPTzbc-0",
      "use": "sig"
    },
    {
      "crv": "Ed25519",
      "x": "kAdD9v4ErkCNxQdNMrf4IIplW6YUYBMWkECnLxnZ2tk",
      "kty": "OKP",
      "kid": "ONnNDJq5ZuIAcJyRHpZyZSDcVFf78F1eRhoElXlYEr8",
      "use": "sig"
    },
    {
      "crv": "P-521",
      "x": "AErKX164tyXiv5BwPMyrjoUGyXJ5hX1X7sRgvI0mnbfZhCRnKL67-q5PmTP31OkzA4xQGmAOyBIZvNSJ1p8txIQ3",
      "y": "ALRaE4Q3SLQPNAW_AXIOke34SFwXq2a5FiMHWY9zpJcmCQk9VJH7bG3AnHY_hxu2R-zC5caLy6TPcSzr9Dy4F0DX",
      "kty": "EC",
      "kid": "xKnQ0Rm1_EMwHefKR9UOt0IwCspmyr93L_GDMO_xqq8",
      "use": "enc"
    },
    {
      "crv": "Ed448",
      "x": "sNcFa_zimfHYOSQNS52N-nOX-CYG4dFXoTeuWHnulTj6Fn3heSObBl2NY5ifB9qyP4MHgnAtiboA",
      "kty": "OKP",
      "kid": "MCsSgS9d92FbCGRyBo91MYcXOtXF9qoOeXz65UR5EF8",
      "use": "sig"
    },
    {
      "e": "AQAB",
      "n": "q18zoa2EagO8rzK9svtdY3U2T7DiyZ6F6RUQcpF0AvUK1z4mANLlfhtasJ01BKSP25xLbO8xF72bOd07sQazQUMumKNuU1p8kzYH5yvXNRrFPg-G6r6NWzhT3qx5ov1jkdc2zqa8yj25DfXP6btFFYqfQoPBaFwSXxHLDOXLBfa5wuLnJFL8Yt6qm5aKaOOEJ_X8CfwKH_ajBUD4MhospWZbe9gyt7gKO28sdo8VdNFCq-OG9FWWCwDgS9AYfXOHIHMNvim6sOSsT__6ETkDqUxqYYPgsANARfASBYZs7FiJMv88Hjpa5BH60gbbdYWrCkq1vGh8u1nu0R6WfsxX6w",
      "kty": "RSA",
      "kid": "9dtTMGokAYuDGQjdE6lyhwR_wM0CgihB-BX6lk6-ZO4",
      "use": "sig"
    },
    {
      "e": "AQAB",
      "n": "xU_pU1APQpq581Q760Nd3UwDwKqjN62NPoXyPWxkTD15H2QDYkPMhbzY5J1TizMGGdegbeN--tnhBxMzIRxqcf83UBKvakYYJBr49dvXQSWqdpn8yG6STmO9kpG94vDQP49VBJ8YmXh6A5104_G2qXfQKe33cexKpJPKNedtDhUGUjOLzhYHjRIAGmWBsaLq5Dcbg1UtLEonzEznjKYPDUGhpE7Ao4eVeVEh0ZlFE3aocORW3xkT7uJFPq0pWBCHwD5PDPHtUQczDbbP4xn4Gr8r-vTHrxhv1WYH0NH61-YHqgG_csDat5ef3m0pJbzx7euitxxcr1bDuesB5g4fCQ",
      "kty": "RSA",
      "kid": "OVJpBKI4nfn-A3ZuYX6xkjNc7KhugIIm-y5Douaj6Sg",
      "use": "enc"
    }
  ]
}
2021-03-31 07:44:52 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "wrVv1lBbX8AmPwcP6hrMsU2j2TiR4SHaM36DFpQOmSpzCofLH40jJMSBz0g8bPvwmaoW2N-D3tN9EKTcBWCWfXjjR2CsfWGsqnz1QDIq1hIgHxzgnEDrVgVri0zdCVRdTu01n9MK1iKMo0TF24w3X22tNjI5QgQLsJ4kqJPQYStEhW3OIrk_T3W-Y3S-AgaKGrr4EV3Zx3RjoObCvf9-NBTCkxCScasQ6gWjj_4ftBvK_pT0GzaObtDTDHRYFm7cS5WCnxM951WzlCqBYt5fpQbZRPYHZxubS_vCLD188vk10ZRSiLdDvCImfrmL324ZMvNCwn6_bgp1tf0X06rO1w",
      "kty": "RSA",
      "kid": "crorVsNL92n-vyLzl4qlcrpe9z0hSS9nMvyaKbKUXds",
      "use": "sig"
    },
    {
      "crv": "P-256",
      "x": "pus2plcFzciOvQRrAfwm45u2NHw-IhjZe0gk55vO--o",
      "y": "McjUvdFc5nd2YEk9PLYw1HoHkYBBL42jtSoqAe4dCzM",
      "kty": "EC",
      "kid": "atDaXCMyhIUMZISEtmnBRX_C4BT7GoJUD4CMYWGbi_o",
      "use": "sig"
    },
    {
      "crv": "P-256",
      "x": "I8yVbnSd4WJjYH3age2eLK_S9sBtP8djG9y50X13yT0",
      "y": "29Jzh2o85AU1LOzK-SamLLHpXT0O439upvRMvvaeMQA",
      "kty": "EC",
      "kid": "g6MupPz7xKWQ0tKtZLcjBlnA2JAv1VH1NWYtPbsDa2o",
      "use": "enc"
    },
    {
      "crv": "secp256k1",
      "x": "65X_LqUa4XNR3ShA8hLtG-1YDKXEdWHagihJkSspdSQ",
      "y": "Mc8XQxxJnjSJjfcrd7hhlZMyQtHU4gANSFBzr1GsKKA",
      "kty": "EC",
      "kid": "cUJPqrATv3GVASHuCADHyW8p8C4wR5H_nTyaf5adzy0",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "rPUdhjvgdhRCox2456G0CIoKaTwZ8GnbYxwjf42QsT3VtPXi3p1c2RVs8XiDutrI",
      "y": "B_lZyUrqzwwiGHRIf5rGIXwzSgrRCoN2Hv01PPnMMeMzHVExMQCpIlkZrXO9bDKm",
      "kty": "EC",
      "kid": "6JVT-_BVPkvO-MljZhfaMeYC-LmZjlWj0SlzJLRA4yk",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "cIPV-GMwYobrMFKUHmgzvaliMUtDwO73Ht7X1AQPIpfBDIS7ovnZkt90DzcPn59P",
      "y": "4V2b3W7jRNZqANOc60LacK1pb62GVF5Dyn2Ra4wzbhRLGDVdD_UoazOW56TZ5tsl",
      "kty": "EC",
      "kid": "mIw-fa5LyZnypKpbddViJjWMjl8B5A-I5A31H_igCd8",
      "use": "enc"
    },
    {
      "crv": "P-521",
      "x": "AWyeRdPc35GRFdiu2dYhFgwcSJoUPw38qmUgG0VZSgsbdWWJxUv_iWWIux9hJono6f_qF-lq2At3xdGVBLR7BF5f",
      "y": "AY7WKdsbjyaMZ4Wh8o8Uy5Bju9WxD6N1A7r5_8o5OFIeqD_hej9FxuQDWC4rxU7Ls84yVVtPRG81TaXRoKBxr5XZ",
      "kty": "EC",
      "kid": "w1A1G94s-hK5YrIqWgmV30gtOZ85yQCP3ZMOPTzbc-0",
      "use": "sig"
    },
    {
      "crv": "Ed25519",
      "x": "kAdD9v4ErkCNxQdNMrf4IIplW6YUYBMWkECnLxnZ2tk",
      "kty": "OKP",
      "kid": "ONnNDJq5ZuIAcJyRHpZyZSDcVFf78F1eRhoElXlYEr8",
      "use": "sig"
    },
    {
      "crv": "P-521",
      "x": "AErKX164tyXiv5BwPMyrjoUGyXJ5hX1X7sRgvI0mnbfZhCRnKL67-q5PmTP31OkzA4xQGmAOyBIZvNSJ1p8txIQ3",
      "y": "ALRaE4Q3SLQPNAW_AXIOke34SFwXq2a5FiMHWY9zpJcmCQk9VJH7bG3AnHY_hxu2R-zC5caLy6TPcSzr9Dy4F0DX",
      "kty": "EC",
      "kid": "xKnQ0Rm1_EMwHefKR9UOt0IwCspmyr93L_GDMO_xqq8",
      "use": "enc"
    },
    {
      "crv": "Ed448",
      "x": "sNcFa_zimfHYOSQNS52N-nOX-CYG4dFXoTeuWHnulTj6Fn3heSObBl2NY5ifB9qyP4MHgnAtiboA",
      "kty": "OKP",
      "kid": "MCsSgS9d92FbCGRyBo91MYcXOtXF9qoOeXz65UR5EF8",
      "use": "sig"
    },
    {
      "e": "AQAB",
      "n": "q18zoa2EagO8rzK9svtdY3U2T7DiyZ6F6RUQcpF0AvUK1z4mANLlfhtasJ01BKSP25xLbO8xF72bOd07sQazQUMumKNuU1p8kzYH5yvXNRrFPg-G6r6NWzhT3qx5ov1jkdc2zqa8yj25DfXP6btFFYqfQoPBaFwSXxHLDOXLBfa5wuLnJFL8Yt6qm5aKaOOEJ_X8CfwKH_ajBUD4MhospWZbe9gyt7gKO28sdo8VdNFCq-OG9FWWCwDgS9AYfXOHIHMNvim6sOSsT__6ETkDqUxqYYPgsANARfASBYZs7FiJMv88Hjpa5BH60gbbdYWrCkq1vGh8u1nu0R6WfsxX6w",
      "kty": "RSA",
      "kid": "9dtTMGokAYuDGQjdE6lyhwR_wM0CgihB-BX6lk6-ZO4",
      "use": "sig"
    },
    {
      "e": "AQAB",
      "n": "xU_pU1APQpq581Q760Nd3UwDwKqjN62NPoXyPWxkTD15H2QDYkPMhbzY5J1TizMGGdegbeN--tnhBxMzIRxqcf83UBKvakYYJBr49dvXQSWqdpn8yG6STmO9kpG94vDQP49VBJ8YmXh6A5104_G2qXfQKe33cexKpJPKNedtDhUGUjOLzhYHjRIAGmWBsaLq5Dcbg1UtLEonzEznjKYPDUGhpE7Ao4eVeVEh0ZlFE3aocORW3xkT7uJFPq0pWBCHwD5PDPHtUQczDbbP4xn4Gr8r-vTHrxhv1WYH0NH61-YHqgG_csDat5ef3m0pJbzx7euitxxcr1bDuesB5g4fCQ",
