Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-12-29 22:10:38 INFO
TEST-RUNNER
Test instance Dtkl8Sh2ZAVn3tT created
baseUrl
https://www.certification.openid.net/test/a/recepcao-bv
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "pushed",
  "fapi_profile": "openbanking_brazil",
  "fapi_jarm_type": "oidc",
  "fapi_response_mode": "plain_response"
}
alias
recepcao-bv
description
Banco Votorantim - Relying Party
planId
DooYPU0i7G1JD
config
{
  "alias": "recepcao-bv",
  "description": "Banco Votorantim - Relying Party",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
          "kty": "RSA",
          "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
          "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "RSA-OAEP",
          "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
          "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
          "alg": "RSA-OAEP",
          "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
          "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
        },
        {
          "kty": "RSA",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB",
          "alg": "PS256",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
          "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
          "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
          "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
          "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
          "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo"
        }
      ]
    }
  },
  "client": {
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "certificate": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB"
        }
      ]
    }
  },
  "client2": {
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "certificate": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
          "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
          "e": "AQAB"
        },
        {
          "e": "AQAB",
          "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
          "kty": "RSA",
          "kid": "RSA-OAEP",
          "alg": "RSA-OAEP",
          "use": "enc"
        }
      ]
    },
    "id_token_encrypted_response_enc": "A256GCM"
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-refresh-token-test
2021-12-29 22:10:38 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/recepcao-bv/
discoveryUrl
https://www.certification.openid.net/test/a/recepcao-bv/.well-known/openid-configuration
2021-12-29 22:10:38 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
      "kty": "RSA",
      "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
      "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo",
      "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
      "alg": "PS256",
      "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 22:10:38 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 22:10:38
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2021-12-29 22:10:38
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2021-12-29 22:10:38
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2021-12-29 22:10:38
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2021-12-29 22:10:38
SetTokenEndpointAuthMethodsSupportedToPrivateKeyJWTOnly
Changed token_endpoint_auth_methods_supported to private_key_jwt only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ]
}
2021-12-29 22:10:38
AddPushedAuthorizationRequestEndpointToServerConfig
Added pushed_authorization_request_endpoint to server configuration
endpoint
https://www.certification.openid.net/test/a/recepcao-bv/par
2021-12-29 22:10:38
AddRequirePushedAuthorizationRequestsToServerConfig
Added require_pushed_authorization_requests to server configuration
value
true
2021-12-29 22:10:38 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2021-12-29 22:10:38 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2021-12-29 22:10:38 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-12-29 22:10:38 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "p": "_BxPVObkd-0vSY6hpRLECowqCT8Fg4kLhf4_b9884tZDBj-fhULi-QPOZuhcjLVFFXkXdTDdnDSsBB6lvFNNoQBQgvdwHwJcDkSLURBT6ARNWQfdrqeiGcN8Ix0ZM6K8PWKzOgTNUrM0voYKS9OsujS4eZoLiQTcD3aIimAvwn0",
      "kty": "RSA",
      "q": "y_z_2iXatOxjuWKlSdw6tWNdeNwce4n1gTwiCBt1PrbA9NRJGzkOM4Y0pXi8FHiuOiAVIjkBQLkS1hrXsYVIh__p_GojmP2JtYJtpxoXQeQkZaLbtGG7xzwB7PSBKJnqrXCwWX0tuH_vyTzKtT2pZUl4x9X7h0O28rAcCzwfUbE",
      "d": "boZTB3J9hFY5WKJtBnQMyZ0uqbIGLEIa-NWZayTCKGzIGmzwiDIM9SBrFRevoP1qY5MyhuCgXnhXrJQvYlrQlVOp4n6OMSwVp1oIIBV35MuBU4s4zbr2UtbF8HMt4fCSNhpugRtJj8Ohad4j8K_UO3aT38MrBcWOkVaBGEIcVvo7abPj_eFNqtu9mda9uTMTvjP1VaQsscgSxdIwvNTR_k8Mp-XmJ80ffQjtpt8NIPyn6GhGE0hXRRUfAx010Wj9yT2zaM4m69uhAOMXwVKv5MMlXXKGn_0z3GqRNygPDXCcuTGQ_EGNhVQRvuve_ieNhpkQCBSjz4Ar0ueMuox_QQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "qi": "IlPPK0-J6KZNedgPE5mYcpwzWbT3hXCxxwaiFZQTOGkPInJ9SQRbNW4Z_ro_e9sekkOOb3Tclh6kbid-883riv5r58pb7R0pv0iM_ZPgG7_xDzRbxQSLQltSgI5FiLW2oVOhdxQPFVpc_i02LuYXnZ2tO1awrzYV69H49XiepIY",
      "dp": "E9KiBjn1YtyaaD03xoP4OCAXOgzjgRkod8uq7z_tSKSyNm6QO2kr8Yp0EzFX_ZRPL0YLKyLBegPGNri2LV2bb_pXWkTcYwPLey-2iJQxFMAp2MM-kfoKS95MB3LFRYMZK_Zzwy8XedYvYn-llZq6LRXyH1WWbJqeNvUJ_V9cwf0",
      "alg": "RSA-OAEP",
      "dq": "wHJm2uMdq9Tc3HhRYhZQmPIurChVAsQMBym5HZbyDQGTlydz9Sfl2vxBTN9T6ahVDudXqNrI8MvqFm5qkcMhw5TPpmBoRxzjP4fWdXDrAjH_mJeF2W7fHj7hvjCKbciQG6MV7MdpTAf_LAabY1PSLYmcVkPtshZTUjCNtJe7IHE",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "p": "zZRF4uynLVGvuR-G3P_ZRNGUWcRG6OE0KcFj4NnNt89g1eDtC7GMq-S9ZHCUavTE0tnA1loFTbCzWvUy3gywVCYFSyHz-xxDUs9uu5X9gxJAbUHUD-dAhgHnXe46Skk9mITL20vj5ErZWzIXL9-E3kSlyxC3FCSQguutIghbzhs",
      "kty": "RSA",
      "q": "yezCWkthM28K2X2rYiQhbf_DvzHjH8NMKILYQxhI0dbcGjjpCLb7kvbhhSyeg-TgEtnp0ZqGU9KbxBSCdM-2CNhbZpIh4K1rvHQau350eLv67juK55TIRkcWiLV6G5jzJADYTefYyEk3x9kvE7h3iW6LhXuw-BPW-VJQP9wItlM",
      "d": "f0PiR8W8yWnslJlucs5IwprZkIiohiCXd-u2eT-OXMgQo3e95fpE1RQPlKG2QFhtP_oOfP9kguQEkswD2T_2nlODbajtxUrpyylDMSSoxPcjdpZ93W6yWTblG3EYOn064hiqaZLXidSuQBJhZKA7_oEWLYe01jCy4qIlHptLNqArPIfnyoHxRzLHM0AbUAxzysxWlxhh-kIuA2GwPOjzDg7X_3tuDo2FBJP1JL4ivZBVjzR6a3R3jlECewHRKlDGbcUhwhw-3PgUfpv0FyDz8Kxa1aXFuD75DvUeqp1WV15D-QPBY6Tj6ImGIU2EQA2M0sa6PPH7iH5wrf2aDm7tcQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "qi": "MPOx2d59EB8LIUVO184i4LgKVOunNsV2oVy_T8yOsdk5bxDvjChcwpoA1jMAi_4AZBa3ji0CMUKgk9dus6PJ6Knvr8D9tSXvfww81WXkgHW1QyZgqR5rNQJjq_mAuDf6N_RitOemqMRGUJYC4t2uDNW5wozna_KozTYNo_4kIJo",
      "dp": "Ohta1ZVGe4zHOnAq0nSOmOEUKXtM_64H7HV5IajueLHpEQsOdWut8zgoQCeCC-k7aM2br_qp3RfA2kjMI-86N863WFE0gRmv_cwb5HG0wkN6amdc5VHb7wTCvM4FM9IX0vBWHpoIxBJT9W7nFuT6zUhiBE-pL8xV_GtY-HGcYVk",
      "alg": "PS256",
      "dq": "QyPND7bmr_JpGh32AWDgGLIlRQpyaZpHVWUEQXLuq48UikeH_JTTG2-pVt2aK2LLupjobQBDT9XEYzMqmWqDLXe7FGTcjNc87mFwjg0i7w4aBmKX8h5_ZRa4AGbPHiQCHGOHiIfhhd8KhBHL3HPGk1TFYXHaSvJV1XqwIjuoTe8",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 22:10:38 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2021-12-29 22:10:38 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
r3-1Pzx4eZFejFKvrCef_
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
certificate
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
2021-12-29 22:10:38 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 22:10:38 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
2021-12-29 22:10:38 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-29 22:10:38 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-29 22:10:38 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    }
  ]
}
Verify configuration of second client
2021-12-29 22:10:38 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
r3-1Pzx4eZFejFKvrCef_
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
id_token_encrypted_response_alg
RSA-OAEP
certificate
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
id_token_encrypted_response_enc
A256GCM
2021-12-29 22:10:38 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-29 22:10:38 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    }
  ]
}
2021-12-29 22:10:38 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-29 22:10:38 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-29 22:10:38 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ",
      "e": "AQAB"
    },
    {
      "e": "AQAB",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ",
      "kty": "RSA",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "use": "enc"
    }
  ]
}
2021-12-29 22:10:38
fapi1-advanced-final-client-refresh-token-test
Setup Done
2021-12-29 22:11:01 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:01 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:11:01 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:11:03 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:03 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:11:03 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:11:04 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "894",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "grant_type": "client_credentials",
