Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-11-24 21:34:31 INFO
TEST-RUNNER
Test instance AWemWWfyxkOuwc5 created
baseUrl
https://www.certification.openid.net/test/a/finansystech
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "openbanking_brazil",
  "fapi_jarm_type": "oidc",
  "fapi_response_mode": "plain_response"
}
alias
finansystech
description
Finansystech - Recepção de dados
planId
SXomk9oUCKTVt
config
{
  "alias": "finansystech",
  "description": "Finansystech - Recepção de dados",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
          "kty": "RSA",
          "alg": "PS256",
          "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
          "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
          "e": "AQAB",
          "use": "sig",
          "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
          "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
          "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
          "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
          "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
          "x5c": [
            "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
          ]
        },
        {
          "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
          "kty": "RSA",
          "alg": "RSA-OAEP",
          "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
          "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
          "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
          "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
          "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
          "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
        }
      ]
    }
  },
  "client": {
    "client_id": "finansystech-bank",
    "redirect_uri": "https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "alg": "PS256",
          "n": "tCh8sZ_U6iJbis9r-6IViBA9up5vNIekMUZNR7yHfVAn5YL4f8ZqkZRquFUSOKSF5vNZrpqOVj_WVL02j0b3nrSQqIqyseIye_gpvnyW_QJORRYwFi54XvPceB8FLdmkHnIFqK7b6-Jk5b9Db-4mUsoaQtksMqdzvXnTBkhVRERIQbF0OYyPPq2o-53-1eEEqpQFCzEyEEAQnVtwQenJn16jlq2cxoDgCKmAOkx6czNrFe-B1KN5VXoKRXQj8Xb84ecFmOKwfxbx3Z1DVH0emWkMccaGolbFFu4P_csT5Sa1nKgs3n_-DsO5Oe8HTWPQK_3Tq3uQs_NoX6_ClUebRw",
          "e": "AQAB",
          "kid": "6a90c21b80f267f64e1b4b283a144e2f669f101e35b3668c1c08c157d822cf54"
        },
        {
          "kty": "RSA",
          "use": "enc",
          "alg": "RSA-OAEP",
          "n": "sSAHCJwaFeXm0Kd1uFDtdctzpXck1eI3cv_BhiOmPqkSOsHbNLO5EGo86q6ohFJEEWBhCcoEdYlu2ygcvXaHEw-obS3Q-mNKA_YHD9m80TfNyn_mWMTfNUh0KTNzLKkCZa8PPM9cVf6UYanfLKG6elHaZBv9oC2sfrFB4PZCKzu2u1e7_TiTH7U2HquIRWy9hJ-jP8p3oTgWWRsP4c0J21bPIQj9L6MzE-vq4Am2OlZPA9Vgn9TOtRX5bQ9-RUSVmCWea4yQnWzU7m2AFNxmqxwY_cOUzfpxV0HB05jX9uiKc-p2ubQDkm158L5Yn5qS603V6AfE1zHPGILyHeKPYw",
          "e": "AQAB",
          "kid": "4f3f7038ad4a8602a9408faba304fa6cd2351a865b258d71428d0750362b193e"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0\nNDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh\ncnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l\nbnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt\nMDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD\nVQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi\nNS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH\n2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS\nt0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP\n79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX\nTjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB\nyF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV\nHRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME\nGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB\nBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp\nLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC\nE2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp\nCemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd\ntNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH\n7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB\nRQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/\nT0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA\u003d\u003d\n-----END CERTIFICATE-----"
  },
  "client2": {
    "client_id": "finansystech-bank-two",
    "redirect_uri": "https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "id_token_encrypted_response_enc": "A256GCM",
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUXuW2b/5MFmPWcXr6jT1agGIXs+0wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDcwMFoXDTIyMTExODE0\nNDcwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh\ncnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l\nbnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt\nMDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD\nVQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQwZmJlOTEx\nYS1lYmNhLTRlY2ItOTIwNy1hY2MxYTU5MWY3MWYwggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQC5/Ro2WYzF11vpvGIglFZRBOGaRIfizTFFmHYumlJ6E85W\nM8dr8AhX4Tuqa/0RiuziuXpPgE1a4amHTV1DyBm3j+7g3uJu0lFhuoHa5QXqGbe6\n5PIeLoCV5c8LBnY6TwQl4HqwtmZ9t33QoYD8UgbkJuQa0cGjHjofHtnTKZosXIa7\nNQeOaSv2/1ECAiecxNyk1MMTVs4sMncfH/TR+ZvLfgiv4goUSsud/o1Fh747VLf5\n6HizhsVjmqc+a0cndfscsstwkH5KmhlGU6nlspVAwEgUSa4ClN+KqxY/r1Pwe0dC\nns5bx2Ib0pNnvWuTa6t+mB8yM8zHYllPRgQv0iV3AgMBAAGjggLXMIIC0zAMBgNV\nHRMBAf8EAjAAMB0GA1UdDgQWBBS9AZg/dfhPVRXSLUaHaWzvxMv8KTAfBgNVHSME\nGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB\nBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp\nLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC\nE2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEA42E83Qujl7iLJnygJSTP+X2AAjBO9f6hMkn3WJyr\nwyGG8v39I/bt+m1p4KHm34s+CGQOuYYUCrpPg0VM2Pxm1dTcbERXYPdOUdLRNdMB\n4uT/RBHeoPtaroDmg6N1YYiwGzXtvstETS05cA44h6FBdZM2FWL3/cgy3TMicEPf\nvGF2jvQ2En9gPhue7d6n7gmtoO5bwxsMRYxrfI+I54wEsXqbIX6BHq+s9hyhW5D6\nWv1AElGFKPvy47Vj0wub5UtvE/t8FswkV3zBOLac4rWU21FtyCVocFYi1XqUAhYv\nL1bEf0qfbRqtn+UcbSHsXe0i/6H6WdWkazLBambZOvtGqA\u003d\u003d\n-----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "alg": "PS256",
          "n": "71Xq5Tg39XPOi4jCrl8bL5P4VeGj9OfwaJsFMl1wRxS337Kym8_LkkaSiMdlHJSOWyVEEaOgjG3W9_NPlMDGSvNM8X831mp8rn79rfykeMp0Kd--PnHfFMeCo81XjSmtdNYErTVQzOw0c_E5v332OzojpPGk6DY0rwJPEQd-84vRW8w2TQPJZvfQ3iqy0u0l3Sws1M4Fci6B6-s_yij_HGvy28iEogHHVS92sKTrUIDw4I9BdPIj6a47F1IdGPg9Yb-0sDARImI0K1cnoUs004INT_igEyPjYg8oggUk0K5NLALF28Ddj65dxcikR7ENiVhRhP3cczVgft8nUM0YXQ",
          "e": "AQAB",
          "kid": "a60698ef52f7cd60ab90e5e2b2db02020c53c67d67079604b0214c3788ad22f1"
        },
        {
          "kty": "RSA",
          "use": "enc",
          "alg": "RSA-OAEP",
          "n": "6G3SFo1s1StsyTKhXdv_hJahQ6niLyxp8cw2gNIzrdYBYKW4frDJWAbcOqp0lPy8-1RnOUI_i8dkJ0VfF0IkgjJZGN0r7zEK_GIvvMZRO-CIS504_J2Bgu0IrMZqvxvIJ9pTR30E1zWQXqufe-jq7jgIrwkMfzWfkjaZ0zscheI9xs_OUuDWp7RKRZbnQUC3VTrzNwMuog-4TtJLaB7JR8a_LlyUAMhHhdYnvnshso_3MFe9Mfc1n8U_sWRDvJEPcFo8YvwmROkP2VRx47dKtacRDIzbbO-_ARmvNvj4c_oO-2qZUMERc8O3w9YzVGOLBKjzdQoCQKCagEomZXn9IQ",
          "e": "AQAB",
          "kid": "b0a5dc6eaf3c0978cc5f2e70a22e82dc147fdf06de9f8bdd6cbe2d21acb462e6"
        }
      ]
    }
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-test-invalid-aud
2021-11-24 21:34:31 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/finansystech/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/finansystech/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/finansystech/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/finansystech/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/finansystech/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/finansystech/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/finansystech/
discoveryUrl
https://www.certification.openid.net/test/a/finansystech/.well-known/openid-configuration
2021-11-24 21:34:31 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2021-11-24 21:34:31 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-11-24 21:34:31
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2021-11-24 21:34:31
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/finansystech/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/finansystech/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/finansystech/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/finansystech/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/finansystech/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/finansystech/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2021-11-24 21:34:31
