Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-04-22 08:21:47 INFO
TEST-RUNNER
Test instance Hk0V7kbqa4WOGtX created
baseUrl
https://www.certification.openid.net/test/a/local-oidc
variant
{
  "client_auth_type": "mtls",
  "fapi_auth_request_method": "by_value",
  "fapi_jarm_type": "oidc",
  "fapi_profile": "plain_fapi",
  "fapi_response_mode": "plain_response"
}
alias
local-oidc
description
oidc-provider OIDC
planId
eXbBCD7xNsAIe
config
{
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "8ft5av3Ba8B9qsHdVU2smdwAmBiOdKVATsGjwiLhZIQyAqwgZfOaijdAyspUDzjr9kFfw9i1yw_eTel04shim8Q4qpmARZ0VWm7lKUOw5QDkv8hiGS5HdwE9aCc4ZoWH5v8t0WRAfchs3ueKF6MwueTXj6iy6YHu3fEA2aG7fJk",
          "kty": "RSA",
          "q": "_rWgqi1Jbge1Byn7Za202uzM-WjijMqdpO7bnZJM0m8sbCCCZXvUV1Rz1_0TEtnhpd9kZmzatHHBp2Bopb1svahqBP3lRODDWKR0YxVqfgtZty16S5J-r3U_GK1x73m7aDVp8EMuZq9Wkz9Kf1SjnFOw20vQ1SPPg0UniNHxGLs",
          "d": "022WKP1lmlduTVK5hPrFnLuvpz-Pt9Tl-_pDaWDCsPq5y3dyNYcDelJ_2kR7iiIaaCWj1GRoCBoH3DzC04BRc8yeFuTlq3SYPNrPYRZ_Q5y_xFPkEu-WXTnYz4i6Zu0Dt2TJOAZ8lrDK6fGbW6W_ZeizqlfMeNsNRugigQlK69nHzuvSNEboKhISBtIjto2oqEjeObr7lfPtwgxylZ8pztjt7z3vO-92wJ_ijX3mrDzqkfJaR2wsuwOqcjSF6j4Xv45unzoqDl55HGAToajZQxr6uQGpUz559GzaZz04SE-fku295ZipFaj39FthJ-gRQuHdmqxq4by1CX1vAaI7AQ",
          "e": "AQAB",
          "use": "sig",
          "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
          "qi": "SI9mDYpDSVcppuK34pZ8fO3NfL5N8YJXes6QOBV8b8RMsFy3Yd_niHKG17MQTDpVfeSs6Te5e_4Ieh1rTQbEvf2_muls5tMLdgOOVz-yq19rndlYMgaHtdK1lmGuRHjXqI0u3mHAtw1whKivjScTAYiOJxx7H4uD-Igc39rg2rA",
          "dp": "LBjexI-fuuomPIL9ubjg9lzwQsde1oTy1idVl2BR4MZycqg5czrUc9Gj3hDHBsshvQumzwLkBjBLG7mqklVgGvDEPtqgVI9Ov98rpbxvNRxXk1eKAPq9DUPNk_hpv80fugnQqLLzSbjHlkttj-cuTwIUAlsE16bVB98Of5qIlyk",
          "alg": "PS256",
          "dq": "NEEEvgTebKFOJTMarShu0v8DqiM3XxTuNHkAOxpZgk5meaRNvA4kaOodffEgaZyja0kiKtUoJR61UOY5cc8jsOENJwsDbxcBXH0Yl388QrGHbUn6LejW7p4KHMDwf-WkaeOTYUQXD9_mzfyNBwRRMHAG92ZdaGyZVN_qFWqkoKM",
          "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
        }
      ]
    }
  },
  "client": {
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL\nBQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw\nMTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\nAAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+\n4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg\nBGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0\n0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8\nfXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4\nHba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T\nAQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw\nFoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/\nAAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10\nGwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv\nWVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp\n943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA\n3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac\n01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9\n-----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "e": "AQAB",
          "use": "sig",
          "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
          "alg": "PS256",
          "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
        },
        {
          "kty": "RSA",
          "e": "AQAB",
          "use": "enc",
          "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
          "alg": "RSA-OAEP-256",
          "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
        }
      ]
    },
    "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
    "scope": "email openid profile",
    "client_id": "fapi-client"
  },
  "alias": "local-oidc",
  "client2": {
    "client_id": "fapi-client",
    "scope": "email openid profile",
    "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "e": "AQAB",
          "use": "sig",
          "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
          "alg": "PS256",
          "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
        },
        {
          "kty": "RSA",
          "e": "AQAB",
          "use": "enc",
          "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
          "alg": "RSA-OAEP-256",
          "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL\nBQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw\nMTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\nAAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+\n4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg\nBGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0\n0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8\nfXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4\nHba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T\nAQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw\nFoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/\nAAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10\nGwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv\nWVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp\n943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA\n3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac\n01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9\n-----END CERTIFICATE-----",
    "id_token_encrypted_response_alg": "RSA-OAEP-256",
    "id_token_encrypted_response_enc": "A128GCM"