  "scope": "consents",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxNjQsImlhdCI6MTY0MDgxNTg2NCwianRpIjoiN2Y5ODIyN2EtYzAzOC00OWI3LWE5YWItNjk3MGEzMGRjNTVlIn0.gO0IK8vNWRmeuS02ja-LCL4UzGHQFafQ3dlJxPUObPJzzcFSZ5ECKeyeB_QOYc-vxu6SpNRZnuJvomM0MOqJW_IoYtTVJ6iTxNKVoRXvBBGatTfylX9-c0FD2TevCMbxLuWecUAiA6wJMB6xEml8zhNuAkVaKlCnWztxdkJ8pYn2o4VNoepPeSAZxzahJFiuVrh_OsgNxSKU-VIPFMCLCN76G-RfL98qhb2KSuwraDqe9_6oHiWXjAFS76sPUvXypimaiaku4eOEpl6mw4u8IAIKtZEqsTZnINMYSI7dIgSrVM1qv2isgQ3TAG6O3ZcGGEI7jtEgTdbv9jWzV_LiJg",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=client_credentials&scope=consents&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxNjQsImlhdCI6MTY0MDgxNTg2NCwianRpIjoiN2Y5ODIyN2EtYzAzOC00OWI3LWE5YWItNjk3MGEzMGRjNTVlIn0.gO0IK8vNWRmeuS02ja-LCL4UzGHQFafQ3dlJxPUObPJzzcFSZ5ECKeyeB_QOYc-vxu6SpNRZnuJvomM0MOqJW_IoYtTVJ6iTxNKVoRXvBBGatTfylX9-c0FD2TevCMbxLuWecUAiA6wJMB6xEml8zhNuAkVaKlCnWztxdkJ8pYn2o4VNoepPeSAZxzahJFiuVrh_OsgNxSKU-VIPFMCLCN76G-RfL98qhb2KSuwraDqe9_6oHiWXjAFS76sPUvXypimaiaku4eOEpl6mw4u8IAIKtZEqsTZnINMYSI7dIgSrVM1qv2isgQ3TAG6O3ZcGGEI7jtEgTdbv9jWzV_LiJg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 22:11:04 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 22:11:04 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:04 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:04 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:04 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxNjQsImlhdCI6MTY0MDgxNTg2NCwianRpIjoiN2Y5ODIyN2EtYzAzOC00OWI3LWE5YWItNjk3MGEzMGRjNTVlIn0.gO0IK8vNWRmeuS02ja-LCL4UzGHQFafQ3dlJxPUObPJzzcFSZ5ECKeyeB_QOYc-vxu6SpNRZnuJvomM0MOqJW_IoYtTVJ6iTxNKVoRXvBBGatTfylX9-c0FD2TevCMbxLuWecUAiA6wJMB6xEml8zhNuAkVaKlCnWztxdkJ8pYn2o4VNoepPeSAZxzahJFiuVrh_OsgNxSKU-VIPFMCLCN76G-RfL98qhb2KSuwraDqe9_6oHiWXjAFS76sPUvXypimaiaku4eOEpl6mw4u8IAIKtZEqsTZnINMYSI7dIgSrVM1qv2isgQ3TAG6O3ZcGGEI7jtEgTdbv9jWzV_LiJg",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640816164,
    "iat": 1640815864,
    "jti": "7f98227a-c038-49b7-a9ab-6970a30dc55e"
  }
}
2021-12-29 22:11:04
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:11:04 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxNjQsImlhdCI6MTY0MDgxNTg2NCwianRpIjoiN2Y5ODIyN2EtYzAzOC00OWI3LWE5YWItNjk3MGEzMGRjNTVlIn0.gO0IK8vNWRmeuS02ja-LCL4UzGHQFafQ3dlJxPUObPJzzcFSZ5ECKeyeB_QOYc-vxu6SpNRZnuJvomM0MOqJW_IoYtTVJ6iTxNKVoRXvBBGatTfylX9-c0FD2TevCMbxLuWecUAiA6wJMB6xEml8zhNuAkVaKlCnWztxdkJ8pYn2o4VNoepPeSAZxzahJFiuVrh_OsgNxSKU-VIPFMCLCN76G-RfL98qhb2KSuwraDqe9_6oHiWXjAFS76sPUvXypimaiaku4eOEpl6mw4u8IAIKtZEqsTZnINMYSI7dIgSrVM1qv2isgQ3TAG6O3ZcGGEI7jtEgTdbv9jWzV_LiJg
2021-12-29 22:11:04 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:11:04 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 22:11:04 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'consents' scope in request
actual
[
  "consents"
]
expected
consents
2021-12-29 22:11:04 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7
2021-12-29 22:11:04 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7
token_type
Bearer
2021-12-29 22:11:04
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2021-12-29 22:11:04 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7",
  "token_type": "Bearer"
}
outgoing_path
token
2021-12-29 22:11:06 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/json",
  "authorization": "Bearer Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7",
  "x-fapi-interaction-id": "ed1313ac-ec03-48c0-b567-2a8cb0cd9574",
  "content-length": "370",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/consents/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
{
  "data": {
    "loggedUser": {
      "document": {
        "identification": "05159823697",
        "rel": "CPF"
      }
    },
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "ACCOUNTS_OVERDRAFT_LIMITS_READ",
      "ACCOUNTS_TRANSACTIONS_READ"
    ],
    "expirationDateTime": "2022-11-30T08:30:00Z",
    "transactionFromDateTime": "2021-11-30T00:00:00Z",
    "transactionToDateTime": "2021-11-30T23:59:59Z"
  }
}
incoming_query_string_params
{}
incoming_body
                {"data":{"loggedUser":{"document":{"identification":"05159823697","rel":"CPF"}},"permissions":["ACCOUNTS_READ","ACCOUNTS_BALANCES_READ","ACCOUNTS_OVERDRAFT_LIMITS_READ","ACCOUNTS_TRANSACTIONS_READ"],"expirationDateTime":"2022-11-30T08:30:00Z","transactionFromDateTime":"2021-11-30T00:00:00Z","transactionToDateTime":"2021-11-30T23:59:59Z"}}
            
2021-12-29 22:11:06 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2021-12-29 22:11:06 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:06 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:06 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:06 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2021-12-29 22:11:06 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-29 22:11:06 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7
2021-12-29 22:11:06 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7
2021-12-29 22:11:07 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2021-12-29 22:11:07 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2021-12-29 22:11:07 SUCCESS
ExtractFapiInteractionIdHeader
Found a FAPI interaction ID header
fapi_interaction_id
ed1313ac-ec03-48c0-b567-2a8cb0cd9574
2021-12-29 22:11:07 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedConsents
The token request which was used to obtain the access token contained 'consents' scope
actual
[
  "consents"
]
2021-12-29 22:11:07
FAPIBrazilExtractConsentRequest
Condition ran but did not log anything
2021-12-29 22:11:07 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
ed1313ac-ec03-48c0-b567-2a8cb0cd9574
2021-12-29 22:11:07 SUCCESS
FAPIBrazilGenerateNewConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "ed1313ac-ec03-48c0-b567-2a8cb0cd9574"
}
consentId
urn:conformance.oidf:4z3X0KNd9P
consent_response
{
  "data": {
    "consentId": "urn:conformance.oidf:4z3X0KNd9P",
    "creationDateTime": "2021-12-29T22:11:07Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-29T22:11:07Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:11:07Z",
    "transactionFromDateTime": "2021-12-29T22:06:07Z",
    "transactionToDateTime": "2021-12-30T00:11:07Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:11:07Z"
  }
}
2021-12-29 22:11:07
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-29 22:11:07 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "ed1313ac-ec03-48c0-b567-2a8cb0cd9574"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:4z3X0KNd9P",
    "creationDateTime": "2021-12-29T22:11:07Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-29T22:11:07Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:11:07Z",
    "transactionFromDateTime": "2021-12-29T22:06:07Z",
    "transactionToDateTime": "2021-12-30T00:11:07Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:11:07Z"
  }
}
outgoing_path
consents/v1/consents
2021-12-29 22:11:09 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:09 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:11:09 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:11:11 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "accept": "application/json;charset\u003dUTF-8",
  "content-length": "2553",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/par
incoming_body_form_params
{
  "response_type": "code id_token",
  "code_challenge_method": "S256",
  "code_challenge": "zTLqHy1fw9clNDDhrSGiTZHyq4Aml3fT2eeiaGvkmwY",
  "nonce": "5c83c588-7db7-4abc-96b5-4a7bfdceeb42",
  "scope": "accounts openid consent:urn:conformance.oidf:4z3X0KNd9P",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "2e1c6988-7faf-4b20-8732-f018c1372baf",
  "request": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6IjVjODNjNTg4LTdkYjctNGFiYy05NmI1LTRhN2JmZGNlZWI0MiIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1ODcxLCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOjR6M1gwS05kOVAiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiIyZTFjNjk4OC03ZmFmLTRiMjAtODczMi1mMDE4YzEzNzJiYWYiLCJleHAiOjE2NDA4MTk0NzAsImlhdCI6MTY0MDgxNTg3MCwiY29kZV9jaGFsbGVuZ2UiOiJ6VExxSHkxZnc5Y2xORERoclNHaVRaSHlxNEFtbDNmVDJlZWlhR3ZrbXdZIiwianRpIjoiZjE0N2I4YjItZThiNy00ZTYyLWEzOGEtMTQzZjM2NWU5ODA2In0.kqzAs_k0RkiPRgCxUsIsrUVQLB3lsyXCGisA5QDTeF6ARgB8GrEZa-EkW5TKAjbfpoA00ZTh99NqDWyazJWkMvwZ0H2KNFk1pu9TQgXMFszM6xmIYEcoco-_2GBJjpC6KOasynHDRw3wieRkewdKZ5BxMSmGyH9HIOInEcclv2ccnMmyNVJ8qIKi4TD8hp9ISTplY_iwbkNDc_YajdA_z9ZMe9Eb-tkXM88l-Skv5iY3J7vUL3ZDdqEwGEFbV_rctGcqwwZ_m-L9WnETsCEIXjdlb1hRqQMa1HhQ0U2AIHoQ5VOhHxQq4tZ_Fw9BKje5uUR4rryKvpH-IBtWmHCdBA",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxOTQ3MCwiaWF0IjoxNjQwODE1ODcwLCJqdGkiOiJlMzQ2MzQ2MC03NTE4LTRjMTEtOWRkZC0xM2RmZDJhMzFjNTgifQ.AGOaJwHh-tCVbB_SceRx_A3X-v8IqIlc3s8nrRv9NVEA3IuwgnMAq95Ii1-XYtD1BT1qd6wRZd4KfycPYl6gmOJaRiTlDSG4hDFZpppx4aMnyavRtPnUdIOjxm_P3YXgZThhBupPVcgB9LN1ofINL_Q2_xNa3-H0XFNjiNBJFaXxBnXYbPHGuF6yulsNBebLV_O-llTLewggnLqfuz8mFUWbv5Rfc2wdMceg4WEjGhqZ9-YBrKUIVHAml1HGkPSotC1NGIOlB03nxvSpkvttgDCRGkqJWMNIWWQkWieYoqt6USDUUMoVjeiIj6YQo_UeSUflLP7B4zZoruJ0zW9dyQ",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