      "kty": "RSA",
      "kid": "OVJpBKI4nfn-A3ZuYX6xkjNc7KhugIIm-y5Douaj6Sg",
      "use": "enc"
    }
  ]
}
2021-03-31 07:44:52 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-03-31 07:44:52 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2021-03-31 07:44:52 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-03-31 07:44:52 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "wrVv1lBbX8AmPwcP6hrMsU2j2TiR4SHaM36DFpQOmSpzCofLH40jJMSBz0g8bPvwmaoW2N-D3tN9EKTcBWCWfXjjR2CsfWGsqnz1QDIq1hIgHxzgnEDrVgVri0zdCVRdTu01n9MK1iKMo0TF24w3X22tNjI5QgQLsJ4kqJPQYStEhW3OIrk_T3W-Y3S-AgaKGrr4EV3Zx3RjoObCvf9-NBTCkxCScasQ6gWjj_4ftBvK_pT0GzaObtDTDHRYFm7cS5WCnxM951WzlCqBYt5fpQbZRPYHZxubS_vCLD188vk10ZRSiLdDvCImfrmL324ZMvNCwn6_bgp1tf0X06rO1w",
      "kty": "RSA",
      "kid": "crorVsNL92n-vyLzl4qlcrpe9z0hSS9nMvyaKbKUXds",
      "use": "sig"
    },
    {
      "crv": "P-256",
      "x": "pus2plcFzciOvQRrAfwm45u2NHw-IhjZe0gk55vO--o",
      "y": "McjUvdFc5nd2YEk9PLYw1HoHkYBBL42jtSoqAe4dCzM",
      "kty": "EC",
      "kid": "atDaXCMyhIUMZISEtmnBRX_C4BT7GoJUD4CMYWGbi_o",
      "use": "sig"
    },
    {
      "crv": "P-256",
      "x": "I8yVbnSd4WJjYH3age2eLK_S9sBtP8djG9y50X13yT0",
      "y": "29Jzh2o85AU1LOzK-SamLLHpXT0O439upvRMvvaeMQA",
      "kty": "EC",
      "kid": "g6MupPz7xKWQ0tKtZLcjBlnA2JAv1VH1NWYtPbsDa2o",
      "use": "enc"
    },
    {
      "crv": "secp256k1",
      "x": "65X_LqUa4XNR3ShA8hLtG-1YDKXEdWHagihJkSspdSQ",
      "y": "Mc8XQxxJnjSJjfcrd7hhlZMyQtHU4gANSFBzr1GsKKA",
      "kty": "EC",
      "kid": "cUJPqrATv3GVASHuCADHyW8p8C4wR5H_nTyaf5adzy0",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "rPUdhjvgdhRCox2456G0CIoKaTwZ8GnbYxwjf42QsT3VtPXi3p1c2RVs8XiDutrI",
      "y": "B_lZyUrqzwwiGHRIf5rGIXwzSgrRCoN2Hv01PPnMMeMzHVExMQCpIlkZrXO9bDKm",
      "kty": "EC",
      "kid": "6JVT-_BVPkvO-MljZhfaMeYC-LmZjlWj0SlzJLRA4yk",
      "use": "sig"
    },
    {
      "crv": "P-384",
      "x": "cIPV-GMwYobrMFKUHmgzvaliMUtDwO73Ht7X1AQPIpfBDIS7ovnZkt90DzcPn59P",
      "y": "4V2b3W7jRNZqANOc60LacK1pb62GVF5Dyn2Ra4wzbhRLGDVdD_UoazOW56TZ5tsl",
      "kty": "EC",
      "kid": "mIw-fa5LyZnypKpbddViJjWMjl8B5A-I5A31H_igCd8",
      "use": "enc"
    },
    {
      "crv": "P-521",
      "x": "AWyeRdPc35GRFdiu2dYhFgwcSJoUPw38qmUgG0VZSgsbdWWJxUv_iWWIux9hJono6f_qF-lq2At3xdGVBLR7BF5f",
      "y": "AY7WKdsbjyaMZ4Wh8o8Uy5Bju9WxD6N1A7r5_8o5OFIeqD_hej9FxuQDWC4rxU7Ls84yVVtPRG81TaXRoKBxr5XZ",
      "kty": "EC",
      "kid": "w1A1G94s-hK5YrIqWgmV30gtOZ85yQCP3ZMOPTzbc-0",
      "use": "sig"
    },
    {
      "crv": "Ed25519",
      "x": "kAdD9v4ErkCNxQdNMrf4IIplW6YUYBMWkECnLxnZ2tk",
      "kty": "OKP",
      "kid": "ONnNDJq5ZuIAcJyRHpZyZSDcVFf78F1eRhoElXlYEr8",
      "use": "sig"
    },
    {
      "crv": "P-521",
      "x": "AErKX164tyXiv5BwPMyrjoUGyXJ5hX1X7sRgvI0mnbfZhCRnKL67-q5PmTP31OkzA4xQGmAOyBIZvNSJ1p8txIQ3",
      "y": "ALRaE4Q3SLQPNAW_AXIOke34SFwXq2a5FiMHWY9zpJcmCQk9VJH7bG3AnHY_hxu2R-zC5caLy6TPcSzr9Dy4F0DX",
      "kty": "EC",
      "kid": "xKnQ0Rm1_EMwHefKR9UOt0IwCspmyr93L_GDMO_xqq8",
      "use": "enc"
    },
    {
      "crv": "Ed448",
      "x": "sNcFa_zimfHYOSQNS52N-nOX-CYG4dFXoTeuWHnulTj6Fn3heSObBl2NY5ifB9qyP4MHgnAtiboA",
      "kty": "OKP",
      "kid": "MCsSgS9d92FbCGRyBo91MYcXOtXF9qoOeXz65UR5EF8",
      "use": "sig"
    },
    {
      "e": "AQAB",
      "n": "q18zoa2EagO8rzK9svtdY3U2T7DiyZ6F6RUQcpF0AvUK1z4mANLlfhtasJ01BKSP25xLbO8xF72bOd07sQazQUMumKNuU1p8kzYH5yvXNRrFPg-G6r6NWzhT3qx5ov1jkdc2zqa8yj25DfXP6btFFYqfQoPBaFwSXxHLDOXLBfa5wuLnJFL8Yt6qm5aKaOOEJ_X8CfwKH_ajBUD4MhospWZbe9gyt7gKO28sdo8VdNFCq-OG9FWWCwDgS9AYfXOHIHMNvim6sOSsT__6ETkDqUxqYYPgsANARfASBYZs7FiJMv88Hjpa5BH60gbbdYWrCkq1vGh8u1nu0R6WfsxX6w",
      "kty": "RSA",
      "kid": "9dtTMGokAYuDGQjdE6lyhwR_wM0CgihB-BX6lk6-ZO4",
      "use": "sig"
    },
    {
      "e": "AQAB",
      "n": "xU_pU1APQpq581Q760Nd3UwDwKqjN62NPoXyPWxkTD15H2QDYkPMhbzY5J1TizMGGdegbeN--tnhBxMzIRxqcf83UBKvakYYJBr49dvXQSWqdpn8yG6STmO9kpG94vDQP49VBJ8YmXh6A5104_G2qXfQKe33cexKpJPKNedtDhUGUjOLzhYHjRIAGmWBsaLq5Dcbg1UtLEonzEznjKYPDUGhpE7Ao4eVeVEh0ZlFE3aocORW3xkT7uJFPq0pWBCHwD5PDPHtUQczDbbP4xn4Gr8r-vTHrxhv1WYH0NH61-YHqgG_csDat5ef3m0pJbzx7euitxxcr1bDuesB5g4fCQ",
      "kty": "RSA",
      "kid": "OVJpBKI4nfn-A3ZuYX6xkjNc7KhugIIm-y5Douaj6Sg",
      "use": "enc"
    }
  ]
}
2021-03-31 07:44:52 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
pkjwt-one
scope
openid offline_access
jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "zQAzeDYb9PES5Ool_oQMWKGXXTJIfLrjOkHkD5ECFu3ia-K2-3jYmvGXBMpZYan5KFZNU2HwK93HhHImZX7EKvnVWO_ihE_9LMec_Fw0AcMHNz3z9hxMiWH4pu39zNE_0E1jXoFxbOhDlMX28c8f8wk5ZHqkxkYhwvorOWeV3EBHcgfM6-IpzhDNcUo8xPWN6d_dn6BZK-ovyG6kZvC7qYLcQqjqt7Zn73plvJawfXpj89iUURz_xGqqk6RFZ1ZXzEN81sOzTdyjNYvJB0zXswm0gHcuZ4i9qKMt7gg_xgoMntH3mleVexHMTY1q3_zvVRgYnJfgcu_XmvOEDW08CQ",
      "d": "FMnubkRedWp1Fg3AqJzPe7V3WhYdT7jMDj5cWE_GPHkHOxWUpM_Od3gEbpHumn7YK4UE9m26I1isQPwqdKR0VD9dqVU6TVynOgFMJDNdeshCVRHNSan5AP2Ub6k20axuojsW1qCd1gN_xviEYGU2wjivP0dIqmq2RcWE2J9ujRUxF0gNSVUrsZXJhV6wBrmp2fKg1i0laTJxwUaLOvhQFjG4Yh3ZBsZ67MTEkR7VhBZkGmK0aunBkBON1Vqj3g_rbk577mdPnA_V4iB_VXP7CXSg-Fo1df7AFiHFSwdptuvVJSiAXfgadqIFGjuqIrqdI7fe8cjbW4v3RM85p-GGAQ",
      "p": "9Ugt6mwFL4-1nsx0PTFYuII_3OXmb9QTOGddefcwDu_2vbQD4qa6JhBRM6EArEL5MgBQ0Vtip_I2PPq46gN064htmJ6-J1P0guS3to1K2-Q0haWM43qDCi5J8cZIHzP3TXedSbYi71CAsDfdCpIXfWDwqWQgupCNPa1zYiE8k6E",
      "q": "1fVrsocqDchGkfq55wYasV2Xa9sB9WzMwrIF-cRIJTGohkH7bM8i3YTiHU_DrQ_n4Wpyd8jidkIFq0U8qbYqjWIJurzdo-HkWntDGxtae3ukyUe5w_Is_Nyn1jO9yZS1wh6XTqc_9QaSMs0qd_Cmgm1fzSTnvBgvL1pqFNxGT2k",
