Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-04-22 08:43:05 INFO
TEST-RUNNER
Test instance 2SOs83YkU62OWzG created
baseUrl
https://www.certification.openid.net/test/a/local-oidc
variant
{
  "client_auth_type": "mtls",
  "fapi_auth_request_method": "by_value",
  "fapi_jarm_type": "oidc",
  "fapi_profile": "plain_fapi",
  "fapi_response_mode": "plain_response"
}
alias
local-oidc
description
oidc-provider OIDC
planId
eXbBCD7xNsAIe
config
{
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "8ft5av3Ba8B9qsHdVU2smdwAmBiOdKVATsGjwiLhZIQyAqwgZfOaijdAyspUDzjr9kFfw9i1yw_eTel04shim8Q4qpmARZ0VWm7lKUOw5QDkv8hiGS5HdwE9aCc4ZoWH5v8t0WRAfchs3ueKF6MwueTXj6iy6YHu3fEA2aG7fJk",
          "kty": "RSA",
          "q": "_rWgqi1Jbge1Byn7Za202uzM-WjijMqdpO7bnZJM0m8sbCCCZXvUV1Rz1_0TEtnhpd9kZmzatHHBp2Bopb1svahqBP3lRODDWKR0YxVqfgtZty16S5J-r3U_GK1x73m7aDVp8EMuZq9Wkz9Kf1SjnFOw20vQ1SPPg0UniNHxGLs",
          "d": "022WKP1lmlduTVK5hPrFnLuvpz-Pt9Tl-_pDaWDCsPq5y3dyNYcDelJ_2kR7iiIaaCWj1GRoCBoH3DzC04BRc8yeFuTlq3SYPNrPYRZ_Q5y_xFPkEu-WXTnYz4i6Zu0Dt2TJOAZ8lrDK6fGbW6W_ZeizqlfMeNsNRugigQlK69nHzuvSNEboKhISBtIjto2oqEjeObr7lfPtwgxylZ8pztjt7z3vO-92wJ_ijX3mrDzqkfJaR2wsuwOqcjSF6j4Xv45unzoqDl55HGAToajZQxr6uQGpUz559GzaZz04SE-fku295ZipFaj39FthJ-gRQuHdmqxq4by1CX1vAaI7AQ",
          "e": "AQAB",
          "use": "sig",
          "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
          "qi": "SI9mDYpDSVcppuK34pZ8fO3NfL5N8YJXes6QOBV8b8RMsFy3Yd_niHKG17MQTDpVfeSs6Te5e_4Ieh1rTQbEvf2_muls5tMLdgOOVz-yq19rndlYMgaHtdK1lmGuRHjXqI0u3mHAtw1whKivjScTAYiOJxx7H4uD-Igc39rg2rA",
          "dp": "LBjexI-fuuomPIL9ubjg9lzwQsde1oTy1idVl2BR4MZycqg5czrUc9Gj3hDHBsshvQumzwLkBjBLG7mqklVgGvDEPtqgVI9Ov98rpbxvNRxXk1eKAPq9DUPNk_hpv80fugnQqLLzSbjHlkttj-cuTwIUAlsE16bVB98Of5qIlyk",
          "alg": "PS256",
          "dq": "NEEEvgTebKFOJTMarShu0v8DqiM3XxTuNHkAOxpZgk5meaRNvA4kaOodffEgaZyja0kiKtUoJR61UOY5cc8jsOENJwsDbxcBXH0Yl388QrGHbUn6LejW7p4KHMDwf-WkaeOTYUQXD9_mzfyNBwRRMHAG92ZdaGyZVN_qFWqkoKM",
          "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
        }
      ]
    }
  },
  "client": {
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL\nBQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw\nMTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\nAAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+\n4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg\nBGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0\n0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8\nfXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4\nHba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T\nAQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw\nFoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/\nAAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10\nGwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv\nWVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp\n943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA\n3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac\n01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9\n-----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "e": "AQAB",
          "use": "sig",
          "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
          "alg": "PS256",
          "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
        },
        {
          "kty": "RSA",
          "e": "AQAB",
          "use": "enc",
          "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
          "alg": "RSA-OAEP-256",
          "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
        }
      ]
    },
    "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
    "scope": "email openid profile",
    "client_id": "fapi-client"
  },
  "alias": "local-oidc",
  "client2": {
    "client_id": "fapi-client",
    "scope": "email openid profile",
    "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "e": "AQAB",
          "use": "sig",
          "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
          "alg": "PS256",
          "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
        },
        {
          "kty": "RSA",
          "e": "AQAB",
          "use": "enc",
          "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
          "alg": "RSA-OAEP-256",
          "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL\nBQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw\nMTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\nAAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+\n4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg\nBGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0\n0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8\nfXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4\nHba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T\nAQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw\nFoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/\nAAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10\nGwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv\nWVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp\n943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA\n3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac\n01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9\n-----END CERTIFICATE-----",
    "id_token_encrypted_response_alg": "RSA-OAEP-256",
    "id_token_encrypted_response_enc": "A128GCM"
  },
  "description": "oidc-provider OIDC"
}
testName
fapi1-advanced-final-client-test-valid-aud-as-array
2022-04-22 08:43:06 SUCCESS
GenerateServerConfigurationMTLS
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/local-oidc/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/local-oidc/authorize",
