Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-01-13 13:24:28 INFO
TEST-RUNNER
Test instance UZpi0NP4BWxWNoe created
baseUrl
https://www.certification.openid.net/test/a/SafraRPTest
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "pushed",
  "fapi_jarm_type": "oidc",
  "fapi_profile": "openbanking_brazil",
  "fapi_response_mode": "plain_response"
}
alias
SafraRPTest
description
Safra Relying Party Test
planId
aHKQkRwE1nAwr
config
{
  "alias": "SafraRPTest",
  "description": "Safra Relying Party Test",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
          "kty": "RSA",
          "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
          "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
          "e": "AQAB",
          "alg": "PS256",
          "use": "sig",
          "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
          "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
          "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
          "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
          "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
          "x5c": [
            "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
          ]
        },
        {
          "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
          "kty": "RSA",
          "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
          "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
          "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
          "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
          "alg": "RSA-OAEP",
          "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
          "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
        }
      ]
    }
  },
  "client": {
    "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
    "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "e": "AQAB",
          "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
          "alg": "PS256",
          "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ"
        }
      ]
    }
  },
  "client2": {
    "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
    "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "e": "AQAB",
          "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
          "alg": "PS256",
          "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ",
          "use": "sig"
        },
        {
          "kty": "RSA",
          "e": "AQAB",
          "kid": "o_xvg824afVVwHrd1A7-zOGeH2yA0Y5aXdpOUOzj0dM",
          "n": "2ACeyabQj1JtNk8eKPs0dtPohlXzAjEzmn00NvZIDmAJP8qXgwjXmbeJJIpf2czYx8AOjWd4FjFdPPAubnCeAJkvG5xOF328KMXmpQFgmtKRaFhHgUCvmW_0uHYCvi-sR5ClYhJUnULmLCrt8q2hbODLuAuLpI4QsWtwJb3EsOjwjGCeSylm31UKL7aMuaPrzrtSijSkk2mBEpkA6yDeFXg8hUmmLbTdIHfhzYnEZ6KW8n1nJp3UcFXcMlIE09meffwqXHSrovJIk9qysUTv5hdatD0dZZDxPRQQ0qPN3wK8d8l4FMjJqHY6ifuV_qZu8WUSfe0VcCKDIez0X-C1xw",
          "use": "enc",
          "alg": "PS256"
        }
      ]
    },
    "id_token_encrypted_response_enc": "A256GCM"
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-refresh-token-test
2022-01-13 13:24:28 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/SafraRPTest/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/SafraRPTest/
discoveryUrl
https://www.certification.openid.net/test/a/SafraRPTest/.well-known/openid-configuration
2022-01-13 13:24:28 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2022-01-13 13:24:28 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-01-13 13:24:28
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2022-01-13 13:24:28
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/SafraRPTest/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2022-01-13 13:24:28
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/SafraRPTest/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2022-01-13 13:24:28
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/SafraRPTest/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2022-01-13 13:24:28
SetTokenEndpointAuthMethodsSupportedToPrivateKeyJWTOnly
Changed token_endpoint_auth_methods_supported to private_key_jwt only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/SafraRPTest/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ]
}
2022-01-13 13:24:28
AddPushedAuthorizationRequestEndpointToServerConfig
Added pushed_authorization_request_endpoint to server configuration
endpoint
https://www.certification.openid.net/test/a/SafraRPTest/par
2022-01-13 13:24:28
AddRequirePushedAuthorizationRequestsToServerConfig
Added require_pushed_authorization_requests to server configuration
value
true
2022-01-13 13:24:28 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2022-01-13 13:24:28 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2022-01-13 13:24:28 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-01-13 13:24:28 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2022-01-13 13:24:28 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2022-01-13 13:24:28 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
client_XUwBuUHRMTVHAleZEJxH18815
redirect_uri
https://portalspa-hml.safra.com.br/callback
certificate
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
      "alg": "PS256",
      "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ"
    }
  ]
}
2022-01-13 13:24:28 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-01-13 13:24:28 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
      "alg": "PS256",
      "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
      "alg": "PS256",
      "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ"
    }
  ]
}
2022-01-13 13:24:28 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-01-13 13:24:28 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-01-13 13:24:28 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
      "alg": "PS256",
      "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ"
    }
  ]
}
Verify configuration of second client
2022-01-13 13:24:28 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
client_XUwBuUHRMTVHAleZEJxH18815
redirect_uri
https://portalspa-hml.safra.com.br/callback
id_token_encrypted_response_alg
RSA-OAEP
certificate
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
      "alg": "PS256",
      "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ",
      "use": "sig"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "o_xvg824afVVwHrd1A7-zOGeH2yA0Y5aXdpOUOzj0dM",
      "n": "2ACeyabQj1JtNk8eKPs0dtPohlXzAjEzmn00NvZIDmAJP8qXgwjXmbeJJIpf2czYx8AOjWd4FjFdPPAubnCeAJkvG5xOF328KMXmpQFgmtKRaFhHgUCvmW_0uHYCvi-sR5ClYhJUnULmLCrt8q2hbODLuAuLpI4QsWtwJb3EsOjwjGCeSylm31UKL7aMuaPrzrtSijSkk2mBEpkA6yDeFXg8hUmmLbTdIHfhzYnEZ6KW8n1nJp3UcFXcMlIE09meffwqXHSrovJIk9qysUTv5hdatD0dZZDxPRQQ0qPN3wK8d8l4FMjJqHY6ifuV_qZu8WUSfe0VcCKDIez0X-C1xw",
      "use": "enc",
      "alg": "PS256"
    }
  ]
}
id_token_encrypted_response_enc
A256GCM
2022-01-13 13:24:28 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-01-13 13:24:28 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
      "alg": "PS256",
      "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ",
      "use": "sig"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "o_xvg824afVVwHrd1A7-zOGeH2yA0Y5aXdpOUOzj0dM",
      "n": "2ACeyabQj1JtNk8eKPs0dtPohlXzAjEzmn00NvZIDmAJP8qXgwjXmbeJJIpf2czYx8AOjWd4FjFdPPAubnCeAJkvG5xOF328KMXmpQFgmtKRaFhHgUCvmW_0uHYCvi-sR5ClYhJUnULmLCrt8q2hbODLuAuLpI4QsWtwJb3EsOjwjGCeSylm31UKL7aMuaPrzrtSijSkk2mBEpkA6yDeFXg8hUmmLbTdIHfhzYnEZ6KW8n1nJp3UcFXcMlIE09meffwqXHSrovJIk9qysUTv5hdatD0dZZDxPRQQ0qPN3wK8d8l4FMjJqHY6ifuV_qZu8WUSfe0VcCKDIez0X-C1xw",
      "use": "enc",
      "alg": "PS256"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
      "alg": "PS256",
      "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "o_xvg824afVVwHrd1A7-zOGeH2yA0Y5aXdpOUOzj0dM",
      "alg": "PS256",
      "n": "2ACeyabQj1JtNk8eKPs0dtPohlXzAjEzmn00NvZIDmAJP8qXgwjXmbeJJIpf2czYx8AOjWd4FjFdPPAubnCeAJkvG5xOF328KMXmpQFgmtKRaFhHgUCvmW_0uHYCvi-sR5ClYhJUnULmLCrt8q2hbODLuAuLpI4QsWtwJb3EsOjwjGCeSylm31UKL7aMuaPrzrtSijSkk2mBEpkA6yDeFXg8hUmmLbTdIHfhzYnEZ6KW8n1nJp3UcFXcMlIE09meffwqXHSrovJIk9qysUTv5hdatD0dZZDxPRQQ0qPN3wK8d8l4FMjJqHY6ifuV_qZu8WUSfe0VcCKDIez0X-C1xw"
    }
  ]
}
2022-01-13 13:24:28 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-01-13 13:24:28 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-01-13 13:24:28 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
      "alg": "PS256",
      "n": "2GRx6YnzhHGM5YfXoUYVk4SZsAv4u9hi72amXqxtksdBGc7l1DdZv4U6UZ--QPs2_nMtARHo1x91bRWbI9weqHwfwILiChy4gq3zchfF_PUn7o2tDipWLBVZfqO08B4qhqb5u-7KJ9RgqBUuWr3UJblQkAnWJl9h5AhsdTHDmmndUDnvHoojiaRmxU5IhNZeUx-BO7JpUxz5ZmUrxA279CMgVPnyQF9nh0yz9zWBMOyjYuMVzFEK6_7CX5gXh_wkKpd3YDmREzOYoL4egcOAysHRwfnby2ANlB0tnxQ55lZd0ZLLhOHV57ydx0GWbtHGCuVBT93ncWUL1i5L7PLwBQ",
      "use": "sig"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "kid": "o_xvg824afVVwHrd1A7-zOGeH2yA0Y5aXdpOUOzj0dM",
      "n": "2ACeyabQj1JtNk8eKPs0dtPohlXzAjEzmn00NvZIDmAJP8qXgwjXmbeJJIpf2czYx8AOjWd4FjFdPPAubnCeAJkvG5xOF328KMXmpQFgmtKRaFhHgUCvmW_0uHYCvi-sR5ClYhJUnULmLCrt8q2hbODLuAuLpI4QsWtwJb3EsOjwjGCeSylm31UKL7aMuaPrzrtSijSkk2mBEpkA6yDeFXg8hUmmLbTdIHfhzYnEZ6KW8n1nJp3UcFXcMlIE09meffwqXHSrovJIk9qysUTv5hdatD0dZZDxPRQQ0qPN3wK8d8l4FMjJqHY6ifuV_qZu8WUSfe0VcCKDIez0X-C1xw",
      "use": "enc",
      "alg": "PS256"
    }
  ]
}
2022-01-13 13:24:28
fapi1-advanced-final-client-refresh-token-test
Setup Done
2022-01-13 13:24:38 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-dynatrace": "FW4;-987853115;4;1343653795;350;0;-1738730375;368;2bcd;2h01;3h501687a3;4h015e;6h38f0e59d1898438a781ee361220c4c1e;7h11d1d313a428bbd7",
  "traceparent": "00-38f0e59d1898438a781ee361220c4c1e-11d1d313a428bbd7-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;4;501687a3;15e;0;0;0;170;61ab;2h01;3h501687a3;4h015e;7h11d1d313a428bbd7",
  "request-id": "|28c0d093-4449a4c379b97d24.1.",
  "connection": "close"
}
incoming_path