      "dp": "gbdpaPc1iuCieVfBBXeqZvGjGoyO4Ic0nvizS8Q5Kz0mrU6dW2k3OtgYSYiVFYTZyuK12vJMa2tB2d_ymPe5BrMA2tzgzWWuAuc4bReuBjpauG9D4i2xTVoLiwyEqdPOrq5ahVgIg618UTVJ9cQrHgh9XefxExlNSNgJFFVlduE",
      "dq": "YQlkpdxtc0DA2NYo2CFJm-WBllYGpmOI3khVM3kU62GBOBrWx_uNqX_p-TdC3MuY9AAOGEuQgefhoFLPd3z6AZNULFAaCYiaw3qh7bpTKCvkibExDDBavPfqWtium60JXhf3saFi_WLUjZvFRg5rxj2KtISnYQRq6gQMlpdsf_k",
      "qi": "5k5c8cTo1oBncpHMZa3bGBzzIcC4bxloaFZlMMWFm3dEEmgUlt7vxRrehD64Ed0V4Ilq22Gg3wbvFL39LD0iCU41tB4HAGN2onevRw5cgwqpLW7lkM1f9VxHiep5iE35HO9yE3f_Fa4Kg4dJm13ftDzuLoJ5yhiVneKjtkTzA8w",
      "kty": "RSA",
      "kid": "A_2wqWqrn6IIPVsaws9afUhR7CWtJLIOCKIr6hgsGzQ",
      "alg": "PS256",
      "use": "sig"
    }
  ]
}
2021-03-31 07:44:52
ValidateMTLSCertificatesHeader
No certificate authority found for MTLS
2021-03-31 07:44:52 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2021-03-31 07:44:52
ExtractMTLSCertificatesFromConfiguration
No certificate authority found for MTLS
2021-03-31 07:44:52 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDdTCCAl2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA2MRYwFAYDVQQDEw1jZXJ0aWZpY2F0aW9uMQswCQYDVQQGEwJUUjEPMA0GA1UEBxMGQW5rYXJhMB4XDTIwMTIxNTEyMjA0OFoXDTIxMTIxNTEyMjA0OFowNjEWMBQGA1UEAxMNY2VydGlmaWNhdGlvbjELMAkGA1UEBhMCVFIxDzANBgNVBAcTBkFua2FyYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPP5boBMe9pGmPtzL6QQHcpWivIW9NgZg9w6o95l/ZZjMTEuQImu4UrU9rWkDEuJwLl9zE+lQi6iiHfX9CoQ6Rmi0VYY+r74JmVftbkyTahaP9U6oIC3/AALRtQLwfxj7fUwMF5mylCT0TGmjGLYiEpuhHqfLDFOttpAscxeCAPR6vfbh9fl9J589pDpxvqb8yf/faRxXZkHpAzNev2ZCTToHoxFDGd8uiPuQEcHm0I9GpKhmFNRmoog5jint/DN5+DrEGoJD+O18cZi2ajQfUV8bWDGRCBFalNXEjsDnXXgz/0GRY2N1oxL6Wvcolpb0YuNgF+AfiLKReXDb/3YQgsCAwEAAaOBjTCBijAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DA7BgNVHSUENDAyBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwgwEQYJYIZIAYb4QgEBBAQDAgD3MB0GA1UdDgQWBBTcNYIxrZfafySIEMjkCTIFxodKKjANBgkqhkiG9w0BAQUFAAOCAQEAcQaSBTib4gL7GbEbbCkYTsrD0Ygy/X1m/vikXIewIQL1954k2kXQOr/enxSxV6Twk4e/ngQ/eLOCQJe3CTje8uYEIhkZ6Ms8txEWsNqVri0x772mtvDRpgCsa/RgKvddcpsyyK4tRNtfTSLLkPYTZ/MU0liMK3zC+9Vx02EwrOSMeqkGk6ZuXmUfzs5r4D7X2YWo1qEcKrl20oByhEaluD6tuPFZs7tR/cEE0i31hPcXa4oWHVNoxPLsmBxlOxvG6R4fdsj0OV2ONtzot3gRaIMwxGEDSRKtETB7JImH2ijvbZoe+S8Bx9bSsC5vZyxuchAUYNSHnRyPMcY0Cg5kmg==
key
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDz+W6ATHvaRpj7cy+kEB3KVoryFvTYGYPcOqPeZf2WYzExLkCJruFK1Pa1pAxLicC5fcxPpUIuooh31/QqEOkZotFWGPq++CZlX7W5Mk2oWj/VOqCAt/wAC0bUC8H8Y+31MDBeZspQk9Expoxi2IhKboR6nywxTrbaQLHMXggD0er324fX5fSefPaQ6cb6m/Mn/32kcV2ZB6QMzXr9mQk06B6MRQxnfLoj7kBHB5tCPRqSoZhTUZqKIOY4p7fwzefg6xBqCQ/jtfHGYtmo0H1FfG1gxkQgRWpTVxI7A5114M/9BkWNjdaMS+lr3KJaW9GLjYBfgH4iykXlw2/92EILAgMBAAECggEBAOAi1xGnMmFlWkYnnCztYXDx8NRXorilOC6q8MDwkfgHSLoV89SJhRBqdfyJqYH8G8JNf9XrzNFrIFR5YScEQiH7IrYmXLX049FeDGUHgbCYuOv74FhgrnKb6YYFB0IHzCTlEIqphFRieF1U1MQ6iXtX7P16He9ukS4RIUbPXC2kcTK6sSvILdOVztKaZMrqXsfMiX1HM9qIDAmSK999U60HtojRuWtfNkAnLk/hY5FNOIKfaxbizDkUoGjeAkRSCvp44D6wp9cy0JCbv1cOLeQnnywZskp790ikmqZORXHz0naCHBpMVR57QfLgOk+HiZh+amOG9O7RT8CmGQ5VJwECgYEA/Cm0j6vn5wxc1UDstQcxdVxRWokr4a7HtvvmETzk0jp7MTXHGTRzRDgIJrZyr8Jibu8JEFixoufuvtxcUuojApnR/3LVoy0vRF1qw40tfuoWLN8ZlPTk5ljQvAK698L67a2xb+NmmIS9AgdJRPcOJk7jS1YV1eF+ooUoPBQniqkCgYEA96/T9InnOMnTyg+pBUZH9WJ02YYCQ8hAcT44WLzsU6SogcdjVyYkdkOrZVIy33JQDMmozN4Pl7pGdGHPzaXF+ZDTsoG1MyAh9XCsGJz5Tb00TZ7j3TVijIfpCRg0DU8OrwnrpdqxAdgjnhBGtL2Si5o9wPfKegmepFJLf1cXa5MCgYEA91p1u0U262cuHSZdy8otkuEnEHdkKzKGyBFbAmfIUgx50bDeB/RyaWXJYSgxYgV9BzLFolpOje2TPXftvIveIev/mePseu+U4Sv90atICKnZbNTARGThsK9IulS3UNjbypBKcOYROuVifn3lOphaMevKfJkKPE7BKO0TpbNjglkCgYAXKtkWfHemNiqbMc/LcIF2kFkBp6k6kdaFQR6gHju0rygby3ydQDIU5ct4VLHxeI3IRGyHjRXESWYhqKx5PdJAv60tezhpqc3DWWCfhL9E6DemMwB5Rm8LWgMQGLV1sTlcYf8qqkP4OjFKrZcPfNPiPvEbxZGozJGMKS5qoMjOBQKBgEXrXmuUHZJSbAUc87w5ISmlQT9kqYMaLhDJRYr4Ga3aB89XbJ1J9TgqCh7b++HF5P9l36s4Tn9bv8f+FFBclGJKXfDNE2nqq1Mo9yn3D6Fc0Co0BUniTPHzKVd6JeQBoAXfGCbva/m7veEWvFacwhh6yrx2l9/AWrKn7zQPUFsx
2021-03-31 07:44:52 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2021-03-31 07:44:52 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "zQAzeDYb9PES5Ool_oQMWKGXXTJIfLrjOkHkD5ECFu3ia-K2-3jYmvGXBMpZYan5KFZNU2HwK93HhHImZX7EKvnVWO_ihE_9LMec_Fw0AcMHNz3z9hxMiWH4pu39zNE_0E1jXoFxbOhDlMX28c8f8wk5ZHqkxkYhwvorOWeV3EBHcgfM6-IpzhDNcUo8xPWN6d_dn6BZK-ovyG6kZvC7qYLcQqjqt7Zn73plvJawfXpj89iUURz_xGqqk6RFZ1ZXzEN81sOzTdyjNYvJB0zXswm0gHcuZ4i9qKMt7gg_xgoMntH3mleVexHMTY1q3_zvVRgYnJfgcu_XmvOEDW08CQ",
      "d": "FMnubkRedWp1Fg3AqJzPe7V3WhYdT7jMDj5cWE_GPHkHOxWUpM_Od3gEbpHumn7YK4UE9m26I1isQPwqdKR0VD9dqVU6TVynOgFMJDNdeshCVRHNSan5AP2Ub6k20axuojsW1qCd1gN_xviEYGU2wjivP0dIqmq2RcWE2J9ujRUxF0gNSVUrsZXJhV6wBrmp2fKg1i0laTJxwUaLOvhQFjG4Yh3ZBsZ67MTEkR7VhBZkGmK0aunBkBON1Vqj3g_rbk577mdPnA_V4iB_VXP7CXSg-Fo1df7AFiHFSwdptuvVJSiAXfgadqIFGjuqIrqdI7fe8cjbW4v3RM85p-GGAQ",
      "p": "9Ugt6mwFL4-1nsx0PTFYuII_3OXmb9QTOGddefcwDu_2vbQD4qa6JhBRM6EArEL5MgBQ0Vtip_I2PPq46gN064htmJ6-J1P0guS3to1K2-Q0haWM43qDCi5J8cZIHzP3TXedSbYi71CAsDfdCpIXfWDwqWQgupCNPa1zYiE8k6E",
      "q": "1fVrsocqDchGkfq55wYasV2Xa9sB9WzMwrIF-cRIJTGohkH7bM8i3YTiHU_DrQ_n4Wpyd8jidkIFq0U8qbYqjWIJurzdo-HkWntDGxtae3ukyUe5w_Is_Nyn1jO9yZS1wh6XTqc_9QaSMs0qd_Cmgm1fzSTnvBgvL1pqFNxGT2k",
      "dp": "gbdpaPc1iuCieVfBBXeqZvGjGoyO4Ic0nvizS8Q5Kz0mrU6dW2k3OtgYSYiVFYTZyuK12vJMa2tB2d_ymPe5BrMA2tzgzWWuAuc4bReuBjpauG9D4i2xTVoLiwyEqdPOrq5ahVgIg618UTVJ9cQrHgh9XefxExlNSNgJFFVlduE",
      "dq": "YQlkpdxtc0DA2NYo2CFJm-WBllYGpmOI3khVM3kU62GBOBrWx_uNqX_p-TdC3MuY9AAOGEuQgefhoFLPd3z6AZNULFAaCYiaw3qh7bpTKCvkibExDDBavPfqWtium60JXhf3saFi_WLUjZvFRg5rxj2KtISnYQRq6gQMlpdsf_k",
