Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-12-29 21:58:47 INFO
TEST-RUNNER
Test instance 8ef6viRNgMdxSap created
baseUrl
https://www.certification.openid.net/test/a/recepcao-bv
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "pushed",
  "fapi_profile": "openbanking_brazil",
  "fapi_jarm_type": "oidc",
  "fapi_response_mode": "plain_response"
}
alias
recepcao-bv
description
Banco Votorantim - Relying Party
planId
DooYPU0i7G1JD
config
{
  "alias": "recepcao-bv",
  "description": "Banco Votorantim - Relying Party",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
          "kty": "RSA",
          "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
          "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "RSA-OAEP",
          "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
          "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
          "alg": "RSA-OAEP",
          "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
          "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
        },
        {
          "kty": "RSA",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB",
          "alg": "PS256",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
          "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
          "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
          "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
          "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
          "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo"
        }
      ]
    }
  },
  "client": {
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "certificate": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB"
        }
      ]
    }
  },
  "client2": {
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "certificate": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB"
        },
        {
          "e": "AQAB",
          "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
          "kty": "RSA",
          "kid": "RSA-OAEP",
          "alg": "RSA-OAEP",
          "use": "enc"
        }
      ]
    },
    "id_token_encrypted_response_enc": "A256GCM"
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-test-invalid-signature
2021-12-29 21:58:47 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/recepcao-bv/
discoveryUrl
https://www.certification.openid.net/test/a/recepcao-bv/.well-known/openid-configuration
2021-12-29 21:58:47 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
      "kty": "RSA",
      "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
      "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo",
      "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
      "alg": "PS256",
      "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 21:58:47 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 21:58:47
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2021-12-29 21:58:47
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2021-12-29 21:58:47
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2021-12-29 21:58:47
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2021-12-29 21:58:47
SetTokenEndpointAuthMethodsSupportedToPrivateKeyJWTOnly
Changed token_endpoint_auth_methods_supported to private_key_jwt only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ]
}
2021-12-29 21:58:47
AddPushedAuthorizationRequestEndpointToServerConfig
Added pushed_authorization_request_endpoint to server configuration
endpoint
https://www.certification.openid.net/test/a/recepcao-bv/par
2021-12-29 21:58:47
AddRequirePushedAuthorizationRequestsToServerConfig
Added require_pushed_authorization_requests to server configuration
value
true
2021-12-29 21:58:47 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2021-12-29 21:58:47 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2021-12-29 21:58:47 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-12-29 21:58:47 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
      "kty": "RSA",
      "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
      "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo",
      "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
      "alg": "PS256",
