Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-12-29 22:05:51 INFO
TEST-RUNNER
Test instance 41NYTOrTMCAl0g0 created
baseUrl
https://www.certification.openid.net/test/a/recepcao-bv
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "pushed",
  "fapi_profile": "openbanking_brazil",
  "fapi_jarm_type": "oidc",
  "fapi_response_mode": "plain_response"
}
alias
recepcao-bv
description
Banco Votorantim - Relying Party
planId
DooYPU0i7G1JD
config
{
  "alias": "recepcao-bv",
  "description": "Banco Votorantim - Relying Party",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
          "kty": "RSA",
          "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
          "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "RSA-OAEP",
          "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
          "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
          "alg": "RSA-OAEP",
          "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
          "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
        },
        {
          "kty": "RSA",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB",
          "alg": "PS256",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
          "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
          "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
          "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
          "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
          "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo"
        }
      ]
    }
  },
  "client": {
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "certificate": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB"
        }
      ]
    }
  },
  "client2": {
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "certificate": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB"
        },
        {
          "e": "AQAB",
          "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
          "kty": "RSA",
          "kid": "RSA-OAEP",
          "alg": "RSA-OAEP",
          "use": "enc"
        }
      ]
    },
    "id_token_encrypted_response_enc": "A256GCM"
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-test-valid-aud-as-array
2021-12-29 22:05:52 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/recepcao-bv/
discoveryUrl
https://www.certification.openid.net/test/a/recepcao-bv/.well-known/openid-configuration
2021-12-29 22:05:52 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
      "kty": "RSA",
      "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
      "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo",
      "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
      "alg": "PS256",
      "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 22:05:52 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 22:05:52
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2021-12-29 22:05:52
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2021-12-29 22:05:52
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2021-12-29 22:05:52
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2021-12-29 22:05:52
SetTokenEndpointAuthMethodsSupportedToPrivateKeyJWTOnly
Changed token_endpoint_auth_methods_supported to private_key_jwt only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ]
}
2021-12-29 22:05:52
AddPushedAuthorizationRequestEndpointToServerConfig
Added pushed_authorization_request_endpoint to server configuration
endpoint
https://www.certification.openid.net/test/a/recepcao-bv/par
2021-12-29 22:05:52
AddRequirePushedAuthorizationRequestsToServerConfig
Added require_pushed_authorization_requests to server configuration
value
true
2021-12-29 22:05:52 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2021-12-29 22:05:52 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2021-12-29 22:05:52 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-12-29 22:05:52 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
      "kty": "RSA",
      "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
      "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo",
      "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
      "alg": "PS256",
      "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 22:05:52 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2021-12-29 22:05:52 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
r3-1Pzx4eZFejFKvrCef_
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
certificate
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
2021-12-29 22:05:52 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 22:05:52 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 22:05:52 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-29 22:05:52 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-29 22:05:52 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
Verify configuration of second client
2021-12-29 22:05:52 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
r3-1Pzx4eZFejFKvrCef_
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
id_token_encrypted_response_alg
RSA-OAEP
certificate
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
id_token_encrypted_response_enc
A256GCM
2021-12-29 22:05:52 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 22:05:52 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    }
  ]
}
2021-12-29 22:05:52 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-29 22:05:52 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-29 22:05:52 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
2021-12-29 22:05:52
fapi1-advanced-final-client-test-valid-aud-as-array
Setup Done
2021-12-29 22:06:07 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:06:07 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:06:07 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:06:10 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:06:10 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:06:10 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:06:10 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "894",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "grant_type": "client_credentials",