/test/a/SafraRPTest/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-01-13 13:24:38 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-01-13 13:24:38 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/SafraRPTest/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/SafraRPTest/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-01-13 13:24:39 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-dynatrace": "FW4;-987853115;4;1343653795;350;1;-1738730375;368;bad4;2h01;3h501687a3;4h015e;6h38f0e59d1898438a781ee361220c4c1e;7ha4b860fbb32d5e78",
  "traceparent": "00-38f0e59d1898438a781ee361220c4c1e-a4b860fbb32d5e78-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;4;501687a3;15e;1;0;0;170;9b89;2h01;3h501687a3;4h015e;7ha4b860fbb32d5e78",
  "request-id": "|28c0d093-4449a4c379b97d24.2.",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "1024",
  "connection": "close"
}
incoming_path
/test-mtls/a/SafraRPTest/token
incoming_body_form_params
{
  "scope": "consents",
  "grant_type": "client_credentials",
  "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjRmNDRmZWE0OGE5NjRlMTc5YzQ5MDk1ZTBmZDA5OGZmIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTc4LCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI3OCwibmJmIjoxNjQyMDgwMjc4fQ.SK77x3VuF9upaJYScSOY44-WNoeOpxm-ivToqoY2LWdOLl_tbj1D0SanmUA8mJzdsJ5O0V_BGGLhbyc_l089tlVGNzATMDB0KAfCW_KHAW6gcf1lpXDCcLp7XOATay9rK3kz-smeepm05mywjZRpUPCdLoILHKyCKWenA8lQFkJQfPNHsQRi0NNXT9k4MYZAREtW1NDSVCNT8dbtfe1o1j8gMiuBGbZQOOuaWSgEDF6rPuHqMju49d6RchqEGYLSYhh0dN5hOovADvL5TId_stjqdRShY4UtGoQ71Pg2Kdkq9acsQuy5JwDIZfQ3MVO0RAcQiePjzHqDBIC_k995ig",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
scope=consents&grant_type=client_credentials&client_id=client_XUwBuUHRMTVHAleZEJxH18815&client_assertion=eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjRmNDRmZWE0OGE5NjRlMTc5YzQ5MDk1ZTBmZDA5OGZmIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTc4LCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI3OCwibmJmIjoxNjQyMDgwMjc4fQ.SK77x3VuF9upaJYScSOY44-WNoeOpxm-ivToqoY2LWdOLl_tbj1D0SanmUA8mJzdsJ5O0V_BGGLhbyc_l089tlVGNzATMDB0KAfCW_KHAW6gcf1lpXDCcLp7XOATay9rK3kz-smeepm05mywjZRpUPCdLoILHKyCKWenA8lQFkJQfPNHsQRi0NNXT9k4MYZAREtW1NDSVCNT8dbtfe1o1j8gMiuBGbZQOOuaWSgEDF6rPuHqMju49d6RchqEGYLSYhh0dN5hOovADvL5TId_stjqdRShY4UtGoQ71Pg2Kdkq9acsQuy5JwDIZfQ3MVO0RAcQiePjzHqDBIC_k995ig&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-01-13 13:24:39 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-01-13 13:24:39 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d44b261bc-4f6f-44ce-b3d7-3f98a2b225f4,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3538313630373839303030313238,CN\u003d*.safra.com.br,OU\u003d709138dd-6e9d-5f96-bfff-69a5b2cb3ec0,O\u003dBCO SAFRA S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-mtls-hml.safra.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-01-13 13:24:39 SUCCESS
CheckForClientCertificate
Found client certificate
2022-01-13 13:24:39 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
2022-01-13 13:24:39 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjRmNDRmZWE0OGE5NjRlMTc5YzQ5MDk1ZTBmZDA5OGZmIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTc4LCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI3OCwibmJmIjoxNjQyMDgwMjc4fQ.SK77x3VuF9upaJYScSOY44-WNoeOpxm-ivToqoY2LWdOLl_tbj1D0SanmUA8mJzdsJ5O0V_BGGLhbyc_l089tlVGNzATMDB0KAfCW_KHAW6gcf1lpXDCcLp7XOATay9rK3kz-smeepm05mywjZRpUPCdLoILHKyCKWenA8lQFkJQfPNHsQRi0NNXT9k4MYZAREtW1NDSVCNT8dbtfe1o1j8gMiuBGbZQOOuaWSgEDF6rPuHqMju49d6RchqEGYLSYhh0dN5hOovADvL5TId_stjqdRShY4UtGoQ71Pg2Kdkq9acsQuy5JwDIZfQ3MVO0RAcQiePjzHqDBIC_k995ig",
  "header": {
    "x5t": "imeJtvhk1_UOZIIOKtvS3EW0nDo",
    "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "client_XUwBuUHRMTVHAleZEJxH18815",
    "aud": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "nbf": 1642080278,
    "iss": "client_XUwBuUHRMTVHAleZEJxH18815",
    "exp": 1642080578,
    "iat": 1642080278,
    "jti": "4f44fea48a964e179c49095e0fd098ff"
  }
}
2022-01-13 13:24:39
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-01-13 13:24:39 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjRmNDRmZWE0OGE5NjRlMTc5YzQ5MDk1ZTBmZDA5OGZmIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTc4LCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI3OCwibmJmIjoxNjQyMDgwMjc4fQ.SK77x3VuF9upaJYScSOY44-WNoeOpxm-ivToqoY2LWdOLl_tbj1D0SanmUA8mJzdsJ5O0V_BGGLhbyc_l089tlVGNzATMDB0KAfCW_KHAW6gcf1lpXDCcLp7XOATay9rK3kz-smeepm05mywjZRpUPCdLoILHKyCKWenA8lQFkJQfPNHsQRi0NNXT9k4MYZAREtW1NDSVCNT8dbtfe1o1j8gMiuBGbZQOOuaWSgEDF6rPuHqMju49d6RchqEGYLSYhh0dN5hOovADvL5TId_stjqdRShY4UtGoQ71Pg2Kdkq9acsQuy5JwDIZfQ3MVO0RAcQiePjzHqDBIC_k995ig
2022-01-13 13:24:39 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-01-13 13:24:39 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-01-13 13:24:39 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'consents' scope in request
actual
[
  "consents"
]
expected
consents
2022-01-13 13:24:39 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
KPjKB4uWyF2TGJlfi5BzNM44VBDdUhLQCutVRIlL8t0q5rvD6T
2022-01-13 13:24:39 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
KPjKB4uWyF2TGJlfi5BzNM44VBDdUhLQCutVRIlL8t0q5rvD6T
token_type
Bearer
2022-01-13 13:24:39
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2022-01-13 13:24:39 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "KPjKB4uWyF2TGJlfi5BzNM44VBDdUhLQCutVRIlL8t0q5rvD6T",
  "token_type": "Bearer"
}
outgoing_path
token
2022-01-13 13:24:41 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-dynatrace": "FW4;-987853115;4;1343653795;350;2;-1738730375;368;896e;2h01;3h501687a3;4h015e;6h38f0e59d1898438a781ee361220c4c1e;7h393240c28d55a9de",
  "traceparent": "00-38f0e59d1898438a781ee361220c4c1e-393240c28d55a9de-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;4;501687a3;15e;2;0;0;170;f474;2h01;3h501687a3;4h015e;7h393240c28d55a9de",
  "authorization": "Bearer KPjKB4uWyF2TGJlfi5BzNM44VBDdUhLQCutVRIlL8t0q5rvD6T",
  "request-id": "|28c0d093-4449a4c379b97d24.3.",
  "content-type": "application/json; charset\u003dutf-8",
  "content-length": "1078",
  "connection": "close"
}
incoming_path
/test-mtls/a/SafraRPTest/consents/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A== -----END CERTIFICATE-----
incoming_body_json
{
  "data": {
    "loggedUser": {
      "document": {
        "identification": "16881808852",
        "rel": "CPF"
      }
    },
    "permissions": [
      "CUSTOMERS_PERSONAL_IDENTIFICATIONS_READ",
      "CUSTOMERS_PERSONAL_ADITTIONALINFO_READ",
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "ACCOUNTS_OVERDRAFT_LIMITS_READ",
      "ACCOUNTS_TRANSACTIONS_READ",
      "CREDIT_CARDS_ACCOUNTS_READ",
      "CREDIT_CARDS_ACCOUNTS_LIMITS_READ",
      "CREDIT_CARDS_ACCOUNTS_TRANSACTIONS_READ",
      "CREDIT_CARDS_ACCOUNTS_BILLS_READ",
      "CREDIT_CARDS_ACCOUNTS_BILLS_TRANSACTIONS_READ",
      "RESOURCES_READ",
      "INVOICE_FINANCINGS_READ",
      "INVOICE_FINANCINGS_SCHEDULED_INSTALMENTS_READ",
      "INVOICE_FINANCINGS_PAYMENTS_READ",
      "INVOICE_FINANCINGS_WARRANTIES_READ",
      "FINANCINGS_READ",
      "FINANCINGS_SCHEDULED_INSTALMENTS_READ",
      "FINANCINGS_PAYMENTS_READ",
      "FINANCINGS_WARRANTIES_READ",
      "LOANS_READ",
      "LOANS_SCHEDULED_INSTALMENTS_READ",
      "LOANS_PAYMENTS_READ",
      "LOANS_WARRANTIES_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_SCHEDULED_INSTALMENTS_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_PAYMENTS_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_WARRANTIES_READ"
    ],
    "expirationDateTime": "2023-01-13T13:24:39Z"
  }
}
incoming_query_string_params
{}
incoming_body
{"data":{"loggedUser":{"document":{"identification":"16881808852","rel":"CPF"}},"permissions":["CUSTOMERS_PERSONAL_IDENTIFICATIONS_READ","CUSTOMERS_PERSONAL_ADITTIONALINFO_READ","ACCOUNTS_READ","ACCOUNTS_BALANCES_READ","ACCOUNTS_OVERDRAFT_LIMITS_READ","ACCOUNTS_TRANSACTIONS_READ","CREDIT_CARDS_ACCOUNTS_READ","CREDIT_CARDS_ACCOUNTS_LIMITS_READ","CREDIT_CARDS_ACCOUNTS_TRANSACTIONS_READ","CREDIT_CARDS_ACCOUNTS_BILLS_READ","CREDIT_CARDS_ACCOUNTS_BILLS_TRANSACTIONS_READ","RESOURCES_READ","INVOICE_FINANCINGS_READ","INVOICE_FINANCINGS_SCHEDULED_INSTALMENTS_READ","INVOICE_FINANCINGS_PAYMENTS_READ","INVOICE_FINANCINGS_WARRANTIES_READ","FINANCINGS_READ","FINANCINGS_SCHEDULED_INSTALMENTS_READ","FINANCINGS_PAYMENTS_READ","FINANCINGS_WARRANTIES_READ","LOANS_READ","LOANS_SCHEDULED_INSTALMENTS_READ","LOANS_PAYMENTS_READ","LOANS_WARRANTIES_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_SCHEDULED_INSTALMENTS_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_PAYMENTS_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_WARRANTIES_READ"],"expirationDateTime":"2023-01-13T13:24:39Z"}}
2022-01-13 13:24:41 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2022-01-13 13:24:41 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d44b261bc-4f6f-44ce-b3d7-3f98a2b225f4,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3538313630373839303030313238,CN\u003d*.safra.com.br,OU\u003d709138dd-6e9d-5f96-bfff-69a5b2cb3ec0,O\u003dBCO SAFRA S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-mtls-hml.safra.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-01-13 13:24:41 SUCCESS
CheckForClientCertificate
Found client certificate
2022-01-13 13:24:41 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
2022-01-13 13:24:41 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2022-01-13 13:24:41 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2022-01-13 13:24:41 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
KPjKB4uWyF2TGJlfi5BzNM44VBDdUhLQCutVRIlL8t0q5rvD6T
2022-01-13 13:24:41 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
KPjKB4uWyF2TGJlfi5BzNM44VBDdUhLQCutVRIlL8t0q5rvD6T
2022-01-13 13:24:41 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2022-01-13 13:24:41 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2022-01-13 13:24:41 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2022-01-13 13:24:41 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedConsents
The token request which was used to obtain the access token contained 'consents' scope
actual
[
  "consents"
]
2022-01-13 13:24:41
FAPIBrazilExtractConsentRequest
Condition ran but did not log anything
2022-01-13 13:24:41 SUCCESS
CreateFapiInteractionIdIfNeeded