  "token_endpoint": "https://www.certification.openid.net/test-mtls/a/local-oidc/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/local-oidc/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/local-oidc/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/local-oidc/userinfo"
}
issuer
https://www.certification.openid.net/test/a/local-oidc/
discoveryUrl
https://www.certification.openid.net/test/a/local-oidc/.well-known/openid-configuration
2022-04-22 08:43:06 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "p": "8ft5av3Ba8B9qsHdVU2smdwAmBiOdKVATsGjwiLhZIQyAqwgZfOaijdAyspUDzjr9kFfw9i1yw_eTel04shim8Q4qpmARZ0VWm7lKUOw5QDkv8hiGS5HdwE9aCc4ZoWH5v8t0WRAfchs3ueKF6MwueTXj6iy6YHu3fEA2aG7fJk",
      "kty": "RSA",
      "q": "_rWgqi1Jbge1Byn7Za202uzM-WjijMqdpO7bnZJM0m8sbCCCZXvUV1Rz1_0TEtnhpd9kZmzatHHBp2Bopb1svahqBP3lRODDWKR0YxVqfgtZty16S5J-r3U_GK1x73m7aDVp8EMuZq9Wkz9Kf1SjnFOw20vQ1SPPg0UniNHxGLs",
      "d": "022WKP1lmlduTVK5hPrFnLuvpz-Pt9Tl-_pDaWDCsPq5y3dyNYcDelJ_2kR7iiIaaCWj1GRoCBoH3DzC04BRc8yeFuTlq3SYPNrPYRZ_Q5y_xFPkEu-WXTnYz4i6Zu0Dt2TJOAZ8lrDK6fGbW6W_ZeizqlfMeNsNRugigQlK69nHzuvSNEboKhISBtIjto2oqEjeObr7lfPtwgxylZ8pztjt7z3vO-92wJ_ijX3mrDzqkfJaR2wsuwOqcjSF6j4Xv45unzoqDl55HGAToajZQxr6uQGpUz559GzaZz04SE-fku295ZipFaj39FthJ-gRQuHdmqxq4by1CX1vAaI7AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
      "qi": "SI9mDYpDSVcppuK34pZ8fO3NfL5N8YJXes6QOBV8b8RMsFy3Yd_niHKG17MQTDpVfeSs6Te5e_4Ieh1rTQbEvf2_muls5tMLdgOOVz-yq19rndlYMgaHtdK1lmGuRHjXqI0u3mHAtw1whKivjScTAYiOJxx7H4uD-Igc39rg2rA",
      "dp": "LBjexI-fuuomPIL9ubjg9lzwQsde1oTy1idVl2BR4MZycqg5czrUc9Gj3hDHBsshvQumzwLkBjBLG7mqklVgGvDEPtqgVI9Ov98rpbxvNRxXk1eKAPq9DUPNk_hpv80fugnQqLLzSbjHlkttj-cuTwIUAlsE16bVB98Of5qIlyk",
      "alg": "PS256",
      "dq": "NEEEvgTebKFOJTMarShu0v8DqiM3XxTuNHkAOxpZgk5meaRNvA4kaOodffEgaZyja0kiKtUoJR61UOY5cc8jsOENJwsDbxcBXH0Yl388QrGHbUn6LejW7p4KHMDwf-WkaeOTYUQXD9_mzfyNBwRRMHAG92ZdaGyZVN_qFWqkoKM",
      "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
    }
  ]
}
server_encryption_keys
{}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
      "alg": "PS256",
      "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
    }
  ]
}
2022-04-22 08:43:06 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-04-22 08:43:06 SUCCESS
ExtractServerSigningAlg
Successfully extracted algorithm
signing_algorithm
PS256
2022-04-22 08:43:06 SUCCESS
AddTLSClientAuthToServerConfiguration
Added tls_client_auth for token_endpoint_auth_methods_supported
2022-04-22 08:43:06 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2022-04-22 08:43:06 SUCCESS
FAPIAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256",
  "ES256"
]
2022-04-22 08:43:06 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-04-22 08:43:06 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "p": "8ft5av3Ba8B9qsHdVU2smdwAmBiOdKVATsGjwiLhZIQyAqwgZfOaijdAyspUDzjr9kFfw9i1yw_eTel04shim8Q4qpmARZ0VWm7lKUOw5QDkv8hiGS5HdwE9aCc4ZoWH5v8t0WRAfchs3ueKF6MwueTXj6iy6YHu3fEA2aG7fJk",
      "kty": "RSA",
      "q": "_rWgqi1Jbge1Byn7Za202uzM-WjijMqdpO7bnZJM0m8sbCCCZXvUV1Rz1_0TEtnhpd9kZmzatHHBp2Bopb1svahqBP3lRODDWKR0YxVqfgtZty16S5J-r3U_GK1x73m7aDVp8EMuZq9Wkz9Kf1SjnFOw20vQ1SPPg0UniNHxGLs",
      "d": "022WKP1lmlduTVK5hPrFnLuvpz-Pt9Tl-_pDaWDCsPq5y3dyNYcDelJ_2kR7iiIaaCWj1GRoCBoH3DzC04BRc8yeFuTlq3SYPNrPYRZ_Q5y_xFPkEu-WXTnYz4i6Zu0Dt2TJOAZ8lrDK6fGbW6W_ZeizqlfMeNsNRugigQlK69nHzuvSNEboKhISBtIjto2oqEjeObr7lfPtwgxylZ8pztjt7z3vO-92wJ_ijX3mrDzqkfJaR2wsuwOqcjSF6j4Xv45unzoqDl55HGAToajZQxr6uQGpUz559GzaZz04SE-fku295ZipFaj39FthJ-gRQuHdmqxq4by1CX1vAaI7AQ",
      "e": "AQAB",
      "use": "sig",
      "kid": "P5KAiUWA2RyIgfrsC2hfX9mlREE-b2pkwkRJ2ITUGYk",
      "qi": "SI9mDYpDSVcppuK34pZ8fO3NfL5N8YJXes6QOBV8b8RMsFy3Yd_niHKG17MQTDpVfeSs6Te5e_4Ieh1rTQbEvf2_muls5tMLdgOOVz-yq19rndlYMgaHtdK1lmGuRHjXqI0u3mHAtw1whKivjScTAYiOJxx7H4uD-Igc39rg2rA",
      "dp": "LBjexI-fuuomPIL9ubjg9lzwQsde1oTy1idVl2BR4MZycqg5czrUc9Gj3hDHBsshvQumzwLkBjBLG7mqklVgGvDEPtqgVI9Ov98rpbxvNRxXk1eKAPq9DUPNk_hpv80fugnQqLLzSbjHlkttj-cuTwIUAlsE16bVB98Of5qIlyk",
      "alg": "PS256",
      "dq": "NEEEvgTebKFOJTMarShu0v8DqiM3XxTuNHkAOxpZgk5meaRNvA4kaOodffEgaZyja0kiKtUoJR61UOY5cc8jsOENJwsDbxcBXH0Yl388QrGHbUn6LejW7p4KHMDwf-WkaeOTYUQXD9_mzfyNBwRRMHAG92ZdaGyZVN_qFWqkoKM",
      "n": "8MMxIwgbb15W2VvpVLY-Trhi8J-qjqVj7Vq9VFsCbXLYhyh8Uj4r_UA9sLxFhv_y80K9bdpDhnM5iJi6QRBR73rZOk1GmkWfAExZXy5VYNhfg_daxcyDlHZiHVQ9IkQWFRqxDs1Y4RmzHM78tsVDKmHm4_BNOQp9RMZSmTYSUE8ItwZx1RvqcLQ1Mvbh4TIyDY93LyNh4IcRv_ynhyQbHTqw4cFR64xtwHjwISaZnRpu28nXi0TcxYXvH3F2J72QyNQkKHslnCHA7k-Vm6K6_xip3W7xnwC2Bsdww7CGj1jWgwK6sbX8X6VUiGt-2x4cMckdJoVVziGM3dij7Ktbww"
    }
  ]
}
2022-04-22 08:43:06 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2022-04-22 08:43:06 SUCCESS
GetStaticClientConfiguration
Found a static client object
certificate
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw
MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+
4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg
BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0
0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8
fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4
Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw
FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/
AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10
GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv
WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp
943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA
3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac
01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9
-----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
redirect_uri
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback
scope
email openid profile
client_id
fapi-client