  "scope": "consents",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU4NzAsImlhdCI6MTY0MDgxNTU3MCwianRpIjoiZDU2MmU1NDEtNzMwZS00YjVmLTkyMGMtN2FhNWQyMzRhNDBjIn0.O3vejtoTMsDAZgQJIZLqS0MtaqZKGFu3rt8Cw0Q6SpS6s9zzDR7-rviwxUQdY-XoKIF_LdFEThYiDNUVvA2taohNODl8LHkwYoul3NdTf68t7UMC6voKKKS4d4WxBdVpWwKaxkE7SNhZ9XJCOnkJv9cSpRyO3U_JBkdJpCUcv89vUHSfJxPgNwUBp6sBflK4a--FUq8Y3tMMaNUwQG3kc1z5HXLDwgfIsHLKvlPjprEQwa9sXLm-9Th3kS9xJKs78OTPN9xZO5FPM-mpcbHSzW0uH8YOuzz8luZNHSm2rg0LNV69KjUi7zOom-wK5WiBmADTSqJLy4ybVSFqBktBjQ",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=client_credentials&scope=consents&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU4NzAsImlhdCI6MTY0MDgxNTU3MCwianRpIjoiZDU2MmU1NDEtNzMwZS00YjVmLTkyMGMtN2FhNWQyMzRhNDBjIn0.O3vejtoTMsDAZgQJIZLqS0MtaqZKGFu3rt8Cw0Q6SpS6s9zzDR7-rviwxUQdY-XoKIF_LdFEThYiDNUVvA2taohNODl8LHkwYoul3NdTf68t7UMC6voKKKS4d4WxBdVpWwKaxkE7SNhZ9XJCOnkJv9cSpRyO3U_JBkdJpCUcv89vUHSfJxPgNwUBp6sBflK4a--FUq8Y3tMMaNUwQG3kc1z5HXLDwgfIsHLKvlPjprEQwa9sXLm-9Th3kS9xJKs78OTPN9xZO5FPM-mpcbHSzW0uH8YOuzz8luZNHSm2rg0LNV69KjUi7zOom-wK5WiBmADTSqJLy4ybVSFqBktBjQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 22:06:10 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 22:06:10 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:06:10 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:06:10 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:06:10 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU4NzAsImlhdCI6MTY0MDgxNTU3MCwianRpIjoiZDU2MmU1NDEtNzMwZS00YjVmLTkyMGMtN2FhNWQyMzRhNDBjIn0.O3vejtoTMsDAZgQJIZLqS0MtaqZKGFu3rt8Cw0Q6SpS6s9zzDR7-rviwxUQdY-XoKIF_LdFEThYiDNUVvA2taohNODl8LHkwYoul3NdTf68t7UMC6voKKKS4d4WxBdVpWwKaxkE7SNhZ9XJCOnkJv9cSpRyO3U_JBkdJpCUcv89vUHSfJxPgNwUBp6sBflK4a--FUq8Y3tMMaNUwQG3kc1z5HXLDwgfIsHLKvlPjprEQwa9sXLm-9Th3kS9xJKs78OTPN9xZO5FPM-mpcbHSzW0uH8YOuzz8luZNHSm2rg0LNV69KjUi7zOom-wK5WiBmADTSqJLy4ybVSFqBktBjQ",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640815870,
    "iat": 1640815570,
    "jti": "d562e541-730e-4b5f-920c-7aa5d234a40c"
  }
}
2021-12-29 22:06:10
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:06:10 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU4NzAsImlhdCI6MTY0MDgxNTU3MCwianRpIjoiZDU2MmU1NDEtNzMwZS00YjVmLTkyMGMtN2FhNWQyMzRhNDBjIn0.O3vejtoTMsDAZgQJIZLqS0MtaqZKGFu3rt8Cw0Q6SpS6s9zzDR7-rviwxUQdY-XoKIF_LdFEThYiDNUVvA2taohNODl8LHkwYoul3NdTf68t7UMC6voKKKS4d4WxBdVpWwKaxkE7SNhZ9XJCOnkJv9cSpRyO3U_JBkdJpCUcv89vUHSfJxPgNwUBp6sBflK4a--FUq8Y3tMMaNUwQG3kc1z5HXLDwgfIsHLKvlPjprEQwa9sXLm-9Th3kS9xJKs78OTPN9xZO5FPM-mpcbHSzW0uH8YOuzz8luZNHSm2rg0LNV69KjUi7zOom-wK5WiBmADTSqJLy4ybVSFqBktBjQ
2021-12-29 22:06:10 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:06:10 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 22:06:10 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'consents' scope in request
actual
[
  "consents"
]
expected
consents
2021-12-29 22:06:10 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ
2021-12-29 22:06:10 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ
token_type
Bearer
2021-12-29 22:06:10
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2021-12-29 22:06:10 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ",
  "token_type": "Bearer"
}
outgoing_path
token
2021-12-29 22:06:13 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/json",
  "authorization": "Bearer K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ",
  "x-fapi-interaction-id": "348f77b8-d847-48fa-acdc-24d958eb0984",
  "content-length": "370",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/consents/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
{
  "data": {
    "loggedUser": {
      "document": {
        "identification": "05159823697",
        "rel": "CPF"
      }
    },
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "ACCOUNTS_OVERDRAFT_LIMITS_READ",
      "ACCOUNTS_TRANSACTIONS_READ"
    ],
    "expirationDateTime": "2022-11-30T08:30:00Z",
    "transactionFromDateTime": "2021-11-30T00:00:00Z",
    "transactionToDateTime": "2021-11-30T23:59:59Z"
  }
}
incoming_query_string_params
{}
incoming_body
                {"data":{"loggedUser":{"document":{"identification":"05159823697","rel":"CPF"}},"permissions":["ACCOUNTS_READ","ACCOUNTS_BALANCES_READ","ACCOUNTS_OVERDRAFT_LIMITS_READ","ACCOUNTS_TRANSACTIONS_READ"],"expirationDateTime":"2022-11-30T08:30:00Z","transactionFromDateTime":"2021-11-30T00:00:00Z","transactionToDateTime":"2021-11-30T23:59:59Z"}}
            
2021-12-29 22:06:13 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2021-12-29 22:06:13 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:06:13 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:06:13 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:06:13 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2021-12-29 22:06:13 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-29 22:06:13 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ
2021-12-29 22:06:13 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ
2021-12-29 22:06:13 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2021-12-29 22:06:13 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2021-12-29 22:06:13 SUCCESS
ExtractFapiInteractionIdHeader
Found a FAPI interaction ID header
fapi_interaction_id
348f77b8-d847-48fa-acdc-24d958eb0984
2021-12-29 22:06:13 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedConsents
The token request which was used to obtain the access token contained 'consents' scope
actual
[
  "consents"
]
2021-12-29 22:06:13
FAPIBrazilExtractConsentRequest
Condition ran but did not log anything
2021-12-29 22:06:13 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
348f77b8-d847-48fa-acdc-24d958eb0984
2021-12-29 22:06:13 SUCCESS
FAPIBrazilGenerateNewConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "348f77b8-d847-48fa-acdc-24d958eb0984"
}
consentId
urn:conformance.oidf:lRjVkfeoSJ
consent_response
{
  "data": {
    "consentId": "urn:conformance.oidf:lRjVkfeoSJ",
    "creationDateTime": "2021-12-29T22:06:13Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-29T22:06:13Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:06:13Z",
    "transactionFromDateTime": "2021-12-29T22:01:13Z",
    "transactionToDateTime": "2021-12-30T00:06:13Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:06:13Z"
  }
}
2021-12-29 22:06:13
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-29 22:06:13 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "348f77b8-d847-48fa-acdc-24d958eb0984"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:lRjVkfeoSJ",
    "creationDateTime": "2021-12-29T22:06:13Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-29T22:06:13Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:06:13Z",
    "transactionFromDateTime": "2021-12-29T22:01:13Z",
    "transactionToDateTime": "2021-12-30T00:06:13Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:06:13Z"
  }
}
outgoing_path
consents/v1/consents
2021-12-29 22:06:15 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:06:15 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:06:15 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:06:18 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "accept": "application/json;charset\u003dUTF-8",
  "content-length": "2553",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/par
incoming_body_form_params
{
  "response_type": "code id_token",
  "code_challenge_method": "S256",
  "code_challenge": "53hXYlBYSIXuWUcBqgS37-laKwLfOe_X3OFR4SsPns0",
