Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-03-31 23:01:22 INFO
TEST-RUNNER
Test instance hQjqNlDH0UD4Ddw created
baseUrl
https://www.certification.openid.net/test/a/mercantil
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "openbanking_brazil",
  "fapi_jarm_type": "oidc",
  "fapi_response_mode": "jarm"
}
alias
mercantil
description
Banco Mercantil - Iniciação de Pagamentos
planId
zzZLlwDGEA6TG
config
{
  "alias": "mercantil",
  "description": "Banco Mercantil - Iniciação de Pagamentos",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
          "kty": "RSA",
          "alg": "PS256",
          "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
          "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
          "e": "AQAB",
          "use": "sig",
          "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
          "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
          "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
          "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
          "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
          "x5c": [
            "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
          ]
        },
        {
          "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
          "kty": "RSA",
          "alg": "RSA-OAEP",
          "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
          "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
          "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
          "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
          "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
          "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
        }
      ]
    }
  },
  "client": {
    "client_id": "mercantil-bank",
    "redirect_uri": "https://produtosopbhml.mercantildobrasil.com.br/payment/callback",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "alg": "PS256",
          "n": "41TTDzUlKl5Lqf9A86VL0KbY3fwDbEClA6L4Zm0AWR9vjL2KeJDX32tPGbMDv_NNTylVmcZ_z8LXEJO85OsA8ccYzIh7LuX3owAJ_i0QwG5cgP1hX8QiiKtXCoK7p7q4_1QJWE99WuDaXF3gH-1tvIICMByQsPNWC_IBEzUl7mKIZ5AxG3GKE4i5VqNiLwVwW2oL1sZ-q4jTsz7ElpfmAlk82RB6IKb71Fxbz8ve1JuOJIWXPOYM6ZNB-0sd934Dge3iKSQmj_rCm7DQZtfhRrnuqzRBq6oIa3DrM8QtHUb5X3LwVkL2jwb7mwKBnB13RRhUpRCxZtU_whiP6sn1wQ",
          "e": "AQAB",
          "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe"
        },
        {
          "kty": "RSA",
          "use": "enc",
          "alg": "RSA-OAEP",
          "n": "mf8A3fI2ALLWYokCw4JcA8DaNsKbmmaoDflCwD-MOUFFJ4EQDBVgWD6YKmV5l2t5ODcdyRVRZPQvM9i26ulKv-gncx-hOC13v3d7tyD0j7MB2kUJ9aPS5LU0Kvu6VEXc85TVptHJC5avoYIhWwgRMVQBBfmIvcuIKBMJMkxImxhV6pL8LHClvkJQ7VclwqcibQ1HtKNgrGG_6jNy2KVu8G4zOxKoWFq6XqyLSU4OznTAwrkozeQWkzEEacbZtQmzmVB92SiQSPSmVgUwhCixvmLIvBZm10XH0ZAzQnHHE8kGsK6l5kAhB7G7O-cdmLvJPdS25S4MfxE8DoGRN9O5UQ",
          "e": "AQAB",
          "kid": "1a63f2f382c288cb4f29fb94c4241142f3f012b9bee07e1d92e03087e7abe152"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw\nNDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl\nbG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT\nLkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz\nMzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO\nMTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw\nEQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl\nYi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb\nzNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn\nZzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj\nirbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs\n05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T\npl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/\nBAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU\nhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB\nhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu\nYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu\nYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj\nYW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1\nad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N\na9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj\n1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI\nbcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V\nmRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d\n-----END CERTIFICATE-----"
  },
  "client2": {
    "client_id": "mercantil-bank-two",
    "redirect_uri": "https://produtosopbhml.mercantildobrasil.com.br/payment/callback",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "id_token_encrypted_response_enc": "A256GCM",
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUHJS0YgeyrqJO8ge3iSga+XlW6cMwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDQwMFoXDTIzMDQyMzIw\nNDQwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl\nbG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT\nLkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz\nMzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO\nMTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw\nEQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkYjdmMGEyMTgtYzA0\nNi00MTM2LWFlYWQtM2E0NmVkZjYzYjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEAxj7pFb7WVO8kDUVvNiF2ADPwe8kJesIFdbFcxvx7b60sftxGNODG\nCcKijKrAs0HPBFTNZhFb5fbw8LN7biraeIr1H0eqHYKV8FhUQpu3jA/dfKriVy/N\n8GdpJufN+j5i6UVzdWNE80CLdANjANHraZTWM9s7BtB6M0mDRqGQZ5X7D2ciQGzk\n/I9LHidHjsJ5afQvs0o7RvH4Tsu6OdmrIxsUzXqm8kJONXov6WT67tmiY+6gn3bV\naDNosp0VqtB8CbXzGP35t2s79/KZgh1TPVU2WH539EWw1NqpMT6IfL3N9aF0Tcqv\nEpV4/br7Gfyiu2grvRWal4L8yQXmg5BwtwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/\nBAIwADAdBgNVHQ4EFgQUhCiXJClH+RiVRhslsEgWD8IFD+MwHwYDVR0jBBgwFoAU\nhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB\nhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu\nYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu\nYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj\nYW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAG6YThX/c3U4nBx6MUoTtB4ML+85hIK1lqP1eMIa/\nqKz/mmK4fc98Gd2jPn+7tCU/2TzwxQqgGWrdzCzY9GRG2tkvCaSLrcILOHGaSKxY\n4itRv0nyZtiW6+k9yzMMlSif3wOJRbO2+xfSJENSx4k/blXc3W1znaoNgga67yuE\njA54IMv/8o2SS6b+xyfroCMft1VA+8X+uCdyPRO7hcd8GXgp+wvR8E8muG+CMsh0\nxiaiGnmVJYkOYQhJjwcpHWvTqRCvBO8SytU/3pTw9nNf0OOp0PxbzmL7UzaLWS2W\n3cKh5Cmwx7huoNYAyMRkURJuf2UbDu10pw5fAzWieoXU3Q\u003d\u003d\n-----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "alg": "PS256",
