Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-06-22 22:11:55 INFO
TEST-RUNNER
Test instance dpTj40By2AmnmEn created
baseUrl
https://www.certification.openid.net/test/a/obbsb
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "plain_fapi",
  "fapi_response_mode": "plain_response"
}
alias
obbsb
description
Raidiam Connect OpenID Provider
planId
vE3PwRcfqPMuE
config
{
  "alias": "obbsb",
  "description": "Raidiam Connect OpenID Provider",
  "server": {
    "discoveryUrl": "https://auth.sandbox.directory.openbankingbrasil.org.br/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "yQx5B3YzgvrVhdnXqeJuV",
    "scope": "openid profile",
    "jwks": {
      "keys": [
        {
          "alg": "PS256",
          "kty": "RSA",
          "n": "3aOjxR_0Rgok7BwNJziJM4nAEqRJiZN3bAwTQR3eIouMFreprcauT7mbfUP2P25fld0Vd13DpE5pXQK3Ey984ZV6NToB_DuffabJfsRF1QXvIoR1zbdPoW8KfA23CilEs0g0f9A8OHren1lTj2SlYsWkdN-ioYcUbgsfkedYzfSfMWtDBAR7LLoWQwtA83iurXk9R4AfS-9F7KN_SmymxeR4c4qRjhVxvhc1aC_Sx-MMDLLcIBik_h9LUQWwFRjHE4zhLMnPigWKpZeBBbND0E3SQawWrBx9moVx3_vCZZETn_-oohqN3xQz0XlJvZ7VGpYpkiaU8veYjJIdNARyFQ",
          "e": "AQAB",
          "d": "BZ4JH4zgxwmox-cqGi1fpNO_73kEeB0psK5ZqpPUNnHs-gJrpYDcmB6vJyyayB7HA2hYC-9vbvGhz_6qnyzb8Ge2cjTnKfpk321ju_fDgVOmLOzIg4860G-dB2ndkr9bA2Q4GGkxrYjHrag46vB1FJzHv0KPv6JJzUQw56TCZm3Zq_9v4Db27ZPZsx8hh5VuyFmYOktgxX2BnsZXoiMSCwFmnnz_RSIA1KivD2fJd4H1-HgKB1CaXlxGxORvf0RQEpzkrl44tjHLfMtl1uPT4E80wOxakl3slKZXW0jfFEZZ4d4r4hDVSv6nmFdJCAh2a00BkcXEnv1I8ru99IzzoQ",
          "p": "7uUPvoK3dn-zvDv67MC4MCQMN3WpryBwxrakXsXfNY76skuCigwDkRb4mJg86_XKwuuV0ZYgU33jDNitXENY37SLw9CxowZNKANBNkpoRBt5HRw56NIaTYmT2KPuMQc-m_wveuJ-AFQOTyIAXrZe3DpI1M5HgLCy3FtjBfwUBP0",
          "q": "7YJIu-OoFWRP-u_4pcYZrPYt5Z_2VOkGG-lnGQvD0f4gi8KtSZt1Swzqj9olAvrfL6H1qbHKcC1fDlt-BxyHcStgx8fXlWirpFqv5Pck91zQOnGRFO0ylz2m2PIJ0BMLFW3cjAksJCYUcbWn3ldReP1dsDHdK0K-z5visXOZePk",
          "dp": "RILmuAEu8kn_Vs1w0fMXH59G7aTN7A6GqUZ570AaGncNyJJFNqfpYfPPiZunZRhRdQMxLTE7xhYFRorhdONPmqBhsN-qAhHtkLsWOaavLlEes82DghS3PGNnRisFRYRJXVy-lSRddGSm0eTzbDYrEEea2YTrFqoWMYH37SB08VU",
          "dq": "ENg0oF69BQdgRMPQNrGeEI5FIwv9RHhiXohnL3eOI86KMF9WOuozn2cDG8C070krmw05hxd87AfLvhDvF0IGuRgCfSjHOWl7AuULpImCrah_fCWhzIImHGPa-XfxCjjPiG2KPsRHxSiOOqJPjY1T0ejmRCDFNtQ9BCxiH4O7VsE",
          "qi": "Il2L8OFsHdPXr7vTbIabKYfGg8nBWNbFHCyUYW__e4eTqBF742BXDLsiSNrIA3JbtSwNVxitC_9djPIn2RHMWcZX9rCDDVQ1K9nZqoPgZhmldHpwVU9ANxvwEaJwB2Zi13i5aF8EEj4zH6ByfTrr_6uAAuI5hYC9Co_MXQNblro",
          "kid": "LGxFNt16_EJ7KY-IPlWq0IZJ46BZafiACvHXrsgF8J0"
        }
      ]
    },
    "hint_type": "login_hint",
    "hint_value": "ralph.bragg@raidiam.com"
  },
  "mtls": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIGRTCCBS2gAwIBAgIUUls0BztW2mZLlJuWjGMYMk/WGgswDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDMyOTE5MzMwMFoXDTIyMDQyOTA1\nMzMwMFowgYIxCzAJBgNVBAYTAkJSMRUwEwYDVQQKEwxPcGVuIEJhbmtpbmcxLTAr\nBgNVBAsTJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzEtMCsG\nA1UEAxMkMDExMTQ4YzgtNzJmNi00NDkxLTgxYTUtOTU0Y2FiNzU3YjJmMIIBIjAN\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYIr88lua2GcMdXbKcQQqfrmIhBs\npyaJLKadZ9EvNH4aDrs3KNSjRLyYIX/pjOWwpx1hCiysQokAwIer/nolDXSbcT6n\nL4ROZwi212wLkqVXKzc+9ivQN+QGO07QgqDaBRJztp72gK3sZQOYFvD3K0V8tAMd\n8KJR+dhGDu0yBpevHMTKvm/vEBPxpXlnQo91z69AWUQRYZh/C7uo4iVF1ItnF2MW\ntyt63dt006uigc5IX3VkIpVLxm/hRO5hfkYGZ62QaJZrjLtPOmkpWhNfYKRNmffC\np74rYVe8QOP+KGrauWwehIGoKDRDNSaO9qP7vTiH/60oqbxrhFOAmbEvTwIDAQAB\no4ICwTCCAr0wDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr\nBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSPkqh540cUBTSvBSQKkTRK\nuSvisDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB\nAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i\nYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js\nMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUF\nBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdp\ndGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0\naW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVk\ncyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNz\naW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFt\nIFNlcnZpY2VzIEx0ZCBDZXJ0aWZpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9j\ndW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gu\ncGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0B\nAQsFAAOCAQEAsuQYJD3yl/t/DtYLf5OCNLVcInO7VbdqKvnseXHImm0R+V6kYNCh\nyV7yBJz1ZaP1iMrFX3BygSKfqLUZL3k2qvfP/FqHDAkpPVk3Pa9y8UR3FbL2X1GK\nsZf9pEEUhe1zMErppzfR9WVNqXV3G0JaVV1abKapx5S25Yl+0d3C+Ki+La0QKftC\nuWDChYgSXqgXKsdt2WBAyuazeUt5lQ2fMJk3kOXzMdEGCV46DbIVu6IuuA2REiyj\nbtpeynaOH0vO5SZxPWXtdlB7OCDNHnCKsoVmy/L+41uRVhvAVLoMk69U6EtsA2PA\nSygM9VodUSiX80yAp76LO2nIuHf4XP8WPg\u003d\u003d\n-----END CERTIFICATE-----",
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5givzyW5rYZwx\n1dspxBCp+uYiEGynJokspp1n0S80fhoOuzco1KNEvJghf+mM5bCnHWEKLKxCiQDA\nh6v+eiUNdJtxPqcvhE5nCLbXbAuSpVcrNz72K9A35AY7TtCCoNoFEnO2nvaArexl\nA5gW8PcrRXy0Ax3wolH52EYO7TIGl68cxMq+b+8QE/GleWdCj3XPr0BZRBFhmH8L\nu6jiJUXUi2cXYxa3K3rd23TTq6KBzkhfdWQilUvGb+FE7mF+RgZnrZBolmuMu086\naSlaE19gpE2Z98KnvithV7xA4/4oatq5bB6EgagoNEM1Jo72o/u9OIf/rSipvGuE\nU4CZsS9PAgMBAAECggEAH74EY0yeVkV3gpeDTtw7tbo20rFYxikz464G1RLYLvU8\n5DRotdXcshBLP8AxaGiNF6tRRXprZ18l/8u3RG4GFQ1U48XCucC74al+D9JvEIK2\nLbDgVyMcF9QutMtBpnh7lc6YejEtIMuh3Y8F4TcONBtJwUufPeOof0XghwFTRAk5\nmgSkUzU2gCIcLZdzyQrfTEzqYUqiXyvfB5kVnh2g/sO/0PgJJ09RvwFNzBk9p/rh\nC239txwFggEwJD7YRN5HqGJ2Y9Pa7e8AqP20SjApAgeyps/dnQGVdVUdr4rEPhTv\nGpdcFTdEtb0bVX8sipb2Xr8ZHu7vHhLPOIOceheXoQKBgQDsuuuGPrSJLuF8tVSJ\nD5RUFc9vXgv7YjNqsu1pXz7L0kZJyk3zs287cngW/AB3vGfAz78TMvR08xuYiz+j\nACo58R/+owgfRTEk1DSB//ReoQiAI7IHzjTXEqb9WeutO5iuxaIfiIsSi3Oe8XOL\nYYJI87o+XeZelMaZrs696vtfFwKBgQDIm9+bKOcNjEK/0py7fQWgCGZaRJErvCLf\nNsnWVdqUkoefroS4X9CtlTtaP8n9xVe2lM1Yz0NpEKGIYmi9Z0R3negiugttVxCR\nIMxjmWRIhGu1wRe+TL932nrNIduC5n5RZu0Lnj5nqH2XpjdINfKamGyHreuK0tmq\nT3M0mp6UiQKBgQC7ukM58xHx09aGsbl2837Z623TUA5KbIZ/r6KrtBc1ROvualrE\nzl+AEfd/qpmoWiUg9t38mKTY9UzF/G8bkO7rgfawVJMFUTZ2kT2Ode5Q+HyoOSZe\nID0w7R61vJAzkRY0So+VWA+JRkMLIUhSmKHbvkPMX2RnTq3rg395hhWPQwKBgDER\nX0o2YP2BVzpQK6H4XI3eQBrINrH53JW4cvoIGeTJSn8WUsQ+O26Z1+ClRaTaxi+U\nif21BIoIVVpkp7XcMnUHnKYR14WxDA5TdWrPNCZArY/RYRtc7mBEglD2fRixhCgp\nAsYauKzmG4IiV9dDyslhivpM4hYcqLztngI555vxAoGBAIGrfv1RyTe5+SCXyKDc\nWNlWW51xuV1AoO2mOA+A0aavFlwT4JAxywVHYqiqP7V4iUFC8BgVpR4HGZps+aZB\nKPzbF3Hh834b5BQmJeifjjm05uApey1PWPD4K+YeFnZYPLI2GvcZOSw/mxDP40ax\nShnpqmnevrwFQRxdApfFgQV6\n-----END PRIVATE KEY-----\n",
    "ca": "-----BEGIN CERTIFICATE-----\nMIIEajCCA1KgAwIBAgIUdIYzEFdw7QJcrySyq6IiEwZfTfAwDQYJKoZIhvcNAQEL\nBQAwazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJv\nb3QgU0FOREJPWCAtIEcxMB4XDTIwMTIxMTEwMDAwMFoXDTIzMTIxMTEwMDAwMFow\ncTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTAT\nBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRC\nT1ggSXNzdWluZyBDQSAtIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\nAQEA6fX+272mHX5QAcDaWkVHFWjnDIcORNUJU3OuNyeuOYhlvXJWydrXe3O+cV+P\nS39faMj/nfem3GfJBE7Xn0bWA/8ksxSfrg1BUBJDge4YBBw+VflI3A0g1fk9wJ3H\nGInsvV4serRJ/ISJTfs0uRNugX+RrbkT/T0tup4vGd3Kl2sbwUdDjokuJNJHANeO\nDRkQ+ra+9Wht71FBlc07yPf7qtpaWHm6aS3s47OJD35ixkG4xiZuHsScxcVtlo1V\nW98P2cQfH9H2lll4wWlPTVHpPThB2EYrPhwcxDh8kHkkOHNkyHO/fYM47u7H4VeQ\nV75LXWKa7iWmZg+WhFb8TXSr/wIDAQABo4H/MIH8MA4GA1UdDwEB/wQEAwIBBjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSGf1itF/WCtk60BbP7sM4RQ99MvjAf\nBgNVHSMEGDAWgBSHE+yWPmLsIRwMSlY68iUM45TpyzBMBggrBgEFBQcBAQRAMD4w\nPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5n\nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRi\nb3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMA0GCSqG\nSIb3DQEBCwUAA4IBAQBy4928pVPeiHItbneeOAsDoc4Obv5Q4tn0QpqTlSeCSBbH\nIURfEr/WaS8sv0JTbIPQEfiO/UtaN8Qxh7j5iVqTwTwgVaE/vDkHxGOen5YxAuyV\n1Fpm4W4oQyybiA6puHEBcteuiYZHppGSMus3bmFYTPE+9B0+W914VZeHDujJ2Y3Y\nMc32Q+PC+Zmv8RfaXp7+QCNYSXR5Ts3q3IesWGmlvAM5tLQi75JmzdWXJ1uKU4u3\nNrw5jY4UaOlvB5Re2BSmcjxdLT/5pApzkS+tO6lICnPAtk/Y6dOJ0YxQBMImtliY\np02yfwRaqP8WJ4CnwUHil3ZRt8U9I+psU8b4WV/3\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIDpjCCAo6gAwIBAgIUS3mWeRx1uG/SMl/ql55VwRtNz7wwDQYJKoZIhvcNAQEL\nBQAwazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJv\nb3QgU0FOREJPWCAtIEcxMB4XDTIwMTIxMTEwMDAwMFoXDTI1MTIxMDEwMDAwMFow\nazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTAT\nBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJvb3Qg\nU0FOREJPWCAtIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp50j\njNh0wu8ioziC1HuWqOfgXwxeiePiRGw5tKDqKIbC7XV1ghEcDiymTHHWWJSQ1LEs\nmYpZVwaos5Mrz2xJwytg8K5eqFqa7QvfOOul29bnzEFk+1gX/0nOYws3Lba9E7S+\nuPaUmfElF4r2lcCNL2f3F87RozqZf+DQBdGUzAt9n+ipY1JpqfI3KF/5qgRkPoIf\nJD+aj2Y1D6eYjs5uMRLU8FMYt0CCfv/Ak6mq4Y9/7CaMKp5qjlrrDux00IDpxoXG\nKx5cK0KgACb2UBZ98oDQxcGrbRIyp8VGmv68BkEQcm7NljP863uBVxtnVTpRwQ1x\nwYEbmSSyoonXy575wQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/\nBAUwAwEB/zAdBgNVHQ4EFgQUhxPslj5i7CEcDEpWOvIlDOOU6cswDQYJKoZIhvcN\nAQELBQADggEBAFoYqwoH7zvr4v0SQ/hWx/bWFRIcV/Rf6rEWGyT/moVAEjPbGH6t\nyHhbxh3RdGcPY7Pzn797lXDGRu0pHv+GAHUA1v1PewCp0IHYukmN5D8+Qumem6by\nHyONyUASMlY0lUOzx9mHVBMuj6u6kvn9xjL6xsPS+Cglv/3SUXUR0mMCYf963xnF\nBIRLTRlbykgJomUptVl/F5U/+8cD+lB/fcZPoQVI0kK0VV51jAODSIhS6vqzQzH4\ncpUmcPh4dy+7RzdTTktxOTXTqAy9/Yx+fk18O9qSQw1MKa9dDZ4YLnAQS2fJJqIE\n1DXIta0LpqM4pMoRMXvp9SLU0atVZLEu6Sc\u003d\n-----END CERTIFICATE-----\n"
  },
  "client2": {
    "client_id": "woozwftxhY2G20myEgi_s",
    "scope": "openid profile",
    "jwks": {
      "keys": [
        {
          "kid": "jQfLvdbMU2XNXhy0TRKH8ajumuBUH4S_ebcbBzW1l34",
          "kty": "RSA",
          "alg": "PS256",
          "p": "_VYnj0d03k1KCL8a6rF6Plz1lE5qv0oQ20gwLrtzZq6M-tYL04BSg2y9r50l8UFCK93jAdk4eN7h8ECs-aYTgXXWOc3thTbDjFMWNcPB232Y-5Sa8UZuOoa319UONKv3c6yGVrGlFhmcMSXH1ZeF6kFKYl5cBBqFSDlUmCsRecU",
          "q": "0d-d-d48wwD5hSsVA9xqwsN2zVIrLszrBmMZkUW8e8jAcf9GgzCnhC70TX5VcHEZSFoqPcDfxhukQsR1zXjBAD7DJGEeLGY69WW5RHILHEHVlxXj-vBZ7mrdVc5wUCkurOQr7lr1U8if1n_feXWJolcteIUeVvz7iXR23EORmU8",
          "d": "Ddh3jboksYLaLyZvuMbJVVUwdnwPONd9bum4vNL04Od7vT2tDQAubrcCnaGWCpEd2amyuMxQdPVXERXUCJMDYhBWQGrV17H7-CbOGORdXGXaOHAj8BIDq4geGGzXKhnJtFuxbA9mFNXhBM1TWKLKikplAhGNNFKfOA5w4ucbf_-YjI5koSldUZxMTkhorzDkcT2_J7VRdxtzoQIFmpyBZi6oLCX12sT75ypwiwQAFNNNQtjfJ0V6aqMOYQT4iDaX_hVR5VsGlw_fRpIbcE0up4QBwSQR0DEj4rEYL3eAkfodY_IvaCMS3cRYePtcv1C80m5oAmtA9nURa-aRxtFROQ",
          "e": "AQAB",
          "qi": "B_zwYgp2BlSsbyWrhB3xiKPE27HUhLOb-b4rfiA9yXNo-aVOKDcNYkJRqdRJz5CCxu-7QZna2lQ8NVJD8W-38OhXBv3bMzzZvbg-NjbA6iiU1XnoZA2jUD9lt-vgf6ZdqDIxmYYSBdU1bd9lqgGjG4PnYOYUxI0y3ZcTMiu0D84",