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "scope": "accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "a59f3651-f38d-4e19-a199-ae0e7297ecae",
  "request": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1NTc4LCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOmxSalZrZmVvU0oiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiJhNTlmMzY1MS1mMzhkLTRlMTktYTE5OS1hZTBlNzI5N2VjYWUiLCJleHAiOjE2NDA4MTkxNzcsImlhdCI6MTY0MDgxNTU3NywiY29kZV9jaGFsbGVuZ2UiOiI1M2hYWWxCWVNJWHVXVWNCcWdTMzctbGFLd0xmT2VfWDNPRlI0U3NQbnMwIiwianRpIjoiNzE0YWE1YzMtMjdkZi00NzJkLWFlY2EtNDJlZjYwZmU3YzlhIn0.eUTFwIIChselcRzk5ZBtsmz6280EbelcFTulCkoVylcY3qERDzaLE8FDxcu3oz5jvGGywEB74XEau1U-4jQFhIbCiihP_1BVQ6qnzhbEUMXBn5kZcBq65K4z5lV53LFYp-AkBiRJpFbGjHWf4MqW9CrheTr-VTxBCIc3VA9FcRBo5Oxy7g6Bf12fsodGItLx4GPm691JiBN7I8xQ8GCcs0bKqdXsRVuuhAYOF0lUG4qK8IVC2tK3pHbtWA9RJ2wmPy90-gjbY-hVlFV3zENyi_C3twR17zAhM8kZ0FezvjkwwAl-n35jq54H_tPf2pewNv08dmdVFt-7nFZYqMI-nA",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxOTE3NywiaWF0IjoxNjQwODE1NTc3LCJqdGkiOiIzMmRiYzYxNS01ZmIzLTRiOWEtOWRkOC0zOGVjYzQ5MTMxOTIifQ.cj5YdbKq7ZA7nPhpxUWvhe7RUA4C1aw5p9KKAE1abGsddTQMT6JO4XczDxezBnt6Zx-yu0D957k-4DVCblUhZo4p9Jdsep08N_bBFy8zo0x_f4zLi85nRnkj5FT08tfzdwRgpc3oivENWqeHnSRjHzJD496YIiWoVS9WfPzguB06G88Mpwvc6Jan0sXltsjpVmyvBDXy3N5orUrXIRbWweAMFK4Zz1mjWU5C-mmw0NFncZmhgECv4ozkRafXJlhL_n9ToXBbmdOOggFIVruh1PemB40YawIefspNOZh4QGCYL9n6h4MAeEXe17ETV-pj9Ie_RUiGwESBlr5M2cNpjw",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
response_type=code+id_token&code_challenge_method=S256&code_challenge=53hXYlBYSIXuWUcBqgS37-laKwLfOe_X3OFR4SsPns0&nonce=bb532597-9807-4f72-a080-b18dea574e93&scope=accounts+openid+consent%3Aurn%3Aconformance.oidf%3AlRjVkfeoSJ&client_id=r3-1Pzx4eZFejFKvrCef_&redirect_uri=https%3A%2F%2Fapi-qa.bvopen.com.br%2Freceptor-redirect%2Fv1%2Finternet-banking%2Fauthorize-callback&state=a59f3651-f38d-4e19-a199-ae0e7297ecae&request=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1NTc4LCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOmxSalZrZmVvU0oiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiJhNTlmMzY1MS1mMzhkLTRlMTktYTE5OS1hZTBlNzI5N2VjYWUiLCJleHAiOjE2NDA4MTkxNzcsImlhdCI6MTY0MDgxNTU3NywiY29kZV9jaGFsbGVuZ2UiOiI1M2hYWWxCWVNJWHVXVWNCcWdTMzctbGFLd0xmT2VfWDNPRlI0U3NQbnMwIiwianRpIjoiNzE0YWE1YzMtMjdkZi00NzJkLWFlY2EtNDJlZjYwZmU3YzlhIn0.eUTFwIIChselcRzk5ZBtsmz6280EbelcFTulCkoVylcY3qERDzaLE8FDxcu3oz5jvGGywEB74XEau1U-4jQFhIbCiihP_1BVQ6qnzhbEUMXBn5kZcBq65K4z5lV53LFYp-AkBiRJpFbGjHWf4MqW9CrheTr-VTxBCIc3VA9FcRBo5Oxy7g6Bf12fsodGItLx4GPm691JiBN7I8xQ8GCcs0bKqdXsRVuuhAYOF0lUG4qK8IVC2tK3pHbtWA9RJ2wmPy90-gjbY-hVlFV3zENyi_C3twR17zAhM8kZ0FezvjkwwAl-n35jq54H_tPf2pewNv08dmdVFt-7nFZYqMI-nA&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxOTE3NywiaWF0IjoxNjQwODE1NTc3LCJqdGkiOiIzMmRiYzYxNS01ZmIzLTRiOWEtOWRkOC0zOGVjYzQ5MTMxOTIifQ.cj5YdbKq7ZA7nPhpxUWvhe7RUA4C1aw5p9KKAE1abGsddTQMT6JO4XczDxezBnt6Zx-yu0D957k-4DVCblUhZo4p9Jdsep08N_bBFy8zo0x_f4zLi85nRnkj5FT08tfzdwRgpc3oivENWqeHnSRjHzJD496YIiWoVS9WfPzguB06G88Mpwvc6Jan0sXltsjpVmyvBDXy3N5orUrXIRbWweAMFK4Zz1mjWU5C-mmw0NFncZmhgECv4ozkRafXJlhL_n9ToXBbmdOOggFIVruh1PemB40YawIefspNOZh4QGCYL9n6h4MAeEXe17ETV-pj9Ie_RUiGwESBlr5M2cNpjw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 22:06:18 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
PAR endpoint
2021-12-29 22:06:18 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:06:18 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:06:18 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:06:18 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxOTE3NywiaWF0IjoxNjQwODE1NTc3LCJqdGkiOiIzMmRiYzYxNS01ZmIzLTRiOWEtOWRkOC0zOGVjYzQ5MTMxOTIifQ.cj5YdbKq7ZA7nPhpxUWvhe7RUA4C1aw5p9KKAE1abGsddTQMT6JO4XczDxezBnt6Zx-yu0D957k-4DVCblUhZo4p9Jdsep08N_bBFy8zo0x_f4zLi85nRnkj5FT08tfzdwRgpc3oivENWqeHnSRjHzJD496YIiWoVS9WfPzguB06G88Mpwvc6Jan0sXltsjpVmyvBDXy3N5orUrXIRbWweAMFK4Zz1mjWU5C-mmw0NFncZmhgECv4ozkRafXJlhL_n9ToXBbmdOOggFIVruh1PemB40YawIefspNOZh4QGCYL9n6h4MAeEXe17ETV-pj9Ie_RUiGwESBlr5M2cNpjw",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640819177,
    "iat": 1640815577,
    "jti": "32dbc615-5fb3-4b9a-9dd8-38ecc4913192"
  }
}
2021-12-29 22:06:18
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:06:18 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxOTE3NywiaWF0IjoxNjQwODE1NTc3LCJqdGkiOiIzMmRiYzYxNS01ZmIzLTRiOWEtOWRkOC0zOGVjYzQ5MTMxOTIifQ.cj5YdbKq7ZA7nPhpxUWvhe7RUA4C1aw5p9KKAE1abGsddTQMT6JO4XczDxezBnt6Zx-yu0D957k-4DVCblUhZo4p9Jdsep08N_bBFy8zo0x_f4zLi85nRnkj5FT08tfzdwRgpc3oivENWqeHnSRjHzJD496YIiWoVS9WfPzguB06G88Mpwvc6Jan0sXltsjpVmyvBDXy3N5orUrXIRbWweAMFK4Zz1mjWU5C-mmw0NFncZmhgECv4ozkRafXJlhL_n9ToXBbmdOOggFIVruh1PemB40YawIefspNOZh4QGCYL9n6h4MAeEXe17ETV-pj9Ie_RUiGwESBlr5M2cNpjw
2021-12-29 22:06:18 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:06:18 SUCCESS
ValidateClientAssertionClaimsForPAREndpoint
Client Assertion passed all validation checks
2021-12-29 22:06:18 SUCCESS
ExtractRequestObjectFromPAREndpointRequest
Parsed request object
request_object
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1NTc4LCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOmxSalZrZmVvU0oiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiJhNTlmMzY1MS1mMzhkLTRlMTktYTE5OS1hZTBlNzI5N2VjYWUiLCJleHAiOjE2NDA4MTkxNzcsImlhdCI6MTY0MDgxNTU3NywiY29kZV9jaGFsbGVuZ2UiOiI1M2hYWWxCWVNJWHVXVWNCcWdTMzctbGFLd0xmT2VfWDNPRlI0U3NQbnMwIiwianRpIjoiNzE0YWE1YzMtMjdkZi00NzJkLWFlY2EtNDJlZjYwZmU3YzlhIn0.eUTFwIIChselcRzk5ZBtsmz6280EbelcFTulCkoVylcY3qERDzaLE8FDxcu3oz5jvGGywEB74XEau1U-4jQFhIbCiihP_1BVQ6qnzhbEUMXBn5kZcBq65K4z5lV53LFYp-AkBiRJpFbGjHWf4MqW9CrheTr-VTxBCIc3VA9FcRBo5Oxy7g6Bf12fsodGItLx4GPm691JiBN7I8xQ8GCcs0bKqdXsRVuuhAYOF0lUG4qK8IVC2tK3pHbtWA9RJ2wmPy90-gjbY-hVlFV3zENyi_C3twR17zAhM8kZ0FezvjkwwAl-n35jq54H_tPf2pewNv08dmdVFt-7nFZYqMI-nA",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "response_type": "code id_token",
    "code_challenge_method": "S256",
    "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
    "nbf": 1640815578,
    "scope": "accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "state": "a59f3651-f38d-4e19-a199-ae0e7297ecae",
    "exp": 1640819177,
    "iat": 1640815577,
    "code_challenge": "53hXYlBYSIXuWUcBqgS37-laKwLfOe_X3OFR4SsPns0",
    "jti": "714aa5c3-27df-472d-aeca-42ef60fe7c9a"
  }
}
2021-12-29 22:06:18 SUCCESS
EnsurePAREndpointRequestDoesNotContainRequestUriParameter
PAR endpoint request does not contain a request_uri parameter
2021-12-29 22:06:18 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2021-12-29 22:06:18 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2021-12-29 22:06:18
FAPIBrazilValidateRequestObjectIdTokenACRClaims
acr claim is not requested
2021-12-29 22:06:18 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Dec 29, 2021, 11:06:17 PM"
2021-12-29 22:06:18 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Dec 29, 2021, 10:06:18 PM"