      "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 21:58:47 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2021-12-29 21:58:47 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
r3-1Pzx4eZFejFKvrCef_
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
certificate
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
2021-12-29 21:58:47 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 21:58:47 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 21:58:47 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-29 21:58:47 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-29 21:58:47 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
Verify configuration of second client
2021-12-29 21:58:47 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
r3-1Pzx4eZFejFKvrCef_
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
id_token_encrypted_response_alg
RSA-OAEP
certificate
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
id_token_encrypted_response_enc
A256GCM
2021-12-29 21:58:47 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 21:58:47 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    }
  ]
}
2021-12-29 21:58:47 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-29 21:58:47 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-29 21:58:47 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
2021-12-29 21:58:47
fapi1-advanced-final-client-test-invalid-signature
Setup Done
2021-12-29 21:59:03 INCOMING
fapi1-advanced-final-client-test-invalid-signature
Incoming HTTP request to test instance 8ef6viRNgMdxSap
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 21:59:03 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 21:59:03 OUTGOING
fapi1-advanced-final-client-test-invalid-signature
Response to HTTP request to test instance 8ef6viRNgMdxSap
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 21:59:05 INCOMING
fapi1-advanced-final-client-test-invalid-signature
Incoming HTTP request to test instance 8ef6viRNgMdxSap
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 21:59:05 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 21:59:05 OUTGOING
fapi1-advanced-final-client-test-invalid-signature
Response to HTTP request to test instance 8ef6viRNgMdxSap
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 21:59:06 INCOMING
fapi1-advanced-final-client-test-invalid-signature
Incoming HTTP request to test instance 8ef6viRNgMdxSap
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "894",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "grant_type": "client_credentials",
  "scope": "consents",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU0NDUsImlhdCI6MTY0MDgxNTE0NSwianRpIjoiYzZlY2MyOWEtODE4NC00ZTc0LWE5YzctYTkxODdlZjY2ODViIn0.VIACvpwv3OpwPmZjAdTkiMRd1GW3KSL9qmVI5m8FEAYADHyypu3dZQu4FUo7UdOGEoop14qtXCG12lRk88V7xFUpSw5DnitUpUYb1p8FnJSPuRUvzIJ-AKuMSMG9upY376vaCi1i53gHSzSyx3AUj4fWe5PXVi7-9XWIRKyHIjO8y53gpNBGHlK1995JjCtuuYNaMMJknDcbVMwTj4LP5segW2932-S9R3g8wI-qE18zuw0jImfnLpne7uEu7vKegBkMTnb2zz-58bnR--z8uUpgcxmEunyizXbtdTiq2IwjETcIvodEKm7VgqI7pfQRt4smnDKUMcDB8WSNjcT_7A",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=client_credentials&scope=consents&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU0NDUsImlhdCI6MTY0MDgxNTE0NSwianRpIjoiYzZlY2MyOWEtODE4NC00ZTc0LWE5YzctYTkxODdlZjY2ODViIn0.VIACvpwv3OpwPmZjAdTkiMRd1GW3KSL9qmVI5m8FEAYADHyypu3dZQu4FUo7UdOGEoop14qtXCG12lRk88V7xFUpSw5DnitUpUYb1p8FnJSPuRUvzIJ-AKuMSMG9upY376vaCi1i53gHSzSyx3AUj4fWe5PXVi7-9XWIRKyHIjO8y53gpNBGHlK1995JjCtuuYNaMMJknDcbVMwTj4LP5segW2932-S9R3g8wI-qE18zuw0jImfnLpne7uEu7vKegBkMTnb2zz-58bnR--z8uUpgcxmEunyizXbtdTiq2IwjETcIvodEKm7VgqI7pfQRt4smnDKUMcDB8WSNjcT_7A&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 21:59:06 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 21:59:06 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 21:59:06 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 21:59:06 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 21:59:06 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU0NDUsImlhdCI6MTY0MDgxNTE0NSwianRpIjoiYzZlY2MyOWEtODE4NC00ZTc0LWE5YzctYTkxODdlZjY2ODViIn0.VIACvpwv3OpwPmZjAdTkiMRd1GW3KSL9qmVI5m8FEAYADHyypu3dZQu4FUo7UdOGEoop14qtXCG12lRk88V7xFUpSw5DnitUpUYb1p8FnJSPuRUvzIJ-AKuMSMG9upY376vaCi1i53gHSzSyx3AUj4fWe5PXVi7-9XWIRKyHIjO8y53gpNBGHlK1995JjCtuuYNaMMJknDcbVMwTj4LP5segW2932-S9R3g8wI-qE18zuw0jImfnLpne7uEu7vKegBkMTnb2zz-58bnR--z8uUpgcxmEunyizXbtdTiq2IwjETcIvodEKm7VgqI7pfQRt4smnDKUMcDB8WSNjcT_7A",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640815445,