          "n": "w9L7GrWdIXJneN-KOaEM2gTvC8InOayFKaeUtg9Pthr8snE3mVUaRJvIPuifMN99p0RcfUYXii10bJzIXFe4AT4aGAyK3rheOsZQqy0GVhbJnFnkfiJ2bKlEuWu9FOYaDTbNtWdYQ0zDQ9S8e2BKMh4MrOWmrHcmZhTTF3afdOXVWb2FU8-fAa-EYFwc9y7l_pOxwiiy5nwnjXC8xuB6p87KQPE7UJ8jMgWkPv01tStP0lxoWXE4m0UNGVM1EyQcieThKHIDxDlxeBkEi1wtOiasR_Zhu_LiPKvtTFmU4AaSSGV37unPfiKn1jpjRDJHJA96VChOGgUFuxGJCMGjuQ",
          "e": "AQAB",
          "kid": "c764ccf5dc0a852b6f088bc6b8e80229918eaa20d1c928de6467a2c7442bd88e"
        },
        {
          "kty": "RSA",
          "use": "enc",
          "alg": "RSA-OAEP",
          "n": "u_LGl2H30LkgkGIOSqLxGG7BNkGPJW5FOTsFIxfgR5qq_ooAinK3pkCpHt2awMDlb_NFi0UrvvhQ61ADpB1E1ZQse5eCBo0K_tjnRNLc8PlATU7MbVRU2chrUnkZc6UGyfoJCBNg3ON1Fvu4bD51af14AEWIEPD5CWpmdQxNsUpJPOxTGtoCgWdwlWXqhybFfLPHru4Bvfbb8dLV4lYgPhxpcKXu12XE-ppMTXoQxUA8Q0VffmitodImFCa517PprK-14_DIVMXl9Wkav6lA8a4E3U-fz6PZlIJThRSSnoLoI2umwfnxzUdEHsTQ7gmBSVjQevxrEfme_BWUujmi0Q",
          "e": "AQAB",
          "kid": "790109d1c368e752ab5823dacc495d02afc6f0114a5c39e74dcce154138c7d66"
        }
      ]
    }
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-refresh-token-test
2022-03-31 23:01:22 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/mercantil/
discoveryUrl
https://www.certification.openid.net/test/a/mercantil/.well-known/openid-configuration
2022-03-31 23:01:22 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2022-03-31 23:01:22 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-03-31 23:01:22
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2022-03-31 23:01:23
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2022-03-31 23:01:23
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2022-03-31 23:01:23
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2022-03-31 23:01:23
SetTokenEndpointAuthMethodsSupportedToPrivateKeyJWTOnly
Changed token_endpoint_auth_methods_supported to private_key_jwt only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ]
}
2022-03-31 23:01:23 SUCCESS
AddResponseTypeCodeToServerConfiguration
Added code as response type supported
response_types_supported
[
  "code"
]
2022-03-31 23:01:23 SUCCESS
AddJARMResponseModeToServerConfiguration
Added jwt as response_modes_supported
response_modes_supported
[
  "jwt"
]
2022-03-31 23:01:23 SUCCESS
AddAuthorizationSigningAlgValuesSupportedToServerConfiguration
Added authorization_signing_alg_values_supported to server configuration
alg_values
[
  "PS256"
]
2022-03-31 23:01:23 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2022-03-31 23:01:23 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-03-31 23:01:23 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2022-03-31 23:01:23 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2022-03-31 23:01:23 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
mercantil-bank
redirect_uri
https://produtosopbhml.mercantildobrasil.com.br/payment/callback
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "41TTDzUlKl5Lqf9A86VL0KbY3fwDbEClA6L4Zm0AWR9vjL2KeJDX32tPGbMDv_NNTylVmcZ_z8LXEJO85OsA8ccYzIh7LuX3owAJ_i0QwG5cgP1hX8QiiKtXCoK7p7q4_1QJWE99WuDaXF3gH-1tvIICMByQsPNWC_IBEzUl7mKIZ5AxG3GKE4i5VqNiLwVwW2oL1sZ-q4jTsz7ElpfmAlk82RB6IKb71Fxbz8ve1JuOJIWXPOYM6ZNB-0sd934Dge3iKSQmj_rCm7DQZtfhRrnuqzRBq6oIa3DrM8QtHUb5X3LwVkL2jwb7mwKBnB13RRhUpRCxZtU_whiP6sn1wQ",
      "e": "AQAB",
      "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "mf8A3fI2ALLWYokCw4JcA8DaNsKbmmaoDflCwD-MOUFFJ4EQDBVgWD6YKmV5l2t5ODcdyRVRZPQvM9i26ulKv-gncx-hOC13v3d7tyD0j7MB2kUJ9aPS5LU0Kvu6VEXc85TVptHJC5avoYIhWwgRMVQBBfmIvcuIKBMJMkxImxhV6pL8LHClvkJQ7VclwqcibQ1HtKNgrGG_6jNy2KVu8G4zOxKoWFq6XqyLSU4OznTAwrkozeQWkzEEacbZtQmzmVB92SiQSPSmVgUwhCixvmLIvBZm10XH0ZAzQnHHE8kGsK6l5kAhB7G7O-cdmLvJPdS25S4MfxE8DoGRN9O5UQ",
      "e": "AQAB",
      "kid": "1a63f2f382c288cb4f29fb94c4241142f3f012b9bee07e1d92e03087e7abe152"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw
NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl
bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT
LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz
MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO
MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw
EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl
Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb
zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn
Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj
irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs
05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T
pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU
hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB
hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu
YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu
YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj
YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1
ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N
a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj
1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI
bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V
mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw==
-----END CERTIFICATE-----
2022-03-31 23:01:23 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-03-31 23:01:23 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "41TTDzUlKl5Lqf9A86VL0KbY3fwDbEClA6L4Zm0AWR9vjL2KeJDX32tPGbMDv_NNTylVmcZ_z8LXEJO85OsA8ccYzIh7LuX3owAJ_i0QwG5cgP1hX8QiiKtXCoK7p7q4_1QJWE99WuDaXF3gH-1tvIICMByQsPNWC_IBEzUl7mKIZ5AxG3GKE4i5VqNiLwVwW2oL1sZ-q4jTsz7ElpfmAlk82RB6IKb71Fxbz8ve1JuOJIWXPOYM6ZNB-0sd934Dge3iKSQmj_rCm7DQZtfhRrnuqzRBq6oIa3DrM8QtHUb5X3LwVkL2jwb7mwKBnB13RRhUpRCxZtU_whiP6sn1wQ",
      "e": "AQAB",
      "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "mf8A3fI2ALLWYokCw4JcA8DaNsKbmmaoDflCwD-MOUFFJ4EQDBVgWD6YKmV5l2t5ODcdyRVRZPQvM9i26ulKv-gncx-hOC13v3d7tyD0j7MB2kUJ9aPS5LU0Kvu6VEXc85TVptHJC5avoYIhWwgRMVQBBfmIvcuIKBMJMkxImxhV6pL8LHClvkJQ7VclwqcibQ1HtKNgrGG_6jNy2KVu8G4zOxKoWFq6XqyLSU4OznTAwrkozeQWkzEEacbZtQmzmVB92SiQSPSmVgUwhCixvmLIvBZm10XH0ZAzQnHHE8kGsK6l5kAhB7G7O-cdmLvJPdS25S4MfxE8DoGRN9O5UQ",
      "e": "AQAB",
      "kid": "1a63f2f382c288cb4f29fb94c4241142f3f012b9bee07e1d92e03087e7abe152"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe",
      "alg": "PS256",
      "n": "41TTDzUlKl5Lqf9A86VL0KbY3fwDbEClA6L4Zm0AWR9vjL2KeJDX32tPGbMDv_NNTylVmcZ_z8LXEJO85OsA8ccYzIh7LuX3owAJ_i0QwG5cgP1hX8QiiKtXCoK7p7q4_1QJWE99WuDaXF3gH-1tvIICMByQsPNWC_IBEzUl7mKIZ5AxG3GKE4i5VqNiLwVwW2oL1sZ-q4jTsz7ElpfmAlk82RB6IKb71Fxbz8ve1JuOJIWXPOYM6ZNB-0sd934Dge3iKSQmj_rCm7DQZtfhRrnuqzRBq6oIa3DrM8QtHUb5X3LwVkL2jwb7mwKBnB13RRhUpRCxZtU_whiP6sn1wQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "1a63f2f382c288cb4f29fb94c4241142f3f012b9bee07e1d92e03087e7abe152",