now
"Dec 29, 2021, 10:06:18 PM"
2021-12-29 22:06:18
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2021-12-29 22:06:18 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2021-12-29 22:06:18 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2021-12-29 22:06:18 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2021-12-29 22:06:18 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2021-12-29 22:06:18 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1NTc4LCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOmxSalZrZmVvU0oiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiJhNTlmMzY1MS1mMzhkLTRlMTktYTE5OS1hZTBlNzI5N2VjYWUiLCJleHAiOjE2NDA4MTkxNzcsImlhdCI6MTY0MDgxNTU3NywiY29kZV9jaGFsbGVuZ2UiOiI1M2hYWWxCWVNJWHVXVWNCcWdTMzctbGFLd0xmT2VfWDNPRlI0U3NQbnMwIiwianRpIjoiNzE0YWE1YzMtMjdkZi00NzJkLWFlY2EtNDJlZjYwZmU3YzlhIn0.eUTFwIIChselcRzk5ZBtsmz6280EbelcFTulCkoVylcY3qERDzaLE8FDxcu3oz5jvGGywEB74XEau1U-4jQFhIbCiihP_1BVQ6qnzhbEUMXBn5kZcBq65K4z5lV53LFYp-AkBiRJpFbGjHWf4MqW9CrheTr-VTxBCIc3VA9FcRBo5Oxy7g6Bf12fsodGItLx4GPm691JiBN7I8xQ8GCcs0bKqdXsRVuuhAYOF0lUG4qK8IVC2tK3pHbtWA9RJ2wmPy90-gjbY-hVlFV3zENyi_C3twR17zAhM8kZ0FezvjkwwAl-n35jq54H_tPf2pewNv08dmdVFt-7nFZYqMI-nA
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 20470105991639945101333275222632884736574483865528906726892528525563191082183695260204312736582372939211055359067203803085750810655850954661951144951323156016175226041830645945715513868126850067392212624376671953805748628313454513795689104315557781181477191907644208938174263279538822216580366877482634997324327056726074955380834197509531619477599127660288830507703834432824311448281762320165839347904106371594443864070803621659794095259323351600661287063154929280227814731229282446194900829223861656310231284465453525094881675730459265540745017449257927239533034759013077714190534660553709869627625978272751475164353
  public exponent: 65537
2021-12-29 22:06:18 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
2021-12-29 22:06:18 SUCCESS
EnsureRequestObjectContainsCodeChallengeWhenUsingPAR
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
53hXYlBYSIXuWUcBqgS37-laKwLfOe_X3OFR4SsPns0
2021-12-29 22:06:18 SUCCESS
CreatePAREndpointResponse
Created PAR endpoint response
request_uri
urn:ietf:params:oauth:request_uri:47e782f7-ac1c-44f1-ba20-cd8d78f87947
expires_in
600
2021-12-29 22:06:18 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "request_uri": "urn:ietf:params:oauth:request_uri:47e782f7-ac1c-44f1-ba20-cd8d78f87947",
  "expires_in": 600
}
outgoing_path
par
2021-12-29 22:06:18 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "request_uri": "urn:ietf:params:oauth:request_uri:47e782f7-ac1c-44f1-ba20-cd8d78f87947",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "scope": "accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ",
  "response_type": "code id_token",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback"
}
incoming_body
2021-12-29 22:06:18 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2021-12-29 22:06:18 SUCCESS
EnsureAuthorizationRequestDoesNotContainRequestWhenUsingPAR
Request does not contain a request parameter
2021-12-29 22:06:18 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2021-12-29 22:06:18 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "scope": "accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ",
  "response_type": "code id_token",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "iss": "r3-1Pzx4eZFejFKvrCef_",
  "code_challenge_method": "S256",
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "nbf": 1640815578,
  "state": "a59f3651-f38d-4e19-a199-ae0e7297ecae",
  "exp": 1640819177,
  "iat": 1640815577,
  "code_challenge": "53hXYlBYSIXuWUcBqgS37-laKwLfOe_X3OFR4SsPns0",
  "jti": "714aa5c3-27df-472d-aeca-42ef60fe7c9a"
}
2021-12-29 22:06:18 SUCCESS
EnsureClientIdInAuthorizationRequestParametersMatchRequestObject
client_id http request parameter value matches client_id in request object
2021-12-29 22:06:18 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ
2021-12-29 22:06:18 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:lRjVkfeoSJ"
]
expected
consent:urn:conformance.oidf:lRjVkfeoSJ
2021-12-29 22:06:18 SUCCESS
EnsureScopeContainsAccounts
Found accounts scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:lRjVkfeoSJ"
]
2021-12-29 22:06:18 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2021-12-29 22:06:18 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:lRjVkfeoSJ"
]
expected
openid
2021-12-29 22:06:18 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
r3-1Pzx4eZFejFKvrCef_
2021-12-29 22:06:18 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO
2021-12-29 22:06:18 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
bb532597-9807-4f72-a080-b18dea574e93
2021-12-29 22:06:18 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
X7BHxBIM3zJnK3IjK0gi7g
2021-12-29 22:06:18 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
GYWIh_uqvFQKDLyECdDcyA
2021-12-29 22:06:18 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/recepcao-bv/
sub
user-subject-1234531
aud
r3-1Pzx4eZFejFKvrCef_
nonce
bb532597-9807-4f72-a080-b18dea574e93
iat
1640815578
exp
1640815878
2021-12-29 22:06:18
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2021-12-29 22:06:18 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
X7BHxBIM3zJnK3IjK0gi7g
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "iat": 1640815578,
  "exp": 1640815878,
  "c_hash": "X7BHxBIM3zJnK3IjK0gi7g"
}
2021-12-29 22:06:18 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
GYWIh_uqvFQKDLyECdDcyA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "iat": 1640815578,
  "exp": 1640815878,
  "c_hash": "X7BHxBIM3zJnK3IjK0gi7g",
  "s_hash": "GYWIh_uqvFQKDLyECdDcyA"
}
2021-12-29 22:06:18 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2021-12-29 22:06:18 SUCCESS
AddAudValueAsArrayToIdToken
Added the aud value as an array to ID token claims
aud
[
  "r3-1Pzx4eZFejFKvrCef_"
]
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": [
    "r3-1Pzx4eZFejFKvrCef_"
  ],
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "iat": 1640815578,
  "exp": 1640815878,
  "c_hash": "X7BHxBIM3zJnK3IjK0gi7g",
  "s_hash": "GYWIh_uqvFQKDLyECdDcyA"
}
2021-12-29 22:06:18 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2021-12-29 22:06:18 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6Ilg3Qkh4QklNM3pKbkszSWpLMGdpN2ciLCJzX2hhc2giOiJHWVdJaF91cXZGUUtETHlFQ2REY3lBIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTU4NzgsIm5vbmNlIjoiYmI1MzI1OTctOTgwNy00ZjcyLWEwODAtYjE4ZGVhNTc0ZTkzIiwiaWF0IjoxNjQwODE1NTc4fQ.LCTVVhOm5lvT_4Ighs06I7yXQHKcFi2hSexaG2rF81cVwCrRsN3nxk3qLVAUaJS9YKdL2FnUvSg-XactWitrG88lAbYeIE0ib_ixqqf6dZtdXKdyIJbKeOTak-AuFV8erN10hCkSPaAlqtL4Ohh1I9jyOBolRoP2S4hQCx3ALSryfXIHvq_2wAchAqI1rLM5CyC7aZ8G0bjAsvRe5Bigw0ePzFbYkUbK9ubYcns8d14Tv04gUyQz-jeYINQWnH8wcnEQHPnF5EudBi6SbtwMh8qW0M4gq4m8PW0vi0_CTO_XhMXGkdCehvRRntRdUtUI315Umz59LlczxFdTr-et1A