  },
  "description": "oidc-provider OIDC"
}
testName
fapi1-advanced-final-client-test
2022-04-22 08:21:47 SUCCESS
GenerateServerConfigurationMTLS
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/local-oidc/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/local-oidc/authorize",
  "token_endpoint": "https://www.certification.openid.net/test-mtls/a/local-oidc/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/local-oidc/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/local-oidc/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/local-oidc/userinfo"
}
issuer
https://www.certification.openid.net/test/a/local-oidc/
discoveryUrl
https://www.certification.openid.net/test/a/local-oidc/.well-known/openid-configuration
2022-04-22 08:21:47 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "8ft5av3Ba8B9qsHdVU2smdwAmBiOdKVATsGjwiLhZIQyAqwgZfOaijdAyspUDzjr9kFfw9i1yw_eTel04shim8Q4qpmARZ0VWm7lKUOw5QDkv8hiGS5HdwE9aCc4ZoWH5v8t0WRAfchs3ueKF6MwueTXj6iy6YHu3fEA2aG7fJk",
      "kty": "RSA",
      "q": "_rWgqi1Jbge1Byn7Za202uzM-WjijMqdpO7bnZJM0m8sbCCCZXvUV1Rz1_0TEtnhpd9kZmzatHHBp2Bopb1svahqBP3lRODDWKR0YxVqfgtZty16S5J-r3U_GK1x73m7aDVp8EMuZq9Wkz9Kf1SjnFOw20vQ1SPPg0UniNHxGLs",
      "d": "022WKP1lmlduTVK5hPrFnLuvpz-Pt9Tl-_pDaWDCsPq5y3dyNYcDelJ_2kR7iiIaaCWj1GRoCBoH3DzC04BRc8yeFuTlq3SYPNrPYRZ_Q5y_xFPkEu-WXTnYz4i6Zu0Dt2TJOAZ8lrDK6fGbW6W_ZeizqlfMeNsNRugigQlK69nHzuvSNEboKhISBtIjto2oqEjeObr7lfPtwgxylZ8pztjt7z3vO-92wJ_ijX3mrDzqkfJaR2wsuwOqcjSF6j4Xv45unzoqDl55HGAToajZQxr6uQGpUz559GzaZz04SE-fku295ZipFaj39FthJ-gRQuHdmqxq4by1CX1vAaI7AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
      "qi": "SI9mDYpDSVcppuK34pZ8fO3NfL5N8YJXes6QOBV8b8RMsFy3Yd_niHKG17MQTDpVfeSs6Te5e_4Ieh1rTQbEvf2_muls5tMLdgOOVz-yq19rndlYMgaHtdK1lmGuRHjXqI0u3mHAtw1whKivjScTAYiOJxx7H4uD-Igc39rg2rA",
      "dp": "LBjexI-fuuomPIL9ubjg9lzwQsde1oTy1idVl2BR4MZycqg5czrUc9Gj3hDHBsshvQumzwLkBjBLG7mqklVgGvDEPtqgVI9Ov98rpbxvNRxXk1eKAPq9DUPNk_hpv80fugnQqLLzSbjHlkttj-cuTwIUAlsE16bVB98Of5qIlyk",
      "alg": "PS256",
      "dq": "NEEEvgTebKFOJTMarShu0v8DqiM3XxTuNHkAOxpZgk5meaRNvA4kaOodffEgaZyja0kiKtUoJR61UOY5cc8jsOENJwsDbxcBXH0Yl388QrGHbUn6LejW7p4KHMDwf-WkaeOTYUQXD9_mzfyNBwRRMHAG92ZdaGyZVN_qFWqkoKM",
      "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
    }
  ]
}
server_encryption_keys
{}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
      "alg": "PS256",
      "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
    }
  ]
}
2022-04-22 08:21:47 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-04-22 08:21:47 SUCCESS
ExtractServerSigningAlg
Successfully extracted algorithm
signing_algorithm
PS256
2022-04-22 08:21:47 SUCCESS
AddTLSClientAuthToServerConfiguration
Added tls_client_auth for token_endpoint_auth_methods_supported
2022-04-22 08:21:47 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2022-04-22 08:21:47 SUCCESS
FAPIAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256",
  "ES256"
]
2022-04-22 08:21:47 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-04-22 08:21:47 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "p": "8ft5av3Ba8B9qsHdVU2smdwAmBiOdKVATsGjwiLhZIQyAqwgZfOaijdAyspUDzjr9kFfw9i1yw_eTel04shim8Q4qpmARZ0VWm7lKUOw5QDkv8hiGS5HdwE9aCc4ZoWH5v8t0WRAfchs3ueKF6MwueTXj6iy6YHu3fEA2aG7fJk",
      "kty": "RSA",
      "q": "_rWgqi1Jbge1Byn7Za202uzM-WjijMqdpO7bnZJM0m8sbCCCZXvUV1Rz1_0TEtnhpd9kZmzatHHBp2Bopb1svahqBP3lRODDWKR0YxVqfgtZty16S5J-r3U_GK1x73m7aDVp8EMuZq9Wkz9Kf1SjnFOw20vQ1SPPg0UniNHxGLs",
      "d": "022WKP1lmlduTVK5hPrFnLuvpz-Pt9Tl-_pDaWDCsPq5y3dyNYcDelJ_2kR7iiIaaCWj1GRoCBoH3DzC04BRc8yeFuTlq3SYPNrPYRZ_Q5y_xFPkEu-WXTnYz4i6Zu0Dt2TJOAZ8lrDK6fGbW6W_ZeizqlfMeNsNRugigQlK69nHzuvSNEboKhISBtIjto2oqEjeObr7lfPtwgxylZ8pztjt7z3vO-92wJ_ijX3mrDzqkfJaR2wsuwOqcjSF6j4Xv45unzoqDl55HGAToajZQxr6uQGpUz559GzaZz04SE-fku295ZipFaj39FthJ-gRQuHdmqxq4by1CX1vAaI7AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
      "qi": "SI9mDYpDSVcppuK34pZ8fO3NfL5N8YJXes6QOBV8b8RMsFy3Yd_niHKG17MQTDpVfeSs6Te5e_4Ieh1rTQbEvf2_muls5tMLdgOOVz-yq19rndlYMgaHtdK1lmGuRHjXqI0u3mHAtw1whKivjScTAYiOJxx7H4uD-Igc39rg2rA",
      "dp": "LBjexI-fuuomPIL9ubjg9lzwQsde1oTy1idVl2BR4MZycqg5czrUc9Gj3hDHBsshvQumzwLkBjBLG7mqklVgGvDEPtqgVI9Ov98rpbxvNRxXk1eKAPq9DUPNk_hpv80fugnQqLLzSbjHlkttj-cuTwIUAlsE16bVB98Of5qIlyk",
      "alg": "PS256",
      "dq": "NEEEvgTebKFOJTMarShu0v8DqiM3XxTuNHkAOxpZgk5meaRNvA4kaOodffEgaZyja0kiKtUoJR61UOY5cc8jsOENJwsDbxcBXH0Yl388QrGHbUn6LejW7p4KHMDwf-WkaeOTYUQXD9_mzfyNBwRRMHAG92ZdaGyZVN_qFWqkoKM",
      "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
    }
  ]
}
2022-04-22 08:21:47 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2022-04-22 08:21:47 SUCCESS
GetStaticClientConfiguration
Found a static client object
certificate
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw
MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+
4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg
BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0
0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8
fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4
Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw
FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/
AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10
GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv
WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp
943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA
3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac
01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9
-----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
redirect_uri
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback
scope
email openid profile
client_id
fapi-client
2022-04-22 08:21:47 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-04-22 08:21:47 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
2022-04-22 08:21:47 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-04-22 08:21:47 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-04-22 08:21:47 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
Verify configuration of second client
2022-04-22 08:21:47 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
fapi-client
scope
email openid profile
redirect_uri
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw
MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+
4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg
BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0
0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8
fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4
Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw
FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/
AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10
GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv
WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp
943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA
3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac
01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9
-----END CERTIFICATE-----
id_token_encrypted_response_alg
RSA-OAEP-256
id_token_encrypted_response_enc
A128GCM
2022-04-22 08:21:47 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-04-22 08:21:47 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
2022-04-22 08:21:47 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-04-22 08:21:47 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-04-22 08:21:47 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
2022-04-22 08:21:47
fapi1-advanced-final-client-test
Setup Done
2022-04-22 08:21:59 INCOMING
fapi1-advanced-final-client-test
Incoming HTTP request to /test/a/local-oidc/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/*+json",
  "user-agent": "Apache-HttpClient/4.5.13 (Java/11.0.7)",
  "accept-encoding": "gzip,deflate",
  "connection": "close"
}
incoming_path
/test/a/local-oidc/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-04-22 08:21:59 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
DHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-04-22 08:21:59 OUTGOING
fapi1-advanced-final-client-test
Response to HTTP request to test instance Hk0V7kbqa4WOGtX
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/local-oidc/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/local-oidc/authorize",
  "token_endpoint": "https://www.certification.openid.net/test-mtls/a/local-oidc/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/local-oidc/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/local-oidc/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/local-oidc/userinfo",
  "token_endpoint_auth_methods_supported": [
    "tls_client_auth"
  ],
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256",
    "ES256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-04-22 08:21:59 INCOMING
fapi1-advanced-final-client-test
Incoming HTTP request to /test/a/local-oidc/jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/*+json",
  "user-agent": "Apache-HttpClient/4.5.13 (Java/11.0.7)",
  "cookie": "JSESSIONID\u003d7728B34E277502C60FDCB8BC73033F46",
  "accept-encoding": "gzip,deflate",
  "connection": "close"
}
incoming_path
/test/a/local-oidc/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-04-22 08:21:59 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
DHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-04-22 08:21:59 OUTGOING
fapi1-advanced-final-client-test
Response to HTTP request to test instance Hk0V7kbqa4WOGtX
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
      "alg": "PS256",
      "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
    }
  ]
}
outgoing_path
jwks
2022-04-22 08:21:59 INCOMING
fapi1-advanced-final-client-test
Incoming HTTP request to /test/a/local-oidc/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"100\", \"Google Chrome\";v\u003d\"100\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "JSESSIONID\u003d46593A08E4C3070B53CC09FEAAA32AEB",
  "connection": "close"
}
incoming_path
/test/a/local-oidc/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "client_id": "fapi-client",
  "scope": "email openid profile",
  "response_type": "code id_token",
  "request": "eyJraWQiOiIwZzVxcWpUb05OMFg0VEdwaVlicUVBdDlZOWRiVkZjclJZbm5QQUtvQnRBIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJmYXBpLWNsaWVudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsIm5vbmNlIjoiMDU5ZGIwNzktMTQ1ZS00ZDA2LWJlOWMtNjA5MGRkNzNiZDQxIiwiY2xpZW50X2lkIjoiZmFwaS1jbGllbnQiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0IiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2xvY2FsLW9pZGNcLyIsIm5iZiI6MTY1MDYxNTcxOCwic2NvcGUiOiJlbWFpbCBvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9pcC0xNzItMzEtMjAtNTguYXAtbm9ydGhlYXN0LTEuY29tcHV0ZS5pbnRlcm5hbDo4MDgyXC9jYWxsYmFjayIsInN0YXRlIjoiNzI2M2I3ZjItZThhMS00ZjljLWJkYjAtOTA4YzEwOTUzODhmIiwiZXhwIjoxNjUwNjE2MDE4LCJjb2RlX2NoYWxsZW5nZSI6IjNhSEdoV3JoT2NTSGlPN0RoRGR3d3h0NEQtenZ1VllRWkhzMGUtV0l0eDgifQ.Lz75xwAeaW0UVIoE7y-Pe3hNr9q7XwJVzt5OPRExBe7Zui2M3c-ny9y_sndIhmU0g5u7hrSPWLf5wbEdS9hAttfinEry3L8g58Xlrezpwkv6fbw5ple38B_HKCkfdDPejd-urTC0PjSycQYcYJlOsvnOEJ_g8MRZZ25ehIYwA317knHimUjdPttVu9ktE0g1BtwU7iUk_oKogucAF1s1QxhkkHNZ4FF9Qalzu9d7X5wAwBinXCqVV3rhbRSKdroAByodMuMY_Fv0HJ8Vs-SUwRQIWDOG3klGRxLnvC__bjhY76mN2XBJQsPzpWccoLBXsk15LsL4cI3ET7SsfVJ32A"
