Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-12-02 02:58:35 INFO
TEST-RUNNER
Test instance ZVAVNGFFg7Bhgar created
baseUrl
https://www.certification.openid.net/test/a/recepcao-bv
variant
{
  "client_auth_type": "mtls",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "openbanking_brazil",
  "fapi_jarm_type": "oidc",
  "fapi_response_mode": "plain_response"
}
alias
recepcao-bv
description
Banco Votorantim - Relying Party
planId
ceLQi6m96ulza
config
{
  "alias": "recepcao-bv",
  "description": "Banco Votorantim - Relying Party",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
          "kty": "RSA",
          "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
          "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "RSA-OAEP",
          "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
          "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
          "alg": "RSA-OAEP",
          "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
          "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
        },
        {
          "kty": "RSA",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB",
          "alg": "PS256",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
          "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
          "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
          "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
          "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
          "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo"
        }
      ]
    }
  },
  "client": {
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "certificate": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB"
        }
      ]
    }
  },
  "client2": {
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "certificate": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB"
        },
        {
          "e": "AQAB",
          "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
          "kty": "RSA",
          "kid": "RSA-OAEP",
          "alg": "RSA-OAEP",
          "use": "enc"
        }
      ]
    },
    "id_token_encrypted_response_enc": "A256GCM"
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-test-invalid-shash
2021-12-02 02:58:35 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/recepcao-bv/
discoveryUrl
https://www.certification.openid.net/test/a/recepcao-bv/.well-known/openid-configuration
2021-12-02 02:58:35 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
      "kty": "RSA",
      "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
      "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo",
      "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
      "alg": "PS256",
      "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-02 02:58:35 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-02 02:58:35
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2021-12-02 02:58:35
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2021-12-02 02:58:35
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2021-12-02 02:58:35
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2021-12-02 02:58:35 SUCCESS
AddTLSClientAuthToServerConfiguration
Added tls_client_auth for token_endpoint_auth_methods_supported
2021-12-02 02:58:35 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2021-12-02 02:58:35 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2021-12-02 02:58:35 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-12-02 02:58:35 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
      "kty": "RSA",
      "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
      "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo",
      "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
      "alg": "PS256",