      "alg": "RSA-OAEP",
      "n": "mf8A3fI2ALLWYokCw4JcA8DaNsKbmmaoDflCwD-MOUFFJ4EQDBVgWD6YKmV5l2t5ODcdyRVRZPQvM9i26ulKv-gncx-hOC13v3d7tyD0j7MB2kUJ9aPS5LU0Kvu6VEXc85TVptHJC5avoYIhWwgRMVQBBfmIvcuIKBMJMkxImxhV6pL8LHClvkJQ7VclwqcibQ1HtKNgrGG_6jNy2KVu8G4zOxKoWFq6XqyLSU4OznTAwrkozeQWkzEEacbZtQmzmVB92SiQSPSmVgUwhCixvmLIvBZm10XH0ZAzQnHHE8kGsK6l5kAhB7G7O-cdmLvJPdS25S4MfxE8DoGRN9O5UQ"
    }
  ]
}
2022-03-31 23:01:23 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-03-31 23:01:23 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-03-31 23:01:23 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "41TTDzUlKl5Lqf9A86VL0KbY3fwDbEClA6L4Zm0AWR9vjL2KeJDX32tPGbMDv_NNTylVmcZ_z8LXEJO85OsA8ccYzIh7LuX3owAJ_i0QwG5cgP1hX8QiiKtXCoK7p7q4_1QJWE99WuDaXF3gH-1tvIICMByQsPNWC_IBEzUl7mKIZ5AxG3GKE4i5VqNiLwVwW2oL1sZ-q4jTsz7ElpfmAlk82RB6IKb71Fxbz8ve1JuOJIWXPOYM6ZNB-0sd934Dge3iKSQmj_rCm7DQZtfhRrnuqzRBq6oIa3DrM8QtHUb5X3LwVkL2jwb7mwKBnB13RRhUpRCxZtU_whiP6sn1wQ",
      "e": "AQAB",
      "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "mf8A3fI2ALLWYokCw4JcA8DaNsKbmmaoDflCwD-MOUFFJ4EQDBVgWD6YKmV5l2t5ODcdyRVRZPQvM9i26ulKv-gncx-hOC13v3d7tyD0j7MB2kUJ9aPS5LU0Kvu6VEXc85TVptHJC5avoYIhWwgRMVQBBfmIvcuIKBMJMkxImxhV6pL8LHClvkJQ7VclwqcibQ1HtKNgrGG_6jNy2KVu8G4zOxKoWFq6XqyLSU4OznTAwrkozeQWkzEEacbZtQmzmVB92SiQSPSmVgUwhCixvmLIvBZm10XH0ZAzQnHHE8kGsK6l5kAhB7G7O-cdmLvJPdS25S4MfxE8DoGRN9O5UQ",
      "e": "AQAB",
      "kid": "1a63f2f382c288cb4f29fb94c4241142f3f012b9bee07e1d92e03087e7abe152"
    }
  ]
}
Verify configuration of second client
2022-03-31 23:01:23 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
mercantil-bank-two
redirect_uri
https://produtosopbhml.mercantildobrasil.com.br/payment/callback
id_token_encrypted_response_alg
RSA-OAEP
id_token_encrypted_response_enc
A256GCM
certificate
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUHJS0YgeyrqJO8ge3iSga+XlW6cMwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDQwMFoXDTIzMDQyMzIw
NDQwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl
bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT
LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz
MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO
MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw
EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkYjdmMGEyMTgtYzA0
Ni00MTM2LWFlYWQtM2E0NmVkZjYzYjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAxj7pFb7WVO8kDUVvNiF2ADPwe8kJesIFdbFcxvx7b60sftxGNODG
CcKijKrAs0HPBFTNZhFb5fbw8LN7biraeIr1H0eqHYKV8FhUQpu3jA/dfKriVy/N
8GdpJufN+j5i6UVzdWNE80CLdANjANHraZTWM9s7BtB6M0mDRqGQZ5X7D2ciQGzk
/I9LHidHjsJ5afQvs0o7RvH4Tsu6OdmrIxsUzXqm8kJONXov6WT67tmiY+6gn3bV
aDNosp0VqtB8CbXzGP35t2s79/KZgh1TPVU2WH539EWw1NqpMT6IfL3N9aF0Tcqv
EpV4/br7Gfyiu2grvRWal4L8yQXmg5BwtwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQUhCiXJClH+RiVRhslsEgWD8IFD+MwHwYDVR0jBBgwFoAU
hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB
hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu
YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu
YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj
YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAG6YThX/c3U4nBx6MUoTtB4ML+85hIK1lqP1eMIa/
qKz/mmK4fc98Gd2jPn+7tCU/2TzwxQqgGWrdzCzY9GRG2tkvCaSLrcILOHGaSKxY
4itRv0nyZtiW6+k9yzMMlSif3wOJRbO2+xfSJENSx4k/blXc3W1znaoNgga67yuE
jA54IMv/8o2SS6b+xyfroCMft1VA+8X+uCdyPRO7hcd8GXgp+wvR8E8muG+CMsh0
xiaiGnmVJYkOYQhJjwcpHWvTqRCvBO8SytU/3pTw9nNf0OOp0PxbzmL7UzaLWS2W
3cKh5Cmwx7huoNYAyMRkURJuf2UbDu10pw5fAzWieoXU3Q==
-----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "w9L7GrWdIXJneN-KOaEM2gTvC8InOayFKaeUtg9Pthr8snE3mVUaRJvIPuifMN99p0RcfUYXii10bJzIXFe4AT4aGAyK3rheOsZQqy0GVhbJnFnkfiJ2bKlEuWu9FOYaDTbNtWdYQ0zDQ9S8e2BKMh4MrOWmrHcmZhTTF3afdOXVWb2FU8-fAa-EYFwc9y7l_pOxwiiy5nwnjXC8xuB6p87KQPE7UJ8jMgWkPv01tStP0lxoWXE4m0UNGVM1EyQcieThKHIDxDlxeBkEi1wtOiasR_Zhu_LiPKvtTFmU4AaSSGV37unPfiKn1jpjRDJHJA96VChOGgUFuxGJCMGjuQ",
      "e": "AQAB",
      "kid": "c764ccf5dc0a852b6f088bc6b8e80229918eaa20d1c928de6467a2c7442bd88e"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "u_LGl2H30LkgkGIOSqLxGG7BNkGPJW5FOTsFIxfgR5qq_ooAinK3pkCpHt2awMDlb_NFi0UrvvhQ61ADpB1E1ZQse5eCBo0K_tjnRNLc8PlATU7MbVRU2chrUnkZc6UGyfoJCBNg3ON1Fvu4bD51af14AEWIEPD5CWpmdQxNsUpJPOxTGtoCgWdwlWXqhybFfLPHru4Bvfbb8dLV4lYgPhxpcKXu12XE-ppMTXoQxUA8Q0VffmitodImFCa517PprK-14_DIVMXl9Wkav6lA8a4E3U-fz6PZlIJThRSSnoLoI2umwfnxzUdEHsTQ7gmBSVjQevxrEfme_BWUujmi0Q",
      "e": "AQAB",
      "kid": "790109d1c368e752ab5823dacc495d02afc6f0114a5c39e74dcce154138c7d66"
    }
  ]
}
2022-03-31 23:01:23 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-03-31 23:01:23 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "w9L7GrWdIXJneN-KOaEM2gTvC8InOayFKaeUtg9Pthr8snE3mVUaRJvIPuifMN99p0RcfUYXii10bJzIXFe4AT4aGAyK3rheOsZQqy0GVhbJnFnkfiJ2bKlEuWu9FOYaDTbNtWdYQ0zDQ9S8e2BKMh4MrOWmrHcmZhTTF3afdOXVWb2FU8-fAa-EYFwc9y7l_pOxwiiy5nwnjXC8xuB6p87KQPE7UJ8jMgWkPv01tStP0lxoWXE4m0UNGVM1EyQcieThKHIDxDlxeBkEi1wtOiasR_Zhu_LiPKvtTFmU4AaSSGV37unPfiKn1jpjRDJHJA96VChOGgUFuxGJCMGjuQ",
      "e": "AQAB",
      "kid": "c764ccf5dc0a852b6f088bc6b8e80229918eaa20d1c928de6467a2c7442bd88e"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "u_LGl2H30LkgkGIOSqLxGG7BNkGPJW5FOTsFIxfgR5qq_ooAinK3pkCpHt2awMDlb_NFi0UrvvhQ61ADpB1E1ZQse5eCBo0K_tjnRNLc8PlATU7MbVRU2chrUnkZc6UGyfoJCBNg3ON1Fvu4bD51af14AEWIEPD5CWpmdQxNsUpJPOxTGtoCgWdwlWXqhybFfLPHru4Bvfbb8dLV4lYgPhxpcKXu12XE-ppMTXoQxUA8Q0VffmitodImFCa517PprK-14_DIVMXl9Wkav6lA8a4E3U-fz6PZlIJThRSSnoLoI2umwfnxzUdEHsTQ7gmBSVjQevxrEfme_BWUujmi0Q",
      "e": "AQAB",
      "kid": "790109d1c368e752ab5823dacc495d02afc6f0114a5c39e74dcce154138c7d66"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "c764ccf5dc0a852b6f088bc6b8e80229918eaa20d1c928de6467a2c7442bd88e",
      "alg": "PS256",
      "n": "w9L7GrWdIXJneN-KOaEM2gTvC8InOayFKaeUtg9Pthr8snE3mVUaRJvIPuifMN99p0RcfUYXii10bJzIXFe4AT4aGAyK3rheOsZQqy0GVhbJnFnkfiJ2bKlEuWu9FOYaDTbNtWdYQ0zDQ9S8e2BKMh4MrOWmrHcmZhTTF3afdOXVWb2FU8-fAa-EYFwc9y7l_pOxwiiy5nwnjXC8xuB6p87KQPE7UJ8jMgWkPv01tStP0lxoWXE4m0UNGVM1EyQcieThKHIDxDlxeBkEi1wtOiasR_Zhu_LiPKvtTFmU4AaSSGV37unPfiKn1jpjRDJHJA96VChOGgUFuxGJCMGjuQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "790109d1c368e752ab5823dacc495d02afc6f0114a5c39e74dcce154138c7d66",
      "alg": "RSA-OAEP",
      "n": "u_LGl2H30LkgkGIOSqLxGG7BNkGPJW5FOTsFIxfgR5qq_ooAinK3pkCpHt2awMDlb_NFi0UrvvhQ61ADpB1E1ZQse5eCBo0K_tjnRNLc8PlATU7MbVRU2chrUnkZc6UGyfoJCBNg3ON1Fvu4bD51af14AEWIEPD5CWpmdQxNsUpJPOxTGtoCgWdwlWXqhybFfLPHru4Bvfbb8dLV4lYgPhxpcKXu12XE-ppMTXoQxUA8Q0VffmitodImFCa517PprK-14_DIVMXl9Wkav6lA8a4E3U-fz6PZlIJThRSSnoLoI2umwfnxzUdEHsTQ7gmBSVjQevxrEfme_BWUujmi0Q"