    "iat": 1640815145,
    "jti": "c6ecc29a-8184-4e74-a9c7-a9187ef6685b"
  }
}
2021-12-29 21:59:06
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 21:59:06 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTU0NDUsImlhdCI6MTY0MDgxNTE0NSwianRpIjoiYzZlY2MyOWEtODE4NC00ZTc0LWE5YzctYTkxODdlZjY2ODViIn0.VIACvpwv3OpwPmZjAdTkiMRd1GW3KSL9qmVI5m8FEAYADHyypu3dZQu4FUo7UdOGEoop14qtXCG12lRk88V7xFUpSw5DnitUpUYb1p8FnJSPuRUvzIJ-AKuMSMG9upY376vaCi1i53gHSzSyx3AUj4fWe5PXVi7-9XWIRKyHIjO8y53gpNBGHlK1995JjCtuuYNaMMJknDcbVMwTj4LP5segW2932-S9R3g8wI-qE18zuw0jImfnLpne7uEu7vKegBkMTnb2zz-58bnR--z8uUpgcxmEunyizXbtdTiq2IwjETcIvodEKm7VgqI7pfQRt4smnDKUMcDB8WSNjcT_7A
2021-12-29 21:59:06 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 21:59:06 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 21:59:06 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'consents' scope in request
actual
[
  "consents"
]
expected
consents
2021-12-29 21:59:06 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
i2gIAMOLk2BEtaVzidnnFj7d4lyT57BWMMkIXAcOwee85WZftQ
2021-12-29 21:59:06 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
i2gIAMOLk2BEtaVzidnnFj7d4lyT57BWMMkIXAcOwee85WZftQ
token_type
Bearer
2021-12-29 21:59:06
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2021-12-29 21:59:06 OUTGOING
fapi1-advanced-final-client-test-invalid-signature
Response to HTTP request to test instance 8ef6viRNgMdxSap
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "i2gIAMOLk2BEtaVzidnnFj7d4lyT57BWMMkIXAcOwee85WZftQ",
  "token_type": "Bearer"
}
outgoing_path
token
2021-12-29 21:59:10 INCOMING
fapi1-advanced-final-client-test-invalid-signature
Incoming HTTP request to test instance 8ef6viRNgMdxSap
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/json",
  "authorization": "Bearer i2gIAMOLk2BEtaVzidnnFj7d4lyT57BWMMkIXAcOwee85WZftQ",
  "x-fapi-interaction-id": "6693b2b5-bfa4-44c0-9dbd-fe907a6d6d6a",
  "content-length": "370",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/consents/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
{
  "data": {
    "loggedUser": {
      "document": {
        "identification": "05159823697",
        "rel": "CPF"
      }
    },
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "ACCOUNTS_OVERDRAFT_LIMITS_READ",
      "ACCOUNTS_TRANSACTIONS_READ"
    ],
    "expirationDateTime": "2022-11-30T08:30:00Z",
    "transactionFromDateTime": "2021-11-30T00:00:00Z",
    "transactionToDateTime": "2021-11-30T23:59:59Z"
  }
}
incoming_query_string_params
{}
incoming_body
                {"data":{"loggedUser":{"document":{"identification":"05159823697","rel":"CPF"}},"permissions":["ACCOUNTS_READ","ACCOUNTS_BALANCES_READ","ACCOUNTS_OVERDRAFT_LIMITS_READ","ACCOUNTS_TRANSACTIONS_READ"],"expirationDateTime":"2022-11-30T08:30:00Z","transactionFromDateTime":"2021-11-30T00:00:00Z","transactionToDateTime":"2021-11-30T23:59:59Z"}}
            
2021-12-29 21:59:10 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2021-12-29 21:59:10 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 21:59:10 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 21:59:10 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 21:59:10 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2021-12-29 21:59:10 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-29 21:59:10 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
i2gIAMOLk2BEtaVzidnnFj7d4lyT57BWMMkIXAcOwee85WZftQ
2021-12-29 21:59:10 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
i2gIAMOLk2BEtaVzidnnFj7d4lyT57BWMMkIXAcOwee85WZftQ
2021-12-29 21:59:10 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2021-12-29 21:59:10 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2021-12-29 21:59:10 SUCCESS
ExtractFapiInteractionIdHeader
Found a FAPI interaction ID header
fapi_interaction_id
6693b2b5-bfa4-44c0-9dbd-fe907a6d6d6a
2021-12-29 21:59:10 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedConsents
The token request which was used to obtain the access token contained 'consents' scope
actual
[
  "consents"
]
2021-12-29 21:59:10
FAPIBrazilExtractConsentRequest
Condition ran but did not log anything