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/finansystech/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/finansystech/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/finansystech/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/finansystech/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/finansystech/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/finansystech/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2021-11-24 21:34:31
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/finansystech/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/finansystech/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/finansystech/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/finansystech/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/finansystech/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/finansystech/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2021-11-24 21:34:31
SetTokenEndpointAuthMethodsSupportedToPrivateKeyJWTOnly
Changed token_endpoint_auth_methods_supported to private_key_jwt only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/finansystech/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/finansystech/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/finansystech/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/finansystech/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/finansystech/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/finansystech/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ]
}
2021-11-24 21:34:31 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2021-11-24 21:34:31 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2021-11-24 21:34:31 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-11-24 21:34:31 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2021-11-24 21:34:31 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2021-11-24 21:34:31 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
finansystech-bank
redirect_uri
https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "tCh8sZ_U6iJbis9r-6IViBA9up5vNIekMUZNR7yHfVAn5YL4f8ZqkZRquFUSOKSF5vNZrpqOVj_WVL02j0b3nrSQqIqyseIye_gpvnyW_QJORRYwFi54XvPceB8FLdmkHnIFqK7b6-Jk5b9Db-4mUsoaQtksMqdzvXnTBkhVRERIQbF0OYyPPq2o-53-1eEEqpQFCzEyEEAQnVtwQenJn16jlq2cxoDgCKmAOkx6czNrFe-B1KN5VXoKRXQj8Xb84ecFmOKwfxbx3Z1DVH0emWkMccaGolbFFu4P_csT5Sa1nKgs3n_-DsO5Oe8HTWPQK_3Tq3uQs_NoX6_ClUebRw",
      "e": "AQAB",
      "kid": "6a90c21b80f267f64e1b4b283a144e2f669f101e35b3668c1c08c157d822cf54"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "sSAHCJwaFeXm0Kd1uFDtdctzpXck1eI3cv_BhiOmPqkSOsHbNLO5EGo86q6ohFJEEWBhCcoEdYlu2ygcvXaHEw-obS3Q-mNKA_YHD9m80TfNyn_mWMTfNUh0KTNzLKkCZa8PPM9cVf6UYanfLKG6elHaZBv9oC2sfrFB4PZCKzu2u1e7_TiTH7U2HquIRWy9hJ-jP8p3oTgWWRsP4c0J21bPIQj9L6MzE-vq4Am2OlZPA9Vgn9TOtRX5bQ9-RUSVmCWea4yQnWzU7m2AFNxmqxwY_cOUzfpxV0HB05jX9uiKc-p2ubQDkm158L5Yn5qS603V6AfE1zHPGILyHeKPYw",
      "e": "AQAB",
      "kid": "4f3f7038ad4a8602a9408faba304fa6cd2351a865b258d71428d0750362b193e"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0
NDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh
cnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l
bnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt
MDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD
VQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi
NS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH
2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS
t0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP
79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX
TjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB
yF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME
GDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB
BQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp
Lm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC
E2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp
CemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd
tNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH
7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB
RQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/
T0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA==
-----END CERTIFICATE-----
2021-11-24 21:34:31 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-11-24 21:34:31 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "tCh8sZ_U6iJbis9r-6IViBA9up5vNIekMUZNR7yHfVAn5YL4f8ZqkZRquFUSOKSF5vNZrpqOVj_WVL02j0b3nrSQqIqyseIye_gpvnyW_QJORRYwFi54XvPceB8FLdmkHnIFqK7b6-Jk5b9Db-4mUsoaQtksMqdzvXnTBkhVRERIQbF0OYyPPq2o-53-1eEEqpQFCzEyEEAQnVtwQenJn16jlq2cxoDgCKmAOkx6czNrFe-B1KN5VXoKRXQj8Xb84ecFmOKwfxbx3Z1DVH0emWkMccaGolbFFu4P_csT5Sa1nKgs3n_-DsO5Oe8HTWPQK_3Tq3uQs_NoX6_ClUebRw",
      "e": "AQAB",
      "kid": "6a90c21b80f267f64e1b4b283a144e2f669f101e35b3668c1c08c157d822cf54"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "sSAHCJwaFeXm0Kd1uFDtdctzpXck1eI3cv_BhiOmPqkSOsHbNLO5EGo86q6ohFJEEWBhCcoEdYlu2ygcvXaHEw-obS3Q-mNKA_YHD9m80TfNyn_mWMTfNUh0KTNzLKkCZa8PPM9cVf6UYanfLKG6elHaZBv9oC2sfrFB4PZCKzu2u1e7_TiTH7U2HquIRWy9hJ-jP8p3oTgWWRsP4c0J21bPIQj9L6MzE-vq4Am2OlZPA9Vgn9TOtRX5bQ9-RUSVmCWea4yQnWzU7m2AFNxmqxwY_cOUzfpxV0HB05jX9uiKc-p2ubQDkm158L5Yn5qS603V6AfE1zHPGILyHeKPYw",
      "e": "AQAB",
      "kid": "4f3f7038ad4a8602a9408faba304fa6cd2351a865b258d71428d0750362b193e"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "6a90c21b80f267f64e1b4b283a144e2f669f101e35b3668c1c08c157d822cf54",
      "alg": "PS256",
      "n": "tCh8sZ_U6iJbis9r-6IViBA9up5vNIekMUZNR7yHfVAn5YL4f8ZqkZRquFUSOKSF5vNZrpqOVj_WVL02j0b3nrSQqIqyseIye_gpvnyW_QJORRYwFi54XvPceB8FLdmkHnIFqK7b6-Jk5b9Db-4mUsoaQtksMqdzvXnTBkhVRERIQbF0OYyPPq2o-53-1eEEqpQFCzEyEEAQnVtwQenJn16jlq2cxoDgCKmAOkx6czNrFe-B1KN5VXoKRXQj8Xb84ecFmOKwfxbx3Z1DVH0emWkMccaGolbFFu4P_csT5Sa1nKgs3n_-DsO5Oe8HTWPQK_3Tq3uQs_NoX6_ClUebRw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "4f3f7038ad4a8602a9408faba304fa6cd2351a865b258d71428d0750362b193e",
      "alg": "RSA-OAEP",
      "n": "sSAHCJwaFeXm0Kd1uFDtdctzpXck1eI3cv_BhiOmPqkSOsHbNLO5EGo86q6ohFJEEWBhCcoEdYlu2ygcvXaHEw-obS3Q-mNKA_YHD9m80TfNyn_mWMTfNUh0KTNzLKkCZa8PPM9cVf6UYanfLKG6elHaZBv9oC2sfrFB4PZCKzu2u1e7_TiTH7U2HquIRWy9hJ-jP8p3oTgWWRsP4c0J21bPIQj9L6MzE-vq4Am2OlZPA9Vgn9TOtRX5bQ9-RUSVmCWea4yQnWzU7m2AFNxmqxwY_cOUzfpxV0HB05jX9uiKc-p2ubQDkm158L5Yn5qS603V6AfE1zHPGILyHeKPYw"
    }
  ]
}
2021-11-24 21:34:31 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-11-24 21:34:31 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-11-24 21:34:31 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "tCh8sZ_U6iJbis9r-6IViBA9up5vNIekMUZNR7yHfVAn5YL4f8ZqkZRquFUSOKSF5vNZrpqOVj_WVL02j0b3nrSQqIqyseIye_gpvnyW_QJORRYwFi54XvPceB8FLdmkHnIFqK7b6-Jk5b9Db-4mUsoaQtksMqdzvXnTBkhVRERIQbF0OYyPPq2o-53-1eEEqpQFCzEyEEAQnVtwQenJn16jlq2cxoDgCKmAOkx6czNrFe-B1KN5VXoKRXQj8Xb84ecFmOKwfxbx3Z1DVH0emWkMccaGolbFFu4P_csT5Sa1nKgs3n_-DsO5Oe8HTWPQK_3Tq3uQs_NoX6_ClUebRw",
      "e": "AQAB",
      "kid": "6a90c21b80f267f64e1b4b283a144e2f669f101e35b3668c1c08c157d822cf54"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "sSAHCJwaFeXm0Kd1uFDtdctzpXck1eI3cv_BhiOmPqkSOsHbNLO5EGo86q6ohFJEEWBhCcoEdYlu2ygcvXaHEw-obS3Q-mNKA_YHD9m80TfNyn_mWMTfNUh0KTNzLKkCZa8PPM9cVf6UYanfLKG6elHaZBv9oC2sfrFB4PZCKzu2u1e7_TiTH7U2HquIRWy9hJ-jP8p3oTgWWRsP4c0J21bPIQj9L6MzE-vq4Am2OlZPA9Vgn9TOtRX5bQ9-RUSVmCWea4yQnWzU7m2AFNxmqxwY_cOUzfpxV0HB05jX9uiKc-p2ubQDkm158L5Yn5qS603V6AfE1zHPGILyHeKPYw",
      "e": "AQAB",
      "kid": "4f3f7038ad4a8602a9408faba304fa6cd2351a865b258d71428d0750362b193e"
    }
  ]
}
Verify configuration of second client
2021-11-24 21:34:31 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
finansystech-bank-two
redirect_uri
https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback
id_token_encrypted_response_alg
RSA-OAEP
id_token_encrypted_response_enc
A256GCM
certificate
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUXuW2b/5MFmPWcXr6jT1agGIXs+0wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDcwMFoXDTIyMTExODE0
NDcwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh
cnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l
bnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt
MDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD
VQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQwZmJlOTEx
YS1lYmNhLTRlY2ItOTIwNy1hY2MxYTU5MWY3MWYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC5/Ro2WYzF11vpvGIglFZRBOGaRIfizTFFmHYumlJ6E85W
M8dr8AhX4Tuqa/0RiuziuXpPgE1a4amHTV1DyBm3j+7g3uJu0lFhuoHa5QXqGbe6
5PIeLoCV5c8LBnY6TwQl4HqwtmZ9t33QoYD8UgbkJuQa0cGjHjofHtnTKZosXIa7
NQeOaSv2/1ECAiecxNyk1MMTVs4sMncfH/TR+ZvLfgiv4goUSsud/o1Fh747VLf5