      "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-02 02:58:35 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2021-12-02 02:58:35 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
r3-1Pzx4eZFejFKvrCef_
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
certificate
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
2021-12-02 02:58:35 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-02 02:58:35 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-02 02:58:35 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-02 02:58:35 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-02 02:58:35 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
Verify configuration of second client
2021-12-02 02:58:35 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
r3-1Pzx4eZFejFKvrCef_
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
id_token_encrypted_response_alg
RSA-OAEP
certificate
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
id_token_encrypted_response_enc
A256GCM
2021-12-02 02:58:35 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-02 02:58:35 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    }
  ]
}
2021-12-02 02:58:35 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-02 02:58:35 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-02 02:58:35 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
2021-12-02 02:58:35
fapi1-advanced-final-client-test-invalid-shash
Setup Done
2021-12-02 02:58:57 INCOMING
fapi1-advanced-final-client-test-invalid-shash
Incoming HTTP request to test instance ZVAVNGFFg7Bhgar
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-02 02:58:57 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-02 02:58:57 OUTGOING
fapi1-advanced-final-client-test-invalid-shash
Response to HTTP request to test instance ZVAVNGFFg7Bhgar
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "tls_client_auth"
  ],
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-02 02:58:59 INCOMING
fapi1-advanced-final-client-test-invalid-shash
Incoming HTTP request to test instance ZVAVNGFFg7Bhgar
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-02 02:58:59 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-02 02:58:59 OUTGOING
fapi1-advanced-final-client-test-invalid-shash
Response to HTTP request to test instance ZVAVNGFFg7Bhgar
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "tls_client_auth"
  ],
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-02 02:58:59 INCOMING
fapi1-advanced-final-client-test-invalid-shash
Incoming HTTP request to test instance ZVAVNGFFg7Bhgar
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "76",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "grant_type": "client_credentials",
  "scope": "consents"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
client_id=r3-1Pzx4eZFejFKvrCef_&grant_type=client_credentials&scope=consents
2021-12-02 02:58:59 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-02 02:58:59 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-02 02:58:59 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-02 02:58:59 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-02 02:58:59 SUCCESS
EnsureNoClientAssertionSentToTokenEndpoint
Client did not send a client_assertion to token endpoint
2021-12-02 02:58:59 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'consents' scope in request
actual
[
  "consents"
]
expected
consents
2021-12-02 02:58:59 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
LDDGvHJ0AW0jOIfW7DY1gDK72rbrgEoTaoaUo7evWjXXzLZ4gf
2021-12-02 02:58:59 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
LDDGvHJ0AW0jOIfW7DY1gDK72rbrgEoTaoaUo7evWjXXzLZ4gf
token_type
Bearer
2021-12-02 02:58:59
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2021-12-02 02:58:59 OUTGOING
fapi1-advanced-final-client-test-invalid-shash