2021-12-29 21:59:10 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
6693b2b5-bfa4-44c0-9dbd-fe907a6d6d6a
2021-12-29 21:59:10 SUCCESS
FAPIBrazilGenerateNewConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "6693b2b5-bfa4-44c0-9dbd-fe907a6d6d6a"
}
consentId
urn:conformance.oidf:W6gwLiI21C
consent_response
{
  "data": {
    "consentId": "urn:conformance.oidf:W6gwLiI21C",
    "creationDateTime": "2021-12-29T21:59:10Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-29T21:59:10Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-29T23:59:10Z",
    "transactionFromDateTime": "2021-12-29T21:54:10Z",
    "transactionToDateTime": "2021-12-29T23:59:10Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T21:59:10Z"
  }
}
2021-12-29 21:59:10
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-29 21:59:10 OUTGOING
fapi1-advanced-final-client-test-invalid-signature
Response to HTTP request to test instance 8ef6viRNgMdxSap
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "6693b2b5-bfa4-44c0-9dbd-fe907a6d6d6a"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:W6gwLiI21C",
    "creationDateTime": "2021-12-29T21:59:10Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-29T21:59:10Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-29T23:59:10Z",
    "transactionFromDateTime": "2021-12-29T21:54:10Z",
    "transactionToDateTime": "2021-12-29T23:59:10Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T21:59:10Z"
  }
}
outgoing_path
consents/v1/consents
2021-12-29 21:59:13 INCOMING
fapi1-advanced-final-client-test-invalid-signature
Incoming HTTP request to test instance 8ef6viRNgMdxSap
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 21:59:13 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 21:59:13 OUTGOING
fapi1-advanced-final-client-test-invalid-signature
Response to HTTP request to test instance 8ef6viRNgMdxSap
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 21:59:14 INCOMING
fapi1-advanced-final-client-test-invalid-signature
Incoming HTTP request to test instance 8ef6viRNgMdxSap
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "accept": "application/json;charset\u003dUTF-8",
  "content-length": "2553",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/par
incoming_body_form_params
{
  "response_type": "code id_token",
  "code_challenge_method": "S256",
  "code_challenge": "GXw5Q-FZU-tkavvDo4yBTG8YVqOQ89tylvcmnTKJW2A",
  "nonce": "22ff6aa7-69b4-47e5-9a3b-61b55556a404",
  "scope": "accounts openid consent:urn:conformance.oidf:W6gwLiI21C",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "b48a2d74-b20d-4891-a3e3-809e42259a71",
  "request": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6IjIyZmY2YWE3LTY5YjQtNDdlNS05YTNiLTYxYjU1NTU2YTQwNCIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1MTU0LCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOlc2Z3dMaUkyMUMiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiJiNDhhMmQ3NC1iMjBkLTQ4OTEtYTNlMy04MDllNDIyNTlhNzEiLCJleHAiOjE2NDA4MTg3NTMsImlhdCI6MTY0MDgxNTE1MywiY29kZV9jaGFsbGVuZ2UiOiJHWHc1US1GWlUtdGthdnZEbzR5QlRHOFlWcU9RODl0eWx2Y21uVEtKVzJBIiwianRpIjoiYWNjNzdhZjYtMzNkZC00NWRkLWEyNjEtOGUzNWNiOTc4ODJmIn0.llqXk2Jurd3hOgQqSqXts1xVO-O2mHjddM1YFWhdLhbbmjuAv0T6aP1RmbYZQQFZEG8qzduGP8uYz958k_qoyrp4jYkvWUF1JpTT_5iEIDSfnDV5PM8aSWO_IaUFpNxdwkuKoe7FA6kI0VcIiduPyi8u9eVstGNdzQG_pQtNkg1yydcTWcUlhP5qAHjtwinvXoAEPOeJVdxG5s-INo0gwMQrhIuQD1oul-1mxPkm7bScPMFiEzFvItJubLoN9U_HWJzVp9GWZRRueaHe6R-7XvvEjLWQii7DVHpUebVynohgPCRsj0CgI23lBRirnj8dYMhfojRuN7OY9qF4pelP2g",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxODc1MywiaWF0IjoxNjQwODE1MTUzLCJqdGkiOiIyMTNhZWE1My1hZmEzLTRjZTAtYmEwOS05MTBkZjA1ZTVlYWQifQ.dykuaHVjKMdsdz8yhtxcteqktgWegRJEPsF34wdiUHZKllrt8dnu6rk6kKOHzH0PUmLE2fSzcGhRIMsGpFUreZt_x2jeR-lpsDhVrD7DagFgSr0_5yRb_aDmQY-dUoW2YvCZ3xJY2qUmFVqloqbQc7PT2vYfcQB1fX94zgu7lxOuj7HFBtV8ZJiw_tI5jQ5a2CpcICi4FyISS8DPloiPL2MT4zvGcV5Vy2icCu17-fN_vDeNTqw7H746LmQzG-QzJrsrZog20W7Elscw1CIBueZzsp2YhgcjIF8GiRa8xJMFOmmFKiuBbBHLH5m28Dt0jVBr2Y4-sJH4aI62jq7mnQ",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