2022-04-22 08:43:06 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-04-22 08:43:06 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
2022-04-22 08:43:06 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-04-22 08:43:06 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-04-22 08:43:06 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
Verify configuration of second client
2022-04-22 08:43:06 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
fapi-client
scope
email openid profile
redirect_uri
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw
MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+
4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg
BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0
0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8
fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4
Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw
FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/
AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10
GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv
WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp
943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA
3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac
01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9
-----END CERTIFICATE-----
id_token_encrypted_response_alg
RSA-OAEP-256
id_token_encrypted_response_enc
A128GCM
2022-04-22 08:43:06 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-04-22 08:43:06 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
2022-04-22 08:43:06 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-04-22 08:43:06 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-04-22 08:43:06 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
      "alg": "PS256",
      "n": "nx2Kvs-zsMfY9WVGfOXfmr56hx9VSHdC9EJ-YuaP46igRwqiFxzKwWk4-GOyjxB7tee8jiMh6cxzb1-pvaEiKlKHg9-zSDaJHDKKb2yqUdQnxRYHLJ2RjcjrkWPz8q_Sqhc76dLAJE2AbEb42iiYP1Fl2nK8_Daye2D_GRwb3WHTWiAWaYJlFErHj7EtiTvTezOdMj-bsK01guSam6auUSnUzifdy0FAxPya8j1XPLXDQfiWrTWd_uJf9cdDEZT7Hy0eiQqt9f_joMafHGDR_iU2UC42lrxyiCoJYCoE3T7QGbhSz-9MrugoCeTDCHDFxvdqToJ6t4B5w9FLhYy2iw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "gU7LspBTnX1KU25kZa8jS3WspQi2Dq1wOggZ41AkrU4",
      "alg": "RSA-OAEP-256",
      "n": "q7kr8G7dAiEtBhsEwooVl2wfnWZY0CgZ3-BrJ5YLFnhUg7BPni-gKbK29R3i_UWbeMAR0L6HPQNo715lcznZW2hrT2WBtWmiLVlo9eqSQu8wrBmHNNuwy8gDtFx7RsYZTguNJeNVl_zt9tC9Tj_fSNSjMHVrO1DUh6uRgo7lcjFdTOmFCh8eYYmrmg_Ta0w_3I2T3YeE48poNKt_wLAf62czDoQKLx7D7Ft8fX9GNzxpZyxGZPBerDN6_gUibplBx-BE2DQnUKaGRHlnLSkgeQSoQYCiOt6qVahisc5HSmAL2nbNyWXBKJCEzGpfE0nddt3q5lfLSkwD7TceFD037w"
    }
  ]
}
2022-04-22 08:43:06
fapi1-advanced-final-client-test-valid-aud-as-array
Setup Done
2022-04-22 08:43:26 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to /test/a/local-oidc/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\" Not A;Brand\";v\u003d\"99\", \"Chromium\";v\u003d\"100\", \"Google Chrome\";v\u003d\"100\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "JSESSIONID\u003d46593A08E4C3070B53CC09FEAAA32AEB",
  "connection": "close"
}
incoming_path
/test/a/local-oidc/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "client_id": "fapi-client",
  "scope": "email openid profile",
  "response_type": "code id_token",
  "request": "eyJraWQiOiIwZzVxcWpUb05OMFg0VEdwaVlicUVBdDlZOWRiVkZjclJZbm5QQUtvQnRBIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJmYXBpLWNsaWVudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsIm5vbmNlIjoiN2U1NGEyZmItZTU3YS00NDViLWE5NjAtZmE0Y2E4NWEzODdjIiwiY2xpZW50X2lkIjoiZmFwaS1jbGllbnQiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0IiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2xvY2FsLW9pZGNcLyIsIm5iZiI6MTY1MDYxNzAwNiwic2NvcGUiOiJlbWFpbCBvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9pcC0xNzItMzEtMjAtNTguYXAtbm9ydGhlYXN0LTEuY29tcHV0ZS5pbnRlcm5hbDo4MDgyXC9jYWxsYmFjayIsInN0YXRlIjoiNWViNDc1NWUtNjczZS00MTk2LTg2MDMtMmFiYjk1ZjgwYzRkIiwiZXhwIjoxNjUwNjE3MzA2LCJjb2RlX2NoYWxsZW5nZSI6IlAyMjltcEQzYVhhR2FpMVVqbzg3LXFtOFFLOWZfaHNsaWc5a0NQRE1pbUUifQ.QS1X1WFhztbM7V5zuqPEt3WEHxVXkCtNTSwfI8v0cnRjiNKmhJ4BUghf9dhX7CGqKd9VS_Woa8MmY0zu0YD12oceIUFG9WLXTd8Jw9M_cHM4a7qVnzix554Otx-bNjErFjWOTUC-5DgP0X8et5r0m0LmQOEpkQJ2VCpw-A-jZk9bVCBoCmLRreu6pcfgT5UtPU3P_4_zM-8O4c2gLR5sn40HWPvUwEk2m9SkXPvfw50bC9cjntsVbNUyI1Bkmw1DT-3z0vJBb0IXSXhY4dHCK8LMXoylCsbi5ykbOrbsiZdPs7MJib9XbYPpXdl-4C2p7yu70P_1ey7NFEdDvLnmRg"
}
incoming_body
2022-04-22 08:43:26 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2022-04-22 08:43:26 SUCCESS
ExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJraWQiOiIwZzVxcWpUb05OMFg0VEdwaVlicUVBdDlZOWRiVkZjclJZbm5QQUtvQnRBIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJmYXBpLWNsaWVudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsIm5vbmNlIjoiN2U1NGEyZmItZTU3YS00NDViLWE5NjAtZmE0Y2E4NWEzODdjIiwiY2xpZW50X2lkIjoiZmFwaS1jbGllbnQiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0IiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2xvY2FsLW9pZGNcLyIsIm5iZiI6MTY1MDYxNzAwNiwic2NvcGUiOiJlbWFpbCBvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9pcC0xNzItMzEtMjAtNTguYXAtbm9ydGhlYXN0LTEuY29tcHV0ZS5pbnRlcm5hbDo4MDgyXC9jYWxsYmFjayIsInN0YXRlIjoiNWViNDc1NWUtNjczZS00MTk2LTg2MDMtMmFiYjk1ZjgwYzRkIiwiZXhwIjoxNjUwNjE3MzA2LCJjb2RlX2NoYWxsZW5nZSI6IlAyMjltcEQzYVhhR2FpMVVqbzg3LXFtOFFLOWZfaHNsaWc5a0NQRE1pbUUifQ.QS1X1WFhztbM7V5zuqPEt3WEHxVXkCtNTSwfI8v0cnRjiNKmhJ4BUghf9dhX7CGqKd9VS_Woa8MmY0zu0YD12oceIUFG9WLXTd8Jw9M_cHM4a7qVnzix554Otx-bNjErFjWOTUC-5DgP0X8et5r0m0LmQOEpkQJ2VCpw-A-jZk9bVCBoCmLRreu6pcfgT5UtPU3P_4_zM-8O4c2gLR5sn40HWPvUwEk2m9SkXPvfw50bC9cjntsVbNUyI1Bkmw1DT-3z0vJBb0IXSXhY4dHCK8LMXoylCsbi5ykbOrbsiZdPs7MJib9XbYPpXdl-4C2p7yu70P_1ey7NFEdDvLnmRg",
  "header": {