          "dp": "nCsQF_MkyCU9DkdAgI0HnooPmWz9wQ4XdhX6HdTQPuw7XCW3BJqGQx41kJx_V0mzUPdniSwu89Px0_kKqJsISzYo6VlYolYwFcDiYCJczsGOHQhuu21_ZfTGP_bG2xFnaZdg-PBppEYFUwbHOZQ-qTm2cQ1aC-2NXAh7bZKfI0E",
          "dq": "urA4_YCj-i7OxpepLPMQAMoQztlt0ka0Nc1HfANVg6LzFTSny6EnEh0WciyT4d6pR8P02VPNepMyDbZmt-zXedlaiuzdA0-42HuxTuJHYc5qKehuENVmmf9zfZWSMKxBecfKEE_W9L18-ThsWMWmNcNojlGTyHtnYUE5TfvI818",
          "n": "z7CgrYoh2PMIYRGwJeHFh49efnpUE9jB-M1Lj3r5BOJyiU_Dr-oraZ0NkqyZwuUhJtJgl9IipTmZmfsGwxB2bJ45WYmnb5zWlOAym6eJcvmmQAGppNLs7h2-heKPuq4DwjS46QU5JLyMjMO2_SMMx0bMwb8m10Q8ZGlKjXJ1fQ28d_rtJGeJOMu5MRHt8eQLn3e2nb4E2XRlLrIGlvYcZdgysiwxlceAf2oEdVbiAj6DZ1hs52sFnwbuwwDEQpSIisfkDbNjdAFHzDpLxL_XCMXHDuqs8nUxyBi3T3OBWFLqQGWXCsGdFgtpDPI8SCcNv4FuiW7zxcP2H3fDQ8BQyw"
        }
      ]
    },
    "acr_value": "urn:mace:incommon:iap:silver"
  },
  "mtls2": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIGRTCCBS2gAwIBAgIUXchY+mn/JR3gbk+cT7DUlB4tEVkwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDMyOTE5MzcwMFoXDTIyMDQyOTA1\nMzcwMFowgYIxCzAJBgNVBAYTAkJSMRUwEwYDVQQKEwxPcGVuIEJhbmtpbmcxLTAr\nBgNVBAsTJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzEtMCsG\nA1UEAxMkYmVjNzYwNzgtYWZhNi00ZmVlLTg4YzMtNDQ3ODlmZmI4MTdjMIIBIjAN\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyUGeONs7i8I8GKMEQmI82dGiALX\nmAd6lO/eKmhRkk0lTDhj4BCoi4/OQUU/+p7D00GXsLFWt7pbgUL64sLUSvLBJ/wE\npMHbsgkRZP9iI8ymtVAtjeQMVTg55TQwUEtmnmuLdr7ZA4nxC4LMBTahpNTwZ7qJ\nDsd0nYqthVZlOxBvjEI5NyortRZh3JIKzPv/7KESA6Z7BvxO3THVlm06wMIXYRfr\n1J5qNe1HJ/tUV8Vj38aE5iMNf3yfCxcXtPMDXXMk7Qq1eH8bIrhFER6wVAV7mDvJ\n46LBR/VshwQk1GplXLC3U6646rUfBibaGf7WenmuXeeaEb7wsnLV/tDPbwIDAQAB\no4ICwTCCAr0wDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr\nBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQzeZf9sI7GcbJ65qtYzxe0\nSSzRBTAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB\nAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i\nYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js\nMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUF\nBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdp\ndGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0\naW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVk\ncyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNz\naW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFt\nIFNlcnZpY2VzIEx0ZCBDZXJ0aWZpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9j\ndW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gu\ncGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0B\nAQsFAAOCAQEAHKDTsK7MdJDfGy2+iqtiiYcL2V6dU6iVGdV8BVQYsOIctOPQIQiL\n4d/TzZG7XqaCbRQqxqWeS9FvQ5rEKoPReCCUd2F/Yq/+zBBgWCpectvvw3UbfX+c\nXNMvqCs+v3erxYzo9KLcJ1PVz4oiB0Kt+qq2yBgoWItyzuxEFEkYkOltywbKAzWF\nHAGyec7T8zLPUZy/q38yjsVJBsIj0otqDe4vXYqDslHLoI7hf5c1TIJPHsIzdnTI\n11rp/jIUS9F1Veg91qB5ZKCKMsSloEnRt9z3L4Sl3eU7RRPL2bnxcAUcfxMRNpkZ\nK+iDWhIwW0eKgUKCHeBU+xmbXObyNHAu7Q\u003d\u003d\n-----END CERTIFICATE-----",
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHJQZ442zuLwjw\nYowRCYjzZ0aIAteYB3qU794qaFGSTSVMOGPgEKiLj85BRT/6nsPTQZewsVa3uluB\nQvriwtRK8sEn/ASkwduyCRFk/2IjzKa1UC2N5AxVODnlNDBQS2aea4t2vtkDifEL\ngswFNqGk1PBnuokOx3Sdiq2FVmU7EG+MQjk3Kiu1FmHckgrM+//soRIDpnsG/E7d\nMdWWbTrAwhdhF+vUnmo17Ucn+1RXxWPfxoTmIw1/fJ8LFxe08wNdcyTtCrV4fxsi\nuEURHrBUBXuYO8njosFH9WyHBCTUamVcsLdTrrjqtR8GJtoZ/tZ6ea5d55oRvvCy\nctX+0M9vAgMBAAECggEAS0Ly7z0ELgAYoMCdrtKrr1GYlk58rDgnW6JLlDtYmLIP\nJn8pP8UL7bKrgH9rbowR9gUUDvL2kvkbG/70Uj7PfIPB/BqCpsGdBevnZwQdUupF\nFsD2dml5P7vAJZ9TowTcA4Mhcf8uhOfc8Ty9XjsHXAQd1xXoNm2q5N9ENOAx4d/o\nU6vbA/C1td7CY4vVZu5jci/3hNsV4zoQoV4+TOlYtFEArtSlYO7OFbHr8XX0Y+lR\nTCTG/6OPj1Gow6p2bM0Nx/2DvGhB4+RaEZvmFPq5BF8t3VTeedVtWuMQFifmoqGF\nDS31FeOOMBneS1VpPYHXuo4AVbNpn1lyzVca1iWiAQKBgQD/UNeLLetBHicHvgYv\nMq8zmdPRuUuw1LHd0BHeQ+w14KShCSMr5AKPWa1K3kMA9U1WKml2OO44xeCjJkKj\n5lZh45WmlSgLSoWHlVV8uxdC6GZRjZDG1tFsDlGoJPUfCcJlK4Rkm3pScVkWolTM\nh0cRSjvZUZvh3KBtp3VyirL4XQKBgQDHraW7bv7RDcsMszyNBWxxXIYKKb+5A9Is\noiObluPa5Pna5KKD2ejDqVCBi4T/xLmnSPr1KcosLbCSfsKnKdzaJbz1edQhH7Ar\nzP5SFYZKXs2chFsDj0ILTKdKvMROcpe28c20lOP8blyLpMZDntdNfpHlN2t6foOI\nmHK4Uba6OwKBgGkAjXT/EJa6WOD1RMPae3WkWRoSs89o2jHYZdDcbGQIHIziHiXp\n4yejgQKegD3/pKvAS5lEdqzArM9MZ/HSREqD98MH6u0h2+LUBtGCfGGXBKWbrCQq\nqvxeszSM5oa6U8mZ6RwbWWZYmYQWhPuM0yyINC7/QjXUr+IJEeNmqY49AoGBAKNU\nd9c8MHUB6lAmIGZdxFlpzD5t7eRBqt5Vdfjj0NeRKosRL5nYWdwKF88PN6ga251p\nRdXZ7AR9DwyVYVVpGbza15iXoZvCltENKg4six80Ms1POj9MJEKn3cN1asGcXFsJ\nqTCIBYDLKSoUixRuzkAWQvKShXi6GY9W26fHN0dXAoGAetNJkm4lBix0vhsnftek\nnNjlRNQmRUwBH8pmOfXUdDAz1vv1jG4kDvGIizQYdcUaM9pTE1etNgEXb/348jPv\nLBOD5LwDHjxSTDsmbWJ/LCQ6xiWWKS/qQpf1VbZH5UIRzpKFIzBRDveQYlemvkrU\nsz7tmEUpY3rJI+f79Z+rwkc\u003d\n-----END PRIVATE KEY-----",
    "ca": "-----BEGIN CERTIFICATE-----\nMIIEajCCA1KgAwIBAgIUdIYzEFdw7QJcrySyq6IiEwZfTfAwDQYJKoZIhvcNAQEL\nBQAwazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJv\nb3QgU0FOREJPWCAtIEcxMB4XDTIwMTIxMTEwMDAwMFoXDTIzMTIxMTEwMDAwMFow\ncTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTAT\nBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRC\nT1ggSXNzdWluZyBDQSAtIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\nAQEA6fX+272mHX5QAcDaWkVHFWjnDIcORNUJU3OuNyeuOYhlvXJWydrXe3O+cV+P\nS39faMj/nfem3GfJBE7Xn0bWA/8ksxSfrg1BUBJDge4YBBw+VflI3A0g1fk9wJ3H\nGInsvV4serRJ/ISJTfs0uRNugX+RrbkT/T0tup4vGd3Kl2sbwUdDjokuJNJHANeO\nDRkQ+ra+9Wht71FBlc07yPf7qtpaWHm6aS3s47OJD35ixkG4xiZuHsScxcVtlo1V\nW98P2cQfH9H2lll4wWlPTVHpPThB2EYrPhwcxDh8kHkkOHNkyHO/fYM47u7H4VeQ\nV75LXWKa7iWmZg+WhFb8TXSr/wIDAQABo4H/MIH8MA4GA1UdDwEB/wQEAwIBBjAP\nBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSGf1itF/WCtk60BbP7sM4RQ99MvjAf\nBgNVHSMEGDAWgBSHE+yWPmLsIRwMSlY68iUM45TpyzBMBggrBgEFBQcBAQRAMD4w\nPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5n\nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRi\nb3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMA0GCSqG\nSIb3DQEBCwUAA4IBAQBy4928pVPeiHItbneeOAsDoc4Obv5Q4tn0QpqTlSeCSBbH\nIURfEr/WaS8sv0JTbIPQEfiO/UtaN8Qxh7j5iVqTwTwgVaE/vDkHxGOen5YxAuyV\n1Fpm4W4oQyybiA6puHEBcteuiYZHppGSMus3bmFYTPE+9B0+W914VZeHDujJ2Y3Y\nMc32Q+PC+Zmv8RfaXp7+QCNYSXR5Ts3q3IesWGmlvAM5tLQi75JmzdWXJ1uKU4u3\nNrw5jY4UaOlvB5Re2BSmcjxdLT/5pApzkS+tO6lICnPAtk/Y6dOJ0YxQBMImtliY\np02yfwRaqP8WJ4CnwUHil3ZRt8U9I+psU8b4WV/3\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIDpjCCAo6gAwIBAgIUS3mWeRx1uG/SMl/ql55VwRtNz7wwDQYJKoZIhvcNAQEL\nBQAwazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJv\nb3QgU0FOREJPWCAtIEcxMB4XDTIwMTIxMTEwMDAwMFoXDTI1MTIxMDEwMDAwMFow\nazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTAT\nBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJvb3Qg\nU0FOREJPWCAtIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp50j\njNh0wu8ioziC1HuWqOfgXwxeiePiRGw5tKDqKIbC7XV1ghEcDiymTHHWWJSQ1LEs\nmYpZVwaos5Mrz2xJwytg8K5eqFqa7QvfOOul29bnzEFk+1gX/0nOYws3Lba9E7S+\nuPaUmfElF4r2lcCNL2f3F87RozqZf+DQBdGUzAt9n+ipY1JpqfI3KF/5qgRkPoIf\nJD+aj2Y1D6eYjs5uMRLU8FMYt0CCfv/Ak6mq4Y9/7CaMKp5qjlrrDux00IDpxoXG\nKx5cK0KgACb2UBZ98oDQxcGrbRIyp8VGmv68BkEQcm7NljP863uBVxtnVTpRwQ1x\nwYEbmSSyoonXy575wQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/\nBAUwAwEB/zAdBgNVHQ4EFgQUhxPslj5i7CEcDEpWOvIlDOOU6cswDQYJKoZIhvcN\nAQELBQADggEBAFoYqwoH7zvr4v0SQ/hWx/bWFRIcV/Rf6rEWGyT/moVAEjPbGH6t\nyHhbxh3RdGcPY7Pzn797lXDGRu0pHv+GAHUA1v1PewCp0IHYukmN5D8+Qumem6by\nHyONyUASMlY0lUOzx9mHVBMuj6u6kvn9xjL6xsPS+Cglv/3SUXUR0mMCYf963xnF\nBIRLTRlbykgJomUptVl/F5U/+8cD+lB/fcZPoQVI0kK0VV51jAODSIhS6vqzQzH4\ncpUmcPh4dy+7RzdTTktxOTXTqAy9/Yx+fk18O9qSQw1MKa9dDZ4YLnAQS2fJJqIE\n1DXIta0LpqM4pMoRMXvp9SLU0atVZLEu6Sc\u003d\n-----END CERTIFICATE-----\n"
  },
  "resource": {
    "resourceUrl": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me",
    "resourceUrlAccountRequests": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me",
    "resourceUrlAccountsResource": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me",
    "institution_id": "1234567890"
  }
}
testName
fapi1-advanced-final-ensure-request-object-without-nbf-fails
2021-06-22 22:11:55 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/obbsb/callback
2021-06-22 22:11:55
GetDynamicServerConfiguration
HTTP request
request_uri
https://auth.sandbox.directory.openbankingbrasil.org.br/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-06-22 22:11:55 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/json",
  "transfer-encoding": "chunked",
  "connection": "keep-alive",
  "date": "Tue, 22 Jun 2021 21:59:08 GMT",
  "last-modified": "Tue, 22 Jun 2021 21:53:18 GMT",
  "etag": "W/\"d325fcc7509096a98b93c93ebc59a5bd\"",
  "server": "AmazonS3",
  "vary": "Accept-Encoding",
  "x-cache": "Hit from cloudfront",
  "via": "1.1 9e18259ccc98f7a9dcd0fe17b60688c3.cloudfront.net (CloudFront)",
  "x-amz-cf-pop": "IAD66-C1",
  "x-amz-cf-id": "wRQg-XpEL-pzAfpbWLZh-AyV9e19PmdsZOERgli3O7-KVM86fU8u0w\u003d\u003d",
  "age": "768"
}
response_body
{
   "acr_values_supported":[
      "urn:brasil:openbanking:loa2", "urn:brasil:openbanking:loa3", "urn:mace:incommon:iap:silver"
   ],
   "authorization_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/auth",
   "device_authorization_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/device/auth",
   "claims_parameter_supported":true,
   "claims_supported":[
      "sub",
      "email",
      "email_verified",
      "phone_number",
      "phone_number_verified",
      "address",
      "birthdate",
      "family_name",
      "gender",
      "given_name",
      "locale",
      "middle_name",
      "name",
      "nickname",
      "picture",
      "preferred_username",
      "profile",
      "updated_at",
      "website",
      "zoneinfo",
      "trust_framework_profile",
      "acr",
      "sid",
      "auth_time",
      "iss"
   ],
   "code_challenge_methods_supported":[
      "S256"
   ],
   "end_session_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/session/end",
   "grant_types_supported":[
      "implicit",
      "authorization_code",
      "refresh_token",
      "client_credentials",
      "urn:openid:params:grant-type:ciba"
   ],
   "id_token_signing_alg_values_supported":[
      "PS256"
   ],
   "backchannel_authentication_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/backchannel",
    "backchannel_token_delivery_modes_supported": [
        "poll", "ping"
    ],
    "backchannel_user_code_parameter_supported": true,
    "backchannel_authentication_request_signing_alg_values_supported": [
        "PS256"
    ],
   "issuer":"https://auth.sandbox.directory.openbankingbrasil.org.br",