}
incoming_body
2022-04-22 08:21:59 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2022-04-22 08:21:59 SUCCESS
ExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJraWQiOiIwZzVxcWpUb05OMFg0VEdwaVlicUVBdDlZOWRiVkZjclJZbm5QQUtvQnRBIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJmYXBpLWNsaWVudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsIm5vbmNlIjoiMDU5ZGIwNzktMTQ1ZS00ZDA2LWJlOWMtNjA5MGRkNzNiZDQxIiwiY2xpZW50X2lkIjoiZmFwaS1jbGllbnQiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0IiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2xvY2FsLW9pZGNcLyIsIm5iZiI6MTY1MDYxNTcxOCwic2NvcGUiOiJlbWFpbCBvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9pcC0xNzItMzEtMjAtNTguYXAtbm9ydGhlYXN0LTEuY29tcHV0ZS5pbnRlcm5hbDo4MDgyXC9jYWxsYmFjayIsInN0YXRlIjoiNzI2M2I3ZjItZThhMS00ZjljLWJkYjAtOTA4YzEwOTUzODhmIiwiZXhwIjoxNjUwNjE2MDE4LCJjb2RlX2NoYWxsZW5nZSI6IjNhSEdoV3JoT2NTSGlPN0RoRGR3d3h0NEQtenZ1VllRWkhzMGUtV0l0eDgifQ.Lz75xwAeaW0UVIoE7y-Pe3hNr9q7XwJVzt5OPRExBe7Zui2M3c-ny9y_sndIhmU0g5u7hrSPWLf5wbEdS9hAttfinEry3L8g58Xlrezpwkv6fbw5ple38B_HKCkfdDPejd-urTC0PjSycQYcYJlOsvnOEJ_g8MRZZ25ehIYwA317knHimUjdPttVu9ktE0g1BtwU7iUk_oKogucAF1s1QxhkkHNZ4FF9Qalzu9d7X5wAwBinXCqVV3rhbRSKdroAByodMuMY_Fv0HJ8Vs-SUwRQIWDOG3klGRxLnvC__bjhY76mN2XBJQsPzpWccoLBXsk15LsL4cI3ET7SsfVJ32A",
  "header": {
    "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "iss": "fapi-client",
    "response_type": "code id_token",
    "code_challenge_method": "S256",
    "nonce": "059db079-145e-4d06-be9c-6090dd73bd41",
    "client_id": "fapi-client",
    "response_mode": "form_post",
    "aud": "https://www.certification.openid.net/test/a/local-oidc/",
    "nbf": 1650615718,
    "scope": "email openid profile",
    "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
    "state": "7263b7f2-e8a1-4f9c-bdb0-908c1095388f",
    "exp": 1650616018,
    "code_challenge": "3aHGhWrhOcSHiO7DhDdwwxt4D-zvuVYQZHs0e-WItx8"
  }
}
2022-04-22 08:21:59 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2022-04-22 08:21:59 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "fapi-client",
  "scope": "email openid profile",
  "response_type": "code id_token",
  "request": "eyJraWQiOiIwZzVxcWpUb05OMFg0VEdwaVlicUVBdDlZOWRiVkZjclJZbm5QQUtvQnRBIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJmYXBpLWNsaWVudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsIm5vbmNlIjoiMDU5ZGIwNzktMTQ1ZS00ZDA2LWJlOWMtNjA5MGRkNzNiZDQxIiwiY2xpZW50X2lkIjoiZmFwaS1jbGllbnQiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0IiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2xvY2FsLW9pZGNcLyIsIm5iZiI6MTY1MDYxNTcxOCwic2NvcGUiOiJlbWFpbCBvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9pcC0xNzItMzEtMjAtNTguYXAtbm9ydGhlYXN0LTEuY29tcHV0ZS5pbnRlcm5hbDo4MDgyXC9jYWxsYmFjayIsInN0YXRlIjoiNzI2M2I3ZjItZThhMS00ZjljLWJkYjAtOTA4YzEwOTUzODhmIiwiZXhwIjoxNjUwNjE2MDE4LCJjb2RlX2NoYWxsZW5nZSI6IjNhSEdoV3JoT2NTSGlPN0RoRGR3d3h0NEQtenZ1VllRWkhzMGUtV0l0eDgifQ.Lz75xwAeaW0UVIoE7y-Pe3hNr9q7XwJVzt5OPRExBe7Zui2M3c-ny9y_sndIhmU0g5u7hrSPWLf5wbEdS9hAttfinEry3L8g58Xlrezpwkv6fbw5ple38B_HKCkfdDPejd-urTC0PjSycQYcYJlOsvnOEJ_g8MRZZ25ehIYwA317knHimUjdPttVu9ktE0g1BtwU7iUk_oKogucAF1s1QxhkkHNZ4FF9Qalzu9d7X5wAwBinXCqVV3rhbRSKdroAByodMuMY_Fv0HJ8Vs-SUwRQIWDOG3klGRxLnvC__bjhY76mN2XBJQsPzpWccoLBXsk15LsL4cI3ET7SsfVJ32A",
  "iss": "fapi-client",
  "code_challenge_method": "S256",
  "nonce": "059db079-145e-4d06-be9c-6090dd73bd41",
  "response_mode": "form_post",
  "aud": "https://www.certification.openid.net/test/a/local-oidc/",
  "nbf": 1650615718,
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
  "state": "7263b7f2-e8a1-4f9c-bdb0-908c1095388f",
  "exp": 1650616018,
  "code_challenge": "3aHGhWrhOcSHiO7DhDdwwxt4D-zvuVYQZHs0e-WItx8"
}
2022-04-22 08:21:59 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2022-04-22 08:21:59 INFO
FAPIValidateRequestObjectIdTokenACRClaims
The acr claim is missing or is not a JsonObject
acrClaim
2022-04-22 08:21:59 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Apr 22, 2022, 8:26:58 AM"
2022-04-22 08:21:59 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Apr 22, 2022, 8:21:58 AM"
now
"Apr 22, 2022, 8:21:59 AM"
2022-04-22 08:21:59 INFO
ValidateRequestObjectClaims
Missing issuance time
2022-04-22 08:21:59