Created new FAPI interaction ID
fapi_interaction_id
079d4351-5f48-4823-bfc5-a8b58ba64f55
2022-01-13 13:24:41 SUCCESS
FAPIBrazilGenerateNewConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "079d4351-5f48-4823-bfc5-a8b58ba64f55"
}
consentId
urn:conformance.oidf:iasxbsXGCg
consent_response
{
  "data": {
    "consentId": "urn:conformance.oidf:iasxbsXGCg",
    "creationDateTime": "2022-01-13T13:24:41Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2022-01-13T13:24:41Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2022-01-13T15:24:41Z",
    "transactionFromDateTime": "2022-01-13T13:19:41Z",
    "transactionToDateTime": "2022-01-13T15:24:41Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/SafraRPTestconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-01-13T13:24:41Z"
  }
}
2022-01-13 13:24:41
ClearAccessTokenFromRequest
Condition ran but did not log anything
2022-01-13 13:24:41 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "079d4351-5f48-4823-bfc5-a8b58ba64f55"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance.oidf:iasxbsXGCg",
    "creationDateTime": "2022-01-13T13:24:41Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2022-01-13T13:24:41Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2022-01-13T15:24:41Z",
    "transactionFromDateTime": "2022-01-13T13:19:41Z",
    "transactionToDateTime": "2022-01-13T15:24:41Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/SafraRPTestconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-01-13T13:24:41Z"
  }
}
outgoing_path
consents/v1/consents
2022-01-13 13:24:42 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-dynatrace": "FW4;-987853115;4;1343653795;350;3;-1738730375;368;a741;2h01;3h501687a3;4h015e;6h38f0e59d1898438a781ee361220c4c1e;7h2e8e864de8a2c917",
  "traceparent": "00-38f0e59d1898438a781ee361220c4c1e-2e8e864de8a2c917-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;4;501687a3;15e;3;0;0;170;9dd9;2h01;3h501687a3;4h015e;7h2e8e864de8a2c917",
  "request-id": "|28c0d093-4449a4c379b97d24.4.",
  "content-type": "application/x-www-form-urlencoded",
  "x-cert": "System.Security.Cryptography.RSAOpenSsl",
  "content-length": "2224",
  "connection": "close"
}
incoming_path
/test-mtls/a/SafraRPTest/par
incoming_body_form_params
{
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6ImI5NWUxMzIzODE4ZTRjNDY4NDVlY2MyOGM1MDBjNTFiIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9TYWZyYVJQVGVzdC8iLCJleHAiOjE2NDIwODA1ODEsImlzcyI6ImNsaWVudF9YVXdCdVVIUk1UVkhBbGVaRUp4SDE4ODE1IiwiaWF0IjoxNjQyMDgwMjgxLCJuYmYiOjE2NDIwODAyODF9.pYehwKrf90GxrHa7c2_kXmuo993_XRDQkiOMdtLgLMj9-gmmLlkb_A0joos6Mtngl6NY9PHU8sLTXdZLOixaDQ0nKHiaossknkkrg7iyf3vgT3Yh96eS0kEFIhX0-lftzl0LrCl0uSZn9XngA5onmpnpj6rIyZMNhB6lP1MYsLNDWcr__Z4lFQkC8LQ1tIVf_yUXUrsGSNZFfmRXD3vMeryqtVe4xEQP43kQpHJyL6u9Xd6ylmuDTXA-KaRqt2JfiH280t8kLabaWpvV90iN7Vs-700C6CnsstvaMhmJbd_SmV-38D1ZYWEPLjrS1VSZ675VxGduI3DAci4BDYENug",
  "request": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgifQ.eyJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL1NhZnJhUlBUZXN0LyIsIm5iZiI6MTY0MjA4MDI4MSwic2NvcGUiOiJvcGVuaWQgY29uc2VudHMgY3VzdG9tZXJzIGFjY291bnRzIGNyZWRpdC1jYXJkcy1hY2NvdW50cyByZXNvdXJjZXMgaW52b2ljZS1maW5hbmNpbmdzIGZpbmFuY2luZ3MgbG9hbnMgdW5hcnJhbmdlZC1hY2NvdW50cy1vdmVyZHJhZnQgY29uc2VudDp1cm46Y29uZm9ybWFuY2Uub2lkZjppYXN4YnNYR0NnIiwiaXNzIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vcG9ydGFsc3BhLWhtbC5zYWZyYS5jb20uYnIvY2FsbGJhY2siLCJzdGF0ZSI6ImIyNDA3OGUyMzE5YjQwYjNhZDk0NjIyN2M1MmYxNTRlIiwiZXhwIjoxNjQyMDgwNTgxLCJub25jZSI6ImVjYjg3NGE5MzcyNzRkMTg5MWYzZGU0NzFjZjA3NzE2IiwiY2xpZW50X2lkIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiY29kZV9jaGFsbGVuZ2UiOiI3WTFLcHd1VllrYzM3OWh1enc3Tmw3SU5lM19SaDFHRVVHdUExMUw1Nl9vIn0.PQRcwHFssH5oAj8w_xJq9sMDxcQbHP6tn_6q_7hnDS91dUxGv_-_W9Jv5io66JA40s0eDdSv0OlTUt5mNVB2ORn1c-zov46BwJDBzHX1QA5_tDm-7jwcwgr5LAsrVaV8EVJkWOgMK5djsENq-5kk2C3F92vt7KCzOx1b5ci8EHb7CnhynWczDc1qLH45qRJOL8pv9gRLRbvXTSTYc_rAMu_SAQbAQePHb0KlgCkqPq41z9XRcd4l8LZltjkz8q4aFRs9b5AefdvqjjZjKct2LHSthE4JCTfq5ugh6vZ3Gc2WkAUVdS20u7uBSqLPa5E-PrwUvNCr11aCXQ4FK_Y3CA"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6ImI5NWUxMzIzODE4ZTRjNDY4NDVlY2MyOGM1MDBjNTFiIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9TYWZyYVJQVGVzdC8iLCJleHAiOjE2NDIwODA1ODEsImlzcyI6ImNsaWVudF9YVXdCdVVIUk1UVkhBbGVaRUp4SDE4ODE1IiwiaWF0IjoxNjQyMDgwMjgxLCJuYmYiOjE2NDIwODAyODF9.pYehwKrf90GxrHa7c2_kXmuo993_XRDQkiOMdtLgLMj9-gmmLlkb_A0joos6Mtngl6NY9PHU8sLTXdZLOixaDQ0nKHiaossknkkrg7iyf3vgT3Yh96eS0kEFIhX0-lftzl0LrCl0uSZn9XngA5onmpnpj6rIyZMNhB6lP1MYsLNDWcr__Z4lFQkC8LQ1tIVf_yUXUrsGSNZFfmRXD3vMeryqtVe4xEQP43kQpHJyL6u9Xd6ylmuDTXA-KaRqt2JfiH280t8kLabaWpvV90iN7Vs-700C6CnsstvaMhmJbd_SmV-38D1ZYWEPLjrS1VSZ675VxGduI3DAci4BDYENug&request=eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgifQ.eyJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL1NhZnJhUlBUZXN0LyIsIm5iZiI6MTY0MjA4MDI4MSwic2NvcGUiOiJvcGVuaWQgY29uc2VudHMgY3VzdG9tZXJzIGFjY291bnRzIGNyZWRpdC1jYXJkcy1hY2NvdW50cyByZXNvdXJjZXMgaW52b2ljZS1maW5hbmNpbmdzIGZpbmFuY2luZ3MgbG9hbnMgdW5hcnJhbmdlZC1hY2NvdW50cy1vdmVyZHJhZnQgY29uc2VudDp1cm46Y29uZm9ybWFuY2Uub2lkZjppYXN4YnNYR0NnIiwiaXNzIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vcG9ydGFsc3BhLWhtbC5zYWZyYS5jb20uYnIvY2FsbGJhY2siLCJzdGF0ZSI6ImIyNDA3OGUyMzE5YjQwYjNhZDk0NjIyN2M1MmYxNTRlIiwiZXhwIjoxNjQyMDgwNTgxLCJub25jZSI6ImVjYjg3NGE5MzcyNzRkMTg5MWYzZGU0NzFjZjA3NzE2IiwiY2xpZW50X2lkIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiY29kZV9jaGFsbGVuZ2UiOiI3WTFLcHd1VllrYzM3OWh1enc3Tmw3SU5lM19SaDFHRVVHdUExMUw1Nl9vIn0.PQRcwHFssH5oAj8w_xJq9sMDxcQbHP6tn_6q_7hnDS91dUxGv_-_W9Jv5io66JA40s0eDdSv0OlTUt5mNVB2ORn1c-zov46BwJDBzHX1QA5_tDm-7jwcwgr5LAsrVaV8EVJkWOgMK5djsENq-5kk2C3F92vt7KCzOx1b5ci8EHb7CnhynWczDc1qLH45qRJOL8pv9gRLRbvXTSTYc_rAMu_SAQbAQePHb0KlgCkqPq41z9XRcd4l8LZltjkz8q4aFRs9b5AefdvqjjZjKct2LHSthE4JCTfq5ugh6vZ3Gc2WkAUVdS20u7uBSqLPa5E-PrwUvNCr11aCXQ4FK_Y3CA
2022-01-13 13:24:42 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
PAR endpoint
2022-01-13 13:24:42 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d44b261bc-4f6f-44ce-b3d7-3f98a2b225f4,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3538313630373839303030313238,CN\u003d*.safra.com.br,OU\u003d709138dd-6e9d-5f96-bfff-69a5b2cb3ec0,O\u003dBCO SAFRA S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-mtls-hml.safra.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-01-13 13:24:42 SUCCESS
CheckForClientCertificate
Found client certificate
2022-01-13 13:24:42 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
2022-01-13 13:24:42 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6ImI5NWUxMzIzODE4ZTRjNDY4NDVlY2MyOGM1MDBjNTFiIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9TYWZyYVJQVGVzdC8iLCJleHAiOjE2NDIwODA1ODEsImlzcyI6ImNsaWVudF9YVXdCdVVIUk1UVkhBbGVaRUp4SDE4ODE1IiwiaWF0IjoxNjQyMDgwMjgxLCJuYmYiOjE2NDIwODAyODF9.pYehwKrf90GxrHa7c2_kXmuo993_XRDQkiOMdtLgLMj9-gmmLlkb_A0joos6Mtngl6NY9PHU8sLTXdZLOixaDQ0nKHiaossknkkrg7iyf3vgT3Yh96eS0kEFIhX0-lftzl0LrCl0uSZn9XngA5onmpnpj6rIyZMNhB6lP1MYsLNDWcr__Z4lFQkC8LQ1tIVf_yUXUrsGSNZFfmRXD3vMeryqtVe4xEQP43kQpHJyL6u9Xd6ylmuDTXA-KaRqt2JfiH280t8kLabaWpvV90iN7Vs-700C6CnsstvaMhmJbd_SmV-38D1ZYWEPLjrS1VSZ675VxGduI3DAci4BDYENug",
  "header": {
    "x5t": "imeJtvhk1_UOZIIOKtvS3EW0nDo",
    "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "client_XUwBuUHRMTVHAleZEJxH18815",
    "aud": "https://www.certification.openid.net/test/a/SafraRPTest/",
    "nbf": 1642080281,
    "iss": "client_XUwBuUHRMTVHAleZEJxH18815",
    "exp": 1642080581,
    "iat": 1642080281,
    "jti": "b95e1323818e4c46845ecc28c500c51b"
  }
}
2022-01-13 13:24:42
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-01-13 13:24:42 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6ImI5NWUxMzIzODE4ZTRjNDY4NDVlY2MyOGM1MDBjNTFiIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9TYWZyYVJQVGVzdC8iLCJleHAiOjE2NDIwODA1ODEsImlzcyI6ImNsaWVudF9YVXdCdVVIUk1UVkhBbGVaRUp4SDE4ODE1IiwiaWF0IjoxNjQyMDgwMjgxLCJuYmYiOjE2NDIwODAyODF9.pYehwKrf90GxrHa7c2_kXmuo993_XRDQkiOMdtLgLMj9-gmmLlkb_A0joos6Mtngl6NY9PHU8sLTXdZLOixaDQ0nKHiaossknkkrg7iyf3vgT3Yh96eS0kEFIhX0-lftzl0LrCl0uSZn9XngA5onmpnpj6rIyZMNhB6lP1MYsLNDWcr__Z4lFQkC8LQ1tIVf_yUXUrsGSNZFfmRXD3vMeryqtVe4xEQP43kQpHJyL6u9Xd6ylmuDTXA-KaRqt2JfiH280t8kLabaWpvV90iN7Vs-700C6CnsstvaMhmJbd_SmV-38D1ZYWEPLjrS1VSZ675VxGduI3DAci4BDYENug
2022-01-13 13:24:42 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-01-13 13:24:42 SUCCESS
ValidateClientAssertionClaimsForPAREndpoint
Client Assertion passed all validation checks
2022-01-13 13:24:42 SUCCESS
ExtractRequestObjectFromPAREndpointRequest
Parsed request object
request_object
{
  "value": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgifQ.eyJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL1NhZnJhUlBUZXN0LyIsIm5iZiI6MTY0MjA4MDI4MSwic2NvcGUiOiJvcGVuaWQgY29uc2VudHMgY3VzdG9tZXJzIGFjY291bnRzIGNyZWRpdC1jYXJkcy1hY2NvdW50cyByZXNvdXJjZXMgaW52b2ljZS1maW5hbmNpbmdzIGZpbmFuY2luZ3MgbG9hbnMgdW5hcnJhbmdlZC1hY2NvdW50cy1vdmVyZHJhZnQgY29uc2VudDp1cm46Y29uZm9ybWFuY2Uub2lkZjppYXN4YnNYR0NnIiwiaXNzIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vcG9ydGFsc3BhLWhtbC5zYWZyYS5jb20uYnIvY2FsbGJhY2siLCJzdGF0ZSI6ImIyNDA3OGUyMzE5YjQwYjNhZDk0NjIyN2M1MmYxNTRlIiwiZXhwIjoxNjQyMDgwNTgxLCJub25jZSI6ImVjYjg3NGE5MzcyNzRkMTg5MWYzZGU0NzFjZjA3NzE2IiwiY2xpZW50X2lkIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiY29kZV9jaGFsbGVuZ2UiOiI3WTFLcHd1VllrYzM3OWh1enc3Tmw3SU5lM19SaDFHRVVHdUExMUw1Nl9vIn0.PQRcwHFssH5oAj8w_xJq9sMDxcQbHP6tn_6q_7hnDS91dUxGv_-_W9Jv5io66JA40s0eDdSv0OlTUt5mNVB2ORn1c-zov46BwJDBzHX1QA5_tDm-7jwcwgr5LAsrVaV8EVJkWOgMK5djsENq-5kk2C3F92vt7KCzOx1b5ci8EHb7CnhynWczDc1qLH45qRJOL8pv9gRLRbvXTSTYc_rAMu_SAQbAQePHb0KlgCkqPq41z9XRcd4l8LZltjkz8q4aFRs9b5AefdvqjjZjKct2LHSthE4JCTfq5ugh6vZ3Gc2WkAUVdS20u7uBSqLPa5E-PrwUvNCr11aCXQ4FK_Y3CA",
  "header": {
    "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
    "alg": "PS256"
  },
  "claims": {
    "aud": "https://www.certification.openid.net/test/a/SafraRPTest/",
    "nbf": 1642080281,
    "scope": "openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg",
    "iss": "client_XUwBuUHRMTVHAleZEJxH18815",
    "response_type": "code id_token",
    "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