    }
  ]
}
2022-03-31 23:01:23 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-03-31 23:01:23 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-03-31 23:01:23 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "w9L7GrWdIXJneN-KOaEM2gTvC8InOayFKaeUtg9Pthr8snE3mVUaRJvIPuifMN99p0RcfUYXii10bJzIXFe4AT4aGAyK3rheOsZQqy0GVhbJnFnkfiJ2bKlEuWu9FOYaDTbNtWdYQ0zDQ9S8e2BKMh4MrOWmrHcmZhTTF3afdOXVWb2FU8-fAa-EYFwc9y7l_pOxwiiy5nwnjXC8xuB6p87KQPE7UJ8jMgWkPv01tStP0lxoWXE4m0UNGVM1EyQcieThKHIDxDlxeBkEi1wtOiasR_Zhu_LiPKvtTFmU4AaSSGV37unPfiKn1jpjRDJHJA96VChOGgUFuxGJCMGjuQ",
      "e": "AQAB",
      "kid": "c764ccf5dc0a852b6f088bc6b8e80229918eaa20d1c928de6467a2c7442bd88e"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "u_LGl2H30LkgkGIOSqLxGG7BNkGPJW5FOTsFIxfgR5qq_ooAinK3pkCpHt2awMDlb_NFi0UrvvhQ61ADpB1E1ZQse5eCBo0K_tjnRNLc8PlATU7MbVRU2chrUnkZc6UGyfoJCBNg3ON1Fvu4bD51af14AEWIEPD5CWpmdQxNsUpJPOxTGtoCgWdwlWXqhybFfLPHru4Bvfbb8dLV4lYgPhxpcKXu12XE-ppMTXoQxUA8Q0VffmitodImFCa517PprK-14_DIVMXl9Wkav6lA8a4E3U-fz6PZlIJThRSSnoLoI2umwfnxzUdEHsTQ7gmBSVjQevxrEfme_BWUujmi0Q",
      "e": "AQAB",
      "kid": "790109d1c368e752ab5823dacc495d02afc6f0114a5c39e74dcce154138c7d66"
    }
  ]
}
2022-03-31 23:01:23
fapi1-advanced-final-client-refresh-token-test
Setup Done
2022-03-31 23:01:24 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "3482172559968401009",
  "x-datadog-parent-id": "3621704604719433356",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/mercantil/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-31 23:01:24 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:24 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "jwt"
  ],
  "authorization_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-03-31 23:01:24 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test-mtls/a/mercantil/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "3482172559968401009",
  "x-datadog-parent-id": "5417838781395816937",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close",
  "content-length": "1088"
}
incoming_path
/test-mtls/a/mercantil/token
incoming_body_form_params
{
  "grant_type": "client_credentials",
  "scope": "payments",
  "client_id": "mercantil-bank",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODQsImV4cCI6MTY0ODc2Nzc0NCwianRpIjoid05MMFNwLV8tLW5hY2V2OW9kdmlZdVdyZzEtRVVRSWFlcFpCc1ZwcXBDSSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.vqVNz9kIgBS1d0e-eypK1EbPIfbchA1LkpWt21DeQVakxS8GPG04R0FkAY9on0IMBVwzXT06gqhUkiMqO4oPlGeJd4WWagKrEMZYqq97QznK3arqkrtRug-nQ7nAxvBoRd36rKEAnBQZdVB7cK5XWMpY_v_3r3Ki9UatdpenAvLQh16LCHHzElIBU9_vRS2EGYKe2iBxgQxFKtNG8XIbsQB7m1ds8qeR2Ic8bfFW4HBhcDAQMPGI5yPry3T7nn3ZSufwrd_MaMpqnmkhO_PYO3BZ6PObZqXZwNW1mFBuGITdcSLf57rALd3hugXY6loRm2671MfEGOfIrUJT_lf5RQ",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=client_credentials&scope=payments&client_id=mercantil-bank&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODQsImV4cCI6MTY0ODc2Nzc0NCwianRpIjoid05MMFNwLV8tLW5hY2V2OW9kdmlZdVdyZzEtRVVRSWFlcFpCc1ZwcXBDSSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.vqVNz9kIgBS1d0e-eypK1EbPIfbchA1LkpWt21DeQVakxS8GPG04R0FkAY9on0IMBVwzXT06gqhUkiMqO4oPlGeJd4WWagKrEMZYqq97QznK3arqkrtRug-nQ7nAxvBoRd36rKEAnBQZdVB7cK5XWMpY_v_3r3Ki9UatdpenAvLQh16LCHHzElIBU9_vRS2EGYKe2iBxgQxFKtNG8XIbsQB7m1ds8qeR2Ic8bfFW4HBhcDAQMPGI5yPry3T7nn3ZSufwrd_MaMpqnmkhO_PYO3BZ6PObZqXZwNW1mFBuGITdcSLf57rALd3hugXY6loRm2671MfEGOfIrUJT_lf5RQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-03-31 23:01:24 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-03-31 23:01:24 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
mercantil-bank
2022-03-31 23:01:24 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw\nNDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl\nbG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT\nLkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz\nMzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO\nMTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw\nEQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl\nYi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb\nzNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn\nZzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj\nirbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs\n05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T\npl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/\nBAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU\nhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB\nhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu\nYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu\nYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj\nYW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1\nad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N\na9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj\n1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI\nbcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V\nmRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d7090548b-48eb-44ac-9432-d544d536caa1,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3137313834303337303030313130,CN\u003dmercantildobrasil.com.br,OU\u003d5d249486-c697-5295-a856-9955ed3ac332,O\u003dBCO MERCANTIL DO BRASIL S.A.,L\u003dBelo Horizonte,ST\u003dMG,C\u003dBR"
  },
  "sanDnsNames": [
    "mercantildobrasil.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-31 23:01:24 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-31 23:01:24 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw
NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl
bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT
LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz
MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO
MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw
EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl
Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb
zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn
Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj
irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs
05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T
pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU
hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB
hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu
YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu
YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj
YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1
ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N
a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj
1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI
bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V
mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw==
-----END CERTIFICATE-----
2022-03-31 23:01:24 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODQsImV4cCI6MTY0ODc2Nzc0NCwianRpIjoid05MMFNwLV8tLW5hY2V2OW9kdmlZdVdyZzEtRVVRSWFlcFpCc1ZwcXBDSSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.vqVNz9kIgBS1d0e-eypK1EbPIfbchA1LkpWt21DeQVakxS8GPG04R0FkAY9on0IMBVwzXT06gqhUkiMqO4oPlGeJd4WWagKrEMZYqq97QznK3arqkrtRug-nQ7nAxvBoRd36rKEAnBQZdVB7cK5XWMpY_v_3r3Ki9UatdpenAvLQh16LCHHzElIBU9_vRS2EGYKe2iBxgQxFKtNG8XIbsQB7m1ds8qeR2Ic8bfFW4HBhcDAQMPGI5yPry3T7nn3ZSufwrd_MaMpqnmkhO_PYO3BZ6PObZqXZwNW1mFBuGITdcSLf57rALd3hugXY6loRm2671MfEGOfIrUJT_lf5RQ",
  "header": {
    "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "mercantil-bank",
    "aud": [
      "https://www.certification.openid.net/test/a/mercantil/",
      "https://www.certification.openid.net/test/a/mercantil/token",
      "https://www.certification.openid.net/test-mtls/a/mercantil/token"
    ],
    "iss": "mercantil-bank",
    "exp": 1648767744,
    "iat": 1648767684,
    "jti": "wNL0Sp-_--nacev9odviYuWrg1-EUQIaepZBsVpqpCI"
  }
}
2022-03-31 23:01:24
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-03-31 23:01:24 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODQsImV4cCI6MTY0ODc2Nzc0NCwianRpIjoid05MMFNwLV8tLW5hY2V2OW9kdmlZdVdyZzEtRVVRSWFlcFpCc1ZwcXBDSSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.vqVNz9kIgBS1d0e-eypK1EbPIfbchA1LkpWt21DeQVakxS8GPG04R0FkAY9on0IMBVwzXT06gqhUkiMqO4oPlGeJd4WWagKrEMZYqq97QznK3arqkrtRug-nQ7nAxvBoRd36rKEAnBQZdVB7cK5XWMpY_v_3r3Ki9UatdpenAvLQh16LCHHzElIBU9_vRS2EGYKe2iBxgQxFKtNG8XIbsQB7m1ds8qeR2Ic8bfFW4HBhcDAQMPGI5yPry3T7nn3ZSufwrd_MaMpqnmkhO_PYO3BZ6PObZqXZwNW1mFBuGITdcSLf57rALd3hugXY6loRm2671MfEGOfIrUJT_lf5RQ
2022-03-31 23:01:24 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-03-31 23:01:24 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-03-31 23:01:24 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'payments' scope in request
actual
[
  "payments"
]
expected
payments
2022-03-31 23:01:24 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
UjV0dxk9VmmDS0BoRPuf0mk5k2H04tDWbNXAYnBAkvkfBc4XQf
2022-03-31 23:01:24 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
UjV0dxk9VmmDS0BoRPuf0mk5k2H04tDWbNXAYnBAkvkfBc4XQf
token_type
Bearer
2022-03-31 23:01:24
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2022-03-31 23:01:24 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "UjV0dxk9VmmDS0BoRPuf0mk5k2H04tDWbNXAYnBAkvkfBc4XQf",
  "token_type": "Bearer"
}
outgoing_path
token
2022-03-31 23:01:24 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test-mtls/a/mercantil/payments/v1/consents
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, text/plain, */*",
  "content-type": "application/jwt",
  "authorization": "Bearer UjV0dxk9VmmDS0BoRPuf0mk5k2H04tDWbNXAYnBAkvkfBc4XQf",
  "x-idempotency-key": "c7b8616c-e88d-4202-869f-feaf87532159",
  "user-agent": "axios/0.24.0",
  "x-datadog-trace-id": "3482172559968401009",
  "x-datadog-parent-id": "7912332906179336112",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close",
  "content-length": "1410"
}
incoming_path
/test-mtls/a/mercantil/payments/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ijh1YnRHa2s1d1FyTkdOMld2N0dIakxjLVhxWmN4VXVnSEQ5eFlOellXSk0ifQ.eyJkYXRhIjp7ImxvZ2dlZFVzZXIiOnsiZG9jdW1lbnQiOnsiaWRlbnRpZmljYXRpb24iOiI1Nzc4NDUxODA2NCIsInJlbCI6IkNQRiJ9fSwiY3JlZGl0b3IiOnsiY3BmQ25waiI6IjU1MTU1MTE0ODQ1IiwibmFtZSI6IkhPTU9MT0dBQ0FPIFBJWCIsInBlcnNvblR5cGUiOiJQRVNTT0FfTkFUVVJBTCJ9LCJwYXltZW50Ijp7ImFtb3VudCI6IjEuMTUiLCJjdXJyZW5jeSI6IkJSTCIsImRhdGUiOiIyMDIxLTExLTExIiwiZGV0YWlscyI6eyJjcmVkaXRvckFjY291bnQiOnsiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjkyODk0OTIyIiwiaXNzdWVyIjoiMDAwMSIsIm51bWJlciI6IjEwMTczNzIyIn0sImxvY2FsSW5zdHJ1bWVudCI6IkRJQ1QiLCJwcm94eSI6IjU1MTU1MTE0ODQ1In0sImliZ2VUb3duQ29kZSI6IjUzMDAxMDgiLCJ0eXBlIjoiUElYIn0sImRlYnRvckFjY291bnQiOnsiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjM3MjQxMjMwIiwiaXNzdWVyIjoiMDAwMSIsIm51bWJlciI6IjQyNjEwNzM1NzMifX0sImlhdCI6MTY0ODc2NzY4NCwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL21lcmNhbnRpbC9wYXltZW50cy92MS9jb25zZW50cyIsImlzcyI6IjVkMjQ5NDg2LWM2OTctNTI5NS1hODU2LTk5NTVlZDNhYzMzMiIsImp0aSI6ImVkMTc2ODBhLWJmNTUtNDkyMC1hMTQ5LWE1Mzc3NGE3YTc2ZiJ9.k06j-5BIaxG1rELXxs09CJ2z35G4NJjWvsLWT8EMeTPR46onkPvAtaPxKhd0gtBRCPenIvvaJbuSHDMRD_I00bSK7eXZZOLKPGuUSIooz72Bcrot14jzL-ZhmWXlA_hzkecJNlYyIkez5oERH2j-LIYyKCVuUffoW8MAzZumAHsgQrcNANks26vFNxYqy2pShrsYtsYAYaWN52R2a7u5oDWeVYRTsBGW_t278RPHHKhZPfPK_UuOqjdtzjPRKnExzFXAXms9LrlWtQNbnt5P68Z1Ou19iMdjOR3bzDoqRZU91x79nVyaE2j1jyNZyNYCbPmdnxra-QRasbugwWmhnQ
2022-03-31 23:01:24 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2022-03-31 23:01:24 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw\nNDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl\nbG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT\nLkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz\nMzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO\nMTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw\nEQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl\nYi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb\nzNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn\nZzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj\nirbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs\n05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T\npl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/\nBAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU\nhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB\nhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu\nYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu\nYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj\nYW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1\nad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N\na9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj\n1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI\nbcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V\nmRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d7090548b-48eb-44ac-9432-d544d536caa1,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3137313834303337303030313130,CN\u003dmercantildobrasil.com.br,OU\u003d5d249486-c697-5295-a856-9955ed3ac332,O\u003dBCO MERCANTIL DO BRASIL S.A.,L\u003dBelo Horizonte,ST\u003dMG,C\u003dBR"