Response to HTTP request to test instance ZVAVNGFFg7Bhgar
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "LDDGvHJ0AW0jOIfW7DY1gDK72rbrgEoTaoaUo7evWjXXzLZ4gf",
  "token_type": "Bearer"
}
outgoing_path
token
2021-12-02 02:59:02 INCOMING
fapi1-advanced-final-client-test-invalid-shash
Incoming HTTP request to test instance ZVAVNGFFg7Bhgar
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/json",
  "authorization": "Bearer LDDGvHJ0AW0jOIfW7DY1gDK72rbrgEoTaoaUo7evWjXXzLZ4gf",
  "x-fapi-interaction-id": "937852e8-2920-4e1d-ae35-339196400da7",
  "content-length": "370",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/consents/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
{
  "data": {
    "loggedUser": {
      "document": {
        "identification": "05159823697",
        "rel": "CPF"
      }
    },
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "ACCOUNTS_OVERDRAFT_LIMITS_READ",
      "ACCOUNTS_TRANSACTIONS_READ"
    ],
    "expirationDateTime": "2022-11-30T08:30:00Z",
    "transactionFromDateTime": "2021-11-30T00:00:00Z",
    "transactionToDateTime": "2021-11-30T23:59:59Z"
  }
}
incoming_query_string_params
{}
incoming_body
                {"data":{"loggedUser":{"document":{"identification":"05159823697","rel":"CPF"}},"permissions":["ACCOUNTS_READ","ACCOUNTS_BALANCES_READ","ACCOUNTS_OVERDRAFT_LIMITS_READ","ACCOUNTS_TRANSACTIONS_READ"],"expirationDateTime":"2022-11-30T08:30:00Z","transactionFromDateTime":"2021-11-30T00:00:00Z","transactionToDateTime":"2021-11-30T23:59:59Z"}}
            
2021-12-02 02:59:02 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2021-12-02 02:59:02 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-02 02:59:02 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-02 02:59:02 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-02 02:59:02 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2021-12-02 02:59:02 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-02 02:59:02 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
LDDGvHJ0AW0jOIfW7DY1gDK72rbrgEoTaoaUo7evWjXXzLZ4gf
2021-12-02 02:59:02 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
LDDGvHJ0AW0jOIfW7DY1gDK72rbrgEoTaoaUo7evWjXXzLZ4gf
2021-12-02 02:59:02 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2021-12-02 02:59:02 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2021-12-02 02:59:02 SUCCESS
ExtractFapiInteractionIdHeader
Found a FAPI interaction ID header
fapi_interaction_id
937852e8-2920-4e1d-ae35-339196400da7
2021-12-02 02:59:02 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedConsents
The token request which was used to obtain the access token contained 'consents' scope
actual
[
  "consents"
]
2021-12-02 02:59:02
FAPIBrazilExtractConsentRequest
Condition ran but did not log anything
2021-12-02 02:59:02 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
937852e8-2920-4e1d-ae35-339196400da7
2021-12-02 02:59:02 SUCCESS
FAPIBrazilGenerateNewConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "937852e8-2920-4e1d-ae35-339196400da7"
}
consentId
urn:conformance.oidf:VHQnwFyKN2
consent_response
{
  "data": {
    "consentId": "urn:conformance.oidf:VHQnwFyKN2",
    "creationDateTime": "2021-12-02T02:59:02Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-02T02:59:02Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-02T04:59:02Z",
    "transactionFromDateTime": "2021-12-02T02:54:02Z",
    "transactionToDateTime": "2021-12-02T04:59:02Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-02T02:59:02Z"
  }
}
2021-12-02 02:59:02
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-02 02:59:02 OUTGOING
fapi1-advanced-final-client-test-invalid-shash
Response to HTTP request to test instance ZVAVNGFFg7Bhgar
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "937852e8-2920-4e1d-ae35-339196400da7"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:VHQnwFyKN2",