2021-12-29 22:06:18 SUCCESS
SignIdTokenBypassingNimbusChecks
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU3OCwiZXhwIjoxNjQwODE1ODc4LCJjX2hhc2giOiJYN0JIeEJJTTN6Sm5LM0lqSzBnaTdnIiwic19oYXNoIjoiR1lXSWhfdXF2RlFLREx5RUNkRGN5QSJ9.nqWYeJQ75WHa8vQNVoLkiHc7ZfvM9PTpOyR59OtC8KsyICBIP_fRWeZoRB3qHJhRV0pBSuImbF6Z5PDSxBKGIv63Bsl33CO76VNsO9FRS-YAthj6u-esNKk5Ss1eyOHqvm_N8Ze-97lbOKAtjgmNb1CVzDL533ecW-OTK-9lzLkzyEZbFnFd0AULpHOnP8r_ytDy6YYg46AATXIGV0a_u2OoReUAH3_tq0DN7zbAvrhdLJSYlXYXNKQPQ_Fdvq__eubroaUY28aaC5ffXksT5j4qp0LYtEKCnsk9hU66s5mmTxE3dzioTAwdyOUhRt9LjCvlMZQ9toFYRz21PPBpNw
2021-12-29 22:06:18 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance.oidf:lRjVkfeoSJ",
    "creationDateTime": "2021-12-29T22:06:13Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-29T22:06:18Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:06:13Z",
    "transactionFromDateTime": "2021-12-29T22:01:13Z",
    "transactionToDateTime": "2021-12-30T00:06:13Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:06:13Z"
  }
}
2021-12-29 22:06:18 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "a59f3651-f38d-4e19-a199-ae0e7297ecae"
}
2021-12-29 22:06:18 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "a59f3651-f38d-4e19-a199-ae0e7297ecae",
  "code": "eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO"
}
2021-12-29 22:06:18 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "a59f3651-f38d-4e19-a199-ae0e7297ecae",
  "code": "eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO",
  "id_token": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU3OCwiZXhwIjoxNjQwODE1ODc4LCJjX2hhc2giOiJYN0JIeEJJTTN6Sm5LM0lqSzBnaTdnIiwic19oYXNoIjoiR1lXSWhfdXF2RlFLREx5RUNkRGN5QSJ9.nqWYeJQ75WHa8vQNVoLkiHc7ZfvM9PTpOyR59OtC8KsyICBIP_fRWeZoRB3qHJhRV0pBSuImbF6Z5PDSxBKGIv63Bsl33CO76VNsO9FRS-YAthj6u-esNKk5Ss1eyOHqvm_N8Ze-97lbOKAtjgmNb1CVzDL533ecW-OTK-9lzLkzyEZbFnFd0AULpHOnP8r_ytDy6YYg46AATXIGV0a_u2OoReUAH3_tq0DN7zbAvrhdLJSYlXYXNKQPQ_Fdvq__eubroaUY28aaC5ffXksT5j4qp0LYtEKCnsk9hU66s5mmTxE3dzioTAwdyOUhRt9LjCvlMZQ9toFYRz21PPBpNw"
}
2021-12-29 22:06:18
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback#state=a59f3651-f38d-4e19-a199-ae0e7297ecae&code=eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO&id_token=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU3OCwiZXhwIjoxNjQwODE1ODc4LCJjX2hhc2giOiJYN0JIeEJJTTN6Sm5LM0lqSzBnaTdnIiwic19oYXNoIjoiR1lXSWhfdXF2RlFLREx5RUNkRGN5QSJ9.nqWYeJQ75WHa8vQNVoLkiHc7ZfvM9PTpOyR59OtC8KsyICBIP_fRWeZoRB3qHJhRV0pBSuImbF6Z5PDSxBKGIv63Bsl33CO76VNsO9FRS-YAthj6u-esNKk5Ss1eyOHqvm_N8Ze-97lbOKAtjgmNb1CVzDL533ecW-OTK-9lzLkzyEZbFnFd0AULpHOnP8r_ytDy6YYg46AATXIGV0a_u2OoReUAH3_tq0DN7zbAvrhdLJSYlXYXNKQPQ_Fdvq__eubroaUY28aaC5ffXksT5j4qp0LYtEKCnsk9hU66s5mmTxE3dzioTAwdyOUhRt9LjCvlMZQ9toFYRz21PPBpNw
2021-12-29 22:06:18 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback#state=a59f3651-f38d-4e19-a199-ae0e7297ecae&code=eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO&id_token=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU3OCwiZXhwIjoxNjQwODE1ODc4LCJjX2hhc2giOiJYN0JIeEJJTTN6Sm5LM0lqSzBnaTdnIiwic19oYXNoIjoiR1lXSWhfdXF2RlFLREx5RUNkRGN5QSJ9.nqWYeJQ75WHa8vQNVoLkiHc7ZfvM9PTpOyR59OtC8KsyICBIP_fRWeZoRB3qHJhRV0pBSuImbF6Z5PDSxBKGIv63Bsl33CO76VNsO9FRS-YAthj6u-esNKk5Ss1eyOHqvm_N8Ze-97lbOKAtjgmNb1CVzDL533ecW-OTK-9lzLkzyEZbFnFd0AULpHOnP8r_ytDy6YYg46AATXIGV0a_u2OoReUAH3_tq0DN7zbAvrhdLJSYlXYXNKQPQ_Fdvq__eubroaUY28aaC5ffXksT5j4qp0LYtEKCnsk9hU66s5mmTxE3dzioTAwdyOUhRt9LjCvlMZQ9toFYRz21PPBpNw]
outgoing_path
authorize
2021-12-29 22:06:19 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:06:19 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:06:19 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
outgoing_path
jwks
2021-12-29 22:06:20 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "content-length": "1375",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "code_verifier": "1BtTU_-gk_60Yhr1dKC_cmXItV7qq9gijh7~PzZ9ZkNaYiCSR5tKu-ivFG3S_GRVzSFaILwh6sDycEa2mJzn2UqKAB9MXnThYqU6fT.YOEkquTGG-vjklYuaX79DK8Av",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkZKbEY2VE9Cb0kzOHUyUk41UHRGSGRqWEN1amZDbEd5REZFUUQ3Q3hKNjQifQ.eyJpYXQiOjE2NDA4MTU1NzksImV4cCI6MTY0MDgxNTYzOSwianRpIjoibFNJY3FUQ25VMTRWNk1kVnEzOW8tT3I0Ym43ZkpCSXhPbldBTm5VbmRBWSIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsInN1YiI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6WyJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsImh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvcmVjZXBjYW8tYnYvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvcmVjZXBjYW8tYnYvdG9rZW4iXX0.OUSaRYUO-9sUMkbqA-4ivtRKT6GRBGDljG8ndZ03f0RA9SYKd--awiTjQpGT8P4VI__ckE9nJrZlLtwPthyc34XyAVF92ZEdenvvXqdVuIoDOIAcIM0ZcUuhBvVSG5wPxB1CUX8croFBZ2Y16yztxngod0a3O7eSbJSv1r5heIMJDKXmeFenekJzpQOwvyZegR_iXsyohSvnwMzFe9HxRGBtf_V_rVWn4mCQqyWhQQtqBMCYbuqaaIetMJg7TFS2MndaJc7uk6KhjWGJ-G3Jxe9ZZxtr6O53EsvO-DjIQZFIgA_G5Ose5EboPGNF6wy5HVqQBIrW1iBgg0aDWSShWg",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO&redirect_uri=https%3A%2F%2Fapi-qa.bvopen.com.br%2Freceptor-redirect%2Fv1%2Finternet-banking%2Fauthorize-callback&code_verifier=1BtTU_-gk_60Yhr1dKC_cmXItV7qq9gijh7%7EPzZ9ZkNaYiCSR5tKu-ivFG3S_GRVzSFaILwh6sDycEa2mJzn2UqKAB9MXnThYqU6fT.YOEkquTGG-vjklYuaX79DK8Av&client_id=r3-1Pzx4eZFejFKvrCef_&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkZKbEY2VE9Cb0kzOHUyUk41UHRGSGRqWEN1amZDbEd5REZFUUQ3Q3hKNjQifQ.eyJpYXQiOjE2NDA4MTU1NzksImV4cCI6MTY0MDgxNTYzOSwianRpIjoibFNJY3FUQ25VMTRWNk1kVnEzOW8tT3I0Ym43ZkpCSXhPbldBTm5VbmRBWSIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsInN1YiI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6WyJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsImh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvcmVjZXBjYW8tYnYvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvcmVjZXBjYW8tYnYvdG9rZW4iXX0.OUSaRYUO-9sUMkbqA-4ivtRKT6GRBGDljG8ndZ03f0RA9SYKd--awiTjQpGT8P4VI__ckE9nJrZlLtwPthyc34XyAVF92ZEdenvvXqdVuIoDOIAcIM0ZcUuhBvVSG5wPxB1CUX8croFBZ2Y16yztxngod0a3O7eSbJSv1r5heIMJDKXmeFenekJzpQOwvyZegR_iXsyohSvnwMzFe9HxRGBtf_V_rVWn4mCQqyWhQQtqBMCYbuqaaIetMJg7TFS2MndaJc7uk6KhjWGJ-G3Jxe9ZZxtr6O53EsvO-DjIQZFIgA_G5Ose5EboPGNF6wy5HVqQBIrW1iBgg0aDWSShWg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 22:06:20 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 22:06:20 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:06:20 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:06:20 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:06:20 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkZKbEY2VE9Cb0kzOHUyUk41UHRGSGRqWEN1amZDbEd5REZFUUQ3Q3hKNjQifQ.eyJpYXQiOjE2NDA4MTU1NzksImV4cCI6MTY0MDgxNTYzOSwianRpIjoibFNJY3FUQ25VMTRWNk1kVnEzOW8tT3I0Ym43ZkpCSXhPbldBTm5VbmRBWSIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsInN1YiI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6WyJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsImh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvcmVjZXBjYW8tYnYvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvcmVjZXBjYW8tYnYvdG9rZW4iXX0.OUSaRYUO-9sUMkbqA-4ivtRKT6GRBGDljG8ndZ03f0RA9SYKd--awiTjQpGT8P4VI__ckE9nJrZlLtwPthyc34XyAVF92ZEdenvvXqdVuIoDOIAcIM0ZcUuhBvVSG5wPxB1CUX8croFBZ2Y16yztxngod0a3O7eSbJSv1r5heIMJDKXmeFenekJzpQOwvyZegR_iXsyohSvnwMzFe9HxRGBtf_V_rVWn4mCQqyWhQQtqBMCYbuqaaIetMJg7TFS2MndaJc7uk6KhjWGJ-G3Jxe9ZZxtr6O53EsvO-DjIQZFIgA_G5Ose5EboPGNF6wy5HVqQBIrW1iBgg0aDWSShWg",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": [