6HizhsVjmqc+a0cndfscsstwkH5KmhlGU6nlspVAwEgUSa4ClN+KqxY/r1Pwe0dC
ns5bx2Ib0pNnvWuTa6t+mB8yM8zHYllPRgQv0iV3AgMBAAGjggLXMIIC0zAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBS9AZg/dfhPVRXSLUaHaWzvxMv8KTAfBgNVHSME
GDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB
BQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp
Lm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC
E2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEA42E83Qujl7iLJnygJSTP+X2AAjBO9f6hMkn3WJyr
wyGG8v39I/bt+m1p4KHm34s+CGQOuYYUCrpPg0VM2Pxm1dTcbERXYPdOUdLRNdMB
4uT/RBHeoPtaroDmg6N1YYiwGzXtvstETS05cA44h6FBdZM2FWL3/cgy3TMicEPf
vGF2jvQ2En9gPhue7d6n7gmtoO5bwxsMRYxrfI+I54wEsXqbIX6BHq+s9hyhW5D6
Wv1AElGFKPvy47Vj0wub5UtvE/t8FswkV3zBOLac4rWU21FtyCVocFYi1XqUAhYv
L1bEf0qfbRqtn+UcbSHsXe0i/6H6WdWkazLBambZOvtGqA==
-----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "71Xq5Tg39XPOi4jCrl8bL5P4VeGj9OfwaJsFMl1wRxS337Kym8_LkkaSiMdlHJSOWyVEEaOgjG3W9_NPlMDGSvNM8X831mp8rn79rfykeMp0Kd--PnHfFMeCo81XjSmtdNYErTVQzOw0c_E5v332OzojpPGk6DY0rwJPEQd-84vRW8w2TQPJZvfQ3iqy0u0l3Sws1M4Fci6B6-s_yij_HGvy28iEogHHVS92sKTrUIDw4I9BdPIj6a47F1IdGPg9Yb-0sDARImI0K1cnoUs004INT_igEyPjYg8oggUk0K5NLALF28Ddj65dxcikR7ENiVhRhP3cczVgft8nUM0YXQ",
      "e": "AQAB",
      "kid": "a60698ef52f7cd60ab90e5e2b2db02020c53c67d67079604b0214c3788ad22f1"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "6G3SFo1s1StsyTKhXdv_hJahQ6niLyxp8cw2gNIzrdYBYKW4frDJWAbcOqp0lPy8-1RnOUI_i8dkJ0VfF0IkgjJZGN0r7zEK_GIvvMZRO-CIS504_J2Bgu0IrMZqvxvIJ9pTR30E1zWQXqufe-jq7jgIrwkMfzWfkjaZ0zscheI9xs_OUuDWp7RKRZbnQUC3VTrzNwMuog-4TtJLaB7JR8a_LlyUAMhHhdYnvnshso_3MFe9Mfc1n8U_sWRDvJEPcFo8YvwmROkP2VRx47dKtacRDIzbbO-_ARmvNvj4c_oO-2qZUMERc8O3w9YzVGOLBKjzdQoCQKCagEomZXn9IQ",
      "e": "AQAB",
      "kid": "b0a5dc6eaf3c0978cc5f2e70a22e82dc147fdf06de9f8bdd6cbe2d21acb462e6"
    }
  ]
}
2021-11-24 21:34:31 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-11-24 21:34:31 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "71Xq5Tg39XPOi4jCrl8bL5P4VeGj9OfwaJsFMl1wRxS337Kym8_LkkaSiMdlHJSOWyVEEaOgjG3W9_NPlMDGSvNM8X831mp8rn79rfykeMp0Kd--PnHfFMeCo81XjSmtdNYErTVQzOw0c_E5v332OzojpPGk6DY0rwJPEQd-84vRW8w2TQPJZvfQ3iqy0u0l3Sws1M4Fci6B6-s_yij_HGvy28iEogHHVS92sKTrUIDw4I9BdPIj6a47F1IdGPg9Yb-0sDARImI0K1cnoUs004INT_igEyPjYg8oggUk0K5NLALF28Ddj65dxcikR7ENiVhRhP3cczVgft8nUM0YXQ",
      "e": "AQAB",
      "kid": "a60698ef52f7cd60ab90e5e2b2db02020c53c67d67079604b0214c3788ad22f1"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "6G3SFo1s1StsyTKhXdv_hJahQ6niLyxp8cw2gNIzrdYBYKW4frDJWAbcOqp0lPy8-1RnOUI_i8dkJ0VfF0IkgjJZGN0r7zEK_GIvvMZRO-CIS504_J2Bgu0IrMZqvxvIJ9pTR30E1zWQXqufe-jq7jgIrwkMfzWfkjaZ0zscheI9xs_OUuDWp7RKRZbnQUC3VTrzNwMuog-4TtJLaB7JR8a_LlyUAMhHhdYnvnshso_3MFe9Mfc1n8U_sWRDvJEPcFo8YvwmROkP2VRx47dKtacRDIzbbO-_ARmvNvj4c_oO-2qZUMERc8O3w9YzVGOLBKjzdQoCQKCagEomZXn9IQ",
      "e": "AQAB",
      "kid": "b0a5dc6eaf3c0978cc5f2e70a22e82dc147fdf06de9f8bdd6cbe2d21acb462e6"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "a60698ef52f7cd60ab90e5e2b2db02020c53c67d67079604b0214c3788ad22f1",
      "alg": "PS256",
      "n": "71Xq5Tg39XPOi4jCrl8bL5P4VeGj9OfwaJsFMl1wRxS337Kym8_LkkaSiMdlHJSOWyVEEaOgjG3W9_NPlMDGSvNM8X831mp8rn79rfykeMp0Kd--PnHfFMeCo81XjSmtdNYErTVQzOw0c_E5v332OzojpPGk6DY0rwJPEQd-84vRW8w2TQPJZvfQ3iqy0u0l3Sws1M4Fci6B6-s_yij_HGvy28iEogHHVS92sKTrUIDw4I9BdPIj6a47F1IdGPg9Yb-0sDARImI0K1cnoUs004INT_igEyPjYg8oggUk0K5NLALF28Ddj65dxcikR7ENiVhRhP3cczVgft8nUM0YXQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "b0a5dc6eaf3c0978cc5f2e70a22e82dc147fdf06de9f8bdd6cbe2d21acb462e6",
      "alg": "RSA-OAEP",
      "n": "6G3SFo1s1StsyTKhXdv_hJahQ6niLyxp8cw2gNIzrdYBYKW4frDJWAbcOqp0lPy8-1RnOUI_i8dkJ0VfF0IkgjJZGN0r7zEK_GIvvMZRO-CIS504_J2Bgu0IrMZqvxvIJ9pTR30E1zWQXqufe-jq7jgIrwkMfzWfkjaZ0zscheI9xs_OUuDWp7RKRZbnQUC3VTrzNwMuog-4TtJLaB7JR8a_LlyUAMhHhdYnvnshso_3MFe9Mfc1n8U_sWRDvJEPcFo8YvwmROkP2VRx47dKtacRDIzbbO-_ARmvNvj4c_oO-2qZUMERc8O3w9YzVGOLBKjzdQoCQKCagEomZXn9IQ"
    }
  ]
}
2021-11-24 21:34:31 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-11-24 21:34:31 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-11-24 21:34:31 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "71Xq5Tg39XPOi4jCrl8bL5P4VeGj9OfwaJsFMl1wRxS337Kym8_LkkaSiMdlHJSOWyVEEaOgjG3W9_NPlMDGSvNM8X831mp8rn79rfykeMp0Kd--PnHfFMeCo81XjSmtdNYErTVQzOw0c_E5v332OzojpPGk6DY0rwJPEQd-84vRW8w2TQPJZvfQ3iqy0u0l3Sws1M4Fci6B6-s_yij_HGvy28iEogHHVS92sKTrUIDw4I9BdPIj6a47F1IdGPg9Yb-0sDARImI0K1cnoUs004INT_igEyPjYg8oggUk0K5NLALF28Ddj65dxcikR7ENiVhRhP3cczVgft8nUM0YXQ",
      "e": "AQAB",
      "kid": "a60698ef52f7cd60ab90e5e2b2db02020c53c67d67079604b0214c3788ad22f1"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "6G3SFo1s1StsyTKhXdv_hJahQ6niLyxp8cw2gNIzrdYBYKW4frDJWAbcOqp0lPy8-1RnOUI_i8dkJ0VfF0IkgjJZGN0r7zEK_GIvvMZRO-CIS504_J2Bgu0IrMZqvxvIJ9pTR30E1zWQXqufe-jq7jgIrwkMfzWfkjaZ0zscheI9xs_OUuDWp7RKRZbnQUC3VTrzNwMuog-4TtJLaB7JR8a_LlyUAMhHhdYnvnshso_3MFe9Mfc1n8U_sWRDvJEPcFo8YvwmROkP2VRx47dKtacRDIzbbO-_ARmvNvj4c_oO-2qZUMERc8O3w9YzVGOLBKjzdQoCQKCagEomZXn9IQ",
      "e": "AQAB",
      "kid": "b0a5dc6eaf3c0978cc5f2e70a22e82dc147fdf06de9f8bdd6cbe2d21acb462e6"
    }
  ]
}
2021-11-24 21:34:31
fapi1-advanced-final-client-test-invalid-aud
Setup Done
2021-11-24 21:34:33 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance AWemWWfyxkOuwc5
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/finansystech/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-11-24 21:34:33 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-11-24 21:34:33 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance AWemWWfyxkOuwc5
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/finansystech/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/finansystech/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/finansystech/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/finansystech/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/finansystech/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/finansystech/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-11-24 21:34:34 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance AWemWWfyxkOuwc5
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "content-length": "1111",
  "connection": "close"
}
incoming_path
/test-mtls/a/finansystech/token
incoming_body_form_params
{
  "grant_type": "client_credentials",
  "scope": "consents",
  "client_id": "finansystech-bank",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjZhOTBjMjFiODBmMjY3ZjY0ZTFiNGIyODNhMTQ0ZTJmNjY5ZjEwMWUzNWIzNjY4YzFjMDhjMTU3ZDgyMmNmNTQifQ.eyJpYXQiOjE2Mzc3ODk2NzEsImV4cCI6MTYzNzc4OTczMSwianRpIjoiQ0V5a2U0TGFlVkxsY2Q5WWFVM3FEMlBwNXkwbUIwRHp0SUt5a0E1eno3QSIsImlzcyI6ImZpbmFuc3lzdGVjaC1iYW5rIiwic3ViIjoiZmluYW5zeXN0ZWNoLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9maW5hbnN5c3RlY2gvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9maW5hbnN5c3RlY2gvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvZmluYW5zeXN0ZWNoL3Rva2VuIl19.mRhwl5yV0JbNj2zZxNR5wHUpUi_XU9Ntq3qJj0WhnhJ39fH9_xegaqWsLdKrS8NVhRlJ4AG8ofIgVeVGFeSzdksbGJXm8nNgumTga8zQV3qLjcikm0FeKB9UjJL3nTy2hMHOWruCphEF5xnbFOmULB6FbPOZTPEe5-nh5AXwZvlPjh8-xVQEihNbLBMnDhpWTS7KgTIn-t3C4JnLBHXT6D_4WZtLfs9P83fhHUjwjf9L6Cf3gMKMIJ9-zhodxU7xgMsG6auh26h4KZkSaGgPOsRrqD536CWBSZSaAvQvAvcAPF2Io7CDo-bS4-KYsaBDcXd_UWmnITbHpfYYQy3fUg",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0 NDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh cnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l bnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt MDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD VQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi NS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH 2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS t0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP 79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX TjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB yF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME GDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB BQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp Lm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC E2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp CemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd tNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH 7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB RQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/ T0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=client_credentials&scope=consents&client_id=finansystech-bank&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjZhOTBjMjFiODBmMjY3ZjY0ZTFiNGIyODNhMTQ0ZTJmNjY5ZjEwMWUzNWIzNjY4YzFjMDhjMTU3ZDgyMmNmNTQifQ.eyJpYXQiOjE2Mzc3ODk2NzEsImV4cCI6MTYzNzc4OTczMSwianRpIjoiQ0V5a2U0TGFlVkxsY2Q5WWFVM3FEMlBwNXkwbUIwRHp0SUt5a0E1eno3QSIsImlzcyI6ImZpbmFuc3lzdGVjaC1iYW5rIiwic3ViIjoiZmluYW5zeXN0ZWNoLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9maW5hbnN5c3RlY2gvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9maW5hbnN5c3RlY2gvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvZmluYW5zeXN0ZWNoL3Rva2VuIl19.mRhwl5yV0JbNj2zZxNR5wHUpUi_XU9Ntq3qJj0WhnhJ39fH9_xegaqWsLdKrS8NVhRlJ4AG8ofIgVeVGFeSzdksbGJXm8nNgumTga8zQV3qLjcikm0FeKB9UjJL3nTy2hMHOWruCphEF5xnbFOmULB6FbPOZTPEe5-nh5AXwZvlPjh8-xVQEihNbLBMnDhpWTS7KgTIn-t3C4JnLBHXT6D_4WZtLfs9P83fhHUjwjf9L6Cf3gMKMIJ9-zhodxU7xgMsG6auh26h4KZkSaGgPOsRrqD536CWBSZSaAvQvAvcAPF2Io7CDo-bS4-KYsaBDcXd_UWmnITbHpfYYQy3fUg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2021-11-24 21:34:34 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-11-24 21:34:34 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0 NDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh cnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l bnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt MDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD VQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi NS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH 2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS t0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP 79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX TjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB yF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME GDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB BQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp Lm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC E2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp CemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd tNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH 7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB RQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/ T0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0\nNDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh\ncnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l\nbnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt\nMDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD\nVQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi\nNS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH\n2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS\nt0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP\n79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX\nTjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB\nyF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV\nHRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME\nGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB\nBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp\nLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC\nE2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp\nCemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd\ntNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH\n7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB\nRQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/\nT0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d38d90fb5-d778-436f-baf4-b5ce1234deac,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3230373437343336303030313536,CN\u003dfinansystech.com.br,OU\u003d248cce08-0abc-4cdb-ba14-02cca03e5c74,O\u003dOpen Banking Brasil - Ressarcimento - AdviseU,L\u003dBarueri,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "finansystech.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-11-24 21:34:34 SUCCESS
CheckForClientCertificate
Found client certificate
2021-11-24 21:34:34 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0
NDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh
cnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l
bnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt
MDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD
VQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi
NS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH
2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS
t0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP
79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX
TjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB
yF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME
GDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB
BQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp
Lm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC
E2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp
CemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd
tNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH
7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB
RQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/
T0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA==
-----END CERTIFICATE-----
2021-11-24 21:34:34 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjZhOTBjMjFiODBmMjY3ZjY0ZTFiNGIyODNhMTQ0ZTJmNjY5ZjEwMWUzNWIzNjY4YzFjMDhjMTU3ZDgyMmNmNTQifQ.eyJpYXQiOjE2Mzc3ODk2NzEsImV4cCI6MTYzNzc4OTczMSwianRpIjoiQ0V5a2U0TGFlVkxsY2Q5WWFVM3FEMlBwNXkwbUIwRHp0SUt5a0E1eno3QSIsImlzcyI6ImZpbmFuc3lzdGVjaC1iYW5rIiwic3ViIjoiZmluYW5zeXN0ZWNoLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9maW5hbnN5c3RlY2gvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9maW5hbnN5c3RlY2gvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvZmluYW5zeXN0ZWNoL3Rva2VuIl19.mRhwl5yV0JbNj2zZxNR5wHUpUi_XU9Ntq3qJj0WhnhJ39fH9_xegaqWsLdKrS8NVhRlJ4AG8ofIgVeVGFeSzdksbGJXm8nNgumTga8zQV3qLjcikm0FeKB9UjJL3nTy2hMHOWruCphEF5xnbFOmULB6FbPOZTPEe5-nh5AXwZvlPjh8-xVQEihNbLBMnDhpWTS7KgTIn-t3C4JnLBHXT6D_4WZtLfs9P83fhHUjwjf9L6Cf3gMKMIJ9-zhodxU7xgMsG6auh26h4KZkSaGgPOsRrqD536CWBSZSaAvQvAvcAPF2Io7CDo-bS4-KYsaBDcXd_UWmnITbHpfYYQy3fUg",
  "header": {
    "kid": "6a90c21b80f267f64e1b4b283a144e2f669f101e35b3668c1c08c157d822cf54",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "finansystech-bank",
    "aud": [
      "https://www.certification.openid.net/test/a/finansystech/",
      "https://www.certification.openid.net/test/a/finansystech/token",
      "https://www.certification.openid.net/test-mtls/a/finansystech/token"
    ],
    "iss": "finansystech-bank",
    "exp": 1637789731,
    "iat": 1637789671,
    "jti": "CEyke4LaeVLlcd9YaU3qD2Pp5y0mB0DztIKykA5zz7A"
  }
}
2021-11-24 21:34:34
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2021-11-24 21:34:34 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjZhOTBjMjFiODBmMjY3ZjY0ZTFiNGIyODNhMTQ0ZTJmNjY5ZjEwMWUzNWIzNjY4YzFjMDhjMTU3ZDgyMmNmNTQifQ.eyJpYXQiOjE2Mzc3ODk2NzEsImV4cCI6MTYzNzc4OTczMSwianRpIjoiQ0V5a2U0TGFlVkxsY2Q5WWFVM3FEMlBwNXkwbUIwRHp0SUt5a0E1eno3QSIsImlzcyI6ImZpbmFuc3lzdGVjaC1iYW5rIiwic3ViIjoiZmluYW5zeXN0ZWNoLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9maW5hbnN5c3RlY2gvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9maW5hbnN5c3RlY2gvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvZmluYW5zeXN0ZWNoL3Rva2VuIl19.mRhwl5yV0JbNj2zZxNR5wHUpUi_XU9Ntq3qJj0WhnhJ39fH9_xegaqWsLdKrS8NVhRlJ4AG8ofIgVeVGFeSzdksbGJXm8nNgumTga8zQV3qLjcikm0FeKB9UjJL3nTy2hMHOWruCphEF5xnbFOmULB6FbPOZTPEe5-nh5AXwZvlPjh8-xVQEihNbLBMnDhpWTS7KgTIn-t3C4JnLBHXT6D_4WZtLfs9P83fhHUjwjf9L6Cf3gMKMIJ9-zhodxU7xgMsG6auh26h4KZkSaGgPOsRrqD536CWBSZSaAvQvAvcAPF2Io7CDo-bS4-KYsaBDcXd_UWmnITbHpfYYQy3fUg
2021-11-24 21:34:34 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2021-11-24 21:34:34 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2021-11-24 21:34:34 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'consents' scope in request
actual
[
  "consents"
]
expected
consents
2021-11-24 21:34:34 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
irbtTCOkqkXJH97Grm91D2pLtJvfrnEMfIFw3wbaPANwBJqVsA
2021-11-24 21:34:34 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
irbtTCOkqkXJH97Grm91D2pLtJvfrnEMfIFw3wbaPANwBJqVsA
token_type
Bearer
2021-11-24 21:34:34
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2021-11-24 21:34:34 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance AWemWWfyxkOuwc5
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "irbtTCOkqkXJH97Grm91D2pLtJvfrnEMfIFw3wbaPANwBJqVsA",
  "token_type": "Bearer"
}
outgoing_path
token
2021-11-24 21:34:34 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance AWemWWfyxkOuwc5
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, text/plain, */*",
  "content-type": "application/json;charset\u003dutf-8",