    "kid": "0g5qqjToNN0X4TGpiYbqEAt9Y9dbVFcrRYnnPAKoBtA",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "iss": "fapi-client",
    "response_type": "code id_token",
    "code_challenge_method": "S256",
    "nonce": "7e54a2fb-e57a-445b-a960-fa4ca85a387c",
    "client_id": "fapi-client",
    "response_mode": "form_post",
    "aud": "https://www.certification.openid.net/test/a/local-oidc/",
    "nbf": 1650617006,
    "scope": "email openid profile",
    "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
    "state": "5eb4755e-673e-4196-8603-2abb95f80c4d",
    "exp": 1650617306,
    "code_challenge": "P229mpD3aXaGai1Ujo87-qm8QK9f_hslig9kCPDMimE"
  }
}
2022-04-22 08:43:26 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2022-04-22 08:43:26 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "fapi-client",
  "scope": "email openid profile",
  "response_type": "code id_token",
  "request": "eyJraWQiOiIwZzVxcWpUb05OMFg0VEdwaVlicUVBdDlZOWRiVkZjclJZbm5QQUtvQnRBIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJmYXBpLWNsaWVudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsIm5vbmNlIjoiN2U1NGEyZmItZTU3YS00NDViLWE5NjAtZmE0Y2E4NWEzODdjIiwiY2xpZW50X2lkIjoiZmFwaS1jbGllbnQiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0IiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2xvY2FsLW9pZGNcLyIsIm5iZiI6MTY1MDYxNzAwNiwic2NvcGUiOiJlbWFpbCBvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9pcC0xNzItMzEtMjAtNTguYXAtbm9ydGhlYXN0LTEuY29tcHV0ZS5pbnRlcm5hbDo4MDgyXC9jYWxsYmFjayIsInN0YXRlIjoiNWViNDc1NWUtNjczZS00MTk2LTg2MDMtMmFiYjk1ZjgwYzRkIiwiZXhwIjoxNjUwNjE3MzA2LCJjb2RlX2NoYWxsZW5nZSI6IlAyMjltcEQzYVhhR2FpMVVqbzg3LXFtOFFLOWZfaHNsaWc5a0NQRE1pbUUifQ.QS1X1WFhztbM7V5zuqPEt3WEHxVXkCtNTSwfI8v0cnRjiNKmhJ4BUghf9dhX7CGqKd9VS_Woa8MmY0zu0YD12oceIUFG9WLXTd8Jw9M_cHM4a7qVnzix554Otx-bNjErFjWOTUC-5DgP0X8et5r0m0LmQOEpkQJ2VCpw-A-jZk9bVCBoCmLRreu6pcfgT5UtPU3P_4_zM-8O4c2gLR5sn40HWPvUwEk2m9SkXPvfw50bC9cjntsVbNUyI1Bkmw1DT-3z0vJBb0IXSXhY4dHCK8LMXoylCsbi5ykbOrbsiZdPs7MJib9XbYPpXdl-4C2p7yu70P_1ey7NFEdDvLnmRg",
  "iss": "fapi-client",
  "code_challenge_method": "S256",
  "nonce": "7e54a2fb-e57a-445b-a960-fa4ca85a387c",
  "response_mode": "form_post",
  "aud": "https://www.certification.openid.net/test/a/local-oidc/",
  "nbf": 1650617006,
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
  "state": "5eb4755e-673e-4196-8603-2abb95f80c4d",
  "exp": 1650617306,
  "code_challenge": "P229mpD3aXaGai1Ujo87-qm8QK9f_hslig9kCPDMimE"
}
2022-04-22 08:43:26 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2022-04-22 08:43:26 INFO
FAPIValidateRequestObjectIdTokenACRClaims
The acr claim is missing or is not a JsonObject
acrClaim
2022-04-22 08:43:26 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Apr 22, 2022, 8:48:26 AM"
2022-04-22 08:43:26 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Apr 22, 2022, 8:43:26 AM"
now
"Apr 22, 2022, 8:43:26 AM"
2022-04-22 08:43:26 INFO
ValidateRequestObjectClaims
Missing issuance time
2022-04-22 08:43:26
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2022-04-22 08:43:26 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2022-04-22 08:43:26 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2022-04-22 08:43:26 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2022-04-22 08:43:26 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2022-04-22 08:43:26 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJraWQiOiIwZzVxcWpUb05OMFg0VEdwaVlicUVBdDlZOWRiVkZjclJZbm5QQUtvQnRBIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJmYXBpLWNsaWVudCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIGlkX3Rva2VuIiwiY29kZV9jaGFsbGVuZ2VfbWV0aG9kIjoiUzI1NiIsIm5vbmNlIjoiN2U1NGEyZmItZTU3YS00NDViLWE5NjAtZmE0Y2E4NWEzODdjIiwiY2xpZW50X2lkIjoiZmFwaS1jbGllbnQiLCJyZXNwb25zZV9tb2RlIjoiZm9ybV9wb3N0IiwiYXVkIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL2xvY2FsLW9pZGNcLyIsIm5iZiI6MTY1MDYxNzAwNiwic2NvcGUiOiJlbWFpbCBvcGVuaWQgcHJvZmlsZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC9pcC0xNzItMzEtMjAtNTguYXAtbm9ydGhlYXN0LTEuY29tcHV0ZS5pbnRlcm5hbDo4MDgyXC9jYWxsYmFjayIsInN0YXRlIjoiNWViNDc1NWUtNjczZS00MTk2LTg2MDMtMmFiYjk1ZjgwYzRkIiwiZXhwIjoxNjUwNjE3MzA2LCJjb2RlX2NoYWxsZW5nZSI6IlAyMjltcEQzYVhhR2FpMVVqbzg3LXFtOFFLOWZfaHNsaWc5a0NQRE1pbUUifQ.QS1X1WFhztbM7V5zuqPEt3WEHxVXkCtNTSwfI8v0cnRjiNKmhJ4BUghf9dhX7CGqKd9VS_Woa8MmY0zu0YD12oceIUFG9WLXTd8Jw9M_cHM4a7qVnzix554Otx-bNjErFjWOTUC-5DgP0X8et5r0m0LmQOEpkQJ2VCpw-A-jZk9bVCBoCmLRreu6pcfgT5UtPU3P_4_zM-8O4c2gLR5sn40HWPvUwEk2m9SkXPvfw50bC9cjntsVbNUyI1Bkmw1DT-3z0vJBb0IXSXhY4dHCK8LMXoylCsbi5ykbOrbsiZdPs7MJib9XbYPpXdl-4C2p7yu70P_1ey7NFEdDvLnmRg
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 20086458179952591616896125118337458363377501279788835204287610550027464943813712271644932006584933312464506703073285982623323032537100647592449193484130320211298383362391308960770957232499213709561703316590736002203515542644785960863281456603549770430987646899771696951308448798344244595315816210399707251291401217145182781821858469987501459180808887210150090366152318398049511055764243470855585112715346454598517868493041665163997404026949137627283967748387700881601135614321057236216014232453748211452863337654607779276304452825064093543921547995258617015336064294102586940260523785102809756957292168934220299548299
  public exponent: 65537
2022-04-22 08:43:26 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback
2022-04-22 08:43:26 SUCCESS
EnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code id_token
client_id
fapi-client
2022-04-22 08:43:26 SUCCESS
EnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2022-04-22 08:43:26 SUCCESS
EnsureAuthorizationHttpRequestContainsOpenIDScope
Found 'openid' in scope http request parameter
actual
[
  "email",
  "openid",
  "profile"
]
expected
openid
2022-04-22 08:43:26 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