      "https://www.certification.openid.net/test/a/recepcao-bv/",
      "https://www.certification.openid.net/test/a/recepcao-bv/token",
      "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token"
    ],
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640815639,
    "iat": 1640815579,
    "jti": "lSIcqTCnU14V6MdVq39o-Or4bn7fJBIxOnWANnUndAY"
  }
}
2021-12-29 22:06:20
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:06:20 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkZKbEY2VE9Cb0kzOHUyUk41UHRGSGRqWEN1amZDbEd5REZFUUQ3Q3hKNjQifQ.eyJpYXQiOjE2NDA4MTU1NzksImV4cCI6MTY0MDgxNTYzOSwianRpIjoibFNJY3FUQ25VMTRWNk1kVnEzOW8tT3I0Ym43ZkpCSXhPbldBTm5VbmRBWSIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsInN1YiI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6WyJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsImh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvcmVjZXBjYW8tYnYvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvcmVjZXBjYW8tYnYvdG9rZW4iXX0.OUSaRYUO-9sUMkbqA-4ivtRKT6GRBGDljG8ndZ03f0RA9SYKd--awiTjQpGT8P4VI__ckE9nJrZlLtwPthyc34XyAVF92ZEdenvvXqdVuIoDOIAcIM0ZcUuhBvVSG5wPxB1CUX8croFBZ2Y16yztxngod0a3O7eSbJSv1r5heIMJDKXmeFenekJzpQOwvyZegR_iXsyohSvnwMzFe9HxRGBtf_V_rVWn4mCQqyWhQQtqBMCYbuqaaIetMJg7TFS2MndaJc7uk6KhjWGJ-G3Jxe9ZZxtr6O53EsvO-DjIQZFIgA_G5Ose5EboPGNF6wy5HVqQBIrW1iBgg0aDWSShWg
2021-12-29 22:06:20 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:06:20 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 22:06:20 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO
2021-12-29 22:06:20 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
2021-12-29 22:06:20 SUCCESS
ValidateCodeVerifierWithS256
Validated code_verifier successfully
code_challenge_method
S256
code_verifier
1BtTU_-gk_60Yhr1dKC_cmXItV7qq9gijh7~PzZ9ZkNaYiCSR5tKu-ivFG3S_GRVzSFaILwh6sDycEa2mJzn2UqKAB9MXnThYqU6fT.YOEkquTGG-vjklYuaX79DK8Av
code_challenge
53hXYlBYSIXuWUcBqgS37-laKwLfOe_X3OFR4SsPns0
2021-12-29 22:06:20 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
gatfmFio9pKrrmOttOMbYbHwLvCnMl7GIGP8ciXCAaj0Gd2THj
2021-12-29 22:06:20 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
JuhMF5c7OILdL8I8aaGRhg
2021-12-29 22:06:20
CreateRefreshToken
Created refresh token
refresh_token
PNlqJlvTZLUcWibNAGyKtSRHezbOoUddqrKSOXKlRBCoDAHAkw6730837884%`}{'
2021-12-29 22:06:20 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/recepcao-bv/
sub
user-subject-1234531
aud
r3-1Pzx4eZFejFKvrCef_
nonce
bb532597-9807-4f72-a080-b18dea574e93
iat
1640815580
exp
1640815880
2021-12-29 22:06:20
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2021-12-29 22:06:20 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
JuhMF5c7OILdL8I8aaGRhg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "iat": 1640815580,
  "exp": 1640815880,
  "at_hash": "JuhMF5c7OILdL8I8aaGRhg"
}
2021-12-29 22:06:20 SUCCESS
AddAudValueAsArrayToIdToken
Added the aud value as an array to ID token claims
aud
[
  "r3-1Pzx4eZFejFKvrCef_"
]
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": [
    "r3-1Pzx4eZFejFKvrCef_"
  ],
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "iat": 1640815580,
  "exp": 1640815880,
  "at_hash": "JuhMF5c7OILdL8I8aaGRhg"
}
2021-12-29 22:06:20 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2021-12-29 22:06:20 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiSnVoTUY1YzdPSUxkTDhJOGFhR1JoZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTU4ODAsIm5vbmNlIjoiYmI1MzI1OTctOTgwNy00ZjcyLWEwODAtYjE4ZGVhNTc0ZTkzIiwiaWF0IjoxNjQwODE1NTgwfQ.VgR_3sj4wKIiwUpHu2-4LYO_R74bMWNzo5Ah0lKau-KNfFj-ttvhPq_bULxxgFJdmvvKrC7GvSNMXHxc1OJJ7YHD_zSDC8wGhjZt6ysqb-uR7BjNPZ5VAeg8GljYiFrrxDqhC4x0GkpkdueCO0UW_6DxOoIJiRuid1G0X_7itv3aZg5UHzWN2Dnn2ERhZic3WlWz1HlHc21glUpVDZPbCJQ_vBRcmkcDeMUIz4DsJ5qMpLOejbowUzctDoMKNocQVkvn77s6v14S7GLllywIHpKWdvpjfVmNMglH5T8YFhyEJVjHJU8UIObjg1MfRMkJLIZr1cfL-GJyTKsefqbYow
2021-12-29 22:06:20 SUCCESS
SignIdTokenBypassingNimbusChecks
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU4MCwiZXhwIjoxNjQwODE1ODgwLCJhdF9oYXNoIjoiSnVoTUY1YzdPSUxkTDhJOGFhR1JoZyJ9.YyiPbLVk3eB5P92a296m3BHd3UQ_OpfuGx4NZZnxW1cjBa2gfw8AGInTSO62IDlW0ZMsAIgX7Ngw9QNuIhtA-9LQnx-ns3qXU_ywgPKJlHgcsN32yilObLXFYZD4zM0LXEbusiRepSkqIuRjnWxd5mPmtiHIpGeG2RpjmSyOFyp8fgqpOcSrMv8wlsmRe8teanSNwknFDOXUTs0szXOdywFJ8_xW4Ho5FtWQHAlXHKxNRwxp0_Gy0CtB_AALYVDfdpJ5dobkIosRiV-X99PbtrJHygPxnAwhHZqg_rOW0fdYUxvCVVaKY6hHOdmmccWuTOCTiE6jYm7W3Sx792a26A
2021-12-29 22:06:20 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
gatfmFio9pKrrmOttOMbYbHwLvCnMl7GIGP8ciXCAaj0Gd2THj
token_type
Bearer
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU4MCwiZXhwIjoxNjQwODE1ODgwLCJhdF9oYXNoIjoiSnVoTUY1YzdPSUxkTDhJOGFhR1JoZyJ9.YyiPbLVk3eB5P92a296m3BHd3UQ_OpfuGx4NZZnxW1cjBa2gfw8AGInTSO62IDlW0ZMsAIgX7Ngw9QNuIhtA-9LQnx-ns3qXU_ywgPKJlHgcsN32yilObLXFYZD4zM0LXEbusiRepSkqIuRjnWxd5mPmtiHIpGeG2RpjmSyOFyp8fgqpOcSrMv8wlsmRe8teanSNwknFDOXUTs0szXOdywFJ8_xW4Ho5FtWQHAlXHKxNRwxp0_Gy0CtB_AALYVDfdpJ5dobkIosRiV-X99PbtrJHygPxnAwhHZqg_rOW0fdYUxvCVVaKY6hHOdmmccWuTOCTiE6jYm7W3Sx792a26A
refresh_token
PNlqJlvTZLUcWibNAGyKtSRHezbOoUddqrKSOXKlRBCoDAHAkw6730837884%`}{'
scope
accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ
2021-12-29 22:06:20 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "gatfmFio9pKrrmOttOMbYbHwLvCnMl7GIGP8ciXCAaj0Gd2THj",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU4MCwiZXhwIjoxNjQwODE1ODgwLCJhdF9oYXNoIjoiSnVoTUY1YzdPSUxkTDhJOGFhR1JoZyJ9.YyiPbLVk3eB5P92a296m3BHd3UQ_OpfuGx4NZZnxW1cjBa2gfw8AGInTSO62IDlW0ZMsAIgX7Ngw9QNuIhtA-9LQnx-ns3qXU_ywgPKJlHgcsN32yilObLXFYZD4zM0LXEbusiRepSkqIuRjnWxd5mPmtiHIpGeG2RpjmSyOFyp8fgqpOcSrMv8wlsmRe8teanSNwknFDOXUTs0szXOdywFJ8_xW4Ho5FtWQHAlXHKxNRwxp0_Gy0CtB_AALYVDfdpJ5dobkIosRiV-X99PbtrJHygPxnAwhHZqg_rOW0fdYUxvCVVaKY6hHOdmmccWuTOCTiE6jYm7W3Sx792a26A",
  "refresh_token": "PNlqJlvTZLUcWibNAGyKtSRHezbOoUddqrKSOXKlRBCoDAHAkw6730837884%`}{\u0027",
  "scope": "accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ"
}
outgoing_path
token
2021-12-29 22:06:22 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:06:22 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:06:22 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:06:23 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "1175",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO",
