Test Summary

Test Results

Expand All Collapse All
All times are UTC
2021-12-09 23:01:42 INFO
TEST-RUNNER
Test instance qaRjsz53nN0nspg created
baseUrl
https://www.certification.openid.net/test/a/geru
variant
{
  "client_auth_type": "mtls",
  "fapi_auth_request_method": "pushed",
  "fapi_profile": "openbanking_brazil",
  "fapi_jarm_type": "oidc",
  "fapi_response_mode": "jarm"
}
alias
geru
description
Geru - Data Reception
planId
yJKOxmVYgSASd
config
{
  "alias": "geru",
  "description": "Geru - Data Reception",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
          "kty": "RSA",
          "alg": "PS256",
          "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
          "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
          "e": "AQAB",
          "use": "sig",
          "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
          "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
          "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
          "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
          "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
          "x5c": [
            "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
          ]
        },
        {
          "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
          "kty": "RSA",
          "alg": "RSA-OAEP",
          "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
          "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
          "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
          "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
          "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
          "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
        }
      ]
    }
  },
  "client": {
    "client_id": "geru-bank",
    "redirect_uri": "https://scd-open-banking-frontend.dev.scd.open-co.tech",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "alg": "PS256",
          "n": "vOX4NX97_AqAYJZXxyfMWtlGPfWF_4PbQspCtM-mJSSJUgFCVETgm8777NYem--3ELXNXI38oTCJzotf8AgtEf9elUU1OBVBKNVUAY2F4LrtaBEAWRLqBqr3wbE1bW0_WlOE2ak7I2IwPMJj2R-Shdu5fBLz-vwtA8cKnvsp5S1cCGtSGPoBiCyl_X0G-54UzWy81M9oVBWmnANqXWPuaaIpJwX_MEDbAf-ycTnK9YdV-RLe7CET_8cRAQvJGoYg5oH_FlfAw6fGK97wydFnf3AsAzefMru-PTbDCfTQkzE3SVPphNkvKAqle7ZR8-H5Ne58TrGWfBGnuh7clNT0ow",
          "e": "AQAB",
          "kid": "b9dde4fc8a6deec5044a994da119b73d007db30d0978f78bfb1676db4150b323"
        },
        {
          "kty": "RSA",
          "use": "enc",
          "alg": "RSA-OAEP",
          "n": "vE25NVuoSYVc5w89PVmN6m9Z8cmxcQIiK-cogtj52iqMkHswgXLCjj1Ce6AnpxPO93A-1O73SistW_6xzR4sAMn5wzBnd7ieARj1Pmj4MTa03lfoZ8M989MBCLeU1Z22OjLUaM_fVWG2MeVY2E6BO5uI_ByqFxPGpwkIWpYD3hP-qnC7KiWKnxD-L-FVVXvWQ2xc2b2u4jf7dRug3s3Bk2StkJvDdU852SxXiPPbxYdVlLsMxyN44-IcwFiDylSZ_TEkoVhEeyEQPl0JZ_uhjUCRV2gaFWynI9yDah0wGS7W8MQCBoWTGR0byAg_O4wotJw4rkLdY-JFS_JhtUBv2w",
          "e": "AQAB",
          "kid": "a269918160d0253d6f454f130ff4e03f75874d3ee53f9a49ddc854219cebad38"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4\nMDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS\nRVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj\nY2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz\nODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB\nAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00\nZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH\nMpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza\n6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf\nZ0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk\nj7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK\ntC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY\nUV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW\nBBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7\nsM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC\nMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud\nDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU\nMIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD\nZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj\nZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z\nIHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr\nIFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp\ndHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy\ndGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE\nBggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy\nYXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514\nEpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4\nvv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF\nNzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi\n99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M\nRyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa\nHI5ipvGg/0g\u003d\n-----END CERTIFICATE-----"
  },
  "client2": {
    "client_id": "geru-bank-two",
    "redirect_uri": "https://scd-open-banking-frontend.dev.scd.open-co.tech",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "id_token_encrypted_response_enc": "A256GCM",
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIG9DCCBdygAwIBAgIUY2PZxSF4TSc5rzzBRjnDjwDNVBUwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDgwMFoXDTIyMTEwNzE4\nMDgwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS\nRVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj\nY2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz\nODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB\nAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyRjM2ZkNzk5ZS00MDI4LTQxZjgtOTk1NC0z\nYzhhMzQyMzJjMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHNeCm\nS535la4jF2UuZGDv/WnfXP3ar8R73wHbUov59Gq2IYlnno3vqqNkQgmpPlTsP3Pr\nkNnehWZGmAk/S3beZZge9Q9/VHwgTbMYDxjXh2X447sIlcFgp7b0wEAJpcPzGzI6\nvMttZDS169VVPKNzAsF89qxtQjQhRRvsW9lD9yhPOLSAmPvKUkSf32lg5LLPs0HW\n5S40voyXSceGCI/P2HI6ruT4BWaqOY3z98C1DxWxtjjRMEy5qE7rhLcfSxhTfEdi\nUPJ4FU04n362NgOtQvosHeB8Cc+eQwg8rYqUY52HeuHuSnjkcJTYYIKSqebe2Pr3\ngZ/XbaLmhJd43lsjAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW\nBBR4qGDmpafIhhqC+zzAydgS0xaIzDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7\nsM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC\nMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud\nDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU\nMIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD\nZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj\nZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z\nIHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr\nIFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp\ndHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy\ndGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE\nBggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy\nYXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBANx0iEPMKOpj\n7SngTy/DDI9s8rgX3W8GjN3ZZaDFgMfCYbLq3buLDoqFrX4BIewVocnRZAnl001O\n37uzLc4Q0lhr2YNjwZDB6Oq+s/waNJ8LKjGQMKlNXLgx9sCag8PRk+36SKWZ/R1G\nqq4bLQUWYWdwcyvN3WCVHtUakBciVcoSVLClf5ZoEGlVQqNKXIUgvivzdgVKXDXK\naEQ14uOinFOuPDdqLAXzD2IDALN74xnrGnT9Q6aL5xWxo/KRxwGgDc++SU20uW3r\nAgH/qbMDpfcEXJlAeqbe6QImKpMF8jBCIiYGWnlzDCi0plhl7pvE5+P7FywjRnYy\nEz2A6GQHxs4\u003d\n-----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "alg": "PS256",
          "n": "uIl9xTeOhvb9r7wf8B0tRSIWTNgIISepevXXaV78ozO_AJCsMpUQSqt6cET9_3EAb9JPtSDJUtOX0UaI6b4VMAeeq78v_vVlRTX61sxhuNIb5wXIct_jxUs7nIPJfvmJ3PEdhKC4QTOmavoSN84rRS_yYiLeXTnhvuv0JJ75Ik6NgJNDyGjzxTYaXBXXQKq-ZvM38718S_zu7kcoFZJwKRaCoadoZ3V83-MizdKlRnoRzC7q8bfSc9WYt3KPl4ZSVMxi_151h9_T7M5TEvUcKhjRh3SCGGJZoSqvxgGoknXQ_58Njbm-EjSVSDWQMIvifvLAwNj5z_gwU2vsYe770w",
          "e": "AQAB",
          "kid": "c3e45db3743a0d5065b2ad404932ab9bb4a592a00966dfd3dc8f1c74309a9e71"
        },
        {
          "kty": "RSA",
          "use": "enc",
          "alg": "RSA-OAEP",
          "n": "tYG8Tx175zj9e0uCyFZ9tkPnd-wLwxVHJ2v6mTDFGkci9hx9as9DXFKUaGJ_OfPQDx-5csyKN_eCyJCcrxOoZPv1YDtCvgL1ZXUC7nfb9sNl7d2OmRapottNVfLJYAguFWF2vP6ZD0uOwaUxs6FHGl0smljSd3EUgGgdUnxWxiFfYumnc89gvz20imG8qDFg0-h8X2VMTqR2CPbjFa_YZiHO2i5tUuAw7QohqFBSs9xoicImI19OsxXZO2qocVdtGBuvTEx-7z4g0WfM6A3fJ5IHWeIL3pVPRVOW1YqlQIWqcRU9TDYuWxCbB_PYiTYC_95yTDTrHcV-rePpETA1Pw",
          "e": "AQAB",
          "kid": "7c7247aebd7543255e1ad5168cfc34843ce6a4f3e9b8644c87e13fb834c76606"
        }
      ]
    }
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-test-invalid-aud
2021-12-09 23:01:42 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/geru/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/geru/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/geru/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/geru/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/geru/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/geru/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/geru/
discoveryUrl
https://www.certification.openid.net/test/a/geru/.well-known/openid-configuration
2021-12-09 23:01:42 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2021-12-09 23:01:42 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-09 23:01:42
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2021-12-09 23:01:42
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/geru/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/geru/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/geru/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/geru/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/geru/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/geru/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2021-12-09 23:01:42
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/geru/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/geru/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/geru/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/geru/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/geru/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/geru/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2021-12-09 23:01:42