    "creationDateTime": "2021-12-02T02:59:02Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-02T02:59:02Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-02T04:59:02Z",
    "transactionFromDateTime": "2021-12-02T02:54:02Z",
    "transactionToDateTime": "2021-12-02T04:59:02Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-02T02:59:02Z"
  }
}
outgoing_path
consents/v1/consents
2021-12-02 02:59:05 INCOMING
fapi1-advanced-final-client-test-invalid-shash
Incoming HTTP request to test instance ZVAVNGFFg7Bhgar
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-02 02:59:05 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-02 02:59:05 OUTGOING
fapi1-advanced-final-client-test-invalid-shash
Response to HTTP request to test instance ZVAVNGFFg7Bhgar
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "tls_client_auth"
  ],
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-02 02:59:05 INCOMING
fapi1-advanced-final-client-test-invalid-shash
Incoming HTTP request to test instance ZVAVNGFFg7Bhgar
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-02 02:59:05 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-02 02:59:05 OUTGOING
fapi1-advanced-final-client-test-invalid-shash
Response to HTTP request to test instance ZVAVNGFFg7Bhgar
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
outgoing_path
jwks
2021-12-02 02:59:06 INCOMING
fapi1-advanced-final-client-test-invalid-shash
Incoming HTTP request to test instance ZVAVNGFFg7Bhgar
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "request": "eyJraWQiOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJhbGciOiJSU0EtT0FFUCJ9.wKt--yDzKgFB7VmBMV_P_4Ikx1fd8bAv4-EzGH2q1AsLnmS8tfVeQKsJgZ5_FDP6QW3qM1JzPiUw0tWbEwTNq9Hyt_jRaPnqUl0WOzekxNfUNCT3yok7XPvRfHu7_yPoyzmS3rvKQRtpBuQutQk7Y2IPY7Ph0zYFsZfaEi6SsV3DBNIH0t8j6sL-dWpXvFRyZ1dlO26zZktFnNEX03uyCWU-Ye-wrGhmClM63y1rEJyhZERB6mhn5HMXwAiFGgo0f1tlCuZ7Hvqlbwm7cwIyWWgg91UzjqvfByt5QYxY05TtTgufCk992Ql4pUg0kwDVqin_51Y9r7BtC_yMwQ0rHw.YMXOnwcPXHEG0yAq.ANd33X8pj1AVzZgQJkyINv_jogYOXZpZ8fhOHb_Ge7PoCX5NfJTgHu0693mpcyCGxvyf6oucCGgKfuc_fQ7Ru2Hg8N0uRVrQVOGtO38XQKFculhQtaR6OXF1YgWsp9Nwd7PlFw-wRFdX5n2MSiFvc5xGSt_FPiQiWdhs6EhdB_1nsogFwCTU7uUSeVo1eYi3LZshyyYvnKyragK8lmoDR47UQ8TS42apX5_7aua2a5vQLCZF_rQxZjlMsj49lq5Gz90F8mwxqLch0dXavC4LjHmYYy9MCHKQkHF6wgJeCl9_JOF2EEd8A04wsjK6UJ7W9Gj8lSFpMPUxDabRcTfPUpJxZN4xQOjmGwy1yuSYL6VhDItEhHKs0ItLuprJBNO0T0H_yCbVg7zdC82qshaU_HHLZvWTURWCfwrLC7yRP_Xjpf4tpN2HZ8gqtV5dkNMqjPF3DPgLzHLlB2wiyuUprmbtZQQVDcwSEZfxnc5IiUNsMTPx73rt8xeytCz7PuHCTCs4PvH8JvZBbgg_NVXULtS1u_1RJnq4mqiEf-Q7dwBNmOZOTzeJWjNRhOKNhGRKu2fCyx8ET72MAIcD2kkhNnZNI5iQxt_N421vQutPTTE4ER1u5CBBabnVulhz23-ffCVSUR8HA4K5UCuoSwF_WD9VUYJ7q7dFYU2YEDQ0ROh1WAAQ1BVfKUu_v4JBzUbsbZUXVo0wNNtAOTSGceVeIDV86dNv_F6OROrezh-EMAZXsU94hpV-_HA50iPuD49XCxlI5iQwpI_S26vhcR4Wkp9KnLAwxXTXUF8ht5s8mKAOjH2KImDWYX2QCKI36-KGPT1H69FNOjWAHLObxyLXBnnuGREDINGJXAjLJMnPsMBh0A_VQF2E269uN6aW1XLPkUwGH0OuMMyKjumfUf6ese6NjK29xFlFjXyyKvualkzp9K5POzQqVwt18e0XV59V_CP02xoI6YbuYdmRY_HJuoWzHBKs78g3A7wSA-_dFvsafmwyRZpjUuBnJKHXLzq813F4md3YTxqsZaNTQDVLXwrJwbz3bxqVqgxYT-W7s2du8DpPvkYKQDqDKFZDAqJr4LvbgRsw5RwlDPgJ2UtZeW0UjCKJ8R2dBKP7dnPY_6e5t7sx0Xya0L778pcgEfFNp4KHz93JThHJXGaYqVkxIL8zYdqztrxS3qyFIZwHtd6eDYYAcdvlJEwLts_cXHL7_xivTWEjF52Ygr7-FXm6Ezmho0Ql5ExeLMvjhM46KmTG65qxYVOYGrIEe8N2CJW_OZy0K6N17o_H71rO7Sgr5Mzx6COt_DJsnndeUX3sBytRjGxow0mCbZSNMhj1c4Bi2tlLrH1-VaMrRONINhz_ocQmQhgyXrBeVJcSC5IV9P2DHdMe5jkzicENR8xPlIvZwISJ25iuPno2_cL0CdhUz2z89a1iuFwLMTJGtjiUmnOtMSoKMFICkdziTjw7961YefNPifBQhjsn5N214YIGQCzYUNDQqAqy4D3LIwV9GHL_sCjhysSWtIpadm9fh8xUviw5jJE0OBawFPWTQ07zwiooBWcgyiaFH7rDMdeLetxXBu6vwKpli8cEXEUYn-Wc3phvVf0kw1cQcvOsbcGisKmK2l_Jy1SfAOANqhNcKZ95PgqYR8aBxw.nc6B0Ks0gjgWkO5F5C7F5w",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "scope": "accounts openid consent:urn:conformance.oidf:VHQnwFyKN2",