   "jwks_uri":"https://auth.sandbox.directory.openbankingbrasil.org.br/jwks",
   "registration_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/reg",
   "response_modes_supported":[
      "form_post",
      "fragment",
      "query",
      "jwt",
      "query.jwt",
      "fragment.jwt",
      "form_post.jwt"
   ],
   "response_types_supported":[
      "code id_token",
      "code",
      "id_token",
      "none"
   ],
   "scopes_supported":[
      "openid",
      "offline_access",
      "profile",
      "email",
      "address",
      "phone",
      "trust_framework_profile",
      "directory:software"
   ],
   "subject_types_supported":[
      "public",
      "pairwise"
   ],
   "token_endpoint_auth_methods_supported":[
      "private_key_jwt",
      "tls_client_auth"
   ],
   "token_endpoint_auth_signing_alg_values_supported":[
      "PS256"
   ],
   "token_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token",
   "pushed_authorization_request_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/request",
   "request_object_signing_alg_values_supported":[
      "PS256"
   ],
   "request_parameter_supported":true,
   "request_uri_parameter_supported":false,
   "userinfo_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/me",
   "authorization_signing_alg_values_supported":[
      "PS256"
   ],
   "introspection_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/token/introspection",
   "introspection_endpoint_auth_methods_supported":[
      "private_key_jwt",
      "tls_client_auth"
   ],
   "introspection_endpoint_auth_signing_alg_values_supported":[
      "PS256"
   ],
   "revocation_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/token/revocation",
   "revocation_endpoint_auth_methods_supported":[
      "private_key_jwt",
      "tls_client_auth"
   ],
   "revocation_endpoint_auth_signing_alg_values_supported":[
      "PS256"
   ],
   "id_token_encryption_alg_values_supported":[
      "A128KW",
      "A256KW",
      "ECDH-ES",
      "RSA-OAEP",
      "dir"
   ],
   "id_token_encryption_enc_values_supported":[
      "A128CBC-HS256",
      "A128GCM",
      "A256CBC-HS512",
      "A256GCM"
   ],
   "authorization_encryption_alg_values_supported":[
      "A128KW",
      "A256KW",
      "ECDH-ES",
      "RSA-OAEP",
      "dir"
   ],
   "authorization_encryption_enc_values_supported":[
      "A128CBC-HS256",
      "A128GCM",
      "A256CBC-HS512",
      "A256GCM"
   ],
   "request_object_encryption_alg_values_supported":[
      "A128KW",
      "A256KW",
      "dir",
      "ECDH-ES",
      "RSA-OAEP"
   ],
   "request_object_encryption_enc_values_supported":[
      "A128CBC-HS256",
      "A128GCM",
      "A256CBC-HS512",
      "A256GCM"
   ],
   "tls_client_certificate_bound_access_tokens":true,
   "claim_types_supported":[
      "normal"
   ],
   "mtls_endpoint_aliases":{
      "token_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token",
      "revocation_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token/revocation",
      "introspection_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token/introspection",
      "device_authorization_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/device/auth",
      "registration_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/reg",
      "userinfo_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me",
      "pushed_authorization_request_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/request",
      "backchannel_authentication_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/backchannel"
   }
}
2021-06-22 22:11:55
GetDynamicServerConfiguration
Downloaded server configuration
server_config_string
{
   "acr_values_supported":[
      "urn:brasil:openbanking:loa2", "urn:brasil:openbanking:loa3", "urn:mace:incommon:iap:silver"
   ],
   "authorization_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/auth",
   "device_authorization_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/device/auth",
   "claims_parameter_supported":true,
   "claims_supported":[
      "sub",
      "email",
      "email_verified",
      "phone_number",
      "phone_number_verified",
      "address",
      "birthdate",
      "family_name",
      "gender",
      "given_name",
      "locale",
      "middle_name",
      "name",
      "nickname",
      "picture",
      "preferred_username",
      "profile",
      "updated_at",
      "website",
      "zoneinfo",
      "trust_framework_profile",
      "acr",
      "sid",
      "auth_time",
      "iss"
   ],
   "code_challenge_methods_supported":[
      "S256"
   ],
   "end_session_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/session/end",
   "grant_types_supported":[
      "implicit",
      "authorization_code",
      "refresh_token",
      "client_credentials",
      "urn:openid:params:grant-type:ciba"
   ],
   "id_token_signing_alg_values_supported":[
      "PS256"
   ],
   "backchannel_authentication_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/backchannel",
    "backchannel_token_delivery_modes_supported": [
        "poll", "ping"
    ],
    "backchannel_user_code_parameter_supported": true,
    "backchannel_authentication_request_signing_alg_values_supported": [
        "PS256"
    ],
   "issuer":"https://auth.sandbox.directory.openbankingbrasil.org.br",
   "jwks_uri":"https://auth.sandbox.directory.openbankingbrasil.org.br/jwks",
   "registration_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/reg",
   "response_modes_supported":[
      "form_post",
      "fragment",
      "query",
      "jwt",
      "query.jwt",
      "fragment.jwt",
      "form_post.jwt"
   ],
   "response_types_supported":[
      "code id_token",
      "code",
      "id_token",
      "none"
   ],
   "scopes_supported":[
      "openid",
      "offline_access",
      "profile",
      "email",
      "address",
      "phone",
      "trust_framework_profile",
      "directory:software"
   ],
   "subject_types_supported":[
      "public",
      "pairwise"
   ],
   "token_endpoint_auth_methods_supported":[
      "private_key_jwt",
      "tls_client_auth"
   ],
   "token_endpoint_auth_signing_alg_values_supported":[
      "PS256"
   ],
   "token_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token",
   "pushed_authorization_request_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/request",
   "request_object_signing_alg_values_supported":[
      "PS256"
   ],
   "request_parameter_supported":true,
   "request_uri_parameter_supported":false,
   "userinfo_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/me",
   "authorization_signing_alg_values_supported":[
      "PS256"
   ],
   "introspection_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/token/introspection",
   "introspection_endpoint_auth_methods_supported":[
      "private_key_jwt",
      "tls_client_auth"
   ],
   "introspection_endpoint_auth_signing_alg_values_supported":[
      "PS256"
   ],
   "revocation_endpoint":"https://auth.sandbox.directory.openbankingbrasil.org.br/token/revocation",
   "revocation_endpoint_auth_methods_supported":[
      "private_key_jwt",
      "tls_client_auth"
   ],
   "revocation_endpoint_auth_signing_alg_values_supported":[
      "PS256"
   ],
   "id_token_encryption_alg_values_supported":[
      "A128KW",
      "A256KW",
      "ECDH-ES",
      "RSA-OAEP",
      "dir"
   ],
   "id_token_encryption_enc_values_supported":[
      "A128CBC-HS256",
      "A128GCM",
      "A256CBC-HS512",
      "A256GCM"
   ],
   "authorization_encryption_alg_values_supported":[
      "A128KW",
      "A256KW",
      "ECDH-ES",
      "RSA-OAEP",
      "dir"
   ],
   "authorization_encryption_enc_values_supported":[
      "A128CBC-HS256",
      "A128GCM",
      "A256CBC-HS512",
      "A256GCM"
   ],
   "request_object_encryption_alg_values_supported":[
      "A128KW",
      "A256KW",
      "dir",
      "ECDH-ES",
      "RSA-OAEP"
   ],
   "request_object_encryption_enc_values_supported":[
      "A128CBC-HS256",
      "A128GCM",
      "A256CBC-HS512",
      "A256GCM"
   ],
   "tls_client_certificate_bound_access_tokens":true,
   "claim_types_supported":[
      "normal"
   ],
   "mtls_endpoint_aliases":{
      "token_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token",
      "revocation_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token/revocation",
      "introspection_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token/introspection",
      "device_authorization_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/device/auth",
      "registration_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/reg",
      "userinfo_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me",
      "pushed_authorization_request_endpoint":"https://matls-auth.sandbox.directory.openbankingbrasil.org.br/request",
      "backchannel_authentication_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/backchannel"
   }
}
2021-06-22 22:11:55 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
acr_values_supported
[
  "urn:brasil:openbanking:loa2",
  "urn:brasil:openbanking:loa3",
  "urn:mace:incommon:iap:silver"
]
authorization_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/auth
device_authorization_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/device/auth
claims_parameter_supported
true
claims_supported
[
  "sub",
  "email",
  "email_verified",
  "phone_number",
  "phone_number_verified",
  "address",
  "birthdate",
  "family_name",
  "gender",
  "given_name",
  "locale",
  "middle_name",
  "name",
  "nickname",
  "picture",
  "preferred_username",
  "profile",
  "updated_at",
  "website",
  "zoneinfo",
  "trust_framework_profile",
  "acr",
  "sid",
  "auth_time",
  "iss"
]
code_challenge_methods_supported
[
  "S256"
]
end_session_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/session/end
grant_types_supported
[
  "implicit",
  "authorization_code",
  "refresh_token",
  "client_credentials",
  "urn:openid:params:grant-type:ciba"
]
id_token_signing_alg_values_supported
[
  "PS256"
]
backchannel_authentication_endpoint
https://matls-auth.sandbox.directory.openbankingbrasil.org.br/backchannel
backchannel_token_delivery_modes_supported
[
  "poll",
  "ping"
]
backchannel_user_code_parameter_supported
true
backchannel_authentication_request_signing_alg_values_supported
[
  "PS256"
]
issuer
https://auth.sandbox.directory.openbankingbrasil.org.br
jwks_uri