    "state": "b24078e2319b40b3ad946227c52f154e",
    "code_challenge_method": "S256",
    "exp": 1642080581,
    "nonce": "ecb874a937274d1891f3de471cf07716",
    "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
    "code_challenge": "7Y1KpwuVYkc379huzw7Nl7INe3_Rh1GEUGuA11L56_o"
  }
}
2022-01-13 13:24:42 SUCCESS
EnsurePAREndpointRequestDoesNotContainRequestUriParameter
PAR endpoint request does not contain a request_uri parameter
2022-01-13 13:24:42 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2022-01-13 13:24:42 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2022-01-13 13:24:42
FAPIBrazilValidateRequestObjectIdTokenACRClaims
acr claim is not requested
2022-01-13 13:24:42 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Jan 13, 2022, 1:29:41 PM"
2022-01-13 13:24:42 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Jan 13, 2022, 1:24:41 PM"
now
"Jan 13, 2022, 1:24:42 PM"
2022-01-13 13:24:42 INFO
ValidateRequestObjectClaims
Missing issuance time
2022-01-13 13:24:42
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2022-01-13 13:24:42 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2022-01-13 13:24:42 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2022-01-13 13:24:42 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2022-01-13 13:24:42 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2022-01-13 13:24:42 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgifQ.eyJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL1NhZnJhUlBUZXN0LyIsIm5iZiI6MTY0MjA4MDI4MSwic2NvcGUiOiJvcGVuaWQgY29uc2VudHMgY3VzdG9tZXJzIGFjY291bnRzIGNyZWRpdC1jYXJkcy1hY2NvdW50cyByZXNvdXJjZXMgaW52b2ljZS1maW5hbmNpbmdzIGZpbmFuY2luZ3MgbG9hbnMgdW5hcnJhbmdlZC1hY2NvdW50cy1vdmVyZHJhZnQgY29uc2VudDp1cm46Y29uZm9ybWFuY2Uub2lkZjppYXN4YnNYR0NnIiwiaXNzIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vcG9ydGFsc3BhLWhtbC5zYWZyYS5jb20uYnIvY2FsbGJhY2siLCJzdGF0ZSI6ImIyNDA3OGUyMzE5YjQwYjNhZDk0NjIyN2M1MmYxNTRlIiwiZXhwIjoxNjQyMDgwNTgxLCJub25jZSI6ImVjYjg3NGE5MzcyNzRkMTg5MWYzZGU0NzFjZjA3NzE2IiwiY2xpZW50X2lkIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiY29kZV9jaGFsbGVuZ2UiOiI3WTFLcHd1VllrYzM3OWh1enc3Tmw3SU5lM19SaDFHRVVHdUExMUw1Nl9vIn0.PQRcwHFssH5oAj8w_xJq9sMDxcQbHP6tn_6q_7hnDS91dUxGv_-_W9Jv5io66JA40s0eDdSv0OlTUt5mNVB2ORn1c-zov46BwJDBzHX1QA5_tDm-7jwcwgr5LAsrVaV8EVJkWOgMK5djsENq-5kk2C3F92vt7KCzOx1b5ci8EHb7CnhynWczDc1qLH45qRJOL8pv9gRLRbvXTSTYc_rAMu_SAQbAQePHb0KlgCkqPq41z9XRcd4l8LZltjkz8q4aFRs9b5AefdvqjjZjKct2LHSthE4JCTfq5ugh6vZ3Gc2WkAUVdS20u7uBSqLPa5E-PrwUvNCr11aCXQ4FK_Y3CA
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 27317005133317805192806760528852339923492353512235657242373770667550482636383058152241763242899243590510886742369909995744634317769376156025319367773285730731881660146466929919531999356316138694239765585923733085598540913159621964662231658995625650459587810069348726397568662051897147600110311023758046324349410668829004864378877917443777578185960111723181521868093201680907747046475384551022492435381540942020065252906547519942072030894200912668741513959140858170657378829949009347461870925320758566164123500357237516086049488677768389753461936607006172049603857829706031784001244671456119721973322682338748251959301
  public exponent: 65537
2022-01-13 13:24:42 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://portalspa-hml.safra.com.br/callback
2022-01-13 13:24:42 SUCCESS
EnsureRequestObjectContainsCodeChallengeWhenUsingPAR
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
7Y1KpwuVYkc379huzw7Nl7INe3_Rh1GEUGuA11L56_o
2022-01-13 13:24:42 SUCCESS
CreatePAREndpointResponse
Created PAR endpoint response
request_uri
urn:ietf:params:oauth:request_uri:41ea5411-89a2-4f6e-a063-40159c3ec4fd
expires_in
600
2022-01-13 13:24:42 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "request_uri": "urn:ietf:params:oauth:request_uri:41ea5411-89a2-4f6e-a063-40159c3ec4fd",
  "expires_in": 600
}
outgoing_path
par
2022-01-13 13:24:47 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\" Not;A Brand\";v\u003d\"99\", \"Google Chrome\";v\u003d\"97\", \"Chromium\";v\u003d\"97\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "none",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "pt-BR,pt;q\u003d0.9,en-US;q\u003d0.8,en;q\u003d0.7",
  "cookie": "__utmc\u003d201319536; __utma\u003d201319536.1341971708.1631915075.1641907690.1641941726.54; __utmz\u003d201319536.1641941726.54.15.utmcsr\u003dcertification.openid.net|utmccn\u003d(referral)|utmcmd\u003dreferral|utmcct\u003d/; JSESSIONID\u003d40F71EE6E98199D2EFB00F5ABE31D541",
  "connection": "close"
}
incoming_path
/test/a/SafraRPTest/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "request_uri": "urn:ietf:params:oauth:request_uri:41ea5411-89a2-4f6e-a063-40159c3ec4fd",
  "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
  "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
  "scope": "openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg",
  "response_type": "code id_token"
}
incoming_body
2022-01-13 13:24:47 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2022-01-13 13:24:47 SUCCESS
EnsureAuthorizationRequestDoesNotContainRequestWhenUsingPAR
Request does not contain a request parameter
2022-01-13 13:24:47 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2022-01-13 13:24:47 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
  "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
  "scope": "openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg",
  "response_type": "code id_token",
  "aud": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "nbf": 1642080281,
  "iss": "client_XUwBuUHRMTVHAleZEJxH18815",
  "state": "b24078e2319b40b3ad946227c52f154e",
  "code_challenge_method": "S256",
  "exp": 1642080581,
  "nonce": "ecb874a937274d1891f3de471cf07716",
  "code_challenge": "7Y1KpwuVYkc379huzw7Nl7INe3_Rh1GEUGuA11L56_o"
}
2022-01-13 13:24:47 SUCCESS
EnsureClientIdInAuthorizationRequestParametersMatchRequestObject
client_id http request parameter value matches client_id in request object
2022-01-13 13:24:47 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg
2022-01-13 13:24:47 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "openid",
  "consents",
  "customers",
  "accounts",
  "credit-cards-accounts",
  "resources",
  "invoice-financings",
  "financings",
  "loans",
  "unarranged-accounts-overdraft",
  "consent:urn:conformance.oidf:iasxbsXGCg"
]
expected
consent:urn:conformance.oidf:iasxbsXGCg
2022-01-13 13:24:47 SUCCESS
EnsureScopeContainsAccounts
Found accounts scope in request
actual
[
  "openid",
  "consents",
  "customers",
  "accounts",
  "credit-cards-accounts",
  "resources",
  "invoice-financings",
  "financings",
  "loans",
  "unarranged-accounts-overdraft",
  "consent:urn:conformance.oidf:iasxbsXGCg"
]
2022-01-13 13:24:47 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2022-01-13 13:24:47 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "consents",
  "customers",
  "accounts",
  "credit-cards-accounts",
  "resources",
  "invoice-financings",
  "financings",
  "loans",
  "unarranged-accounts-overdraft",
  "consent:urn:conformance.oidf:iasxbsXGCg"
]
expected
openid
2022-01-13 13:24:47 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
client_XUwBuUHRMTVHAleZEJxH18815
2022-01-13 13:24:47 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
iLyddCZP3X3fDPEktKRCMjc7NZ6Ugr7r
2022-01-13 13:24:47 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
ecb874a937274d1891f3de471cf07716
2022-01-13 13:24:47 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
2VZahXmXQc_6TdhUnJiH_A
2022-01-13 13:24:47 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
wRFe-iiLRyP0Q60_QcB8qg
2022-01-13 13:24:47 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/SafraRPTest/
sub
user-subject-1234531
aud
client_XUwBuUHRMTVHAleZEJxH18815
nonce
ecb874a937274d1891f3de471cf07716
iat
1642080287
exp
1642080587
2022-01-13 13:24:47
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2022-01-13 13:24:47 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
2VZahXmXQc_6TdhUnJiH_A
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "sub": "user-subject-1234531",
  "aud": "client_XUwBuUHRMTVHAleZEJxH18815",
  "nonce": "ecb874a937274d1891f3de471cf07716",
  "iat": 1642080287,
  "exp": 1642080587,
  "c_hash": "2VZahXmXQc_6TdhUnJiH_A"
}
2022-01-13 13:24:47 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
wRFe-iiLRyP0Q60_QcB8qg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "sub": "user-subject-1234531",
  "aud": "client_XUwBuUHRMTVHAleZEJxH18815",
  "nonce": "ecb874a937274d1891f3de471cf07716",
  "iat": 1642080287,
  "exp": 1642080587,
  "c_hash": "2VZahXmXQc_6TdhUnJiH_A",
  "s_hash": "wRFe-iiLRyP0Q60_QcB8qg"
}
2022-01-13 13:24:47 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2022-01-13 13:24:47 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2022-01-13 13:24:47 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9YVXdCdVVIUk1UVkhBbGVaRUp4SDE4ODE1IiwiY19oYXNoIjoiMlZaYWhYbVhRY182VGRoVW5KaUhfQSIsInNfaGFzaCI6IndSRmUtaWlMUnlQMFE2MF9RY0I4cWciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvU2FmcmFSUFRlc3RcLyIsImV4cCI6MTY0MjA4MDU4Nywibm9uY2UiOiJlY2I4NzRhOTM3Mjc0ZDE4OTFmM2RlNDcxY2YwNzcxNiIsImlhdCI6MTY0MjA4MDI4N30.mL2HBzQPqTE3rPuNYif44Gogz-a7zDGBpO7c2ke1KqZXeFKVnGnbn-b2FzGYgiDqiEW-3dbv1jXdgD4ZLYU7q_uYE4s2EAQgLhr-d45IMzrSeFBuawjFrNvU_n7E66I7DCEj3sMlTPYNE1HjmmcF6mQZIylMtf8J7vxEl_aXq3XQQz85lCLZhuWOW_S6pmpEqelnzXA8uxeibEkBIx140Z7AVsRjTGH1XcwctDExApRM9Pz5ibPDVqala4jF_EgnmuTxnEYui5Bem8dMkN9YxUTjce6oD0yhVhZCU83E_5zKDtbh5XTwPo7yi8_lgat7lZJIpIPY_w5SMhwRpHf4LA
2022-01-13 13:24:47 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance.oidf:iasxbsXGCg",
    "creationDateTime": "2022-01-13T13:24:41Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2022-01-13T13:24:47Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2022-01-13T15:24:41Z",
    "transactionFromDateTime": "2022-01-13T13:19:41Z",
    "transactionToDateTime": "2022-01-13T15:24:41Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/SafraRPTestconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-01-13T13:24:41Z"
  }
}
2022-01-13 13:24:47 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