  "authorization": "Bearer irbtTCOkqkXJH97Grm91D2pLtJvfrnEMfIFw3wbaPANwBJqVsA",
  "user-agent": "axios/0.21.1",
  "content-length": "1174",
  "connection": "close"
}
incoming_path
/test-mtls/a/finansystech/consents/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0 NDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh cnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l bnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt MDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD VQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi NS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH 2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS t0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP 79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX TjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB yF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME GDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB BQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp Lm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC E2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp CemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd tNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH 7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB RQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/ T0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA== -----END CERTIFICATE-----
incoming_body_json
{
  "data": {
    "loggedUser": {
      "document": {
        "identification": "57784518064",
        "rel": "CPF"
      }
    },
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_OVERDRAFT_LIMITS_READ",
      "ACCOUNTS_BALANCES_READ",
      "ACCOUNTS_TRANSACTIONS_READ",
      "CREDIT_CARDS_ACCOUNTS_BILLS_READ",
      "CREDIT_CARDS_ACCOUNTS_BILLS_TRANSACTIONS_READ",
      "CREDIT_CARDS_ACCOUNTS_LIMITS_READ",
      "CREDIT_CARDS_ACCOUNTS_READ",
      "CREDIT_CARDS_ACCOUNTS_TRANSACTIONS_READ",
      "CUSTOMERS_PERSONAL_ADITTIONALINFO_READ",
      "CUSTOMERS_PERSONAL_IDENTIFICATIONS_READ",
      "LOANS_READ",
      "LOANS_WARRANTIES_READ",
      "LOANS_SCHEDULED_INSTALMENTS_READ",
      "LOANS_PAYMENTS_READ",
      "FINANCINGS_READ",
      "FINANCINGS_WARRANTIES_READ",
      "FINANCINGS_SCHEDULED_INSTALMENTS_READ",
      "FINANCINGS_PAYMENTS_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_WARRANTIES_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_SCHEDULED_INSTALMENTS_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_PAYMENTS_READ",
      "INVOICE_FINANCINGS_READ",
      "INVOICE_FINANCINGS_WARRANTIES_READ",
      "INVOICE_FINANCINGS_SCHEDULED_INSTALMENTS_READ",
      "INVOICE_FINANCINGS_PAYMENTS_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-31T00:00:00Z",
    "transactionFromDateTime": "2021-08-10T00:00:00Z",
    "transactionToDateTime": "2021-12-31T23:59:59Z"
  }
}
incoming_query_string_params
{}
incoming_body
{"data":{"loggedUser":{"document":{"identification":"57784518064","rel":"CPF"}},"permissions":["ACCOUNTS_READ","ACCOUNTS_OVERDRAFT_LIMITS_READ","ACCOUNTS_BALANCES_READ","ACCOUNTS_TRANSACTIONS_READ","CREDIT_CARDS_ACCOUNTS_BILLS_READ","CREDIT_CARDS_ACCOUNTS_BILLS_TRANSACTIONS_READ","CREDIT_CARDS_ACCOUNTS_LIMITS_READ","CREDIT_CARDS_ACCOUNTS_READ","CREDIT_CARDS_ACCOUNTS_TRANSACTIONS_READ","CUSTOMERS_PERSONAL_ADITTIONALINFO_READ","CUSTOMERS_PERSONAL_IDENTIFICATIONS_READ","LOANS_READ","LOANS_WARRANTIES_READ","LOANS_SCHEDULED_INSTALMENTS_READ","LOANS_PAYMENTS_READ","FINANCINGS_READ","FINANCINGS_WARRANTIES_READ","FINANCINGS_SCHEDULED_INSTALMENTS_READ","FINANCINGS_PAYMENTS_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_WARRANTIES_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_SCHEDULED_INSTALMENTS_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_PAYMENTS_READ","INVOICE_FINANCINGS_READ","INVOICE_FINANCINGS_WARRANTIES_READ","INVOICE_FINANCINGS_SCHEDULED_INSTALMENTS_READ","INVOICE_FINANCINGS_PAYMENTS_READ","RESOURCES_READ"],"expirationDateTime":"2021-12-31T00:00:00Z","transactionFromDateTime":"2021-08-10T00:00:00Z","transactionToDateTime":"2021-12-31T23:59:59Z"}}
2021-11-24 21:34:34 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2021-11-24 21:34:34 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0 NDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh cnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l bnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt MDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD VQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp b24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi NS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH 2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS t0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP 79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX TjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB yF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV HRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME GDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB BQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp Lm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC E2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp CemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd tNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH 7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB RQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/ T0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0\nNDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh\ncnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l\nbnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt\nMDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD\nVQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp\nb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi\nNS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH\n2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS\nt0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP\n79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX\nTjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB\nyF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV\nHRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME\nGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB\nBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp\nLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC\nE2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp\nCemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd\ntNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH\n7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB\nRQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/\nT0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d38d90fb5-d778-436f-baf4-b5ce1234deac,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3230373437343336303030313536,CN\u003dfinansystech.com.br,OU\u003d248cce08-0abc-4cdb-ba14-02cca03e5c74,O\u003dOpen Banking Brasil - Ressarcimento - AdviseU,L\u003dBarueri,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "finansystech.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-11-24 21:34:34 SUCCESS
CheckForClientCertificate
Found client certificate
2021-11-24 21:34:34 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUBZR9tesPXfY+/4pPtMxt0WeT204wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAxOTE0NDEwMFoXDTIyMTExODE0
NDEwMFowggE0MQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEDAOBgNVBAcTB0Jh
cnVlcmkxNjA0BgNVBAoTLU9wZW4gQmFua2luZyBCcmFzaWwgLSBSZXNzYXJjaW1l
bnRvIC0gQWR2aXNlVTEtMCsGA1UECxMkMjQ4Y2NlMDgtMGFiYy00Y2RiLWJhMTQt
MDJjY2EwM2U1Yzc0MRwwGgYDVQQDExNmaW5hbnN5c3RlY2guY29tLmJyMRcwFQYD
VQQFEw4yMDc0NzQzNjAwMDE1NjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRp
b24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQzOGQ5MGZi
NS1kNzc4LTQzNmYtYmFmNC1iNWNlMTIzNGRlYWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFhntqt1QC73IpTVj/GnM9Rub3knKPL8p7RSnA1/h7SupH
2LNfpzFr3u8boyPuj4eCvww6KjNxuyhzKxhfwNhkcyh6clJluIc4X03rCK+Nl1IS
t0jJ0nHXL9ualm5gpnOdz6y7W5guV+4K4jD3CxBFT4pYmDeOwhWt4XAUoo0yDEUP
79YyotGpsZVgOQpEZ+QdLPgh5PVCEgw9zqagXE9FVBRHPJ55qBb3aNElSrFHjebX
TjzeNflmliTvGuptM917aPNIv3j5ieDYnqFKGv4aHox3J2/Ty9wmnhz58YS8U5TB
yF4GgjMAQdy8Ehxqf56RWZbwXLIvdtUe0vLZnnvfAgMBAAGjggLXMIIC0zAMBgNV
HRMBAf8EAjAAMB0GA1UdDgQWBBR9bN4InlLbRY7pE1j7+S57ith89TAfBgNVHSME
GDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYB
BQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtp
Lm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMB4GA1UdEQQXMBWC