https://auth.sandbox.directory.openbankingbrasil.org.br/jwks
registration_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/reg
response_modes_supported
[
  "form_post",
  "fragment",
  "query",
  "jwt",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt"
]
response_types_supported
[
  "code id_token",
  "code",
  "id_token",
  "none"
]
scopes_supported
[
  "openid",
  "offline_access",
  "profile",
  "email",
  "address",
  "phone",
  "trust_framework_profile",
  "directory:software"
]
subject_types_supported
[
  "public",
  "pairwise"
]
token_endpoint_auth_methods_supported
[
  "private_key_jwt",
  "tls_client_auth"
]
token_endpoint_auth_signing_alg_values_supported
[
  "PS256"
]
token_endpoint
https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token
pushed_authorization_request_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/request
request_object_signing_alg_values_supported
[
  "PS256"
]
request_parameter_supported
true
request_uri_parameter_supported
false
userinfo_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/me
authorization_signing_alg_values_supported
[
  "PS256"
]
introspection_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/token/introspection
introspection_endpoint_auth_methods_supported
[
  "private_key_jwt",
  "tls_client_auth"
]
introspection_endpoint_auth_signing_alg_values_supported
[
  "PS256"
]
revocation_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/token/revocation
revocation_endpoint_auth_methods_supported
[
  "private_key_jwt",
  "tls_client_auth"
]
revocation_endpoint_auth_signing_alg_values_supported
[
  "PS256"
]
id_token_encryption_alg_values_supported
[
  "A128KW",
  "A256KW",
  "ECDH-ES",
  "RSA-OAEP",
  "dir"
]
id_token_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A256CBC-HS512",
  "A256GCM"
]
authorization_encryption_alg_values_supported
[
  "A128KW",
  "A256KW",
  "ECDH-ES",
  "RSA-OAEP",
  "dir"
]
authorization_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A256CBC-HS512",
  "A256GCM"
]
request_object_encryption_alg_values_supported
[
  "A128KW",
  "A256KW",
  "dir",
  "ECDH-ES",
  "RSA-OAEP"
]
request_object_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A128GCM",
  "A256CBC-HS512",
  "A256GCM"
]
tls_client_certificate_bound_access_tokens
true
claim_types_supported
[
  "normal"
]
mtls_endpoint_aliases
{
  "token_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token",
  "revocation_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token/revocation",
  "introspection_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token/introspection",
  "device_authorization_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/device/auth",
  "registration_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/reg",
  "userinfo_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me",
  "pushed_authorization_request_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/request",
  "backchannel_authentication_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/backchannel"
}
2021-06-22 22:11:55 SUCCESS
AddMTLSEndpointAliasesToEnvironment
Added mtls_endpoint_aliases to environment
mtls_endpoint_aliases
{
  "token_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token",
  "revocation_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token/revocation",
  "introspection_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/token/introspection",
  "device_authorization_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/device/auth",
  "registration_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/reg",
  "userinfo_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me",
  "pushed_authorization_request_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/request",
  "backchannel_authentication_endpoint": "https://matls-auth.sandbox.directory.openbankingbrasil.org.br/backchannel"
}
2021-06-22 22:11:55 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-06-22 22:11:55
FetchServerKeys
Fetching server key
jwks_uri
https://auth.sandbox.directory.openbankingbrasil.org.br/jwks
2021-06-22 22:11:55
FetchServerKeys
HTTP request
request_uri
https://auth.sandbox.directory.openbankingbrasil.org.br/jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2021-06-22 22:11:55 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/jwk-set+json; charset\u003dutf-8",
  "content-length": "1345",
  "connection": "keep-alive",
  "server": "awselb/2.0",
  "date": "Tue, 22 Jun 2021 22:11:55 GMT",
  "vary": "Origin",
  "x-xss-protection": "1; mode\u003dblock",
  "x-content-type-options": "nosniff",
  "x-download-options": "noopen",
  "strict-transport-security": "max-age\u003d15552000; includeSubDomains",
  "x-frame-options": "SAMEORIGIN",
  "x-dns-prefetch-control": "off",
  "x-cache": "Miss from cloudfront",
  "via": "1.1 bc90ecfdcecca714ae795dbc461f470d.cloudfront.net (CloudFront)",
  "x-amz-cf-pop": "IAD66-C1",
  "x-amz-cf-id": "XnElbDJIxvNEgwyZJ16B-di_YSJ2IM7JXkN4UHf2sPar38SiQqB65g\u003d\u003d"
}
response_body
{"keys":[{"kty":"OKP","use":"sig","kid":"1620843930500-59258c55ef","alg":"EdDSA","crv":"Ed25519","x":"SauHzclnDwnbdItQPNM1Djs40qqwIwsUKvlGd_N-8tU"},{"kty":"EC","use":"enc","kid":"1620843930500-f23fd5be4d","crv":"P-256","x":"OO9hfx_WZHaWmHbZ2MvbvZalksW5-4j79_A1XOoypik","y":"iyx3qakClo_EtI3KVX6UXyLbs--0Gk-s2CzFXzSvvO8"},{"kty":"EC","use":"sig","kid":"1620843930480-9122aa4d3e","alg":"ES256","crv":"P-256","x":"Bkc2WA_-NfSPAGD5qnA8VFwvpiPciAktDaV5inXuJ1o","y":"DaTMdKJ3OQZJ1xtYf_Rk_tnE7wSiy6y16qJ4Q8TBvEQ"},{"kty":"RSA","use":"enc","kid":"1620843930400-947cec131c","e":"AQAB","n":"4U-XmysT5n0LJGhCBpv0WM6DoyyW1hEoiHSizFgbEuxSBBIbWcSSWAUM35o7eALXu1F6sa9XdtlCnHkR5AqfQMfkIGJzOvXoaFqfcPsP3KimWb8ibsnTKDD98rwO-Xd9Xm8ij8YhgdGXZqQ3KTK6iuVPSWphXH0KXOhoJoResG5O4R3gh_eYxpuALL1aciNNoXk--jFE-CknajjdvXSimKKN_mLc77mGmvDoIcnh4dndH7S8hHtgh45JV5HWSzMxv-g0aC_zp66dnUgBLlUU2db6456A1ECChYl5hjgQ_lKi9IAQ1G61ERkv4PY8esVvdJbsTJIyzDrPuQKTaeRfFw"},{"kty":"RSA","use":"sig","kid":"1620843929805-d19591259b","e":"AQAB","n":"s8zrUBJFHoNBB-bICFA3dnsl3vCFuT-E1b3v9aTBfhfCDihdz0V2wfco9K1o67I8swbpYajrSHWKsIm4b1ZUe06J_bFRchwkuJCb6qaWhlJj0TzPRTEBVwq6gN24p5wuDpRH343NOoZX3P7Sp9aCKmSfTLtWlSO3iysa3sYuArHIOJ0rLdg0pYkSPAN8roqGU2STt4jphASYbFa4IQYG6XIC-y1-u_LBVf0kYeYE5EqnF9f_1wqvf7ObAKo1WAgU5ZujXAdoGMRi-AQCCCo-h8k4HeMEfzc9yygzxP2Wd1rSq46g8jENDgoEAAB_09ifssQ2NqYS6pta5GEFNtJdBw"}]}
2021-06-22 22:11:55
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kty":"OKP","use":"sig","kid":"1620843930500-59258c55ef","alg":"EdDSA","crv":"Ed25519","x":"SauHzclnDwnbdItQPNM1Djs40qqwIwsUKvlGd_N-8tU"},{"kty":"EC","use":"enc","kid":"1620843930500-f23fd5be4d","crv":"P-256","x":"OO9hfx_WZHaWmHbZ2MvbvZalksW5-4j79_A1XOoypik","y":"iyx3qakClo_EtI3KVX6UXyLbs--0Gk-s2CzFXzSvvO8"},{"kty":"EC","use":"sig","kid":"1620843930480-9122aa4d3e","alg":"ES256","crv":"P-256","x":"Bkc2WA_-NfSPAGD5qnA8VFwvpiPciAktDaV5inXuJ1o","y":"DaTMdKJ3OQZJ1xtYf_Rk_tnE7wSiy6y16qJ4Q8TBvEQ"},{"kty":"RSA","use":"enc","kid":"1620843930400-947cec131c","e":"AQAB","n":"4U-XmysT5n0LJGhCBpv0WM6DoyyW1hEoiHSizFgbEuxSBBIbWcSSWAUM35o7eALXu1F6sa9XdtlCnHkR5AqfQMfkIGJzOvXoaFqfcPsP3KimWb8ibsnTKDD98rwO-Xd9Xm8ij8YhgdGXZqQ3KTK6iuVPSWphXH0KXOhoJoResG5O4R3gh_eYxpuALL1aciNNoXk--jFE-CknajjdvXSimKKN_mLc77mGmvDoIcnh4dndH7S8hHtgh45JV5HWSzMxv-g0aC_zp66dnUgBLlUU2db6456A1ECChYl5hjgQ_lKi9IAQ1G61ERkv4PY8esVvdJbsTJIyzDrPuQKTaeRfFw"},{"kty":"RSA","use":"sig","kid":"1620843929805-d19591259b","e":"AQAB","n":"s8zrUBJFHoNBB-bICFA3dnsl3vCFuT-E1b3v9aTBfhfCDihdz0V2wfco9K1o67I8swbpYajrSHWKsIm4b1ZUe06J_bFRchwkuJCb6qaWhlJj0TzPRTEBVwq6gN24p5wuDpRH343NOoZX3P7Sp9aCKmSfTLtWlSO3iysa3sYuArHIOJ0rLdg0pYkSPAN8roqGU2STt4jphASYbFa4IQYG6XIC-y1-u_LBVf0kYeYE5EqnF9f_1wqvf7ObAKo1WAgU5ZujXAdoGMRi-AQCCCo-h8k4HeMEfzc9yygzxP2Wd1rSq46g8jENDgoEAAB_09ifssQ2NqYS6pta5GEFNtJdBw"}]}
2021-06-22 22:11:55 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kty": "OKP",
      "use": "sig",
      "kid": "1620843930500-59258c55ef",
      "alg": "EdDSA",
      "crv": "Ed25519",
      "x": "SauHzclnDwnbdItQPNM1Djs40qqwIwsUKvlGd_N-8tU"
    },
    {
      "kty": "EC",
      "use": "enc",
      "kid": "1620843930500-f23fd5be4d",
      "crv": "P-256",
      "x": "OO9hfx_WZHaWmHbZ2MvbvZalksW5-4j79_A1XOoypik",
      "y": "iyx3qakClo_EtI3KVX6UXyLbs--0Gk-s2CzFXzSvvO8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "kid": "1620843930480-9122aa4d3e",
      "alg": "ES256",
      "crv": "P-256",
      "x": "Bkc2WA_-NfSPAGD5qnA8VFwvpiPciAktDaV5inXuJ1o",
      "y": "DaTMdKJ3OQZJ1xtYf_Rk_tnE7wSiy6y16qJ4Q8TBvEQ"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "kid": "1620843930400-947cec131c",
      "e": "AQAB",
      "n": "4U-XmysT5n0LJGhCBpv0WM6DoyyW1hEoiHSizFgbEuxSBBIbWcSSWAUM35o7eALXu1F6sa9XdtlCnHkR5AqfQMfkIGJzOvXoaFqfcPsP3KimWb8ibsnTKDD98rwO-Xd9Xm8ij8YhgdGXZqQ3KTK6iuVPSWphXH0KXOhoJoResG5O4R3gh_eYxpuALL1aciNNoXk--jFE-CknajjdvXSimKKN_mLc77mGmvDoIcnh4dndH7S8hHtgh45JV5HWSzMxv-g0aC_zp66dnUgBLlUU2db6456A1ECChYl5hjgQ_lKi9IAQ1G61ERkv4PY8esVvdJbsTJIyzDrPuQKTaeRfFw"
    },
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "1620843929805-d19591259b",
      "e": "AQAB",
      "n": "s8zrUBJFHoNBB-bICFA3dnsl3vCFuT-E1b3v9aTBfhfCDihdz0V2wfco9K1o67I8swbpYajrSHWKsIm4b1ZUe06J_bFRchwkuJCb6qaWhlJj0TzPRTEBVwq6gN24p5wuDpRH343NOoZX3P7Sp9aCKmSfTLtWlSO3iysa3sYuArHIOJ0rLdg0pYkSPAN8roqGU2STt4jphASYbFa4IQYG6XIC-y1-u_LBVf0kYeYE5EqnF9f_1wqvf7ObAKo1WAgU5ZujXAdoGMRi-AQCCCo-h8k4HeMEfzc9yygzxP2Wd1rSq46g8jENDgoEAAB_09ifssQ2NqYS6pta5GEFNtJdBw"
    }
  ]
}
2021-06-22 22:11:55 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kty": "OKP",
      "use": "sig",
      "kid": "1620843930500-59258c55ef",
      "alg": "EdDSA",
      "crv": "Ed25519",
      "x": "SauHzclnDwnbdItQPNM1Djs40qqwIwsUKvlGd_N-8tU"
    },
    {
      "kty": "EC",
      "use": "enc",
      "kid": "1620843930500-f23fd5be4d",
      "crv": "P-256",
      "x": "OO9hfx_WZHaWmHbZ2MvbvZalksW5-4j79_A1XOoypik",
      "y": "iyx3qakClo_EtI3KVX6UXyLbs--0Gk-s2CzFXzSvvO8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "kid": "1620843930480-9122aa4d3e",
      "alg": "ES256",
      "crv": "P-256",
      "x": "Bkc2WA_-NfSPAGD5qnA8VFwvpiPciAktDaV5inXuJ1o",
      "y": "DaTMdKJ3OQZJ1xtYf_Rk_tnE7wSiy6y16qJ4Q8TBvEQ"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "kid": "1620843930400-947cec131c",
      "e": "AQAB",