      "qi": "5k5c8cTo1oBncpHMZa3bGBzzIcC4bxloaFZlMMWFm3dEEmgUlt7vxRrehD64Ed0V4Ilq22Gg3wbvFL39LD0iCU41tB4HAGN2onevRw5cgwqpLW7lkM1f9VxHiep5iE35HO9yE3f_Fa4Kg4dJm13ftDzuLoJ5yhiVneKjtkTzA8w",
      "kty": "RSA",
      "kid": "A_2wqWqrn6IIPVsaws9afUhR7CWtJLIOCKIr6hgsGzQ",
      "alg": "PS256",
      "use": "sig"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "A_2wqWqrn6IIPVsaws9afUhR7CWtJLIOCKIr6hgsGzQ",
      "alg": "PS256",
      "n": "zQAzeDYb9PES5Ool_oQMWKGXXTJIfLrjOkHkD5ECFu3ia-K2-3jYmvGXBMpZYan5KFZNU2HwK93HhHImZX7EKvnVWO_ihE_9LMec_Fw0AcMHNz3z9hxMiWH4pu39zNE_0E1jXoFxbOhDlMX28c8f8wk5ZHqkxkYhwvorOWeV3EBHcgfM6-IpzhDNcUo8xPWN6d_dn6BZK-ovyG6kZvC7qYLcQqjqt7Zn73plvJawfXpj89iUURz_xGqqk6RFZ1ZXzEN81sOzTdyjNYvJB0zXswm0gHcuZ4i9qKMt7gg_xgoMntH3mleVexHMTY1q3_zvVRgYnJfgcu_XmvOEDW08CQ"
    }
  ]
}
2021-03-31 07:44:52 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2021-03-31 07:44:52 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-03-31 07:44:52 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2021-03-31 07:44:52 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "zQAzeDYb9PES5Ool_oQMWKGXXTJIfLrjOkHkD5ECFu3ia-K2-3jYmvGXBMpZYan5KFZNU2HwK93HhHImZX7EKvnVWO_ihE_9LMec_Fw0AcMHNz3z9hxMiWH4pu39zNE_0E1jXoFxbOhDlMX28c8f8wk5ZHqkxkYhwvorOWeV3EBHcgfM6-IpzhDNcUo8xPWN6d_dn6BZK-ovyG6kZvC7qYLcQqjqt7Zn73plvJawfXpj89iUURz_xGqqk6RFZ1ZXzEN81sOzTdyjNYvJB0zXswm0gHcuZ4i9qKMt7gg_xgoMntH3mleVexHMTY1q3_zvVRgYnJfgcu_XmvOEDW08CQ",
      "d": "FMnubkRedWp1Fg3AqJzPe7V3WhYdT7jMDj5cWE_GPHkHOxWUpM_Od3gEbpHumn7YK4UE9m26I1isQPwqdKR0VD9dqVU6TVynOgFMJDNdeshCVRHNSan5AP2Ub6k20axuojsW1qCd1gN_xviEYGU2wjivP0dIqmq2RcWE2J9ujRUxF0gNSVUrsZXJhV6wBrmp2fKg1i0laTJxwUaLOvhQFjG4Yh3ZBsZ67MTEkR7VhBZkGmK0aunBkBON1Vqj3g_rbk577mdPnA_V4iB_VXP7CXSg-Fo1df7AFiHFSwdptuvVJSiAXfgadqIFGjuqIrqdI7fe8cjbW4v3RM85p-GGAQ",
      "p": "9Ugt6mwFL4-1nsx0PTFYuII_3OXmb9QTOGddefcwDu_2vbQD4qa6JhBRM6EArEL5MgBQ0Vtip_I2PPq46gN064htmJ6-J1P0guS3to1K2-Q0haWM43qDCi5J8cZIHzP3TXedSbYi71CAsDfdCpIXfWDwqWQgupCNPa1zYiE8k6E",
      "q": "1fVrsocqDchGkfq55wYasV2Xa9sB9WzMwrIF-cRIJTGohkH7bM8i3YTiHU_DrQ_n4Wpyd8jidkIFq0U8qbYqjWIJurzdo-HkWntDGxtae3ukyUe5w_Is_Nyn1jO9yZS1wh6XTqc_9QaSMs0qd_Cmgm1fzSTnvBgvL1pqFNxGT2k",
      "dp": "gbdpaPc1iuCieVfBBXeqZvGjGoyO4Ic0nvizS8Q5Kz0mrU6dW2k3OtgYSYiVFYTZyuK12vJMa2tB2d_ymPe5BrMA2tzgzWWuAuc4bReuBjpauG9D4i2xTVoLiwyEqdPOrq5ahVgIg618UTVJ9cQrHgh9XefxExlNSNgJFFVlduE",
      "dq": "YQlkpdxtc0DA2NYo2CFJm-WBllYGpmOI3khVM3kU62GBOBrWx_uNqX_p-TdC3MuY9AAOGEuQgefhoFLPd3z6AZNULFAaCYiaw3qh7bpTKCvkibExDDBavPfqWtium60JXhf3saFi_WLUjZvFRg5rxj2KtISnYQRq6gQMlpdsf_k",
      "qi": "5k5c8cTo1oBncpHMZa3bGBzzIcC4bxloaFZlMMWFm3dEEmgUlt7vxRrehD64Ed0V4Ilq22Gg3wbvFL39LD0iCU41tB4HAGN2onevRw5cgwqpLW7lkM1f9VxHiep5iE35HO9yE3f_Fa4Kg4dJm13ftDzuLoJ5yhiVneKjtkTzA8w",
      "kty": "RSA",
      "kid": "A_2wqWqrn6IIPVsaws9afUhR7CWtJLIOCKIr6hgsGzQ",
      "alg": "PS256",
      "use": "sig"
    }
  ]
}
2021-03-31 07:44:52 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify configuration of second client
2021-03-31 07:44:52 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
pkjwt-two
scope
openid offline_access
jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "qzgcSLgS2vBm1Nmhc6_VdgF4SQzndM5SwejjqfPPLcKp2KV4vcwK03AmAHJHgB-q8ZQaiaW6AMvUsuBRiYmYGBya6zbcTCQywOpQZweQEiGftsMcLHpLLK0HbJsrxt_ZFVxa6_xW6oQeH37EPLn7RoNPXjl1aWmR-Cg_hN6wyTuSqfPNrXy6m8XKUwHrkrxAvjU5z5eQC3lAAZbGswLmm2yGbg9qNrc-3hjxnceb_lfrtmWi604QGo70xoZqJZh1PhYYSSbU6drOtDPWcJA8oX3SxYy6o5wjVGIsOo3Vb4fyhzNNzhWB3-z2KfcZHdxikc5SVfn38QTLixx-F42Vcw",
      "d": "MvPkvuNAgTUPdQI64MGP5ak0UZDshD8uM5SJw7bRjc2jW9yKXPkOs7NpK7LWglNqPLAVYacW_kuqRX0p5qMyxuIkXCEcV_BhxjU0riR7BFpLPEk95iKSon3vequG0I0m_gtY52dVuj6M9FR2M5gpJefHw8OXpEINdWsM1A6tT4TU8q8cju5n5K6y_jsIqf-claS18StInd0v8Cqi_V0euoxGzROAbsN2ewnpGgCWvxTUpSygDnZjD0Uad9zbuxQfOE4S8qphtOTadFEyu1v4J8tItKvKFn9gjP5XBkWHs5EJuajPs80u9L3x5SIFvgNCJNZIoN_9y9dQ_0OHNykt2Q",
      "p": "4uID1QMNgCpI6P4H5DjGu-cSNywVtiKEk9naHAvBDiSASfpxfKdWF9fumMAz3mPdhlQmMbNlNJO9JqJxeWh_J7tNRcBlrhfgaVbtUT0SHtsTYwlLED_PM8miZfAIy5C3ju9Rf0e8tQmtBj8v6xwGkGWQ8sDLkw-vsl5NqBcZA20",
      "q": "wTFTpf8ZTnxf8PP5S4dEXDmAIgZlnp336tCjHvpECVMWlvpx8tVUj6wuJuHVhO3LqfEYt4wfEy-o14NzzwSw5Kc-wgMB6U6rZeMdV8Ob5JMCAtdUTtS4EH85y5y_eghIdqtrfuSvr4A41zZs4uYPaqiQu05y_u5q8UOJHdG4kF8",
      "dp": "nkLQL39ApJ1aXIQO1yivoBTwROIQhwsO9d9p4FRmp0nY30G-dhh32ov6WD0CMWfx96itN9AOkZ1YvSFlDC5TPFDP9w7dHpJzLKfBRQDXqgRhQp0R6lTIYTSOfpLwX6ckE6VmcOWGgbYtJoVfFJ5pCcJ_WIYZuwyfH0ne25i5DwU",
      "dq": "nzXAYsdVGqpDArZ9FvJVss8sOl4dNtemLRxdobTLhwezUR758w49zt0td5ubNB4oPlfTb8gI_-3B7kGFmfCauwTdIlQKKjRL6f59-wrYGUnRWXgNIZ4KRoYiohr-bVoQJcPlJcDey_oWXb2bhG3l_JcIF2RyPodLGKL4h9uCh28",
      "qi": "Nf2_xFr89GpFHzfkQNPsipXHJiNgpA3IJIwsuuTPq_GeEyq8sjPVevlwBzqbYOVFJ1Xs1H6JW_OY4BoeS7eBjOodxf7uSInw7ocTiydupUC_mVCkYegjN_0vC2jZ2zm_sn0VBpAVZsSftjabk-LGDELQk0gVatA7Nrivh57C-wc",
      "kty": "RSA",
      "kid": "YdaGJq76SjDky4iSJBEGdart5978QLB86nMU9l3AqWI",
      "alg": "PS256",
      "use": "sig"
    }
  ]
}
2021-03-31 07:44:52
ValidateMTLSCertificates2Header
No certificate authority found for MTLS
2021-03-31 07:44:52 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2021-03-31 07:44:52
ExtractMTLSCertificates2FromConfiguration
No certificate authority found for MTLS