response_type=code+id_token&code_challenge_method=S256&code_challenge=zTLqHy1fw9clNDDhrSGiTZHyq4Aml3fT2eeiaGvkmwY&nonce=5c83c588-7db7-4abc-96b5-4a7bfdceeb42&scope=accounts+openid+consent%3Aurn%3Aconformance.oidf%3A4z3X0KNd9P&client_id=r3-1Pzx4eZFejFKvrCef_&redirect_uri=https%3A%2F%2Fapi-qa.bvopen.com.br%2Freceptor-redirect%2Fv1%2Finternet-banking%2Fauthorize-callback&state=2e1c6988-7faf-4b20-8732-f018c1372baf&request=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6IjVjODNjNTg4LTdkYjctNGFiYy05NmI1LTRhN2JmZGNlZWI0MiIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1ODcxLCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOjR6M1gwS05kOVAiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiIyZTFjNjk4OC03ZmFmLTRiMjAtODczMi1mMDE4YzEzNzJiYWYiLCJleHAiOjE2NDA4MTk0NzAsImlhdCI6MTY0MDgxNTg3MCwiY29kZV9jaGFsbGVuZ2UiOiJ6VExxSHkxZnc5Y2xORERoclNHaVRaSHlxNEFtbDNmVDJlZWlhR3ZrbXdZIiwianRpIjoiZjE0N2I4YjItZThiNy00ZTYyLWEzOGEtMTQzZjM2NWU5ODA2In0.kqzAs_k0RkiPRgCxUsIsrUVQLB3lsyXCGisA5QDTeF6ARgB8GrEZa-EkW5TKAjbfpoA00ZTh99NqDWyazJWkMvwZ0H2KNFk1pu9TQgXMFszM6xmIYEcoco-_2GBJjpC6KOasynHDRw3wieRkewdKZ5BxMSmGyH9HIOInEcclv2ccnMmyNVJ8qIKi4TD8hp9ISTplY_iwbkNDc_YajdA_z9ZMe9Eb-tkXM88l-Skv5iY3J7vUL3ZDdqEwGEFbV_rctGcqwwZ_m-L9WnETsCEIXjdlb1hRqQMa1HhQ0U2AIHoQ5VOhHxQq4tZ_Fw9BKje5uUR4rryKvpH-IBtWmHCdBA&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxOTQ3MCwiaWF0IjoxNjQwODE1ODcwLCJqdGkiOiJlMzQ2MzQ2MC03NTE4LTRjMTEtOWRkZC0xM2RmZDJhMzFjNTgifQ.AGOaJwHh-tCVbB_SceRx_A3X-v8IqIlc3s8nrRv9NVEA3IuwgnMAq95Ii1-XYtD1BT1qd6wRZd4KfycPYl6gmOJaRiTlDSG4hDFZpppx4aMnyavRtPnUdIOjxm_P3YXgZThhBupPVcgB9LN1ofINL_Q2_xNa3-H0XFNjiNBJFaXxBnXYbPHGuF6yulsNBebLV_O-llTLewggnLqfuz8mFUWbv5Rfc2wdMceg4WEjGhqZ9-YBrKUIVHAml1HGkPSotC1NGIOlB03nxvSpkvttgDCRGkqJWMNIWWQkWieYoqt6USDUUMoVjeiIj6YQo_UeSUflLP7B4zZoruJ0zW9dyQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 22:11:11 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
PAR endpoint
2021-12-29 22:11:11 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:11 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:11 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:11 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxOTQ3MCwiaWF0IjoxNjQwODE1ODcwLCJqdGkiOiJlMzQ2MzQ2MC03NTE4LTRjMTEtOWRkZC0xM2RmZDJhMzFjNTgifQ.AGOaJwHh-tCVbB_SceRx_A3X-v8IqIlc3s8nrRv9NVEA3IuwgnMAq95Ii1-XYtD1BT1qd6wRZd4KfycPYl6gmOJaRiTlDSG4hDFZpppx4aMnyavRtPnUdIOjxm_P3YXgZThhBupPVcgB9LN1ofINL_Q2_xNa3-H0XFNjiNBJFaXxBnXYbPHGuF6yulsNBebLV_O-llTLewggnLqfuz8mFUWbv5Rfc2wdMceg4WEjGhqZ9-YBrKUIVHAml1HGkPSotC1NGIOlB03nxvSpkvttgDCRGkqJWMNIWWQkWieYoqt6USDUUMoVjeiIj6YQo_UeSUflLP7B4zZoruJ0zW9dyQ",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640819470,
    "iat": 1640815870,
    "jti": "e3463460-7518-4c11-9ddd-13dfd2a31c58"
  }
}
2021-12-29 22:11:11
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:11:11 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvcmVjZXBjYW8tYnZcLyIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImV4cCI6MTY0MDgxOTQ3MCwiaWF0IjoxNjQwODE1ODcwLCJqdGkiOiJlMzQ2MzQ2MC03NTE4LTRjMTEtOWRkZC0xM2RmZDJhMzFjNTgifQ.AGOaJwHh-tCVbB_SceRx_A3X-v8IqIlc3s8nrRv9NVEA3IuwgnMAq95Ii1-XYtD1BT1qd6wRZd4KfycPYl6gmOJaRiTlDSG4hDFZpppx4aMnyavRtPnUdIOjxm_P3YXgZThhBupPVcgB9LN1ofINL_Q2_xNa3-H0XFNjiNBJFaXxBnXYbPHGuF6yulsNBebLV_O-llTLewggnLqfuz8mFUWbv5Rfc2wdMceg4WEjGhqZ9-YBrKUIVHAml1HGkPSotC1NGIOlB03nxvSpkvttgDCRGkqJWMNIWWQkWieYoqt6USDUUMoVjeiIj6YQo_UeSUflLP7B4zZoruJ0zW9dyQ
2021-12-29 22:11:11 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:11:11 SUCCESS
ValidateClientAssertionClaimsForPAREndpoint
Client Assertion passed all validation checks
2021-12-29 22:11:11 SUCCESS
ExtractRequestObjectFromPAREndpointRequest
Parsed request object
request_object
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6IjVjODNjNTg4LTdkYjctNGFiYy05NmI1LTRhN2JmZGNlZWI0MiIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1ODcxLCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOjR6M1gwS05kOVAiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiIyZTFjNjk4OC03ZmFmLTRiMjAtODczMi1mMDE4YzEzNzJiYWYiLCJleHAiOjE2NDA4MTk0NzAsImlhdCI6MTY0MDgxNTg3MCwiY29kZV9jaGFsbGVuZ2UiOiJ6VExxSHkxZnc5Y2xORERoclNHaVRaSHlxNEFtbDNmVDJlZWlhR3ZrbXdZIiwianRpIjoiZjE0N2I4YjItZThiNy00ZTYyLWEzOGEtMTQzZjM2NWU5ODA2In0.kqzAs_k0RkiPRgCxUsIsrUVQLB3lsyXCGisA5QDTeF6ARgB8GrEZa-EkW5TKAjbfpoA00ZTh99NqDWyazJWkMvwZ0H2KNFk1pu9TQgXMFszM6xmIYEcoco-_2GBJjpC6KOasynHDRw3wieRkewdKZ5BxMSmGyH9HIOInEcclv2ccnMmyNVJ8qIKi4TD8hp9ISTplY_iwbkNDc_YajdA_z9ZMe9Eb-tkXM88l-Skv5iY3J7vUL3ZDdqEwGEFbV_rctGcqwwZ_m-L9WnETsCEIXjdlb1hRqQMa1HhQ0U2AIHoQ5VOhHxQq4tZ_Fw9BKje5uUR4rryKvpH-IBtWmHCdBA",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "response_type": "code id_token",
    "code_challenge_method": "S256",
    "nonce": "5c83c588-7db7-4abc-96b5-4a7bfdceeb42",
    "client_id": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
    "nbf": 1640815871,
    "scope": "accounts openid consent:urn:conformance.oidf:4z3X0KNd9P",
    "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
    "state": "2e1c6988-7faf-4b20-8732-f018c1372baf",
    "exp": 1640819470,
    "iat": 1640815870,
    "code_challenge": "zTLqHy1fw9clNDDhrSGiTZHyq4Aml3fT2eeiaGvkmwY",
    "jti": "f147b8b2-e8b7-4e62-a38a-143f365e9806"
  }
}
2021-12-29 22:11:11 SUCCESS
EnsurePAREndpointRequestDoesNotContainRequestUriParameter
PAR endpoint request does not contain a request_uri parameter
2021-12-29 22:11:11 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2021-12-29 22:11:11 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2021-12-29 22:11:11
FAPIBrazilValidateRequestObjectIdTokenACRClaims
acr claim is not requested
2021-12-29 22:11:11 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Dec 29, 2021, 11:11:10 PM"
2021-12-29 22:11:11 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Dec 29, 2021, 10:11:11 PM"
now
"Dec 29, 2021, 10:11:11 PM"
2021-12-29 22:11:11
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2021-12-29 22:11:11 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2021-12-29 22:11:11 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2021-12-29 22:11:11 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2021-12-29 22:11:11 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2021-12-29 22:11:11 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJub25jZSI6IjVjODNjNTg4LTdkYjctNGFiYy05NmI1LTRhN2JmZGNlZWI0MiIsImNsaWVudF9pZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9yZWNlcGNhby1idlwvIiwibmJmIjoxNjQwODE1ODcxLCJzY29wZSI6ImFjY291bnRzIG9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOjR6M1gwS05kOVAiLCJyZWRpcmVjdF91cmkiOiJodHRwczpcL1wvYXBpLXFhLmJ2b3Blbi5jb20uYnJcL3JlY2VwdG9yLXJlZGlyZWN0XC92MVwvaW50ZXJuZXQtYmFua2luZ1wvYXV0aG9yaXplLWNhbGxiYWNrIiwic3RhdGUiOiIyZTFjNjk4OC03ZmFmLTRiMjAtODczMi1mMDE4YzEzNzJiYWYiLCJleHAiOjE2NDA4MTk0NzAsImlhdCI6MTY0MDgxNTg3MCwiY29kZV9jaGFsbGVuZ2UiOiJ6VExxSHkxZnc5Y2xORERoclNHaVRaSHlxNEFtbDNmVDJlZWlhR3ZrbXdZIiwianRpIjoiZjE0N2I4YjItZThiNy00ZTYyLWEzOGEtMTQzZjM2NWU5ODA2In0.kqzAs_k0RkiPRgCxUsIsrUVQLB3lsyXCGisA5QDTeF6ARgB8GrEZa-EkW5TKAjbfpoA00ZTh99NqDWyazJWkMvwZ0H2KNFk1pu9TQgXMFszM6xmIYEcoco-_2GBJjpC6KOasynHDRw3wieRkewdKZ5BxMSmGyH9HIOInEcclv2ccnMmyNVJ8qIKi4TD8hp9ISTplY_iwbkNDc_YajdA_z9ZMe9Eb-tkXM88l-Skv5iY3J7vUL3ZDdqEwGEFbV_rctGcqwwZ_m-L9WnETsCEIXjdlb1hRqQMa1HhQ0U2AIHoQ5VOhHxQq4tZ_Fw9BKje5uUR4rryKvpH-IBtWmHCdBA
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 20470105991639945101333275222632884736574483865528906726892528525563191082183695260204312736582372939211055359067203803085750810655850954661951144951323156016175226041830645945715513868126850067392212624376671953805748628313454513795689104315557781181477191907644208938174263279538822216580366877482634997324327056726074955380834197509531619477599127660288830507703834432824311448281762320165839347904106371594443864070803621659794095259323351600661287063154929280227814731229282446194900829223861656310231284465453525094881675730459265540745017449257927239533034759013077714190534660553709869627625978272751475164353
  public exponent: 65537
2021-12-29 22:11:11 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
2021-12-29 22:11:11 SUCCESS
EnsureRequestObjectContainsCodeChallengeWhenUsingPAR
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
zTLqHy1fw9clNDDhrSGiTZHyq4Aml3fT2eeiaGvkmwY
2021-12-29 22:11:11 SUCCESS
CreatePAREndpointResponse
Created PAR endpoint response
request_uri
urn:ietf:params:oauth:request_uri:941c56d7-9859-4e57-bd51-b43ce4007d3c
expires_in
600
2021-12-29 22:11:11 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "request_uri": "urn:ietf:params:oauth:request_uri:941c56d7-9859-4e57-bd51-b43ce4007d3c",
  "expires_in": 600
}
outgoing_path
par
2021-12-29 22:11:12 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "got (https://github.com/sindresorhus/got)",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "request_uri": "urn:ietf:params:oauth:request_uri:941c56d7-9859-4e57-bd51-b43ce4007d3c",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "scope": "accounts openid consent:urn:conformance.oidf:4z3X0KNd9P",
  "response_type": "code id_token",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback"
}
incoming_body
2021-12-29 22:11:12 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2021-12-29 22:11:12 SUCCESS
EnsureAuthorizationRequestDoesNotContainRequestWhenUsingPAR
Request does not contain a request parameter
2021-12-29 22:11:12 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2021-12-29 22:11:12 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "scope": "accounts openid consent:urn:conformance.oidf:4z3X0KNd9P",
  "response_type": "code id_token",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "iss": "r3-1Pzx4eZFejFKvrCef_",