  "response_type": "code id_token",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback"
}
incoming_body
2021-12-02 02:59:06 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2021-12-02 02:59:06 SUCCESS
ExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsIm5vbmNlIjoiZWQ4YTRmYjMtYzVhNC00ZDZkLWEzYzItZTZhMTg5NDZkOGI2IiwiY2xpZW50X2lkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJuYmYiOjE2Mzg0MTM5NDYsInNjb3BlIjoiYWNjb3VudHMgb3BlbmlkIGNvbnNlbnQ6dXJuOmNvbmZvcm1hbmNlLm9pZGY6VkhRbndGeUtOMiIsImNsYWltcyI6IntcImlkX3Rva2VuXCI6e1wiY3BmXCI6e1wiZXNzZW50aWFsXCI6dHJ1ZX19fSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9hcGktcWEuYnZvcGVuLmNvbS5iclwvcmVjZXB0b3ItcmVkaXJlY3RcL3YxXC9pbnRlcm5ldC1iYW5raW5nXC9hdXRob3JpemUtY2FsbGJhY2siLCJzdGF0ZSI6IjY3MWI5MTQ1LTE1YTctNGUxMi1hOGRmLWZlMjI1N2Q0YmVjMSIsImV4cCI6MTYzODQxNzU0NSwiaWF0IjoxNjM4NDEzOTQ1LCJqdGkiOiIyYzRkZmI2OC1lMjVkLTQxOTUtYjE5MC0xZDdiMjY2YzUxNmMifQ.IEWUP-LVpjmXGYjNDmETjggh46xVayVPQ3SE5QGkaTehe4uupsVv3VS-XHu1MS4RXfMXRWQTLmWVm1Iz5w6De6C5wGUzbW4ee7QD5kW405Ycir4HtT35RAEzI-JxOfMUUwbaRnXbHh-ydYi1FqtLceup8Vtsjh7FsTEXQqT0l9Z7RtF78uEdRem1hY2CHIN-ONU7Vg9BKbQqaOOaWhwgZhYbkLfR2gA57CXWSQOhgKULu9APa1veXc6nxe6QJfzl7-W89TIUa9V855Qy-SFIJnmiiH8Jn0HgqUztAa87yKszhY5FlExdm7kgg-VDioK75Ipq56Km9FVWgh3WlV96zQ",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "response_type": "code id_token",
    "nonce": "ed8a4fb3-c5a4-4d6d-a3c2-e6a18946d8b6",
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
    "nbf": 1638413946,
    "scope": "accounts openid consent:urn:conformance.oidf:VHQnwFyKN2",
    "claims": "{\"id_token\":{\"cpf\":{\"essential\":true}}}",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "state": "671b9145-15a7-4e12-a8df-fe2257d4bec1",
    "exp": 1638417545,
    "iat": 1638413945,
    "jti": "2c4dfb68-e25d-4195-b190-1d7b266c516c"
  },
  "jwe_header": {
    "kid": "RSA-OAEP",
    "enc": "A256GCM",
    "alg": "RSA-OAEP"
  }
}
2021-12-02 02:59:06 SUCCESS
EnsureRequestObjectWasEncrypted
Request object was encrypted
jwe_header
{
  "kid": "RSA-OAEP",
  "enc": "A256GCM",
  "alg": "RSA-OAEP"
}
2021-12-02 02:59:06 SUCCESS
FAPIBrazilEnsureRequestObjectEncryptedUsingRSAOAEPA256GCM
Request object was encrypted using RSA-OAEP and A256GCM
jwe_header
{
  "kid": "RSA-OAEP",
  "enc": "A256GCM",
  "alg": "RSA-OAEP"
}
2021-12-02 02:59:06 SUCCESS
ValidateEncryptedRequestObjectHasKid
kid was found in the encrypted request object header
kid
RSA-OAEP
2021-12-02 02:59:06 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "request": "eyJraWQiOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJhbGciOiJSU0EtT0FFUCJ9.wKt--yDzKgFB7VmBMV_P_4Ikx1fd8bAv4-EzGH2q1AsLnmS8tfVeQKsJgZ5_FDP6QW3qM1JzPiUw0tWbEwTNq9Hyt_jRaPnqUl0WOzekxNfUNCT3yok7XPvRfHu7_yPoyzmS3rvKQRtpBuQutQk7Y2IPY7Ph0zYFsZfaEi6SsV3DBNIH0t8j6sL-dWpXvFRyZ1dlO26zZktFnNEX03uyCWU-Ye-wrGhmClM63y1rEJyhZERB6mhn5HMXwAiFGgo0f1tlCuZ7Hvqlbwm7cwIyWWgg91UzjqvfByt5QYxY05TtTgufCk992Ql4pUg0kwDVqin_51Y9r7BtC_yMwQ0rHw.YMXOnwcPXHEG0yAq.ANd33X8pj1AVzZgQJkyINv_jogYOXZpZ8fhOHb_Ge7PoCX5NfJTgHu0693mpcyCGxvyf6oucCGgKfuc_fQ7Ru2Hg8N0uRVrQVOGtO38XQKFculhQtaR6OXF1YgWsp9Nwd7PlFw-wRFdX5n2MSiFvc5xGSt_FPiQiWdhs6EhdB_1nsogFwCTU7uUSeVo1eYi3LZshyyYvnKyragK8lmoDR47UQ8TS42apX5_7aua2a5vQLCZF_rQxZjlMsj49lq5Gz90F8mwxqLch0dXavC4LjHmYYy9MCHKQkHF6wgJeCl9_JOF2EEd8A04wsjK6UJ7W9Gj8lSFpMPUxDabRcTfPUpJxZN4xQOjmGwy1yuSYL6VhDItEhHKs0ItLuprJBNO0T0H_yCbVg7zdC82qshaU_HHLZvWTURWCfwrLC7yRP_Xjpf4tpN2HZ8gqtV5dkNMqjPF3DPgLzHLlB2wiyuUprmbtZQQVDcwSEZfxnc5IiUNsMTPx73rt8xeytCz7PuHCTCs4PvH8JvZBbgg_NVXULtS1u_1RJnq4mqiEf-Q7dwBNmOZOTzeJWjNRhOKNhGRKu2fCyx8ET72MAIcD2kkhNnZNI5iQxt_N421vQutPTTE4ER1u5CBBabnVulhz23-ffCVSUR8HA4K5UCuoSwF_WD9VUYJ7q7dFYU2YEDQ0ROh1WAAQ1BVfKUu_v4JBzUbsbZUXVo0wNNtAOTSGceVeIDV86dNv_F6OROrezh-EMAZXsU94hpV-_HA50iPuD49XCxlI5iQwpI_S26vhcR4Wkp9KnLAwxXTXUF8ht5s8mKAOjH2KImDWYX2QCKI36-KGPT1H69FNOjWAHLObxyLXBnnuGREDINGJXAjLJMnPsMBh0A_VQF2E269uN6aW1XLPkUwGH0OuMMyKjumfUf6ese6NjK29xFlFjXyyKvualkzp9K5POzQqVwt18e0XV59V_CP02xoI6YbuYdmRY_HJuoWzHBKs78g3A7wSA-_dFvsafmwyRZpjUuBnJKHXLzq813F4md3YTxqsZaNTQDVLXwrJwbz3bxqVqgxYT-W7s2du8DpPvkYKQDqDKFZDAqJr4LvbgRsw5RwlDPgJ2UtZeW0UjCKJ8R2dBKP7dnPY_6e5t7sx0Xya0L778pcgEfFNp4KHz93JThHJXGaYqVkxIL8zYdqztrxS3qyFIZwHtd6eDYYAcdvlJEwLts_cXHL7_xivTWEjF52Ygr7-FXm6Ezmho0Ql5ExeLMvjhM46KmTG65qxYVOYGrIEe8N2CJW_OZy0K6N17o_H71rO7Sgr5Mzx6COt_DJsnndeUX3sBytRjGxow0mCbZSNMhj1c4Bi2tlLrH1-VaMrRONINhz_ocQmQhgyXrBeVJcSC5IV9P2DHdMe5jkzicENR8xPlIvZwISJ25iuPno2_cL0CdhUz2z89a1iuFwLMTJGtjiUmnOtMSoKMFICkdziTjw7961YefNPifBQhjsn5N214YIGQCzYUNDQqAqy4D3LIwV9GHL_sCjhysSWtIpadm9fh8xUviw5jJE0OBawFPWTQ07zwiooBWcgyiaFH7rDMdeLetxXBu6vwKpli8cEXEUYn-Wc3phvVf0kw1cQcvOsbcGisKmK2l_Jy1SfAOANqhNcKZ95PgqYR8aBxw.nc6B0Ks0gjgWkO5F5C7F5w",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "scope": "accounts openid consent:urn:conformance.oidf:VHQnwFyKN2",
  "response_type": "code id_token",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "iss": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "ed8a4fb3-c5a4-4d6d-a3c2-e6a18946d8b6",
  "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "nbf": 1638413946,
  "claims": "{\"id_token\":{\"cpf\":{\"essential\":true}}}",
  "state": "671b9145-15a7-4e12-a8df-fe2257d4bec1",
  "exp": 1638417545,
  "iat": 1638413945,
  "jti": "2c4dfb68-e25d-4195-b190-1d7b266c516c"
}
2021-12-02 02:59:06 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2021-12-02 02:59:06
FAPIBrazilValidateRequestObjectIdTokenACRClaims
acr claim is not requested
2021-12-02 02:59:06 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Dec 2, 2021, 3:59:05 AM"
2021-12-02 02:59:06 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Dec 2, 2021, 2:59:06 AM"
now
"Dec 2, 2021, 2:59:06 AM"
2021-12-02 02:59:06
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2021-12-02 02:59:06 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2021-12-02 02:59:06 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2021-12-02 02:59:06 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2021-12-02 02:59:06 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2021-12-02 02:59:06 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsIm5vbmNlIjoiZWQ4YTRmYjMtYzVhNC00ZDZkLWEzYzItZTZhMTg5NDZkOGI2IiwiY2xpZW50X2lkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJuYmYiOjE2Mzg0MTM5NDYsInNjb3BlIjoiYWNjb3VudHMgb3BlbmlkIGNvbnNlbnQ6dXJuOmNvbmZvcm1hbmNlLm9pZGY6VkhRbndGeUtOMiIsImNsYWltcyI6IntcImlkX3Rva2VuXCI6e1wiY3BmXCI6e1wiZXNzZW50aWFsXCI6dHJ1ZX19fSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9hcGktcWEuYnZvcGVuLmNvbS5iclwvcmVjZXB0b3ItcmVkaXJlY3RcL3YxXC9pbnRlcm5ldC1iYW5raW5nXC9hdXRob3JpemUtY2FsbGJhY2siLCJzdGF0ZSI6IjY3MWI5MTQ1LTE1YTctNGUxMi1hOGRmLWZlMjI1N2Q0YmVjMSIsImV4cCI6MTYzODQxNzU0NSwiaWF0IjoxNjM4NDEzOTQ1LCJqdGkiOiIyYzRkZmI2OC1lMjVkLTQxOTUtYjE5MC0xZDdiMjY2YzUxNmMifQ.IEWUP-LVpjmXGYjNDmETjggh46xVayVPQ3SE5QGkaTehe4uupsVv3VS-XHu1MS4RXfMXRWQTLmWVm1Iz5w6De6C5wGUzbW4ee7QD5kW405Ycir4HtT35RAEzI-JxOfMUUwbaRnXbHh-ydYi1FqtLceup8Vtsjh7FsTEXQqT0l9Z7RtF78uEdRem1hY2CHIN-ONU7Vg9BKbQqaOOaWhwgZhYbkLfR2gA57CXWSQOhgKULu9APa1veXc6nxe6QJfzl7-W89TIUa9V855Qy-SFIJnmiiH8Jn0HgqUztAa87yKszhY5FlExdm7kgg-VDioK75Ipq56Km9FVWgh3WlV96zQ
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 20470105991639945101333275222632884736574483865528906726892528525563191082183695260204312736582372939211055359067203803085750810655850954661951144951323156016175226041830645945715513868126850067392212624376671953805748628313454513795689104315557781181477191907644208938174263279538822216580366877482634997324327056726074955380834197509531619477599127660288830507703834432824311448281762320165839347904106371594443864070803621659794095259323351600661287063154929280227814731229282446194900829223861656310231284465453525094881675730459265540745017449257927239533034759013077714190534660553709869627625978272751475164353