  "code_verifier": "1BtTU_-gk_60Yhr1dKC_cmXItV7qq9gijh7~PzZ9ZkNaYiCSR5tKu-ivFG3S_GRVzSFaILwh6sDycEa2mJzn2UqKAB9MXnThYqU6fT.YOEkquTGG-vjklYuaX79DK8Av",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU4ODIsImlhdCI6MTY0MDgxNTU4MiwianRpIjoiOTFiNGIzOWMtMWEzMS00ODBiLWFhYTAtODdmYTVhZWRjNjU2In0.Ff8e5qHTwWIw14t-UiUq78hBE4hw91WjsDWMJq3_0dv-USbVQD2PESI4cfG7e_QHMchi0PDDlgl6Slr8vRa8wGbxU8pZgdwiL4LvdNjCjZOSpcTgCKFGqXyZyHa1Kw9oeIeuWipW35NRHS2YP3kfOkZCRCbILYisBXmkgO71lMY-3BBZIAs9OFTdzKgCqa7VF8Co_zNsACUmyJOBjXQKlUbQLTLv-r8vBnhxJetTHavudaBwsMIkLewvkOj-tf-nWwq8nDHQUTTgdbPvzh3Z4LUcLE4994IdTW9ZrH6NjEifVA2IkhTa6JrmgG8WBgh4GjraJ0VoJivMqTysCTNl_A",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO&code_verifier=1BtTU_-gk_60Yhr1dKC_cmXItV7qq9gijh7%7EPzZ9ZkNaYiCSR5tKu-ivFG3S_GRVzSFaILwh6sDycEa2mJzn2UqKAB9MXnThYqU6fT.YOEkquTGG-vjklYuaX79DK8Av&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU4ODIsImlhdCI6MTY0MDgxNTU4MiwianRpIjoiOTFiNGIzOWMtMWEzMS00ODBiLWFhYTAtODdmYTVhZWRjNjU2In0.Ff8e5qHTwWIw14t-UiUq78hBE4hw91WjsDWMJq3_0dv-USbVQD2PESI4cfG7e_QHMchi0PDDlgl6Slr8vRa8wGbxU8pZgdwiL4LvdNjCjZOSpcTgCKFGqXyZyHa1Kw9oeIeuWipW35NRHS2YP3kfOkZCRCbILYisBXmkgO71lMY-3BBZIAs9OFTdzKgCqa7VF8Co_zNsACUmyJOBjXQKlUbQLTLv-r8vBnhxJetTHavudaBwsMIkLewvkOj-tf-nWwq8nDHQUTTgdbPvzh3Z4LUcLE4994IdTW9ZrH6NjEifVA2IkhTa6JrmgG8WBgh4GjraJ0VoJivMqTysCTNl_A&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&redirect_uri=https%3A%2F%2Fapi-qa.bvopen.com.br%2Freceptor-redirect%2Fv1%2Finternet-banking%2Fauthorize-callback
2021-12-29 22:06:23 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 22:06:23 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:06:23 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:06:23 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:06:23 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU4ODIsImlhdCI6MTY0MDgxNTU4MiwianRpIjoiOTFiNGIzOWMtMWEzMS00ODBiLWFhYTAtODdmYTVhZWRjNjU2In0.Ff8e5qHTwWIw14t-UiUq78hBE4hw91WjsDWMJq3_0dv-USbVQD2PESI4cfG7e_QHMchi0PDDlgl6Slr8vRa8wGbxU8pZgdwiL4LvdNjCjZOSpcTgCKFGqXyZyHa1Kw9oeIeuWipW35NRHS2YP3kfOkZCRCbILYisBXmkgO71lMY-3BBZIAs9OFTdzKgCqa7VF8Co_zNsACUmyJOBjXQKlUbQLTLv-r8vBnhxJetTHavudaBwsMIkLewvkOj-tf-nWwq8nDHQUTTgdbPvzh3Z4LUcLE4994IdTW9ZrH6NjEifVA2IkhTa6JrmgG8WBgh4GjraJ0VoJivMqTysCTNl_A",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640815882,
    "iat": 1640815582,
    "jti": "91b4b39c-1a31-480b-aaa0-87fa5aedc656"
  }
}
2021-12-29 22:06:23
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:06:23 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU4ODIsImlhdCI6MTY0MDgxNTU4MiwianRpIjoiOTFiNGIzOWMtMWEzMS00ODBiLWFhYTAtODdmYTVhZWRjNjU2In0.Ff8e5qHTwWIw14t-UiUq78hBE4hw91WjsDWMJq3_0dv-USbVQD2PESI4cfG7e_QHMchi0PDDlgl6Slr8vRa8wGbxU8pZgdwiL4LvdNjCjZOSpcTgCKFGqXyZyHa1Kw9oeIeuWipW35NRHS2YP3kfOkZCRCbILYisBXmkgO71lMY-3BBZIAs9OFTdzKgCqa7VF8Co_zNsACUmyJOBjXQKlUbQLTLv-r8vBnhxJetTHavudaBwsMIkLewvkOj-tf-nWwq8nDHQUTTgdbPvzh3Z4LUcLE4994IdTW9ZrH6NjEifVA2IkhTa6JrmgG8WBgh4GjraJ0VoJivMqTysCTNl_A
2021-12-29 22:06:23 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:06:23 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 22:06:23 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
eLQl8Mbda9tGoliHqKrgM4t5n9K5OrwO
2021-12-29 22:06:23 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
2021-12-29 22:06:23 SUCCESS
ValidateCodeVerifierWithS256
Validated code_verifier successfully
code_challenge_method
S256
code_verifier
1BtTU_-gk_60Yhr1dKC_cmXItV7qq9gijh7~PzZ9ZkNaYiCSR5tKu-ivFG3S_GRVzSFaILwh6sDycEa2mJzn2UqKAB9MXnThYqU6fT.YOEkquTGG-vjklYuaX79DK8Av
code_challenge
53hXYlBYSIXuWUcBqgS37-laKwLfOe_X3OFR4SsPns0
2021-12-29 22:06:23 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
QuSLuSz5kRlroRSQHSFBJraf8rwLkLKekZqSrSzTl1GdOCxFlx
2021-12-29 22:06:23 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
BqhqXDTPA2n_rySxNjNWMA
2021-12-29 22:06:23
CreateRefreshToken
Created refresh token
refresh_token
uiwLczkFIltKvijlsKmTXlfpzknzEzikPByLrAOGMxOoHQPuyF6325171655-!)`.
2021-12-29 22:06:23 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/recepcao-bv/
sub
user-subject-1234531
aud
r3-1Pzx4eZFejFKvrCef_
nonce
bb532597-9807-4f72-a080-b18dea574e93
iat
1640815583
exp
1640815883
2021-12-29 22:06:23
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2021-12-29 22:06:23 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
BqhqXDTPA2n_rySxNjNWMA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "iat": 1640815583,
  "exp": 1640815883,
  "at_hash": "BqhqXDTPA2n_rySxNjNWMA"
}
2021-12-29 22:06:23 SUCCESS
AddAudValueAsArrayToIdToken
Added the aud value as an array to ID token claims
aud
[
  "r3-1Pzx4eZFejFKvrCef_"
]
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": [
    "r3-1Pzx4eZFejFKvrCef_"
  ],
  "nonce": "bb532597-9807-4f72-a080-b18dea574e93",
  "iat": 1640815583,
  "exp": 1640815883,
  "at_hash": "BqhqXDTPA2n_rySxNjNWMA"
}
2021-12-29 22:06:23 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2021-12-29 22:06:23 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiQnFocVhEVFBBMm5fcnlTeE5qTldNQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTU4ODMsIm5vbmNlIjoiYmI1MzI1OTctOTgwNy00ZjcyLWEwODAtYjE4ZGVhNTc0ZTkzIiwiaWF0IjoxNjQwODE1NTgzfQ.dIcGI1iBTVm7J-DRnyBJmdKoFvN98hU52StZC8wxq7kWiCfu0J6tOprVQYOnr4-ZxR-ChHNFJqWSCFD4e9AmlE9E8PeT3QtYHO9d31Zno0zj4BuVAkGqt1pzMvA0EXoMhNe8GaKKZpMQgwrXWsxUt-2pTeqwkR1TWHjKkHJ3auxag4w_UlK-fdJH0KO98tS9fSdtyhMIT9hibQYQV7PGE_hSLiF2i3lPS3eQHepi3ZKGo0SuVFLlUdRhAEFDxvmM5x1-xLlw6fwsvyZrOgVjArf2jD94Mgo9zXvl5-x67NG6e725kcOdMvf0sTcS6nvgR0_YsWfzLGO0VMg9wVObmQ
2021-12-29 22:06:23 SUCCESS
SignIdTokenBypassingNimbusChecks
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU4MywiZXhwIjoxNjQwODE1ODgzLCJhdF9oYXNoIjoiQnFocVhEVFBBMm5fcnlTeE5qTldNQSJ9.W4OU8DiUe2U9oX6qQt0GcLp0U8esywL1r52vuh_synXBQltZf7Y1z9EkgERnwnjVd5O0nlphlBeJnUhNmg1ksZnUABsDDaNIth4mNi25u-Yv8w23hNRgQprpoO9dakiYxi1bL_HvhIW6Etlm7RC_GNDqW5oC0isnixnpzbzHTF8i3JH6uVIVk7Z0mVG20zo0Ows8j1wCqi5aVdavCvX7RBxrrfRCU2WhaNHtt0HQmHQiITEcLM39T12ABIQ8bMW3TgVrk_EpVc8nRmVm_6_gIpANtiY-SuiiTISVROvZ7rUW-9LlFkXJGLRcNpol69v4jvK4I-4DozH-zCuMyeUVyQ
2021-12-29 22:06:23 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
QuSLuSz5kRlroRSQHSFBJraf8rwLkLKekZqSrSzTl1GdOCxFlx
token_type
Bearer
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU4MywiZXhwIjoxNjQwODE1ODgzLCJhdF9oYXNoIjoiQnFocVhEVFBBMm5fcnlTeE5qTldNQSJ9.W4OU8DiUe2U9oX6qQt0GcLp0U8esywL1r52vuh_synXBQltZf7Y1z9EkgERnwnjVd5O0nlphlBeJnUhNmg1ksZnUABsDDaNIth4mNi25u-Yv8w23hNRgQprpoO9dakiYxi1bL_HvhIW6Etlm7RC_GNDqW5oC0isnixnpzbzHTF8i3JH6uVIVk7Z0mVG20zo0Ows8j1wCqi5aVdavCvX7RBxrrfRCU2WhaNHtt0HQmHQiITEcLM39T12ABIQ8bMW3TgVrk_EpVc8nRmVm_6_gIpANtiY-SuiiTISVROvZ7rUW-9LlFkXJGLRcNpol69v4jvK4I-4DozH-zCuMyeUVyQ
refresh_token
uiwLczkFIltKvijlsKmTXlfpzknzEzikPByLrAOGMxOoHQPuyF6325171655-!)`.