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/geru/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/geru/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/geru/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/geru/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/geru/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/geru/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2021-12-09 23:01:42 SUCCESS
AddTLSClientAuthToServerConfiguration
Added tls_client_auth for token_endpoint_auth_methods_supported
2021-12-09 23:01:42
AddPushedAuthorizationRequestEndpointToServerConfig
Added pushed_authorization_request_endpoint to server configuration
endpoint
https://www.certification.openid.net/test/a/geru/par
2021-12-09 23:01:42
AddRequirePushedAuthorizationRequestsToServerConfig
Added require_pushed_authorization_requests to server configuration
value
true
2021-12-09 23:01:42 SUCCESS
AddResponseTypeCodeToServerConfiguration
Added code as response type supported
response_types_supported
[
  "code"
]
2021-12-09 23:01:42 SUCCESS
AddJARMResponseModeToServerConfiguration
Added jwt as response_modes_supported
response_modes_supported
[
  "jwt"
]
2021-12-09 23:01:42 SUCCESS
AddAuthorizationSigningAlgValuesSupportedToServerConfiguration
Added authorization_signing_alg_values_supported to server configuration
alg_values
[
  "PS256"
]
2021-12-09 23:01:42 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2021-12-09 23:01:42 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2021-12-09 23:01:42 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2021-12-09 23:01:42 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2021-12-09 23:01:42 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
geru-bank
redirect_uri
https://scd-open-banking-frontend.dev.scd.open-co.tech
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "vOX4NX97_AqAYJZXxyfMWtlGPfWF_4PbQspCtM-mJSSJUgFCVETgm8777NYem--3ELXNXI38oTCJzotf8AgtEf9elUU1OBVBKNVUAY2F4LrtaBEAWRLqBqr3wbE1bW0_WlOE2ak7I2IwPMJj2R-Shdu5fBLz-vwtA8cKnvsp5S1cCGtSGPoBiCyl_X0G-54UzWy81M9oVBWmnANqXWPuaaIpJwX_MEDbAf-ycTnK9YdV-RLe7CET_8cRAQvJGoYg5oH_FlfAw6fGK97wydFnf3AsAzefMru-PTbDCfTQkzE3SVPphNkvKAqle7ZR8-H5Ne58TrGWfBGnuh7clNT0ow",
      "e": "AQAB",
      "kid": "b9dde4fc8a6deec5044a994da119b73d007db30d0978f78bfb1676db4150b323"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "vE25NVuoSYVc5w89PVmN6m9Z8cmxcQIiK-cogtj52iqMkHswgXLCjj1Ce6AnpxPO93A-1O73SistW_6xzR4sAMn5wzBnd7ieARj1Pmj4MTa03lfoZ8M989MBCLeU1Z22OjLUaM_fVWG2MeVY2E6BO5uI_ByqFxPGpwkIWpYD3hP-qnC7KiWKnxD-L-FVVXvWQ2xc2b2u4jf7dRug3s3Bk2StkJvDdU852SxXiPPbxYdVlLsMxyN44-IcwFiDylSZ_TEkoVhEeyEQPl0JZ_uhjUCRV2gaFWynI9yDah0wGS7W8MQCBoWTGR0byAg_O4wotJw4rkLdY-JFS_JhtUBv2w",
      "e": "AQAB",
      "kid": "a269918160d0253d6f454f130ff4e03f75874d3ee53f9a49ddc854219cebad38"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4
MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS
RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj
Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz
ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB
AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00
ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH
MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza
6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf
Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk
j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK
tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY
UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7
sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC
MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud
DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU
MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD
ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj
ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z
IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr
IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp
dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy
dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE
BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy
YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514
EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4
vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF
NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi
99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M
RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa
HI5ipvGg/0g=
-----END CERTIFICATE-----
2021-12-09 23:01:42 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-09 23:01:42 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "vOX4NX97_AqAYJZXxyfMWtlGPfWF_4PbQspCtM-mJSSJUgFCVETgm8777NYem--3ELXNXI38oTCJzotf8AgtEf9elUU1OBVBKNVUAY2F4LrtaBEAWRLqBqr3wbE1bW0_WlOE2ak7I2IwPMJj2R-Shdu5fBLz-vwtA8cKnvsp5S1cCGtSGPoBiCyl_X0G-54UzWy81M9oVBWmnANqXWPuaaIpJwX_MEDbAf-ycTnK9YdV-RLe7CET_8cRAQvJGoYg5oH_FlfAw6fGK97wydFnf3AsAzefMru-PTbDCfTQkzE3SVPphNkvKAqle7ZR8-H5Ne58TrGWfBGnuh7clNT0ow",
      "e": "AQAB",
      "kid": "b9dde4fc8a6deec5044a994da119b73d007db30d0978f78bfb1676db4150b323"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "vE25NVuoSYVc5w89PVmN6m9Z8cmxcQIiK-cogtj52iqMkHswgXLCjj1Ce6AnpxPO93A-1O73SistW_6xzR4sAMn5wzBnd7ieARj1Pmj4MTa03lfoZ8M989MBCLeU1Z22OjLUaM_fVWG2MeVY2E6BO5uI_ByqFxPGpwkIWpYD3hP-qnC7KiWKnxD-L-FVVXvWQ2xc2b2u4jf7dRug3s3Bk2StkJvDdU852SxXiPPbxYdVlLsMxyN44-IcwFiDylSZ_TEkoVhEeyEQPl0JZ_uhjUCRV2gaFWynI9yDah0wGS7W8MQCBoWTGR0byAg_O4wotJw4rkLdY-JFS_JhtUBv2w",
      "e": "AQAB",
      "kid": "a269918160d0253d6f454f130ff4e03f75874d3ee53f9a49ddc854219cebad38"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "b9dde4fc8a6deec5044a994da119b73d007db30d0978f78bfb1676db4150b323",
      "alg": "PS256",
      "n": "vOX4NX97_AqAYJZXxyfMWtlGPfWF_4PbQspCtM-mJSSJUgFCVETgm8777NYem--3ELXNXI38oTCJzotf8AgtEf9elUU1OBVBKNVUAY2F4LrtaBEAWRLqBqr3wbE1bW0_WlOE2ak7I2IwPMJj2R-Shdu5fBLz-vwtA8cKnvsp5S1cCGtSGPoBiCyl_X0G-54UzWy81M9oVBWmnANqXWPuaaIpJwX_MEDbAf-ycTnK9YdV-RLe7CET_8cRAQvJGoYg5oH_FlfAw6fGK97wydFnf3AsAzefMru-PTbDCfTQkzE3SVPphNkvKAqle7ZR8-H5Ne58TrGWfBGnuh7clNT0ow"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "a269918160d0253d6f454f130ff4e03f75874d3ee53f9a49ddc854219cebad38",
      "alg": "RSA-OAEP",
      "n": "vE25NVuoSYVc5w89PVmN6m9Z8cmxcQIiK-cogtj52iqMkHswgXLCjj1Ce6AnpxPO93A-1O73SistW_6xzR4sAMn5wzBnd7ieARj1Pmj4MTa03lfoZ8M989MBCLeU1Z22OjLUaM_fVWG2MeVY2E6BO5uI_ByqFxPGpwkIWpYD3hP-qnC7KiWKnxD-L-FVVXvWQ2xc2b2u4jf7dRug3s3Bk2StkJvDdU852SxXiPPbxYdVlLsMxyN44-IcwFiDylSZ_TEkoVhEeyEQPl0JZ_uhjUCRV2gaFWynI9yDah0wGS7W8MQCBoWTGR0byAg_O4wotJw4rkLdY-JFS_JhtUBv2w"
    }
  ]
}
2021-12-09 23:01:42 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-09 23:01:42 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-09 23:01:42 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "vOX4NX97_AqAYJZXxyfMWtlGPfWF_4PbQspCtM-mJSSJUgFCVETgm8777NYem--3ELXNXI38oTCJzotf8AgtEf9elUU1OBVBKNVUAY2F4LrtaBEAWRLqBqr3wbE1bW0_WlOE2ak7I2IwPMJj2R-Shdu5fBLz-vwtA8cKnvsp5S1cCGtSGPoBiCyl_X0G-54UzWy81M9oVBWmnANqXWPuaaIpJwX_MEDbAf-ycTnK9YdV-RLe7CET_8cRAQvJGoYg5oH_FlfAw6fGK97wydFnf3AsAzefMru-PTbDCfTQkzE3SVPphNkvKAqle7ZR8-H5Ne58TrGWfBGnuh7clNT0ow",
      "e": "AQAB",
      "kid": "b9dde4fc8a6deec5044a994da119b73d007db30d0978f78bfb1676db4150b323"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "vE25NVuoSYVc5w89PVmN6m9Z8cmxcQIiK-cogtj52iqMkHswgXLCjj1Ce6AnpxPO93A-1O73SistW_6xzR4sAMn5wzBnd7ieARj1Pmj4MTa03lfoZ8M989MBCLeU1Z22OjLUaM_fVWG2MeVY2E6BO5uI_ByqFxPGpwkIWpYD3hP-qnC7KiWKnxD-L-FVVXvWQ2xc2b2u4jf7dRug3s3Bk2StkJvDdU852SxXiPPbxYdVlLsMxyN44-IcwFiDylSZ_TEkoVhEeyEQPl0JZ_uhjUCRV2gaFWynI9yDah0wGS7W8MQCBoWTGR0byAg_O4wotJw4rkLdY-JFS_JhtUBv2w",
      "e": "AQAB",
      "kid": "a269918160d0253d6f454f130ff4e03f75874d3ee53f9a49ddc854219cebad38"
    }
  ]
}
Verify configuration of second client
2021-12-09 23:01:42 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
geru-bank-two
redirect_uri
https://scd-open-banking-frontend.dev.scd.open-co.tech
id_token_encrypted_response_alg
RSA-OAEP
id_token_encrypted_response_enc
A256GCM
certificate
-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgIUY2PZxSF4TSc5rzzBRjnDjwDNVBUwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDgwMFoXDTIyMTEwNzE4
MDgwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS
RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj
Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz
ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB
AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyRjM2ZkNzk5ZS00MDI4LTQxZjgtOTk1NC0z
YzhhMzQyMzJjMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHNeCm
S535la4jF2UuZGDv/WnfXP3ar8R73wHbUov59Gq2IYlnno3vqqNkQgmpPlTsP3Pr
kNnehWZGmAk/S3beZZge9Q9/VHwgTbMYDxjXh2X447sIlcFgp7b0wEAJpcPzGzI6
vMttZDS169VVPKNzAsF89qxtQjQhRRvsW9lD9yhPOLSAmPvKUkSf32lg5LLPs0HW
5S40voyXSceGCI/P2HI6ruT4BWaqOY3z98C1DxWxtjjRMEy5qE7rhLcfSxhTfEdi
UPJ4FU04n362NgOtQvosHeB8Cc+eQwg8rYqUY52HeuHuSnjkcJTYYIKSqebe2Pr3
gZ/XbaLmhJd43lsjAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBR4qGDmpafIhhqC+zzAydgS0xaIzDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7
sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC
MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud
DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU
MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD
ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj
ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z
IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr
IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp
dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy
dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE
BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy
YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBANx0iEPMKOpj
7SngTy/DDI9s8rgX3W8GjN3ZZaDFgMfCYbLq3buLDoqFrX4BIewVocnRZAnl001O
37uzLc4Q0lhr2YNjwZDB6Oq+s/waNJ8LKjGQMKlNXLgx9sCag8PRk+36SKWZ/R1G