E2ZpbmFuc3lzdGVjaC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAxc52Chm3JRB8u8Qyh304gw+dQCrm8YYNb7ObM2Hp
CemZDgoCdqA8TrImA8Dn42i+wkMKfX6r/0gVXnJ+3WipsXXWkIbj4263/PkwxEhd
tNgBQz7xeXaRfriTT2hMjl1nEhRXS5QF/ee4oY5BuLVe5ypX7fHPBrKXTBdeU/xH
7IzE66qYN5nKgVvLNIZDfDOhA5yR2S7QBjMAh005pLMFF0jkm2ZH4hL/puSK7xiB
RQ2iJDLwWBj8PNi/AB/KWXMWuAOkFXl/irImJsDxunSZkbmQKgkMenafhIK9UGZ/
T0P2DQOUgAIhPVGSdrgcsMitIFozRPkCuFmWoCIr1ZdsXA==
-----END CERTIFICATE-----
2021-11-24 21:34:34 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2021-11-24 21:34:34 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-11-24 21:34:34 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
irbtTCOkqkXJH97Grm91D2pLtJvfrnEMfIFw3wbaPANwBJqVsA
2021-11-24 21:34:34 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
irbtTCOkqkXJH97Grm91D2pLtJvfrnEMfIFw3wbaPANwBJqVsA
2021-11-24 21:34:34 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2021-11-24 21:34:34 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2021-11-24 21:34:34 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2021-11-24 21:34:34 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedConsents
The token request which was used to obtain the access token contained 'consents' scope
actual
[
  "consents"
]
2021-11-24 21:34:34
FAPIBrazilExtractConsentRequest
Condition ran but did not log anything
2021-11-24 21:34:34 SUCCESS
CreateFapiInteractionIdIfNeeded
Created new FAPI interaction ID
fapi_interaction_id
e59516bf-9cc3-41d0-a1c6-57f206f3a133
2021-11-24 21:34:34 SUCCESS
FAPIBrazilGenerateNewConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "e59516bf-9cc3-41d0-a1c6-57f206f3a133"
}
consentId
urn:conformance.oidf:l1OM5Gbrzs
consent_response
{
  "data": {
    "consentId": "urn:conformance.oidf:l1OM5Gbrzs",
    "creationDateTime": "2021-11-24T21:34:34Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-11-24T21:34:34Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-11-24T23:34:34Z",
    "transactionFromDateTime": "2021-11-24T21:29:34Z",
    "transactionToDateTime": "2021-11-24T23:34:34Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/finansystechconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-11-24T21:34:34Z"
  }
}
2021-11-24 21:34:34
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-11-24 21:34:34 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance AWemWWfyxkOuwc5
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "e59516bf-9cc3-41d0-a1c6-57f206f3a133"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:l1OM5Gbrzs",
    "creationDateTime": "2021-11-24T21:34:34Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-11-24T21:34:34Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-11-24T23:34:34Z",
    "transactionFromDateTime": "2021-11-24T21:29:34Z",
    "transactionToDateTime": "2021-11-24T23:34:34Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/finansystechconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-11-24T21:34:34Z"
  }
}
outgoing_path
consents/v1/consents
2021-11-24 21:34:35 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance AWemWWfyxkOuwc5
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/finansystech/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-11-24 21:34:35 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-11-24 21:34:35 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance AWemWWfyxkOuwc5
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
outgoing_path
jwks
2021-11-24 21:34:35 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance AWemWWfyxkOuwc5
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "PostmanRuntime/7.28.4",
  "accept": "*/*",
  "cache-control": "no-cache",
  "postman-token": "22e97d44-189a-4432-887e-895c920b5f7d",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/finansystech/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "client_id": "finansystech-bank",
  "scope": "openid consent:urn:conformance.oidf:l1OM5Gbrzs accounts resources",
  "response_type": "code id_token",
  "redirect_uri": "https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback",
  "request": "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJjdHkiOiJvYXV0aC1hdXRoei1yZXErand0Iiwia2lkIjoiMGZlNTAyZGQtMTRmMC00ZjQ1LTgwZjktZmViOWEyMTZmOTk2In0.R74AceE3zvR_0cx-VyIEVhs2KhfmioUEfEcTrq75z8HlGhqvK4nAv1VzHG2aw50g-Pq65K13FCY7kSeVMeiz69r-8MPKlw3oeZJbhVE8jXoF8CVWCMWww8Ps_O61vFdATGxHSJmZbil57wtxqihRi05LR0xovMarKN946S3b2coLRecMZ7iiYOLJczx58zb3PNvvshQBwT2RO43llJ6E1qEFCV18PtAG5dvZtikUBVIvb_i6S73dIP2OTklAUjFenYHgDGaezcAQZGFHzYB0EF6VtrYFaNWckw-krSaT3XXwlNBMUhhkMMVQcuzZjQwEJ6Euthrsv9hXa4-GcIaDuw._LlVn31Y74JxXped.6I3KdyjLJU3zkGzr8oFu2H3hvxCzj-vAtFWsU_zAElDe_KeNGHIQ6KIS5SEJ6A2t74iX8XpLzp6syHdTBxlEIq7HhsqjlBhgcR_lGHlWQfXwQNlhmzQ7zfIMj3oMxah4z6V2EWmTuYePThZbwwlfU23GhArqq0bIBEDpN2W3oZlAq14CRbh6l2jkrhs66tbX5dPp2InVhgB0A64rgQHuaKgiBbSrWjycGPk-fFPR3QMkgMXGBQWboRwmuazYnx6JTiJxHJfZveGqHxfgMe-1Il3uLSoy6C9JlpRIebfDvuocMOvHeurN6lU06lzt_tjXP6gKeWlnhzb97hRVlXQjsVZ5ETRP063Jlr30uksseLtcXULM4GarLUaD1U6DGNWEstNmIcjKdMF3qNgR9H9iHwagrbHUmq46bKlL_CPNXB78iqeN61OQw0fwnexvtsuI_9D-6A7cq7kpl5VW-bk5gsNnxqwSJ7AzAuNA0cgdiJ8sI3y5sR3q6lFgTaNXL-QhaJKgSCCFn3H26SgglcajcW3H2ycFMx51PApSgYDcQsBlP6xRVEacJGhJ8k2YnO9oldu8aHIbcpIKzspvhpFzoSqZ08irVNEvHt3VEsK7EWxFe_M4ITl-FNV6AdMSP6h8RQLdu_OxUnlHWMomwgQWNNVvMqupZmhQUclkTqzCmbMaQYOK1NGSZEXI2zFVSeehrwHWdmP2ebARmWTepQkZ9n7Ajn0q6Yl3RkjR2xj43_eI7tXqZERKBseIDOEeg1lmif4MBrAp-d3iZ7IjmUMAvzZkRpkEVCiXVowYZPvhAmDM1JKknm33R9ZUza8DqnlRlAA3IRmYFVUTY0-Dw27ufMalxAIz4WAxOz_K-8rTwbT0jsW0POaCP5a3B50nCR_1SR5m6OtjceqDJuTwbVIiYqE0E2XsrfP9KVety3Nni7NTHGjNPR9Ae7L1pCzj8JIsl-PWM7jqQQVnETsyiPjuL2ItWudSz9DI_4AU0rEnGP1SwCJaoZgalW0SvdVBM-3o1duKnNWTZjj2qxmGyxZ5LYqBBRURKZxdQaG-IM3LJGWeJ-fq_2Z2fJIO_ClScMCNO3jh3OIGhxzgsog0bUzSSyG78gL2XYkMciFgg4fWq7B7TELfZSfYqXZYhv-TrVS3DxmaYbv_cjwA9txc_-GtRGydsUtJiTg8wNdfXa--zHPgKL5nP6EqB1WlJdmmArVumLxFL9CrUznG4ILbzVduf91wV0h_kMzXWCllydqSF9qoKZzn_17QEyI4BQaZzx0oOXGxBpCNk6-NTQCdpnyV2DHrKQDCU1neKO_eRDVwZC35v2GMWBeZIBgM39iIMBR5W6vucQdeMRmcUkfzGoGJU1j8ha6a5C0PObLA6U8p_me3c_08PcBIdiD6oxQ5Y97XQT8v-Ll8QrMp0R6qPm0ZY6N5EGyWySmLxMmGzxAklxurNJVeRvSnJULo7d2CvtOIf40En7JiNdCMVG-KWns4t3--WNf3GpicmT9NXH9sjQPJ3O5RN4wTVKZjJzuWVAG14fKeP_IkIE6N-FceiA-t6uCgNUhRsF4AhaAGJJK6dvDbMls7Zpw6sSt8J8hxEbQxytk5IV2T7HDsmZyk9fsEIVReNeJAngqA-tQtNHjr1aHQNVPu5alMmosRwxzP2tqjlecz4zz22ikLh16jx3Re_pozPMtqG6jZvuVBeW-_jQ52gw77V508HjkbOaO4MGwG6qm_mhfDqt7HQS_ZEqUUWCRjOIKufQG9To0p3ZYUMpClcsvOGkN0DsgeFGCR2PSLvnnt10ZT1KtV2gIS5uUfX71qhg_yZnA.dGn-2FtJXRCbDQtM38NJzQ"
}
incoming_body
2021-11-24 21:34:35 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2021-11-24 21:34:35 SUCCESS
ExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiI2YTkwYzIxYjgwZjI2N2Y2NGUxYjRiMjgzYTE0NGUyZjY2OWYxMDFlMzViMzY2OGMxYzA4YzE1N2Q4MjJjZjU0In0.eyJzdGF0ZSI6IjgzZEdiWFQ3eHN1WmNoR1M4QXNSdkhESzkxWU1mVDBIRHhLRXlqX2hLYlkiLCJub25jZSI6IlljLTFVM01FbHpIN0kxdWdQdWtObk51dmltWGlPb0hhOWM3SDFyb0dKTjQiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOmwxT001R2JyenMgYWNjb3VudHMgcmVzb3VyY2VzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2FwaS5wbGF0Zm9ybS5zbWFydGZ5LXdyay5zbWFydGZ5bGFicy5jb20vY29uc2VudHMvdjEvY2FsbGJhY2siLCJjbGFpbXMiOnsiaWRfdG9rZW4iOnsiYWNyIjp7InZhbHVlcyI6WyJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiXSwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJmaW5hbnN5c3RlY2gtYmFuayIsImF1ZCI6Imh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvZmluYW5zeXN0ZWNoLyIsImNsaWVudF9pZCI6ImZpbmFuc3lzdGVjaC1iYW5rIiwianRpIjoiY0FfOHVValhudnZ6Rk9zT3VwbFZKbV82cDFhNlV2a1ZMcFZpU1k1d1VjMCIsImlhdCI6MTYzNzc4OTY3MywiZXhwIjoxNjM3Nzg5OTczLCJuYmYiOjE2Mzc3ODk2NzN9.qQgltxR5RepuuYEpncSqS83BeBQCIQ3Sd9Ud3fkwMrortaMjdveQ-QIphf8QEpTD5I5krEOEM6YGPQ_2riB7rrdcKYzF0ha1ggLXwlVbkJ4JR4GOv55-ag_JmXFnObQXZGAQn4JDRgX6owkRkf3vccn5pHz5iRykrc1wHfZ5CC8XIHS8bL2SFjw5410lIvYPQki8BzmSkRiTClp-AB0OJ6qTNxOs4-MBT7938nLDi3NnyR5LxLIQ6wsI5Txiw3Hfq5tAON_6_cfPi6xRzkqH7k1lP4C7Kj_NPiVQBu6BbLlSFePqY9Hrot0E1HIihCUr8BNBiHto0UQXQF-zKq9RWA",
  "header": {
    "kid": "6a90c21b80f267f64e1b4b283a144e2f669f101e35b3668c1c08c157d822cf54",
    "typ": "oauth-authz-req+jwt",
    "alg": "PS256"
  },
  "claims": {
    "iss": "finansystech-bank",
    "response_type": "code id_token",
    "nonce": "Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4",
    "client_id": "finansystech-bank",
    "aud": "https://www.certification.openid.net/test/a/finansystech/",
    "nbf": 1637789673,
    "scope": "openid consent:urn:conformance.oidf:l1OM5Gbrzs accounts resources",
    "claims": {
      "id_token": {
        "acr": {
          "values": [
            "urn:brasil:openbanking:loa2",
            "urn:brasil:openbanking:loa3"
          ],