      "n": "4U-XmysT5n0LJGhCBpv0WM6DoyyW1hEoiHSizFgbEuxSBBIbWcSSWAUM35o7eALXu1F6sa9XdtlCnHkR5AqfQMfkIGJzOvXoaFqfcPsP3KimWb8ibsnTKDD98rwO-Xd9Xm8ij8YhgdGXZqQ3KTK6iuVPSWphXH0KXOhoJoResG5O4R3gh_eYxpuALL1aciNNoXk--jFE-CknajjdvXSimKKN_mLc77mGmvDoIcnh4dndH7S8hHtgh45JV5HWSzMxv-g0aC_zp66dnUgBLlUU2db6456A1ECChYl5hjgQ_lKi9IAQ1G61ERkv4PY8esVvdJbsTJIyzDrPuQKTaeRfFw"
    },
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "1620843929805-d19591259b",
      "e": "AQAB",
      "n": "s8zrUBJFHoNBB-bICFA3dnsl3vCFuT-E1b3v9aTBfhfCDihdz0V2wfco9K1o67I8swbpYajrSHWKsIm4b1ZUe06J_bFRchwkuJCb6qaWhlJj0TzPRTEBVwq6gN24p5wuDpRH343NOoZX3P7Sp9aCKmSfTLtWlSO3iysa3sYuArHIOJ0rLdg0pYkSPAN8roqGU2STt4jphASYbFa4IQYG6XIC-y1-u_LBVf0kYeYE5EqnF9f_1wqvf7ObAKo1WAgU5ZujXAdoGMRi-AQCCCo-h8k4HeMEfzc9yygzxP2Wd1rSq46g8jENDgoEAAB_09ifssQ2NqYS6pta5GEFNtJdBw"
    }
  ]
}
2021-06-22 22:11:55 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-06-22 22:11:55 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2021-06-22 22:11:55 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-06-22 22:11:55 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "kty": "OKP",
      "use": "sig",
      "kid": "1620843930500-59258c55ef",
      "alg": "EdDSA",
      "crv": "Ed25519",
      "x": "SauHzclnDwnbdItQPNM1Djs40qqwIwsUKvlGd_N-8tU"
    },
    {
      "kty": "EC",
      "use": "enc",
      "kid": "1620843930500-f23fd5be4d",
      "crv": "P-256",
      "x": "OO9hfx_WZHaWmHbZ2MvbvZalksW5-4j79_A1XOoypik",
      "y": "iyx3qakClo_EtI3KVX6UXyLbs--0Gk-s2CzFXzSvvO8"
    },
    {
      "kty": "EC",
      "use": "sig",
      "kid": "1620843930480-9122aa4d3e",
      "alg": "ES256",
      "crv": "P-256",
      "x": "Bkc2WA_-NfSPAGD5qnA8VFwvpiPciAktDaV5inXuJ1o",
      "y": "DaTMdKJ3OQZJ1xtYf_Rk_tnE7wSiy6y16qJ4Q8TBvEQ"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "kid": "1620843930400-947cec131c",
      "e": "AQAB",
      "n": "4U-XmysT5n0LJGhCBpv0WM6DoyyW1hEoiHSizFgbEuxSBBIbWcSSWAUM35o7eALXu1F6sa9XdtlCnHkR5AqfQMfkIGJzOvXoaFqfcPsP3KimWb8ibsnTKDD98rwO-Xd9Xm8ij8YhgdGXZqQ3KTK6iuVPSWphXH0KXOhoJoResG5O4R3gh_eYxpuALL1aciNNoXk--jFE-CknajjdvXSimKKN_mLc77mGmvDoIcnh4dndH7S8hHtgh45JV5HWSzMxv-g0aC_zp66dnUgBLlUU2db6456A1ECChYl5hjgQ_lKi9IAQ1G61ERkv4PY8esVvdJbsTJIyzDrPuQKTaeRfFw"
    },
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "1620843929805-d19591259b",
      "e": "AQAB",
      "n": "s8zrUBJFHoNBB-bICFA3dnsl3vCFuT-E1b3v9aTBfhfCDihdz0V2wfco9K1o67I8swbpYajrSHWKsIm4b1ZUe06J_bFRchwkuJCb6qaWhlJj0TzPRTEBVwq6gN24p5wuDpRH343NOoZX3P7Sp9aCKmSfTLtWlSO3iysa3sYuArHIOJ0rLdg0pYkSPAN8roqGU2STt4jphASYbFa4IQYG6XIC-y1-u_LBVf0kYeYE5EqnF9f_1wqvf7ObAKo1WAgU5ZujXAdoGMRi-AQCCCo-h8k4HeMEfzc9yygzxP2Wd1rSq46g8jENDgoEAAB_09ifssQ2NqYS6pta5GEFNtJdBw"
    }
  ]
}
2021-06-22 22:11:55 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
yQx5B3YzgvrVhdnXqeJuV
scope
openid profile
jwks
{
  "keys": [
    {
      "alg": "PS256",
      "kty": "RSA",
      "n": "3aOjxR_0Rgok7BwNJziJM4nAEqRJiZN3bAwTQR3eIouMFreprcauT7mbfUP2P25fld0Vd13DpE5pXQK3Ey984ZV6NToB_DuffabJfsRF1QXvIoR1zbdPoW8KfA23CilEs0g0f9A8OHren1lTj2SlYsWkdN-ioYcUbgsfkedYzfSfMWtDBAR7LLoWQwtA83iurXk9R4AfS-9F7KN_SmymxeR4c4qRjhVxvhc1aC_Sx-MMDLLcIBik_h9LUQWwFRjHE4zhLMnPigWKpZeBBbND0E3SQawWrBx9moVx3_vCZZETn_-oohqN3xQz0XlJvZ7VGpYpkiaU8veYjJIdNARyFQ",
      "e": "AQAB",
      "d": "BZ4JH4zgxwmox-cqGi1fpNO_73kEeB0psK5ZqpPUNnHs-gJrpYDcmB6vJyyayB7HA2hYC-9vbvGhz_6qnyzb8Ge2cjTnKfpk321ju_fDgVOmLOzIg4860G-dB2ndkr9bA2Q4GGkxrYjHrag46vB1FJzHv0KPv6JJzUQw56TCZm3Zq_9v4Db27ZPZsx8hh5VuyFmYOktgxX2BnsZXoiMSCwFmnnz_RSIA1KivD2fJd4H1-HgKB1CaXlxGxORvf0RQEpzkrl44tjHLfMtl1uPT4E80wOxakl3slKZXW0jfFEZZ4d4r4hDVSv6nmFdJCAh2a00BkcXEnv1I8ru99IzzoQ",
      "p": "7uUPvoK3dn-zvDv67MC4MCQMN3WpryBwxrakXsXfNY76skuCigwDkRb4mJg86_XKwuuV0ZYgU33jDNitXENY37SLw9CxowZNKANBNkpoRBt5HRw56NIaTYmT2KPuMQc-m_wveuJ-AFQOTyIAXrZe3DpI1M5HgLCy3FtjBfwUBP0",
      "q": "7YJIu-OoFWRP-u_4pcYZrPYt5Z_2VOkGG-lnGQvD0f4gi8KtSZt1Swzqj9olAvrfL6H1qbHKcC1fDlt-BxyHcStgx8fXlWirpFqv5Pck91zQOnGRFO0ylz2m2PIJ0BMLFW3cjAksJCYUcbWn3ldReP1dsDHdK0K-z5visXOZePk",
      "dp": "RILmuAEu8kn_Vs1w0fMXH59G7aTN7A6GqUZ570AaGncNyJJFNqfpYfPPiZunZRhRdQMxLTE7xhYFRorhdONPmqBhsN-qAhHtkLsWOaavLlEes82DghS3PGNnRisFRYRJXVy-lSRddGSm0eTzbDYrEEea2YTrFqoWMYH37SB08VU",
      "dq": "ENg0oF69BQdgRMPQNrGeEI5FIwv9RHhiXohnL3eOI86KMF9WOuozn2cDG8C070krmw05hxd87AfLvhDvF0IGuRgCfSjHOWl7AuULpImCrah_fCWhzIImHGPa-XfxCjjPiG2KPsRHxSiOOqJPjY1T0ejmRCDFNtQ9BCxiH4O7VsE",
      "qi": "Il2L8OFsHdPXr7vTbIabKYfGg8nBWNbFHCyUYW__e4eTqBF742BXDLsiSNrIA3JbtSwNVxitC_9djPIn2RHMWcZX9rCDDVQ1K9nZqoPgZhmldHpwVU9ANxvwEaJwB2Zi13i5aF8EEj4zH6ByfTrr_6uAAuI5hYC9Co_MXQNblro",
      "kid": "LGxFNt16_EJ7KY-IPlWq0IZJ46BZafiACvHXrsgF8J0"
    }
  ]
}
hint_type
login_hint
hint_value
ralph.bragg@raidiam.com
2021-06-22 22:11:55 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2021-06-22 22:11:55 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIGRTCCBS2gAwIBAgIUUls0BztW2mZLlJuWjGMYMk/WGgswDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDMyOTE5MzMwMFoXDTIyMDQyOTA1MzMwMFowgYIxCzAJBgNVBAYTAkJSMRUwEwYDVQQKEwxPcGVuIEJhbmtpbmcxLTArBgNVBAsTJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzEtMCsGA1UEAxMkMDExMTQ4YzgtNzJmNi00NDkxLTgxYTUtOTU0Y2FiNzU3YjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYIr88lua2GcMdXbKcQQqfrmIhBspyaJLKadZ9EvNH4aDrs3KNSjRLyYIX/pjOWwpx1hCiysQokAwIer/nolDXSbcT6nL4ROZwi212wLkqVXKzc+9ivQN+QGO07QgqDaBRJztp72gK3sZQOYFvD3K0V8tAMd8KJR+dhGDu0yBpevHMTKvm/vEBPxpXlnQo91z69AWUQRYZh/C7uo4iVF1ItnF2MWtyt63dt006uigc5IX3VkIpVLxm/hRO5hfkYGZ62QaJZrjLtPOmkpWhNfYKRNmffCp74rYVe8QOP+KGrauWwehIGoKDRDNSaO9qP7vTiH/60oqbxrhFOAmbEvTwIDAQABo4ICwTCCAr0wDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSPkqh540cUBTSvBSQKkTRKuSvisDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWZpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAsuQYJD3yl/t/DtYLf5OCNLVcInO7VbdqKvnseXHImm0R+V6kYNChyV7yBJz1ZaP1iMrFX3BygSKfqLUZL3k2qvfP/FqHDAkpPVk3Pa9y8UR3FbL2X1GKsZf9pEEUhe1zMErppzfR9WVNqXV3G0JaVV1abKapx5S25Yl+0d3C+Ki+La0QKftCuWDChYgSXqgXKsdt2WBAyuazeUt5lQ2fMJk3kOXzMdEGCV46DbIVu6IuuA2REiyjbtpeynaOH0vO5SZxPWXtdlB7OCDNHnCKsoVmy/L+41uRVhvAVLoMk69U6EtsA2PASygM9VodUSiX80yAp76LO2nIuHf4XP8WPg==
key
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5givzyW5rYZwx1dspxBCp+uYiEGynJokspp1n0S80fhoOuzco1KNEvJghf+mM5bCnHWEKLKxCiQDAh6v+eiUNdJtxPqcvhE5nCLbXbAuSpVcrNz72K9A35AY7TtCCoNoFEnO2nvaArexlA5gW8PcrRXy0Ax3wolH52EYO7TIGl68cxMq+b+8QE/GleWdCj3XPr0BZRBFhmH8Lu6jiJUXUi2cXYxa3K3rd23TTq6KBzkhfdWQilUvGb+FE7mF+RgZnrZBolmuMu086aSlaE19gpE2Z98KnvithV7xA4/4oatq5bB6EgagoNEM1Jo72o/u9OIf/rSipvGuEU4CZsS9PAgMBAAECggEAH74EY0yeVkV3gpeDTtw7tbo20rFYxikz464G1RLYLvU85DRotdXcshBLP8AxaGiNF6tRRXprZ18l/8u3RG4GFQ1U48XCucC74al+D9JvEIK2LbDgVyMcF9QutMtBpnh7lc6YejEtIMuh3Y8F4TcONBtJwUufPeOof0XghwFTRAk5mgSkUzU2gCIcLZdzyQrfTEzqYUqiXyvfB5kVnh2g/sO/0PgJJ09RvwFNzBk9p/rhC239txwFggEwJD7YRN5HqGJ2Y9Pa7e8AqP20SjApAgeyps/dnQGVdVUdr4rEPhTvGpdcFTdEtb0bVX8sipb2Xr8ZHu7vHhLPOIOceheXoQKBgQDsuuuGPrSJLuF8tVSJD5RUFc9vXgv7YjNqsu1pXz7L0kZJyk3zs287cngW/AB3vGfAz78TMvR08xuYiz+jACo58R/+owgfRTEk1DSB//ReoQiAI7IHzjTXEqb9WeutO5iuxaIfiIsSi3Oe8XOLYYJI87o+XeZelMaZrs696vtfFwKBgQDIm9+bKOcNjEK/0py7fQWgCGZaRJErvCLfNsnWVdqUkoefroS4X9CtlTtaP8n9xVe2lM1Yz0NpEKGIYmi9Z0R3negiugttVxCRIMxjmWRIhGu1wRe+TL932nrNIduC5n5RZu0Lnj5nqH2XpjdINfKamGyHreuK0tmqT3M0mp6UiQKBgQC7ukM58xHx09aGsbl2837Z623TUA5KbIZ/r6KrtBc1ROvualrEzl+AEfd/qpmoWiUg9t38mKTY9UzF/G8bkO7rgfawVJMFUTZ2kT2Ode5Q+HyoOSZeID0w7R61vJAzkRY0So+VWA+JRkMLIUhSmKHbvkPMX2RnTq3rg395hhWPQwKBgDERX0o2YP2BVzpQK6H4XI3eQBrINrH53JW4cvoIGeTJSn8WUsQ+O26Z1+ClRaTaxi+Uif21BIoIVVpkp7XcMnUHnKYR14WxDA5TdWrPNCZArY/RYRtc7mBEglD2fRixhCgpAsYauKzmG4IiV9dDyslhivpM4hYcqLztngI555vxAoGBAIGrfv1RyTe5+SCXyKDcWNlWW51xuV1AoO2mOA+A0aavFlwT4JAxywVHYqiqP7V4iUFC8BgVpR4HGZps+aZBKPzbF3Hh834b5BQmJeifjjm05uApey1PWPD4K+YeFnZYPLI2GvcZOSw/mxDP40axShnpqmnevrwFQRxdApfFgQV6
ca
MIIEajCCA1KgAwIBAgIUdIYzEFdw7QJcrySyq6IiEwZfTfAwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJvb3QgU0FOREJPWCAtIEcxMB4XDTIwMTIxMTEwMDAwMFoXDTIzMTIxMTEwMDAwMFowcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fX+272mHX5QAcDaWkVHFWjnDIcORNUJU3OuNyeuOYhlvXJWydrXe3O+cV+PS39faMj/nfem3GfJBE7Xn0bWA/8ksxSfrg1BUBJDge4YBBw+VflI3A0g1fk9wJ3HGInsvV4serRJ/ISJTfs0uRNugX+RrbkT/T0tup4vGd3Kl2sbwUdDjokuJNJHANeODRkQ+ra+9Wht71FBlc07yPf7qtpaWHm6aS3s47OJD35ixkG4xiZuHsScxcVtlo1VW98P2cQfH9H2lll4wWlPTVHpPThB2EYrPhwcxDh8kHkkOHNkyHO/fYM47u7H4VeQV75LXWKa7iWmZg+WhFb8TXSr/wIDAQABo4H/MIH8MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSGf1itF/WCtk60BbP7sM4RQ99MvjAfBgNVHSMEGDAWgBSHE+yWPmLsIRwMSlY68iUM45TpyzBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBy4928pVPeiHItbneeOAsDoc4Obv5Q4tn0QpqTlSeCSBbHIURfEr/WaS8sv0JTbIPQEfiO/UtaN8Qxh7j5iVqTwTwgVaE/vDkHxGOen5YxAuyV1Fpm4W4oQyybiA6puHEBcteuiYZHppGSMus3bmFYTPE+9B0+W914VZeHDujJ2Y3YMc32Q+PC+Zmv8RfaXp7+QCNYSXR5Ts3q3IesWGmlvAM5tLQi75JmzdWXJ1uKU4u3Nrw5jY4UaOlvB5Re2BSmcjxdLT/5pApzkS+tO6lICnPAtk/Y6dOJ0YxQBMImtliYp02yfwRaqP8WJ4CnwUHil3ZRt8U9I+psU8b4WV/3MIIDpjCCAo6gAwIBAgIUS3mWeRx1uG/SMl/ql55VwRtNz7wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJvb3QgU0FOREJPWCAtIEcxMB4XDTIwMTIxMTEwMDAwMFoXDTI1MTIxMDEwMDAwMFowazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJvb3QgU0FOREJPWCAtIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp50jjNh0wu8ioziC1HuWqOfgXwxeiePiRGw5tKDqKIbC7XV1ghEcDiymTHHWWJSQ1LEsmYpZVwaos5Mrz2xJwytg8K5eqFqa7QvfOOul29bnzEFk+1gX/0nOYws3Lba9E7S+uPaUmfElF4r2lcCNL2f3F87RozqZf+DQBdGUzAt9n+ipY1JpqfI3KF/5qgRkPoIfJD+aj2Y1D6eYjs5uMRLU8FMYt0CCfv/Ak6mq4Y9/7CaMKp5qjlrrDux00IDpxoXGKx5cK0KgACb2UBZ98oDQxcGrbRIyp8VGmv68BkEQcm7NljP863uBVxtnVTpRwQ1xwYEbmSSyoonXy575wQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUhxPslj5i7CEcDEpWOvIlDOOU6cswDQYJKoZIhvcNAQELBQADggEBAFoYqwoH7zvr4v0SQ/hWx/bWFRIcV/Rf6rEWGyT/moVAEjPbGH6tyHhbxh3RdGcPY7Pzn797lXDGRu0pHv+GAHUA1v1PewCp0IHYukmN5D8+Qumem6byHyONyUASMlY0lUOzx9mHVBMuj6u6kvn9xjL6xsPS+Cglv/3SUXUR0mMCYf963xnFBIRLTRlbykgJomUptVl/F5U/+8cD+lB/fcZPoQVI0kK0VV51jAODSIhS6vqzQzH4cpUmcPh4dy+7RzdTTktxOTXTqAy9/Yx+fk18O9qSQw1MKa9dDZ4YLnAQS2fJJqIE1DXIta0LpqM4pMoRMXvp9SLU0atVZLEu6Sc=
2021-06-22 22:11:55 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2021-06-22 22:11:55 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "alg": "PS256",
      "kty": "RSA",
      "n": "3aOjxR_0Rgok7BwNJziJM4nAEqRJiZN3bAwTQR3eIouMFreprcauT7mbfUP2P25fld0Vd13DpE5pXQK3Ey984ZV6NToB_DuffabJfsRF1QXvIoR1zbdPoW8KfA23CilEs0g0f9A8OHren1lTj2SlYsWkdN-ioYcUbgsfkedYzfSfMWtDBAR7LLoWQwtA83iurXk9R4AfS-9F7KN_SmymxeR4c4qRjhVxvhc1aC_Sx-MMDLLcIBik_h9LUQWwFRjHE4zhLMnPigWKpZeBBbND0E3SQawWrBx9moVx3_vCZZETn_-oohqN3xQz0XlJvZ7VGpYpkiaU8veYjJIdNARyFQ",
      "e": "AQAB",