2021-03-31 07:44:52 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDdTCCAl2gAwIBAgIBATANBgkqhkiG9w0BAQUFADA2MRYwFAYDVQQDEw1jZXJ0aWZpY2F0aW9uMQswCQYDVQQGEwJUUjEPMA0GA1UEBxMGQW5rYXJhMB4XDTIwMTIxNTEyMjUzOFoXDTIxMTIxNTEyMjUzOFowNjEWMBQGA1UEAxMNY2VydGlmaWNhdGlvbjELMAkGA1UEBhMCVFIxDzANBgNVBAcTBkFua2FyYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM9dAtlkj0DZMpd1jw1fDRn9vImy4SgvKh0cwLCeIFzWA7PBNzhhoDiqGgHvE8DdXED5zNK00DgJ6oPrDW0190JNOcwLC2PzRdN6k8DO3Aq/3EiFJS2fDeKmpJzX6y0XQbbYyGWDFswssDr8Mz9ibz2TyHviKpY+27rGl1nO17Kbc6AShyzZrQKkuwamlvdkuHYDhgjUw/dCaVaghj/Z3P2WIpq+KdlvzvqZ4xYwLpWc9HNaCf8mRwAPfrCWA3BhTmEW3G1mzvLX6o+l3W/ndxLv1xvKz9XAR5AiU60b7tvuGBhXzICqh6cGnhK0gJM/RciTV4n+ZWM9q8ARZKGMacMCAwEAAaOBjTCBijAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIC9DA7BgNVHSUENDAyBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwgwEQYJYIZIAYb4QgEBBAQDAgD3MB0GA1UdDgQWBBSO0NgBTsRJUWbms//ykKmI1D+7bTANBgkqhkiG9w0BAQUFAAOCAQEARZVfRXzBxvDrnmz5wkP9OMBl1hJ6tyryp7AF5BKnAAhHwDRhzqwXL7gNcQNOPC0EDX8FjICUFdGAPIU/7i1TyTC6/MH3gOPdBhA1v1IATjX6GZSqAKHWW85FV8Xr0usolKeG/6uPH9l8R7e8FmvX24XvcDrn+t7pJdmrb1nA9Uo+BteXb4ppJS3yhFGmBgXnlQeiYrfPkXosWB89PswD5NaeqP6Icsgp3U4MQWpKx9cE6bIQRTJhs+YJO+Vi8vQKyFPjZzctrLN5uYwUgb3fOaFln2IQPWLn6JORNfB7z2OYT5bwQqWQXQGiw+sZ6gF114ze25j4MuvFH0vpA3OtDQ==
key
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDPXQLZZI9A2TKXdY8NXw0Z/byJsuEoLyodHMCwniBc1gOzwTc4YaA4qhoB7xPA3VxA+czStNA4CeqD6w1tNfdCTTnMCwtj80XTepPAztwKv9xIhSUtnw3ipqSc1+stF0G22MhlgxbMLLA6/DM/Ym89k8h74iqWPtu6xpdZzteym3OgEocs2a0CpLsGppb3ZLh2A4YI1MP3QmlWoIY/2dz9liKavinZb876meMWMC6VnPRzWgn/JkcAD36wlgNwYU5hFtxtZs7y1+qPpd1v53cS79cbys/VwEeQIlOtG+7b7hgYV8yAqoenBp4StICTP0XIk1eJ/mVjPavAEWShjGnDAgMBAAECggEBAMHhmTRhzX84lREAHczGvp06nPmygsrrrlih9ZgtgNzMTZHYaiURQpk4kjCUtMdzMTqfVV79KGH9A4RsVZVzC8i2JAAfo3rEjtj4lwWDZEG4ueIke2p4eKceYHM1fvId+JdZgaVIOByW+/9qpw/wnUnZz23lPSRViWTNId4ag5q+BzUuZ/SeT26IPZbYrKDQ0AzZx2oQ9Gb1RE0c1ZV8aDeFCtFL+ufkwjU042KZv4o2yjSBDHjp4hoh7qOSrayU5QDQGTZqH+/IYSpouf4vYD97zaXQQHQtIowis/oZRa9cDZicGG5B2MqEHH9yrurgONr6YM5ofkDO7S/NWEE5EAECgYEA6CLhPSQOShiRxBk+N3p3TELNlg1cDDsoZWoEHQqtaDy/db+i0v6H6wtunmegqGBKiCMgUqEGdOeZrdXsaU1iLMNw3i600SrqQ5Hqaqu2jqbYuY32wsllc3nbi2+h54wKFCLOS7B/jmrv8LYYwIolMk1cGIWqgyxZEquPupuETgECgYEA5K4u6VSNzh0YT8j3uXjTwCJCAHobqLYyEOHcYx14ACi16U64bKWqRGIuBe7k8X6suqRerXMe2wTw+YXqBNMW2s2SXZsLZ04AZf1F6o6tAyo/Zs86crwM7QPScBW3IDnXXG0EAllf5vN5baB1p79gFKvQvXfDgx8xAqJB9eYS/8MCgYEAzf4FuefA9mePEmEEIN7/9iBhpwH76K6mTjghplPPRWyCyc5ggrNzkVP3uYFjw4aPHPduu2RBAoRyjxwCSf9tWyOjiMYRlntqnsNhLX9q5HOSZjZf/sIQ0MQV2koZdguC9hNc1TWuO4cRnJ06ocD0+QpE603R3c0AzdyIEqPmaAECgYEAltnQWFtOsAjBYOBRiigKh1QR9f6XAFQv8rMLjtaBspkoZx9myUT/bNzXP1K39BZ8GyMS0Zh/YjuAOxn7pfMZwHybcOQ2QY9S8/R/iptTxiK4cDmDdOxYGoHK7+VjR/7f8jh3zJTojpFOKOMQufekif5NVK8MahLJYdNnb662GcECgYBn/3e5gvaoYlnJSgAhVMFXIsB0vegYXtONGADecqBdvRybQUz1/me2LkKzmq9S5aSKFcrSJbq6xm+DcVQhgeOX0KdlgGLb7T+UyR9C4dhDRNgN8UD+Wog7WY38FpeXCTE/Crwrchdfr3XphlzbAbp/VB7xWupHp9/1KZU/i+TXwA==
2021-03-31 07:44:52 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2021-03-31 07:44:52 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "qzgcSLgS2vBm1Nmhc6_VdgF4SQzndM5SwejjqfPPLcKp2KV4vcwK03AmAHJHgB-q8ZQaiaW6AMvUsuBRiYmYGBya6zbcTCQywOpQZweQEiGftsMcLHpLLK0HbJsrxt_ZFVxa6_xW6oQeH37EPLn7RoNPXjl1aWmR-Cg_hN6wyTuSqfPNrXy6m8XKUwHrkrxAvjU5z5eQC3lAAZbGswLmm2yGbg9qNrc-3hjxnceb_lfrtmWi604QGo70xoZqJZh1PhYYSSbU6drOtDPWcJA8oX3SxYy6o5wjVGIsOo3Vb4fyhzNNzhWB3-z2KfcZHdxikc5SVfn38QTLixx-F42Vcw",
      "d": "MvPkvuNAgTUPdQI64MGP5ak0UZDshD8uM5SJw7bRjc2jW9yKXPkOs7NpK7LWglNqPLAVYacW_kuqRX0p5qMyxuIkXCEcV_BhxjU0riR7BFpLPEk95iKSon3vequG0I0m_gtY52dVuj6M9FR2M5gpJefHw8OXpEINdWsM1A6tT4TU8q8cju5n5K6y_jsIqf-claS18StInd0v8Cqi_V0euoxGzROAbsN2ewnpGgCWvxTUpSygDnZjD0Uad9zbuxQfOE4S8qphtOTadFEyu1v4J8tItKvKFn9gjP5XBkWHs5EJuajPs80u9L3x5SIFvgNCJNZIoN_9y9dQ_0OHNykt2Q",
      "p": "4uID1QMNgCpI6P4H5DjGu-cSNywVtiKEk9naHAvBDiSASfpxfKdWF9fumMAz3mPdhlQmMbNlNJO9JqJxeWh_J7tNRcBlrhfgaVbtUT0SHtsTYwlLED_PM8miZfAIy5C3ju9Rf0e8tQmtBj8v6xwGkGWQ8sDLkw-vsl5NqBcZA20",
      "q": "wTFTpf8ZTnxf8PP5S4dEXDmAIgZlnp336tCjHvpECVMWlvpx8tVUj6wuJuHVhO3LqfEYt4wfEy-o14NzzwSw5Kc-wgMB6U6rZeMdV8Ob5JMCAtdUTtS4EH85y5y_eghIdqtrfuSvr4A41zZs4uYPaqiQu05y_u5q8UOJHdG4kF8",
      "dp": "nkLQL39ApJ1aXIQO1yivoBTwROIQhwsO9d9p4FRmp0nY30G-dhh32ov6WD0CMWfx96itN9AOkZ1YvSFlDC5TPFDP9w7dHpJzLKfBRQDXqgRhQp0R6lTIYTSOfpLwX6ckE6VmcOWGgbYtJoVfFJ5pCcJ_WIYZuwyfH0ne25i5DwU",
      "dq": "nzXAYsdVGqpDArZ9FvJVss8sOl4dNtemLRxdobTLhwezUR758w49zt0td5ubNB4oPlfTb8gI_-3B7kGFmfCauwTdIlQKKjRL6f59-wrYGUnRWXgNIZ4KRoYiohr-bVoQJcPlJcDey_oWXb2bhG3l_JcIF2RyPodLGKL4h9uCh28",
      "qi": "Nf2_xFr89GpFHzfkQNPsipXHJiNgpA3IJIwsuuTPq_GeEyq8sjPVevlwBzqbYOVFJ1Xs1H6JW_OY4BoeS7eBjOodxf7uSInw7ocTiydupUC_mVCkYegjN_0vC2jZ2zm_sn0VBpAVZsSftjabk-LGDELQk0gVatA7Nrivh57C-wc",
      "kty": "RSA",
      "kid": "YdaGJq76SjDky4iSJBEGdart5978QLB86nMU9l3AqWI",
      "alg": "PS256",
      "use": "sig"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "YdaGJq76SjDky4iSJBEGdart5978QLB86nMU9l3AqWI",
      "alg": "PS256",
      "n": "qzgcSLgS2vBm1Nmhc6_VdgF4SQzndM5SwejjqfPPLcKp2KV4vcwK03AmAHJHgB-q8ZQaiaW6AMvUsuBRiYmYGBya6zbcTCQywOpQZweQEiGftsMcLHpLLK0HbJsrxt_ZFVxa6_xW6oQeH37EPLn7RoNPXjl1aWmR-Cg_hN6wyTuSqfPNrXy6m8XKUwHrkrxAvjU5z5eQC3lAAZbGswLmm2yGbg9qNrc-3hjxnceb_lfrtmWi604QGo70xoZqJZh1PhYYSSbU6drOtDPWcJA8oX3SxYy6o5wjVGIsOo3Vb4fyhzNNzhWB3-z2KfcZHdxikc5SVfn38QTLixx-F42Vcw"
    }
  ]
}
2021-03-31 07:44:52 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2021-03-31 07:44:52 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-03-31 07:44:52 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2021-03-31 07:44:52 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "e": "AQAB",
      "n": "qzgcSLgS2vBm1Nmhc6_VdgF4SQzndM5SwejjqfPPLcKp2KV4vcwK03AmAHJHgB-q8ZQaiaW6AMvUsuBRiYmYGBya6zbcTCQywOpQZweQEiGftsMcLHpLLK0HbJsrxt_ZFVxa6_xW6oQeH37EPLn7RoNPXjl1aWmR-Cg_hN6wyTuSqfPNrXy6m8XKUwHrkrxAvjU5z5eQC3lAAZbGswLmm2yGbg9qNrc-3hjxnceb_lfrtmWi604QGo70xoZqJZh1PhYYSSbU6drOtDPWcJA8oX3SxYy6o5wjVGIsOo3Vb4fyhzNNzhWB3-z2KfcZHdxikc5SVfn38QTLixx-F42Vcw",