email openid profile
2022-04-22 08:43:26 SUCCESS
EnsureRequestedScopeIsEqualToConfiguredScope
Requested scopes match configured scopes
scope
email openid profile
2022-04-22 08:43:26 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2022-04-22 08:43:26 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "email",
  "openid",
  "profile"
]
expected
openid
2022-04-22 08:43:26 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
fapi-client
2022-04-22 08:43:26 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
HijUtSsBNKSh2PP6dCi05BiRLyB2zLMD
2022-04-22 08:43:26 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
7e54a2fb-e57a-445b-a960-fa4ca85a387c
2022-04-22 08:43:26 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
Tzbc9CopaToEq_iV8uHYpw
2022-04-22 08:43:26 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
LxnLGQmrEjiwRxz8fn57jg
2022-04-22 08:43:26 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/local-oidc/
sub
user-subject-1234531
aud
fapi-client
nonce
7e54a2fb-e57a-445b-a960-fa4ca85a387c
iat
1650617006
exp
1650617306
2022-04-22 08:43:26 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
Tzbc9CopaToEq_iV8uHYpw
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/local-oidc/",
  "sub": "user-subject-1234531",
  "aud": "fapi-client",
  "nonce": "7e54a2fb-e57a-445b-a960-fa4ca85a387c",
  "iat": 1650617006,
  "exp": 1650617306,
  "c_hash": "Tzbc9CopaToEq_iV8uHYpw"
}
2022-04-22 08:43:26 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
LxnLGQmrEjiwRxz8fn57jg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/local-oidc/",
  "sub": "user-subject-1234531",
  "aud": "fapi-client",
  "nonce": "7e54a2fb-e57a-445b-a960-fa4ca85a387c",
  "iat": 1650617006,
  "exp": 1650617306,
  "c_hash": "Tzbc9CopaToEq_iV8uHYpw",
  "s_hash": "LxnLGQmrEjiwRxz8fn57jg"
}
2022-04-22 08:43:26 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2022-04-22 08:43:26 SUCCESS
AddAudValueAsArrayToIdToken
Added the aud value as an array to ID token claims
aud
[
  "fapi-client"
]
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/local-oidc/",
  "sub": "user-subject-1234531",
  "aud": [
    "fapi-client"
  ],
  "nonce": "7e54a2fb-e57a-445b-a960-fa4ca85a387c",
  "iat": 1650617006,
  "exp": 1650617306,
  "c_hash": "Tzbc9CopaToEq_iV8uHYpw",
  "s_hash": "LxnLGQmrEjiwRxz8fn57jg"
}
2022-04-22 08:43:26 INFO
AddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2022-04-22 08:43:26 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6ImZhcGktY2xpZW50IiwiY19oYXNoIjoiVHpiYzlDb3BhVG9FcV9pVjh1SFlwdyIsInNfaGFzaCI6Ikx4bkxHUW1yRWppd1J4ejhmbjU3amciLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE3MzA2LCJub25jZSI6IjdlNTRhMmZiLWU1N2EtNDQ1Yi1hOTYwLWZhNGNhODVhMzg3YyIsImlhdCI6MTY1MDYxNzAwNn0.0VIaYrphGj8FdPZVsURZWty4rtHJlftHrlxAO83O-aRZhBBUijho6-_1QvuZ_BXc1e_Bg69lAKDcupct-Lrhy-av2_N0JmfZkXCKfGjlMcf4d477P_An001sBPdb59_tJ8mY9UwEYu9l5cubtHVL7xfACOOfSC60JKzAknGCasG4qBw0VfifhsonS__xK7B0bLB1yCJHWd4Ca87Byd9FLJbYjfOguz3-P7Ktjk3Ewg6m34SwMAZS8yizETjaSUcBTrYb1_Dsg1u5o-7LcQOsg8kR70teJPG6pmUkcVpZGPUrphPU6yEFqVz0-MEQRRS9IV_6bR4qsIosN-rDy6eEow
2022-04-22 08:43:26 SUCCESS
SignIdTokenBypassingNimbusChecks
Signed the ID token
id_token
eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2xvY2FsLW9pZGMvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOlsiZmFwaS1jbGllbnQiXSwibm9uY2UiOiI3ZTU0YTJmYi1lNTdhLTQ0NWItYTk2MC1mYTRjYTg1YTM4N2MiLCJpYXQiOjE2NTA2MTcwMDYsImV4cCI6MTY1MDYxNzMwNiwiY19oYXNoIjoiVHpiYzlDb3BhVG9FcV9pVjh1SFlwdyIsInNfaGFzaCI6Ikx4bkxHUW1yRWppd1J4ejhmbjU3amcifQ.DYb22IzDkh0_YDuvYbPglYxrdR5DS3ihvD1mywxTCp4FjXkpuOlwJyiVAcX_zAe22xF3S3JmrmfMcZuw_q2kiOXW-v5D371vMZsxbzKaa2k3D2Qq1Fr_vQDJllSYWRkBya6mg_6v5tyyg7H-04_dpybTUGY6yBUObPVatUa3uTd9zJ9WDNZpFoBsu8sBoP8VWfeDWM8BAtKkWoyXLy20of9zQ_APaw4hgSS4COOe2D3xOU7xcov521qauKCO0MbOeuzemn8YFIVL9WhQs_dBV1sIw6kL9wIlYzE7pkPhKxZFb5hIvVpitWt3wsvg_29fHqxNYOtZXEvq3JJ76jWKWA
2022-04-22 08:43:26 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
  "state": "5eb4755e-673e-4196-8603-2abb95f80c4d"
}
2022-04-22 08:43:26 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
  "state": "5eb4755e-673e-4196-8603-2abb95f80c4d",
  "code": "HijUtSsBNKSh2PP6dCi05BiRLyB2zLMD"
}
2022-04-22 08:43:26 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback",
  "state": "5eb4755e-673e-4196-8603-2abb95f80c4d",
  "code": "HijUtSsBNKSh2PP6dCi05BiRLyB2zLMD",
  "id_token": "eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2xvY2FsLW9pZGMvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOlsiZmFwaS1jbGllbnQiXSwibm9uY2UiOiI3ZTU0YTJmYi1lNTdhLTQ0NWItYTk2MC1mYTRjYTg1YTM4N2MiLCJpYXQiOjE2NTA2MTcwMDYsImV4cCI6MTY1MDYxNzMwNiwiY19oYXNoIjoiVHpiYzlDb3BhVG9FcV9pVjh1SFlwdyIsInNfaGFzaCI6Ikx4bkxHUW1yRWppd1J4ejhmbjU3amcifQ.DYb22IzDkh0_YDuvYbPglYxrdR5DS3ihvD1mywxTCp4FjXkpuOlwJyiVAcX_zAe22xF3S3JmrmfMcZuw_q2kiOXW-v5D371vMZsxbzKaa2k3D2Qq1Fr_vQDJllSYWRkBya6mg_6v5tyyg7H-04_dpybTUGY6yBUObPVatUa3uTd9zJ9WDNZpFoBsu8sBoP8VWfeDWM8BAtKkWoyXLy20of9zQ_APaw4hgSS4COOe2D3xOU7xcov521qauKCO0MbOeuzemn8YFIVL9WhQs_dBV1sIw6kL9wIlYzE7pkPhKxZFb5hIvVpitWt3wsvg_29fHqxNYOtZXEvq3JJ76jWKWA"
}
2022-04-22 08:43:26
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback#state=5eb4755e-673e-4196-8603-2abb95f80c4d&code=HijUtSsBNKSh2PP6dCi05BiRLyB2zLMD&id_token=eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2xvY2FsLW9pZGMvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOlsiZmFwaS1jbGllbnQiXSwibm9uY2UiOiI3ZTU0YTJmYi1lNTdhLTQ0NWItYTk2MC1mYTRjYTg1YTM4N2MiLCJpYXQiOjE2NTA2MTcwMDYsImV4cCI6MTY1MDYxNzMwNiwiY19oYXNoIjoiVHpiYzlDb3BhVG9FcV9pVjh1SFlwdyIsInNfaGFzaCI6Ikx4bkxHUW1yRWppd1J4ejhmbjU3amcifQ.DYb22IzDkh0_YDuvYbPglYxrdR5DS3ihvD1mywxTCp4FjXkpuOlwJyiVAcX_zAe22xF3S3JmrmfMcZuw_q2kiOXW-v5D371vMZsxbzKaa2k3D2Qq1Fr_vQDJllSYWRkBya6mg_6v5tyyg7H-04_dpybTUGY6yBUObPVatUa3uTd9zJ9WDNZpFoBsu8sBoP8VWfeDWM8BAtKkWoyXLy20of9zQ_APaw4hgSS4COOe2D3xOU7xcov521qauKCO0MbOeuzemn8YFIVL9WhQs_dBV1sIw6kL9wIlYzE7pkPhKxZFb5hIvVpitWt3wsvg_29fHqxNYOtZXEvq3JJ76jWKWA