qq4bLQUWYWdwcyvN3WCVHtUakBciVcoSVLClf5ZoEGlVQqNKXIUgvivzdgVKXDXK
aEQ14uOinFOuPDdqLAXzD2IDALN74xnrGnT9Q6aL5xWxo/KRxwGgDc++SU20uW3r
AgH/qbMDpfcEXJlAeqbe6QImKpMF8jBCIiYGWnlzDCi0plhl7pvE5+P7FywjRnYy
Ez2A6GQHxs4=
-----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "uIl9xTeOhvb9r7wf8B0tRSIWTNgIISepevXXaV78ozO_AJCsMpUQSqt6cET9_3EAb9JPtSDJUtOX0UaI6b4VMAeeq78v_vVlRTX61sxhuNIb5wXIct_jxUs7nIPJfvmJ3PEdhKC4QTOmavoSN84rRS_yYiLeXTnhvuv0JJ75Ik6NgJNDyGjzxTYaXBXXQKq-ZvM38718S_zu7kcoFZJwKRaCoadoZ3V83-MizdKlRnoRzC7q8bfSc9WYt3KPl4ZSVMxi_151h9_T7M5TEvUcKhjRh3SCGGJZoSqvxgGoknXQ_58Njbm-EjSVSDWQMIvifvLAwNj5z_gwU2vsYe770w",
      "e": "AQAB",
      "kid": "c3e45db3743a0d5065b2ad404932ab9bb4a592a00966dfd3dc8f1c74309a9e71"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "tYG8Tx175zj9e0uCyFZ9tkPnd-wLwxVHJ2v6mTDFGkci9hx9as9DXFKUaGJ_OfPQDx-5csyKN_eCyJCcrxOoZPv1YDtCvgL1ZXUC7nfb9sNl7d2OmRapottNVfLJYAguFWF2vP6ZD0uOwaUxs6FHGl0smljSd3EUgGgdUnxWxiFfYumnc89gvz20imG8qDFg0-h8X2VMTqR2CPbjFa_YZiHO2i5tUuAw7QohqFBSs9xoicImI19OsxXZO2qocVdtGBuvTEx-7z4g0WfM6A3fJ5IHWeIL3pVPRVOW1YqlQIWqcRU9TDYuWxCbB_PYiTYC_95yTDTrHcV-rePpETA1Pw",
      "e": "AQAB",
      "kid": "7c7247aebd7543255e1ad5168cfc34843ce6a4f3e9b8644c87e13fb834c76606"
    }
  ]
}
2021-12-09 23:01:42 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2021-12-09 23:01:42 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "uIl9xTeOhvb9r7wf8B0tRSIWTNgIISepevXXaV78ozO_AJCsMpUQSqt6cET9_3EAb9JPtSDJUtOX0UaI6b4VMAeeq78v_vVlRTX61sxhuNIb5wXIct_jxUs7nIPJfvmJ3PEdhKC4QTOmavoSN84rRS_yYiLeXTnhvuv0JJ75Ik6NgJNDyGjzxTYaXBXXQKq-ZvM38718S_zu7kcoFZJwKRaCoadoZ3V83-MizdKlRnoRzC7q8bfSc9WYt3KPl4ZSVMxi_151h9_T7M5TEvUcKhjRh3SCGGJZoSqvxgGoknXQ_58Njbm-EjSVSDWQMIvifvLAwNj5z_gwU2vsYe770w",
      "e": "AQAB",
      "kid": "c3e45db3743a0d5065b2ad404932ab9bb4a592a00966dfd3dc8f1c74309a9e71"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "tYG8Tx175zj9e0uCyFZ9tkPnd-wLwxVHJ2v6mTDFGkci9hx9as9DXFKUaGJ_OfPQDx-5csyKN_eCyJCcrxOoZPv1YDtCvgL1ZXUC7nfb9sNl7d2OmRapottNVfLJYAguFWF2vP6ZD0uOwaUxs6FHGl0smljSd3EUgGgdUnxWxiFfYumnc89gvz20imG8qDFg0-h8X2VMTqR2CPbjFa_YZiHO2i5tUuAw7QohqFBSs9xoicImI19OsxXZO2qocVdtGBuvTEx-7z4g0WfM6A3fJ5IHWeIL3pVPRVOW1YqlQIWqcRU9TDYuWxCbB_PYiTYC_95yTDTrHcV-rePpETA1Pw",
      "e": "AQAB",
      "kid": "7c7247aebd7543255e1ad5168cfc34843ce6a4f3e9b8644c87e13fb834c76606"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "c3e45db3743a0d5065b2ad404932ab9bb4a592a00966dfd3dc8f1c74309a9e71",
      "alg": "PS256",
      "n": "uIl9xTeOhvb9r7wf8B0tRSIWTNgIISepevXXaV78ozO_AJCsMpUQSqt6cET9_3EAb9JPtSDJUtOX0UaI6b4VMAeeq78v_vVlRTX61sxhuNIb5wXIct_jxUs7nIPJfvmJ3PEdhKC4QTOmavoSN84rRS_yYiLeXTnhvuv0JJ75Ik6NgJNDyGjzxTYaXBXXQKq-ZvM38718S_zu7kcoFZJwKRaCoadoZ3V83-MizdKlRnoRzC7q8bfSc9WYt3KPl4ZSVMxi_151h9_T7M5TEvUcKhjRh3SCGGJZoSqvxgGoknXQ_58Njbm-EjSVSDWQMIvifvLAwNj5z_gwU2vsYe770w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "7c7247aebd7543255e1ad5168cfc34843ce6a4f3e9b8644c87e13fb834c76606",
      "alg": "RSA-OAEP",
      "n": "tYG8Tx175zj9e0uCyFZ9tkPnd-wLwxVHJ2v6mTDFGkci9hx9as9DXFKUaGJ_OfPQDx-5csyKN_eCyJCcrxOoZPv1YDtCvgL1ZXUC7nfb9sNl7d2OmRapottNVfLJYAguFWF2vP6ZD0uOwaUxs6FHGl0smljSd3EUgGgdUnxWxiFfYumnc89gvz20imG8qDFg0-h8X2VMTqR2CPbjFa_YZiHO2i5tUuAw7QohqFBSs9xoicImI19OsxXZO2qocVdtGBuvTEx-7z4g0WfM6A3fJ5IHWeIL3pVPRVOW1YqlQIWqcRU9TDYuWxCbB_PYiTYC_95yTDTrHcV-rePpETA1Pw"
    }
  ]
}
2021-12-09 23:01:42 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2021-12-09 23:01:42 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2021-12-09 23:01:42 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "uIl9xTeOhvb9r7wf8B0tRSIWTNgIISepevXXaV78ozO_AJCsMpUQSqt6cET9_3EAb9JPtSDJUtOX0UaI6b4VMAeeq78v_vVlRTX61sxhuNIb5wXIct_jxUs7nIPJfvmJ3PEdhKC4QTOmavoSN84rRS_yYiLeXTnhvuv0JJ75Ik6NgJNDyGjzxTYaXBXXQKq-ZvM38718S_zu7kcoFZJwKRaCoadoZ3V83-MizdKlRnoRzC7q8bfSc9WYt3KPl4ZSVMxi_151h9_T7M5TEvUcKhjRh3SCGGJZoSqvxgGoknXQ_58Njbm-EjSVSDWQMIvifvLAwNj5z_gwU2vsYe770w",
      "e": "AQAB",
      "kid": "c3e45db3743a0d5065b2ad404932ab9bb4a592a00966dfd3dc8f1c74309a9e71"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "tYG8Tx175zj9e0uCyFZ9tkPnd-wLwxVHJ2v6mTDFGkci9hx9as9DXFKUaGJ_OfPQDx-5csyKN_eCyJCcrxOoZPv1YDtCvgL1ZXUC7nfb9sNl7d2OmRapottNVfLJYAguFWF2vP6ZD0uOwaUxs6FHGl0smljSd3EUgGgdUnxWxiFfYumnc89gvz20imG8qDFg0-h8X2VMTqR2CPbjFa_YZiHO2i5tUuAw7QohqFBSs9xoicImI19OsxXZO2qocVdtGBuvTEx-7z4g0WfM6A3fJ5IHWeIL3pVPRVOW1YqlQIWqcRU9TDYuWxCbB_PYiTYC_95yTDTrHcV-rePpETA1Pw",
      "e": "AQAB",
      "kid": "7c7247aebd7543255e1ad5168cfc34843ce6a4f3e9b8644c87e13fb834c76606"
    }
  ]
}
2021-12-09 23:01:42
fapi1-advanced-final-client-test-invalid-aud
Setup Done
2021-12-09 23:01:43 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/geru/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-09 23:01:43 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-09 23:01:43 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/geru/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/geru/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/geru/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/geru/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/geru/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/geru/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "tls_client_auth"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/geru/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "jwt"
  ],
  "authorization_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-09 23:01:43 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "content-length": "64",
  "connection": "close"
}
incoming_path
/test-mtls/a/geru/token
incoming_body_form_params
{
  "grant_type": "client_credentials",
  "scope": "consents",
  "client_id": "geru-bank"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4 MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00 ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza 6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7 sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514 EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4 vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi 99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa HI5ipvGg/0g= -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=client_credentials&scope=consents&client_id=geru-bank
2021-12-09 23:01:43 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-09 23:01:43 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4 MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00 ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza 6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7 sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514 EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4 vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi 99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa HI5ipvGg/0g\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4\nMDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS\nRVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj\nY2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz\nODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB\nAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00\nZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH\nMpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza\n6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf\nZ0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk\nj7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK\ntC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY\nUV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW\nBBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7\nsM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC\nMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud\nDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU\nMIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD\nZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj\nZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z\nIHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr\nIFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp\ndHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy\ndGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE\nBggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy\nYXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514\nEpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4\nvv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF\nNzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi\n99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M\nRyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa\nHI5ipvGg/0g\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d73885603-f3ff-41bf-b2b2-4f7ca9fe6076,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3337373633383437303030313338,CN\u003dgeru.com.br,OU\u003d0ca05092-025f-47c4-b878-4a03c150cccf,O\u003dGERU SOCIEDADE DE CREDITO DIRETO,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "geru.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-09 23:01:43 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-09 23:01:43 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4
MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS
RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj
Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz
ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB
AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00
ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH
MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza
6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf
Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk
j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK
tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY
UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7
sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC
MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud
DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU
MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD
ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj
ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z
IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr
IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp
dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy
dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE
BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy
YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514
EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4
vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF
NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi
99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M
RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa
HI5ipvGg/0g=
-----END CERTIFICATE-----
2021-12-09 23:01:43 SUCCESS
EnsureNoClientAssertionSentToTokenEndpoint
Client did not send a client_assertion to token endpoint
2021-12-09 23:01:43 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'consents' scope in request
actual
[
  "consents"
]
expected
consents
2021-12-09 23:01:43 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
U7xkQH87V3ekdGVyQKiDqjcUMGFeQEiqZQzLdWujM6Lk0kSAfH
2021-12-09 23:01:43 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
U7xkQH87V3ekdGVyQKiDqjcUMGFeQEiqZQzLdWujM6Lk0kSAfH
token_type
Bearer
2021-12-09 23:01:43
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2021-12-09 23:01:43 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "U7xkQH87V3ekdGVyQKiDqjcUMGFeQEiqZQzLdWujM6Lk0kSAfH",
  "token_type": "Bearer"
}
outgoing_path
token
2021-12-09 23:01:43 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, text/plain, */*",
  "content-type": "application/json",
  "authorization": "Bearer U7xkQH87V3ekdGVyQKiDqjcUMGFeQEiqZQzLdWujM6Lk0kSAfH",
  "user-agent": "axios/0.21.1",
  "content-length": "1174",
  "connection": "close"
}
incoming_path
/test-mtls/a/geru/consents/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4 MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00 ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza 6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7 sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514 EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4 vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi 99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa HI5ipvGg/0g= -----END CERTIFICATE-----
incoming_body_json
{
  "data": {
    "loggedUser": {
      "document": {
        "identification": "57784518064",
        "rel": "CPF"
      }
    },
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_OVERDRAFT_LIMITS_READ",
      "ACCOUNTS_BALANCES_READ",
      "ACCOUNTS_TRANSACTIONS_READ",
      "CREDIT_CARDS_ACCOUNTS_BILLS_READ",
      "CREDIT_CARDS_ACCOUNTS_BILLS_TRANSACTIONS_READ",
      "CREDIT_CARDS_ACCOUNTS_LIMITS_READ",
      "CREDIT_CARDS_ACCOUNTS_READ",
      "CREDIT_CARDS_ACCOUNTS_TRANSACTIONS_READ",
      "CUSTOMERS_PERSONAL_ADITTIONALINFO_READ",
      "CUSTOMERS_PERSONAL_IDENTIFICATIONS_READ",
      "LOANS_READ",
      "LOANS_WARRANTIES_READ",
      "LOANS_SCHEDULED_INSTALMENTS_READ",
      "LOANS_PAYMENTS_READ",
      "FINANCINGS_READ",
      "FINANCINGS_WARRANTIES_READ",
      "FINANCINGS_SCHEDULED_INSTALMENTS_READ",
      "FINANCINGS_PAYMENTS_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_WARRANTIES_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_SCHEDULED_INSTALMENTS_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_PAYMENTS_READ",
      "INVOICE_FINANCINGS_READ",
      "INVOICE_FINANCINGS_WARRANTIES_READ",
      "INVOICE_FINANCINGS_SCHEDULED_INSTALMENTS_READ",
      "INVOICE_FINANCINGS_PAYMENTS_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-31T00:00:00Z",
    "transactionFromDateTime": "2021-08-10T00:00:00Z",
    "transactionToDateTime": "2021-12-31T23:59:59Z"
  }
}
incoming_query_string_params
{}
incoming_body
{"data":{"loggedUser":{"document":{"identification":"57784518064","rel":"CPF"}},"permissions":["ACCOUNTS_READ","ACCOUNTS_OVERDRAFT_LIMITS_READ","ACCOUNTS_BALANCES_READ","ACCOUNTS_TRANSACTIONS_READ","CREDIT_CARDS_ACCOUNTS_BILLS_READ","CREDIT_CARDS_ACCOUNTS_BILLS_TRANSACTIONS_READ","CREDIT_CARDS_ACCOUNTS_LIMITS_READ","CREDIT_CARDS_ACCOUNTS_READ","CREDIT_CARDS_ACCOUNTS_TRANSACTIONS_READ","CUSTOMERS_PERSONAL_ADITTIONALINFO_READ","CUSTOMERS_PERSONAL_IDENTIFICATIONS_READ","LOANS_READ","LOANS_WARRANTIES_READ","LOANS_SCHEDULED_INSTALMENTS_READ","LOANS_PAYMENTS_READ","FINANCINGS_READ","FINANCINGS_WARRANTIES_READ","FINANCINGS_SCHEDULED_INSTALMENTS_READ","FINANCINGS_PAYMENTS_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_WARRANTIES_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_SCHEDULED_INSTALMENTS_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_PAYMENTS_READ","INVOICE_FINANCINGS_READ","INVOICE_FINANCINGS_WARRANTIES_READ","INVOICE_FINANCINGS_SCHEDULED_INSTALMENTS_READ","INVOICE_FINANCINGS_PAYMENTS_READ","RESOURCES_READ"],"expirationDateTime":"2021-12-31T00:00:00Z","transactionFromDateTime":"2021-08-10T00:00:00Z","transactionToDateTime":"2021-12-31T23:59:59Z"}}
2021-12-09 23:01:43 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2021-12-09 23:01:43 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4 MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00 ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza 6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7 sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514 EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4 vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi 99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa HI5ipvGg/0g\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4\nMDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS\nRVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj\nY2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz\nODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB\nAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00\nZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH\nMpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza\n6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf\nZ0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk\nj7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK\ntC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY\nUV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW\nBBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7\nsM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC\nMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud\nDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU\nMIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD\nZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj\nZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z\nIHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr\nIFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp\ndHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy\ndGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE\nBggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy\nYXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514\nEpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4\nvv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF\nNzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi\n99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M\nRyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa\nHI5ipvGg/0g\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d73885603-f3ff-41bf-b2b2-4f7ca9fe6076,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3337373633383437303030313338,CN\u003dgeru.com.br,OU\u003d0ca05092-025f-47c4-b878-4a03c150cccf,O\u003dGERU SOCIEDADE DE CREDITO DIRETO,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "geru.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-09 23:01:43 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-09 23:01:43 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4
MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS
RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj
Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz
ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB
AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00
ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH
MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza
6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf
Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk
j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK
tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY
UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7
sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC
MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud
DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU
MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD
ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj
ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z
IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr
IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp
dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy
dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE
BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy
YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514
EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4
vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF
NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi
99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M
RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa
HI5ipvGg/0g=
-----END CERTIFICATE-----
2021-12-09 23:01:43 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2021-12-09 23:01:43 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2021-12-09 23:01:43 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
U7xkQH87V3ekdGVyQKiDqjcUMGFeQEiqZQzLdWujM6Lk0kSAfH