  "state": "b24078e2319b40b3ad946227c52f154e"
}
2022-01-13 13:24:47 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
  "state": "b24078e2319b40b3ad946227c52f154e",
  "code": "iLyddCZP3X3fDPEktKRCMjc7NZ6Ugr7r"
}
2022-01-13 13:24:47 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
  "state": "b24078e2319b40b3ad946227c52f154e",
  "code": "iLyddCZP3X3fDPEktKRCMjc7NZ6Ugr7r",
  "id_token": "eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9YVXdCdVVIUk1UVkhBbGVaRUp4SDE4ODE1IiwiY19oYXNoIjoiMlZaYWhYbVhRY182VGRoVW5KaUhfQSIsInNfaGFzaCI6IndSRmUtaWlMUnlQMFE2MF9RY0I4cWciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvU2FmcmFSUFRlc3RcLyIsImV4cCI6MTY0MjA4MDU4Nywibm9uY2UiOiJlY2I4NzRhOTM3Mjc0ZDE4OTFmM2RlNDcxY2YwNzcxNiIsImlhdCI6MTY0MjA4MDI4N30.mL2HBzQPqTE3rPuNYif44Gogz-a7zDGBpO7c2ke1KqZXeFKVnGnbn-b2FzGYgiDqiEW-3dbv1jXdgD4ZLYU7q_uYE4s2EAQgLhr-d45IMzrSeFBuawjFrNvU_n7E66I7DCEj3sMlTPYNE1HjmmcF6mQZIylMtf8J7vxEl_aXq3XQQz85lCLZhuWOW_S6pmpEqelnzXA8uxeibEkBIx140Z7AVsRjTGH1XcwctDExApRM9Pz5ibPDVqala4jF_EgnmuTxnEYui5Bem8dMkN9YxUTjce6oD0yhVhZCU83E_5zKDtbh5XTwPo7yi8_lgat7lZJIpIPY_w5SMhwRpHf4LA"
}
2022-01-13 13:24:47
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://portalspa-hml.safra.com.br/callback#state=b24078e2319b40b3ad946227c52f154e&code=iLyddCZP3X3fDPEktKRCMjc7NZ6Ugr7r&id_token=eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9YVXdCdVVIUk1UVkhBbGVaRUp4SDE4ODE1IiwiY19oYXNoIjoiMlZaYWhYbVhRY182VGRoVW5KaUhfQSIsInNfaGFzaCI6IndSRmUtaWlMUnlQMFE2MF9RY0I4cWciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvU2FmcmFSUFRlc3RcLyIsImV4cCI6MTY0MjA4MDU4Nywibm9uY2UiOiJlY2I4NzRhOTM3Mjc0ZDE4OTFmM2RlNDcxY2YwNzcxNiIsImlhdCI6MTY0MjA4MDI4N30.mL2HBzQPqTE3rPuNYif44Gogz-a7zDGBpO7c2ke1KqZXeFKVnGnbn-b2FzGYgiDqiEW-3dbv1jXdgD4ZLYU7q_uYE4s2EAQgLhr-d45IMzrSeFBuawjFrNvU_n7E66I7DCEj3sMlTPYNE1HjmmcF6mQZIylMtf8J7vxEl_aXq3XQQz85lCLZhuWOW_S6pmpEqelnzXA8uxeibEkBIx140Z7AVsRjTGH1XcwctDExApRM9Pz5ibPDVqala4jF_EgnmuTxnEYui5Bem8dMkN9YxUTjce6oD0yhVhZCU83E_5zKDtbh5XTwPo7yi8_lgat7lZJIpIPY_w5SMhwRpHf4LA
2022-01-13 13:24:47 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://portalspa-hml.safra.com.br/callback#state=b24078e2319b40b3ad946227c52f154e&code=iLyddCZP3X3fDPEktKRCMjc7NZ6Ugr7r&id_token=eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImNsaWVudF9YVXdCdVVIUk1UVkhBbGVaRUp4SDE4ODE1IiwiY19oYXNoIjoiMlZaYWhYbVhRY182VGRoVW5KaUhfQSIsInNfaGFzaCI6IndSRmUtaWlMUnlQMFE2MF9RY0I4cWciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvU2FmcmFSUFRlc3RcLyIsImV4cCI6MTY0MjA4MDU4Nywibm9uY2UiOiJlY2I4NzRhOTM3Mjc0ZDE4OTFmM2RlNDcxY2YwNzcxNiIsImlhdCI6MTY0MjA4MDI4N30.mL2HBzQPqTE3rPuNYif44Gogz-a7zDGBpO7c2ke1KqZXeFKVnGnbn-b2FzGYgiDqiEW-3dbv1jXdgD4ZLYU7q_uYE4s2EAQgLhr-d45IMzrSeFBuawjFrNvU_n7E66I7DCEj3sMlTPYNE1HjmmcF6mQZIylMtf8J7vxEl_aXq3XQQz85lCLZhuWOW_S6pmpEqelnzXA8uxeibEkBIx140Z7AVsRjTGH1XcwctDExApRM9Pz5ibPDVqala4jF_EgnmuTxnEYui5Bem8dMkN9YxUTjce6oD0yhVhZCU83E_5zKDtbh5XTwPo7yi8_lgat7lZJIpIPY_w5SMhwRpHf4LA]
outgoing_path
authorize
2022-01-13 13:24:49 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-dynatrace": "FW4;-987853115;6;1343653795;351;0;-1738730375;510;e4a1;2h01;3h501687a3;4h015f;6h61bd112b2536d06dd0729a27bbac5b68;7h7333925266e6ff0f",
  "traceparent": "00-61bd112b2536d06dd0729a27bbac5b68-7333925266e6ff0f-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;6;501687a3;15f;0;0;0;1fe;d509;2h01;3h501687a3;4h015f;7h7333925266e6ff0f",
  "connection": "close"
}
incoming_path
/test/a/SafraRPTest/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-01-13 13:24:49 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-01-13 13:24:49 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
outgoing_path
jwks
2022-01-13 13:24:50 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-dynatrace": "FW4;-987853115;6;1343653795;351;1;-1738730375;510;d488;2h01;3h501687a3;4h015f;6h61bd112b2536d06dd0729a27bbac5b68;7hc71f29016bc91da3",
  "traceparent": "00-61bd112b2536d06dd0729a27bbac5b68-c71f29016bc91da3-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;6;501687a3;15f;1;0;0;1fe;01d2;2h01;3h501687a3;4h015f;7hc71f29016bc91da3",
  "content-type": "application/x-www-form-urlencoded",
  "x-cert": "MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPDo28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkxMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2FmcmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iGVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8bnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyFSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMBAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkceRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wnLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLOhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqOVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af1zroWKsv2A\u003d\u003d",
  "content-length": "1255",
  "connection": "close"
}
incoming_path
/test-mtls/a/SafraRPTest/token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "iLyddCZP3X3fDPEktKRCMjc7NZ6Ugr7r",
  "redirect_uri": "https://portalspa-hml.safra.com.br/callback",
  "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
  "code_verifier": "ecb874a937274d1891f3de471cf07716ecb874a937274d1891f3de471cf07716b24078e2319b40b3ad946227c52f154eb24078e2319b40b3ad946227c52f154e",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjAyYzZjZWU4NTJlMDQ1N2JhZmY1ODRkZGJiY2MzMTZmIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTg5LCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI4OSwibmJmIjoxNjQyMDgwMjg5fQ.U_kyll_PkUtvzsjgIgN37rV4c0OEHuMDVSqizzbhyhNmXAIdo_bppRJ77VP0DeCD086Uzq4hxEtzNuMznoArVmflConC1LHyEYDxHhSfyX5oNkS5yY6PkzlYy4UmgYsbC2lQlaGYwtjfGc1zY4OFm64mqfImiVLuu3hc8XE7kwqE9tdV0aeyQVqh-mdhy6ghNlabBRzJeTu_og6J8VpMK1Ab0jXXp7vORxMQNzpK4yILhLdXTbT0n3neRKBjSdlEbMxScw-pUzi8C02DqvgjVXeVLC6P_DU6NTNWkKJ_QNyyiLZcxwhxZPXUB5zyqksF-nJ1kIgXhqKouKfmvDNXzQ",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=iLyddCZP3X3fDPEktKRCMjc7NZ6Ugr7r&redirect_uri=https%3A%2F%2Fportalspa-hml.safra.com.br%2Fcallback&client_id=client_XUwBuUHRMTVHAleZEJxH18815&code_verifier=ecb874a937274d1891f3de471cf07716ecb874a937274d1891f3de471cf07716b24078e2319b40b3ad946227c52f154eb24078e2319b40b3ad946227c52f154e&client_assertion=eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjAyYzZjZWU4NTJlMDQ1N2JhZmY1ODRkZGJiY2MzMTZmIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTg5LCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI4OSwibmJmIjoxNjQyMDgwMjg5fQ.U_kyll_PkUtvzsjgIgN37rV4c0OEHuMDVSqizzbhyhNmXAIdo_bppRJ77VP0DeCD086Uzq4hxEtzNuMznoArVmflConC1LHyEYDxHhSfyX5oNkS5yY6PkzlYy4UmgYsbC2lQlaGYwtjfGc1zY4OFm64mqfImiVLuu3hc8XE7kwqE9tdV0aeyQVqh-mdhy6ghNlabBRzJeTu_og6J8VpMK1Ab0jXXp7vORxMQNzpK4yILhLdXTbT0n3neRKBjSdlEbMxScw-pUzi8C02DqvgjVXeVLC6P_DU6NTNWkKJ_QNyyiLZcxwhxZPXUB5zyqksF-nJ1kIgXhqKouKfmvDNXzQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-01-13 13:24:50 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-01-13 13:24:50 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d44b261bc-4f6f-44ce-b3d7-3f98a2b225f4,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3538313630373839303030313238,CN\u003d*.safra.com.br,OU\u003d709138dd-6e9d-5f96-bfff-69a5b2cb3ec0,O\u003dBCO SAFRA S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-mtls-hml.safra.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-01-13 13:24:50 SUCCESS
CheckForClientCertificate
Found client certificate
2022-01-13 13:24:50 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
2022-01-13 13:24:50 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjAyYzZjZWU4NTJlMDQ1N2JhZmY1ODRkZGJiY2MzMTZmIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTg5LCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI4OSwibmJmIjoxNjQyMDgwMjg5fQ.U_kyll_PkUtvzsjgIgN37rV4c0OEHuMDVSqizzbhyhNmXAIdo_bppRJ77VP0DeCD086Uzq4hxEtzNuMznoArVmflConC1LHyEYDxHhSfyX5oNkS5yY6PkzlYy4UmgYsbC2lQlaGYwtjfGc1zY4OFm64mqfImiVLuu3hc8XE7kwqE9tdV0aeyQVqh-mdhy6ghNlabBRzJeTu_og6J8VpMK1Ab0jXXp7vORxMQNzpK4yILhLdXTbT0n3neRKBjSdlEbMxScw-pUzi8C02DqvgjVXeVLC6P_DU6NTNWkKJ_QNyyiLZcxwhxZPXUB5zyqksF-nJ1kIgXhqKouKfmvDNXzQ",
  "header": {
    "x5t": "imeJtvhk1_UOZIIOKtvS3EW0nDo",
    "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "client_XUwBuUHRMTVHAleZEJxH18815",
    "aud": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "nbf": 1642080289,
    "iss": "client_XUwBuUHRMTVHAleZEJxH18815",
    "exp": 1642080589,
    "iat": 1642080289,
    "jti": "02c6cee852e0457baff584ddbbcc316f"
  }
}
2022-01-13 13:24:50
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-01-13 13:24:50 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjAyYzZjZWU4NTJlMDQ1N2JhZmY1ODRkZGJiY2MzMTZmIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTg5LCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI4OSwibmJmIjoxNjQyMDgwMjg5fQ.U_kyll_PkUtvzsjgIgN37rV4c0OEHuMDVSqizzbhyhNmXAIdo_bppRJ77VP0DeCD086Uzq4hxEtzNuMznoArVmflConC1LHyEYDxHhSfyX5oNkS5yY6PkzlYy4UmgYsbC2lQlaGYwtjfGc1zY4OFm64mqfImiVLuu3hc8XE7kwqE9tdV0aeyQVqh-mdhy6ghNlabBRzJeTu_og6J8VpMK1Ab0jXXp7vORxMQNzpK4yILhLdXTbT0n3neRKBjSdlEbMxScw-pUzi8C02DqvgjVXeVLC6P_DU6NTNWkKJ_QNyyiLZcxwhxZPXUB5zyqksF-nJ1kIgXhqKouKfmvDNXzQ
2022-01-13 13:24:50 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-01-13 13:24:50 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-01-13 13:24:50 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
iLyddCZP3X3fDPEktKRCMjc7NZ6Ugr7r
2022-01-13 13:24:50 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://portalspa-hml.safra.com.br/callback
2022-01-13 13:24:50 SUCCESS
ValidateCodeVerifierWithS256
Validated code_verifier successfully
code_challenge_method
S256
code_verifier
ecb874a937274d1891f3de471cf07716ecb874a937274d1891f3de471cf07716b24078e2319b40b3ad946227c52f154eb24078e2319b40b3ad946227c52f154e
code_challenge
7Y1KpwuVYkc379huzw7Nl7INe3_Rh1GEUGuA11L56_o
2022-01-13 13:24:50 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
VWP86pmsaIKRkpkQdrOKDtiilzMhCCEndHy55x3GhdMC9iA0DM
2022-01-13 13:24:50 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
m9fxAGndu5CVQttayfhI1g
2022-01-13 13:24:50
CreateRefreshToken
Created refresh token
refresh_token
FtxVVbgwRPKBckkKtQQfRXMIbiGtYmEhkKtBpoTXmegqatIDQt7798461634)*.|?