  "code_challenge_method": "S256",
  "nonce": "5c83c588-7db7-4abc-96b5-4a7bfdceeb42",
  "aud": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "nbf": 1640815871,
  "state": "2e1c6988-7faf-4b20-8732-f018c1372baf",
  "exp": 1640819470,
  "iat": 1640815870,
  "code_challenge": "zTLqHy1fw9clNDDhrSGiTZHyq4Aml3fT2eeiaGvkmwY",
  "jti": "f147b8b2-e8b7-4e62-a38a-143f365e9806"
}
2021-12-29 22:11:12 SUCCESS
EnsureClientIdInAuthorizationRequestParametersMatchRequestObject
client_id http request parameter value matches client_id in request object
2021-12-29 22:11:12 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
accounts openid consent:urn:conformance.oidf:4z3X0KNd9P
2021-12-29 22:11:12 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:4z3X0KNd9P"
]
expected
consent:urn:conformance.oidf:4z3X0KNd9P
2021-12-29 22:11:12 SUCCESS
EnsureScopeContainsAccounts
Found accounts scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:4z3X0KNd9P"
]
2021-12-29 22:11:12 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2021-12-29 22:11:12 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "accounts",
  "openid",
  "consent:urn:conformance.oidf:4z3X0KNd9P"
]
expected
openid
2021-12-29 22:11:12 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
r3-1Pzx4eZFejFKvrCef_
2021-12-29 22:11:12 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao
2021-12-29 22:11:12 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
5c83c588-7db7-4abc-96b5-4a7bfdceeb42
2021-12-29 22:11:12 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
epPS1m45uZlkBX4uyAttlQ
2021-12-29 22:11:12 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
gHWw-LPpiJrEwhJpI5t9Mw
2021-12-29 22:11:12 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/recepcao-bv/
sub
user-subject-1234531
aud
r3-1Pzx4eZFejFKvrCef_
nonce
5c83c588-7db7-4abc-96b5-4a7bfdceeb42
iat
1640815872
exp
1640816172
2021-12-29 22:11:12
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2021-12-29 22:11:12 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
epPS1m45uZlkBX4uyAttlQ
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "5c83c588-7db7-4abc-96b5-4a7bfdceeb42",
  "iat": 1640815872,
  "exp": 1640816172,
  "c_hash": "epPS1m45uZlkBX4uyAttlQ"
}
2021-12-29 22:11:12 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
gHWw-LPpiJrEwhJpI5t9Mw
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "5c83c588-7db7-4abc-96b5-4a7bfdceeb42",
  "iat": 1640815872,
  "exp": 1640816172,
  "c_hash": "epPS1m45uZlkBX4uyAttlQ",
  "s_hash": "gHWw-LPpiJrEwhJpI5t9Mw"
}
2021-12-29 22:11:12 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2021-12-29 22:11:12 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2021-12-29 22:11:12 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6ImVwUFMxbTQ1dVpsa0JYNHV5QXR0bFEiLCJzX2hhc2giOiJnSFd3LUxQcGlKckV3aEpwSTV0OU13IiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzIsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODcyfQ.oIyiAFIWnXw7t5tTgopl7dHHgwLkG3iQjuaXyEwPV0yt4b9kLWtW4LEhjCyyC6y87uJUdaSYyrMho7cGSEiuioYSPicm2wI-RC0OE9knS9dpQZHVs2m5qiwAgw5Svyse08aaIaP5ZA70enYdGJszZVxNNhSKZynrYGIPqjGPFTvfUo3y_S32ZVhJCmQtIQ4wNr5pX-Wa_eHkNVWZ-wHPYrSbkUU0ln3TPLAnf8Uc4FyPrLH-cPb_-m3oBctxfWykpZOkJbxSLKBDuoC1evdUl9MAT5Vn45XRkcVzQMRIihcAxnPSkX5NfpGqKxRakuGLqjq4cAeq8L4Idew7t_13Bg
2021-12-29 22:11:12 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance.oidf:4z3X0KNd9P",
    "creationDateTime": "2021-12-29T22:11:07Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-29T22:11:12Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:11:07Z",
    "transactionFromDateTime": "2021-12-29T22:06:07Z",
    "transactionToDateTime": "2021-12-30T00:11:07Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:11:07Z"
  }
}
2021-12-29 22:11:12 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "2e1c6988-7faf-4b20-8732-f018c1372baf"
}
2021-12-29 22:11:12 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "2e1c6988-7faf-4b20-8732-f018c1372baf",
  "code": "ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao"
}
2021-12-29 22:11:12 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "state": "2e1c6988-7faf-4b20-8732-f018c1372baf",
  "code": "ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao",
  "id_token": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6ImVwUFMxbTQ1dVpsa0JYNHV5QXR0bFEiLCJzX2hhc2giOiJnSFd3LUxQcGlKckV3aEpwSTV0OU13IiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzIsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODcyfQ.oIyiAFIWnXw7t5tTgopl7dHHgwLkG3iQjuaXyEwPV0yt4b9kLWtW4LEhjCyyC6y87uJUdaSYyrMho7cGSEiuioYSPicm2wI-RC0OE9knS9dpQZHVs2m5qiwAgw5Svyse08aaIaP5ZA70enYdGJszZVxNNhSKZynrYGIPqjGPFTvfUo3y_S32ZVhJCmQtIQ4wNr5pX-Wa_eHkNVWZ-wHPYrSbkUU0ln3TPLAnf8Uc4FyPrLH-cPb_-m3oBctxfWykpZOkJbxSLKBDuoC1evdUl9MAT5Vn45XRkcVzQMRIihcAxnPSkX5NfpGqKxRakuGLqjq4cAeq8L4Idew7t_13Bg"
}
2021-12-29 22:11:12
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback#state=2e1c6988-7faf-4b20-8732-f018c1372baf&code=ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao&id_token=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6ImVwUFMxbTQ1dVpsa0JYNHV5QXR0bFEiLCJzX2hhc2giOiJnSFd3LUxQcGlKckV3aEpwSTV0OU13IiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzIsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODcyfQ.oIyiAFIWnXw7t5tTgopl7dHHgwLkG3iQjuaXyEwPV0yt4b9kLWtW4LEhjCyyC6y87uJUdaSYyrMho7cGSEiuioYSPicm2wI-RC0OE9knS9dpQZHVs2m5qiwAgw5Svyse08aaIaP5ZA70enYdGJszZVxNNhSKZynrYGIPqjGPFTvfUo3y_S32ZVhJCmQtIQ4wNr5pX-Wa_eHkNVWZ-wHPYrSbkUU0ln3TPLAnf8Uc4FyPrLH-cPb_-m3oBctxfWykpZOkJbxSLKBDuoC1evdUl9MAT5Vn45XRkcVzQMRIihcAxnPSkX5NfpGqKxRakuGLqjq4cAeq8L4Idew7t_13Bg
2021-12-29 22:11:12 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback#state=2e1c6988-7faf-4b20-8732-f018c1372baf&code=ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao&id_token=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImNfaGFzaCI6ImVwUFMxbTQ1dVpsa0JYNHV5QXR0bFEiLCJzX2hhc2giOiJnSFd3LUxQcGlKckV3aEpwSTV0OU13IiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzIsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODcyfQ.oIyiAFIWnXw7t5tTgopl7dHHgwLkG3iQjuaXyEwPV0yt4b9kLWtW4LEhjCyyC6y87uJUdaSYyrMho7cGSEiuioYSPicm2wI-RC0OE9knS9dpQZHVs2m5qiwAgw5Svyse08aaIaP5ZA70enYdGJszZVxNNhSKZynrYGIPqjGPFTvfUo3y_S32ZVhJCmQtIQ4wNr5pX-Wa_eHkNVWZ-wHPYrSbkUU0ln3TPLAnf8Uc4FyPrLH-cPb_-m3oBctxfWykpZOkJbxSLKBDuoC1evdUl9MAT5Vn45XRkcVzQMRIihcAxnPSkX5NfpGqKxRakuGLqjq4cAeq8L4Idew7t_13Bg]
outgoing_path
authorize
2021-12-29 22:11:12 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:12 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:11:12 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "RSA-OAEP",
      "alg": "RSA-OAEP",
      "n": "yOOavXMTDgjbvz9gzHvfhdbkytzDLWt6vft8fL73oz1h0s9EJUADdXoj-one0ewSx3JUdeibkOC9hCm_OYDVc5SdsHEl_U3T2ViYdqLMwxmjdBup3wMo6kZsClEjwXtVOXpe3XxuEdRCS4Z2i5iTXCBmK2bcg7FHcCoMan4OKjZv4ezl62TIljE6bp0PCexq38XI9bhYebkpAiu6A-wqBZtthvzBYgBKqjvsVg3GHtGvaVnK64KRkQuYeW7Wn4t7vME6tSzEyVpmgomenjTYGXDYET0IfQ7QTbNWa15aiyj1rEcg1_Tvr9spKY6t6griKIIdB85n52tkuA7YdrIFbQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
      "alg": "PS256",
      "n": "oieLonigdMZ5ocjKK1gINOTs9vPrxGZ5wuXF2lLlXU1UpcIDNrqDq3ldJ3HUaUSmyw-AOWehP4eh1AF3anfjAU39Qi0_o0VV-V2o-SGD3D6Nxm9jinHVjiGOkxK2TDIyC8N2KqE48N7uzZNZH80ygDv8pgYu7uL1kJQn5lw5WGVNMKiKtrerPDhJBf1iFIya7JRJeaIQ26DA0yJ_KIDOxAzUdb_t9Jq895OnLwsIygL1lhfXRtxGNSwMAXe_lJm67vJXKDM_eXLI5s6AHRcyiprlAYFD9ktWelC6Ltz-4cFi6VcgxyYgNmfj7dkstQBPu2mZq3bhuoOuZKScnyMEwQ"
    }
  ]
}
outgoing_path
jwks
2021-12-29 22:11:13 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.9.1 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "content-length": "1383",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback",
  "code_verifier": "U~E1ITIoJOSm0Vf-fNQjpHDv~O0xVuQ_8hPqRjraNLZ2OjQ2TTEpcq7lWAQYNhN-6vln5-nI~B.qoQc1noVRumWyoWmT._PIzd0dmjj6mV4xuTv~oj_ZRQF~DzSs84dS",