          "essential": true
        }
      }
    },
    "state": "83dGbXT7xsuZchGS8AsRvHDK91YMfT0HDxKEyj_hKbY",
    "redirect_uri": "https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback",
    "exp": 1637789973,
    "iat": 1637789673,
    "jti": "cA_8uUjXnvvzFOsOuplVJm_6p1a6UvkVLpViSY5wUc0"
  },
  "jwe_header": {
    "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
    "cty": "oauth-authz-req+jwt",
    "enc": "A256GCM",
    "alg": "RSA-OAEP"
  }
}
2021-11-24 21:34:35 SUCCESS
EnsureRequestObjectWasEncrypted
Request object was encrypted
jwe_header
{
  "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
  "cty": "oauth-authz-req+jwt",
  "enc": "A256GCM",
  "alg": "RSA-OAEP"
}
2021-11-24 21:34:35 SUCCESS
FAPIBrazilEnsureRequestObjectEncryptedUsingRSAOAEPA256GCM
Request object was encrypted using RSA-OAEP and A256GCM
jwe_header
{
  "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
  "cty": "oauth-authz-req+jwt",
  "enc": "A256GCM",
  "alg": "RSA-OAEP"
}
2021-11-24 21:34:35 SUCCESS
ValidateEncryptedRequestObjectHasKid
kid was found in the encrypted request object header
kid
0fe502dd-14f0-4f45-80f9-feb9a216f996
2021-11-24 21:34:35 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "finansystech-bank",
  "scope": "openid consent:urn:conformance.oidf:l1OM5Gbrzs accounts resources",
  "response_type": "code id_token",
  "redirect_uri": "https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback",
  "request": "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJjdHkiOiJvYXV0aC1hdXRoei1yZXErand0Iiwia2lkIjoiMGZlNTAyZGQtMTRmMC00ZjQ1LTgwZjktZmViOWEyMTZmOTk2In0.R74AceE3zvR_0cx-VyIEVhs2KhfmioUEfEcTrq75z8HlGhqvK4nAv1VzHG2aw50g-Pq65K13FCY7kSeVMeiz69r-8MPKlw3oeZJbhVE8jXoF8CVWCMWww8Ps_O61vFdATGxHSJmZbil57wtxqihRi05LR0xovMarKN946S3b2coLRecMZ7iiYOLJczx58zb3PNvvshQBwT2RO43llJ6E1qEFCV18PtAG5dvZtikUBVIvb_i6S73dIP2OTklAUjFenYHgDGaezcAQZGFHzYB0EF6VtrYFaNWckw-krSaT3XXwlNBMUhhkMMVQcuzZjQwEJ6Euthrsv9hXa4-GcIaDuw._LlVn31Y74JxXped.6I3KdyjLJU3zkGzr8oFu2H3hvxCzj-vAtFWsU_zAElDe_KeNGHIQ6KIS5SEJ6A2t74iX8XpLzp6syHdTBxlEIq7HhsqjlBhgcR_lGHlWQfXwQNlhmzQ7zfIMj3oMxah4z6V2EWmTuYePThZbwwlfU23GhArqq0bIBEDpN2W3oZlAq14CRbh6l2jkrhs66tbX5dPp2InVhgB0A64rgQHuaKgiBbSrWjycGPk-fFPR3QMkgMXGBQWboRwmuazYnx6JTiJxHJfZveGqHxfgMe-1Il3uLSoy6C9JlpRIebfDvuocMOvHeurN6lU06lzt_tjXP6gKeWlnhzb97hRVlXQjsVZ5ETRP063Jlr30uksseLtcXULM4GarLUaD1U6DGNWEstNmIcjKdMF3qNgR9H9iHwagrbHUmq46bKlL_CPNXB78iqeN61OQw0fwnexvtsuI_9D-6A7cq7kpl5VW-bk5gsNnxqwSJ7AzAuNA0cgdiJ8sI3y5sR3q6lFgTaNXL-QhaJKgSCCFn3H26SgglcajcW3H2ycFMx51PApSgYDcQsBlP6xRVEacJGhJ8k2YnO9oldu8aHIbcpIKzspvhpFzoSqZ08irVNEvHt3VEsK7EWxFe_M4ITl-FNV6AdMSP6h8RQLdu_OxUnlHWMomwgQWNNVvMqupZmhQUclkTqzCmbMaQYOK1NGSZEXI2zFVSeehrwHWdmP2ebARmWTepQkZ9n7Ajn0q6Yl3RkjR2xj43_eI7tXqZERKBseIDOEeg1lmif4MBrAp-d3iZ7IjmUMAvzZkRpkEVCiXVowYZPvhAmDM1JKknm33R9ZUza8DqnlRlAA3IRmYFVUTY0-Dw27ufMalxAIz4WAxOz_K-8rTwbT0jsW0POaCP5a3B50nCR_1SR5m6OtjceqDJuTwbVIiYqE0E2XsrfP9KVety3Nni7NTHGjNPR9Ae7L1pCzj8JIsl-PWM7jqQQVnETsyiPjuL2ItWudSz9DI_4AU0rEnGP1SwCJaoZgalW0SvdVBM-3o1duKnNWTZjj2qxmGyxZ5LYqBBRURKZxdQaG-IM3LJGWeJ-fq_2Z2fJIO_ClScMCNO3jh3OIGhxzgsog0bUzSSyG78gL2XYkMciFgg4fWq7B7TELfZSfYqXZYhv-TrVS3DxmaYbv_cjwA9txc_-GtRGydsUtJiTg8wNdfXa--zHPgKL5nP6EqB1WlJdmmArVumLxFL9CrUznG4ILbzVduf91wV0h_kMzXWCllydqSF9qoKZzn_17QEyI4BQaZzx0oOXGxBpCNk6-NTQCdpnyV2DHrKQDCU1neKO_eRDVwZC35v2GMWBeZIBgM39iIMBR5W6vucQdeMRmcUkfzGoGJU1j8ha6a5C0PObLA6U8p_me3c_08PcBIdiD6oxQ5Y97XQT8v-Ll8QrMp0R6qPm0ZY6N5EGyWySmLxMmGzxAklxurNJVeRvSnJULo7d2CvtOIf40En7JiNdCMVG-KWns4t3--WNf3GpicmT9NXH9sjQPJ3O5RN4wTVKZjJzuWVAG14fKeP_IkIE6N-FceiA-t6uCgNUhRsF4AhaAGJJK6dvDbMls7Zpw6sSt8J8hxEbQxytk5IV2T7HDsmZyk9fsEIVReNeJAngqA-tQtNHjr1aHQNVPu5alMmosRwxzP2tqjlecz4zz22ikLh16jx3Re_pozPMtqG6jZvuVBeW-_jQ52gw77V508HjkbOaO4MGwG6qm_mhfDqt7HQS_ZEqUUWCRjOIKufQG9To0p3ZYUMpClcsvOGkN0DsgeFGCR2PSLvnnt10ZT1KtV2gIS5uUfX71qhg_yZnA.dGn-2FtJXRCbDQtM38NJzQ",
  "iss": "finansystech-bank",
  "nonce": "Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4",
  "aud": "https://www.certification.openid.net/test/a/finansystech/",
  "nbf": 1637789673,
  "claims": {
    "id_token": {
      "acr": {
        "values": [
          "urn:brasil:openbanking:loa2",
          "urn:brasil:openbanking:loa3"
        ],
        "essential": true
      }
    }
  },
  "state": "83dGbXT7xsuZchGS8AsRvHDK91YMfT0HDxKEyj_hKbY",
  "exp": 1637789973,
  "iat": 1637789673,
  "jti": "cA_8uUjXnvvzFOsOuplVJm_6p1a6UvkVLpViSY5wUc0"
}
2021-11-24 21:34:35 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2021-11-24 21:34:35 SUCCESS
FAPIBrazilValidateRequestObjectIdTokenACRClaims
Acr value in request object is as expected
received
[
  "urn:brasil:openbanking:loa2",
  "urn:brasil:openbanking:loa3"
]
2021-11-24 21:34:35 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Nov 24, 2021, 9:39:33 PM"
2021-11-24 21:34:35 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Nov 24, 2021, 9:34:33 PM"
now
"Nov 24, 2021, 9:34:35 PM"
2021-11-24 21:34:35
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2021-11-24 21:34:35 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2021-11-24 21:34:35 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2021-11-24 21:34:35 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2021-11-24 21:34:35 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2021-11-24 21:34:35 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiI2YTkwYzIxYjgwZjI2N2Y2NGUxYjRiMjgzYTE0NGUyZjY2OWYxMDFlMzViMzY2OGMxYzA4YzE1N2Q4MjJjZjU0In0.eyJzdGF0ZSI6IjgzZEdiWFQ3eHN1WmNoR1M4QXNSdkhESzkxWU1mVDBIRHhLRXlqX2hLYlkiLCJub25jZSI6IlljLTFVM01FbHpIN0kxdWdQdWtObk51dmltWGlPb0hhOWM3SDFyb0dKTjQiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOmwxT001R2JyenMgYWNjb3VudHMgcmVzb3VyY2VzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2FwaS5wbGF0Zm9ybS5zbWFydGZ5LXdyay5zbWFydGZ5bGFicy5jb20vY29uc2VudHMvdjEvY2FsbGJhY2siLCJjbGFpbXMiOnsiaWRfdG9rZW4iOnsiYWNyIjp7InZhbHVlcyI6WyJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiXSwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJmaW5hbnN5c3RlY2gtYmFuayIsImF1ZCI6Imh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EvZmluYW5zeXN0ZWNoLyIsImNsaWVudF9pZCI6ImZpbmFuc3lzdGVjaC1iYW5rIiwianRpIjoiY0FfOHVValhudnZ6Rk9zT3VwbFZKbV82cDFhNlV2a1ZMcFZpU1k1d1VjMCIsImlhdCI6MTYzNzc4OTY3MywiZXhwIjoxNjM3Nzg5OTczLCJuYmYiOjE2Mzc3ODk2NzN9.qQgltxR5RepuuYEpncSqS83BeBQCIQ3Sd9Ud3fkwMrortaMjdveQ-QIphf8QEpTD5I5krEOEM6YGPQ_2riB7rrdcKYzF0ha1ggLXwlVbkJ4JR4GOv55-ag_JmXFnObQXZGAQn4JDRgX6owkRkf3vccn5pHz5iRykrc1wHfZ5CC8XIHS8bL2SFjw5410lIvYPQki8BzmSkRiTClp-AB0OJ6qTNxOs4-MBT7938nLDi3NnyR5LxLIQ6wsI5Txiw3Hfq5tAON_6_cfPi6xRzkqH7k1lP4C7Kj_NPiVQBu6BbLlSFePqY9Hrot0E1HIihCUr8BNBiHto0UQXQF-zKq9RWA
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 22742859819770924167284836762454782487908267086450128039771150691246606993476846827957339353414938757647386799276574738762099622141423277882939688552060519883234110632058297721523237916116512785801657006960472471669016757300111504667119421038737002467292474765373389230526531174923856324110701073191541061908214493281117666629957773988034055255731143186039871582861434027902567197297697805469683752654739263345950444640093365969821128351238865497857728466219582496057680826014167610921912303479043989470682911511896728828893513233523018612291081941741382544928712639784797233932472318106569202542989174174720884972359
  public exponent: 65537
2021-11-24 21:34:35 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback
2021-11-24 21:34:35 SUCCESS
EnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code id_token
client_id
finansystech-bank
2021-11-24 21:34:35 SUCCESS
EnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2021-11-24 21:34:35 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "openid",
  "consent:urn:conformance.oidf:l1OM5Gbrzs",
  "accounts",
  "resources"
]
expected
openid
2021-11-24 21:34:35 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid consent:urn:conformance.oidf:l1OM5Gbrzs accounts resources
2021-11-24 21:34:35 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "openid",
  "consent:urn:conformance.oidf:l1OM5Gbrzs",
  "accounts",
  "resources"
]
expected
consent:urn:conformance.oidf:l1OM5Gbrzs
2021-11-24 21:34:35 SUCCESS
EnsureScopeContainsAccounts
Found accounts scope in request
actual
[
  "openid",
  "consent:urn:conformance.oidf:l1OM5Gbrzs",
  "accounts",
  "resources"
]
2021-11-24 21:34:35 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2021-11-24 21:34:35 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "consent:urn:conformance.oidf:l1OM5Gbrzs",
  "accounts",
  "resources"
]
expected
openid
2021-11-24 21:34:35 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
finansystech-bank