response_type=code+id_token&code_challenge_method=S256&code_challenge=GXw5Q-FZU-tkavvDo4yBTG8YVqOQ89tylvcmnTKJW2A&nonce=22ff6aa7-69b4-47e5-9a3b-61b55556a404&scope=accounts+openid+consent%3Aurn%3Aconformance.oidf%3AW6gwLiI21C&client_id=r3-1Pzx4eZFejFKvrCef_&redirect_uri=https%3A%2F%2Fapi-qa.bvopen.com.br%2Freceptor-redirect%2Fv1%2Finternet-banking%2Fauthorize-callback&state=b48a2d74-b20d-4891-a3e3-809e42259a71&request=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6IjIyZmY2YWE3LTY5YjQtNDdlNS05YTNiLTYxYjU1NTU2YTQwNCIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1MTU0LCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOlc2Z3dMaUkyMUMiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiJiNDhhMmQ3NC1iMjBkLTQ4OTEtYTNlMy04MDllNDIyNTlhNzEiLCJleHAiOjE2NDA4MTg3NTMsImlhdCI6MTY0MDgxNTE1MywiY29kZV9jaGFsbGVuZ2UiOiJHWHc1US1GWlUtdGthdnZEbzR5QlRHOFlWcU9RODl0eWx2Y21uVEtKVzJBIiwianRpIjoiYWNjNzdhZjYtMzNkZC00NWRkLWEyNjEtOGUzNWNiOTc4ODJmIn0.llqXk2Jurd3hOgQqSqXts1xVO-O2mHjddM1YFWhdLhbbmjuAv0T6aP1RmbYZQQFZEG8qzduGP8uYz958k_qoyrp4jYkvWUF1JpTT_5iEIDSfnDV5PM8aSWO_IaUFpNxdwkuKoe7FA6kI0VcIiduPyi8u9eVstGNdzQG_pQtNkg1yydcTWcUlhP5qAHjtwinvXoAEPOeJVdxG5s-INo0gwMQrhIuQD1oul-1mxPkm7bScPMFiEzFvItJubLoN9U_HWJzVp9GWZRRueaHe6R-7XvvEjLWQii7DVHpUebVynohgPCRsj0CgI23lBRirnj8dYMhfojRuN7OY9qF4pelP2g&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxODc1MywiaWF0IjoxNjQwODE1MTUzLCJqdGkiOiIyMTNhZWE1My1hZmEzLTRjZTAtYmEwOS05MTBkZjA1ZTVlYWQifQ.dykuaHVjKMdsdz8yhtxcteqktgWegRJEPsF34wdiUHZKllrt8dnu6rk6kKOHzH0PUmLE2fSzcGhRIMsGpFUreZt_x2jeR-lpsDhVrD7DagFgSr0_5yRb_aDmQY-dUoW2YvCZ3xJY2qUmFVqloqbQc7PT2vYfcQB1fX94zgu7lxOuj7HFBtV8ZJiw_tI5jQ5a2CpcICi4FyISS8DPloiPL2MT4zvGcV5Vy2icCu17-fN_vDeNTqw7H746LmQzG-QzJrsrZog20W7Elscw1CIBueZzsp2YhgcjIF8GiRa8xJMFOmmFKiuBbBHLH5m28Dt0jVBr2Y4-sJH4aI62jq7mnQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 21:59:14 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
PAR endpoint
2021-12-29 21:59:14 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 21:59:14 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 21:59:14 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 21:59:14 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxODc1MywiaWF0IjoxNjQwODE1MTUzLCJqdGkiOiIyMTNhZWE1My1hZmEzLTRjZTAtYmEwOS05MTBkZjA1ZTVlYWQifQ.dykuaHVjKMdsdz8yhtxcteqktgWegRJEPsF34wdiUHZKllrt8dnu6rk6kKOHzH0PUmLE2fSzcGhRIMsGpFUreZt_x2jeR-lpsDhVrD7DagFgSr0_5yRb_aDmQY-dUoW2YvCZ3xJY2qUmFVqloqbQc7PT2vYfcQB1fX94zgu7lxOuj7HFBtV8ZJiw_tI5jQ5a2CpcICi4FyISS8DPloiPL2MT4zvGcV5Vy2icCu17-fN_vDeNTqw7H746LmQzG-QzJrsrZog20W7Elscw1CIBueZzsp2YhgcjIF8GiRa8xJMFOmmFKiuBbBHLH5m28Dt0jVBr2Y4-sJH4aI62jq7mnQ",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640818753,
    "iat": 1640815153,
    "jti": "213aea53-afa3-4ce0-ba09-910df05e5ead"
  }
}
2021-12-29 21:59:14
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 21:59:14 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxODc1MywiaWF0IjoxNjQwODE1MTUzLCJqdGkiOiIyMTNhZWE1My1hZmEzLTRjZTAtYmEwOS05MTBkZjA1ZTVlYWQifQ.dykuaHVjKMdsdz8yhtxcteqktgWegRJEPsF34wdiUHZKllrt8dnu6rk6kKOHzH0PUmLE2fSzcGhRIMsGpFUreZt_x2jeR-lpsDhVrD7DagFgSr0_5yRb_aDmQY-dUoW2YvCZ3xJY2qUmFVqloqbQc7PT2vYfcQB1fX94zgu7lxOuj7HFBtV8ZJiw_tI5jQ5a2CpcICi4FyISS8DPloiPL2MT4zvGcV5Vy2icCu17-fN_vDeNTqw7H746LmQzG-QzJrsrZog20W7Elscw1CIBueZzsp2YhgcjIF8GiRa8xJMFOmmFKiuBbBHLH5m28Dt0jVBr2Y4-sJH4aI62jq7mnQ
2021-12-29 21:59:14 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 21:59:14 SUCCESS
ValidateClientAssertionClaimsForPAREndpoint
Client Assertion passed all validation checks
2021-12-29 21:59:14 SUCCESS
ExtractRequestObjectFromPAREndpointRequest
Parsed request object
request_object
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6IjIyZmY2YWE3LTY5YjQtNDdlNS05YTNiLTYxYjU1NTU2YTQwNCIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1MTU0LCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOlc2Z3dMaUkyMUMiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiJiNDhhMmQ3NC1iMjBkLTQ4OTEtYTNlMy04MDllNDIyNTlhNzEiLCJleHAiOjE2NDA4MTg3NTMsImlhdCI6MTY0MDgxNTE1MywiY29kZV9jaGFsbGVuZ2UiOiJHWHc1US1GWlUtdGthdnZEbzR5QlRHOFlWcU9RODl0eWx2Y21uVEtKVzJBIiwianRpIjoiYWNjNzdhZjYtMzNkZC00NWRkLWEyNjEtOGUzNWNiOTc4ODJmIn0.llqXk2Jurd3hOgQqSqXts1xVO-O2mHjddM1YFWhdLhbbmjuAv0T6aP1RmbYZQQFZEG8qzduGP8uYz958k_qoyrp4jYkvWUF1JpTT_5iEIDSfnDV5PM8aSWO_IaUFpNxdwkuKoe7FA6kI0VcIiduPyi8u9eVstGNdzQG_pQtNkg1yydcTWcUlhP5qAHjtwinvXoAEPOeJVdxG5s-INo0gwMQrhIuQD1oul-1mxPkm7bScPMFiEzFvItJubLoN9U_HWJzVp9GWZRRueaHe6R-7XvvEjLWQii7DVHpUebVynohgPCRsj0CgI23lBRirnj8dYMhfojRuN7OY9qF4pelP2g",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "response_type": "code id_token",