2022-04-22 08:43:26 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 2SOs83YkU62OWzG
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback#state=5eb4755e-673e-4196-8603-2abb95f80c4d&code=HijUtSsBNKSh2PP6dCi05BiRLyB2zLMD&id_token=eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2xvY2FsLW9pZGMvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOlsiZmFwaS1jbGllbnQiXSwibm9uY2UiOiI3ZTU0YTJmYi1lNTdhLTQ0NWItYTk2MC1mYTRjYTg1YTM4N2MiLCJpYXQiOjE2NTA2MTcwMDYsImV4cCI6MTY1MDYxNzMwNiwiY19oYXNoIjoiVHpiYzlDb3BhVG9FcV9pVjh1SFlwdyIsInNfaGFzaCI6Ikx4bkxHUW1yRWppd1J4ejhmbjU3amcifQ.DYb22IzDkh0_YDuvYbPglYxrdR5DS3ihvD1mywxTCp4FjXkpuOlwJyiVAcX_zAe22xF3S3JmrmfMcZuw_q2kiOXW-v5D371vMZsxbzKaa2k3D2Qq1Fr_vQDJllSYWRkBya6mg_6v5tyyg7H-04_dpybTUGY6yBUObPVatUa3uTd9zJ9WDNZpFoBsu8sBoP8VWfeDWM8BAtKkWoyXLy20of9zQ_APaw4hgSS4COOe2D3xOU7xcov521qauKCO0MbOeuzemn8YFIVL9WhQs_dBV1sIw6kL9wIlYzE7pkPhKxZFb5hIvVpitWt3wsvg_29fHqxNYOtZXEvq3JJ76jWKWA]
outgoing_path
authorize
2022-04-22 08:43:28 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to /test-mtls/a/local-oidc/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, application/*+json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "user-agent": "Apache-HttpClient/4.5.13 (Java/11.0.7)",
  "cookie": "JSESSIONID\u003d7728B34E277502C60FDCB8BC73033F46",
  "accept-encoding": "gzip,deflate",
  "connection": "close",
  "content-length": "240"
}
incoming_path
/test-mtls/a/local-oidc/token
incoming_body_form_params
{
  "code": "HijUtSsBNKSh2PP6dCi05BiRLyB2zLMD",
  "client_id": "fapi-client",
  "grant_type": "authorization_code",
  "code_verifier": "towqqKqeTdotbQatSGn2Pd2xvymzB43p06WUiTRoH9g",
  "redirect_uri": "https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+ 4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0 0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8 fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4 Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/ AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10 GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp 943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA 3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac 01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9 -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
code=HijUtSsBNKSh2PP6dCi05BiRLyB2zLMD&client_id=fapi-client&grant_type=authorization_code&code_verifier=towqqKqeTdotbQatSGn2Pd2xvymzB43p06WUiTRoH9g&redirect_uri=https%3A%2F%2Fip-172-31-20-58.ap-northeast-1.compute.internal%3A8082%2Fcallback
2022-04-22 08:43:28 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
DHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-04-22 08:43:28 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
fapi-client
2022-04-22 08:43:28 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+ 4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0 0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8 fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4 Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/ AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10 GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp 943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA 3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac 01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9 -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL\nBQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw\nMTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\nAAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+\n4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg\nBGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0\n0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8\nfXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4\nHba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T\nAQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw\nFoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/\nAAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10\nGwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv\nWVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp\n943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA\n3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac\n01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "CN\u003dfapi-client"
  },
  "sanDnsNames": [
    "localhost"
  ],
  "sanUris": [],
  "sanIPs": [
    "127.0.0.1"
  ],
  "sanEmails": []
}
2022-04-22 08:43:28 SUCCESS
CheckForClientCertificate
Found client certificate
2022-04-22 08:43:28 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw
MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+
4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg
BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0
0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8
fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4
Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw
FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/
AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10
GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv
WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp
943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA
3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac
01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9
-----END CERTIFICATE-----
2022-04-22 08:43:28 SUCCESS
EnsureClientIdIsPresentOnTokenRequest
Parameter client_id found on the request
2022-04-22 08:43:28 SUCCESS
EnsureNoClientAssertionSentToTokenEndpoint