  },
  "sanDnsNames": [
    "mercantildobrasil.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-31 23:01:24 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-31 23:01:24 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw
NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl
bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT
LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz
MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO
MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw
EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl
Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb
zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn
Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj
irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs
05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T
pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU
hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB
hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu
YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu
YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj
YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1
ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N
a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj
1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI
bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V
mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw==
-----END CERTIFICATE-----
2022-03-31 23:01:24 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2022-03-31 23:01:24 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2022-03-31 23:01:24 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
UjV0dxk9VmmDS0BoRPuf0mk5k2H04tDWbNXAYnBAkvkfBc4XQf
2022-03-31 23:01:24 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
UjV0dxk9VmmDS0BoRPuf0mk5k2H04tDWbNXAYnBAkvkfBc4XQf
2022-03-31 23:01:24 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2022-03-31 23:01:24 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2022-03-31 23:01:24 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2022-03-31 23:01:24 SUCCESS
FAPIBrazilExtractCertificateSubjectFromServerJwks
Extracted subject from the certificate included in server jwks
subjectdn
UID=74e929d9-33b6-4d85-8ba7-c146c867a817,CN=Open Banking Brasil,OU=12345+OU=certman+OU=agoodone,O=ICP-Brasil,C=BR
ou
12345
brazil_software_id
74e929d9-33b6-4d85-8ba7-c146c867a817
2022-03-31 23:01:24 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedPayments
The token request which was used to obtain the access token contained 'payments' scope
actual
[
  "payments"
]
2022-03-31 23:01:24 SUCCESS
FAPIBrazilExtractPaymentsConsentRequest
Parsed payments consent request
payments_consent_request
{
  "aud": "https://www.certification.openid.net/test-mtls/a/mercantil/payments/v1/consents",
  "data": {
    "debtorAccount": {
      "number": "4261073573",
      "accountType": "CACC",
      "ispb": "37241230",
      "issuer": "0001"
    },
    "loggedUser": {
      "document": {
        "identification": "57784518064",
        "rel": "CPF"
      }
    },
    "creditor": {
      "name": "HOMOLOGACAO PIX",
      "cpfCnpj": "55155114845",
      "personType": "PESSOA_NATURAL"
    },
    "payment": {
      "date": "2021-11-11",
      "amount": "1.15",
      "currency": "BRL",
      "details": {
        "proxy": "55155114845",
        "localInstrument": "DICT",
        "creditorAccount": {
          "number": "10173722",
          "accountType": "CACC",
          "ispb": "92894922",
          "issuer": "0001"
        }
      },
      "ibgeTownCode": "5300108",
      "type": "PIX"
    }
  },
  "iss": "5d249486-c697-5295-a856-9955ed3ac332",
  "iat": 1648767684,
  "jti": "ed17680a-bf55-4920-a149-a53774a7a76f"
}
2022-03-31 23:01:24 SUCCESS
EnsureIncomingRequestContentTypeIsApplicationJwt
Client correctly used application/jwt content type
2022-03-31 23:01:24 SUCCESS
ExtractXIdempotencyKeyHeader
Found an x-idempotency-key header
idempotency_key
c7b8616c-e88d-4202-869f-feaf87532159
2022-03-31 23:01:24 SUCCESS
FAPIBrazilValidatePaymentConsentRequestAud
aud claim matches the endpoint url
aud
https://www.certification.openid.net/test-mtls/a/mercantil/payments/v1/consents
2022-03-31 23:01:24 SUCCESS
FAPIBrazilExtractCertificateSubjectFromIncomingMTLSCertifiate
Extracted subject from the mtls client certificate
subjectdn
UID=7090548b-48eb-44ac-9432-d544d536caa1,1.3.6.1.4.1.311.60.2.1.3=#13024252,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,2.5.4.5=#130e3137313834303337303030313130,CN=mercantildobrasil.com.br,OU=5d249486-c697-5295-a856-9955ed3ac332,O=BCO MERCANTIL DO BRASIL S.A.,L=Belo Horizonte,ST=MG,C=BR
ou
5d249486-c697-5295-a856-9955ed3ac332
brazil_software_id
7090548b-48eb-44ac-9432-d544d536caa1
2022-03-31 23:01:24 SUCCESS
FAPIBrazilEnsureConsentRequestIssEqualsOrganizationId
iss claim in consent request matches organizationId in client certificate
iss
5d249486-c697-5295-a856-9955ed3ac332
2022-03-31 23:01:24 SUCCESS
FAPIBrazilEnsureConsentRequestJtiIsUUIDv4
jti claim in consent request is a UUIDv4
jti
ed17680a-bf55-4920-a149-a53774a7a76f
2022-03-31 23:01:24 SUCCESS
FAPIBrazilValidateConsentRequestIat
iat claim in consent request is valid
iat
1648767684
2022-03-31 23:01:24
FAPIBrazilFetchClientOrganizationJwksFromDirectory
Fetching client organization keys
jwks_uri
https://keystore.sandbox.directory.openbankingbrasil.org.br/5d249486-c697-5295-a856-9955ed3ac332/application.jwks
2022-03-31 23:01:24
FAPIBrazilFetchClientOrganizationJwksFromDirectory
HTTP request
request_uri
https://keystore.sandbox.directory.openbankingbrasil.org.br/5d249486-c697-5295-a856-9955ed3ac332/application.jwks
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-03-31 23:01:24 RESPONSE
FAPIBrazilFetchClientOrganizationJwksFromDirectory
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-type": "application/jwk-set+json",
  "content-length": "5990",
  "connection": "keep-alive",
  "x-amz-replication-status": "COMPLETED",
  "last-modified": "Thu, 24 Mar 2022 20:49:41 GMT",
  "x-amz-version-id": "4Tjhn2.Wnny0BCoUvV7FUAVJ8gM8tCzq",
  "accept-ranges": "bytes",
  "server": "AmazonS3",
  "date": "Thu, 31 Mar 2022 23:00:54 GMT",
  "etag": "\"793983244539195d4688cdf80e8a35dd\"",
  "x-xss-protection": "1; mode\u003dblock",
  "x-frame-options": "SAMEORIGIN",
  "referrer-policy": "strict-origin-when-cross-origin",
  "x-content-type-options": "nosniff",
  "strict-transport-security": "max-age\u003d31536000",