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2022-04-22 08:21:59 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2022-04-22 08:21:59 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2022-04-22 08:21:59 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2022-04-22 08:21:59 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2022-04-22 08:21:59 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJraWQiOiIwZzVxcWpUb05OMFg0VEdwaVlicUVBdDlZOWRiVkZjclJZbm5QQUtvQnRBIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJmYXBpLWNsaWVudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsIm5vbmNlIjoiMDU5ZGIwNzktMTQ1ZS00ZDA2LWJlOWMtNjA5MGRkNzNiZDQxIiwiY2xpZW50X2lkIjoiZmFwaS1jbGllbnQiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0IiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2xvY2FsLW9pZGNcLyIsIm5iZiI6MTY1MDYxNTcxOCwic2NvcGUiOiJlbWFpbCBvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9pcC0xNzItMzEtMjAtNTguYXAtbm9ydGhlYXN0LTEuY29tcHV0ZS5pbnRlcm5hbDo4MDgyXC9jYWxsYmFjayIsInN0YXRlIjoiNzI2M2I3ZjItZThhMS00ZjljLWJkYjAtOTA4YzEwOTUzODhmIiwiZXhwIjoxNjUwNjE2MDE4LCJjb2RlX2NoYWxsZW5nZSI6IjNhSEdoV3JoT2NTSGlPN0RoRGR3d3h0NEQtenZ1VllRWkhzMGUtV0l0eDgifQ.Lz75xwAeaW0UVIoE7y-Pe3hNr9q7XwJVzt5OPRExBe7Zui2M3c-ny9y_sndIhmU0g5u7hrSPWLf5wbEdS9hAttfinEry3L8g58Xlrezpwkv6fbw5ple38B_HKCkfdDPejd-urTC0PjSycQYcYJlOsvnOEJ_g8MRZZ25ehIYwA317knHimUjdPttVu9ktE0g1BtwU7iUk_oKogucAF1s1QxhkkHNZ4FF9Qalzu9d7X5wAwBinXCqVV3rhbRSKdroAByodMuMY_Fv0HJ8Vs-SUwRQIWDOG3klGRxLnvC__bjhY76mN2XBJQsPzpWccoLBXsk15LsL4cI3ET7SsfVJ32A
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 20086458179952591616896125118337458363377501279788835204287610550027464943813712271644932006584933312464506703073285982623323032537100647592449193484130320211298383362391308960770957232499213709561703316590736002203515542644785960863281456603549770430987646899771696951308448798344244595315816210399707251291401217145182781821858469987501459180808887210150090366152318398049511055764243470855585112715346454598517868493041665163997404026949137627283967748387700881601135614321057236216014232453748211452863337654607779276304452825064093543921547995258617015336064294102586940260523785102809756957292168934220299548299
  public exponent: 65537
2022-04-22 08:21:59 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback
2022-04-22 08:21:59 SUCCESS
EnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code id_token
client_id
fapi-client
2022-04-22 08:21:59 SUCCESS
EnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2022-04-22 08:21:59 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "email",
  "openid",
  "profile"
]
expected
openid
2022-04-22 08:21:59 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
email openid profile
2022-04-22 08:21:59 SUCCESS
EnsureRequestedScopeIsEqualToConfiguredScope
Requested scopes match configured scopes
scope
email openid profile
2022-04-22 08:21:59 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2022-04-22 08:21:59 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "email",
  "openid",
  "profile"
]
expected
openid
2022-04-22 08:21:59 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
fapi-client
2022-04-22 08:21:59 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
xuvIT0NnleYMjsBrPwgHpKODPczRB2R4
2022-04-22 08:21:59 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
059db079-145e-4d06-be9c-6090dd73bd41
2022-04-22 08:21:59 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
3rHgLcFMWGf2rR4F6Cd6qw
2022-04-22 08:21:59 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
3pseRLFbJaWVoxuyKuxk5w
2022-04-22 08:21:59 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/local-oidc/
sub
user-subject-1234531
aud
fapi-client
nonce
059db079-145e-4d06-be9c-6090dd73bd41
iat
1650615719
exp
1650616019
2022-04-22 08:21:59 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
3rHgLcFMWGf2rR4F6Cd6qw
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/local-oidc/",
  "sub": "user-subject-1234531",
  "aud": "fapi-client",
  "nonce": "059db079-145e-4d06-be9c-6090dd73bd41",
  "iat": 1650615719,
  "exp": 1650616019,
  "c_hash": "3rHgLcFMWGf2rR4F6Cd6qw"
}
2022-04-22 08:21:59 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
3pseRLFbJaWVoxuyKuxk5w
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/local-oidc/",
  "sub": "user-subject-1234531",
  "aud": "fapi-client",
  "nonce": "059db079-145e-4d06-be9c-6090dd73bd41",
  "iat": 1650615719,
  "exp": 1650616019,
  "c_hash": "3rHgLcFMWGf2rR4F6Cd6qw",
  "s_hash": "3pseRLFbJaWVoxuyKuxk5w"
}
2022-04-22 08:21:59 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2022-04-22 08:21:59 INFO
AddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2022-04-22 08:21:59 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZhcGktY2xpZW50IiwiY19oYXNoIjoiM3JIZ0xjRk1XR2YyclI0RjZDZDZxdyIsInNfaGFzaCI6IjNwc2VSTEZiSmFXVm94dXlLdXhrNXciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE2MDE5LCJub25jZSI6IjA1OWRiMDc5LTE0NWUtNGQwNi1iZTljLTYwOTBkZDczYmQ0MSIsImlhdCI6MTY1MDYxNTcxOX0.4lgcAPBotWApwVO53Y0x1s8cSCSd8bjWsCXMJoLA7YL1AaEhwdlMYzVK5K0uKqoNV7ptY3zzopoeMatTluvJZTWDNVGAwQBFaJxcrcDX5ELuw2GdVkxV12S34V12dJM2LamyY01oH3JPa9zcB6Jp0y1kglpxK7sv1FgIFB_29C6T-C0xE_6m7qCa299F9D0VNPxyo9KUs6F8PQgA0Xd9kOcVxgDF-U8QfMPkOZCA7qcVYyb-SCkGI7VtqcKB7hdtNhrtPwH5E7hWhvZkKr7cPXswHkJJDXZN4smAzAyUCBcrs1WGpI1qbqwGDNy7d-oHuiZBrHHnnJaQTanOI3x__w
2022-04-22 08:21:59 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
  "state": "7263b7f2-e8a1-4f9c-bdb0-908c1095388f"
}
2022-04-22 08:21:59 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
  "state": "7263b7f2-e8a1-4f9c-bdb0-908c1095388f",
  "code": "xuvIT0NnleYMjsBrPwgHpKODPczRB2R4"
}
2022-04-22 08:21:59 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
  "state": "7263b7f2-e8a1-4f9c-bdb0-908c1095388f",
  "code": "xuvIT0NnleYMjsBrPwgHpKODPczRB2R4",
  "id_token": "eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZhcGktY2xpZW50IiwiY19oYXNoIjoiM3JIZ0xjRk1XR2YyclI0RjZDZDZxdyIsInNfaGFzaCI6IjNwc2VSTEZiSmFXVm94dXlLdXhrNXciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE2MDE5LCJub25jZSI6IjA1OWRiMDc5LTE0NWUtNGQwNi1iZTljLTYwOTBkZDczYmQ0MSIsImlhdCI6MTY1MDYxNTcxOX0.4lgcAPBotWApwVO53Y0x1s8cSCSd8bjWsCXMJoLA7YL1AaEhwdlMYzVK5K0uKqoNV7ptY3zzopoeMatTluvJZTWDNVGAwQBFaJxcrcDX5ELuw2GdVkxV12S34V12dJM2LamyY01oH3JPa9zcB6Jp0y1kglpxK7sv1FgIFB_29C6T-C0xE_6m7qCa299F9D0VNPxyo9KUs6F8PQgA0Xd9kOcVxgDF-U8QfMPkOZCA7qcVYyb-SCkGI7VtqcKB7hdtNhrtPwH5E7hWhvZkKr7cPXswHkJJDXZN4smAzAyUCBcrs1WGpI1qbqwGDNy7d-oHuiZBrHHnnJaQTanOI3x__w"