    "code_challenge_method": "S256",
    "nonce": "22ff6aa7-69b4-47e5-9a3b-61b55556a404",
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
    "nbf": 1640815154,
    "scope": "accounts openid consent:urn:conformance.oidf:W6gwLiI21C",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "state": "b48a2d74-b20d-4891-a3e3-809e42259a71",
    "exp": 1640818753,
    "iat": 1640815153,
    "code_challenge": "GXw5Q-FZU-tkavvDo4yBTG8YVqOQ89tylvcmnTKJW2A",
    "jti": "acc77af6-33dd-45dd-a261-8e35cb97882f"
  }
}
2021-12-29 21:59:14 SUCCESS
EnsurePAREndpointRequestDoesNotContainRequestUriParameter
PAR endpoint request does not contain a request_uri parameter
2021-12-29 21:59:14 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2021-12-29 21:59:14 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2021-12-29 21:59:14
FAPIBrazilValidateRequestObjectIdTokenACRClaims
acr claim is not requested
2021-12-29 21:59:14 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Dec 29, 2021, 10:59:13 PM"
2021-12-29 21:59:14 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Dec 29, 2021, 9:59:14 PM"
now
"Dec 29, 2021, 9:59:14 PM"
2021-12-29 21:59:14
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2021-12-29 21:59:14 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2021-12-29 21:59:14 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2021-12-29 21:59:14 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2021-12-29 21:59:14 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2021-12-29 21:59:14 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6IjIyZmY2YWE3LTY5YjQtNDdlNS05YTNiLTYxYjU1NTU2YTQwNCIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1MTU0LCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOlc2Z3dMaUkyMUMiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiJiNDhhMmQ3NC1iMjBkLTQ4OTEtYTNlMy04MDllNDIyNTlhNzEiLCJleHAiOjE2NDA4MTg3NTMsImlhdCI6MTY0MDgxNTE1MywiY29kZV9jaGFsbGVuZ2UiOiJHWHc1US1GWlUtdGthdnZEbzR5QlRHOFlWcU9RODl0eWx2Y21uVEtKVzJBIiwianRpIjoiYWNjNzdhZjYtMzNkZC00NWRkLWEyNjEtOGUzNWNiOTc4ODJmIn0.llqXk2Jurd3hOgQqSqXts1xVO-O2mHjddM1YFWhdLhbbmjuAv0T6aP1RmbYZQQFZEG8qzduGP8uYz958k_qoyrp4jYkvWUF1JpTT_5iEIDSfnDV5PM8aSWO_IaUFpNxdwkuKoe7FA6kI0VcIiduPyi8u9eVstGNdzQG_pQtNkg1yydcTWcUlhP5qAHjtwinvXoAEPOeJVdxG5s-INo0gwMQrhIuQD1oul-1mxPkm7bScPMFiEzFvItJubLoN9U_HWJzVp9GWZRRueaHe6R-7XvvEjLWQii7DVHpUebVynohgPCRsj0CgI23lBRirnj8dYMhfojRuN7OY9qF4pelP2g
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 20470105991639945101333275222632884736574483865528906726892528525563191082183695260204312736582372939211055359067203803085750810655850954661951144951323156016175226041830645945715513868126850067392212624376671953805748628313454513795689104315557781181477191907644208938174263279538822216580366877482634997324327056726074955380834197509531619477599127660288830507703834432824311448281762320165839347904106371594443864070803621659794095259323351600661287063154929280227814731229282446194900829223861656310231284465453525094881675730459265540745017449257927239533034759013077714190534660553709869627625978272751475164353
  public exponent: 65537
2021-12-29 21:59:14 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
2021-12-29 21:59:14 SUCCESS
EnsureRequestObjectContainsCodeChallengeWhenUsingPAR
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
GXw5Q-FZU-tkavvDo4yBTG8YVqOQ89tylvcmnTKJW2A
2021-12-29 21:59:14 SUCCESS
CreatePAREndpointResponse
Created PAR endpoint response
request_uri
urn:ietf:params:oauth:request_uri:09d1da47-209a-4b2b-9a8a-54556e49d197
expires_in
600
2021-12-29 21:59:14 OUTGOING
fapi1-advanced-final-client-test-invalid-signature
Response to HTTP request to test instance 8ef6viRNgMdxSap
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "request_uri": "urn:ietf:params:oauth:request_uri:09d1da47-209a-4b2b-9a8a-54556e49d197",
  "expires_in": 600
}
outgoing_path
par
2021-12-29 21:59:14 INCOMING
fapi1-advanced-final-client-test-invalid-signature
Incoming HTTP request to test instance 8ef6viRNgMdxSap
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "request_uri": "urn:ietf:params:oauth:request_uri:09d1da47-209a-4b2b-9a8a-54556e49d197",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "scope": "accounts openid consent:urn:conformance.oidf:W6gwLiI21C",