      "d": "BZ4JH4zgxwmox-cqGi1fpNO_73kEeB0psK5ZqpPUNnHs-gJrpYDcmB6vJyyayB7HA2hYC-9vbvGhz_6qnyzb8Ge2cjTnKfpk321ju_fDgVOmLOzIg4860G-dB2ndkr9bA2Q4GGkxrYjHrag46vB1FJzHv0KPv6JJzUQw56TCZm3Zq_9v4Db27ZPZsx8hh5VuyFmYOktgxX2BnsZXoiMSCwFmnnz_RSIA1KivD2fJd4H1-HgKB1CaXlxGxORvf0RQEpzkrl44tjHLfMtl1uPT4E80wOxakl3slKZXW0jfFEZZ4d4r4hDVSv6nmFdJCAh2a00BkcXEnv1I8ru99IzzoQ",
      "p": "7uUPvoK3dn-zvDv67MC4MCQMN3WpryBwxrakXsXfNY76skuCigwDkRb4mJg86_XKwuuV0ZYgU33jDNitXENY37SLw9CxowZNKANBNkpoRBt5HRw56NIaTYmT2KPuMQc-m_wveuJ-AFQOTyIAXrZe3DpI1M5HgLCy3FtjBfwUBP0",
      "q": "7YJIu-OoFWRP-u_4pcYZrPYt5Z_2VOkGG-lnGQvD0f4gi8KtSZt1Swzqj9olAvrfL6H1qbHKcC1fDlt-BxyHcStgx8fXlWirpFqv5Pck91zQOnGRFO0ylz2m2PIJ0BMLFW3cjAksJCYUcbWn3ldReP1dsDHdK0K-z5visXOZePk",
      "dp": "RILmuAEu8kn_Vs1w0fMXH59G7aTN7A6GqUZ570AaGncNyJJFNqfpYfPPiZunZRhRdQMxLTE7xhYFRorhdONPmqBhsN-qAhHtkLsWOaavLlEes82DghS3PGNnRisFRYRJXVy-lSRddGSm0eTzbDYrEEea2YTrFqoWMYH37SB08VU",
      "dq": "ENg0oF69BQdgRMPQNrGeEI5FIwv9RHhiXohnL3eOI86KMF9WOuozn2cDG8C070krmw05hxd87AfLvhDvF0IGuRgCfSjHOWl7AuULpImCrah_fCWhzIImHGPa-XfxCjjPiG2KPsRHxSiOOqJPjY1T0ejmRCDFNtQ9BCxiH4O7VsE",
      "qi": "Il2L8OFsHdPXr7vTbIabKYfGg8nBWNbFHCyUYW__e4eTqBF742BXDLsiSNrIA3JbtSwNVxitC_9djPIn2RHMWcZX9rCDDVQ1K9nZqoPgZhmldHpwVU9ANxvwEaJwB2Zi13i5aF8EEj4zH6ByfTrr_6uAAuI5hYC9Co_MXQNblro",
      "kid": "LGxFNt16_EJ7KY-IPlWq0IZJ46BZafiACvHXrsgF8J0"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "LGxFNt16_EJ7KY-IPlWq0IZJ46BZafiACvHXrsgF8J0",
      "alg": "PS256",
      "n": "3aOjxR_0Rgok7BwNJziJM4nAEqRJiZN3bAwTQR3eIouMFreprcauT7mbfUP2P25fld0Vd13DpE5pXQK3Ey984ZV6NToB_DuffabJfsRF1QXvIoR1zbdPoW8KfA23CilEs0g0f9A8OHren1lTj2SlYsWkdN-ioYcUbgsfkedYzfSfMWtDBAR7LLoWQwtA83iurXk9R4AfS-9F7KN_SmymxeR4c4qRjhVxvhc1aC_Sx-MMDLLcIBik_h9LUQWwFRjHE4zhLMnPigWKpZeBBbND0E3SQawWrBx9moVx3_vCZZETn_-oohqN3xQz0XlJvZ7VGpYpkiaU8veYjJIdNARyFQ"
    }
  ]
}
2021-06-22 22:11:55 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2021-06-22 22:11:55 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-06-22 22:11:55 SUCCESS
FAPICheckKeyAlgInClientJWKs
Keys in client JWKS all have permitted 'alg'
permitted
[
  "PS256",
  "ES256"
]
2021-06-22 22:11:55 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "alg": "PS256",
      "kty": "RSA",
      "n": "3aOjxR_0Rgok7BwNJziJM4nAEqRJiZN3bAwTQR3eIouMFreprcauT7mbfUP2P25fld0Vd13DpE5pXQK3Ey984ZV6NToB_DuffabJfsRF1QXvIoR1zbdPoW8KfA23CilEs0g0f9A8OHren1lTj2SlYsWkdN-ioYcUbgsfkedYzfSfMWtDBAR7LLoWQwtA83iurXk9R4AfS-9F7KN_SmymxeR4c4qRjhVxvhc1aC_Sx-MMDLLcIBik_h9LUQWwFRjHE4zhLMnPigWKpZeBBbND0E3SQawWrBx9moVx3_vCZZETn_-oohqN3xQz0XlJvZ7VGpYpkiaU8veYjJIdNARyFQ",
      "e": "AQAB",
      "d": "BZ4JH4zgxwmox-cqGi1fpNO_73kEeB0psK5ZqpPUNnHs-gJrpYDcmB6vJyyayB7HA2hYC-9vbvGhz_6qnyzb8Ge2cjTnKfpk321ju_fDgVOmLOzIg4860G-dB2ndkr9bA2Q4GGkxrYjHrag46vB1FJzHv0KPv6JJzUQw56TCZm3Zq_9v4Db27ZPZsx8hh5VuyFmYOktgxX2BnsZXoiMSCwFmnnz_RSIA1KivD2fJd4H1-HgKB1CaXlxGxORvf0RQEpzkrl44tjHLfMtl1uPT4E80wOxakl3slKZXW0jfFEZZ4d4r4hDVSv6nmFdJCAh2a00BkcXEnv1I8ru99IzzoQ",
      "p": "7uUPvoK3dn-zvDv67MC4MCQMN3WpryBwxrakXsXfNY76skuCigwDkRb4mJg86_XKwuuV0ZYgU33jDNitXENY37SLw9CxowZNKANBNkpoRBt5HRw56NIaTYmT2KPuMQc-m_wveuJ-AFQOTyIAXrZe3DpI1M5HgLCy3FtjBfwUBP0",
      "q": "7YJIu-OoFWRP-u_4pcYZrPYt5Z_2VOkGG-lnGQvD0f4gi8KtSZt1Swzqj9olAvrfL6H1qbHKcC1fDlt-BxyHcStgx8fXlWirpFqv5Pck91zQOnGRFO0ylz2m2PIJ0BMLFW3cjAksJCYUcbWn3ldReP1dsDHdK0K-z5visXOZePk",
      "dp": "RILmuAEu8kn_Vs1w0fMXH59G7aTN7A6GqUZ570AaGncNyJJFNqfpYfPPiZunZRhRdQMxLTE7xhYFRorhdONPmqBhsN-qAhHtkLsWOaavLlEes82DghS3PGNnRisFRYRJXVy-lSRddGSm0eTzbDYrEEea2YTrFqoWMYH37SB08VU",
      "dq": "ENg0oF69BQdgRMPQNrGeEI5FIwv9RHhiXohnL3eOI86KMF9WOuozn2cDG8C070krmw05hxd87AfLvhDvF0IGuRgCfSjHOWl7AuULpImCrah_fCWhzIImHGPa-XfxCjjPiG2KPsRHxSiOOqJPjY1T0ejmRCDFNtQ9BCxiH4O7VsE",
      "qi": "Il2L8OFsHdPXr7vTbIabKYfGg8nBWNbFHCyUYW__e4eTqBF742BXDLsiSNrIA3JbtSwNVxitC_9djPIn2RHMWcZX9rCDDVQ1K9nZqoPgZhmldHpwVU9ANxvwEaJwB2Zi13i5aF8EEj4zH6ByfTrr_6uAAuI5hYC9Co_MXQNblro",
      "kid": "LGxFNt16_EJ7KY-IPlWq0IZJ46BZafiACvHXrsgF8J0"
    }
  ]
}
2021-06-22 22:11:55 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify configuration of second client
2021-06-22 22:11:55 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
woozwftxhY2G20myEgi_s
scope
openid profile
jwks
{
  "keys": [
    {
      "kid": "jQfLvdbMU2XNXhy0TRKH8ajumuBUH4S_ebcbBzW1l34",
      "kty": "RSA",
      "alg": "PS256",
      "p": "_VYnj0d03k1KCL8a6rF6Plz1lE5qv0oQ20gwLrtzZq6M-tYL04BSg2y9r50l8UFCK93jAdk4eN7h8ECs-aYTgXXWOc3thTbDjFMWNcPB232Y-5Sa8UZuOoa319UONKv3c6yGVrGlFhmcMSXH1ZeF6kFKYl5cBBqFSDlUmCsRecU",
      "q": "0d-d-d48wwD5hSsVA9xqwsN2zVIrLszrBmMZkUW8e8jAcf9GgzCnhC70TX5VcHEZSFoqPcDfxhukQsR1zXjBAD7DJGEeLGY69WW5RHILHEHVlxXj-vBZ7mrdVc5wUCkurOQr7lr1U8if1n_feXWJolcteIUeVvz7iXR23EORmU8",
      "d": "Ddh3jboksYLaLyZvuMbJVVUwdnwPONd9bum4vNL04Od7vT2tDQAubrcCnaGWCpEd2amyuMxQdPVXERXUCJMDYhBWQGrV17H7-CbOGORdXGXaOHAj8BIDq4geGGzXKhnJtFuxbA9mFNXhBM1TWKLKikplAhGNNFKfOA5w4ucbf_-YjI5koSldUZxMTkhorzDkcT2_J7VRdxtzoQIFmpyBZi6oLCX12sT75ypwiwQAFNNNQtjfJ0V6aqMOYQT4iDaX_hVR5VsGlw_fRpIbcE0up4QBwSQR0DEj4rEYL3eAkfodY_IvaCMS3cRYePtcv1C80m5oAmtA9nURa-aRxtFROQ",
      "e": "AQAB",
      "qi": "B_zwYgp2BlSsbyWrhB3xiKPE27HUhLOb-b4rfiA9yXNo-aVOKDcNYkJRqdRJz5CCxu-7QZna2lQ8NVJD8W-38OhXBv3bMzzZvbg-NjbA6iiU1XnoZA2jUD9lt-vgf6ZdqDIxmYYSBdU1bd9lqgGjG4PnYOYUxI0y3ZcTMiu0D84",
      "dp": "nCsQF_MkyCU9DkdAgI0HnooPmWz9wQ4XdhX6HdTQPuw7XCW3BJqGQx41kJx_V0mzUPdniSwu89Px0_kKqJsISzYo6VlYolYwFcDiYCJczsGOHQhuu21_ZfTGP_bG2xFnaZdg-PBppEYFUwbHOZQ-qTm2cQ1aC-2NXAh7bZKfI0E",
      "dq": "urA4_YCj-i7OxpepLPMQAMoQztlt0ka0Nc1HfANVg6LzFTSny6EnEh0WciyT4d6pR8P02VPNepMyDbZmt-zXedlaiuzdA0-42HuxTuJHYc5qKehuENVmmf9zfZWSMKxBecfKEE_W9L18-ThsWMWmNcNojlGTyHtnYUE5TfvI818",
      "n": "z7CgrYoh2PMIYRGwJeHFh49efnpUE9jB-M1Lj3r5BOJyiU_Dr-oraZ0NkqyZwuUhJtJgl9IipTmZmfsGwxB2bJ45WYmnb5zWlOAym6eJcvmmQAGppNLs7h2-heKPuq4DwjS46QU5JLyMjMO2_SMMx0bMwb8m10Q8ZGlKjXJ1fQ28d_rtJGeJOMu5MRHt8eQLn3e2nb4E2XRlLrIGlvYcZdgysiwxlceAf2oEdVbiAj6DZ1hs52sFnwbuwwDEQpSIisfkDbNjdAFHzDpLxL_XCMXHDuqs8nUxyBi3T3OBWFLqQGWXCsGdFgtpDPI8SCcNv4FuiW7zxcP2H3fDQ8BQyw"
    }
  ]
}
acr_value
urn:mace:incommon:iap:silver
2021-06-22 22:11:55 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2021-06-22 22:11:55 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIGRTCCBS2gAwIBAgIUXchY+mn/JR3gbk+cT7DUlB4tEVkwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDMyOTE5MzcwMFoXDTIyMDQyOTA1MzcwMFowgYIxCzAJBgNVBAYTAkJSMRUwEwYDVQQKEwxPcGVuIEJhbmtpbmcxLTArBgNVBAsTJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzEtMCsGA1UEAxMkYmVjNzYwNzgtYWZhNi00ZmVlLTg4YzMtNDQ3ODlmZmI4MTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyUGeONs7i8I8GKMEQmI82dGiALXmAd6lO/eKmhRkk0lTDhj4BCoi4/OQUU/+p7D00GXsLFWt7pbgUL64sLUSvLBJ/wEpMHbsgkRZP9iI8ymtVAtjeQMVTg55TQwUEtmnmuLdr7ZA4nxC4LMBTahpNTwZ7qJDsd0nYqthVZlOxBvjEI5NyortRZh3JIKzPv/7KESA6Z7BvxO3THVlm06wMIXYRfr1J5qNe1HJ/tUV8Vj38aE5iMNf3yfCxcXtPMDXXMk7Qq1eH8bIrhFER6wVAV7mDvJ46LBR/VshwQk1GplXLC3U6646rUfBibaGf7WenmuXeeaEb7wsnLV/tDPbwIDAQABo4ICwTCCAr0wDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQzeZf9sI7GcbJ65qtYzxe0SSzRBTAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWZpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAHKDTsK7MdJDfGy2+iqtiiYcL2V6dU6iVGdV8BVQYsOIctOPQIQiL4d/TzZG7XqaCbRQqxqWeS9FvQ5rEKoPReCCUd2F/Yq/+zBBgWCpectvvw3UbfX+cXNMvqCs+v3erxYzo9KLcJ1PVz4oiB0Kt+qq2yBgoWItyzuxEFEkYkOltywbKAzWFHAGyec7T8zLPUZy/q38yjsVJBsIj0otqDe4vXYqDslHLoI7hf5c1TIJPHsIzdnTI11rp/jIUS9F1Veg91qB5ZKCKMsSloEnRt9z3L4Sl3eU7RRPL2bnxcAUcfxMRNpkZK+iDWhIwW0eKgUKCHeBU+xmbXObyNHAu7Q==
key
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHJQZ442zuLwjwYowRCYjzZ0aIAteYB3qU794qaFGSTSVMOGPgEKiLj85BRT/6nsPTQZewsVa3uluBQvriwtRK8sEn/ASkwduyCRFk/2IjzKa1UC2N5AxVODnlNDBQS2aea4t2vtkDifELgswFNqGk1PBnuokOx3Sdiq2FVmU7EG+MQjk3Kiu1FmHckgrM+//soRIDpnsG/E7dMdWWbTrAwhdhF+vUnmo17Ucn+1RXxWPfxoTmIw1/fJ8LFxe08wNdcyTtCrV4fxsiuEURHrBUBXuYO8njosFH9WyHBCTUamVcsLdTrrjqtR8GJtoZ/tZ6ea5d55oRvvCyctX+0M9vAgMBAAECggEAS0Ly7z0ELgAYoMCdrtKrr1GYlk58rDgnW6JLlDtYmLIPJn8pP8UL7bKrgH9rbowR9gUUDvL2kvkbG/70Uj7PfIPB/BqCpsGdBevnZwQdUupFFsD2dml5P7vAJZ9TowTcA4Mhcf8uhOfc8Ty9XjsHXAQd1xXoNm2q5N9ENOAx4d/oU6vbA/C1td7CY4vVZu5jci/3hNsV4zoQoV4+TOlYtFEArtSlYO7OFbHr8XX0Y+lRTCTG/6OPj1Gow6p2bM0Nx/2DvGhB4+RaEZvmFPq5BF8t3VTeedVtWuMQFifmoqGFDS31FeOOMBneS1VpPYHXuo4AVbNpn1lyzVca1iWiAQKBgQD/UNeLLetBHicHvgYvMq8zmdPRuUuw1LHd0BHeQ+w14KShCSMr5AKPWa1K3kMA9U1WKml2OO44xeCjJkKj5lZh45WmlSgLSoWHlVV8uxdC6GZRjZDG1tFsDlGoJPUfCcJlK4Rkm3pScVkWolTMh0cRSjvZUZvh3KBtp3VyirL4XQKBgQDHraW7bv7RDcsMszyNBWxxXIYKKb+5A9IsoiObluPa5Pna5KKD2ejDqVCBi4T/xLmnSPr1KcosLbCSfsKnKdzaJbz1edQhH7ArzP5SFYZKXs2chFsDj0ILTKdKvMROcpe28c20lOP8blyLpMZDntdNfpHlN2t6foOImHK4Uba6OwKBgGkAjXT/EJa6WOD1RMPae3WkWRoSs89o2jHYZdDcbGQIHIziHiXp4yejgQKegD3/pKvAS5lEdqzArM9MZ/HSREqD98MH6u0h2+LUBtGCfGGXBKWbrCQqqvxeszSM5oa6U8mZ6RwbWWZYmYQWhPuM0yyINC7/QjXUr+IJEeNmqY49AoGBAKNUd9c8MHUB6lAmIGZdxFlpzD5t7eRBqt5Vdfjj0NeRKosRL5nYWdwKF88PN6ga251pRdXZ7AR9DwyVYVVpGbza15iXoZvCltENKg4six80Ms1POj9MJEKn3cN1asGcXFsJqTCIBYDLKSoUixRuzkAWQvKShXi6GY9W26fHN0dXAoGAetNJkm4lBix0vhsnfteknNjlRNQmRUwBH8pmOfXUdDAz1vv1jG4kDvGIizQYdcUaM9pTE1etNgEXb/348jPvLBOD5LwDHjxSTDsmbWJ/LCQ6xiWWKS/qQpf1VbZH5UIRzpKFIzBRDveQYlemvkrUsz7tmEUpY3rJI+f79Z+rwkc=
ca
MIIEajCCA1KgAwIBAgIUdIYzEFdw7QJcrySyq6IiEwZfTfAwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJvb3QgU0FOREJPWCAtIEcxMB4XDTIwMTIxMTEwMDAwMFoXDTIzMTIxMTEwMDAwMFowcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fX+272mHX5QAcDaWkVHFWjnDIcORNUJU3OuNyeuOYhlvXJWydrXe3O+cV+PS39faMj/nfem3GfJBE7Xn0bWA/8ksxSfrg1BUBJDge4YBBw+VflI3A0g1fk9wJ3HGInsvV4serRJ/ISJTfs0uRNugX+RrbkT/T0tup4vGd3Kl2sbwUdDjokuJNJHANeODRkQ+ra+9Wht71FBlc07yPf7qtpaWHm6aS3s47OJD35ixkG4xiZuHsScxcVtlo1VW98P2cQfH9H2lll4wWlPTVHpPThB2EYrPhwcxDh8kHkkOHNkyHO/fYM47u7H4VeQV75LXWKa7iWmZg+WhFb8TXSr/wIDAQABo4H/MIH8MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSGf1itF/WCtk60BbP7sM4RQ99MvjAfBgNVHSMEGDAWgBSHE+yWPmLsIRwMSlY68iUM45TpyzBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBy4928pVPeiHItbneeOAsDoc4Obv5Q4tn0QpqTlSeCSBbHIURfEr/WaS8sv0JTbIPQEfiO/UtaN8Qxh7j5iVqTwTwgVaE/vDkHxGOen5YxAuyV1Fpm4W4oQyybiA6puHEBcteuiYZHppGSMus3bmFYTPE+9B0+W914VZeHDujJ2Y3YMc32Q+PC+Zmv8RfaXp7+QCNYSXR5Ts3q3IesWGmlvAM5tLQi75JmzdWXJ1uKU4u3Nrw5jY4UaOlvB5Re2BSmcjxdLT/5pApzkS+tO6lICnPAtk/Y6dOJ0YxQBMImtliYp02yfwRaqP8WJ4CnwUHil3ZRt8U9I+psU8b4WV/3MIIDpjCCAo6gAwIBAgIUS3mWeRx1uG/SMl/ql55VwRtNz7wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJvb3QgU0FOREJPWCAtIEcxMB4XDTIwMTIxMTEwMDAwMFoXDTI1MTIxMDEwMDAwMFowazELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEnMCUGA1UEAxMeT3BlbiBCYW5raW5nIFJvb3QgU0FOREJPWCAtIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp50jjNh0wu8ioziC1HuWqOfgXwxeiePiRGw5tKDqKIbC7XV1ghEcDiymTHHWWJSQ1LEsmYpZVwaos5Mrz2xJwytg8K5eqFqa7QvfOOul29bnzEFk+1gX/0nOYws3Lba9E7S+uPaUmfElF4r2lcCNL2f3F87RozqZf+DQBdGUzAt9n+ipY1JpqfI3KF/5qgRkPoIfJD+aj2Y1D6eYjs5uMRLU8FMYt0CCfv/Ak6mq4Y9/7CaMKp5qjlrrDux00IDpxoXGKx5cK0KgACb2UBZ98oDQxcGrbRIyp8VGmv68BkEQcm7NljP863uBVxtnVTpRwQ1xwYEbmSSyoonXy575wQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUhxPslj5i7CEcDEpWOvIlDOOU6cswDQYJKoZIhvcNAQELBQADggEBAFoYqwoH7zvr4v0SQ/hWx/bWFRIcV/Rf6rEWGyT/moVAEjPbGH6tyHhbxh3RdGcPY7Pzn797lXDGRu0pHv+GAHUA1v1PewCp0IHYukmN5D8+Qumem6byHyONyUASMlY0lUOzx9mHVBMuj6u6kvn9xjL6xsPS+Cglv/3SUXUR0mMCYf963xnFBIRLTRlbykgJomUptVl/F5U/+8cD+lB/fcZPoQVI0kK0VV51jAODSIhS6vqzQzH4cpUmcPh4dy+7RzdTTktxOTXTqAy9/Yx+fk18O9qSQw1MKa9dDZ4YLnAQS2fJJqIE1DXIta0LpqM4pMoRMXvp9SLU0atVZLEu6Sc=