}
2022-04-22 08:21:59
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback#state=7263b7f2-e8a1-4f9c-bdb0-908c1095388f&code=xuvIT0NnleYMjsBrPwgHpKODPczRB2R4&id_token=eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZhcGktY2xpZW50IiwiY19oYXNoIjoiM3JIZ0xjRk1XR2YyclI0RjZDZDZxdyIsInNfaGFzaCI6IjNwc2VSTEZiSmFXVm94dXlLdXhrNXciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE2MDE5LCJub25jZSI6IjA1OWRiMDc5LTE0NWUtNGQwNi1iZTljLTYwOTBkZDczYmQ0MSIsImlhdCI6MTY1MDYxNTcxOX0.4lgcAPBotWApwVO53Y0x1s8cSCSd8bjWsCXMJoLA7YL1AaEhwdlMYzVK5K0uKqoNV7ptY3zzopoeMatTluvJZTWDNVGAwQBFaJxcrcDX5ELuw2GdVkxV12S34V12dJM2LamyY01oH3JPa9zcB6Jp0y1kglpxK7sv1FgIFB_29C6T-C0xE_6m7qCa299F9D0VNPxyo9KUs6F8PQgA0Xd9kOcVxgDF-U8QfMPkOZCA7qcVYyb-SCkGI7VtqcKB7hdtNhrtPwH5E7hWhvZkKr7cPXswHkJJDXZN4smAzAyUCBcrs1WGpI1qbqwGDNy7d-oHuiZBrHHnnJaQTanOI3x__w
2022-04-22 08:21:59 OUTGOING
fapi1-advanced-final-client-test
Response to HTTP request to test instance Hk0V7kbqa4WOGtX
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback#state=7263b7f2-e8a1-4f9c-bdb0-908c1095388f&code=xuvIT0NnleYMjsBrPwgHpKODPczRB2R4&id_token=eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZhcGktY2xpZW50IiwiY19oYXNoIjoiM3JIZ0xjRk1XR2YyclI0RjZDZDZxdyIsInNfaGFzaCI6IjNwc2VSTEZiSmFXVm94dXlLdXhrNXciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE2MDE5LCJub25jZSI6IjA1OWRiMDc5LTE0NWUtNGQwNi1iZTljLTYwOTBkZDczYmQ0MSIsImlhdCI6MTY1MDYxNTcxOX0.4lgcAPBotWApwVO53Y0x1s8cSCSd8bjWsCXMJoLA7YL1AaEhwdlMYzVK5K0uKqoNV7ptY3zzopoeMatTluvJZTWDNVGAwQBFaJxcrcDX5ELuw2GdVkxV12S34V12dJM2LamyY01oH3JPa9zcB6Jp0y1kglpxK7sv1FgIFB_29C6T-C0xE_6m7qCa299F9D0VNPxyo9KUs6F8PQgA0Xd9kOcVxgDF-U8QfMPkOZCA7qcVYyb-SCkGI7VtqcKB7hdtNhrtPwH5E7hWhvZkKr7cPXswHkJJDXZN4smAzAyUCBcrs1WGpI1qbqwGDNy7d-oHuiZBrHHnnJaQTanOI3x__w]
outgoing_path
authorize
2022-04-22 08:22:00 INCOMING
fapi1-advanced-final-client-test
Incoming HTTP request to /test-mtls/a/local-oidc/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/*+json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "user-agent": "Apache-HttpClient/4.5.13 (Java/11.0.7)",
  "cookie": "JSESSIONID\u003d7728B34E277502C60FDCB8BC73033F46",
  "accept-encoding": "gzip,deflate",
  "connection": "close",
  "content-length": "240"
}
incoming_path
/test-mtls/a/local-oidc/token
incoming_body_form_params
{
  "code": "xuvIT0NnleYMjsBrPwgHpKODPczRB2R4",
  "client_id": "fapi-client",
  "grant_type": "authorization_code",
  "code_verifier": "qI3U8Wh5w5DYwfif4e6BtWTUKZYc2KnLERQAJNQY3xs",
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+ 4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0 0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8 fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4 Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/ AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10 GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp 943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA 3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac 01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9 -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
code=xuvIT0NnleYMjsBrPwgHpKODPczRB2R4&client_id=fapi-client&grant_type=authorization_code&code_verifier=qI3U8Wh5w5DYwfif4e6BtWTUKZYc2KnLERQAJNQY3xs&redirect_uri=https%3A%2F%2Fip-172-31-20-58.ap-northeast-1.compute.internal%3A8082%2Fcallback
2022-04-22 08:22:00 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
DHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-04-22 08:22:00 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
fapi-client
2022-04-22 08:22:00 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+ 4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0 0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8 fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4 Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/ AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10 GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp 943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA 3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac 01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9 -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL\nBQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw\nMTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\nAAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+\n4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg\nBGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0\n0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8\nfXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4\nHba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T\nAQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw\nFoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/\nAAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10\nGwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv\nWVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp\n943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA\n3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac\n01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "CN\u003dfapi-client"