  public exponent: 65537
2021-12-02 02:59:06 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
2021-12-02 02:59:06 SUCCESS
EnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code id_token
client_id
r3-1Pzx4eZFejFKvrCef_
2021-12-02 02:59:06 SUCCESS
EnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2021-12-02 02:59:06 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:VHQnwFyKN2"
]
expected
openid
2021-12-02 02:59:06 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
accounts openid consent:urn:conformance.oidf:VHQnwFyKN2
2021-12-02 02:59:06 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:VHQnwFyKN2"
]
expected
consent:urn:conformance.oidf:VHQnwFyKN2
2021-12-02 02:59:06 SUCCESS
EnsureScopeContainsAccounts
Found accounts scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:VHQnwFyKN2"
]
2021-12-02 02:59:06 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2021-12-02 02:59:06 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:VHQnwFyKN2"
]
expected
openid
2021-12-02 02:59:06 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
r3-1Pzx4eZFejFKvrCef_
2021-12-02 02:59:06 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
EKKY0dkxvXa2jAYZ1sF0qQ8HAJCvypdw
2021-12-02 02:59:06 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
ed8a4fb3-c5a4-4d6d-a3c2-e6a18946d8b6
2021-12-02 02:59:06 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
4NR8sraUgppvDYNLPiduLA
2021-12-02 02:59:06 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
yyx_51cjFWP7LnF4kxXmpw
2021-12-02 02:59:06 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/recepcao-bv/
sub
user-subject-1234531
aud
r3-1Pzx4eZFejFKvrCef_
nonce
ed8a4fb3-c5a4-4d6d-a3c2-e6a18946d8b6
iat
1638413946
exp
1638414246
2021-12-02 02:59:06
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2021-12-02 02:59:06 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
4NR8sraUgppvDYNLPiduLA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "ed8a4fb3-c5a4-4d6d-a3c2-e6a18946d8b6",
  "iat": 1638413946,
  "exp": 1638414246,
  "c_hash": "4NR8sraUgppvDYNLPiduLA"
}
2021-12-02 02:59:06 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
yyx_51cjFWP7LnF4kxXmpw
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "ed8a4fb3-c5a4-4d6d-a3c2-e6a18946d8b6",
  "iat": 1638413946,
  "exp": 1638414246,
  "c_hash": "4NR8sraUgppvDYNLPiduLA",
  "s_hash": "yyx_51cjFWP7LnF4kxXmpw"
}
2021-12-02 02:59:06 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2021-12-02 02:59:06 SUCCESS
AddInvalidSHashValueToIdToken
Added invalid s_hash to ID token claims
s_hash
yyx_51cjFWP7LnF4kxXmpw1
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "ed8a4fb3-c5a4-4d6d-a3c2-e6a18946d8b6",
  "iat": 1638413946,
  "exp": 1638414246,
  "c_hash": "4NR8sraUgppvDYNLPiduLA",
  "s_hash": "yyx_51cjFWP7LnF4kxXmpw1"
}
2021-12-02 02:59:06 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2021-12-02 02:59:06 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6IjROUjhzcmFVZ3BwdkRZTkxQaWR1TEEiLCJzX2hhc2giOiJ5eXhfNTFjakZXUDdMbkY0a3hYbXB3MSIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwiZXhwIjoxNjM4NDE0MjQ2LCJub25jZSI6ImVkOGE0ZmIzLWM1YTQtNGQ2ZC1hM2MyLWU2YTE4OTQ2ZDhiNiIsImlhdCI6MTYzODQxMzk0Nn0.C82QzQUq_CzlM0zC_ffMmVhdo1W_vhfiIjJH6zCy4-O7TwvZKxAYo_WeDo4Mq0Rk5MmTg6q6OPu2nrNyf5loNPs_V0cRoCEYSdzcYYX_LQ35rdIhrsKugXfVlfKXE2ql-xINJk7WgchfRIkXA-Wef8-4QeWyOYDoCST6OHyQ0wvDITjtpPTo9LwkjhEyIjfEdlIp0it14e5gUw6_CRSKl3_kPCbClyKaB_-orilhS-QGmo_GJRHLAQfvX7O-NCrxzKEZLV-YGOPc342BnCZ8vQRcZB_U8Rrt8ImZRuX14qWJxdOiekTG2L8RU78_UXsgpiYMdJh-E4ICdAOTxBSvTg
2021-12-02 02:59:06 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance.oidf:VHQnwFyKN2",
    "creationDateTime": "2021-12-02T02:59:02Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-02T02:59:06Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-02T04:59:02Z",