Client did not send a client_assertion to token endpoint
2022-04-22 08:43:28 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
HijUtSsBNKSh2PP6dCi05BiRLyB2zLMD
2022-04-22 08:43:28 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://ip-172-31-20-58.ap-northeast-1.compute.internal:8082/callback
2022-04-22 08:43:28 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
8iG4p99RkvFQZJFkiM8xhvO7NxRUXTEAJL2vK7g6qogXadJpIx
2022-04-22 08:43:28 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
O8WYtnyDwOhNojusYFpdIg
2022-04-22 08:43:28
CreateRefreshToken
Created refresh token
refresh_token
GlGQGGFbdcgNrolKXhFPvmaduGcEcDFIgzkFjiXKXXEpWOZDFe0817080550);?{+
2022-04-22 08:43:28 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/local-oidc/
sub
user-subject-1234531
aud
fapi-client
nonce
7e54a2fb-e57a-445b-a960-fa4ca85a387c
iat
1650617008
exp
1650617308
2022-04-22 08:43:28 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
O8WYtnyDwOhNojusYFpdIg
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/local-oidc/",
  "sub": "user-subject-1234531",
  "aud": "fapi-client",
  "nonce": "7e54a2fb-e57a-445b-a960-fa4ca85a387c",
  "iat": 1650617008,
  "exp": 1650617308,
  "at_hash": "O8WYtnyDwOhNojusYFpdIg"
}
2022-04-22 08:43:28 SUCCESS
AddAudValueAsArrayToIdToken
Added the aud value as an array to ID token claims
aud
[
  "fapi-client"
]
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/local-oidc/",
  "sub": "user-subject-1234531",
  "aud": [
    "fapi-client"
  ],
  "nonce": "7e54a2fb-e57a-445b-a960-fa4ca85a387c",
  "iat": 1650617008,
  "exp": 1650617308,
  "at_hash": "O8WYtnyDwOhNojusYFpdIg"
}
2022-04-22 08:43:28 INFO
AddACRClaimToIdTokenClaims
Skipped evaluation due to missing required string: requested_id_token_acr_values
expected
requested_id_token_acr_values
2022-04-22 08:43:28 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiTzhXWXRueUR3T2hOb2p1c1lGcGRJZyIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoiZmFwaS1jbGllbnQiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbG9jYWwtb2lkY1wvIiwiZXhwIjoxNjUwNjE3MzA4LCJub25jZSI6IjdlNTRhMmZiLWU1N2EtNDQ1Yi1hOTYwLWZhNGNhODVhMzg3YyIsImlhdCI6MTY1MDYxNzAwOH0.rrN0bk1qFaqn_pnaP2JAwORCIN50on8SiOoLhAUrIa8Dj0mboQKEqRKvgEhNS2A14HBVjSG5Dt1hQy66RdJ23cFHI1KpkLDclXLbsBTHhLBR1vGaxTe9k6MEP5yxJxAVaoUSZhMnjH0W4hqw-PsmHvsI6EvVpkh3p8JfEtC_xbFDWvqusidt3nS3_VcBdkmjY5XUKvRiUGJGqUOVJkckvPs74NhbcMgMhid9c7tKaPzKL2uai5xhJYpcadwXBBZSMzeInGJ5j64KZjgs0T-rNQECIuV-B6doUeJkl-KG-zG7diK2H5VbFDhXzr6ZTKPPujRU0YbJ1jMFKV3DEG1s5g
2022-04-22 08:43:28 SUCCESS
SignIdTokenBypassingNimbusChecks
Signed the ID token
id_token
eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2xvY2FsLW9pZGMvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOlsiZmFwaS1jbGllbnQiXSwibm9uY2UiOiI3ZTU0YTJmYi1lNTdhLTQ0NWItYTk2MC1mYTRjYTg1YTM4N2MiLCJpYXQiOjE2NTA2MTcwMDgsImV4cCI6MTY1MDYxNzMwOCwiYXRfaGFzaCI6Ik84V1l0bnlEd09oTm9qdXNZRnBkSWcifQ.cZytQpsOGE1GONLEcuixBEY668_MImoNss9nxSqzpwYDcq2yq1k2BeBsdmxPkH_57iNzJQhtWA5t80cxoQNTMRjqfytBoT2fHeVsTtTso_KYh-K769rN3y-o_Wl2_pjIk9h7PBHCYNijqiWxEkKNzwvjiecaiwqqOrajg3Nd41LNpt4seWxdAaL46dM_aDEcnYmhfg1-aVXwIcZO0lDFq6SSMRh8EdICbCDgIHQiGnE6sMpPu6Ofwrg-mo5u1fK9lBgXkOfaA3Dyi9k5jD1c7Sxsc8NtUvao_TBDqoz8_B-VZqneuYhAFB8Qm9zL779w5Wye24EgqnK5Y2wuRTN6BQ
2022-04-22 08:43:28 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
8iG4p99RkvFQZJFkiM8xhvO7NxRUXTEAJL2vK7g6qogXadJpIx
token_type
Bearer
id_token
eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2xvY2FsLW9pZGMvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOlsiZmFwaS1jbGllbnQiXSwibm9uY2UiOiI3ZTU0YTJmYi1lNTdhLTQ0NWItYTk2MC1mYTRjYTg1YTM4N2MiLCJpYXQiOjE2NTA2MTcwMDgsImV4cCI6MTY1MDYxNzMwOCwiYXRfaGFzaCI6Ik84V1l0bnlEd09oTm9qdXNZRnBkSWcifQ.cZytQpsOGE1GONLEcuixBEY668_MImoNss9nxSqzpwYDcq2yq1k2BeBsdmxPkH_57iNzJQhtWA5t80cxoQNTMRjqfytBoT2fHeVsTtTso_KYh-K769rN3y-o_Wl2_pjIk9h7PBHCYNijqiWxEkKNzwvjiecaiwqqOrajg3Nd41LNpt4seWxdAaL46dM_aDEcnYmhfg1-aVXwIcZO0lDFq6SSMRh8EdICbCDgIHQiGnE6sMpPu6Ofwrg-mo5u1fK9lBgXkOfaA3Dyi9k5jD1c7Sxsc8NtUvao_TBDqoz8_B-VZqneuYhAFB8Qm9zL779w5Wye24EgqnK5Y2wuRTN6BQ
refresh_token
GlGQGGFbdcgNrolKXhFPvmaduGcEcDFIgzkFjiXKXXEpWOZDFe0817080550);?{+
scope
email openid profile
2022-04-22 08:43:28 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 2SOs83YkU62OWzG
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "8iG4p99RkvFQZJFkiM8xhvO7NxRUXTEAJL2vK7g6qogXadJpIx",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJQNUtBaVVXQTJSeUlnZnJzQzJoZlg5bWxSRUUtYjJwa3drUkoySVRVR1lrIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2xvY2FsLW9pZGMvIiwic3ViIjoidXNlci1zdWJqZWN0LTEyMzQ1MzEiLCJhdWQiOlsiZmFwaS1jbGllbnQiXSwibm9uY2UiOiI3ZTU0YTJmYi1lNTdhLTQ0NWItYTk2MC1mYTRjYTg1YTM4N2MiLCJpYXQiOjE2NTA2MTcwMDgsImV4cCI6MTY1MDYxNzMwOCwiYXRfaGFzaCI6Ik84V1l0bnlEd09oTm9qdXNZRnBkSWcifQ.cZytQpsOGE1GONLEcuixBEY668_MImoNss9nxSqzpwYDcq2yq1k2BeBsdmxPkH_57iNzJQhtWA5t80cxoQNTMRjqfytBoT2fHeVsTtTso_KYh-K769rN3y-o_Wl2_pjIk9h7PBHCYNijqiWxEkKNzwvjiecaiwqqOrajg3Nd41LNpt4seWxdAaL46dM_aDEcnYmhfg1-aVXwIcZO0lDFq6SSMRh8EdICbCDgIHQiGnE6sMpPu6Ofwrg-mo5u1fK9lBgXkOfaA3Dyi9k5jD1c7Sxsc8NtUvao_TBDqoz8_B-VZqneuYhAFB8Qm9zL779w5Wye24EgqnK5Y2wuRTN6BQ",
  "refresh_token": "GlGQGGFbdcgNrolKXhFPvmaduGcEcDFIgzkFjiXKXXEpWOZDFe0817080550);?{+",
  "scope": "email openid profile"
}
outgoing_path
token
2022-04-22 08:43:37 INCOMING
fapi1-advanced-final-client-test-valid-aud-as-array
Incoming HTTP request to /test-mtls/a/local-oidc/open-banking/v1.1/accounts/
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "text/plain, application/json, application/*+json, */*",
  "authorization": "Bearer 8iG4p99RkvFQZJFkiM8xhvO7NxRUXTEAJL2vK7g6qogXadJpIx",
  "user-agent": "Apache-HttpClient/4.5.13 (Java/11.0.7)",
  "cookie": "JSESSIONID\u003d7728B34E277502C60FDCB8BC73033F46",
  "accept-encoding": "gzip,deflate",
  "connection": "close"
}