      "d": "MvPkvuNAgTUPdQI64MGP5ak0UZDshD8uM5SJw7bRjc2jW9yKXPkOs7NpK7LWglNqPLAVYacW_kuqRX0p5qMyxuIkXCEcV_BhxjU0riR7BFpLPEk95iKSon3vequG0I0m_gtY52dVuj6M9FR2M5gpJefHw8OXpEINdWsM1A6tT4TU8q8cju5n5K6y_jsIqf-claS18StInd0v8Cqi_V0euoxGzROAbsN2ewnpGgCWvxTUpSygDnZjD0Uad9zbuxQfOE4S8qphtOTadFEyu1v4J8tItKvKFn9gjP5XBkWHs5EJuajPs80u9L3x5SIFvgNCJNZIoN_9y9dQ_0OHNykt2Q",
      "p": "4uID1QMNgCpI6P4H5DjGu-cSNywVtiKEk9naHAvBDiSASfpxfKdWF9fumMAz3mPdhlQmMbNlNJO9JqJxeWh_J7tNRcBlrhfgaVbtUT0SHtsTYwlLED_PM8miZfAIy5C3ju9Rf0e8tQmtBj8v6xwGkGWQ8sDLkw-vsl5NqBcZA20",
      "q": "wTFTpf8ZTnxf8PP5S4dEXDmAIgZlnp336tCjHvpECVMWlvpx8tVUj6wuJuHVhO3LqfEYt4wfEy-o14NzzwSw5Kc-wgMB6U6rZeMdV8Ob5JMCAtdUTtS4EH85y5y_eghIdqtrfuSvr4A41zZs4uYPaqiQu05y_u5q8UOJHdG4kF8",
      "dp": "nkLQL39ApJ1aXIQO1yivoBTwROIQhwsO9d9p4FRmp0nY30G-dhh32ov6WD0CMWfx96itN9AOkZ1YvSFlDC5TPFDP9w7dHpJzLKfBRQDXqgRhQp0R6lTIYTSOfpLwX6ckE6VmcOWGgbYtJoVfFJ5pCcJ_WIYZuwyfH0ne25i5DwU",
      "dq": "nzXAYsdVGqpDArZ9FvJVss8sOl4dNtemLRxdobTLhwezUR758w49zt0td5ubNB4oPlfTb8gI_-3B7kGFmfCauwTdIlQKKjRL6f59-wrYGUnRWXgNIZ4KRoYiohr-bVoQJcPlJcDey_oWXb2bhG3l_JcIF2RyPodLGKL4h9uCh28",
      "qi": "Nf2_xFr89GpFHzfkQNPsipXHJiNgpA3IJIwsuuTPq_GeEyq8sjPVevlwBzqbYOVFJ1Xs1H6JW_OY4BoeS7eBjOodxf7uSInw7ocTiydupUC_mVCkYegjN_0vC2jZ2zm_sn0VBpAVZsSftjabk-LGDELQk0gVatA7Nrivh57C-wc",
      "kty": "RSA",
      "kid": "YdaGJq76SjDky4iSJBEGdart5978QLB86nMU9l3AqWI",
      "alg": "PS256",
      "use": "sig"
    }
  ]
}
2021-03-31 07:44:52 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2021-03-31 07:44:52 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://certification.plusauth.com/me
institution_id
xxxxx
2021-03-31 07:44:52 SUCCESS
SetProtectedResourceUrlToSingleResourceEndpoint
Set protected resource URL
protected_resource_url
https://certification.plusauth.com/me
2021-03-31 07:44:52 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "certification.plusauth.com",
  "testPort": 443
}
2021-03-31 07:44:52 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "certification.plusauth.com",
  "testPort": 443
}
accounts_request_endpoint
{
  "testHost": "certification.plusauth.com",
  "testPort": 443
}
2021-03-31 07:44:52
fapi-rw-id2-ensure-response-type-code-fails
Setup Done
Make request to authorization endpoint
2021-03-31 07:44:52 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
pkjwt-one
redirect_uri
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback
scope
openid offline_access
2021-03-31 07:44:52 SUCCESS
AddAcrClaimToAuthorizationEndpointRequest
Added acr claim to authorization_endpoint_request
authorization_endpoint_request
{
  "client_id": "pkjwt-one",
  "redirect_uri": "https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback",
  "scope": "openid offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  }
}
2021-03-31 07:44:52
CreateRandomStateValue
Created state value
requested_state_length
10
state
BnqtafoXj5
2021-03-31 07:44:52 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
pkjwt-one
redirect_uri
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback
scope
openid offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
BnqtafoXj5
2021-03-31 07:44:52
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
xUDXQRAGHE
2021-03-31 07:44:52 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
pkjwt-one
redirect_uri
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback
scope
openid offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
BnqtafoXj5
nonce
xUDXQRAGHE
2021-03-31 07:44:52 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCode
Added response_type parameter to request
client_id
pkjwt-one
redirect_uri
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback
scope
openid offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
BnqtafoXj5
nonce
xUDXQRAGHE
response_type
code
2021-03-31 07:44:52 SUCCESS
SetAuthorizationEndpointRequestResponseModeToJWT
Added response_mode parameter to request
client_id
pkjwt-one
redirect_uri
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback
scope
openid offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
BnqtafoXj5
nonce
xUDXQRAGHE
response_type
code
response_mode
jwt
2021-03-31 07:44:52 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCode
Added response_type parameter to request
client_id
pkjwt-one
redirect_uri
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback
scope
openid offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
BnqtafoXj5
nonce
xUDXQRAGHE
response_type
code
response_mode
jwt
2021-03-31 07:44:52 SUCCESS
RemoveAuthorizationEndpointRequestResponseMode
Removed response_mode parameter from request
client_id
pkjwt-one
redirect_uri
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback
scope
openid offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
BnqtafoXj5
nonce
xUDXQRAGHE
response_type
code
2021-03-31 07:44:52 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "pkjwt-one",
  "redirect_uri": "https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback",
  "scope": "openid offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "state": "BnqtafoXj5",
  "nonce": "xUDXQRAGHE",
  "response_type": "code"
}
2021-03-31 07:44:52 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.617176992E9
2021-03-31 07:44:52 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://certification.plusauth.com
2021-03-31 07:44:52 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
pkjwt-one
2021-03-31 07:44:52 SUCCESS
AddClientIdToRequestObject
Added client_id to request object claims
client_id
pkjwt-one
2021-03-31 07:44:52 SUCCESS
SignRequestObject
Signed the request object