    "transactionFromDateTime": "2021-12-02T02:54:02Z",
    "transactionToDateTime": "2021-12-02T04:59:02Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-02T02:59:02Z"
  }
}
2021-12-02 02:59:06 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "671b9145-15a7-4e12-a8df-fe2257d4bec1"
}
2021-12-02 02:59:06 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "671b9145-15a7-4e12-a8df-fe2257d4bec1",
  "code": "EKKY0dkxvXa2jAYZ1sF0qQ8HAJCvypdw"
}
2021-12-02 02:59:06 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "671b9145-15a7-4e12-a8df-fe2257d4bec1",
  "code": "EKKY0dkxvXa2jAYZ1sF0qQ8HAJCvypdw",
  "id_token": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6IjROUjhzcmFVZ3BwdkRZTkxQaWR1TEEiLCJzX2hhc2giOiJ5eXhfNTFjakZXUDdMbkY0a3hYbXB3MSIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwiZXhwIjoxNjM4NDE0MjQ2LCJub25jZSI6ImVkOGE0ZmIzLWM1YTQtNGQ2ZC1hM2MyLWU2YTE4OTQ2ZDhiNiIsImlhdCI6MTYzODQxMzk0Nn0.C82QzQUq_CzlM0zC_ffMmVhdo1W_vhfiIjJH6zCy4-O7TwvZKxAYo_WeDo4Mq0Rk5MmTg6q6OPu2nrNyf5loNPs_V0cRoCEYSdzcYYX_LQ35rdIhrsKugXfVlfKXE2ql-xINJk7WgchfRIkXA-Wef8-4QeWyOYDoCST6OHyQ0wvDITjtpPTo9LwkjhEyIjfEdlIp0it14e5gUw6_CRSKl3_kPCbClyKaB_-orilhS-QGmo_GJRHLAQfvX7O-NCrxzKEZLV-YGOPc342BnCZ8vQRcZB_U8Rrt8ImZRuX14qWJxdOiekTG2L8RU78_UXsgpiYMdJh-E4ICdAOTxBSvTg"
}
2021-12-02 02:59:06
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback#state=671b9145-15a7-4e12-a8df-fe2257d4bec1&code=EKKY0dkxvXa2jAYZ1sF0qQ8HAJCvypdw&id_token=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6IjROUjhzcmFVZ3BwdkRZTkxQaWR1TEEiLCJzX2hhc2giOiJ5eXhfNTFjakZXUDdMbkY0a3hYbXB3MSIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwiZXhwIjoxNjM4NDE0MjQ2LCJub25jZSI6ImVkOGE0ZmIzLWM1YTQtNGQ2ZC1hM2MyLWU2YTE4OTQ2ZDhiNiIsImlhdCI6MTYzODQxMzk0Nn0.C82QzQUq_CzlM0zC_ffMmVhdo1W_vhfiIjJH6zCy4-O7TwvZKxAYo_WeDo4Mq0Rk5MmTg6q6OPu2nrNyf5loNPs_V0cRoCEYSdzcYYX_LQ35rdIhrsKugXfVlfKXE2ql-xINJk7WgchfRIkXA-Wef8-4QeWyOYDoCST6OHyQ0wvDITjtpPTo9LwkjhEyIjfEdlIp0it14e5gUw6_CRSKl3_kPCbClyKaB_-orilhS-QGmo_GJRHLAQfvX7O-NCrxzKEZLV-YGOPc342BnCZ8vQRcZB_U8Rrt8ImZRuX14qWJxdOiekTG2L8RU78_UXsgpiYMdJh-E4ICdAOTxBSvTg
2021-12-02 02:59:06 OUTGOING
fapi1-advanced-final-client-test-invalid-shash
Response to HTTP request to test instance ZVAVNGFFg7Bhgar
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback#state=671b9145-15a7-4e12-a8df-fe2257d4bec1&code=EKKY0dkxvXa2jAYZ1sF0qQ8HAJCvypdw&id_token=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6IjROUjhzcmFVZ3BwdkRZTkxQaWR1TEEiLCJzX2hhc2giOiJ5eXhfNTFjakZXUDdMbkY0a3hYbXB3MSIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwiZXhwIjoxNjM4NDE0MjQ2LCJub25jZSI6ImVkOGE0ZmIzLWM1YTQtNGQ2ZC1hM2MyLWU2YTE4OTQ2ZDhiNiIsImlhdCI6MTYzODQxMzk0Nn0.C82QzQUq_CzlM0zC_ffMmVhdo1W_vhfiIjJH6zCy4-O7TwvZKxAYo_WeDo4Mq0Rk5MmTg6q6OPu2nrNyf5loNPs_V0cRoCEYSdzcYYX_LQ35rdIhrsKugXfVlfKXE2ql-xINJk7WgchfRIkXA-Wef8-4QeWyOYDoCST6OHyQ0wvDITjtpPTo9LwkjhEyIjfEdlIp0it14e5gUw6_CRSKl3_kPCbClyKaB_-orilhS-QGmo_GJRHLAQfvX7O-NCrxzKEZLV-YGOPc342BnCZ8vQRcZB_U8Rrt8ImZRuX14qWJxdOiekTG2L8RU78_UXsgpiYMdJh-E4ICdAOTxBSvTg]
outgoing_path
authorize
2021-12-02 02:59:06 INCOMING
fapi1-advanced-final-client-test-invalid-shash
Incoming HTTP request to test instance ZVAVNGFFg7Bhgar
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-02 02:59:06 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-02 02:59:06 OUTGOING
fapi1-advanced-final-client-test-invalid-shash
Response to HTTP request to test instance ZVAVNGFFg7Bhgar
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
outgoing_path
jwks
2021-12-02 02:59:11 FINISHED
fapi1-advanced-final-client-test-invalid-shash
Test has run to completion
testmodule_result
PASSED
2021-12-02 02:59:14
TEST-RUNNER
Alias has now been claimed by another test
alias
recepcao-bv
new_test_id
xYhBBlYWWEQXbkb
Test Results