  },
  "sanDnsNames": [
    "localhost"
  ],
  "sanUris": [],
  "sanIPs": [
    "127.0.0.1"
  ],
  "sanEmails": []
}
2022-04-22 08:22:00 SUCCESS
CheckForClientCertificate
Found client certificate
2022-04-22 08:22:00 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw
MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+
4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg
BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0
0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8
fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4
Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw
FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/
AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10
GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv
WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp
943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA
3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac
01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9
-----END CERTIFICATE-----
2022-04-22 08:22:00 SUCCESS
EnsureClientIdIsPresentOnTokenRequest
Parameter client_id found on the request
2022-04-22 08:22:00 SUCCESS
EnsureNoClientAssertionSentToTokenEndpoint
Client did not send a client_assertion to token endpoint
2022-04-22 08:22:00 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
xuvIT0NnleYMjsBrPwgHpKODPczRB2R4
2022-04-22 08:22:00 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback
2022-04-22 08:22:00 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
7N1wsvz2QRT1IOHGihKg9TRITJbHK4I5vDSuuwv5EjYicTJ2BV
2022-04-22 08:22:00 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
lJOeLLQhKn9wSjFwZLi8PQ
2022-04-22 08:22:00
CreateRefreshToken
Created refresh token
refresh_token
leUCRuJtzVFCRpCdLVDWHyQWxoRYLtTJdWKuaLoJTGbNglmcCW8953963485]_*%~
2022-04-22 08:22:00 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/local-oidc/
sub
user-subject-1234531
aud
fapi-client
nonce
059db079-145e-4d06-be9c-6090dd73bd41
iat
1650615720
exp
1650616020
2022-04-22 08:22:00 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
lJOeLLQhKn9wSjFwZLi8PQ
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/local-oidc/",
  "sub": "user-subject-1234531",
  "aud": "fapi-client",
  "nonce": "059db079-145e-4d06-be9c-6090dd73bd41",
  "iat": 1650615720,
  "exp": 1650616020,
  "at_hash": "lJOeLLQhKn9wSjFwZLi8PQ"
}
2022-04-22 08:22:00 INFO
AddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2022-04-22 08:22:00 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoibEpPZUxMUWhLbjl3U2pGd1pMaThQUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiZmFwaS1jbGllbnQiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE2MDIwLCJub25jZSI6IjA1OWRiMDc5LTE0NWUtNGQwNi1iZTljLTYwOTBkZDczYmQ0MSIsImlhdCI6MTY1MDYxNTcyMH0.wuiDQAL3f5HmJ7jolmFuPCtffIinhdOHRSdRwTJGAkZ0xi5cyzsCMYSngqtXSbrOTizasVdnT_YBkTtX7gKaHinwK5bMyC6MmaXGEQ2syebpDYYAznA2EMHpkNqMnyyxO50CykJTPCkGmUo_Kv5jMfOcCMxQYwgp04b-o7nmaOG50xtSkP3SW_QeWYfVlRqacL2dPXlANYtfSNyp_0aztYPLJI6US-zxqnv2k484EnhvVqp_mOUinjbzJJBLQwuVQA13tQiWOrO5tp5Fxf9PaiiGMpXZ-6o_hJNMCnv3QUGhmVGaTXmdVqRz8EY14SrNg3sewQG3MflU0qAIencnoA
2022-04-22 08:22:00 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
7N1wsvz2QRT1IOHGihKg9TRITJbHK4I5vDSuuwv5EjYicTJ2BV
token_type
Bearer
id_token
eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoibEpPZUxMUWhLbjl3U2pGd1pMaThQUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiZmFwaS1jbGllbnQiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE2MDIwLCJub25jZSI6IjA1OWRiMDc5LTE0NWUtNGQwNi1iZTljLTYwOTBkZDczYmQ0MSIsImlhdCI6MTY1MDYxNTcyMH0.wuiDQAL3f5HmJ7jolmFuPCtffIinhdOHRSdRwTJGAkZ0xi5cyzsCMYSngqtXSbrOTizasVdnT_YBkTtX7gKaHinwK5bMyC6MmaXGEQ2syebpDYYAznA2EMHpkNqMnyyxO50CykJTPCkGmUo_Kv5jMfOcCMxQYwgp04b-o7nmaOG50xtSkP3SW_QeWYfVlRqacL2dPXlANYtfSNyp_0aztYPLJI6US-zxqnv2k484EnhvVqp_mOUinjbzJJBLQwuVQA13tQiWOrO5tp5Fxf9PaiiGMpXZ-6o_hJNMCnv3QUGhmVGaTXmdVqRz8EY14SrNg3sewQG3MflU0qAIencnoA
refresh_token
leUCRuJtzVFCRpCdLVDWHyQWxoRYLtTJdWKuaLoJTGbNglmcCW8953963485]_*%~
scope
email openid profile
2022-04-22 08:22:00 OUTGOING
fapi1-advanced-final-client-test
Response to HTTP request to test instance Hk0V7kbqa4WOGtX
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "7N1wsvz2QRT1IOHGihKg9TRITJbHK4I5vDSuuwv5EjYicTJ2BV",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoibEpPZUxMUWhLbjl3U2pGd1pMaThQUSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiZmFwaS1jbGllbnQiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE2MDIwLCJub25jZSI6IjA1OWRiMDc5LTE0NWUtNGQwNi1iZTljLTYwOTBkZDczYmQ0MSIsImlhdCI6MTY1MDYxNTcyMH0.wuiDQAL3f5HmJ7jolmFuPCtffIinhdOHRSdRwTJGAkZ0xi5cyzsCMYSngqtXSbrOTizasVdnT_YBkTtX7gKaHinwK5bMyC6MmaXGEQ2syebpDYYAznA2EMHpkNqMnyyxO50CykJTPCkGmUo_Kv5jMfOcCMxQYwgp04b-o7nmaOG50xtSkP3SW_QeWYfVlRqacL2dPXlANYtfSNyp_0aztYPLJI6US-zxqnv2k484EnhvVqp_mOUinjbzJJBLQwuVQA13tQiWOrO5tp5Fxf9PaiiGMpXZ-6o_hJNMCnv3QUGhmVGaTXmdVqRz8EY14SrNg3sewQG3MflU0qAIencnoA",
  "refresh_token": "leUCRuJtzVFCRpCdLVDWHyQWxoRYLtTJdWKuaLoJTGbNglmcCW8953963485]_*%~",
  "scope": "email openid profile"
}
outgoing_path
token
2022-04-22 08:22:06 INCOMING
fapi1-advanced-final-client-test
Incoming HTTP request to /test-mtls/a/local-oidc/open-banking/v1.1/accounts/
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "text/plain, application/json, application/*+json, */*",
  "authorization": "Bearer 7N1wsvz2QRT1IOHGihKg9TRITJbHK4I5vDSuuwv5EjYicTJ2BV",