2021-11-24 21:34:35 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
LAht7Z2IdM9hCdTXMd252TfH3CG3uiCw
2021-11-24 21:34:35 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4
2021-11-24 21:34:35 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
P5cFfOuLItEf76CiuGu2pw
2021-11-24 21:34:35 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
mT_hqjVBwWimUMncyCxmKg
2021-11-24 21:34:35 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/finansystech/
sub
user-subject-1234531
aud
finansystech-bank
nonce
Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4
iat
1637789675
exp
1637789975
2021-11-24 21:34:35 SUCCESS
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Added claims to id_token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/finansystech/",
  "sub": "user-subject-1234531",
  "aud": "finansystech-bank",
  "nonce": "Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4",
  "iat": 1637789675,
  "exp": 1637789975
}
2021-11-24 21:34:35 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
P5cFfOuLItEf76CiuGu2pw
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/finansystech/",
  "sub": "user-subject-1234531",
  "aud": "finansystech-bank",
  "nonce": "Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4",
  "iat": 1637789675,
  "exp": 1637789975,
  "c_hash": "P5cFfOuLItEf76CiuGu2pw"
}
2021-11-24 21:34:35 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
mT_hqjVBwWimUMncyCxmKg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/finansystech/",
  "sub": "user-subject-1234531",
  "aud": "finansystech-bank",
  "nonce": "Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4",
  "iat": 1637789675,
  "exp": 1637789975,
  "c_hash": "P5cFfOuLItEf76CiuGu2pw",
  "s_hash": "mT_hqjVBwWimUMncyCxmKg"
}
2021-11-24 21:34:35 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2021-11-24 21:34:35 SUCCESS
AddInvalidAudValueToIdToken
Added invalid aud to ID token claims
aud
finansystech-bank1
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/finansystech/",
  "sub": "user-subject-1234531",
  "aud": "finansystech-bank1",
  "nonce": "Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4",
  "iat": 1637789675,
  "exp": 1637789975,
  "c_hash": "P5cFfOuLItEf76CiuGu2pw",
  "s_hash": "mT_hqjVBwWimUMncyCxmKg"
}
2021-11-24 21:34:35 SUCCESS
FAPIBrazilAddACRClaimToIdTokenClaims
Added acr value to id_token_claims
acr_value
urn:brasil:openbanking:loa2
claims
{
  "iss": "https://www.certification.openid.net/test/a/finansystech/",
  "sub": "user-subject-1234531",
  "aud": "finansystech-bank1",
  "nonce": "Yc-1U3MElzH7I1ugPukNnNuvimXiOoHa9c7H1roGJN4",
  "iat": 1637789675,
  "exp": 1637789975,
  "c_hash": "P5cFfOuLItEf76CiuGu2pw",
  "s_hash": "mT_hqjVBwWimUMncyCxmKg",
  "acr": "urn:brasil:openbanking:loa2"
}
2021-11-24 21:34:35 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZpbmFuc3lzdGVjaC1iYW5rMSIsImNfaGFzaCI6IlA1Y0ZmT3VMSXRFZjc2Q2l1R3UycHciLCJhY3IiOiJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJzX2hhc2giOiJtVF9ocWpWQndXaW1VTW5jeUN4bUtnIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2ZpbmFuc3lzdGVjaFwvIiwiZXhwIjoxNjM3Nzg5OTc1LCJub25jZSI6IlljLTFVM01FbHpIN0kxdWdQdWtObk51dmltWGlPb0hhOWM3SDFyb0dKTjQiLCJpYXQiOjE2Mzc3ODk2NzV9.npbWo8js4oVyJMSqf9PX2jO_W938k5dgO0mmaprqDc4iVYOdBCg42biJpOyblgDMFNVdygOph02WbdyH6zQqXa-JDZwpnvebOpanmLO0XNlf8P4Xfh9OJOJBIxOgm80NpizCy1OAZgZQr0h2a4i3lkkPSQWVCMr8GkYMOwAma4K5E4dZ94wA0AApHnhQ85D4s1qYclsElwafw1YJ_SrZ7A6H3y5WRsFX-akupT9uqWPUZ7IVoqKnMzenL-tV3KsMUqnBfJNJyu2Qoekr0LM6aoAjr2K4WZHt7VgQyqilXAVcaDOhrDmd7joEMnB9P801_jTb7NSrtuCE07EfVQEyuw
2021-11-24 21:34:35 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance.oidf:l1OM5Gbrzs",
    "creationDateTime": "2021-11-24T21:34:34Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-11-24T21:34:35Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-11-24T23:34:34Z",
    "transactionFromDateTime": "2021-11-24T21:29:34Z",
    "transactionToDateTime": "2021-11-24T23:34:34Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/finansystechconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-11-24T21:34:34Z"
  }
}
2021-11-24 21:34:35 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback",
  "state": "83dGbXT7xsuZchGS8AsRvHDK91YMfT0HDxKEyj_hKbY"
}
2021-11-24 21:34:35 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback",
  "state": "83dGbXT7xsuZchGS8AsRvHDK91YMfT0HDxKEyj_hKbY",
  "code": "LAht7Z2IdM9hCdTXMd252TfH3CG3uiCw"
}
2021-11-24 21:34:35 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback",
  "state": "83dGbXT7xsuZchGS8AsRvHDK91YMfT0HDxKEyj_hKbY",
  "code": "LAht7Z2IdM9hCdTXMd252TfH3CG3uiCw",
  "id_token": "eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZpbmFuc3lzdGVjaC1iYW5rMSIsImNfaGFzaCI6IlA1Y0ZmT3VMSXRFZjc2Q2l1R3UycHciLCJhY3IiOiJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJzX2hhc2giOiJtVF9ocWpWQndXaW1VTW5jeUN4bUtnIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2ZpbmFuc3lzdGVjaFwvIiwiZXhwIjoxNjM3Nzg5OTc1LCJub25jZSI6IlljLTFVM01FbHpIN0kxdWdQdWtObk51dmltWGlPb0hhOWM3SDFyb0dKTjQiLCJpYXQiOjE2Mzc3ODk2NzV9.npbWo8js4oVyJMSqf9PX2jO_W938k5dgO0mmaprqDc4iVYOdBCg42biJpOyblgDMFNVdygOph02WbdyH6zQqXa-JDZwpnvebOpanmLO0XNlf8P4Xfh9OJOJBIxOgm80NpizCy1OAZgZQr0h2a4i3lkkPSQWVCMr8GkYMOwAma4K5E4dZ94wA0AApHnhQ85D4s1qYclsElwafw1YJ_SrZ7A6H3y5WRsFX-akupT9uqWPUZ7IVoqKnMzenL-tV3KsMUqnBfJNJyu2Qoekr0LM6aoAjr2K4WZHt7VgQyqilXAVcaDOhrDmd7joEMnB9P801_jTb7NSrtuCE07EfVQEyuw"
}
2021-11-24 21:34:35
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback#state=83dGbXT7xsuZchGS8AsRvHDK91YMfT0HDxKEyj_hKbY&code=LAht7Z2IdM9hCdTXMd252TfH3CG3uiCw&id_token=eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZpbmFuc3lzdGVjaC1iYW5rMSIsImNfaGFzaCI6IlA1Y0ZmT3VMSXRFZjc2Q2l1R3UycHciLCJhY3IiOiJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJzX2hhc2giOiJtVF9ocWpWQndXaW1VTW5jeUN4bUtnIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2ZpbmFuc3lzdGVjaFwvIiwiZXhwIjoxNjM3Nzg5OTc1LCJub25jZSI6IlljLTFVM01FbHpIN0kxdWdQdWtObk51dmltWGlPb0hhOWM3SDFyb0dKTjQiLCJpYXQiOjE2Mzc3ODk2NzV9.npbWo8js4oVyJMSqf9PX2jO_W938k5dgO0mmaprqDc4iVYOdBCg42biJpOyblgDMFNVdygOph02WbdyH6zQqXa-JDZwpnvebOpanmLO0XNlf8P4Xfh9OJOJBIxOgm80NpizCy1OAZgZQr0h2a4i3lkkPSQWVCMr8GkYMOwAma4K5E4dZ94wA0AApHnhQ85D4s1qYclsElwafw1YJ_SrZ7A6H3y5WRsFX-akupT9uqWPUZ7IVoqKnMzenL-tV3KsMUqnBfJNJyu2Qoekr0LM6aoAjr2K4WZHt7VgQyqilXAVcaDOhrDmd7joEMnB9P801_jTb7NSrtuCE07EfVQEyuw
2021-11-24 21:34:35 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance AWemWWfyxkOuwc5
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://api.platform.smartfy-wrk.smartfylabs.com/consents/v1/callback#state=83dGbXT7xsuZchGS8AsRvHDK91YMfT0HDxKEyj_hKbY&code=LAht7Z2IdM9hCdTXMd252TfH3CG3uiCw&id_token=eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZpbmFuc3lzdGVjaC1iYW5rMSIsImNfaGFzaCI6IlA1Y0ZmT3VMSXRFZjc2Q2l1R3UycHciLCJhY3IiOiJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJzX2hhc2giOiJtVF9ocWpWQndXaW1VTW5jeUN4bUtnIiwiaXNzIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2ZpbmFuc3lzdGVjaFwvIiwiZXhwIjoxNjM3Nzg5OTc1LCJub25jZSI6IlljLTFVM01FbHpIN0kxdWdQdWtObk51dmltWGlPb0hhOWM3SDFyb0dKTjQiLCJpYXQiOjE2Mzc3ODk2NzV9.npbWo8js4oVyJMSqf9PX2jO_W938k5dgO0mmaprqDc4iVYOdBCg42biJpOyblgDMFNVdygOph02WbdyH6zQqXa-JDZwpnvebOpanmLO0XNlf8P4Xfh9OJOJBIxOgm80NpizCy1OAZgZQr0h2a4i3lkkPSQWVCMr8GkYMOwAma4K5E4dZ94wA0AApHnhQ85D4s1qYclsElwafw1YJ_SrZ7A6H3y5WRsFX-akupT9uqWPUZ7IVoqKnMzenL-tV3KsMUqnBfJNJyu2Qoekr0LM6aoAjr2K4WZHt7VgQyqilXAVcaDOhrDmd7joEMnB9P801_jTb7NSrtuCE07EfVQEyuw]
outgoing_path
authorize
2021-11-24 21:34:36 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance AWemWWfyxkOuwc5
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/finansystech/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-11-24 21:34:36 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-11-24 21:34:36 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance AWemWWfyxkOuwc5
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/finansystech/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/finansystech/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/finansystech/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/finansystech/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/finansystech/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/finansystech/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/finansystech/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-11-24 21:34:40 FINISHED
fapi1-advanced-final-client-test-invalid-aud
Test has run to completion
testmodule_result
PASSED
2021-11-24 21:34:45
TEST-RUNNER
Alias has now been claimed by another test
alias
finansystech
new_test_id
nS2GBHzlxzskl6l
Test Results