scope
accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ
2021-12-29 22:06:23 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "QuSLuSz5kRlroRSQHSFBJraf8rwLkLKekZqSrSzTl1GdOCxFlx",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjpbInIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyJdLCJub25jZSI6ImJiNTMyNTk3LTk4MDctNGY3Mi1hMDgwLWIxOGRlYTU3NGU5MyIsImlhdCI6MTY0MDgxNTU4MywiZXhwIjoxNjQwODE1ODgzLCJhdF9oYXNoIjoiQnFocVhEVFBBMm5fcnlTeE5qTldNQSJ9.W4OU8DiUe2U9oX6qQt0GcLp0U8esywL1r52vuh_synXBQltZf7Y1z9EkgERnwnjVd5O0nlphlBeJnUhNmg1ksZnUABsDDaNIth4mNi25u-Yv8w23hNRgQprpoO9dakiYxi1bL_HvhIW6Etlm7RC_GNDqW5oC0isnixnpzbzHTF8i3JH6uVIVk7Z0mVG20zo0Ows8j1wCqi5aVdavCvX7RBxrrfRCU2WhaNHtt0HQmHQiITEcLM39T12ABIQ8bMW3TgVrk_EpVc8nRmVm_6_gIpANtiY-SuiiTISVROvZ7rUW-9LlFkXJGLRcNpol69v4jvK4I-4DozH-zCuMyeUVyQ",
  "refresh_token": "uiwLczkFIltKvijlsKmTXlfpzknzEzikPByLrAOGMxOoHQPuyF6325171655-!)`.",
  "scope": "accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ"
}
outgoing_path
token
2021-12-29 22:06:25 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ",
  "x-fapi-interaction-id": "c7213b16-ad5b-44d8-bf7d-e6d18190bf47",
  "x-fapi-customer-ip-address": "1.1.1.1",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/consents/v1/consents/urn:conformance.oidf:lRjVkfeoSJ
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:06:25 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Get consent endpoint
2021-12-29 22:06:25 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:06:25 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:06:25 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:06:25 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-29 22:06:25 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ
2021-12-29 22:06:25 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
K1fE4h2KZVV5QTrSdeNyuwkj8f7jx6poJJs55nP4UIrHeQJCYQ
2021-12-29 22:06:25 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2021-12-29 22:06:25 SUCCESS
ExtractFapiIpAddressHeader
Found a FAPI ip address header
fapi_customer_ip_address
1.1.1.1
addr
1.1.1.1
2021-12-29 22:06:25 SUCCESS
ExtractFapiInteractionIdHeader
Found a FAPI interaction ID header
fapi_interaction_id
c7213b16-ad5b-44d8-bf7d-e6d18190bf47
2021-12-29 22:06:25 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
c7213b16-ad5b-44d8-bf7d-e6d18190bf47
2021-12-29 22:06:25 SUCCESS
FAPIBrazilGenerateGetConsentResponse
Created consent response
response
{
  "data": {
    "consentId": "urn:conformance.oidf:lRjVkfeoSJ",
    "creationDateTime": "2021-12-29T22:06:13Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-29T22:06:18Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:06:13Z",
    "transactionFromDateTime": "2021-12-29T22:01:13Z",
    "transactionToDateTime": "2021-12-30T00:06:13Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:06:25Z"
  }
}
2021-12-29 22:06:25
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-29 22:06:25 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{
  "x-fapi-interaction-id": [
    "348f77b8-d847-48fa-acdc-24d958eb0984"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:lRjVkfeoSJ",
    "creationDateTime": "2021-12-29T22:06:13Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-29T22:06:18Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:06:13Z",
    "transactionFromDateTime": "2021-12-29T22:01:13Z",
    "transactionToDateTime": "2021-12-30T00:06:13Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:06:13Z"
  }
}
outgoing_path
consents/v1/consents/urn:conformance.oidf:lRjVkfeoSJ
2021-12-29 22:06:27 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to test instance 41NYTOrTMCAl0g0
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer QuSLuSz5kRlroRSQHSFBJraf8rwLkLKekZqSrSzTl1GdOCxFlx",
  "x-fapi-interaction-id": "c077948d-1ed8-4026-983f-5720dd8f4a95",
  "x-fapi-auth-date": "Wed, 29 Dec 2021 21:36:26 GMT",
  "x-fapi-customer-ip-address": "1.1.1.1",
  "x-customer-user-agent": "",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/accounts/v1/accounts
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:06:27 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Accounts endpoint
2021-12-29 22:06:27 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:06:27 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:06:27 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:06:27 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-29 22:06:27 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
QuSLuSz5kRlroRSQHSFBJraf8rwLkLKekZqSrSzTl1GdOCxFlx
2021-12-29 22:06:27 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
QuSLuSz5kRlroRSQHSFBJraf8rwLkLKekZqSrSzTl1GdOCxFlx
2021-12-29 22:06:27 SUCCESS
ExtractFapiDateHeader
Found a FAPI auth date header
fapi_auth_date
Wed, 29 Dec 2021 21:36:26 GMT
2021-12-29 22:06:27 SUCCESS
ExtractFapiIpAddressHeader
Found a FAPI ip address header
fapi_customer_ip_address
1.1.1.1
addr
1.1.1.1
2021-12-29 22:06:27 SUCCESS
ExtractFapiInteractionIdHeader
Found a FAPI interaction ID header
fapi_interaction_id
c077948d-1ed8-4026-983f-5720dd8f4a95
2021-12-29 22:06:27 SUCCESS
FAPIBrazilEnsureAuthorizationRequestScopesContainAccounts
'accounts' was included in authorization request scopes
actual
accounts openid consent:urn:conformance.oidf:lRjVkfeoSJ
expected
accounts
2021-12-29 22:06:27 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
c077948d-1ed8-4026-983f-5720dd8f4a95
2021-12-29 22:06:27 SUCCESS
CreateFAPIAccountEndpointResponse
Created account response object
accounts_endpoint_response
{
  "conformance-test-finished": "true"
}
accounts_endpoint_response_headers
{
  "x-fapi-interaction-id": "c077948d-1ed8-4026-983f-5720dd8f4a95",
  "content-type": "application/json; charset\u003dUTF-8"
}
2021-12-29 22:06:27 SUCCESS
CreateBrazilAccountsEndpointResponse
Created Brazil accounts response (Please note that this is a hardcoded response copied from API documentation)
accounts_endpoint_response
{
  "data": [
    {
      "brandName": "Organização A",
      "companyCnpj": "21128159000166",
      "type": "CONTA_DEPOSITO_A_VISTA",
      "compeCode": "001",
      "branchCode": "6272",
      "number": "94088392",
      "checkDigit": "4",
      "accountId": "92792126019929279212650822221989319252576"
    }
  ],
  "links": {
    "self": "https://api.banco.com.br/open-banking/api/v1/resource",
    "first": "https://api.banco.com.br/open-banking/api/v1/resource",
    "prev": "https://api.banco.com.br/open-banking/api/v1/resource",
    "next": "https://api.banco.com.br/open-banking/api/v1/resource",
    "last": "https://api.banco.com.br/open-banking/api/v1/resource"
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:06:27Z"
  }
}
accounts_endpoint_response_headers
{
  "x-fapi-interaction-id": "c077948d-1ed8-4026-983f-5720dd8f4a95",
  "content-type": "application/json"
}
2021-12-29 22:06:27
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-29 22:06:27 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 41NYTOrTMCAl0g0
outgoing_status_code
200
outgoing_headers
{
  "x-fapi-interaction-id": [
    "c077948d-1ed8-4026-983f-5720dd8f4a95"
  ],
  "content-type": [
    "application/json"
  ]
}
outgoing_body
{
  "data": [
    {
      "brandName": "Organização A",
      "companyCnpj": "21128159000166",
      "type": "CONTA_DEPOSITO_A_VISTA",
      "compeCode": "001",
      "branchCode": "6272",
      "number": "94088392",
      "checkDigit": "4",
      "accountId": "92792126019929279212650822221989319252576"
    }
  ],
  "links": {
    "self": "https://api.banco.com.br/open-banking/api/v1/resource",
    "first": "https://api.banco.com.br/open-banking/api/v1/resource",
    "prev": "https://api.banco.com.br/open-banking/api/v1/resource",
    "next": "https://api.banco.com.br/open-banking/api/v1/resource",
    "last": "https://api.banco.com.br/open-banking/api/v1/resource"
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:06:27Z"
  }
}
outgoing_path
accounts/v1/accounts
2021-12-29 22:06:27 FINISHED
fapi1-advanced-final-client-test-valid-aud-as-array
Test has run to completion
testmodule_result
PASSED
2021-12-29 22:06:31
TEST-RUNNER
Alias has now been claimed by another test
alias
recepcao-bv
new_test_id
8QpARwLdnPvpk76
Test Results