claims
{"aud":"https:\/\/certification.plusauth.com","scope":"openid offline_access","claims":{"id_token":{"acr":{"value":"urn:mace:incommon:iap:silver","essential":true}}},"iss":"pkjwt-one","response_type":"code","redirect_uri":"https:\/\/www.certification.openid.net\/test\/a\/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm\/callback","state":"BnqtafoXj5","exp":1617176992,"nonce":"xUDXQRAGHE","client_id":"pkjwt-one"}
header
{"kid":"A_2wqWqrn6IIPVsaws9afUhR7CWtJLIOCKIr6hgsGzQ","alg":"PS256"}
request_object
eyJraWQiOiJBXzJ3cVdxcm42SUlQVnNhd3M5YWZVaFI3Q1d0SkxJT0NLSXI2aGdzR3pRIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2VydGlmaWNhdGlvbi5wbHVzYXV0aC5jb20iLCJzY29wZSI6Im9wZW5pZCBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJwa2p3dC1vbmUiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9vaWRjLXByb3ZpZGVyLWJ5X3ZhbHVlLXByaXZhdGVfa2V5X2p3dC1wbGFpbl9mYXBpLWphcm1cL2NhbGxiYWNrIiwic3RhdGUiOiJCbnF0YWZvWGo1IiwiZXhwIjoxNjE3MTc2OTkyLCJub25jZSI6InhVRFhRUkFHSEUiLCJjbGllbnRfaWQiOiJwa2p3dC1vbmUifQ.Tjh6rTqyDfHaq9Ew71x9Tj4STdJqbAZ77EXp4LfP8HGi6uiwzgcrGrslTBL24MB0U03K1PYpYLix8xEeEZwJ1O_TesbQH4cRlbNtQWMNBujcqhNEuH4AMHw1HkMoYpw6DOAxrIdZwsD8aNiZf7Gl_VYZs0Pg-WZJdPPQq-Mvs6eKuQPWmDyhpUeaerT81Sthecs8_qmxUXcnYkKzUYmzYC9TV6nAWm2OmEQgchjg_O9sfqNHFJvrjP_J2K2Ns_7nA6m0XKYkYUBP_JvGTwH4r90fPSJ2ifS3HCmMX0qcNhTmOpZn3Ele2rOKgqIN6tpKoZQhU8fW3CjML_-1Fe9uYw
key
{"p":"9Ugt6mwFL4-1nsx0PTFYuII_3OXmb9QTOGddefcwDu_2vbQD4qa6JhBRM6EArEL5MgBQ0Vtip_I2PPq46gN064htmJ6-J1P0guS3to1K2-Q0haWM43qDCi5J8cZIHzP3TXedSbYi71CAsDfdCpIXfWDwqWQgupCNPa1zYiE8k6E","kty":"RSA","q":"1fVrsocqDchGkfq55wYasV2Xa9sB9WzMwrIF-cRIJTGohkH7bM8i3YTiHU_DrQ_n4Wpyd8jidkIFq0U8qbYqjWIJurzdo-HkWntDGxtae3ukyUe5w_Is_Nyn1jO9yZS1wh6XTqc_9QaSMs0qd_Cmgm1fzSTnvBgvL1pqFNxGT2k","d":"FMnubkRedWp1Fg3AqJzPe7V3WhYdT7jMDj5cWE_GPHkHOxWUpM_Od3gEbpHumn7YK4UE9m26I1isQPwqdKR0VD9dqVU6TVynOgFMJDNdeshCVRHNSan5AP2Ub6k20axuojsW1qCd1gN_xviEYGU2wjivP0dIqmq2RcWE2J9ujRUxF0gNSVUrsZXJhV6wBrmp2fKg1i0laTJxwUaLOvhQFjG4Yh3ZBsZ67MTEkR7VhBZkGmK0aunBkBON1Vqj3g_rbk577mdPnA_V4iB_VXP7CXSg-Fo1df7AFiHFSwdptuvVJSiAXfgadqIFGjuqIrqdI7fe8cjbW4v3RM85p-GGAQ","e":"AQAB","use":"sig","kid":"A_2wqWqrn6IIPVsaws9afUhR7CWtJLIOCKIr6hgsGzQ","qi":"5k5c8cTo1oBncpHMZa3bGBzzIcC4bxloaFZlMMWFm3dEEmgUlt7vxRrehD64Ed0V4Ilq22Gg3wbvFL39LD0iCU41tB4HAGN2onevRw5cgwqpLW7lkM1f9VxHiep5iE35HO9yE3f_Fa4Kg4dJm13ftDzuLoJ5yhiVneKjtkTzA8w","dp":"gbdpaPc1iuCieVfBBXeqZvGjGoyO4Ic0nvizS8Q5Kz0mrU6dW2k3OtgYSYiVFYTZyuK12vJMa2tB2d_ymPe5BrMA2tzgzWWuAuc4bReuBjpauG9D4i2xTVoLiwyEqdPOrq5ahVgIg618UTVJ9cQrHgh9XefxExlNSNgJFFVlduE","alg":"PS256","dq":"YQlkpdxtc0DA2NYo2CFJm-WBllYGpmOI3khVM3kU62GBOBrWx_uNqX_p-TdC3MuY9AAOGEuQgefhoFLPd3z6AZNULFAaCYiaw3qh7bpTKCvkibExDDBavPfqWtium60JXhf3saFi_WLUjZvFRg5rxj2KtISnYQRq6gQMlpdsf_k","n":"zQAzeDYb9PES5Ool_oQMWKGXXTJIfLrjOkHkD5ECFu3ia-K2-3jYmvGXBMpZYan5KFZNU2HwK93HhHImZX7EKvnVWO_ihE_9LMec_Fw0AcMHNz3z9hxMiWH4pu39zNE_0E1jXoFxbOhDlMX28c8f8wk5ZHqkxkYhwvorOWeV3EBHcgfM6-IpzhDNcUo8xPWN6d_dn6BZK-ovyG6kZvC7qYLcQqjqt7Zn73plvJawfXpj89iUURz_xGqqk6RFZ1ZXzEN81sOzTdyjNYvJB0zXswm0gHcuZ4i9qKMt7gg_xgoMntH3mleVexHMTY1q3_zvVRgYnJfgcu_XmvOEDW08CQ"}
2021-03-31 07:44:52 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://certification.plusauth.com/oauth/auth?request=eyJraWQiOiJBXzJ3cVdxcm42SUlQVnNhd3M5YWZVaFI3Q1d0SkxJT0NLSXI2aGdzR3pRIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2VydGlmaWNhdGlvbi5wbHVzYXV0aC5jb20iLCJzY29wZSI6Im9wZW5pZCBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJwa2p3dC1vbmUiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9vaWRjLXByb3ZpZGVyLWJ5X3ZhbHVlLXByaXZhdGVfa2V5X2p3dC1wbGFpbl9mYXBpLWphcm1cL2NhbGxiYWNrIiwic3RhdGUiOiJCbnF0YWZvWGo1IiwiZXhwIjoxNjE3MTc2OTkyLCJub25jZSI6InhVRFhRUkFHSEUiLCJjbGllbnRfaWQiOiJwa2p3dC1vbmUifQ.Tjh6rTqyDfHaq9Ew71x9Tj4STdJqbAZ77EXp4LfP8HGi6uiwzgcrGrslTBL24MB0U03K1PYpYLix8xEeEZwJ1O_TesbQH4cRlbNtQWMNBujcqhNEuH4AMHw1HkMoYpw6DOAxrIdZwsD8aNiZf7Gl_VYZs0Pg-WZJdPPQq-Mvs6eKuQPWmDyhpUeaerT81Sthecs8_qmxUXcnYkKzUYmzYC9TV6nAWm2OmEQgchjg_O9sfqNHFJvrjP_J2K2Ns_7nA6m0XKYkYUBP_JvGTwH4r90fPSJ2ifS3HCmMX0qcNhTmOpZn3Ele2rOKgqIN6tpKoZQhU8fW3CjML_-1Fe9uYw&client_id=pkjwt-one&redirect_uri=https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback&scope=openid%20offline_access&response_type=code
2021-03-31 07:44:52 REDIRECT
fapi-rw-id2-ensure-response-type-code-fails
Redirecting to authorization endpoint
redirect_to
https://certification.plusauth.com/oauth/auth?request=eyJraWQiOiJBXzJ3cVdxcm42SUlQVnNhd3M5YWZVaFI3Q1d0SkxJT0NLSXI2aGdzR3pRIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2VydGlmaWNhdGlvbi5wbHVzYXV0aC5jb20iLCJzY29wZSI6Im9wZW5pZCBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJwa2p3dC1vbmUiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9vaWRjLXByb3ZpZGVyLWJ5X3ZhbHVlLXByaXZhdGVfa2V5X2p3dC1wbGFpbl9mYXBpLWphcm1cL2NhbGxiYWNrIiwic3RhdGUiOiJCbnF0YWZvWGo1IiwiZXhwIjoxNjE3MTc2OTkyLCJub25jZSI6InhVRFhRUkFHSEUiLCJjbGllbnRfaWQiOiJwa2p3dC1vbmUifQ.Tjh6rTqyDfHaq9Ew71x9Tj4STdJqbAZ77EXp4LfP8HGi6uiwzgcrGrslTBL24MB0U03K1PYpYLix8xEeEZwJ1O_TesbQH4cRlbNtQWMNBujcqhNEuH4AMHw1HkMoYpw6DOAxrIdZwsD8aNiZf7Gl_VYZs0Pg-WZJdPPQq-Mvs6eKuQPWmDyhpUeaerT81Sthecs8_qmxUXcnYkKzUYmzYC9TV6nAWm2OmEQgchjg_O9sfqNHFJvrjP_J2K2Ns_7nA6m0XKYkYUBP_JvGTwH4r90fPSJ2ifS3HCmMX0qcNhTmOpZn3Ele2rOKgqIN6tpKoZQhU8fW3CjML_-1Fe9uYw&client_id=pkjwt-one&redirect_uri=https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback&scope=openid%20offline_access&response_type=code
2021-03-31 07:44:52 REVIEW
ExpectResponseTypeErrorPage
If the server does not return an error back to the client, upload a screenshot of the error page showing an invalid response type error.