  "client_id": "r3-1Pzx4eZFejFKvrCef_",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkZKbEY2VE9Cb0kzOHUyUk41UHRGSGRqWEN1amZDbEd5REZFUUQ3Q3hKNjQifQ.eyJpYXQiOjE2NDA4MTU4NzIsImV4cCI6MTY0MDgxNTkzMiwianRpIjoiXzZuSTA2cGwwX1NnS192czdWSWVtS1g3RGpJRTdxSHJmOEh1THdJakRIayIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsInN1YiI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6WyJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsImh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvcmVjZXBjYW8tYnYvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvcmVjZXBjYW8tYnYvdG9rZW4iXX0.Xga_aUng7o1pP8h2PR84IGCjX01xxk2JXmvhecARCuABipGyjQ4MWQqQGdeS6YtYl2O0_F-1KpO-9euvJ6mHbbVsKw1nAEJVVnzLiMQ1uSJeOYdJhK-SU2_Bzs2XQiAPpVyg8Shc3MskGnlinihhEuj1DPFL8RDeT3gIxuiIBSlyHY2mcVLBn3rj4rugUkcq5AwPcHd3b48XCH8yTx7cAzKmhXSbuaNjy8lDfmfcuh4f69pc3acEZ62hXge1lqotOphfZhhEg8U0p-uw-ZtdMZo3Cnh8ywYVmgA3cfchx-gWiEJJZAeYrx1KMOSW6BqYwJOxYD1bFQTcpE2EnfQpQg",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao&redirect_uri=https%3A%2F%2Fapi-qa.bvopen.com.br%2Freceptor-redirect%2Fv1%2Finternet-banking%2Fauthorize-callback&code_verifier=U%7EE1ITIoJOSm0Vf-fNQjpHDv%7EO0xVuQ_8hPqRjraNLZ2OjQ2TTEpcq7lWAQYNhN-6vln5-nI%7EB.qoQc1noVRumWyoWmT._PIzd0dmjj6mV4xuTv%7Eoj_ZRQF%7EDzSs84dS&client_id=r3-1Pzx4eZFejFKvrCef_&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkZKbEY2VE9Cb0kzOHUyUk41UHRGSGRqWEN1amZDbEd5REZFUUQ3Q3hKNjQifQ.eyJpYXQiOjE2NDA4MTU4NzIsImV4cCI6MTY0MDgxNTkzMiwianRpIjoiXzZuSTA2cGwwX1NnS192czdWSWVtS1g3RGpJRTdxSHJmOEh1THdJakRIayIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsInN1YiI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6WyJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsImh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvcmVjZXBjYW8tYnYvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvcmVjZXBjYW8tYnYvdG9rZW4iXX0.Xga_aUng7o1pP8h2PR84IGCjX01xxk2JXmvhecARCuABipGyjQ4MWQqQGdeS6YtYl2O0_F-1KpO-9euvJ6mHbbVsKw1nAEJVVnzLiMQ1uSJeOYdJhK-SU2_Bzs2XQiAPpVyg8Shc3MskGnlinihhEuj1DPFL8RDeT3gIxuiIBSlyHY2mcVLBn3rj4rugUkcq5AwPcHd3b48XCH8yTx7cAzKmhXSbuaNjy8lDfmfcuh4f69pc3acEZ62hXge1lqotOphfZhhEg8U0p-uw-ZtdMZo3Cnh8ywYVmgA3cfchx-gWiEJJZAeYrx1KMOSW6BqYwJOxYD1bFQTcpE2EnfQpQg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 22:11:13 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 22:11:13 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:13 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:13 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:13 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkZKbEY2VE9Cb0kzOHUyUk41UHRGSGRqWEN1amZDbEd5REZFUUQ3Q3hKNjQifQ.eyJpYXQiOjE2NDA4MTU4NzIsImV4cCI6MTY0MDgxNTkzMiwianRpIjoiXzZuSTA2cGwwX1NnS192czdWSWVtS1g3RGpJRTdxSHJmOEh1THdJakRIayIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsInN1YiI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6WyJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsImh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvcmVjZXBjYW8tYnYvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvcmVjZXBjYW8tYnYvdG9rZW4iXX0.Xga_aUng7o1pP8h2PR84IGCjX01xxk2JXmvhecARCuABipGyjQ4MWQqQGdeS6YtYl2O0_F-1KpO-9euvJ6mHbbVsKw1nAEJVVnzLiMQ1uSJeOYdJhK-SU2_Bzs2XQiAPpVyg8Shc3MskGnlinihhEuj1DPFL8RDeT3gIxuiIBSlyHY2mcVLBn3rj4rugUkcq5AwPcHd3b48XCH8yTx7cAzKmhXSbuaNjy8lDfmfcuh4f69pc3acEZ62hXge1lqotOphfZhhEg8U0p-uw-ZtdMZo3Cnh8ywYVmgA3cfchx-gWiEJJZAeYrx1KMOSW6BqYwJOxYD1bFQTcpE2EnfQpQg",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": [
      "https://www.certification.openid.net/test/a/recepcao-bv/",
      "https://www.certification.openid.net/test/a/recepcao-bv/token",
      "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token"
    ],
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640815932,
    "iat": 1640815872,
    "jti": "_6nI06pl0_SgK_vs7VIemKX7DjIE7qHrf8HuLwIjDHk"
  }
}
2021-12-29 22:11:13
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:11:13 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IkZKbEY2VE9Cb0kzOHUyUk41UHRGSGRqWEN1amZDbEd5REZFUUQ3Q3hKNjQifQ.eyJpYXQiOjE2NDA4MTU4NzIsImV4cCI6MTY0MDgxNTkzMiwianRpIjoiXzZuSTA2cGwwX1NnS192czdWSWVtS1g3RGpJRTdxSHJmOEh1THdJakRIayIsImlzcyI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsInN1YiI6InIzLTFQeng0ZVpGZWpGS3ZyQ2VmXyIsImF1ZCI6WyJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3JlY2VwY2FvLWJ2LyIsImh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvcmVjZXBjYW8tYnYvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvcmVjZXBjYW8tYnYvdG9rZW4iXX0.Xga_aUng7o1pP8h2PR84IGCjX01xxk2JXmvhecARCuABipGyjQ4MWQqQGdeS6YtYl2O0_F-1KpO-9euvJ6mHbbVsKw1nAEJVVnzLiMQ1uSJeOYdJhK-SU2_Bzs2XQiAPpVyg8Shc3MskGnlinihhEuj1DPFL8RDeT3gIxuiIBSlyHY2mcVLBn3rj4rugUkcq5AwPcHd3b48XCH8yTx7cAzKmhXSbuaNjy8lDfmfcuh4f69pc3acEZ62hXge1lqotOphfZhhEg8U0p-uw-ZtdMZo3Cnh8ywYVmgA3cfchx-gWiEJJZAeYrx1KMOSW6BqYwJOxYD1bFQTcpE2EnfQpQg
2021-12-29 22:11:13 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:11:13 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 22:11:13 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao
2021-12-29 22:11:13 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
2021-12-29 22:11:13 SUCCESS
ValidateCodeVerifierWithS256
Validated code_verifier successfully
code_challenge_method
S256
code_verifier
U~E1ITIoJOSm0Vf-fNQjpHDv~O0xVuQ_8hPqRjraNLZ2OjQ2TTEpcq7lWAQYNhN-6vln5-nI~B.qoQc1noVRumWyoWmT._PIzd0dmjj6mV4xuTv~oj_ZRQF~DzSs84dS
code_challenge
zTLqHy1fw9clNDDhrSGiTZHyq4Aml3fT2eeiaGvkmwY
2021-12-29 22:11:13 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
4GVTnrJLupuXB4kg5bslaPkUQUlBWltqnaDnlshZ36IJeOYNiH
2021-12-29 22:11:13 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
LdLREvTXvHNEvmL8v3r1Fg
2021-12-29 22:11:13
CreateRefreshToken
Created refresh token
refresh_token
qBPhQgdlCWlENezPhTWxPvumxBeKNGopeIqlOipSHJLbJyGtEr7840300264/(?` 
2021-12-29 22:11:13 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/recepcao-bv/
sub
user-subject-1234531
aud
r3-1Pzx4eZFejFKvrCef_
nonce
5c83c588-7db7-4abc-96b5-4a7bfdceeb42
iat
1640815873
exp
1640816173
2021-12-29 22:11:13
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2021-12-29 22:11:13 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
LdLREvTXvHNEvmL8v3r1Fg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "5c83c588-7db7-4abc-96b5-4a7bfdceeb42",
  "iat": 1640815873,
  "exp": 1640816173,
  "at_hash": "LdLREvTXvHNEvmL8v3r1Fg"
}
2021-12-29 22:11:13 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2021-12-29 22:11:13 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiTGRMUkV2VFh2SE5Fdm1MOHYzcjFGZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzMsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODczfQ.Ra29tABPeORENQpIMj-8Qrb0MPq18YqpG3KfMEKjOBiK5MU8l3bdE5YsE4ofmipCvJsFQ9hHdZUPTGNFOJU3036GMVC2bPDioRjsJcWz-WqU11frpqvLjKJZRxXe9vcxgK0xV3sGRH_y_2oi3YoTx610aywW7YBIg7aIRd9J_y3xrX3d6Md4aSZIliNWYTwLIVN5G91SO5nLYsGQqpSRGSmgSPJ1U0IZNGDmVdxqx16oxTVpvbBCeGvYmXJ4FIsEjGPlWY6hurL3VmA7slMQ4JbgbSWFHkk9wak0vA9-NkctzJe_I0ug082xct4x6LOQC4tu-dFGfJ3iPM_AuTSzXA
2021-12-29 22:11:13 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
4GVTnrJLupuXB4kg5bslaPkUQUlBWltqnaDnlshZ36IJeOYNiH
token_type
Bearer
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiTGRMUkV2VFh2SE5Fdm1MOHYzcjFGZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzMsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODczfQ.Ra29tABPeORENQpIMj-8Qrb0MPq18YqpG3KfMEKjOBiK5MU8l3bdE5YsE4ofmipCvJsFQ9hHdZUPTGNFOJU3036GMVC2bPDioRjsJcWz-WqU11frpqvLjKJZRxXe9vcxgK0xV3sGRH_y_2oi3YoTx610aywW7YBIg7aIRd9J_y3xrX3d6Md4aSZIliNWYTwLIVN5G91SO5nLYsGQqpSRGSmgSPJ1U0IZNGDmVdxqx16oxTVpvbBCeGvYmXJ4FIsEjGPlWY6hurL3VmA7slMQ4JbgbSWFHkk9wak0vA9-NkctzJe_I0ug082xct4x6LOQC4tu-dFGfJ3iPM_AuTSzXA
refresh_token
qBPhQgdlCWlENezPhTWxPvumxBeKNGopeIqlOipSHJLbJyGtEr7840300264/(?` 
scope
accounts openid consent:urn:conformance.oidf:4z3X0KNd9P
2021-12-29 22:11:13
RemoveIssuedAccessTokenFromEnvironment
Removed access_token and token_type from environment
2021-12-29 22:11:13 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "4GVTnrJLupuXB4kg5bslaPkUQUlBWltqnaDnlshZ36IJeOYNiH",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiTGRMUkV2VFh2SE5Fdm1MOHYzcjFGZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzMsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODczfQ.Ra29tABPeORENQpIMj-8Qrb0MPq18YqpG3KfMEKjOBiK5MU8l3bdE5YsE4ofmipCvJsFQ9hHdZUPTGNFOJU3036GMVC2bPDioRjsJcWz-WqU11frpqvLjKJZRxXe9vcxgK0xV3sGRH_y_2oi3YoTx610aywW7YBIg7aIRd9J_y3xrX3d6Md4aSZIliNWYTwLIVN5G91SO5nLYsGQqpSRGSmgSPJ1U0IZNGDmVdxqx16oxTVpvbBCeGvYmXJ4FIsEjGPlWY6hurL3VmA7slMQ4JbgbSWFHkk9wak0vA9-NkctzJe_I0ug082xct4x6LOQC4tu-dFGfJ3iPM_AuTSzXA",
  "refresh_token": "qBPhQgdlCWlENezPhTWxPvumxBeKNGopeIqlOipSHJLbJyGtEr7840300264/(?` ",
  "scope": "accounts openid consent:urn:conformance.oidf:4z3X0KNd9P"
}
outgoing_path
token
2021-12-29 22:11:15 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:15 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:11:15 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:11:16 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "1183",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao",
  "code_verifier": "U~E1ITIoJOSm0Vf-fNQjpHDv~O0xVuQ_8hPqRjraNLZ2OjQ2TTEpcq7lWAQYNhN-6vln5-nI~B.qoQc1noVRumWyoWmT._PIzd0dmjj6mV4xuTv~oj_ZRQF~DzSs84dS",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxNzYsImlhdCI6MTY0MDgxNTg3NiwianRpIjoiMzI1NWIxYTUtN2UzMy00YzM3LWEwNDMtYWU0ZDM2YjMyODgzIn0.CsEDXsfXm4x0rIXQqFSuabfzjGb7-Pklh6FvLlkOfCusSzn-ZSVrRLE2so0vprHQsvAngOKIifGmA27Fsb0DO0-StLugBkvOkmxwKDt1nRZkb1BnTofEP4Q-Gy5nYNdbx9KSTiVhdbKJjw1FoXOXwWBJNOhfweuzeOD2gagcGnBdvSQe3bE05AP0DWR5Zc1X48rQQ6bLVww5zcsVl37NTN3VHFv8N7Z5wAnDIvQADOIPafsKznvDJKOhVyx9d_-35bI1e-WnS9CmEqgNEOdgjLARDjofYRwtW5oHTvyEUzH9cfVn4ve4EFmPwMUqe3zME9T4Lm8XiGodistrhh-EwA",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  "redirect_uri": "https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao&code_verifier=U%7EE1ITIoJOSm0Vf-fNQjpHDv%7EO0xVuQ_8hPqRjraNLZ2OjQ2TTEpcq7lWAQYNhN-6vln5-nI%7EB.qoQc1noVRumWyoWmT._PIzd0dmjj6mV4xuTv%7Eoj_ZRQF%7EDzSs84dS&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxNzYsImlhdCI6MTY0MDgxNTg3NiwianRpIjoiMzI1NWIxYTUtN2UzMy00YzM3LWEwNDMtYWU0ZDM2YjMyODgzIn0.CsEDXsfXm4x0rIXQqFSuabfzjGb7-Pklh6FvLlkOfCusSzn-ZSVrRLE2so0vprHQsvAngOKIifGmA27Fsb0DO0-StLugBkvOkmxwKDt1nRZkb1BnTofEP4Q-Gy5nYNdbx9KSTiVhdbKJjw1FoXOXwWBJNOhfweuzeOD2gagcGnBdvSQe3bE05AP0DWR5Zc1X48rQQ6bLVww5zcsVl37NTN3VHFv8N7Z5wAnDIvQADOIPafsKznvDJKOhVyx9d_-35bI1e-WnS9CmEqgNEOdgjLARDjofYRwtW5oHTvyEUzH9cfVn4ve4EFmPwMUqe3zME9T4Lm8XiGodistrhh-EwA&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&redirect_uri=https%3A%2F%2Fapi-qa.bvopen.com.br%2Freceptor-redirect%2Fv1%2Finternet-banking%2Fauthorize-callback