  "response_type": "code id_token",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback"
}
incoming_body
2021-12-29 21:59:14 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2021-12-29 21:59:15 SUCCESS
EnsureAuthorizationRequestDoesNotContainRequestWhenUsingPAR
Request does not contain a request parameter
2021-12-29 21:59:15 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2021-12-29 21:59:15 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "scope": "accounts openid consent:urn:conformance.oidf:W6gwLiI21C",
  "response_type": "code id_token",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "iss": "r3-1Pzx4eZFejFKvrCef_",
  "code_challenge_method": "S256",
  "nonce": "22ff6aa7-69b4-47e5-9a3b-61b55556a404",
  "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "nbf": 1640815154,
  "state": "b48a2d74-b20d-4891-a3e3-809e42259a71",
  "exp": 1640818753,
  "iat": 1640815153,
  "code_challenge": "GXw5Q-FZU-tkavvDo4yBTG8YVqOQ89tylvcmnTKJW2A",
  "jti": "acc77af6-33dd-45dd-a261-8e35cb97882f"
}
2021-12-29 21:59:15 SUCCESS
EnsureClientIdInAuthorizationRequestParametersMatchRequestObject
client_id http request parameter value matches client_id in request object
2021-12-29 21:59:15 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
accounts openid consent:urn:conformance.oidf:W6gwLiI21C
2021-12-29 21:59:15 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:W6gwLiI21C"
]
expected
consent:urn:conformance.oidf:W6gwLiI21C
2021-12-29 21:59:15 SUCCESS
EnsureScopeContainsAccounts
Found accounts scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:W6gwLiI21C"
]
2021-12-29 21:59:15 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2021-12-29 21:59:15 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:W6gwLiI21C"
]
expected
openid
2021-12-29 21:59:15 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
r3-1Pzx4eZFejFKvrCef_
2021-12-29 21:59:15 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
uvXAgqq1sIuR1D3C4fZQl32WiuW2cveZ
2021-12-29 21:59:15 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
22ff6aa7-69b4-47e5-9a3b-61b55556a404
2021-12-29 21:59:15 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
tV32eivu_ZQL5C8mG1qPIw
2021-12-29 21:59:15 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
Vk4lGoFeVSxN8-wmPBrImQ
2021-12-29 21:59:15 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/recepcao-bv/
sub
user-subject-1234531
aud
r3-1Pzx4eZFejFKvrCef_
nonce
22ff6aa7-69b4-47e5-9a3b-61b55556a404
iat
1640815155
exp
1640815455
2021-12-29 21:59:15
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2021-12-29 21:59:15 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
tV32eivu_ZQL5C8mG1qPIw
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "22ff6aa7-69b4-47e5-9a3b-61b55556a404",
  "iat": 1640815155,
  "exp": 1640815455,
  "c_hash": "tV32eivu_ZQL5C8mG1qPIw"
}
2021-12-29 21:59:15 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
Vk4lGoFeVSxN8-wmPBrImQ
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "22ff6aa7-69b4-47e5-9a3b-61b55556a404",
  "iat": 1640815155,
  "exp": 1640815455,
  "c_hash": "tV32eivu_ZQL5C8mG1qPIw",
  "s_hash": "Vk4lGoFeVSxN8-wmPBrImQ"
}
2021-12-29 21:59:15 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2021-12-29 21:59:15 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2021-12-29 21:59:15 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6InRWMzJlaXZ1X1pRTDVDOG1HMXFQSXciLCJzX2hhc2giOiJWazRsR29GZVZTeE44LXdtUEJySW1RIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTU0NTUsIm5vbmNlIjoiMjJmZjZhYTctNjliNC00N2U1LTlhM2ItNjFiNTU1NTZhNDA0IiwiaWF0IjoxNjQwODE1MTU1fQ.HRtYoUWGeszgSKoMVf7bnwTSj1-t9wmwnHOWqx-dU4svilhLNn4XBvVQIwKSMz0DbLpgarZWdsMg_QdNP_Cdgk_FiAKolSE9GD13TcLEEPl88hOITrH9Q2ZBIP_wJ2eNWnLEqo7VI9eKYiBsH9HhIJL83vGFWYYxza0-Ld0Ex_i5wo8f53oZoSIL4j7BJwdJh3XegxYnOFzQTxvuZwE47hVN2ZEMjYx9XS2LHPAN-sLbve5uOBtLYbfrBGn0oQfhMrqEUVyijwfckUSon_YObaldhTU_BH13DVJaTGqFsTJ-SbW3tYaVLqBGbPgqvemSUtKWBFXdsaevQ8l-HmjM-g
2021-12-29 21:59:15
InvalidateIdTokenSignature
Made the id_token signature invalid