2022-01-13 13:24:50 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/SafraRPTest/
sub
user-subject-1234531
aud
client_XUwBuUHRMTVHAleZEJxH18815
nonce
ecb874a937274d1891f3de471cf07716
iat
1642080290
exp
1642080590
2022-01-13 13:24:50
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Request object does not contain a claims element.id_token
2022-01-13 13:24:50 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
m9fxAGndu5CVQttayfhI1g
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/SafraRPTest/",
  "sub": "user-subject-1234531",
  "aud": "client_XUwBuUHRMTVHAleZEJxH18815",
  "nonce": "ecb874a937274d1891f3de471cf07716",
  "iat": 1642080290,
  "exp": 1642080590,
  "at_hash": "m9fxAGndu5CVQttayfhI1g"
}
2022-01-13 13:24:50 INFO
FAPIBrazilAddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2022-01-13 13:24:50 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoibTlmeEFHbmR1NUNWUXR0YXlmaEkxZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvU2FmcmFSUFRlc3RcLyIsImV4cCI6MTY0MjA4MDU5MCwibm9uY2UiOiJlY2I4NzRhOTM3Mjc0ZDE4OTFmM2RlNDcxY2YwNzcxNiIsImlhdCI6MTY0MjA4MDI5MH0.0kJNkX--G8Q4ZqpABmQYlLoGUDGRlvGhvGfbVtS65RTcisnamB4BOCG4Seqz2uaP926gpnHuzdNW8kPXo8FBBwJZDfus2u1n8jwS7fz629ENtXKKH_i7g-TWbP468iHLdkOabcwtPCf46AJ_15UKsRwYLLr3wzyAaEiJYIWkpZj1uumOHDqUiCECmu7hg_mXNQJeAihTzYbOSaLbSdyulcuh31KUG5w7th_hYAUEI_R2td1lEZvGBY4zwydUb5HfYjBHZqCBkhj5kzVpS7S_S6XgzmxAwbclVr3IluVxV7iLIgyuOgskmqIrS5bju7KiYeuJmCGLkW1dn4MHJIpnBg
2022-01-13 13:24:50 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
VWP86pmsaIKRkpkQdrOKDtiilzMhCCEndHy55x3GhdMC9iA0DM
token_type
Bearer
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoibTlmeEFHbmR1NUNWUXR0YXlmaEkxZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvU2FmcmFSUFRlc3RcLyIsImV4cCI6MTY0MjA4MDU5MCwibm9uY2UiOiJlY2I4NzRhOTM3Mjc0ZDE4OTFmM2RlNDcxY2YwNzcxNiIsImlhdCI6MTY0MjA4MDI5MH0.0kJNkX--G8Q4ZqpABmQYlLoGUDGRlvGhvGfbVtS65RTcisnamB4BOCG4Seqz2uaP926gpnHuzdNW8kPXo8FBBwJZDfus2u1n8jwS7fz629ENtXKKH_i7g-TWbP468iHLdkOabcwtPCf46AJ_15UKsRwYLLr3wzyAaEiJYIWkpZj1uumOHDqUiCECmu7hg_mXNQJeAihTzYbOSaLbSdyulcuh31KUG5w7th_hYAUEI_R2td1lEZvGBY4zwydUb5HfYjBHZqCBkhj5kzVpS7S_S6XgzmxAwbclVr3IluVxV7iLIgyuOgskmqIrS5bju7KiYeuJmCGLkW1dn4MHJIpnBg
refresh_token
FtxVVbgwRPKBckkKtQQfRXMIbiGtYmEhkKtBpoTXmegqatIDQt7798461634)*.|?
scope
openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg
2022-01-13 13:24:50
RemoveIssuedAccessTokenFromEnvironment
Removed access_token and token_type from environment
2022-01-13 13:24:50 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "VWP86pmsaIKRkpkQdrOKDtiilzMhCCEndHy55x3GhdMC9iA0DM",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoibTlmeEFHbmR1NUNWUXR0YXlmaEkxZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiY2xpZW50X1hVd0J1VUhSTVRWSEFsZVpFSnhIMTg4MTUiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvU2FmcmFSUFRlc3RcLyIsImV4cCI6MTY0MjA4MDU5MCwibm9uY2UiOiJlY2I4NzRhOTM3Mjc0ZDE4OTFmM2RlNDcxY2YwNzcxNiIsImlhdCI6MTY0MjA4MDI5MH0.0kJNkX--G8Q4ZqpABmQYlLoGUDGRlvGhvGfbVtS65RTcisnamB4BOCG4Seqz2uaP926gpnHuzdNW8kPXo8FBBwJZDfus2u1n8jwS7fz629ENtXKKH_i7g-TWbP468iHLdkOabcwtPCf46AJ_15UKsRwYLLr3wzyAaEiJYIWkpZj1uumOHDqUiCECmu7hg_mXNQJeAihTzYbOSaLbSdyulcuh31KUG5w7th_hYAUEI_R2td1lEZvGBY4zwydUb5HfYjBHZqCBkhj5kzVpS7S_S6XgzmxAwbclVr3IluVxV7iLIgyuOgskmqIrS5bju7KiYeuJmCGLkW1dn4MHJIpnBg",
  "refresh_token": "FtxVVbgwRPKBckkKtQQfRXMIbiGtYmEhkKtBpoTXmegqatIDQt7798461634)*.|?",
  "scope": "openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg"
}
outgoing_path
token
2022-01-13 13:24:51 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Bearer VWP86pmsaIKRkpkQdrOKDtiilzMhCCEndHy55x3GhdMC9iA0DM",
  "x-dynatrace": "FW4;-987853115;6;1343653795;351;2;-1738730375;510;d322;2h01;3h501687a3;4h015f;6h61bd112b2536d06dd0729a27bbac5b68;7h05d516ed4274efb9",
  "traceparent": "00-61bd112b2536d06dd0729a27bbac5b68-05d516ed4274efb9-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;6;501687a3;15f;2;0;0;1fe;6452;2h01;3h501687a3;4h015f;7h05d516ed4274efb9",
  "cookie": "JSESSIONID\u003dA6C630AF755093694D0D98301A86EFAC",
  "connection": "close"
}
incoming_path
/test-mtls/a/SafraRPTest/accounts/v1/accounts
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-01-13 13:24:51 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Accounts endpoint (always rejected)
2022-01-13 13:24:51 SUCCESS
LogAccessTokenAlwaysRejectedToForceARefreshGrant
This call will be always rejected. The client must obtain a new access token twice using the refresh_token
2022-01-13 13:24:51 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
401
outgoing_headers
{
  "WWW-Authenticate": [
    "Bearer realm\u003d\"conformancesuite\", error\u003d\"invalid_token\", error_description\u003d\"Invalid access token. This test requires you to obtain a new access token twice using the refresh_token\""
  ]
}
outgoing_body
outgoing_path
accounts/v1/accounts
2022-01-13 13:24:51 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-dynatrace": "FW4;-987853115;6;1343653795;351;3;-1738730375;510;2b43;2h01;3h501687a3;4h015f;6h61bd112b2536d06dd0729a27bbac5b68;7h38000ede3845ccd4",
  "traceparent": "00-61bd112b2536d06dd0729a27bbac5b68-38000ede3845ccd4-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;6;501687a3;15f;3;0;0;1fe;2ee0;2h01;3h501687a3;4h015f;7h38000ede3845ccd4",
  "cookie": "JSESSIONID\u003dA6C630AF755093694D0D98301A86EFAC",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "1092",
  "connection": "close"
}
incoming_path
/test-mtls/a/SafraRPTest/token
incoming_body_form_params
{
  "grant_type": "refresh_token",
  "refresh_token": "FtxVVbgwRPKBckkKtQQfRXMIbiGtYmEhkKtBpoTXmegqatIDQt7798461634)*.|?",
  "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjJlOTIzZWExZDNkMzQ4MWY4ZWZlOTg3NWVlOWNhMGE5IiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTkxLCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI5MSwibmJmIjoxNjQyMDgwMjkxfQ.naDpPJPc1zP8ytp_B8ZmdlTqppKznT5P3jOOP7IxXT1f8igcFhtUUosYVSHsJMcDUev-yN1bY8zDj53uG376q4IoNTCa3ojgQ1Ctr83RNZ-PxANeuRkKgLDknsomVAYYXVwkdF26DfBi-HBQIv3q58D8DlBXUbcEy_72s7mV33KOLGigvIt5uelrg-4oXFDlqFuNPcwSeF1iKEKSyNKLQLLt3ex5JIbsVGKy2qqFj6NV_lDquBKbKznxVgLqyZD3tste3cNjmDUoCQ10ST8zYlRnp0ncIQ_SHP23UwfZ-FfPqjOcR8lO4OnJ_anKTP7leVgektnNBx-AnPfzZmH02w",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=refresh_token&refresh_token=FtxVVbgwRPKBckkKtQQfRXMIbiGtYmEhkKtBpoTXmegqatIDQt7798461634%29*.%7C%3F&client_id=client_XUwBuUHRMTVHAleZEJxH18815&client_assertion=eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjJlOTIzZWExZDNkMzQ4MWY4ZWZlOTg3NWVlOWNhMGE5IiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTkxLCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI5MSwibmJmIjoxNjQyMDgwMjkxfQ.naDpPJPc1zP8ytp_B8ZmdlTqppKznT5P3jOOP7IxXT1f8igcFhtUUosYVSHsJMcDUev-yN1bY8zDj53uG376q4IoNTCa3ojgQ1Ctr83RNZ-PxANeuRkKgLDknsomVAYYXVwkdF26DfBi-HBQIv3q58D8DlBXUbcEy_72s7mV33KOLGigvIt5uelrg-4oXFDlqFuNPcwSeF1iKEKSyNKLQLLt3ex5JIbsVGKy2qqFj6NV_lDquBKbKznxVgLqyZD3tste3cNjmDUoCQ10ST8zYlRnp0ncIQ_SHP23UwfZ-FfPqjOcR8lO4OnJ_anKTP7leVgektnNBx-AnPfzZmH02w&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-01-13 13:24:51 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-01-13 13:24:51 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d44b261bc-4f6f-44ce-b3d7-3f98a2b225f4,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3538313630373839303030313238,CN\u003d*.safra.com.br,OU\u003d709138dd-6e9d-5f96-bfff-69a5b2cb3ec0,O\u003dBCO SAFRA S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-mtls-hml.safra.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-01-13 13:24:51 SUCCESS
CheckForClientCertificate
Found client certificate
2022-01-13 13:24:51 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