2021-12-09 23:01:43 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
U7xkQH87V3ekdGVyQKiDqjcUMGFeQEiqZQzLdWujM6Lk0kSAfH
2021-12-09 23:01:43 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2021-12-09 23:01:43 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2021-12-09 23:01:43 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2021-12-09 23:01:43 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedConsents
The token request which was used to obtain the access token contained 'consents' scope
actual
[
  "consents"
]
2021-12-09 23:01:43
FAPIBrazilExtractConsentRequest
Condition ran but did not log anything
2021-12-09 23:01:43 SUCCESS
CreateFapiInteractionIdIfNeeded
Created new FAPI interaction ID
fapi_interaction_id
81a0fbb4-ad6a-42b8-8751-b77ee9ef95a0
2021-12-09 23:01:43 SUCCESS
FAPIBrazilGenerateNewConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "81a0fbb4-ad6a-42b8-8751-b77ee9ef95a0"
}
consentId
urn:conformance.oidf:pfJHsulthk
consent_response
{
  "data": {
    "consentId": "urn:conformance.oidf:pfJHsulthk",
    "creationDateTime": "2021-12-09T23:01:43Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-09T23:01:43Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-10T01:01:43Z",
    "transactionFromDateTime": "2021-12-09T22:56:43Z",
    "transactionToDateTime": "2021-12-10T01:01:43Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/geruconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-09T23:01:43Z"
  }
}
2021-12-09 23:01:43
ClearAccessTokenFromRequest
Condition ran but did not log anything
2021-12-09 23:01:43 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "81a0fbb4-ad6a-42b8-8751-b77ee9ef95a0"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:pfJHsulthk",
    "creationDateTime": "2021-12-09T23:01:43Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2021-12-09T23:01:43Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-10T01:01:43Z",
    "transactionFromDateTime": "2021-12-09T22:56:43Z",
    "transactionToDateTime": "2021-12-10T01:01:43Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/geruconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-09T23:01:43Z"
  }
}
outgoing_path
consents/v1/consents
2021-12-09 23:01:43 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/geru/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-09 23:01:43 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-09 23:01:43 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
outgoing_path
jwks
2021-12-09 23:01:44 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "content-length": "2461",
  "connection": "close"
}
incoming_path
/test-mtls/a/geru/par
incoming_body_form_params
{
  "request": "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJjdHkiOiJvYXV0aC1hdXRoei1yZXErand0Iiwia2lkIjoiMGZlNTAyZGQtMTRmMC00ZjQ1LTgwZjktZmViOWEyMTZmOTk2In0.Ue1PwypTFw_uV5249tyJc8Cz7vW8SF_cHMpE_46AKb5eQ5Nj3x9gRNnRx7XB0asPT74BoEcG-e5Q1NQtdkkGctIwzIR9fbfgAzT1kckjxZy9izGUyicHsCz1ov-Il8YPjOm3i25JtV-AiAp5SHv-XtTpXl_Tt0xgze5QbwoVC2O4_czKJRtdrplyb-0TBdTmkhXuTmettIWOd-DPMlk2ut5KMJOdkrPi2sb9nZqdi3fiVp6dgb4ba8EgtwbQ9Zx9PqcWz9NR4P3LqVqO5mwXVPzxBXlX9XiUtJ9HvFnt-MCZoGUytYWzFGgFFDS9Ndutw6m0kAuI57xsXZ_0AryNIQ.GqELlnQhGGkh5XHH.6DPjdwFVor7wt71uTFLS5hnFnKuxolUY7gL7YWoQzrVHH63pAuEKUXY1z3QdvX6nLW3pKQ7wTjR7MFG8vRKwLxATV-64hOg5KkKxBO-n82nzyFjBvBg2DhTCULaoObssfcHnknLWeNO_7jYT7I41aFPDdEn_St0A-cGLawIZTDIeSMXeZw8CDCGGbXgGbgB-2RMC_KCc6-ejfh22Y2oF3BfqI1scRviooRZMMhKR2sXwIcHhDtCqu0RrQ5jMDSBKFvxcZ5FnT9XmBBLK7cwEtd3bx8xBhjGR3TRrlSFivCIBn5SAf_w3YM9Ze6DHm2hbSu3kz_ZGnYS2FfhSu2De2f8lCGBp8gx2InZK9apJ47-YkCJiB_xhJTUBywM64I4nUL8HKG9dCXLlyNqyZY4ncDGUYjs_UBawME4QH_UWky0-tgwEdfnVzszGmrk5TV_UvxcZcTt0p2rPxNLzx_lxFs3b5PT1ZCsfFl1VQSY6yBC7GL4fKes8hXfIuNF-2kfuijGv7Nu4ndAA1VNZh-3_Qyf3n2D82ZU-TtzfMO08IrIpkBxElhSgfH4SYCTTvr1O8AxHUXO6jUglI1X7O3wrF8t4K5gp118OJIQX9nuWy0dU0Xx6dQ4pcFMKk0_Sdnyh_BtpRwUDT1EaUXoGfnDT9E05wkyjRia1_nQGqofmBid8V6s6RugXkF3y1RjS1lvqYg0Y-vWas981g-znsYpAemuhGyd2XhAf_KTGd5JvrsL0tfvNnLDMsU-2ruoG1OpUPkzIQyXpudsmR3HAF3boO-NbB6-soJzFVYV_A41miyy188SQkNos6ODe1bvT2WKNQ5tXUM0cqIVO-90iQFNhcp6EXVAMEXdQH71X2ZqbJw7D47GzcxpoJwU18jWExI_F0u0ZuO0V3YABKaVWEC2mmqASdnPp21AemMLvQOgUi_tXTCEMAZHCxefAXfmdNAjIunfeebndX6tx5NTy1Do3eUD2Q8IMhsAEAzFbEMNP5PkAgawPjSs9QKC7abqDFgK8CkIqucgt6DnSyewYd0PTcno055_0nbhf9HzaE7dTTMpBs0G9Y8bV4qiK0lL4a7xg2H2ocdDsHPECSk1aoS5CZ0sNwQJIAX-46mK-WXkq98-vvT39qWZvpXbWfiE-13pnVluxAt-jymqW7fBhSy8QlZUTtn7EeygIz8hqssQFYRwjbNGfz4qSVyRcRjIHGX_nI8QGGyHfCbynfivbC2U5fRI1Rq8491EEmG3be7coPYdNi9fcZZ3gYyJyWac8WHN8CRhuYo_Fq73HI7cYSUTTN_JGoNN-84Sj3TQh0CFYANwwJELnuYUBz-CsNf_xo3rFv52P5aLkQNnvgwYGT6xv-FHiychvUB0S18DzMh3MWL0shpibLiOXlHOSD4699pZQTBbLTuVVNHPFmF8l4ZK4QuhxtqwrDGteG_DrH_gAijWSQhts1fx_Iyi3IzY7zGE9u79N1MOM02Nd5U-QU5yQu5pP2LoqO55GKHX0rIjf2LW7msI8edrsfdZcw1RJPXTgGU-l_Hx-6lhd7DLG9epnqT7BZKOsuODQmaPBFuY2aHcVPhgDLp-64ZgqgUK4SMN7ydiGfZitmKGhXbOT7-qqUleUKnWAYqQSJNWxIAMd2y_qBHRfqD2hZ3L7ymfC7FwRDvLmEBalu4-AjG7I4yqBl0FREmvoTSk50LO_BLtPI4wmb0Z6G-bjNZfpDRcpxJt1GP_kHebMXeAeBzRIDDPrgJE_bULTNGE5Iwy7QuMyKe8Yu4WW_r_WCHdtXp9gvkZFgLnmRqiqR0guqb8rTkENDJwBhBiIgmhq1T_ghwk2Qzw2ILe2IR29AhLByGy1K0AQS6CWNsPiQEFAltU64_UnIGRAeA92l5x594IWIM0d0k6Sia3c3g.sqzTFjj-hPFXUiS802xp1Q",
  "client_id": "geru-bank"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4 MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00 ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza 6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7 sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514 EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4 vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi 99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa HI5ipvGg/0g= -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
request=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJjdHkiOiJvYXV0aC1hdXRoei1yZXErand0Iiwia2lkIjoiMGZlNTAyZGQtMTRmMC00ZjQ1LTgwZjktZmViOWEyMTZmOTk2In0.Ue1PwypTFw_uV5249tyJc8Cz7vW8SF_cHMpE_46AKb5eQ5Nj3x9gRNnRx7XB0asPT74BoEcG-e5Q1NQtdkkGctIwzIR9fbfgAzT1kckjxZy9izGUyicHsCz1ov-Il8YPjOm3i25JtV-AiAp5SHv-XtTpXl_Tt0xgze5QbwoVC2O4_czKJRtdrplyb-0TBdTmkhXuTmettIWOd-DPMlk2ut5KMJOdkrPi2sb9nZqdi3fiVp6dgb4ba8EgtwbQ9Zx9PqcWz9NR4P3LqVqO5mwXVPzxBXlX9XiUtJ9HvFnt-MCZoGUytYWzFGgFFDS9Ndutw6m0kAuI57xsXZ_0AryNIQ.GqELlnQhGGkh5XHH.6DPjdwFVor7wt71uTFLS5hnFnKuxolUY7gL7YWoQzrVHH63pAuEKUXY1z3QdvX6nLW3pKQ7wTjR7MFG8vRKwLxATV-64hOg5KkKxBO-n82nzyFjBvBg2DhTCULaoObssfcHnknLWeNO_7jYT7I41aFPDdEn_St0A-cGLawIZTDIeSMXeZw8CDCGGbXgGbgB-2RMC_KCc6-ejfh22Y2oF3BfqI1scRviooRZMMhKR2sXwIcHhDtCqu0RrQ5jMDSBKFvxcZ5FnT9XmBBLK7cwEtd3bx8xBhjGR3TRrlSFivCIBn5SAf_w3YM9Ze6DHm2hbSu3kz_ZGnYS2FfhSu2De2f8lCGBp8gx2InZK9apJ47-YkCJiB_xhJTUBywM64I4nUL8HKG9dCXLlyNqyZY4ncDGUYjs_UBawME4QH_UWky0-tgwEdfnVzszGmrk5TV_UvxcZcTt0p2rPxNLzx_lxFs3b5PT1ZCsfFl1VQSY6yBC7GL4fKes8hXfIuNF-2kfuijGv7Nu4ndAA1VNZh-3_Qyf3n2D82ZU-TtzfMO08IrIpkBxElhSgfH4SYCTTvr1O8AxHUXO6jUglI1X7O3wrF8t4K5gp118OJIQX9nuWy0dU0Xx6dQ4pcFMKk0_Sdnyh_BtpRwUDT1EaUXoGfnDT9E05wkyjRia1_nQGqofmBid8V6s6RugXkF3y1RjS1lvqYg0Y-vWas981g-znsYpAemuhGyd2XhAf_KTGd5JvrsL0tfvNnLDMsU-2ruoG1OpUPkzIQyXpudsmR3HAF3boO-NbB6-soJzFVYV_A41miyy188SQkNos6ODe1bvT2WKNQ5tXUM0cqIVO-90iQFNhcp6EXVAMEXdQH71X2ZqbJw7D47GzcxpoJwU18jWExI_F0u0ZuO0V3YABKaVWEC2mmqASdnPp21AemMLvQOgUi_tXTCEMAZHCxefAXfmdNAjIunfeebndX6tx5NTy1Do3eUD2Q8IMhsAEAzFbEMNP5PkAgawPjSs9QKC7abqDFgK8CkIqucgt6DnSyewYd0PTcno055_0nbhf9HzaE7dTTMpBs0G9Y8bV4qiK0lL4a7xg2H2ocdDsHPECSk1aoS5CZ0sNwQJIAX-46mK-WXkq98-vvT39qWZvpXbWfiE-13pnVluxAt-jymqW7fBhSy8QlZUTtn7EeygIz8hqssQFYRwjbNGfz4qSVyRcRjIHGX_nI8QGGyHfCbynfivbC2U5fRI1Rq8491EEmG3be7coPYdNi9fcZZ3gYyJyWac8WHN8CRhuYo_Fq73HI7cYSUTTN_JGoNN-84Sj3TQh0CFYANwwJELnuYUBz-CsNf_xo3rFv52P5aLkQNnvgwYGT6xv-FHiychvUB0S18DzMh3MWL0shpibLiOXlHOSD4699pZQTBbLTuVVNHPFmF8l4ZK4QuhxtqwrDGteG_DrH_gAijWSQhts1fx_Iyi3IzY7zGE9u79N1MOM02Nd5U-QU5yQu5pP2LoqO55GKHX0rIjf2LW7msI8edrsfdZcw1RJPXTgGU-l_Hx-6lhd7DLG9epnqT7BZKOsuODQmaPBFuY2aHcVPhgDLp-64ZgqgUK4SMN7ydiGfZitmKGhXbOT7-qqUleUKnWAYqQSJNWxIAMd2y_qBHRfqD2hZ3L7ymfC7FwRDvLmEBalu4-AjG7I4yqBl0FREmvoTSk50LO_BLtPI4wmb0Z6G-bjNZfpDRcpxJt1GP_kHebMXeAeBzRIDDPrgJE_bULTNGE5Iwy7QuMyKe8Yu4WW_r_WCHdtXp9gvkZFgLnmRqiqR0guqb8rTkENDJwBhBiIgmhq1T_ghwk2Qzw2ILe2IR29AhLByGy1K0AQS6CWNsPiQEFAltU64_UnIGRAeA92l5x594IWIM0d0k6Sia3c3g.sqzTFjj-hPFXUiS802xp1Q&client_id=geru-bank
2021-12-09 23:01:44 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
PAR endpoint
2021-12-09 23:01:44 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4 MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00 ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza 6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7 sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514 EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4 vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi 99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa HI5ipvGg/0g\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4\nMDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS\nRVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj\nY2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz\nODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB\nAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00\nZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH\nMpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza\n6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf\nZ0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk\nj7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK\ntC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY\nUV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW\nBBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7\nsM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC\nMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud\nDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU\nMIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD\nZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj\nZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z\nIHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr\nIFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp\ndHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy\ndGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE\nBggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy\nYXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514\nEpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4\nvv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF\nNzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi\n99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M\nRyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa\nHI5ipvGg/0g\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d73885603-f3ff-41bf-b2b2-4f7ca9fe6076,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3337373633383437303030313338,CN\u003dgeru.com.br,OU\u003d0ca05092-025f-47c4-b878-4a03c150cccf,O\u003dGERU SOCIEDADE DE CREDITO DIRETO,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "geru.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-09 23:01:44 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-09 23:01:44 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4
MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS
RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj
Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz
ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB
AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00
ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH
MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza
6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf
Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk
j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK
tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY
UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7
sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC
MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud
DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU
MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD
ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj
ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z
IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr
IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp
dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy
dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE
BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy
YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514
EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4
vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF
NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi
99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M
RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa
HI5ipvGg/0g=
-----END CERTIFICATE-----
2021-12-09 23:01:44 SUCCESS
EnsureNoClientAssertionSentToTokenEndpoint
Client did not send a client_assertion to token endpoint
2021-12-09 23:01:44 SUCCESS
ExtractRequestObjectFromPAREndpointRequest
Parsed request object
request_object
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJiOWRkZTRmYzhhNmRlZWM1MDQ0YTk5NGRhMTE5YjczZDAwN2RiMzBkMDk3OGY3OGJmYjE2NzZkYjQxNTBiMzIzIn0.eyJub25jZSI6Ik9iVy1JcUdQOFRkRUVSdmh3RUtTZm1ib250b0thcjZJb3lScjRfbnA4TjAiLCJzdGF0ZSI6IkV5b3ktYXdYNFRlU3UyTkh6TDdlU1UtU2lEcVY5eUNfTXJVNDI2VVFsTDQiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOnBmSkhzdWx0aGsgYWNjb3VudHMgcmVzb3VyY2VzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3NjZC1vcGVuLWJhbmtpbmctZnJvbnRlbmQuZGV2LnNjZC5vcGVuLWNvLnRlY2giLCJjbGFpbXMiOnsiaWRfdG9rZW4iOnsiYWNyIjp7InZhbHVlcyI6WyJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiXSwiZXNzZW50aWFsIjp0cnVlfX19LCJjb2RlX2NoYWxsZW5nZSI6IkFGN3dBTHJ0cVdsbHltQ05zVnd3MFEwMTM5b3RncEV0QXhLM3oxWV90TUUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiaXNzIjoiZ2VydS1iYW5rIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9nZXJ1LyIsImNsaWVudF9pZCI6ImdlcnUtYmFuayIsImp0aSI6InJueDRXQ3FRb0VmQmloZzQ0NmN3bHp5WEZHUXUzeUFfdUI5My0yNEZJazQiLCJpYXQiOjE2MzkwOTA5MDMsImV4cCI6MTYzOTA5MTIwMywibmJmIjoxNjM5MDkwOTAzfQ.bJUstovhFaQgLbhEi30EOQZehCDoSJ_MM5C0RLhkQqImBh7PnpeJF8ZBwM8jmK-g1yg18e6PZTOXIj4jXd40rZX9wGX4uGYwbL93W7ItprnXk5TgDTa4fef2GykgGLqNacr-e_U82neAJykp7neUbWlX3hUUl7MgQI_AK33UvM1Zv320YeK15a3t29HcwkTz9gVj0HiRMZR0-Gc7Noz2Vd9QXG2BD0NFN3wY7Vm8bUdR6TjzzU40nnsHf1Wiz0ob3lDtZc3aQq3yNZezoqEEu3l8YWluxl8fFjOTMzfeZolAMKuajIVqUHj9xjfAd5jKlR5dVcUYUQxdyAXdDesPtg",
  "header": {
    "kid": "b9dde4fc8a6deec5044a994da119b73d007db30d0978f78bfb1676db4150b323",
    "typ": "oauth-authz-req+jwt",
    "alg": "PS256"
  },
  "claims": {
    "iss": "geru-bank",
    "response_type": "code",
    "code_challenge_method": "S256",
    "nonce": "ObW-IqGP8TdEERvhwEKSfmbontoKar6IoyRr4_np8N0",
    "client_id": "geru-bank",
    "aud": "https://www.certification.openid.net/test/a/geru/",
    "nbf": 1639090903,
    "scope": "openid consent:urn:conformance.oidf:pfJHsulthk accounts resources",
    "claims": {
      "id_token": {
        "acr": {
          "values": [
            "urn:brasil:openbanking:loa2",
            "urn:brasil:openbanking:loa3"
          ],
          "essential": true
        }
      }
    },
    "state": "Eyoy-awX4TeSu2NHzL7eSU-SiDqV9yC_MrU426UQlL4",
    "redirect_uri": "https://scd-open-banking-frontend.dev.scd.open-co.tech",
    "exp": 1639091203,
    "iat": 1639090903,
    "code_challenge": "AF7wALrtqWllymCNsVww0Q0139otgpEtAxK3z1Y_tME",
    "jti": "rnx4WCqQoEfBihg446cwlzyXFGQu3yA_uB93-24FIk4"
  },
  "jwe_header": {
    "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
    "cty": "oauth-authz-req+jwt",
    "enc": "A256GCM",
    "alg": "RSA-OAEP"
  }
}
2021-12-09 23:01:44 SUCCESS
EnsurePAREndpointRequestDoesNotContainRequestUriParameter
PAR endpoint request does not contain a request_uri parameter
2021-12-09 23:01:44 SUCCESS
ValidateEncryptedRequestObjectHasKid
kid was found in the encrypted request object header
kid
0fe502dd-14f0-4f45-80f9-feb9a216f996
2021-12-09 23:01:44 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2021-12-09 23:01:44 SUCCESS
FAPIBrazilValidateRequestObjectIdTokenACRClaims
Acr value in request object is as expected
received
[
  "urn:brasil:openbanking:loa2",
  "urn:brasil:openbanking:loa3"
]
2021-12-09 23:01:44 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Dec 9, 2021, 11:06:43 PM"
2021-12-09 23:01:44 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Dec 9, 2021, 11:01:43 PM"
now
"Dec 9, 2021, 11:01:44 PM"
2021-12-09 23:01:44
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2021-12-09 23:01:44 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2021-12-09 23:01:44 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2021-12-09 23:01:44 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2021-12-09 23:01:44 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2021-12-09 23:01:44 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJiOWRkZTRmYzhhNmRlZWM1MDQ0YTk5NGRhMTE5YjczZDAwN2RiMzBkMDk3OGY3OGJmYjE2NzZkYjQxNTBiMzIzIn0.eyJub25jZSI6Ik9iVy1JcUdQOFRkRUVSdmh3RUtTZm1ib250b0thcjZJb3lScjRfbnA4TjAiLCJzdGF0ZSI6IkV5b3ktYXdYNFRlU3UyTkh6TDdlU1UtU2lEcVY5eUNfTXJVNDI2VVFsTDQiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZS5vaWRmOnBmSkhzdWx0aGsgYWNjb3VudHMgcmVzb3VyY2VzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL3NjZC1vcGVuLWJhbmtpbmctZnJvbnRlbmQuZGV2LnNjZC5vcGVuLWNvLnRlY2giLCJjbGFpbXMiOnsiaWRfdG9rZW4iOnsiYWNyIjp7InZhbHVlcyI6WyJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiXSwiZXNzZW50aWFsIjp0cnVlfX19LCJjb2RlX2NoYWxsZW5nZSI6IkFGN3dBTHJ0cVdsbHltQ05zVnd3MFEwMTM5b3RncEV0QXhLM3oxWV90TUUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiaXNzIjoiZ2VydS1iYW5rIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9nZXJ1LyIsImNsaWVudF9pZCI6ImdlcnUtYmFuayIsImp0aSI6InJueDRXQ3FRb0VmQmloZzQ0NmN3bHp5WEZHUXUzeUFfdUI5My0yNEZJazQiLCJpYXQiOjE2MzkwOTA5MDMsImV4cCI6MTYzOTA5MTIwMywibmJmIjoxNjM5MDkwOTAzfQ.bJUstovhFaQgLbhEi30EOQZehCDoSJ_MM5C0RLhkQqImBh7PnpeJF8ZBwM8jmK-g1yg18e6PZTOXIj4jXd40rZX9wGX4uGYwbL93W7ItprnXk5TgDTa4fef2GykgGLqNacr-e_U82neAJykp7neUbWlX3hUUl7MgQI_AK33UvM1Zv320YeK15a3t29HcwkTz9gVj0HiRMZR0-Gc7Noz2Vd9QXG2BD0NFN3wY7Vm8bUdR6TjzzU40nnsHf1Wiz0ob3lDtZc3aQq3yNZezoqEEu3l8YWluxl8fFjOTMzfeZolAMKuajIVqUHj9xjfAd5jKlR5dVcUYUQxdyAXdDesPtg
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 23846203553327299365485107100321162062448244492919797859629076287606513086740596402294906878752765419601271099327917193127743990852690041322094040768383624198441789676616318840569608585300544508421247227694480125120011781104845171406661909259669843088703052128954082054458558581984082288825913040315191061271341269671844781543618915159191802461219585744523115979009976811561492232351444788743896594549287340146305490872256509509758988721256204420339679579868976863245716219653823319013979181514515286901014485674968733408565577242188259099799342877974860953629031553001593460063839039078239812104831432758847492912291
  public exponent: 65537
2021-12-09 23:01:44 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://scd-open-banking-frontend.dev.scd.open-co.tech
2021-12-09 23:01:44 SUCCESS
EnsureRequestObjectContainsCodeChallengeWhenUsingPAR
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
AF7wALrtqWllymCNsVww0Q0139otgpEtAxK3z1Y_tME
2021-12-09 23:01:44 SUCCESS
CreatePAREndpointResponse
Created PAR endpoint response
request_uri
urn:ietf:params:oauth:request_uri:62f7fb2f-f347-44db-95c8-99d9d300046f
expires_in
600
2021-12-09 23:01:44 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "request_uri": "urn:ietf:params:oauth:request_uri:62f7fb2f-f347-44db-95c8-99d9d300046f",
  "expires_in": 600
}
outgoing_path
par
2021-12-09 23:01:44 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "PostmanRuntime/7.28.4",
  "accept": "*/*",
  "cache-control": "no-cache",
  "postman-token": "1563ab1e-8409-44ea-ad56-6f77a16ef794",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/geru/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "client_id": "geru-bank",
  "scope": "openid consent:urn:conformance.oidf:pfJHsulthk accounts resources",