2021-06-22 22:11:55 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2021-06-22 22:11:55 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kid": "jQfLvdbMU2XNXhy0TRKH8ajumuBUH4S_ebcbBzW1l34",
      "kty": "RSA",
      "alg": "PS256",
      "p": "_VYnj0d03k1KCL8a6rF6Plz1lE5qv0oQ20gwLrtzZq6M-tYL04BSg2y9r50l8UFCK93jAdk4eN7h8ECs-aYTgXXWOc3thTbDjFMWNcPB232Y-5Sa8UZuOoa319UONKv3c6yGVrGlFhmcMSXH1ZeF6kFKYl5cBBqFSDlUmCsRecU",
      "q": "0d-d-d48wwD5hSsVA9xqwsN2zVIrLszrBmMZkUW8e8jAcf9GgzCnhC70TX5VcHEZSFoqPcDfxhukQsR1zXjBAD7DJGEeLGY69WW5RHILHEHVlxXj-vBZ7mrdVc5wUCkurOQr7lr1U8if1n_feXWJolcteIUeVvz7iXR23EORmU8",
      "d": "Ddh3jboksYLaLyZvuMbJVVUwdnwPONd9bum4vNL04Od7vT2tDQAubrcCnaGWCpEd2amyuMxQdPVXERXUCJMDYhBWQGrV17H7-CbOGORdXGXaOHAj8BIDq4geGGzXKhnJtFuxbA9mFNXhBM1TWKLKikplAhGNNFKfOA5w4ucbf_-YjI5koSldUZxMTkhorzDkcT2_J7VRdxtzoQIFmpyBZi6oLCX12sT75ypwiwQAFNNNQtjfJ0V6aqMOYQT4iDaX_hVR5VsGlw_fRpIbcE0up4QBwSQR0DEj4rEYL3eAkfodY_IvaCMS3cRYePtcv1C80m5oAmtA9nURa-aRxtFROQ",
      "e": "AQAB",
      "qi": "B_zwYgp2BlSsbyWrhB3xiKPE27HUhLOb-b4rfiA9yXNo-aVOKDcNYkJRqdRJz5CCxu-7QZna2lQ8NVJD8W-38OhXBv3bMzzZvbg-NjbA6iiU1XnoZA2jUD9lt-vgf6ZdqDIxmYYSBdU1bd9lqgGjG4PnYOYUxI0y3ZcTMiu0D84",
      "dp": "nCsQF_MkyCU9DkdAgI0HnooPmWz9wQ4XdhX6HdTQPuw7XCW3BJqGQx41kJx_V0mzUPdniSwu89Px0_kKqJsISzYo6VlYolYwFcDiYCJczsGOHQhuu21_ZfTGP_bG2xFnaZdg-PBppEYFUwbHOZQ-qTm2cQ1aC-2NXAh7bZKfI0E",
      "dq": "urA4_YCj-i7OxpepLPMQAMoQztlt0ka0Nc1HfANVg6LzFTSny6EnEh0WciyT4d6pR8P02VPNepMyDbZmt-zXedlaiuzdA0-42HuxTuJHYc5qKehuENVmmf9zfZWSMKxBecfKEE_W9L18-ThsWMWmNcNojlGTyHtnYUE5TfvI818",
      "n": "z7CgrYoh2PMIYRGwJeHFh49efnpUE9jB-M1Lj3r5BOJyiU_Dr-oraZ0NkqyZwuUhJtJgl9IipTmZmfsGwxB2bJ45WYmnb5zWlOAym6eJcvmmQAGppNLs7h2-heKPuq4DwjS46QU5JLyMjMO2_SMMx0bMwb8m10Q8ZGlKjXJ1fQ28d_rtJGeJOMu5MRHt8eQLn3e2nb4E2XRlLrIGlvYcZdgysiwxlceAf2oEdVbiAj6DZ1hs52sFnwbuwwDEQpSIisfkDbNjdAFHzDpLxL_XCMXHDuqs8nUxyBi3T3OBWFLqQGWXCsGdFgtpDPI8SCcNv4FuiW7zxcP2H3fDQ8BQyw"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "jQfLvdbMU2XNXhy0TRKH8ajumuBUH4S_ebcbBzW1l34",
      "alg": "PS256",
      "n": "z7CgrYoh2PMIYRGwJeHFh49efnpUE9jB-M1Lj3r5BOJyiU_Dr-oraZ0NkqyZwuUhJtJgl9IipTmZmfsGwxB2bJ45WYmnb5zWlOAym6eJcvmmQAGppNLs7h2-heKPuq4DwjS46QU5JLyMjMO2_SMMx0bMwb8m10Q8ZGlKjXJ1fQ28d_rtJGeJOMu5MRHt8eQLn3e2nb4E2XRlLrIGlvYcZdgysiwxlceAf2oEdVbiAj6DZ1hs52sFnwbuwwDEQpSIisfkDbNjdAFHzDpLxL_XCMXHDuqs8nUxyBi3T3OBWFLqQGWXCsGdFgtpDPI8SCcNv4FuiW7zxcP2H3fDQ8BQyw"
    }
  ]
}
2021-06-22 22:11:55 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2021-06-22 22:11:55 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-06-22 22:11:55 SUCCESS
FAPICheckKeyAlgInClientJWKs
Keys in client JWKS all have permitted 'alg'
permitted
[
  "PS256",
  "ES256"
]
2021-06-22 22:11:55 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kid": "jQfLvdbMU2XNXhy0TRKH8ajumuBUH4S_ebcbBzW1l34",
      "kty": "RSA",
      "alg": "PS256",
      "p": "_VYnj0d03k1KCL8a6rF6Plz1lE5qv0oQ20gwLrtzZq6M-tYL04BSg2y9r50l8UFCK93jAdk4eN7h8ECs-aYTgXXWOc3thTbDjFMWNcPB232Y-5Sa8UZuOoa319UONKv3c6yGVrGlFhmcMSXH1ZeF6kFKYl5cBBqFSDlUmCsRecU",
      "q": "0d-d-d48wwD5hSsVA9xqwsN2zVIrLszrBmMZkUW8e8jAcf9GgzCnhC70TX5VcHEZSFoqPcDfxhukQsR1zXjBAD7DJGEeLGY69WW5RHILHEHVlxXj-vBZ7mrdVc5wUCkurOQr7lr1U8if1n_feXWJolcteIUeVvz7iXR23EORmU8",
      "d": "Ddh3jboksYLaLyZvuMbJVVUwdnwPONd9bum4vNL04Od7vT2tDQAubrcCnaGWCpEd2amyuMxQdPVXERXUCJMDYhBWQGrV17H7-CbOGORdXGXaOHAj8BIDq4geGGzXKhnJtFuxbA9mFNXhBM1TWKLKikplAhGNNFKfOA5w4ucbf_-YjI5koSldUZxMTkhorzDkcT2_J7VRdxtzoQIFmpyBZi6oLCX12sT75ypwiwQAFNNNQtjfJ0V6aqMOYQT4iDaX_hVR5VsGlw_fRpIbcE0up4QBwSQR0DEj4rEYL3eAkfodY_IvaCMS3cRYePtcv1C80m5oAmtA9nURa-aRxtFROQ",
      "e": "AQAB",
      "qi": "B_zwYgp2BlSsbyWrhB3xiKPE27HUhLOb-b4rfiA9yXNo-aVOKDcNYkJRqdRJz5CCxu-7QZna2lQ8NVJD8W-38OhXBv3bMzzZvbg-NjbA6iiU1XnoZA2jUD9lt-vgf6ZdqDIxmYYSBdU1bd9lqgGjG4PnYOYUxI0y3ZcTMiu0D84",
      "dp": "nCsQF_MkyCU9DkdAgI0HnooPmWz9wQ4XdhX6HdTQPuw7XCW3BJqGQx41kJx_V0mzUPdniSwu89Px0_kKqJsISzYo6VlYolYwFcDiYCJczsGOHQhuu21_ZfTGP_bG2xFnaZdg-PBppEYFUwbHOZQ-qTm2cQ1aC-2NXAh7bZKfI0E",
      "dq": "urA4_YCj-i7OxpepLPMQAMoQztlt0ka0Nc1HfANVg6LzFTSny6EnEh0WciyT4d6pR8P02VPNepMyDbZmt-zXedlaiuzdA0-42HuxTuJHYc5qKehuENVmmf9zfZWSMKxBecfKEE_W9L18-ThsWMWmNcNojlGTyHtnYUE5TfvI818",
      "n": "z7CgrYoh2PMIYRGwJeHFh49efnpUE9jB-M1Lj3r5BOJyiU_Dr-oraZ0NkqyZwuUhJtJgl9IipTmZmfsGwxB2bJ45WYmnb5zWlOAym6eJcvmmQAGppNLs7h2-heKPuq4DwjS46QU5JLyMjMO2_SMMx0bMwb8m10Q8ZGlKjXJ1fQ28d_rtJGeJOMu5MRHt8eQLn3e2nb4E2XRlLrIGlvYcZdgysiwxlceAf2oEdVbiAj6DZ1hs52sFnwbuwwDEQpSIisfkDbNjdAFHzDpLxL_XCMXHDuqs8nUxyBi3T3OBWFLqQGWXCsGdFgtpDPI8SCcNv4FuiW7zxcP2H3fDQ8BQyw"
    }
  ]
}
2021-06-22 22:11:55 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2021-06-22 22:11:55 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me
resourceUrlAccountRequests
https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me
resourceUrlAccountsResource
https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me
institution_id
1234567890
2021-06-22 22:11:55 SUCCESS
SetProtectedResourceUrlToSingleResourceEndpoint
Set protected resource URL
protected_resource_url
https://matls-auth.sandbox.directory.openbankingbrasil.org.br/me
2021-06-22 22:11:55 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "matls-auth.sandbox.directory.openbankingbrasil.org.br",
  "testPort": 443
}
2021-06-22 22:11:55 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "matls-auth.sandbox.directory.openbankingbrasil.org.br",
  "testPort": 443
}
accounts_request_endpoint
{
  "testHost": "matls-auth.sandbox.directory.openbankingbrasil.org.br",
  "testPort": 443
}
2021-06-22 22:11:55
fapi1-advanced-final-ensure-request-object-without-nbf-fails
Setup Done
Make request to authorization endpoint
2021-06-22 22:11:55 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
yQx5B3YzgvrVhdnXqeJuV
redirect_uri
https://www.certification.openid.net/test/a/obbsb/callback
scope
openid profile
2021-06-22 22:11:55 SUCCESS
AddAcrClaimToAuthorizationEndpointRequest
Added acr claim to authorization_endpoint_request
authorization_endpoint_request
{
  "client_id": "yQx5B3YzgvrVhdnXqeJuV",
  "redirect_uri": "https://www.certification.openid.net/test/a/obbsb/callback",
  "scope": "openid profile",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  }
}
2021-06-22 22:11:55
CreateRandomStateValue
Created state value
requested_state_length
10
state
xONExOFL6w
2021-06-22 22:11:55 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
yQx5B3YzgvrVhdnXqeJuV
redirect_uri
https://www.certification.openid.net/test/a/obbsb/callback
scope
openid profile
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
xONExOFL6w
2021-06-22 22:11:55
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
wY8iKKRyQe
2021-06-22 22:11:55 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
yQx5B3YzgvrVhdnXqeJuV
redirect_uri
https://www.certification.openid.net/test/a/obbsb/callback
scope
openid profile
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
xONExOFL6w
nonce
wY8iKKRyQe
2021-06-22 22:11:55 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCodeIdtoken
Added response_type parameter to request
client_id
yQx5B3YzgvrVhdnXqeJuV
redirect_uri
https://www.certification.openid.net/test/a/obbsb/callback
scope
openid profile
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
xONExOFL6w
nonce
wY8iKKRyQe
response_type
code id_token
2021-06-22 22:11:55 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "yQx5B3YzgvrVhdnXqeJuV",
  "redirect_uri": "https://www.certification.openid.net/test/a/obbsb/callback",
  "scope": "openid profile",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "state": "xONExOFL6w",
  "nonce": "wY8iKKRyQe",
  "response_type": "code id_token"
}
2021-06-22 22:11:55
AddNbfToRequestObject
NOT adding nbf to request object
2021-06-22 22:11:55 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.624400215E9
2021-06-22 22:11:55 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://auth.sandbox.directory.openbankingbrasil.org.br
2021-06-22 22:11:55 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
yQx5B3YzgvrVhdnXqeJuV
2021-06-22 22:11:55 SUCCESS
AddClientIdToRequestObject
Added client_id to request object claims
client_id
yQx5B3YzgvrVhdnXqeJuV
2021-06-22 22:11:55 SUCCESS
SignRequestObject
Signed the request object
claims
{"aud":"https:\/\/auth.sandbox.directory.openbankingbrasil.org.br","scope":"openid profile","claims":{"id_token":{"acr":{"value":"urn:mace:incommon:iap:silver","essential":true}}},"iss":"yQx5B3YzgvrVhdnXqeJuV","response_type":"code id_token","redirect_uri":"https:\/\/www.certification.openid.net\/test\/a\/obbsb\/callback","state":"xONExOFL6w","exp":1624400215,"nonce":"wY8iKKRyQe","client_id":"yQx5B3YzgvrVhdnXqeJuV"}
header
{"kid":"LGxFNt16_EJ7KY-IPlWq0IZJ46BZafiACvHXrsgF8J0","alg":"PS256"}
request_object
eyJraWQiOiJMR3hGTnQxNl9FSjdLWS1JUGxXcTBJWko0NkJaYWZpQUN2SFhyc2dGOEowIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvYXV0aC5zYW5kYm94LmRpcmVjdG9yeS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIiLCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6InlReDVCM1l6Z3ZyVmhkblhxZUp1ViIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL29iYnNiXC9jYWxsYmFjayIsInN0YXRlIjoieE9ORXhPRkw2dyIsImV4cCI6MTYyNDQwMDIxNSwibm9uY2UiOiJ3WThpS0tSeVFlIiwiY2xpZW50X2lkIjoieVF4NUIzWXpndnJWaGRuWHFlSnVWIn0.u7C8oF08QFNTm4hJlipnpOVev2daIeTY8Bk7p0W--WSKUXl-nl4iUYq0--vbkaRC4qa8uNOngQwhU6WhnhewjmRDAyOfZN9hHp0CMfcRRgrueMZ3lEEog_QRPg1GlC1PMY0W4FG1ePEFU1QXQ6DRy54Skd_xOtBB-SA94-tZK7_gA7-bZL1a_AvFr6-kje22YaU6bv1SQFwgoFbDOr1u3EKMMs5oEE5-9Sd79pxPl691Axq3BZ0yFNSAKW0LCmXNZQU-cnhWzKlJwfXx7KadmldhOyvZQjvycE9aLqV-V3mLDxKCuWPEFiVbSRzZZQeCX8edLPrp_sWK5l8kDgEoRA
key