2021-12-29 22:11:16 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 22:11:16 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:16 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:16 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:16 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxNzYsImlhdCI6MTY0MDgxNTg3NiwianRpIjoiMzI1NWIxYTUtN2UzMy00YzM3LWEwNDMtYWU0ZDM2YjMyODgzIn0.CsEDXsfXm4x0rIXQqFSuabfzjGb7-Pklh6FvLlkOfCusSzn-ZSVrRLE2so0vprHQsvAngOKIifGmA27Fsb0DO0-StLugBkvOkmxwKDt1nRZkb1BnTofEP4Q-Gy5nYNdbx9KSTiVhdbKJjw1FoXOXwWBJNOhfweuzeOD2gagcGnBdvSQe3bE05AP0DWR5Zc1X48rQQ6bLVww5zcsVl37NTN3VHFv8N7Z5wAnDIvQADOIPafsKznvDJKOhVyx9d_-35bI1e-WnS9CmEqgNEOdgjLARDjofYRwtW5oHTvyEUzH9cfVn4ve4EFmPwMUqe3zME9T4Lm8XiGodistrhh-EwA",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640816176,
    "iat": 1640815876,
    "jti": "3255b1a5-7e33-4c37-a043-ae4d36b32883"
  }
}
2021-12-29 22:11:16
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:11:16 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxNzYsImlhdCI6MTY0MDgxNTg3NiwianRpIjoiMzI1NWIxYTUtN2UzMy00YzM3LWEwNDMtYWU0ZDM2YjMyODgzIn0.CsEDXsfXm4x0rIXQqFSuabfzjGb7-Pklh6FvLlkOfCusSzn-ZSVrRLE2so0vprHQsvAngOKIifGmA27Fsb0DO0-StLugBkvOkmxwKDt1nRZkb1BnTofEP4Q-Gy5nYNdbx9KSTiVhdbKJjw1FoXOXwWBJNOhfweuzeOD2gagcGnBdvSQe3bE05AP0DWR5Zc1X48rQQ6bLVww5zcsVl37NTN3VHFv8N7Z5wAnDIvQADOIPafsKznvDJKOhVyx9d_-35bI1e-WnS9CmEqgNEOdgjLARDjofYRwtW5oHTvyEUzH9cfVn4ve4EFmPwMUqe3zME9T4Lm8XiGodistrhh-EwA
2021-12-29 22:11:16 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:11:16 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 22:11:16 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
ocTOPAYxyHo7yHWKpSNbVSkErIvC7Xao
2021-12-29 22:11:16 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://api-qa.bvopen.com.br/receptor-redirect/v1/internet-banking/authorize-callback
2021-12-29 22:11:16 SUCCESS
ValidateCodeVerifierWithS256
Validated code_verifier successfully
code_challenge_method
S256
code_verifier
U~E1ITIoJOSm0Vf-fNQjpHDv~O0xVuQ_8hPqRjraNLZ2OjQ2TTEpcq7lWAQYNhN-6vln5-nI~B.qoQc1noVRumWyoWmT._PIzd0dmjj6mV4xuTv~oj_ZRQF~DzSs84dS
code_challenge
zTLqHy1fw9clNDDhrSGiTZHyq4Aml3fT2eeiaGvkmwY
2021-12-29 22:11:16 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
5imzSpQcwLYi42nK1Kdv2loAraFcyjFaBdeIpCcYzj13YrDGhX
2021-12-29 22:11:16 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
JBYjf48IqkskDT1HtJxZQQ
2021-12-29 22:11:16
CreateRefreshToken
Created refresh token
refresh_token
YxFshRmrdjrEwMzXknMLGbSslKEYHzNBpbyibxZNtirAHQQSjC9596002081-#}_"
2021-12-29 22:11:16 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/recepcao-bv/
sub
user-subject-1234531
aud
r3-1Pzx4eZFejFKvrCef_
nonce
5c83c588-7db7-4abc-96b5-4a7bfdceeb42
iat
1640815876
exp
1640816176
2021-12-29 22:11:16
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2021-12-29 22:11:16 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
JBYjf48IqkskDT1HtJxZQQ
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "sub": "user-subject-1234531",
  "aud": "r3-1Pzx4eZFejFKvrCef_",
  "nonce": "5c83c588-7db7-4abc-96b5-4a7bfdceeb42",
  "iat": 1640815876,
  "exp": 1640816176,
  "at_hash": "JBYjf48IqkskDT1HtJxZQQ"
}
2021-12-29 22:11:16 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2021-12-29 22:11:16 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiSkJZamY0OElxa3NrRFQxSHRKeFpRUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzYsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODc2fQ.Fwjs_bdXbL2fhH9aFrAUYnqWIlTbIuloA4gn-X04GorOLsIl6N5FdjLP1kUTRHheammKleWop3_ROand6GsrXG_Y1A2Vsf4bRQtY0QYTqquVn92_2-4accw5OXOWxwW43-MR1_P7niORQamm4XA4Gye_eEHePQlOKM9ahQLzyGH_R59HaZh93TJfklBwPYRvNQv4alYTDuFP5rlH2vw3fsL2FDLodCPR9wUwBvwcC9Fs3JyjR6Yr_4O5Gt7CMPSM7q9xapWMKzcXvEKWrT6fgDS0uvAKIaUDS1LThkyVCWx6-PlzVhYgYB6J4XS0kaudydwaB1A3-Quy57FpoWUHow
2021-12-29 22:11:16 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
5imzSpQcwLYi42nK1Kdv2loAraFcyjFaBdeIpCcYzj13YrDGhX
token_type
Bearer
id_token
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiSkJZamY0OElxa3NrRFQxSHRKeFpRUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzYsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODc2fQ.Fwjs_bdXbL2fhH9aFrAUYnqWIlTbIuloA4gn-X04GorOLsIl6N5FdjLP1kUTRHheammKleWop3_ROand6GsrXG_Y1A2Vsf4bRQtY0QYTqquVn92_2-4accw5OXOWxwW43-MR1_P7niORQamm4XA4Gye_eEHePQlOKM9ahQLzyGH_R59HaZh93TJfklBwPYRvNQv4alYTDuFP5rlH2vw3fsL2FDLodCPR9wUwBvwcC9Fs3JyjR6Yr_4O5Gt7CMPSM7q9xapWMKzcXvEKWrT6fgDS0uvAKIaUDS1LThkyVCWx6-PlzVhYgYB6J4XS0kaudydwaB1A3-Quy57FpoWUHow
refresh_token
YxFshRmrdjrEwMzXknMLGbSslKEYHzNBpbyibxZNtirAHQQSjC9596002081-#}_"
scope
accounts openid consent:urn:conformance.oidf:4z3X0KNd9P
2021-12-29 22:11:16
RemoveIssuedAccessTokenFromEnvironment
Removed access_token and token_type from environment
2021-12-29 22:11:16 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "5imzSpQcwLYi42nK1Kdv2loAraFcyjFaBdeIpCcYzj13YrDGhX",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiSkJZamY0OElxa3NrRFQxSHRKeFpRUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoicjMtMVB6eDRlWkZlakZLdnJDZWZfIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL3JlY2VwY2FvLWJ2XC8iLCJleHAiOjE2NDA4MTYxNzYsIm5vbmNlIjoiNWM4M2M1ODgtN2RiNy00YWJjLTk2YjUtNGE3YmZkY2VlYjQyIiwiaWF0IjoxNjQwODE1ODc2fQ.Fwjs_bdXbL2fhH9aFrAUYnqWIlTbIuloA4gn-X04GorOLsIl6N5FdjLP1kUTRHheammKleWop3_ROand6GsrXG_Y1A2Vsf4bRQtY0QYTqquVn92_2-4accw5OXOWxwW43-MR1_P7niORQamm4XA4Gye_eEHePQlOKM9ahQLzyGH_R59HaZh93TJfklBwPYRvNQv4alYTDuFP5rlH2vw3fsL2FDLodCPR9wUwBvwcC9Fs3JyjR6Yr_4O5Gt7CMPSM7q9xapWMKzcXvEKWrT6fgDS0uvAKIaUDS1LThkyVCWx6-PlzVhYgYB6J4XS0kaudydwaB1A3-Quy57FpoWUHow",
  "refresh_token": "YxFshRmrdjrEwMzXknMLGbSslKEYHzNBpbyibxZNtirAHQQSjC9596002081-#}_\"",
  "scope": "accounts openid consent:urn:conformance.oidf:4z3X0KNd9P"
}
outgoing_path
token
2021-12-29 22:11:18 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7",
  "x-fapi-interaction-id": "07006933-f1e0-41ad-b6a9-fba6222e2fa9",
  "x-fapi-customer-ip-address": "1.1.1.1",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/consents/v1/consents/urn:conformance.oidf:4z3X0KNd9P
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:18 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Get consent endpoint
2021-12-29 22:11:18 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:18 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:18 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:18 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-29 22:11:18 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7
2021-12-29 22:11:18 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
Nf3XoBwZYnegDikExDzDp3FeINQfFymwPFQ8m1G3qDMEt2qYa7
2021-12-29 22:11:18 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2021-12-29 22:11:18 SUCCESS
ExtractFapiIpAddressHeader
Found a FAPI ip address header
fapi_customer_ip_address
1.1.1.1
addr
1.1.1.1
2021-12-29 22:11:18 SUCCESS
ExtractFapiInteractionIdHeader
Found a FAPI interaction ID header
fapi_interaction_id
07006933-f1e0-41ad-b6a9-fba6222e2fa9
2021-12-29 22:11:18 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
07006933-f1e0-41ad-b6a9-fba6222e2fa9
2021-12-29 22:11:18 SUCCESS
FAPIBrazilGenerateGetConsentResponse
Created consent response
response
{
  "data": {
    "consentId": "urn:conformance.oidf:4z3X0KNd9P",
    "creationDateTime": "2021-12-29T22:11:07Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-29T22:11:12Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:11:07Z",
    "transactionFromDateTime": "2021-12-29T22:06:07Z",
    "transactionToDateTime": "2021-12-30T00:11:07Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:11:18Z"
  }
}
2021-12-29 22:11:18
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-29 22:11:18 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{
  "x-fapi-interaction-id": [
    "ed1313ac-ec03-48c0-b567-2a8cb0cd9574"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:4z3X0KNd9P",
    "creationDateTime": "2021-12-29T22:11:07Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-29T22:11:12Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-30T00:11:07Z",
    "transactionFromDateTime": "2021-12-29T22:06:07Z",
    "transactionToDateTime": "2021-12-30T00:11:07Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/recepcao-bvconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:11:07Z"
  }
}
outgoing_path
consents/v1/consents/urn:conformance.oidf:4z3X0KNd9P
2021-12-29 22:11:21 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer 5imzSpQcwLYi42nK1Kdv2loAraFcyjFaBdeIpCcYzj13YrDGhX",
  "x-fapi-interaction-id": "622f46a4-a773-4218-97fc-9b2a5dde46b7",
  "x-fapi-auth-date": "Wed, 29 Dec 2021 21:41:20 GMT",
  "x-fapi-customer-ip-address": "1.1.1.1",
  "x-customer-user-agent": "",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/accounts/v1/accounts
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:21 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Accounts endpoint (always rejected)
2021-12-29 22:11:21 SUCCESS
LogAccessTokenAlwaysRejectedToForceARefreshGrant
This call will be always rejected. The client must obtain a new access token twice using the refresh_token
2021-12-29 22:11:21 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
401
outgoing_headers