2022-01-13 13:24:51 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjJlOTIzZWExZDNkMzQ4MWY4ZWZlOTg3NWVlOWNhMGE5IiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTkxLCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI5MSwibmJmIjoxNjQyMDgwMjkxfQ.naDpPJPc1zP8ytp_B8ZmdlTqppKznT5P3jOOP7IxXT1f8igcFhtUUosYVSHsJMcDUev-yN1bY8zDj53uG376q4IoNTCa3ojgQ1Ctr83RNZ-PxANeuRkKgLDknsomVAYYXVwkdF26DfBi-HBQIv3q58D8DlBXUbcEy_72s7mV33KOLGigvIt5uelrg-4oXFDlqFuNPcwSeF1iKEKSyNKLQLLt3ex5JIbsVGKy2qqFj6NV_lDquBKbKznxVgLqyZD3tste3cNjmDUoCQ10ST8zYlRnp0ncIQ_SHP23UwfZ-FfPqjOcR8lO4OnJ_anKTP7leVgektnNBx-AnPfzZmH02w",
  "header": {
    "x5t": "imeJtvhk1_UOZIIOKtvS3EW0nDo",
    "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "client_XUwBuUHRMTVHAleZEJxH18815",
    "aud": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "nbf": 1642080291,
    "iss": "client_XUwBuUHRMTVHAleZEJxH18815",
    "exp": 1642080591,
    "iat": 1642080291,
    "jti": "2e923ea1d3d3481f8efe9875ee9ca0a9"
  }
}
2022-01-13 13:24:51
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-01-13 13:24:51 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6IjJlOTIzZWExZDNkMzQ4MWY4ZWZlOTg3NWVlOWNhMGE5IiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTkxLCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI5MSwibmJmIjoxNjQyMDgwMjkxfQ.naDpPJPc1zP8ytp_B8ZmdlTqppKznT5P3jOOP7IxXT1f8igcFhtUUosYVSHsJMcDUev-yN1bY8zDj53uG376q4IoNTCa3ojgQ1Ctr83RNZ-PxANeuRkKgLDknsomVAYYXVwkdF26DfBi-HBQIv3q58D8DlBXUbcEy_72s7mV33KOLGigvIt5uelrg-4oXFDlqFuNPcwSeF1iKEKSyNKLQLLt3ex5JIbsVGKy2qqFj6NV_lDquBKbKznxVgLqyZD3tste3cNjmDUoCQ10ST8zYlRnp0ncIQ_SHP23UwfZ-FfPqjOcR8lO4OnJ_anKTP7leVgektnNBx-AnPfzZmH02w
2022-01-13 13:24:51 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-01-13 13:24:51 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-01-13 13:24:51 SUCCESS
ValidateRefreshToken
refresh_token parameter matches the expected value.
refresh_token
FtxVVbgwRPKBckkKtQQfRXMIbiGtYmEhkKtBpoTXmegqatIDQt7798461634)*.|?
2022-01-13 13:24:51 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
9gbYRqjn4kim0MToxWy3OaoJzRoKTnQwjQtsRgJRk3FkCmnKJj
2022-01-13 13:24:51 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
ILJ1bGJNY1iTQwsxjyKgtw
2022-01-13 13:24:51
CreateRefreshToken
Created refresh token
refresh_token
lWnPgaxHrVgHSWujBoLfJMQGarjqxrucdaFVnWxIHWTMTMvlOI6282685759).,~?
2022-01-13 13:24:51 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
9gbYRqjn4kim0MToxWy3OaoJzRoKTnQwjQtsRgJRk3FkCmnKJj
token_type
Bearer
refresh_token
lWnPgaxHrVgHSWujBoLfJMQGarjqxrucdaFVnWxIHWTMTMvlOI6282685759).,~?
scope
openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg
2022-01-13 13:24:51 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "9gbYRqjn4kim0MToxWy3OaoJzRoKTnQwjQtsRgJRk3FkCmnKJj",
  "token_type": "Bearer",
  "refresh_token": "lWnPgaxHrVgHSWujBoLfJMQGarjqxrucdaFVnWxIHWTMTMvlOI6282685759).,~?",
  "scope": "openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg"
}
outgoing_path
token
2022-01-13 13:24:51 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "x-dynatrace": "FW4;-987853115;6;1343653795;351;4;-1738730375;510;6177;2h01;3h501687a3;4h015f;6h61bd112b2536d06dd0729a27bbac5b68;7h011a72a890cb2214",
  "traceparent": "00-61bd112b2536d06dd0729a27bbac5b68-011a72a890cb2214-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;6;501687a3;15f;4;0;0;1fe;da7f;2h01;3h501687a3;4h015f;7h011a72a890cb2214",
  "cookie": "JSESSIONID\u003dA6C630AF755093694D0D98301A86EFAC",
  "content-type": "application/x-www-form-urlencoded",
  "content-length": "1090",
  "connection": "close"
}
incoming_path
/test-mtls/a/SafraRPTest/token
incoming_body_form_params
{
  "grant_type": "refresh_token",
  "refresh_token": "lWnPgaxHrVgHSWujBoLfJMQGarjqxrucdaFVnWxIHWTMTMvlOI6282685759).,~?",
  "client_id": "client_XUwBuUHRMTVHAleZEJxH18815",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6ImU3MzBmNDc5YzVlODQxOTFhMmMyZTQ3MDhjZTVhOWZkIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTkxLCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI5MSwibmJmIjoxNjQyMDgwMjkxfQ.SLe9OnHeA4WK5Gy9KkREN_WVFEmrqh7dRw9yrFNFTRqkYn16xCS8w-AEiB90QtuoeBNxOkeckr4pnydZUex5UbUDSpBmm_eySIBntd-yPeuHtm1gYeRidQ1ZKARol-bVS0YtnYv31KnqwuCUHQr5tKXV3kT2zcf1zaDKY-mWmDdoSTUHgxVhZxhuEwqGUD0_fvXWgIPtbjddlBYopJvL16JS_hkPCxiqZtdQupVSwRMzgYTdSaOjCE99YL_Tg4t4jsSEmLTMlOkZY-5fy0wHj2gvkwJJykn6zONIMIlIHG-lF_WvrTaSnEKOfvLQ0_5dGiOuVBG0UtnqIOwpZITI3g",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=refresh_token&refresh_token=lWnPgaxHrVgHSWujBoLfJMQGarjqxrucdaFVnWxIHWTMTMvlOI6282685759%29.%2C%7E%3F&client_id=client_XUwBuUHRMTVHAleZEJxH18815&client_assertion=eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6ImU3MzBmNDc5YzVlODQxOTFhMmMyZTQ3MDhjZTVhOWZkIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTkxLCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI5MSwibmJmIjoxNjQyMDgwMjkxfQ.SLe9OnHeA4WK5Gy9KkREN_WVFEmrqh7dRw9yrFNFTRqkYn16xCS8w-AEiB90QtuoeBNxOkeckr4pnydZUex5UbUDSpBmm_eySIBntd-yPeuHtm1gYeRidQ1ZKARol-bVS0YtnYv31KnqwuCUHQr5tKXV3kT2zcf1zaDKY-mWmDdoSTUHgxVhZxhuEwqGUD0_fvXWgIPtbjddlBYopJvL16JS_hkPCxiqZtdQupVSwRMzgYTdSaOjCE99YL_Tg4t4jsSEmLTMlOkZY-5fy0wHj2gvkwJJykn6zONIMIlIHG-lF_WvrTaSnEKOfvLQ0_5dGiOuVBG0UtnqIOwpZITI3g&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-01-13 13:24:51 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-01-13 13:24:51 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d44b261bc-4f6f-44ce-b3d7-3f98a2b225f4,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3538313630373839303030313238,CN\u003d*.safra.com.br,OU\u003d709138dd-6e9d-5f96-bfff-69a5b2cb3ec0,O\u003dBCO SAFRA S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-mtls-hml.safra.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-01-13 13:24:51 SUCCESS
CheckForClientCertificate
Found client certificate
2022-01-13 13:24:51 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
2022-01-13 13:24:51 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6ImU3MzBmNDc5YzVlODQxOTFhMmMyZTQ3MDhjZTVhOWZkIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTkxLCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI5MSwibmJmIjoxNjQyMDgwMjkxfQ.SLe9OnHeA4WK5Gy9KkREN_WVFEmrqh7dRw9yrFNFTRqkYn16xCS8w-AEiB90QtuoeBNxOkeckr4pnydZUex5UbUDSpBmm_eySIBntd-yPeuHtm1gYeRidQ1ZKARol-bVS0YtnYv31KnqwuCUHQr5tKXV3kT2zcf1zaDKY-mWmDdoSTUHgxVhZxhuEwqGUD0_fvXWgIPtbjddlBYopJvL16JS_hkPCxiqZtdQupVSwRMzgYTdSaOjCE99YL_Tg4t4jsSEmLTMlOkZY-5fy0wHj2gvkwJJykn6zONIMIlIHG-lF_WvrTaSnEKOfvLQ0_5dGiOuVBG0UtnqIOwpZITI3g",
  "header": {
    "x5t": "imeJtvhk1_UOZIIOKtvS3EW0nDo",
    "kid": "F_zU9LD1--CL5SvOm7aeqKpn9nte7OFLhq92U-V3f68",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "client_XUwBuUHRMTVHAleZEJxH18815",
    "aud": "https://www.certification.openid.net/test-mtls/a/SafraRPTest/token",
    "nbf": 1642080291,
    "iss": "client_XUwBuUHRMTVHAleZEJxH18815",
    "exp": 1642080591,
    "iat": 1642080291,
    "jti": "e730f479c5e84191a2c2e4708ce5a9fd"
  }
}
2022-01-13 13:24:51
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-01-13 13:24:51 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsImtpZCI6IkZfelU5TEQxLS1DTDVTdk9tN2FlcUtwbjludGU3T0ZMaHE5MlUtVjNmNjgiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJpbWVKdHZoazFfVU9aSUlPS3R2UzNFVzBuRG8ifQ.eyJzdWIiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImp0aSI6ImU3MzBmNDc5YzVlODQxOTFhMmMyZTQ3MDhjZTVhOWZkIiwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL1NhZnJhUlBUZXN0L3Rva2VuIiwiZXhwIjoxNjQyMDgwNTkxLCJpc3MiOiJjbGllbnRfWFV3QnVVSFJNVFZIQWxlWkVKeEgxODgxNSIsImlhdCI6MTY0MjA4MDI5MSwibmJmIjoxNjQyMDgwMjkxfQ.SLe9OnHeA4WK5Gy9KkREN_WVFEmrqh7dRw9yrFNFTRqkYn16xCS8w-AEiB90QtuoeBNxOkeckr4pnydZUex5UbUDSpBmm_eySIBntd-yPeuHtm1gYeRidQ1ZKARol-bVS0YtnYv31KnqwuCUHQr5tKXV3kT2zcf1zaDKY-mWmDdoSTUHgxVhZxhuEwqGUD0_fvXWgIPtbjddlBYopJvL16JS_hkPCxiqZtdQupVSwRMzgYTdSaOjCE99YL_Tg4t4jsSEmLTMlOkZY-5fy0wHj2gvkwJJykn6zONIMIlIHG-lF_WvrTaSnEKOfvLQ0_5dGiOuVBG0UtnqIOwpZITI3g
2022-01-13 13:24:51 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-01-13 13:24:51 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-01-13 13:24:51 SUCCESS
ValidateRefreshToken
refresh_token parameter matches the expected value.
refresh_token
lWnPgaxHrVgHSWujBoLfJMQGarjqxrucdaFVnWxIHWTMTMvlOI6282685759).,~?