{"p":"7uUPvoK3dn-zvDv67MC4MCQMN3WpryBwxrakXsXfNY76skuCigwDkRb4mJg86_XKwuuV0ZYgU33jDNitXENY37SLw9CxowZNKANBNkpoRBt5HRw56NIaTYmT2KPuMQc-m_wveuJ-AFQOTyIAXrZe3DpI1M5HgLCy3FtjBfwUBP0","kty":"RSA","q":"7YJIu-OoFWRP-u_4pcYZrPYt5Z_2VOkGG-lnGQvD0f4gi8KtSZt1Swzqj9olAvrfL6H1qbHKcC1fDlt-BxyHcStgx8fXlWirpFqv5Pck91zQOnGRFO0ylz2m2PIJ0BMLFW3cjAksJCYUcbWn3ldReP1dsDHdK0K-z5visXOZePk","d":"BZ4JH4zgxwmox-cqGi1fpNO_73kEeB0psK5ZqpPUNnHs-gJrpYDcmB6vJyyayB7HA2hYC-9vbvGhz_6qnyzb8Ge2cjTnKfpk321ju_fDgVOmLOzIg4860G-dB2ndkr9bA2Q4GGkxrYjHrag46vB1FJzHv0KPv6JJzUQw56TCZm3Zq_9v4Db27ZPZsx8hh5VuyFmYOktgxX2BnsZXoiMSCwFmnnz_RSIA1KivD2fJd4H1-HgKB1CaXlxGxORvf0RQEpzkrl44tjHLfMtl1uPT4E80wOxakl3slKZXW0jfFEZZ4d4r4hDVSv6nmFdJCAh2a00BkcXEnv1I8ru99IzzoQ","e":"AQAB","kid":"LGxFNt16_EJ7KY-IPlWq0IZJ46BZafiACvHXrsgF8J0","qi":"Il2L8OFsHdPXr7vTbIabKYfGg8nBWNbFHCyUYW__e4eTqBF742BXDLsiSNrIA3JbtSwNVxitC_9djPIn2RHMWcZX9rCDDVQ1K9nZqoPgZhmldHpwVU9ANxvwEaJwB2Zi13i5aF8EEj4zH6ByfTrr_6uAAuI5hYC9Co_MXQNblro","dp":"RILmuAEu8kn_Vs1w0fMXH59G7aTN7A6GqUZ570AaGncNyJJFNqfpYfPPiZunZRhRdQMxLTE7xhYFRorhdONPmqBhsN-qAhHtkLsWOaavLlEes82DghS3PGNnRisFRYRJXVy-lSRddGSm0eTzbDYrEEea2YTrFqoWMYH37SB08VU","alg":"PS256","dq":"ENg0oF69BQdgRMPQNrGeEI5FIwv9RHhiXohnL3eOI86KMF9WOuozn2cDG8C070krmw05hxd87AfLvhDvF0IGuRgCfSjHOWl7AuULpImCrah_fCWhzIImHGPa-XfxCjjPiG2KPsRHxSiOOqJPjY1T0ejmRCDFNtQ9BCxiH4O7VsE","n":"3aOjxR_0Rgok7BwNJziJM4nAEqRJiZN3bAwTQR3eIouMFreprcauT7mbfUP2P25fld0Vd13DpE5pXQK3Ey984ZV6NToB_DuffabJfsRF1QXvIoR1zbdPoW8KfA23CilEs0g0f9A8OHren1lTj2SlYsWkdN-ioYcUbgsfkedYzfSfMWtDBAR7LLoWQwtA83iurXk9R4AfS-9F7KN_SmymxeR4c4qRjhVxvhc1aC_Sx-MMDLLcIBik_h9LUQWwFRjHE4zhLMnPigWKpZeBBbND0E3SQawWrBx9moVx3_vCZZETn_-oohqN3xQz0XlJvZ7VGpYpkiaU8veYjJIdNARyFQ"}
2021-06-22 22:11:55 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://auth.sandbox.directory.openbankingbrasil.org.br/auth?request=eyJraWQiOiJMR3hGTnQxNl9FSjdLWS1JUGxXcTBJWko0NkJaYWZpQUN2SFhyc2dGOEowIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvYXV0aC5zYW5kYm94LmRpcmVjdG9yeS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIiLCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6InlReDVCM1l6Z3ZyVmhkblhxZUp1ViIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL29iYnNiXC9jYWxsYmFjayIsInN0YXRlIjoieE9ORXhPRkw2dyIsImV4cCI6MTYyNDQwMDIxNSwibm9uY2UiOiJ3WThpS0tSeVFlIiwiY2xpZW50X2lkIjoieVF4NUIzWXpndnJWaGRuWHFlSnVWIn0.u7C8oF08QFNTm4hJlipnpOVev2daIeTY8Bk7p0W--WSKUXl-nl4iUYq0--vbkaRC4qa8uNOngQwhU6WhnhewjmRDAyOfZN9hHp0CMfcRRgrueMZ3lEEog_QRPg1GlC1PMY0W4FG1ePEFU1QXQ6DRy54Skd_xOtBB-SA94-tZK7_gA7-bZL1a_AvFr6-kje22YaU6bv1SQFwgoFbDOr1u3EKMMs5oEE5-9Sd79pxPl691Axq3BZ0yFNSAKW0LCmXNZQU-cnhWzKlJwfXx7KadmldhOyvZQjvycE9aLqV-V3mLDxKCuWPEFiVbSRzZZQeCX8edLPrp_sWK5l8kDgEoRA&client_id=yQx5B3YzgvrVhdnXqeJuV&redirect_uri=https://www.certification.openid.net/test/a/obbsb/callback&scope=openid%20profile&response_type=code%20id_token
2021-06-22 22:11:55 REDIRECT
fapi1-advanced-final-ensure-request-object-without-nbf-fails
Redirecting to authorization endpoint
redirect_to
https://auth.sandbox.directory.openbankingbrasil.org.br/auth?request=eyJraWQiOiJMR3hGTnQxNl9FSjdLWS1JUGxXcTBJWko0NkJaYWZpQUN2SFhyc2dGOEowIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvYXV0aC5zYW5kYm94LmRpcmVjdG9yeS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIiLCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sImlzcyI6InlReDVCM1l6Z3ZyVmhkblhxZUp1ViIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL29iYnNiXC9jYWxsYmFjayIsInN0YXRlIjoieE9ORXhPRkw2dyIsImV4cCI6MTYyNDQwMDIxNSwibm9uY2UiOiJ3WThpS0tSeVFlIiwiY2xpZW50X2lkIjoieVF4NUIzWXpndnJWaGRuWHFlSnVWIn0.u7C8oF08QFNTm4hJlipnpOVev2daIeTY8Bk7p0W--WSKUXl-nl4iUYq0--vbkaRC4qa8uNOngQwhU6WhnhewjmRDAyOfZN9hHp0CMfcRRgrueMZ3lEEog_QRPg1GlC1PMY0W4FG1ePEFU1QXQ6DRy54Skd_xOtBB-SA94-tZK7_gA7-bZL1a_AvFr6-kje22YaU6bv1SQFwgoFbDOr1u3EKMMs5oEE5-9Sd79pxPl691Axq3BZ0yFNSAKW0LCmXNZQU-cnhWzKlJwfXx7KadmldhOyvZQjvycE9aLqV-V3mLDxKCuWPEFiVbSRzZZQeCX8edLPrp_sWK5l8kDgEoRA&client_id=yQx5B3YzgvrVhdnXqeJuV&redirect_uri=https://www.certification.openid.net/test/a/obbsb/callback&scope=openid%20profile&response_type=code%20id_token
2021-06-22 22:11:55 REVIEW
ExpectRequestObjectMissingNbfClaimErrorPage
If the server does not return an invalid_request_object error back to the client, it must show an error page saying the request object is invalid as it is missing the 'nbf' claim - upload a screenshot of the error page.
image_no_longer_required
true
2021-06-22 22:12:04 INCOMING
fapi1-advanced-final-ensure-request-object-without-nbf-fails
Incoming HTTP request to test instance dpTj40By2AmnmEn
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.106 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not;A Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"91\", \"Chromium\";v\u003d\"91\"",
  "sec-ch-ua-mobile": "?0",
  "referer": "https://www.certification.openid.net/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9",
  "cookie": "_ga\u003dGA1.2.862760106.1580310270; expected_tab\u003dmicrosoftonline; welcome_info_name\u003dRalph%20Bragg; __utmc\u003d201319536; __utmz\u003d201319536.1624048729.6.3.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); _gid\u003dGA1.2.107873650.1624392186; _gd1624392194036\u003d_gd1624392194036; _gd1624392194037\u003d_gd1624392194037; JSESSIONID\u003d536B93A15D1764122A04243B32E3CF79; __utma\u003d201319536.862760106.1580310270.1624394084.1624397289.9",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
callback
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-06-22 22:12:04 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/HBjpKjTHgbsBzmWESV6t",
  "fullUrl": "https://www.certification.openid.net/test/a/obbsb/implicit/HBjpKjTHgbsBzmWESV6t"
}
2021-06-22 22:12:04 OUTGOING
fapi1-advanced-final-ensure-request-object-without-nbf-fails
Response to HTTP request to test instance dpTj40By2AmnmEn
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/obbsb/implicit/HBjpKjTHgbsBzmWESV6t, returnUrl=/log-detail.html?log=dpTj40By2AmnmEn}]
outgoing_path
callback
2021-06-22 22:12:04 INCOMING
fapi1-advanced-final-ensure-request-object-without-nbf-fails
Incoming HTTP request to test instance dpTj40By2AmnmEn
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\" Not;A Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"91\", \"Chromium\";v\u003d\"91\"",
  "accept": "*/*",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.106 Safari/537.36",
  "content-type": "text/plain",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/obbsb/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9",
  "cookie": "_ga\u003dGA1.2.862760106.1580310270; expected_tab\u003dmicrosoftonline; welcome_info_name\u003dRalph%20Bragg; __utmc\u003d201319536; __utmz\u003d201319536.1624048729.6.3.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); _gid\u003dGA1.2.107873650.1624392186; _gd1624392194036\u003d_gd1624392194036; _gd1624392194037\u003d_gd1624392194037; JSESSIONID\u003d536B93A15D1764122A04243B32E3CF79; __utma\u003d201319536.862760106.1580310270.1624394084.1624397289.9",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "content-length": "118",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/HBjpKjTHgbsBzmWESV6t
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
#error=invalid_request_object&error_description=Request%20Object%20is%20missing%20the%20'nbf'%20claim&state=xONExOFL6w
2021-06-22 22:12:04 OUTGOING
fapi1-advanced-final-ensure-request-object-without-nbf-fails
Response to HTTP request to test instance dpTj40By2AmnmEn
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/HBjpKjTHgbsBzmWESV6t
2021-06-22 22:12:04
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "error",
    "value": "invalid_request_object"
  },
  {
    "name": "error_description",
    "value": "Request Object is missing the \u0027nbf\u0027 claim"
  },
  {
    "name": "state",
    "value": "xONExOFL6w"
  }
]
2021-06-22 22:12:04 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
error
invalid_request_object
error_description
Request Object is missing the 'nbf' claim
state
xONExOFL6w
2021-06-22 22:12:04 REDIRECT-IN
fapi1-advanced-final-ensure-request-object-without-nbf-fails
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.106 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not;A Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"91\", \"Chromium\";v\u003d\"91\"",
  "sec-ch-ua-mobile": "?0",
  "referer": "https://www.certification.openid.net/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q\u003d0.9",
  "cookie": "_ga\u003dGA1.2.862760106.1580310270; expected_tab\u003dmicrosoftonline; welcome_info_name\u003dRalph%20Bragg; __utmc\u003d201319536; __utmz\u003d201319536.1624048729.6.3.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); _gid\u003dGA1.2.107873650.1624392186; _gd1624392194036\u003d_gd1624392194036; _gd1624392194037\u003d_gd1624392194037; JSESSIONID\u003d536B93A15D1764122A04243B32E3CF79; __utma\u003d201319536.862760106.1580310270.1624394084.1624397289.9",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "connection": "close",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "error": "invalid_request_object",
  "error_description": "Request Object is missing the \u0027nbf\u0027 claim",
  "state": "xONExOFL6w"
}
post_body
Verify authorization endpoint response
2021-06-22 22:12:04 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2021-06-22 22:12:04 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2021-06-22 22:12:04 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
xONExOFL6w
2021-06-22 22:12:04 SUCCESS
EnsureErrorFromAuthorizationEndpointResponse
Authorization endpoint returned an error
error
invalid_request_object
error_description
Request Object is missing the 'nbf' claim
state
xONExOFL6w
2021-06-22 22:12:04 SUCCESS
CheckForUnexpectedParametersInErrorResponseFromAuthorizationEndpoint
error response includes only expected parameters
error
invalid_request_object
error_description
Request Object is missing the 'nbf' claim
state
xONExOFL6w
2021-06-22 22:12:04 SUCCESS
EnsureInvalidRequestInvalidRequestObjectInvalidRequestUriOrAccessDeniedError
Authorization endpoint returned an expected 'error'
permitted
[
  "invalid_request",
  "invalid_request_object",
  "invalid_request_uri",
  "access_denied"
]
error
invalid_request_object
2021-06-22 22:12:04 FINISHED
fapi1-advanced-final-ensure-request-object-without-nbf-fails
Test has run to completion
testmodule_result
PASSED
2021-06-22 22:12:07
TEST-RUNNER
Alias has now been claimed by another test
alias
obbsb
new_test_id
sLjXsK5a1ZQUpUJ
Test Results