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6InRWMzJlaXZ1X1pRTDVDOG1HMXFQSXciLCJzX2hhc2giOiJWazRsR29GZVZTeE44LXdtUEJySW1RIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTU0NTUsIm5vbmNlIjoiMjJmZjZhYTctNjliNC00N2U1LTlhM2ItNjFiNTU1NTZhNDA0IiwiaWF0IjoxNjQwODE1MTU1fQ.R0EC-x_cIJa6EvBWD6SBxV6I1QX3rVPqxinM8UXHCdF10AIRbCRNXK8KeVjIaWdZNuA6MOwMLJl6p10XZarH2BWf0ljyz3tnQmctF5ieSqMmqEnSFOunGTwbeqWqfT3XACie8NSPeY3QOHo2RYu7esimhKvfA9xrl_dkd4denaLjmNVFvSBD-3hRuGSbfV0T3S-E2Ux9YgaKFUG0PVtitE8Xg8tW19YnB3fRRqpXoJiB57Q0YkERO-2xXjOu-127aODeCwb41V2Gyx7yxaxUN_MH329lXictVwgAFjDf62gkE-_t79zPdPocNqJw57PICIjMXg-H6_31GZMkRDKWoA
2021-12-29 21:59:15 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance.oidf:W6gwLiI21C",
    "creationDateTime": "2021-12-29T21:59:10Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-29T21:59:15Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-29T23:59:10Z",
    "transactionFromDateTime": "2021-12-29T21:54:10Z",
    "transactionToDateTime": "2021-12-29T23:59:10Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T21:59:10Z"
  }
}
2021-12-29 21:59:15 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "b48a2d74-b20d-4891-a3e3-809e42259a71"
}
2021-12-29 21:59:15 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "b48a2d74-b20d-4891-a3e3-809e42259a71",
  "code": "uvXAgqq1sIuR1D3C4fZQl32WiuW2cveZ"
}
2021-12-29 21:59:15 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "b48a2d74-b20d-4891-a3e3-809e42259a71",
  "code": "uvXAgqq1sIuR1D3C4fZQl32WiuW2cveZ",
  "id_token": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6InRWMzJlaXZ1X1pRTDVDOG1HMXFQSXciLCJzX2hhc2giOiJWazRsR29GZVZTeE44LXdtUEJySW1RIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTU0NTUsIm5vbmNlIjoiMjJmZjZhYTctNjliNC00N2U1LTlhM2ItNjFiNTU1NTZhNDA0IiwiaWF0IjoxNjQwODE1MTU1fQ.R0EC-x_cIJa6EvBWD6SBxV6I1QX3rVPqxinM8UXHCdF10AIRbCRNXK8KeVjIaWdZNuA6MOwMLJl6p10XZarH2BWf0ljyz3tnQmctF5ieSqMmqEnSFOunGTwbeqWqfT3XACie8NSPeY3QOHo2RYu7esimhKvfA9xrl_dkd4denaLjmNVFvSBD-3hRuGSbfV0T3S-E2Ux9YgaKFUG0PVtitE8Xg8tW19YnB3fRRqpXoJiB57Q0YkERO-2xXjOu-127aODeCwb41V2Gyx7yxaxUN_MH329lXictVwgAFjDf62gkE-_t79zPdPocNqJw57PICIjMXg-H6_31GZMkRDKWoA"
}
2021-12-29 21:59:15
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback#state=b48a2d74-b20d-4891-a3e3-809e42259a71&code=uvXAgqq1sIuR1D3C4fZQl32WiuW2cveZ&id_token=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6InRWMzJlaXZ1X1pRTDVDOG1HMXFQSXciLCJzX2hhc2giOiJWazRsR29GZVZTeE44LXdtUEJySW1RIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTU0NTUsIm5vbmNlIjoiMjJmZjZhYTctNjliNC00N2U1LTlhM2ItNjFiNTU1NTZhNDA0IiwiaWF0IjoxNjQwODE1MTU1fQ.R0EC-x_cIJa6EvBWD6SBxV6I1QX3rVPqxinM8UXHCdF10AIRbCRNXK8KeVjIaWdZNuA6MOwMLJl6p10XZarH2BWf0ljyz3tnQmctF5ieSqMmqEnSFOunGTwbeqWqfT3XACie8NSPeY3QOHo2RYu7esimhKvfA9xrl_dkd4denaLjmNVFvSBD-3hRuGSbfV0T3S-E2Ux9YgaKFUG0PVtitE8Xg8tW19YnB3fRRqpXoJiB57Q0YkERO-2xXjOu-127aODeCwb41V2Gyx7yxaxUN_MH329lXictVwgAFjDf62gkE-_t79zPdPocNqJw57PICIjMXg-H6_31GZMkRDKWoA
2021-12-29 21:59:15 OUTGOING
fapi1-advanced-final-client-test-invalid-signature
Response to HTTP request to test instance 8ef6viRNgMdxSap
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback#state=b48a2d74-b20d-4891-a3e3-809e42259a71&code=uvXAgqq1sIuR1D3C4fZQl32WiuW2cveZ&id_token=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6InRWMzJlaXZ1X1pRTDVDOG1HMXFQSXciLCJzX2hhc2giOiJWazRsR29GZVZTeE44LXdtUEJySW1RIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTU0NTUsIm5vbmNlIjoiMjJmZjZhYTctNjliNC00N2U1LTlhM2ItNjFiNTU1NTZhNDA0IiwiaWF0IjoxNjQwODE1MTU1fQ.R0EC-x_cIJa6EvBWD6SBxV6I1QX3rVPqxinM8UXHCdF10AIRbCRNXK8KeVjIaWdZNuA6MOwMLJl6p10XZarH2BWf0ljyz3tnQmctF5ieSqMmqEnSFOunGTwbeqWqfT3XACie8NSPeY3QOHo2RYu7esimhKvfA9xrl_dkd4denaLjmNVFvSBD-3hRuGSbfV0T3S-E2Ux9YgaKFUG0PVtitE8Xg8tW19YnB3fRRqpXoJiB57Q0YkERO-2xXjOu-127aODeCwb41V2Gyx7yxaxUN_MH329lXictVwgAFjDf62gkE-_t79zPdPocNqJw57PICIjMXg-H6_31GZMkRDKWoA]
outgoing_path
authorize
2021-12-29 21:59:15 INCOMING
fapi1-advanced-final-client-test-invalid-signature
Incoming HTTP request to test instance 8ef6viRNgMdxSap
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 21:59:15 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 21:59:15 OUTGOING
fapi1-advanced-final-client-test-invalid-signature
Response to HTTP request to test instance 8ef6viRNgMdxSap
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
outgoing_path
jwks
2021-12-29 21:59:20 FINISHED
fapi1-advanced-final-client-test-invalid-signature
Test has run to completion
testmodule_result
PASSED
2021-12-29 21:59:22
TEST-RUNNER
Alias has now been claimed by another test
alias
recepcao-bv
new_test_id
eJo26vSsqhFDXPu
Test Results