2022-01-13 13:24:51 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
6QTi0gTKueHg8Is0jYNvvTACFEEExcdlcV5bB4obf2dOpmgJxw
2022-01-13 13:24:51 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
eIFcj6T2T4C8VTaw5zE1MA
2022-01-13 13:24:51
CreateRefreshToken
Created refresh token
refresh_token
TQhmvwbHYgUalGvnBebKOsyyOdPZRizLQEkHSEPAIJNAJuYtoP9994620827]^'$-
2022-01-13 13:24:51 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
6QTi0gTKueHg8Is0jYNvvTACFEEExcdlcV5bB4obf2dOpmgJxw
token_type
Bearer
refresh_token
TQhmvwbHYgUalGvnBebKOsyyOdPZRizLQEkHSEPAIJNAJuYtoP9994620827]^'$-
scope
openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg
2022-01-13 13:24:51 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "6QTi0gTKueHg8Is0jYNvvTACFEEExcdlcV5bB4obf2dOpmgJxw",
  "token_type": "Bearer",
  "refresh_token": "TQhmvwbHYgUalGvnBebKOsyyOdPZRizLQEkHSEPAIJNAJuYtoP9994620827]^\u0027$-",
  "scope": "openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg"
}
outgoing_path
token
2022-01-13 13:24:51 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to test instance UZpi0NP4BWxWNoe
incoming_headers
{
  "host": "www.certification.openid.net",
  "authorization": "Bearer 6QTi0gTKueHg8Is0jYNvvTACFEEExcdlcV5bB4obf2dOpmgJxw",
  "x-dynatrace": "FW4;-987853115;6;1343653795;351;5;-1738730375;510;185f;2h01;3h501687a3;4h015f;6h61bd112b2536d06dd0729a27bbac5b68;7hd56f104e28adba82",
  "traceparent": "00-61bd112b2536d06dd0729a27bbac5b68-d56f104e28adba82-01",
  "tracestate": "985d1479-c51e8ec5@dt\u003dfw4;6;501687a3;15f;5;0;0;1fe;e1a8;2h01;3h501687a3;4h015f;7hd56f104e28adba82",
  "cookie": "JSESSIONID\u003dA6C630AF755093694D0D98301A86EFAC",
  "connection": "close"
}
incoming_path
/test-mtls/a/SafraRPTest/accounts/v1/accounts
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-01-13 13:24:51 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES256-GCM-SHA384
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Accounts endpoint
2022-01-13 13:24:51 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3 MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4 C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0 PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0 dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0 aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+ Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1 zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af 1zroWKsv2A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3\nMDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD\no28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx\nMzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm\ncmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp\ndmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ\nk/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG\nVfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b\nnE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4\nC4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF\nSaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0\nPR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB\nAAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce\nRCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF\nBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w\nZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v\nY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu\nY3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P\nAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw\nggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl\ncnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg\ndXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg\nU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0\ndXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0\naWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG\nCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh\nc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn\nLPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO\nhUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+\nVibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1\nzHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO\nVZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af\n1zroWKsv2A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d44b261bc-4f6f-44ce-b3d7-3f98a2b225f4,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3538313630373839303030313238,CN\u003d*.safra.com.br,OU\u003d709138dd-6e9d-5f96-bfff-69a5b2cb3ec0,O\u003dBCO SAFRA S.A.,L\u003dSão Paulo,ST\u003dSP,C\u003dBR"
  },
  "sanDnsNames": [
    "api-mtls-hml.safra.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-01-13 13:24:51 SUCCESS
CheckForClientCertificate
Found client certificate
2022-01-13 13:24:51 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUOr2rNJSEw8bj9fVI9mZtaMk/VfowDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMTEwMzE3MDUwMFoXDTIyMTIwMzE3
MDUwMFowggETMQswCQYDVQQGEwJCUjELMAkGA1UECBMCU1AxEzARBgNVBAcMClPD
o28gUGF1bG8xFzAVBgNVBAoTDkJDTyBTQUZSQSBTLkEuMS0wKwYDVQQLEyQ3MDkx
MzhkZC02ZTlkLTVmOTYtYmZmZi02OWE1YjJjYjNlYzAxFzAVBgNVBAMMDiouc2Fm
cmEuY29tLmJyMRcwFQYDVQQFEw41ODE2MDc4OTAwMDEyODEdMBsGA1UEDxMUUHJp
dmF0ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJ
k/IsZAEBEyQ0NGIyNjFiYy00ZjZmLTQ0Y2UtYjNkNy0zZjk4YTJiMjI1ZjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAJ7JptCPUm02Tx4o+zR20+iG
VfMCMTOafTQ29kgOYAk/ypeDCNeZt4kkil/ZzNjHwA6NZ3gWMV088C5ucJ4AmS8b
nE4XfbwoxealAWCa0pFoWEeBQK+Zb/S4dgK+L6xHkKViElSdQuYsKu3yraFs4Mu4
C4ukjhCxa3AlvcSw6PCMYJ5LKWbfVQovtoy5o+vOu1KKNKSTaYESmQDrIN4VeDyF
SaYttN0gd+HNicRnopbyfWcmndRwVdwyUgTT2Z59/CpcdKui8kiT2rKxRO/mF1q0
PR1lkPE9FBDSo83fArx3yXgUyMmodjqJ+5X+pm7xZRJ97RVwIoMh7PRf4LXHAgMB
AAGjggLdMIIC2TAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQ60p75BB0ZNm+cJkce
RCif8/14izAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEF
BQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9w
ZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8v
Y3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIu
Y3JsMCQGA1UdEQQdMBuCGWFwaS1tdGxzLWhtbC5zYWZyYS5jb20uYnIwDgYDVR0P
AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQw
ggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENl
cnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMg
dXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsg
U2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0
dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0
aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQG
CCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJh
c2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAriUFRNI349wn
LPiNnHZckwjUV76m8LltS/BrHQSURP4Bq3Eu2KEZGD/Xkz9VcmumHwOC+Mr/haLO
hUMbwmZMn9q3QFzyd/EnoSyXeedZpPLczSPZ3AXoNaC8xJn4ZE66NKDQ2/PEFD7+
Vibcq6uWx4H6k8QjSBgrPAh03hHzdBpVBTO6fRNZPUtHJUcPvOJC0rtK1n3tCNk1
zHeO19CLNT1aUo99rXw8BT3bG4jVi/NMIPZqywxxk3S4Fq+6otMbtVRaB+O+NEqO
VZR8xmuX+ALi7oVaD0tif+PzhyVKLZiRvnMtY2Y51ujIxyGyRZYPmiJkYQ/PT2Af
1zroWKsv2A==
-----END CERTIFICATE-----
2022-01-13 13:24:51 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2022-01-13 13:24:51 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
6QTi0gTKueHg8Is0jYNvvTACFEEExcdlcV5bB4obf2dOpmgJxw
2022-01-13 13:24:51 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
6QTi0gTKueHg8Is0jYNvvTACFEEExcdlcV5bB4obf2dOpmgJxw
2022-01-13 13:24:51 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2022-01-13 13:24:51 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2022-01-13 13:24:51 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2022-01-13 13:24:51 SUCCESS
FAPIBrazilEnsureAuthorizationRequestScopesContainAccounts
'accounts' was included in authorization request scopes
actual
openid consents customers accounts credit-cards-accounts resources invoice-financings financings loans unarranged-accounts-overdraft consent:urn:conformance.oidf:iasxbsXGCg
expected
accounts
2022-01-13 13:24:51 INFO
CreateFapiInteractionIdIfNeeded
Found existing FAPI interaction ID
fapi_interaction_id
079d4351-5f48-4823-bfc5-a8b58ba64f55
2022-01-13 13:24:51 SUCCESS
CreateFAPIAccountEndpointResponse
Created account response object
accounts_endpoint_response
{
  "conformance-test-finished": "true"
}
accounts_endpoint_response_headers
{
  "x-fapi-interaction-id": "079d4351-5f48-4823-bfc5-a8b58ba64f55",
  "content-type": "application/json; charset\u003dUTF-8"
}
2022-01-13 13:24:51 SUCCESS
CreateBrazilAccountsEndpointResponse
Created Brazil accounts response (Please note that this is a hardcoded response copied from API documentation)
accounts_endpoint_response
{
  "data": [
    {
      "brandName": "Organização A",
      "companyCnpj": "21128159000166",
      "type": "CONTA_DEPOSITO_A_VISTA",
      "compeCode": "001",
      "branchCode": "6272",
      "number": "94088392",
      "checkDigit": "4",
      "accountId": "92792126019929279212650822221989319252576"
    }
  ],
  "links": {
    "self": "https://api.banco.com.br/open-banking/api/v1/resource",
    "first": "https://api.banco.com.br/open-banking/api/v1/resource",
    "prev": "https://api.banco.com.br/open-banking/api/v1/resource",
    "next": "https://api.banco.com.br/open-banking/api/v1/resource",
    "last": "https://api.banco.com.br/open-banking/api/v1/resource"
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-01-13T13:24:51Z"
  }
}
accounts_endpoint_response_headers
{
  "x-fapi-interaction-id": "079d4351-5f48-4823-bfc5-a8b58ba64f55",
  "content-type": "application/json"
}
2022-01-13 13:24:51
ClearAccessTokenFromRequest
Condition ran but did not log anything
2022-01-13 13:24:51 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance UZpi0NP4BWxWNoe
outgoing_status_code
200
outgoing_headers
{
  "x-fapi-interaction-id": [
    "079d4351-5f48-4823-bfc5-a8b58ba64f55"
  ],
  "content-type": [
    "application/json"
  ]
}
outgoing_body
{
  "data": [
    {
      "brandName": "Organização A",
      "companyCnpj": "21128159000166",
      "type": "CONTA_DEPOSITO_A_VISTA",
      "compeCode": "001",
      "branchCode": "6272",
      "number": "94088392",
      "checkDigit": "4",
      "accountId": "92792126019929279212650822221989319252576"
    }
  ],
  "links": {
    "self": "https://api.banco.com.br/open-banking/api/v1/resource",
    "first": "https://api.banco.com.br/open-banking/api/v1/resource",
    "prev": "https://api.banco.com.br/open-banking/api/v1/resource",
    "next": "https://api.banco.com.br/open-banking/api/v1/resource",
    "last": "https://api.banco.com.br/open-banking/api/v1/resource"
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-01-13T13:24:51Z"
  }
}
outgoing_path
accounts/v1/accounts
2022-01-13 13:24:51 FINISHED
fapi1-advanced-final-client-refresh-token-test
Test has run to completion
testmodule_result
PASSED
2022-01-13 13:26:25
TEST-RUNNER
Alias has now been claimed by another test
alias
SafraRPTest
new_test_id
KlEfaRtoCJf0aWP
Test Results