incoming_path
/test-mtls/a/local-oidc/open-banking/v1.1/accounts/
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
DHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+ 4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0 0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8 fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4 Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/ AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10 GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp 943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA 3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac 01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9 -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-04-22 08:43:37 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
DHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Accounts endpoint
2022-04-22 08:43:37 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+ 4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0 0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8 fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4 Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/ AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10 GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp 943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA 3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac 01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9 -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL\nBQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw\nMTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\nAAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+\n4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg\nBGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0\n0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8\nfXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4\nHba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud\nDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T\nAQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw\nFoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/\nAAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10\nGwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv\nWVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp\n943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA\n3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac\n01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "CN\u003dfapi-client"
  },
  "sanDnsNames": [
    "localhost"
  ],
  "sanUris": [],
  "sanIPs": [
    "127.0.0.1"
  ],
  "sanEmails": []
}
2022-04-22 08:43:37 SUCCESS
CheckForClientCertificate
Found client certificate
2022-04-22 08:43:37 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIUOGxvnmd2zIVRKXrboYAbTAAPQswwDQYJKoZIhvcNAQEL
BQAwEjEQMA4GA1UEAxMHZmFwaS1jYTAeFw0yMTExMTAwMTUyMDBaFw0yMjExMTAw
MTUyMDBaMBYxFDASBgNVBAMTC2ZhcGktY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEArPY4djIA/os22qFlheaOjvs5sXfgmNbBcWFb6VQhDVp+
4KjP0v8dmTAx7fmUXevRWB43Ld5GNWNeZ9nDtd/N5Va31JD80Jzc2kfwqtwNgfzg
BGy9noerFCy+9l3SnbJpuAsOiLtz0pcKpD3XO+szO9sWaBYApELovY4mNT+rTXC0
0+ERpuzr8salrgOE2pVYaikMDJUspwEw3Cjx3Jhl+2IZR+oXhF5zudiF9kjjUjt8
fXSEN6RQXXrWCIa65W8/4vnRN2rtFre5EKfsJrAM4o9CAQqWxwR/ZZpzgUMW5al4
Hba6erReZpEaqN+wp59a5md4n09E82pjvtHez2O2kwIDAQABo4GcMIGZMA4GA1Ud
DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQU8A9WW4zVHrW8gxcszWJ2ELGpfEowHwYDVR0jBBgw
FoAUuKmP6+gzUMsk+1DxcoviKLQqCxowGgYDVR0RBBMwEYIJbG9jYWxob3N0hwR/
AAABMA0GCSqGSIb3DQEBCwUAA4IBAQACq0nh14JL653WR4QMdZ5hdm/BJmbbDe10
GwsBMbvsSpprXEjY86RuKS6me0qjv7+MTPpkghJA6/yJtcFBGmvfbKqNsYrp79Qv
WVkgJ3OELvUSSWY43hfiPF3gAQmRPc6vPw26/8mdoobrLTi6EgnB+jdOaGPI6MRp
943wpV3rBHiJgaxtYeqe4EtRq7Ec2V96sOldd9canPtgsjF7JL4YXWDagmuMtvKA
3qS+I1/mp5W/55AmOnXg/rH3ntK6NN+yG0pQmOgqdCU4ZdlfYzHGZCKJxogEyXac
01DFhj3IQVCfQf7XoKFTl481d1T+LEFvvk+2Gt9GsRA22y8Hfcg9
-----END CERTIFICATE-----
2022-04-22 08:43:37 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2022-04-22 08:43:37 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
8iG4p99RkvFQZJFkiM8xhvO7NxRUXTEAJL2vK7g6qogXadJpIx
2022-04-22 08:43:37 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
8iG4p99RkvFQZJFkiM8xhvO7NxRUXTEAJL2vK7g6qogXadJpIx
2022-04-22 08:43:37 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2022-04-22 08:43:37 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2022-04-22 08:43:37 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2022-04-22 08:43:37 SUCCESS
CreateFapiInteractionIdIfNeeded
Created new FAPI interaction ID
fapi_interaction_id
48b184ae-6026-4047-aabd-7fd0448985b4
2022-04-22 08:43:37 SUCCESS
CreateFAPIAccountEndpointResponse
Created account response object
accounts_endpoint_response
{
  "conformance-test-finished": "true"
}
accounts_endpoint_response_headers
{
  "x-fapi-interaction-id": "48b184ae-6026-4047-aabd-7fd0448985b4",
  "content-type": "application/json; charset\u003dUTF-8"
}
2022-04-22 08:43:37
ClearAccessTokenFromRequest
Condition ran but did not log anything
2022-04-22 08:43:37 OUTGOING
fapi1-advanced-final-client-test-valid-aud-as-array
Response to HTTP request to test instance 2SOs83YkU62OWzG
outgoing_status_code
200
outgoing_headers
{
  "x-fapi-interaction-id": [
    "48b184ae-6026-4047-aabd-7fd0448985b4"
  ],
  "content-type": [
    "application/json; charset\u003dUTF-8"
  ]
}
outgoing_body
{
  "conformance-test-finished": "true"
}
outgoing_path
open-banking/v1.1/accounts
2022-04-22 08:43:37 FINISHED
fapi1-advanced-final-client-test-valid-aud-as-array
Test has run to completion
testmodule_result
PASSED
2022-04-22 08:44:05
TEST-RUNNER
Alias has now been claimed by another test
alias
local-oidc
new_test_id
uHpkAcNjfGHmvGq
Test Results