  "response_type": "code",
  "redirect_uri": "https://scd-open-banking-frontend.dev.scd.open-co.tech",
  "request_uri": "urn:ietf:params:oauth:request_uri:62f7fb2f-f347-44db-95c8-99d9d300046f"
}
incoming_body
2021-12-09 23:01:44 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2021-12-09 23:01:44 SUCCESS
EnsureAuthorizationRequestDoesNotContainRequestWhenUsingPAR
Request does not contain a request parameter
2021-12-09 23:01:44 SUCCESS
ValidateEncryptedRequestObjectHasKid
kid was found in the encrypted request object header
kid
0fe502dd-14f0-4f45-80f9-feb9a216f996
2021-12-09 23:01:44 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "geru-bank",
  "scope": "openid consent:urn:conformance.oidf:pfJHsulthk accounts resources",
  "response_type": "code",
  "redirect_uri": "https://scd-open-banking-frontend.dev.scd.open-co.tech",
  "iss": "geru-bank",
  "code_challenge_method": "S256",
  "nonce": "ObW-IqGP8TdEERvhwEKSfmbontoKar6IoyRr4_np8N0",
  "aud": "https://www.certification.openid.net/test/a/geru/",
  "nbf": 1639090903,
  "claims": {
    "id_token": {
      "acr": {
        "values": [
          "urn:brasil:openbanking:loa2",
          "urn:brasil:openbanking:loa3"
        ],
        "essential": true
      }
    }
  },
  "state": "Eyoy-awX4TeSu2NHzL7eSU-SiDqV9yC_MrU426UQlL4",
  "exp": 1639091203,
  "iat": 1639090903,
  "code_challenge": "AF7wALrtqWllymCNsVww0Q0139otgpEtAxK3z1Y_tME",
  "jti": "rnx4WCqQoEfBihg446cwlzyXFGQu3yA_uB93-24FIk4"
}
2021-12-09 23:01:44 SUCCESS
EnsureClientIdInAuthorizationRequestParametersMatchRequestObject
client_id http request parameter value matches client_id in request object
2021-12-09 23:01:44 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid consent:urn:conformance.oidf:pfJHsulthk accounts resources
2021-12-09 23:01:44 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "openid",
  "consent:urn:conformance.oidf:pfJHsulthk",
  "accounts",
  "resources"
]
expected
consent:urn:conformance.oidf:pfJHsulthk
2021-12-09 23:01:44 SUCCESS
EnsureScopeContainsAccounts
Found accounts scope in request
actual
[
  "openid",
  "consent:urn:conformance.oidf:pfJHsulthk",
  "accounts",
  "resources"
]
2021-12-09 23:01:44 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2021-12-09 23:01:44 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
geru-bank
2021-12-09 23:01:44 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
phyOLiRdDCE6NwM7DSglMivA4v1exvSh
2021-12-09 23:01:44 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
ObW-IqGP8TdEERvhwEKSfmbontoKar6IoyRr4_np8N0
2021-12-09 23:01:44 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance.oidf:pfJHsulthk",
    "creationDateTime": "2021-12-09T23:01:43Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2021-12-09T23:01:44Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-10T01:01:43Z",
    "transactionFromDateTime": "2021-12-09T22:56:43Z",
    "transactionToDateTime": "2021-12-10T01:01:43Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/geruconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2021-12-09T23:01:43Z"
  }
}
2021-12-09 23:01:44 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://scd-open-banking-frontend.dev.scd.open-co.tech",
  "state": "Eyoy-awX4TeSu2NHzL7eSU-SiDqV9yC_MrU426UQlL4"
}
2021-12-09 23:01:44 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://scd-open-banking-frontend.dev.scd.open-co.tech",
  "state": "Eyoy-awX4TeSu2NHzL7eSU-SiDqV9yC_MrU426UQlL4",
  "code": "phyOLiRdDCE6NwM7DSglMivA4v1exvSh"
}
2021-12-09 23:01:44
GenerateJARMResponseClaims
Created JARM response claims
iss
https://www.certification.openid.net/test/a/geru/
aud
geru-bank
code
phyOLiRdDCE6NwM7DSglMivA4v1exvSh
state
Eyoy-awX4TeSu2NHzL7eSU-SiDqV9yC_MrU426UQlL4
exp
1639091504
2021-12-09 23:01:44 SUCCESS
SignJARMResponse
Signed the JARM response
jarm_response
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJnZXJ1LWJhbmsiLCJjb2RlIjoicGh5T0xpUmREQ0U2TndNN0RTZ2xNaXZBNHYxZXh2U2giLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvZ2VydVwvIiwic3RhdGUiOiJFeW95LWF3WDRUZVN1Mk5Iekw3ZVNVLVNpRHFWOXlDX01yVTQyNlVRbEw0IiwiZXhwIjoxNjM5MDkxNTA0fQ.nTJkF0lmwbI4EHSjTAetichDIgXwEEk2XivsPK02ulY1oad6ocyOaaeg-QRTHpUOEB0CCEKKAjiz-BkYPAnHH8JLG3cXbu_kerD1UeDYf1BkuKzu1LZZNw97TsdnadIH7_Q95hl5qkLrLsuKFcadcUvxG5R7tt5VPI4OBUc7nVzMi-aw9taLwuk8LetcsocFwtFwqugiKgEdwoq2dHwZ4JiSDrFf8GhOIFYd6Z6ntXnQz7k1OMgh1XFwON3NMLqMnNwnTPItcRo1fm9qzE1_Hby-S0dS88sIKYXKNL41zgCbLhgQL2GQLtYH9QAQPDTcAX9Q2BrR2O2abbISdQLg_g
2021-12-09 23:01:44 INFO
EncryptJARMResponse
Skipped evaluation due to missing required element: client authorization_encrypted_response_alg
path
authorization_encrypted_response_alg
mapped
object
client
2021-12-09 23:01:44
SendJARMResponseWitResponseModeQuery
Redirecting back to client
uri
https://scd-open-banking-frontend.dev.scd.open-co.tech?response=eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJnZXJ1LWJhbmsiLCJjb2RlIjoicGh5T0xpUmREQ0U2TndNN0RTZ2xNaXZBNHYxZXh2U2giLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvZ2VydVwvIiwic3RhdGUiOiJFeW95LWF3WDRUZVN1Mk5Iekw3ZVNVLVNpRHFWOXlDX01yVTQyNlVRbEw0IiwiZXhwIjoxNjM5MDkxNTA0fQ.nTJkF0lmwbI4EHSjTAetichDIgXwEEk2XivsPK02ulY1oad6ocyOaaeg-QRTHpUOEB0CCEKKAjiz-BkYPAnHH8JLG3cXbu_kerD1UeDYf1BkuKzu1LZZNw97TsdnadIH7_Q95hl5qkLrLsuKFcadcUvxG5R7tt5VPI4OBUc7nVzMi-aw9taLwuk8LetcsocFwtFwqugiKgEdwoq2dHwZ4JiSDrFf8GhOIFYd6Z6ntXnQz7k1OMgh1XFwON3NMLqMnNwnTPItcRo1fm9qzE1_Hby-S0dS88sIKYXKNL41zgCbLhgQL2GQLtYH9QAQPDTcAX9Q2BrR2O2abbISdQLg_g
2021-12-09 23:01:44 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://scd-open-banking-frontend.dev.scd.open-co.tech?response=eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiJnZXJ1LWJhbmsiLCJjb2RlIjoicGh5T0xpUmREQ0U2TndNN0RTZ2xNaXZBNHYxZXh2U2giLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvZ2VydVwvIiwic3RhdGUiOiJFeW95LWF3WDRUZVN1Mk5Iekw3ZVNVLVNpRHFWOXlDX01yVTQyNlVRbEw0IiwiZXhwIjoxNjM5MDkxNTA0fQ.nTJkF0lmwbI4EHSjTAetichDIgXwEEk2XivsPK02ulY1oad6ocyOaaeg-QRTHpUOEB0CCEKKAjiz-BkYPAnHH8JLG3cXbu_kerD1UeDYf1BkuKzu1LZZNw97TsdnadIH7_Q95hl5qkLrLsuKFcadcUvxG5R7tt5VPI4OBUc7nVzMi-aw9taLwuk8LetcsocFwtFwqugiKgEdwoq2dHwZ4JiSDrFf8GhOIFYd6Z6ntXnQz7k1OMgh1XFwON3NMLqMnNwnTPItcRo1fm9qzE1_Hby-S0dS88sIKYXKNL41zgCbLhgQL2GQLtYH9QAQPDTcAX9Q2BrR2O2abbISdQLg_g]
outgoing_path
authorize
2021-12-09 23:01:45 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/geru/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-09 23:01:45 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-09 23:01:45 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/geru/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/geru/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/geru/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/geru/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/geru/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/geru/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/geru/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "tls_client_auth"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/geru/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "jwt"
  ],
  "authorization_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2021-12-09 23:01:45 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/geru/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2021-12-09 23:01:45 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2021-12-09 23:01:45 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
outgoing_path
jwks
2021-12-09 23:01:45 INCOMING
fapi1-advanced-final-client-test-invalid-aud
Incoming HTTP request to test instance qaRjsz53nN0nspg
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "content-length": "219",
  "connection": "close"
}
incoming_path
/test-mtls/a/geru/token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "phyOLiRdDCE6NwM7DSglMivA4v1exvSh",
  "redirect_uri": "https://scd-open-banking-frontend.dev.scd.open-co.tech",
  "code_verifier": "e2IR_fDlPnPadcysFJws6v5n1yPzd176vskMTtELc9A",
  "client_id": "geru-bank"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4 MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00 ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza 6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7 sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514 EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4 vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi 99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa HI5ipvGg/0g= -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=phyOLiRdDCE6NwM7DSglMivA4v1exvSh&redirect_uri=https%3A%2F%2Fscd-open-banking-frontend.dev.scd.open-co.tech&code_verifier=e2IR_fDlPnPadcysFJws6v5n1yPzd176vskMTtELc9A&client_id=geru-bank