{
  "WWW-Authenticate": [
    "Bearer realm\u003d\"conformancesuite\", error\u003d\"invalid_token\", error_description\u003d\"Invalid access token. This test requires you to obtain a new access token twice using the refresh_token\""
  ]
}
outgoing_body
outgoing_path
accounts/v1/accounts
2021-12-29 22:11:23 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:23 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:11:23 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:11:24 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "1049",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "refresh_token": "YxFshRmrdjrEwMzXknMLGbSslKEYHzNBpbyibxZNtirAHQQSjC9596002081-#}_\"",
  "scope": "openid%20consents%20accounts%20consent:urn:conformance.oidf:4z3X0KNd9P",
  "grant_type": "refresh_token",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxODQsImlhdCI6MTY0MDgxNTg4NCwianRpIjoiZWFlN2ZkZTEtZGVhNC00ZjFkLTk3OGEtMjY0NDEzMzYyYjlmIn0.N7TeeUec4xwEwxmtY6z_arvkZflMPnzr-k8vqYyGronVVWYaA2EEwpi6gClcS_LA73C3Fs_qtNuIM-MomAsqhWmyhRrHWLgFAbEFsRj3eeVWNArzYL7eBTZB1mvCGK56eVwQt38ZiJitmx6osNFrlhtbuqDPKTA5H3LVIuDkFZ3ZOrUEzm58y8ybbS7wYu760OPBUDNRGM9vZx3T5e_rAMMxa1RLDrPmNWQw2oN_M44dauUTKOAYaN1MUM7V-QLIIyKVEk0J21kiUTu8LIukUPj2ZornZd2vpVcLQCw6j2q90rxPQjzHOCk0yqhkzMoRshUtFsSNXl1kD1m2Q00Heg",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
refresh_token=YxFshRmrdjrEwMzXknMLGbSslKEYHzNBpbyibxZNtirAHQQSjC9596002081-%23%7D_%22&scope=openid%2520consents%2520accounts%2520consent%3Aurn%3Aconformance.oidf%3A4z3X0KNd9P&grant_type=refresh_token&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxODQsImlhdCI6MTY0MDgxNTg4NCwianRpIjoiZWFlN2ZkZTEtZGVhNC00ZjFkLTk3OGEtMjY0NDEzMzYyYjlmIn0.N7TeeUec4xwEwxmtY6z_arvkZflMPnzr-k8vqYyGronVVWYaA2EEwpi6gClcS_LA73C3Fs_qtNuIM-MomAsqhWmyhRrHWLgFAbEFsRj3eeVWNArzYL7eBTZB1mvCGK56eVwQt38ZiJitmx6osNFrlhtbuqDPKTA5H3LVIuDkFZ3ZOrUEzm58y8ybbS7wYu760OPBUDNRGM9vZx3T5e_rAMMxa1RLDrPmNWQw2oN_M44dauUTKOAYaN1MUM7V-QLIIyKVEk0J21kiUTu8LIukUPj2ZornZd2vpVcLQCw6j2q90rxPQjzHOCk0yqhkzMoRshUtFsSNXl1kD1m2Q00Heg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 22:11:24 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 22:11:24 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:24 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:24 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:24 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxODQsImlhdCI6MTY0MDgxNTg4NCwianRpIjoiZWFlN2ZkZTEtZGVhNC00ZjFkLTk3OGEtMjY0NDEzMzYyYjlmIn0.N7TeeUec4xwEwxmtY6z_arvkZflMPnzr-k8vqYyGronVVWYaA2EEwpi6gClcS_LA73C3Fs_qtNuIM-MomAsqhWmyhRrHWLgFAbEFsRj3eeVWNArzYL7eBTZB1mvCGK56eVwQt38ZiJitmx6osNFrlhtbuqDPKTA5H3LVIuDkFZ3ZOrUEzm58y8ybbS7wYu760OPBUDNRGM9vZx3T5e_rAMMxa1RLDrPmNWQw2oN_M44dauUTKOAYaN1MUM7V-QLIIyKVEk0J21kiUTu8LIukUPj2ZornZd2vpVcLQCw6j2q90rxPQjzHOCk0yqhkzMoRshUtFsSNXl1kD1m2Q00Heg",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640816184,
    "iat": 1640815884,
    "jti": "eae7fde1-dea4-4f1d-978a-264413362b9f"
  }
}
2021-12-29 22:11:24
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:11:24 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxODQsImlhdCI6MTY0MDgxNTg4NCwianRpIjoiZWFlN2ZkZTEtZGVhNC00ZjFkLTk3OGEtMjY0NDEzMzYyYjlmIn0.N7TeeUec4xwEwxmtY6z_arvkZflMPnzr-k8vqYyGronVVWYaA2EEwpi6gClcS_LA73C3Fs_qtNuIM-MomAsqhWmyhRrHWLgFAbEFsRj3eeVWNArzYL7eBTZB1mvCGK56eVwQt38ZiJitmx6osNFrlhtbuqDPKTA5H3LVIuDkFZ3ZOrUEzm58y8ybbS7wYu760OPBUDNRGM9vZx3T5e_rAMMxa1RLDrPmNWQw2oN_M44dauUTKOAYaN1MUM7V-QLIIyKVEk0J21kiUTu8LIukUPj2ZornZd2vpVcLQCw6j2q90rxPQjzHOCk0yqhkzMoRshUtFsSNXl1kD1m2Q00Heg
2021-12-29 22:11:24 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:11:24 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 22:11:24 SUCCESS
ValidateRefreshToken
refresh_token parameter matches the expected value.
refresh_token
YxFshRmrdjrEwMzXknMLGbSslKEYHzNBpbyibxZNtirAHQQSjC9596002081-#}_"
2021-12-29 22:11:24 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
xWTYRKLkGkcjExQ2DVLRbeL6BEpgPO1ijLTU8tcAWUZ4eRLIeG
2021-12-29 22:11:24 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
iOSsGKDjIH4nTrY3NawuDw
2021-12-29 22:11:24
CreateRefreshToken
Created refresh token
refresh_token
MTPaYSIJBKyvvUQpSOEXkXxSjoBkeyYOZAoipOuLXDNFkCqmbf6433448657__`+(
2021-12-29 22:11:24 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
xWTYRKLkGkcjExQ2DVLRbeL6BEpgPO1ijLTU8tcAWUZ4eRLIeG
token_type
Bearer
refresh_token
MTPaYSIJBKyvvUQpSOEXkXxSjoBkeyYOZAoipOuLXDNFkCqmbf6433448657__`+(
scope
accounts openid consent:urn:conformance.oidf:4z3X0KNd9P
2021-12-29 22:11:24 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "xWTYRKLkGkcjExQ2DVLRbeL6BEpgPO1ijLTU8tcAWUZ4eRLIeG",
  "token_type": "Bearer",
  "refresh_token": "MTPaYSIJBKyvvUQpSOEXkXxSjoBkeyYOZAoipOuLXDNFkCqmbf6433448657__`+(",
  "scope": "accounts openid consent:urn:conformance.oidf:4z3X0KNd9P"
}
outgoing_path
token
2021-12-29 22:11:27 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json,application/*+json",
  "connection": "close"
}
incoming_path
/test/a/recepcao-bv/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:27 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-29 22:11:27 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/recepcao-bv/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/recepcao-bv/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/recepcao-bv/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-29 22:11:28 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "1049",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/token
incoming_body_form_params
{
  "refresh_token": "MTPaYSIJBKyvvUQpSOEXkXxSjoBkeyYOZAoipOuLXDNFkCqmbf6433448657__`+(",
  "scope": "openid%20consents%20accounts%20consent:urn:conformance.oidf:4z3X0KNd9P",
  "grant_type": "refresh_token",
  "client_assertion": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxODcsImlhdCI6MTY0MDgxNTg4NywianRpIjoiZmMzY2YzOWMtZTNiOC00ODYzLTg0NjEtMjIyOTYxZTk1OGEwIn0.F2eIIQKWFJwP3Ktvcv6wpyGvzG3NEbLmCPawSUk3yYME2TE7N6zovw6NC7IgvOQwJtNsdowOUkUr--7VM5weya0_QGTk-9g8LDkI0Pr_DL9E6F8vy2BQm0cAux9LZgdj-c6VRogayMxTwVOvCPIP5HAb05dffwvlXS_MK74xQfmOCgyaEWBcZd81-1QWgRS_wrsFMQ0rTlfcNcqZVwewLoDsmiQkOyPeLQGXtyQUdTkOxlsbZf6aqbSVkd4DGxI5AqSH7bhrfnhNIIG6-obZ-3ONfYYawtXAeud8S0-UFAqm7yw8XrWp47x5VJBHLNMuCo9mgNotYpOAqGIxfkc-IQ",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
refresh_token=MTPaYSIJBKyvvUQpSOEXkXxSjoBkeyYOZAoipOuLXDNFkCqmbf6433448657__%60%2B%28&scope=openid%2520consents%2520accounts%2520consent%3Aurn%3Aconformance.oidf%3A4z3X0KNd9P&grant_type=refresh_token&client_assertion=eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxODcsImlhdCI6MTY0MDgxNTg4NywianRpIjoiZmMzY2YzOWMtZTNiOC00ODYzLTg0NjEtMjIyOTYxZTk1OGEwIn0.F2eIIQKWFJwP3Ktvcv6wpyGvzG3NEbLmCPawSUk3yYME2TE7N6zovw6NC7IgvOQwJtNsdowOUkUr--7VM5weya0_QGTk-9g8LDkI0Pr_DL9E6F8vy2BQm0cAux9LZgdj-c6VRogayMxTwVOvCPIP5HAb05dffwvlXS_MK74xQfmOCgyaEWBcZd81-1QWgRS_wrsFMQ0rTlfcNcqZVwewLoDsmiQkOyPeLQGXtyQUdTkOxlsbZf6aqbSVkd4DGxI5AqSH7bhrfnhNIIG6-obZ-3ONfYYawtXAeud8S0-UFAqm7yw8XrWp47x5VJBHLNMuCo9mgNotYpOAqGIxfkc-IQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-12-29 22:11:28 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-29 22:11:28 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:28 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:28 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:28 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxODcsImlhdCI6MTY0MDgxNTg4NywianRpIjoiZmMzY2YzOWMtZTNiOC00ODYzLTg0NjEtMjIyOTYxZTk1OGEwIn0.F2eIIQKWFJwP3Ktvcv6wpyGvzG3NEbLmCPawSUk3yYME2TE7N6zovw6NC7IgvOQwJtNsdowOUkUr--7VM5weya0_QGTk-9g8LDkI0Pr_DL9E6F8vy2BQm0cAux9LZgdj-c6VRogayMxTwVOvCPIP5HAb05dffwvlXS_MK74xQfmOCgyaEWBcZd81-1QWgRS_wrsFMQ0rTlfcNcqZVwewLoDsmiQkOyPeLQGXtyQUdTkOxlsbZf6aqbSVkd4DGxI5AqSH7bhrfnhNIIG6-obZ-3ONfYYawtXAeud8S0-UFAqm7yw8XrWp47x5VJBHLNMuCo9mgNotYpOAqGIxfkc-IQ",
  "header": {
    "kid": "FJlF6TOBoI38u2RN5PtFHdjXCujfClGyDFEQD7CxJ64",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "r3-1Pzx4eZFejFKvrCef_",
    "aud": "https://www.certification.openid.net/test-mtls/a/recepcao-bv/token",
    "iss": "r3-1Pzx4eZFejFKvrCef_",
    "exp": 1640816187,
    "iat": 1640815887,
    "jti": "fc3cf39c-e3b8-4863-8461-222961e958a0"
  }
}
2021-12-29 22:11:28
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-12-29 22:11:28 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJraWQiOiJGSmxGNlRPQm9JMzh1MlJONVB0RkhkalhDdWpmQ2xHeURGRVFEN0N4SjY0IiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJhdWQiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdC1tdGxzXC9hXC9yZWNlcGNhby1idlwvdG9rZW4iLCJpc3MiOiJyMy0xUHp4NGVaRmVqRkt2ckNlZl8iLCJleHAiOjE2NDA4MTYxODcsImlhdCI6MTY0MDgxNTg4NywianRpIjoiZmMzY2YzOWMtZTNiOC00ODYzLTg0NjEtMjIyOTYxZTk1OGEwIn0.F2eIIQKWFJwP3Ktvcv6wpyGvzG3NEbLmCPawSUk3yYME2TE7N6zovw6NC7IgvOQwJtNsdowOUkUr--7VM5weya0_QGTk-9g8LDkI0Pr_DL9E6F8vy2BQm0cAux9LZgdj-c6VRogayMxTwVOvCPIP5HAb05dffwvlXS_MK74xQfmOCgyaEWBcZd81-1QWgRS_wrsFMQ0rTlfcNcqZVwewLoDsmiQkOyPeLQGXtyQUdTkOxlsbZf6aqbSVkd4DGxI5AqSH7bhrfnhNIIG6-obZ-3ONfYYawtXAeud8S0-UFAqm7yw8XrWp47x5VJBHLNMuCo9mgNotYpOAqGIxfkc-IQ
2021-12-29 22:11:28 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-12-29 22:11:28 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-12-29 22:11:28 SUCCESS
ValidateRefreshToken
refresh_token parameter matches the expected value.