  "user-agent": "Apache-HttpClient/4.5.13 (Java/11.0.7)",
  "cookie": "JSESSIONID\u003d7728B34E277502C60FDCB8BC73033F46",
  "accept-encoding": "gzip,deflate",
  "connection": "close"
}
incoming_path
/test-mtls/a/local-oidc/open-banking/v1.1/accounts/
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+ 4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0 0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8 fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4 Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/ AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10 GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp 943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA 3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac 01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9 -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-04-22 08:22:06 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
DHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Accounts endpoint
2022-04-22 08:22:06 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+ 4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0 0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8 fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4 Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/ AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10 GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp 943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA 3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac 01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9 -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL\nBQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw\nMTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\nAAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+\n4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg\nBGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0\n0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8\nfXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4\nHba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T\nAQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw\nFoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/\nAAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10\nGwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv\nWVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp\n943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA\n3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac\n01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "CN\u003dfapi-client"
  },
  "sanDnsNames": [
    "localhost"
  ],
  "sanUris": [],
  "sanIPs": [
    "127.0.0.1"
  ],
  "sanEmails": []
}
2022-04-22 08:22:06 SUCCESS
CheckForClientCertificate
Found client certificate
2022-04-22 08:22:06 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw
MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+
4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg
BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0
0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8
fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4
Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw
FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/
AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10
GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv
WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp
943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA
3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac
01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9
-----END CERTIFICATE-----
2022-04-22 08:22:06 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2022-04-22 08:22:06 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
7N1wsvz2QRT1IOHGihKg9TRITJbHK4I5vDSuuwv5EjYicTJ2BV
2022-04-22 08:22:06 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
7N1wsvz2QRT1IOHGihKg9TRITJbHK4I5vDSuuwv5EjYicTJ2BV
2022-04-22 08:22:06 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2022-04-22 08:22:06 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2022-04-22 08:22:06 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2022-04-22 08:22:06 SUCCESS
CreateFapiInteractionIdIfNeeded
Created new FAPI interaction ID
fapi_interaction_id
8610ff5a-72de-40fe-bc3b-2194244a42e0
2022-04-22 08:22:06 SUCCESS
CreateFAPIAccountEndpointResponse
Created account response object
accounts_endpoint_response
{
  "conformance-test-finished": "true"
}
accounts_endpoint_response_headers
{
  "x-fapi-interaction-id": "8610ff5a-72de-40fe-bc3b-2194244a42e0",
  "content-type": "application/json; charset\u003dUTF-8"
}
2022-04-22 08:22:06
ClearAccessTokenFromRequest
Condition ran but did not log anything
2022-04-22 08:22:06 OUTGOING
fapi1-advanced-final-client-test
Response to HTTP request to test instance Hk0V7kbqa4WOGtX
outgoing_status_code
200
outgoing_headers
{
  "x-fapi-interaction-id": [
    "8610ff5a-72de-40fe-bc3b-2194244a42e0"
  ],
  "content-type": [
    "application/json; charset\u003dUTF-8"
  ]
}
outgoing_body
{
  "conformance-test-finished": "true"
}
outgoing_path
open-banking/v1.1/accounts
2022-04-22 08:22:06 FINISHED
fapi1-advanced-final-client-test
Test has run to completion
testmodule_result
PASSED
2022-04-22 08:24:10
TEST-RUNNER
Alias has now been claimed by another test
alias
local-oidc
new_test_id
EIF3jv0WtXQqjon
Test Results