2021-12-09 23:01:45 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2021-12-09 23:01:45 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4 MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00 ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza 6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7 sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514 EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4 vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi 99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa HI5ipvGg/0g\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4\nMDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS\nRVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj\nY2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz\nODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB\nAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00\nZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH\nMpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza\n6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf\nZ0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk\nj7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK\ntC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY\nUV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW\nBBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7\nsM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC\nMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls\nLm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud\nDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU\nMIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD\nZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj\nZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z\nIHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr\nIFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp\ndHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy\ndGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE\nBggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy\nYXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514\nEpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4\nvv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF\nNzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi\n99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M\nRyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa\nHI5ipvGg/0g\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d73885603-f3ff-41bf-b2b2-4f7ca9fe6076,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3337373633383437303030313338,CN\u003dgeru.com.br,OU\u003d0ca05092-025f-47c4-b878-4a03c150cccf,O\u003dGERU SOCIEDADE DE CREDITO DIRETO,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "geru.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2021-12-09 23:01:45 SUCCESS
CheckForClientCertificate
Found client certificate
2021-12-09 23:01:45 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG9DCCBdygAwIBAgIUHP7pETZ8wo3KhRaFkfUQK7ckwZYwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTAwODE4MDYwMFoXDTIyMTEwNzE4
MDYwMFowggEiMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xKTAnBgNVBAoTIEdFUlUgU09DSUVEQURFIERFIENSRURJVE8gRElS
RVRPMS0wKwYDVQQLEyQwY2EwNTA5Mi0wMjVmLTQ3YzQtYjg3OC00YTAzYzE1MGNj
Y2YxFDASBgNVBAMTC2dlcnUuY29tLmJyMRcwFQYDVQQFEw4zNzc2Mzg0NzAwMDEz
ODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIB
AxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ3Mzg4NTYwMy1mM2ZmLTQxYmYtYjJiMi00
ZjdjYTlmZTYwNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrJOCH
MpEDtdG4A9N7+xuah2UfuNAnWrc2ZKzYltRthR/7agiWIw8yqe/Pdh/oegvWHlza
6uQYeTvIL6YER/3O+D9g4VgWiKqh8tH/U0FC+9ZgRKmjFcJGmwaQa8EuyY7Dlxzf
Z0BpfteDV22XXRlovO41zXAGGWm4zQ+FlLmJgdJz+lGpCAR1tPsYjvlLFrZiM5jk
j7ho3ZuWoP3DcA74aGD86QFmyF+iWXiaPUJLpjfEWhpjfu6wLiNpLBbf2Le/7HCK
tC6IwASHTbhbbhiCImbnRmu9reUBENPHm/6RFtzviEa6KSHDMQVDhafgXTIUPfOY
UV3JZhA/yzGBWLltAgMBAAGjggLPMIICyzAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
BBQQ6aNldx5PKww0znqaQFe3t8D2DzAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7
sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3Nw
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBC
MECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2ls
Lm9yZy5ici9pc3N1ZXIuY3JsMBYGA1UdEQQPMA2CC2dlcnUuY29tLmJyMA4GA1Ud
DwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjCCAaEGA1UdIASCAZgwggGU
MIIBkAYKKwYBBAGDui9kATCCAYAwggE2BggrBgEFBQcCAjCCASgMggEkVGhpcyBD
ZXJ0aWZpY2F0ZSBpcyBzb2xlbHkgZm9yIHVzZSB3aXRoIFJhaWRpYW0gU2Vydmlj
ZXMgTGltaXRlZCBhbmQgb3RoZXIgcGFydGljaXBhdGluZyBvcmdhbmlzYXRpb25z
IHVzaW5nIFJhaWRpYW0gU2VydmljZXMgTGltaXRlZHMgVHJ1c3QgRnJhbWV3b3Jr
IFNlcnZpY2VzLiBJdHMgcmVjZWlwdCwgcG9zc2Vzc2lvbiBvciB1c2UgY29uc3Rp
dHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmFpZGlhbSBTZXJ2aWNlcyBMdGQgQ2Vy
dGljaWNhdGUgUG9saWN5IGFuZCByZWxhdGVkIGRvY3VtZW50cyB0aGVyZWluLjBE
BggrBgEFBQcCARY4aHR0cDovL2Nwcy5zYW5kYm94LnBraS5vcGVuYmFua2luZ2Jy
YXNpbC5vcmcuYnIvcG9saWNpZXMwDQYJKoZIhvcNAQELBQADggEBAElSrcNfZ514
EpOjwyueAMOcYvkjb1VUBQmSWMcZuKS/QoKbYuFn7qx9vn+id6O+a48h1k1MfFD4
vv8og6aKaEHHQn5tD6KBQoYlimvuVQkjupXPFFhlH8lMpPmWZ17LAnwjwdwDKdVF
NzVLHylg3s9T0DXh1uR1namY2uLD0jwHBnm2tqucjLZ/00pha2L4IT1fjw3OqIXi
99SSrtqExpWEZpXJSxBpfygWXl1IKvlveLTG3EzNpjGcKoudXFwqQvFQtiP9sQ3M
RyIF8QwW83IqpOIdXRw7nVgizujc0aTBUqlL7xGsjiR6JsiR+/3FNuJxpKVQ4pHa
HI5ipvGg/0g=
-----END CERTIFICATE-----
2021-12-09 23:01:45 SUCCESS
EnsureNoClientAssertionSentToTokenEndpoint
Client did not send a client_assertion to token endpoint
2021-12-09 23:01:45 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
phyOLiRdDCE6NwM7DSglMivA4v1exvSh
2021-12-09 23:01:45 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://scd-open-banking-frontend.dev.scd.open-co.tech
2021-12-09 23:01:45 SUCCESS
ValidateCodeVerifierWithS256
Validated code_verifier successfully
code_challenge_method
S256
code_verifier
e2IR_fDlPnPadcysFJws6v5n1yPzd176vskMTtELc9A
code_challenge
AF7wALrtqWllymCNsVww0Q0139otgpEtAxK3z1Y_tME
2021-12-09 23:01:45 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
UZNu2A78Npb9UfKbpmV5sG6YpfngriY1qwgMREFbZ9e9AlrYpb
2021-12-09 23:01:45 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
AIXnxWiF2BLe8l1pFXr-Ow
2021-12-09 23:01:45
CreateRefreshToken
Created refresh token
refresh_token
rMLiJESqqVmJpldbyrjOMvGORpeFpyQVcGwzxoPKDYYXLDhwcM1084403263\(=[&
2021-12-09 23:01:45 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/geru/
sub
user-subject-1234531
aud
geru-bank
nonce
ObW-IqGP8TdEERvhwEKSfmbontoKar6IoyRr4_np8N0
iat
1639090905
exp
1639091205
2021-12-09 23:01:45 SUCCESS
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Added claims to id_token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/geru/",
  "sub": "user-subject-1234531",
  "aud": "geru-bank",
  "nonce": "ObW-IqGP8TdEERvhwEKSfmbontoKar6IoyRr4_np8N0",
  "iat": 1639090905,
  "exp": 1639091205
}
2021-12-09 23:01:45 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
AIXnxWiF2BLe8l1pFXr-Ow
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/geru/",
  "sub": "user-subject-1234531",
  "aud": "geru-bank",
  "nonce": "ObW-IqGP8TdEERvhwEKSfmbontoKar6IoyRr4_np8N0",
  "iat": 1639090905,
  "exp": 1639091205,
  "at_hash": "AIXnxWiF2BLe8l1pFXr-Ow"
}
2021-12-09 23:01:45 SUCCESS
AddInvalidAudValueToIdToken
Added invalid aud to ID token claims
aud
geru-bank1
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/geru/",
  "sub": "user-subject-1234531",
  "aud": "geru-bank1",
  "nonce": "ObW-IqGP8TdEERvhwEKSfmbontoKar6IoyRr4_np8N0",
  "iat": 1639090905,
  "exp": 1639091205,
  "at_hash": "AIXnxWiF2BLe8l1pFXr-Ow"
}
2021-12-09 23:01:45 SUCCESS
FAPIBrazilAddACRClaimToIdTokenClaims
Added acr value to id_token_claims
acr_value
urn:brasil:openbanking:loa2
claims
{
  "iss": "https://www.certification.openid.net/test/a/geru/",
  "sub": "user-subject-1234531",
  "aud": "geru-bank1",
  "nonce": "ObW-IqGP8TdEERvhwEKSfmbontoKar6IoyRr4_np8N0",
  "iat": 1639090905,
  "exp": 1639091205,
  "at_hash": "AIXnxWiF2BLe8l1pFXr-Ow",
  "acr": "urn:brasil:openbanking:loa2"
}
2021-12-09 23:01:45 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiQUlYbnhXaUYyQkxlOGwxcEZYci1PdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiZ2VydS1iYW5rMSIsImFjciI6InVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMiIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9nZXJ1XC8iLCJleHAiOjE2MzkwOTEyMDUsIm5vbmNlIjoiT2JXLUlxR1A4VGRFRVJ2aHdFS1NmbWJvbnRvS2FyNklveVJyNF9ucDhOMCIsImlhdCI6MTYzOTA5MDkwNX0.KXLMsHeKcSlmHUUpbPBrISxNgX6kaHznN128FDG_PQB1il7bzCSyezzBtqL4XQM9P8Xh2KRIrC6fWZFewmxEHKa-W6MIY8Tab0Mwn8LfHdqx4LQZY329_agYF2zErQyLxX5xcgThZcbj4mknFd8bajuk63cahTgWx2xcwpe7GLbLoRc1eTVNmub-OW5sN_HfHs4-PDcO6AJ157M6UJA4pG-ky5F32GqClra3OYrkO3jtxjIp4c5iLovlGS7q7wuu1MlSz6GtRt7MXh5cgAkh5KqVnrZMiwILBh_oMILk6yMjzsPbm9xjTI6nC40x_fHjBxfxcuW4QZvC4HNFCHiM0Q
2021-12-09 23:01:45 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
UZNu2A78Npb9UfKbpmV5sG6YpfngriY1qwgMREFbZ9e9AlrYpb
token_type
Bearer
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiQUlYbnhXaUYyQkxlOGwxcEZYci1PdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiZ2VydS1iYW5rMSIsImFjciI6InVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMiIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9nZXJ1XC8iLCJleHAiOjE2MzkwOTEyMDUsIm5vbmNlIjoiT2JXLUlxR1A4VGRFRVJ2aHdFS1NmbWJvbnRvS2FyNklveVJyNF9ucDhOMCIsImlhdCI6MTYzOTA5MDkwNX0.KXLMsHeKcSlmHUUpbPBrISxNgX6kaHznN128FDG_PQB1il7bzCSyezzBtqL4XQM9P8Xh2KRIrC6fWZFewmxEHKa-W6MIY8Tab0Mwn8LfHdqx4LQZY329_agYF2zErQyLxX5xcgThZcbj4mknFd8bajuk63cahTgWx2xcwpe7GLbLoRc1eTVNmub-OW5sN_HfHs4-PDcO6AJ157M6UJA4pG-ky5F32GqClra3OYrkO3jtxjIp4c5iLovlGS7q7wuu1MlSz6GtRt7MXh5cgAkh5KqVnrZMiwILBh_oMILk6yMjzsPbm9xjTI6nC40x_fHjBxfxcuW4QZvC4HNFCHiM0Q
refresh_token
rMLiJESqqVmJpldbyrjOMvGORpeFpyQVcGwzxoPKDYYXLDhwcM1084403263\(=[&
scope
openid consent:urn:conformance.oidf:pfJHsulthk accounts resources
2021-12-09 23:01:45 OUTGOING
fapi1-advanced-final-client-test-invalid-aud
Response to HTTP request to test instance qaRjsz53nN0nspg
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "UZNu2A78Npb9UfKbpmV5sG6YpfngriY1qwgMREFbZ9e9AlrYpb",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiQUlYbnhXaUYyQkxlOGwxcEZYci1PdyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiZ2VydS1iYW5rMSIsImFjciI6InVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMiIsImlzcyI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9nZXJ1XC8iLCJleHAiOjE2MzkwOTEyMDUsIm5vbmNlIjoiT2JXLUlxR1A4VGRFRVJ2aHdFS1NmbWJvbnRvS2FyNklveVJyNF9ucDhOMCIsImlhdCI6MTYzOTA5MDkwNX0.KXLMsHeKcSlmHUUpbPBrISxNgX6kaHznN128FDG_PQB1il7bzCSyezzBtqL4XQM9P8Xh2KRIrC6fWZFewmxEHKa-W6MIY8Tab0Mwn8LfHdqx4LQZY329_agYF2zErQyLxX5xcgThZcbj4mknFd8bajuk63cahTgWx2xcwpe7GLbLoRc1eTVNmub-OW5sN_HfHs4-PDcO6AJ157M6UJA4pG-ky5F32GqClra3OYrkO3jtxjIp4c5iLovlGS7q7wuu1MlSz6GtRt7MXh5cgAkh5KqVnrZMiwILBh_oMILk6yMjzsPbm9xjTI6nC40x_fHjBxfxcuW4QZvC4HNFCHiM0Q",
  "refresh_token": "rMLiJESqqVmJpldbyrjOMvGORpeFpyQVcGwzxoPKDYYXLDhwcM1084403263\\(\u003d[\u0026",
  "scope": "openid consent:urn:conformance.oidf:pfJHsulthk accounts resources"
}
outgoing_path
token
2021-12-09 23:01:50 FINISHED
fapi1-advanced-final-client-test-invalid-aud
Test has run to completion
testmodule_result
PASSED
2021-12-09 23:01:53
TEST-RUNNER
Alias has now been claimed by another test
alias
geru
new_test_id
82j84JLTnX5UsjJ
Test Results