refresh_token
MTPaYSIJBKyvvUQpSOEXkXxSjoBkeyYOZAoipOuLXDNFkCqmbf6433448657__`+(
2021-12-29 22:11:28 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
Puz6sfNzLy8Iv7z5bInTKo1u3fPSYNGiUpvUfmsfYOzZUyxnq3
2021-12-29 22:11:28 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
cpMsJY-5DcKL7edV7vx45Q
2021-12-29 22:11:28
CreateRefreshToken
Created refresh token
refresh_token
rsVdCbpHblPaUgzkkntxPtqucaoLppaBcsnLTNRZppotjZeiin4719817237-+:%$
2021-12-29 22:11:28 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
Puz6sfNzLy8Iv7z5bInTKo1u3fPSYNGiUpvUfmsfYOzZUyxnq3
token_type
Bearer
refresh_token
rsVdCbpHblPaUgzkkntxPtqucaoLppaBcsnLTNRZppotjZeiin4719817237-+:%$
scope
accounts openid consent:urn:conformance.oidf:4z3X0KNd9P
2021-12-29 22:11:28 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "Puz6sfNzLy8Iv7z5bInTKo1u3fPSYNGiUpvUfmsfYOzZUyxnq3",
  "token_type": "Bearer",
  "refresh_token": "rsVdCbpHblPaUgzkkntxPtqucaoLppaBcsnLTNRZppotjZeiin4719817237-+:%$",
  "scope": "accounts openid consent:urn:conformance.oidf:4z3X0KNd9P"
}
outgoing_path
token
2021-12-29 22:11:31 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance Dtkl8Sh2ZAVn3tT
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer Puz6sfNzLy8Iv7z5bInTKo1u3fPSYNGiUpvUfmsfYOzZUyxnq3",
  "x-fapi-interaction-id": "ecb7b13f-6876-48fc-bec3-7f972b2935cf",
  "x-fapi-auth-date": "Wed, 29 Dec 2021 21:41:30 GMT",
  "x-fapi-customer-ip-address": "1.1.1.1",
  "x-customer-user-agent": "",
  "connection": "close"
}
incoming_path
/test-mtls/a/recepcao-bv/accounts/v1/accounts
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-29 22:11:31 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Accounts endpoint
2021-12-29 22:11:31 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0 MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1 YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3 sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805 I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9 yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS 7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF GSsQgkeJ1pXRIYgQEKHQ -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0\nMjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT\nJDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV\nYXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET\nMBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1\nYjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI\nLFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB\nWsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3\nsbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK\nBsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ\naktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805\nI1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9\nyQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R\nQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh\nbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg\nPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y\nZy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i\ncjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE\nggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB\nJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt\nIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p\nc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy\nYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl\nIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg\nTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl\ncmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh\nbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL\nz7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd\nPdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh\nQkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH\nefqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS\n7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF\nGSsQgkeJ1pXRIYgQEKHQ\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d1baaea05-bece-46ac-9d08-66a5b72d7ac7,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.5\u003d#130e3539353838313131303030313033,CN\u003dapi-des.bvopen.com.br,OU\u003d062c5edb-4e83-5002-9981-e2a96c5ad41e,O\u003dBCO VOTORANTIM S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-des.bvopen.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-29 22:11:31 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-29 22:11:31 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG+zCCBeOgAwIBAgIUZNln5Grr0Id5Br+KwxknnS4zyMAwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDczMDE0MjEwMFoXDTIyMDgyOTE0
MjEwMFowggEfMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xHDAaBgNVBAoTE0JDTyBWT1RPUkFOVElNIFMuQS4xLTArBgNVBAsT
JDA2MmM1ZWRiLTRlODMtNTAwMi05OTgxLWUyYTk2YzVhZDQxZTEeMBwGA1UEAxMV
YXBpLWRlcy5idm9wZW4uY29tLmJyMRcwFQYDVQQFEw41OTU4ODExMTAwMDEwMzET
MBEGCysGAQQBgjc8AgEDEwJCUjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xNDAyBgoJkiaJk/IsZAEBEyQxYmFhZWEwNS1iZWNlLTQ2YWMtOWQwOC02NmE1
YjcyZDdhYzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xZm3fPhI
LFRvp5mGMuLGh6+doc9LIbDJVUR51vJEtt7KXf68LzWSZXqzLbVKXvbFnZ5kQTGB
WsUbhvNaU91mV46TgjrXCLo8ZJP/e7EeZuEo1n+z9YR2pBd5pi9E3WWMLZ6LNti3
sbm4+UUyqxPEGxUVxuw8p/r1fTIuUYE4tzW07kC6kj6zoNnsPwmMfxBTcuNaRkRK
BsYvtZRAJAftcqRq3C3Bl8K52gp2xl67vkd32gLHcwfBESgwYxWvgm+b70KVhJNZ
aktaC7Pfzwc11YhOAjNhcuTR86gKdFg7ii7Bwjj0smyc3SDaLAffYdKK1gMri805
I1xYQBMOEq7PAgMBAAGjggLZMIIC1TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT9
yQj7ptSYvsmTMd+1iDpNXVf63jAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4R
Q99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNh
bmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECg
PqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9y
Zy5ici9pc3N1ZXIuY3JsMCAGA1UdEQQZMBeCFWFwaS1kZXMuYnZvcGVuLmNvbS5i
cjAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwggGhBgNVHSAE
ggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIB
JFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFt
IFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5p
c2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZy
YW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNl
IGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMg
THRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhl
cmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJh
bmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQDL
z7aLcSk/kp5N0NCr4fIRrfKJK0QI5m5pDVJfc5BBnH/NKgnKhrTpT5XbwPc5vDOd
PdsCWy5mv4f8x8v2ba8Ni08yiI28qUlGGrSVikP89COc4DDsiWumDbnkaebXDnuh
Qkh9IvdLyl4tfby0DPT3/Vv7FZu6c+CTDqEHx9fjniR8Qvtdm0K1UHK0O9X488MH
efqoXMIjndUMwyN9V1m7eemIwcTgXVIeRB9UQeTtzV26AGRc1gGo5WzeOc22BLZS
7/kZrcuJvxBSHGHHtOtgouBVnLRH4m48FIwTw62pLItL4zG1isjbBkm2gMp/hLjF
GSsQgkeJ1pXRIYgQEKHQ
-----END CERTIFICATE-----
2021-12-29 22:11:31 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-29 22:11:31 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
Puz6sfNzLy8Iv7z5bInTKo1u3fPSYNGiUpvUfmsfYOzZUyxnq3
2021-12-29 22:11:31 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
Puz6sfNzLy8Iv7z5bInTKo1u3fPSYNGiUpvUfmsfYOzZUyxnq3
2021-12-29 22:11:31 SUCCESS
ExtractFapiDateHeader
Found a FAPI auth date header
fapi_auth_date
Wed, 29 Dec 2021 21:41:30 GMT
2021-12-29 22:11:31 SUCCESS
ExtractFapiIpAddressHeader
Found a FAPI ip address header
fapi_customer_ip_address
1.1.1.1
addr
1.1.1.1
2021-12-29 22:11:31 SUCCESS
ExtractFapiInteractionIdHeader
Found a FAPI interaction ID header
fapi_interaction_id
ecb7b13f-6876-48fc-bec3-7f972b2935cf
2021-12-29 22:11:31 SUCCESS
FAPIBrazilEnsureAuthorizationRequestScopesContainAccounts
'accounts' was included in authorization request scopes
actual
accounts openid consent:urn:conformance.oidf:4z3X0KNd9P
expected
accounts
2021-12-29 22:11:31 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
ecb7b13f-6876-48fc-bec3-7f972b2935cf
2021-12-29 22:11:31 SUCCESS
CreateFAPIAccountEndpointResponse
Created account response object
accounts_endpoint_response
{
  "conformance-test-finished": "true"
}
accounts_endpoint_response_headers
{
  "x-fapi-interaction-id": "ecb7b13f-6876-48fc-bec3-7f972b2935cf",
  "content-type": "application/json; charset\u003dUTF-8"
}
2021-12-29 22:11:31 SUCCESS
CreateBrazilAccountsEndpointResponse
Created Brazil accounts response (Please note that this is a hardcoded response copied from API documentation)
accounts_endpoint_response
{
  "data": [
    {
      "brandName": "Organização A",
      "companyCnpj": "21128159000166",
      "type": "CONTA_DEPOSITO_A_VISTA",
      "compeCode": "001",
      "branchCode": "6272",
      "number": "94088392",
      "checkDigit": "4",
      "accountId": "92792126019929279212650822221989319252576"
    }
  ],
  "links": {
    "self": "https://api.banco.com.br/open-banking/api/v1/resource",
    "first": "https://api.banco.com.br/open-banking/api/v1/resource",
    "prev": "https://api.banco.com.br/open-banking/api/v1/resource",
    "next": "https://api.banco.com.br/open-banking/api/v1/resource",
    "last": "https://api.banco.com.br/open-banking/api/v1/resource"
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:11:31Z"
  }
}
accounts_endpoint_response_headers
{
  "x-fapi-interaction-id": "ecb7b13f-6876-48fc-bec3-7f972b2935cf",
  "content-type": "application/json"
}
2021-12-29 22:11:31
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-29 22:11:31 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance Dtkl8Sh2ZAVn3tT
outgoing_status_code
200
outgoing_headers
{
  "x-fapi-interaction-id": [
    "ecb7b13f-6876-48fc-bec3-7f972b2935cf"
  ],
  "content-type": [
    "application/json"
  ]
}
outgoing_body
{
  "data": [
    {
      "brandName": "Organização A",
      "companyCnpj": "21128159000166",
      "type": "CONTA_DEPOSITO_A_VISTA",
      "compeCode": "001",
      "branchCode": "6272",
      "number": "94088392",
      "checkDigit": "4",
      "accountId": "92792126019929279212650822221989319252576"
    }
  ],
  "links": {
    "self": "https://api.banco.com.br/open-banking/api/v1/resource",
    "first": "https://api.banco.com.br/open-banking/api/v1/resource",
    "prev": "https://api.banco.com.br/open-banking/api/v1/resource",
    "next": "https://api.banco.com.br/open-banking/api/v1/resource",
    "last": "https://api.banco.com.br/open-banking/api/v1/resource"
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-29T22:11:31Z"
  }
}
outgoing_path
accounts/v1/accounts
2021-12-29 22:11:31 FINISHED
fapi1-advanced-final-client-refresh-token-test
Test has run to completion
testmodule_result
PASSED
2021-12-29 22:11:37
TEST-RUNNER
Alias has now been claimed by another test
alias
recepcao-bv
new_test_id
WCi0rA2RqOtP0Z5
Test Results