image_no_longer_required
true
2021-03-31 07:44:52
WebRunner
Scripted browser HTTP request
browser
goToUrl
request_method
GET
request_uri
https://certification.plusauth.com/oauth/auth?request=eyJraWQiOiJBXzJ3cVdxcm42SUlQVnNhd3M5YWZVaFI3Q1d0SkxJT0NLSXI2aGdzR3pRIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2VydGlmaWNhdGlvbi5wbHVzYXV0aC5jb20iLCJzY29wZSI6Im9wZW5pZCBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJwa2p3dC1vbmUiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9vaWRjLXByb3ZpZGVyLWJ5X3ZhbHVlLXByaXZhdGVfa2V5X2p3dC1wbGFpbl9mYXBpLWphcm1cL2NhbGxiYWNrIiwic3RhdGUiOiJCbnF0YWZvWGo1IiwiZXhwIjoxNjE3MTc2OTkyLCJub25jZSI6InhVRFhRUkFHSEUiLCJjbGllbnRfaWQiOiJwa2p3dC1vbmUifQ.Tjh6rTqyDfHaq9Ew71x9Tj4STdJqbAZ77EXp4LfP8HGi6uiwzgcrGrslTBL24MB0U03K1PYpYLix8xEeEZwJ1O_TesbQH4cRlbNtQWMNBujcqhNEuH4AMHw1HkMoYpw6DOAxrIdZwsD8aNiZf7Gl_VYZs0Pg-WZJdPPQq-Mvs6eKuQPWmDyhpUeaerT81Sthecs8_qmxUXcnYkKzUYmzYC9TV6nAWm2OmEQgchjg_O9sfqNHFJvrjP_J2K2Ns_7nA6m0XKYkYUBP_JvGTwH4r90fPSJ2ifS3HCmMX0qcNhTmOpZn3Ele2rOKgqIN6tpKoZQhU8fW3CjML_-1Fe9uYw&client_id=pkjwt-one&redirect_uri=https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback&scope=openid%20offline_access&response_type=code
2021-03-31 07:44:53 INCOMING
fapi-rw-id2-ensure-response-type-code-fails
Incoming HTTP request to test instance sd8BIVrjE2bmFLS
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
callback
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "error": "invalid_request",
  "error_description": "response_mode not allowed for this response_type in FAPI mode",
  "state": "BnqtafoXj5",
  "session_state": "xHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE"
}
incoming_body
2021-03-31 07:44:53 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/31Q7M3xDDov1E4v59zc1",
  "fullUrl": "https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/implicit/31Q7M3xDDov1E4v59zc1"
}
2021-03-31 07:44:53 OUTGOING
fapi-rw-id2-ensure-response-type-code-fails
Response to HTTP request to test instance sd8BIVrjE2bmFLS
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/implicit/31Q7M3xDDov1E4v59zc1, returnUrl=/log-detail.html?log=sd8BIVrjE2bmFLS}]
outgoing_path
callback
2021-03-31 07:44:53 RESPONSE
WebRunner
Scripted browser HTTP response
response_content
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta charset="UTF-8">
    <title>OIDF Conformance: Processing Implicit Callback</title>

    <!-- Latest compiled and minified CSS -->
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">

    <!-- Optional theme -->
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">
    <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=PT+Sans">
    <link rel="stylesheet" type="text/css" href="/css/layout.css">



</head>
<body>
    <div class="pageHeader container-fluid">
        <div class="row-fluid">
            <div class="col-md-8">
                <a href="index.html"><img src="/images/openid.png"></a>
            </div>
        </div>
    </div>
    <div class="clearfix"></div>

    <div class="container-fluid">
        <div class="row">
            <div class="col-xs-12 col-md-6 col-md-offset-3 center-block center-text">
                <h1 class="text-center">Please wait...</h1>
                <h2 class="text-center">Processing response from authorization server<sup><span class="glyphicon glyphicon-question-sign" data-toggle="tooltip" title="The server should have returned its results as part of a URI fragment. This data normally stays in the browser and needs to be explicitly sent to the test framework for further processing." data-placement="right"></span></sup></h2>
                <p id="complete" class="bg-info collapse">The response has been sent to the server for processing. You may return to <a href="">the test results page.</a></p>
            </div>
        </div>
    </div>
    <!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
    <!-- Include all compiled plugins (below), or include individual files as needed -->
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>

    <footer class="pageFooter">
        <span class="muted">OpenID Foundation conformance suite</span>
    </footer>

	<script type="text/javascript">
		var submitComplete = false;
		function assumeComplete() {
			if (submitComplete) {
				return;
			}
			console.log("assumeComplete workaround for https://gitlab.com/openid/conformance-suite/-/issues/766 activated - assuming post has completed as 5 seconds have elapsed")
			// add a hidden tag so that Selenium can detect we're done processing
			$('#complete').append('<span id="submission_complete" class="hidden"></span>');
		}

		$(function() {

			var hash = window.location.hash;

			var returnUrl = "\/log-detail.html?log=sd8BIVrjE2bmFLS";

			// workaround https://gitlab.com/openid/conformance-suite/-/issues/766 by assuming that the post completes
			// after 5 seconds
			setTimeout(function(){ assumeComplete(); }, 5000);

			$.post({
				url: "https:\/\/www.certification.openid.net\/test\/a\/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm\/implicit\/31Q7M3xDDov1E4v59zc1",
				data: hash,
				contentType: "text/plain", // this will be parsed on the server side, no need to wrap it
			}).always(function () {
				console.log("implicit submit complete")
				$('#complete a').attr('href', returnUrl); // provide the link only after the page is rendered.
				$('#complete').show();
				submitComplete = true;
				// add a hidden tag so that Selenium can detect we're done processing
				$('#complete').append('<span id="submission_complete" class="hidden"></span>');
			});


		});
    </script>


</body>
</html>
response_content_type
text/html
response_status_text
200-
response_status_code
200
2021-03-31 07:44:53
WebRunner
Skipping optional task due to URL mismatch
task
Login
browser
skip
match
https://certification.plusauth.com/signin
url
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback?error=invalid_request&error_description=response_mode%20not%20allowed%20for%20this%20response_type%20in%20FAPI%20mode&state=BnqtafoXj5&session_state=xHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE
commands
[
  [
    "text",
    "name",
    "username",
    "foo"
  ],
  [
    "text",
    "name",
    "password",
    "bar"
  ],
  [
    "click",
    "class",
    "login-submit"
  ]
]
2021-03-31 07:44:53
WebRunner
Skipping optional task due to URL mismatch
task
Consent
browser
skip
match
https://certification.plusauth.com/signin/consent*
url
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback?error=invalid_request&error_description=response_mode%20not%20allowed%20for%20this%20response_type%20in%20FAPI%20mode&state=BnqtafoXj5&session_state=xHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE
commands
[
  [
    "click",
    "class",
    "login-submit"
  ]
]
2021-03-31 07:44:53 INFO
WebRunner
Waiting
regexp
seconds
10
task
Verify Complete
browser
wait
action
element_type
id
url
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback?error=invalid_request&error_description=response_mode%20not%20allowed%20for%20this%20response_type%20in%20FAPI%20mode&state=BnqtafoXj5&session_state=xHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE
target
submission_complete
2021-03-31 07:44:53 INCOMING
fapi-rw-id2-ensure-response-type-code-fails
Incoming HTTP request to test instance sd8BIVrjE2bmFLS
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "accept": "*/*",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "referer": "https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback?error\u003dinvalid_request\u0026error_description\u003dresponse_mode%20not%20allowed%20for%20this%20response_type%20in%20FAPI%20mode\u0026state\u003dBnqtafoXj5\u0026session_state\u003dxHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US",
  "cookie": "JSESSIONID\u003d41A964F16F8AC8E598E266B41BC3F019",
  "x-requested-with": "XMLHttpRequest",
  "content-type": "text/plain",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "0",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/31Q7M3xDDov1E4v59zc1
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-03-31 07:44:53 OUTGOING
fapi-rw-id2-ensure-response-type-code-fails
Response to HTTP request to test instance sd8BIVrjE2bmFLS
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/31Q7M3xDDov1E4v59zc1
2021-03-31 07:44:54 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2021-03-31 07:44:54 REDIRECT-IN
fapi-rw-id2-ensure-response-type-code-fails
Authorization endpoint response captured
url_query
{
  "error": "invalid_request",
  "error_description": "response_mode not allowed for this response_type in FAPI mode",
  "state": "BnqtafoXj5",
  "session_state": "xHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE"
}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{}
post_body
Verify authorization endpoint error response
2021-03-31 07:44:54 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2021-03-31 07:44:54 SUCCESS
RejectAuthCodeInUrlFragment
Authorization code is not present in URL fragment returned from authorization endpoint
2021-03-31 07:44:54
DetectWhetherErrorResponseIsInQueryOrFragment
Server has chosen to return 'error' in URL query, using query as response
error
invalid_request
2021-03-31 07:44:54 SUCCESS
EnsureUnsupportedResponseTypeOrInvalidRequestError
Authorization endpoint returned an expected 'error'
permitted
[
  "invalid_request",
  "unsupported_response_type"
]
error
invalid_request
2021-03-31 07:44:54 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
BnqtafoXj5
2021-03-31 07:44:54 SUCCESS
EnsureErrorFromAuthorizationEndpointResponse
Authorization endpoint returned an error
error
invalid_request
error_description
response_mode not allowed for this response_type in FAPI mode
state
BnqtafoXj5
session_state
xHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE
2021-03-31 07:44:54 SUCCESS
CheckForUnexpectedParametersInErrorResponseFromAuthorizationEndpoint
error response includes only expected parameters
error
invalid_request
error_description
response_mode not allowed for this response_type in FAPI mode
state
BnqtafoXj5
session_state
xHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE
2021-03-31 07:44:54 INFO
WebRunner
Completed processing of webpage
task
Verify Complete
browser
complete
response_status_text
200-
match
https://*/test/a/oidc-provider-*/callback*
url
https://www.certification.openid.net/test/a/oidc-provider-by_value-private_key_jwt-plain_fapi-jarm/callback?error=invalid_request&error_description=response_mode%20not%20allowed%20for%20this%20response_type%20in%20FAPI%20mode&state=BnqtafoXj5&session_state=xHUDmjV6CCuzmBBmOauz7dYABJTpblB353HWsv1sBbI.43tclcvH8hE
response_status_code
200
2021-03-31 07:44:54 FINISHED
fapi-rw-id2-ensure-response-type-code-fails
Test has run to completion
testmodule_result
PASSED
2021-03-31 07:44:55
TEST-RUNNER
Alias has now been claimed by another test
alias
oidc-provider-by_value-private_key_jwt-plain_fapi-jarm
new_test_id
IkGdczqRHtmKFPO
Test Results