  "x-cache": "Hit from cloudfront",
  "via": "1.1 18133da1ea724d113c4123fb3f20be9e.cloudfront.net (CloudFront)",
  "x-amz-cf-pop": "MIA3-P2",
  "x-amz-cf-id": "LM6YC1ZHIT81BzzIBmtJBX4OvnG45aLSCVpaCZOB3FkEpxMmEB6JKw\u003d\u003d",
  "age": "31"
}
response_body
{"keys":[{"kty":"RSA","use":"sig","x5c":["MIIGxTCCBa2gAwIBAgIUH/VqhkpTSqFHwaUiYub6V2N8ksEwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDkxMzE2MzYwMFoXDTIyMTAxMzE2MzYwMFowgbUxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMTQwDAYDVQQLEwVWaWRlbzANBgNVBAsTBlNvbHV0aTAVBgNVBAsTDjA5NDYxNjQ3MDAwMTk1MSUwIwYDVQQDExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBTLkEuMTQwMgYKCZImiZPyLGQBARMkNWQyNDk0ODYtYzY5Ny01Mjk1LWE4NTYtOTk1NWVkM2FjMzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvXbuuSHuFxIABau45phq4uWdTHTS/oRJKEty6D0LWenmSofR+tSYENkzbr8nmcJcK6iLv2GmfgdJ/AIh7AaRSj4sUAe4v1eo7ojWicuV4GpQ06N2XM/rKpV9Vnj8XA4L+PvSAbVwTItY+mPclfP2qS0AQQUFW/pDIhZUVTh22Iw9cl0u7JXdlSeG6xoYNVWjnILZC3HB+R+RmT0uJ82sZ8Od1Wz7gr05jljt9uV7GTe+lT7Ey2qU8Z6aEo1ElJofDI6SvOPMhBoHdMiA9lXj7XTzonEUueqTTuFkdxa0o3KqzGfUibzviOOLUwJJV/ZOFVJ9IRyOHySuVaFj1PhLQIDAQABo4IDDjCCAwowDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsoDVkX4I8mM3VYfANF1/ueqG9qowHwYDVR0jBBgwFoAUhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzABhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDBqBgNVHREEYzBhoBEGBWBMAQMCoAgMBlRoaWFnb6AZBgVgTAEDA6AQDA4xNzE4NDAzNzAwMDExMKAWBgVgTAEDBKANDAsyMTkzNTEyNzg3MKAZBgVgTAEDB6AQDA4wOTQ2MTY0NzAwMDE5NTAOBgNVHQ8BAf8EBAMCBsAwggGhBgNVHSAEggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIBJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5pc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZyYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMgTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQASCyIwlsl0dLDvSqCcAc66dYAZZzTSAxp4jBkkDpsEIQ85o40X1ypzAgcZgEr8767czVYMcG+NMYmY+h39FOAk4tB048zuxz+ypka+My8WoPzAB7m43aWTTDwLt8vbJcaLeu4mK9BTYDpz2XeOGqyxfEdWYIFOdsLr2YhJEV9nv0aWmMEaI/EUJj1JznptI16c+Ivk6kbMeFhFefJHpbXWPCEnRJiG8SMlgR1W6pdHSfwjxN5Q9eiIVSo3MWwc/7/B3aQuReDPU//7BZGR5JCeEuASCYS8FQ/0TPmfitRoGLg8ZDrbBJzcCLc/VGo5ZXiMU5Y79zJrvdEkOYYnc61p"],"n":"uvXbuuSHuFxIABau45phq4uWdTHTS_oRJKEty6D0LWenmSofR-tSYENkzbr8nmcJcK6iLv2GmfgdJ_AIh7AaRSj4sUAe4v1eo7ojWicuV4GpQ06N2XM_rKpV9Vnj8XA4L-PvSAbVwTItY-mPclfP2qS0AQQUFW_pDIhZUVTh22Iw9cl0u7JXdlSeG6xoYNVWjnILZC3HB-R-RmT0uJ82sZ8Od1Wz7gr05jljt9uV7GTe-lT7Ey2qU8Z6aEo1ElJofDI6SvOPMhBoHdMiA9lXj7XTzonEUueqTTuFkdxa0o3KqzGfUibzviOOLUwJJV_ZOFVJ9IRyOHySuVaFj1PhLQ","e":"AQAB","kid":"I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8","x5u":"https://keystore.sandbox.directory.openbankingbrasil.org.br/5d249486-c697-5295-a856-9955ed3ac332/I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8.pem","x5t#256":"I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8"},{"kty":"RSA","use":"sig","x5c":["MIIG2zCCBcOgAwIBAgIUKr02a8zDZujHxUkcMeq5pwiI8y4wDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDUwMFoXDTIzMDQyMzIwNDUwMFowgckxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMUgwEwYDVQQLEwxGaW5hbnN5c3RlY2gwFQYDVQQLEw40MjIyMjkxNTAwMDE5MTAaBgNVBAsTE0NlcnRpZmljYWRvIERpZ2l0YWwxJTAjBgNVBAMTHEJDTyBNRVJDQU5USUwgRE8gQlJBU0lMIFMuQS4xNDAyBgoJkiaJk/IsZAEBEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwNs9HLkqnAAbEDiPoznFZEpWAUIVF9QO2ASkjwOFYMYnw0TaS+Nl9htD8PGkO0QksZaGM/w4OIAegBrRdRF4C7K2go+utXo1pAQqHv1aiTAv+f7oFzdkW7fNdAKUfZWNfECZ75PzpbmcfJ5SE4/cnmqNGhgOC9yudIrR2uH6piapnH9ggfuNtY0v7yS43HFaQnDIYbFEdYM2tbOh79fOZ2qrFLiTMhJqMow9faQ/zAeXBZu2WbuycXHis1RqYLOWZCWcAWlZWU0h0uA/9Gqg+SBLyAsY0UGtXshlHPHnOgyAB15wT6v/eJNLNwYC7sRIK3tp0mI/flWDhc+NoywVbAgMBAAGjggMQMIIDDDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT1ZPOv9znpgcuzYvgbzhBEhzXNoDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMGwGA1UdEQRlMGOgFwYFYEwBAwKgDgwMV2VzbGV5IFNpbHZhoBkGBWBMAQMDoBAMDjE3MTg0MDM3MDAwMTEwoBYGBWBMAQMEoA0MCzMwOTMyNzQzMDMwoBUGBWBMAQMHoAwMCjEyMzQ1NjY3ODkwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEACDnwrVsT8E468Q+FxBawCnHvNq/C9rBPFfItc1IedzKImIYnvb3dFBIW6P3rvCS83bAzsQ9u2W2jU3V8KjhSy1Q/libayf/urSmKhHrzep8/wRoqiCd4FQJmGZoJRdkug4fAR0KrOkl6tKs2A25tU/tjiSYGYHhKJAOoRKSnalUCmxkektUYpwGkLEKNhfA0wLaS6cFF35WS3WsnuS6+5/IhYxjeYFS7/F3HCcqJZDhwb/NRSHuSNxBROHmzmVj9WRb7RHZvb0UfBCHOiW86t0ydmx8pPjpchPqmuQmyfJWKe775oBF15doKYYH++bnxZ7aPI+fP6Nry55ljODfEbA=="],"n":"sDbPRy5KpwAGxA4j6M5xWRKVgFCFRfUDtgEpI8DhWDGJ8NE2kvjZfYbQ_DxpDtEJLGWhjP8ODiAHoAa0XUReAuytoKPrrV6NaQEKh79WokwL_n-6Bc3ZFu3zXQClH2VjXxAme-T86W5nHyeUhOP3J5qjRoYDgvcrnSK0drh-qYmqZx_YIH7jbWNL-8kuNxxWkJwyGGxRHWDNrWzoe_XzmdqqxS4kzISajKMPX2kP8wHlwWbtlm7snFx4rNUamCzlmQlnAFpWVlNIdLgP_RqoPkgS8gLGNFBrV7IZRzx5zoMgAdecE-r_3iTSzcGAu7ESCt7adJiP35Vg4XPjaMsFWw","e":"AQAB","kid":"8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM","x5u":"https://keystore.sandbox.directory.openbankingbrasil.org.br/5d249486-c697-5295-a856-9955ed3ac332/8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM.pem","x5t#256":"8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM"}]}
2022-03-31 23:01:24
FAPIBrazilFetchClientOrganizationJwksFromDirectory
Found JWK set string
jwk_string
{"keys":[{"kty":"RSA","use":"sig","x5c":["MIIGxTCCBa2gAwIBAgIUH/VqhkpTSqFHwaUiYub6V2N8ksEwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDkxMzE2MzYwMFoXDTIyMTAxMzE2MzYwMFowgbUxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMTQwDAYDVQQLEwVWaWRlbzANBgNVBAsTBlNvbHV0aTAVBgNVBAsTDjA5NDYxNjQ3MDAwMTk1MSUwIwYDVQQDExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBTLkEuMTQwMgYKCZImiZPyLGQBARMkNWQyNDk0ODYtYzY5Ny01Mjk1LWE4NTYtOTk1NWVkM2FjMzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvXbuuSHuFxIABau45phq4uWdTHTS/oRJKEty6D0LWenmSofR+tSYENkzbr8nmcJcK6iLv2GmfgdJ/AIh7AaRSj4sUAe4v1eo7ojWicuV4GpQ06N2XM/rKpV9Vnj8XA4L+PvSAbVwTItY+mPclfP2qS0AQQUFW/pDIhZUVTh22Iw9cl0u7JXdlSeG6xoYNVWjnILZC3HB+R+RmT0uJ82sZ8Od1Wz7gr05jljt9uV7GTe+lT7Ey2qU8Z6aEo1ElJofDI6SvOPMhBoHdMiA9lXj7XTzonEUueqTTuFkdxa0o3KqzGfUibzviOOLUwJJV/ZOFVJ9IRyOHySuVaFj1PhLQIDAQABo4IDDjCCAwowDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsoDVkX4I8mM3VYfANF1/ueqG9qowHwYDVR0jBBgwFoAUhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzABhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDBqBgNVHREEYzBhoBEGBWBMAQMCoAgMBlRoaWFnb6AZBgVgTAEDA6AQDA4xNzE4NDAzNzAwMDExMKAWBgVgTAEDBKANDAsyMTkzNTEyNzg3MKAZBgVgTAEDB6AQDA4wOTQ2MTY0NzAwMDE5NTAOBgNVHQ8BAf8EBAMCBsAwggGhBgNVHSAEggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIBJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5pc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZyYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMgTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQASCyIwlsl0dLDvSqCcAc66dYAZZzTSAxp4jBkkDpsEIQ85o40X1ypzAgcZgEr8767czVYMcG+NMYmY+h39FOAk4tB048zuxz+ypka+My8WoPzAB7m43aWTTDwLt8vbJcaLeu4mK9BTYDpz2XeOGqyxfEdWYIFOdsLr2YhJEV9nv0aWmMEaI/EUJj1JznptI16c+Ivk6kbMeFhFefJHpbXWPCEnRJiG8SMlgR1W6pdHSfwjxN5Q9eiIVSo3MWwc/7/B3aQuReDPU//7BZGR5JCeEuASCYS8FQ/0TPmfitRoGLg8ZDrbBJzcCLc/VGo5ZXiMU5Y79zJrvdEkOYYnc61p"],"n":"uvXbuuSHuFxIABau45phq4uWdTHTS_oRJKEty6D0LWenmSofR-tSYENkzbr8nmcJcK6iLv2GmfgdJ_AIh7AaRSj4sUAe4v1eo7ojWicuV4GpQ06N2XM_rKpV9Vnj8XA4L-PvSAbVwTItY-mPclfP2qS0AQQUFW_pDIhZUVTh22Iw9cl0u7JXdlSeG6xoYNVWjnILZC3HB-R-RmT0uJ82sZ8Od1Wz7gr05jljt9uV7GTe-lT7Ey2qU8Z6aEo1ElJofDI6SvOPMhBoHdMiA9lXj7XTzonEUueqTTuFkdxa0o3KqzGfUibzviOOLUwJJV_ZOFVJ9IRyOHySuVaFj1PhLQ","e":"AQAB","kid":"I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8","x5u":"https://keystore.sandbox.directory.openbankingbrasil.org.br/5d249486-c697-5295-a856-9955ed3ac332/I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8.pem","x5t#256":"I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8"},{"kty":"RSA","use":"sig","x5c":["MIIG2zCCBcOgAwIBAgIUKr02a8zDZujHxUkcMeq5pwiI8y4wDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDUwMFoXDTIzMDQyMzIwNDUwMFowgckxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMUgwEwYDVQQLEwxGaW5hbnN5c3RlY2gwFQYDVQQLEw40MjIyMjkxNTAwMDE5MTAaBgNVBAsTE0NlcnRpZmljYWRvIERpZ2l0YWwxJTAjBgNVBAMTHEJDTyBNRVJDQU5USUwgRE8gQlJBU0lMIFMuQS4xNDAyBgoJkiaJk/IsZAEBEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwNs9HLkqnAAbEDiPoznFZEpWAUIVF9QO2ASkjwOFYMYnw0TaS+Nl9htD8PGkO0QksZaGM/w4OIAegBrRdRF4C7K2go+utXo1pAQqHv1aiTAv+f7oFzdkW7fNdAKUfZWNfECZ75PzpbmcfJ5SE4/cnmqNGhgOC9yudIrR2uH6piapnH9ggfuNtY0v7yS43HFaQnDIYbFEdYM2tbOh79fOZ2qrFLiTMhJqMow9faQ/zAeXBZu2WbuycXHis1RqYLOWZCWcAWlZWU0h0uA/9Gqg+SBLyAsY0UGtXshlHPHnOgyAB15wT6v/eJNLNwYC7sRIK3tp0mI/flWDhc+NoywVbAgMBAAGjggMQMIIDDDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT1ZPOv9znpgcuzYvgbzhBEhzXNoDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMGwGA1UdEQRlMGOgFwYFYEwBAwKgDgwMV2VzbGV5IFNpbHZhoBkGBWBMAQMDoBAMDjE3MTg0MDM3MDAwMTEwoBYGBWBMAQMEoA0MCzMwOTMyNzQzMDMwoBUGBWBMAQMHoAwMCjEyMzQ1NjY3ODkwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEACDnwrVsT8E468Q+FxBawCnHvNq/C9rBPFfItc1IedzKImIYnvb3dFBIW6P3rvCS83bAzsQ9u2W2jU3V8KjhSy1Q/libayf/urSmKhHrzep8/wRoqiCd4FQJmGZoJRdkug4fAR0KrOkl6tKs2A25tU/tjiSYGYHhKJAOoRKSnalUCmxkektUYpwGkLEKNhfA0wLaS6cFF35WS3WsnuS6+5/IhYxjeYFS7/F3HCcqJZDhwb/NRSHuSNxBROHmzmVj9WRb7RHZvb0UfBCHOiW86t0ydmx8pPjpchPqmuQmyfJWKe775oBF15doKYYH++bnxZ7aPI+fP6Nry55ljODfEbA=="],"n":"sDbPRy5KpwAGxA4j6M5xWRKVgFCFRfUDtgEpI8DhWDGJ8NE2kvjZfYbQ_DxpDtEJLGWhjP8ODiAHoAa0XUReAuytoKPrrV6NaQEKh79WokwL_n-6Bc3ZFu3zXQClH2VjXxAme-T86W5nHyeUhOP3J5qjRoYDgvcrnSK0drh-qYmqZx_YIH7jbWNL-8kuNxxWkJwyGGxRHWDNrWzoe_XzmdqqxS4kzISajKMPX2kP8wHlwWbtlm7snFx4rNUamCzlmQlnAFpWVlNIdLgP_RqoPkgS8gLGNFBrV7IZRzx5zoMgAdecE-r_3iTSzcGAu7ESCt7adJiP35Vg4XPjaMsFWw","e":"AQAB","kid":"8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM","x5u":"https://keystore.sandbox.directory.openbankingbrasil.org.br/5d249486-c697-5295-a856-9955ed3ac332/8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM.pem","x5t#256":"8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM"}]}
2022-03-31 23:01:24 SUCCESS
FAPIBrazilFetchClientOrganizationJwksFromDirectory
Downloaded and added client organization JWK set to environment
client_organization_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIGxTCCBa2gAwIBAgIUH/VqhkpTSqFHwaUiYub6V2N8ksEwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDkxMzE2MzYwMFoXDTIyMTAxMzE2MzYwMFowgbUxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMTQwDAYDVQQLEwVWaWRlbzANBgNVBAsTBlNvbHV0aTAVBgNVBAsTDjA5NDYxNjQ3MDAwMTk1MSUwIwYDVQQDExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBTLkEuMTQwMgYKCZImiZPyLGQBARMkNWQyNDk0ODYtYzY5Ny01Mjk1LWE4NTYtOTk1NWVkM2FjMzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvXbuuSHuFxIABau45phq4uWdTHTS/oRJKEty6D0LWenmSofR+tSYENkzbr8nmcJcK6iLv2GmfgdJ/AIh7AaRSj4sUAe4v1eo7ojWicuV4GpQ06N2XM/rKpV9Vnj8XA4L+PvSAbVwTItY+mPclfP2qS0AQQUFW/pDIhZUVTh22Iw9cl0u7JXdlSeG6xoYNVWjnILZC3HB+R+RmT0uJ82sZ8Od1Wz7gr05jljt9uV7GTe+lT7Ey2qU8Z6aEo1ElJofDI6SvOPMhBoHdMiA9lXj7XTzonEUueqTTuFkdxa0o3KqzGfUibzviOOLUwJJV/ZOFVJ9IRyOHySuVaFj1PhLQIDAQABo4IDDjCCAwowDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUsoDVkX4I8mM3VYfANF1/ueqG9qowHwYDVR0jBBgwFoAUhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzABhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDBqBgNVHREEYzBhoBEGBWBMAQMCoAgMBlRoaWFnb6AZBgVgTAEDA6AQDA4xNzE4NDAzNzAwMDExMKAWBgVgTAEDBKANDAsyMTkzNTEyNzg3MKAZBgVgTAEDB6AQDA4wOTQ2MTY0NzAwMDE5NTAOBgNVHQ8BAf8EBAMCBsAwggGhBgNVHSAEggGYMIIBlDCCAZAGCisGAQQBg7ovZAEwggGAMIIBNgYIKwYBBQUHAgIwggEoDIIBJFRoaXMgQ2VydGlmaWNhdGUgaXMgc29sZWx5IGZvciB1c2Ugd2l0aCBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWQgYW5kIG90aGVyIHBhcnRpY2lwYXRpbmcgb3JnYW5pc2F0aW9ucyB1c2luZyBSYWlkaWFtIFNlcnZpY2VzIExpbWl0ZWRzIFRydXN0IEZyYW1ld29yayBTZXJ2aWNlcy4gSXRzIHJlY2VpcHQsIHBvc3Nlc3Npb24gb3IgdXNlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJhaWRpYW0gU2VydmljZXMgTHRkIENlcnRpY2ljYXRlIFBvbGljeSBhbmQgcmVsYXRlZCBkb2N1bWVudHMgdGhlcmVpbi4wRAYIKwYBBQUHAgEWOGh0dHA6Ly9jcHMuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL3BvbGljaWVzMA0GCSqGSIb3DQEBCwUAA4IBAQASCyIwlsl0dLDvSqCcAc66dYAZZzTSAxp4jBkkDpsEIQ85o40X1ypzAgcZgEr8767czVYMcG+NMYmY+h39FOAk4tB048zuxz+ypka+My8WoPzAB7m43aWTTDwLt8vbJcaLeu4mK9BTYDpz2XeOGqyxfEdWYIFOdsLr2YhJEV9nv0aWmMEaI/EUJj1JznptI16c+Ivk6kbMeFhFefJHpbXWPCEnRJiG8SMlgR1W6pdHSfwjxN5Q9eiIVSo3MWwc/7/B3aQuReDPU//7BZGR5JCeEuASCYS8FQ/0TPmfitRoGLg8ZDrbBJzcCLc/VGo5ZXiMU5Y79zJrvdEkOYYnc61p"
      ],
      "n": "uvXbuuSHuFxIABau45phq4uWdTHTS_oRJKEty6D0LWenmSofR-tSYENkzbr8nmcJcK6iLv2GmfgdJ_AIh7AaRSj4sUAe4v1eo7ojWicuV4GpQ06N2XM_rKpV9Vnj8XA4L-PvSAbVwTItY-mPclfP2qS0AQQUFW_pDIhZUVTh22Iw9cl0u7JXdlSeG6xoYNVWjnILZC3HB-R-RmT0uJ82sZ8Od1Wz7gr05jljt9uV7GTe-lT7Ey2qU8Z6aEo1ElJofDI6SvOPMhBoHdMiA9lXj7XTzonEUueqTTuFkdxa0o3KqzGfUibzviOOLUwJJV_ZOFVJ9IRyOHySuVaFj1PhLQ",
      "e": "AQAB",
      "kid": "I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8",
      "x5u": "https://keystore.sandbox.directory.openbankingbrasil.org.br/5d249486-c697-5295-a856-9955ed3ac332/I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8.pem",
      "x5t#256": "I4cZmwGsttUWXXWULYTjkwpGEaNNbNvTCBvrQGsnSL8"
    },
    {
      "kty": "RSA",
      "use": "sig",
      "x5c": [
        "MIIG2zCCBcOgAwIBAgIUKr02a8zDZujHxUkcMeq5pwiI8y4wDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDUwMFoXDTIzMDQyMzIwNDUwMFowgckxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMUgwEwYDVQQLEwxGaW5hbnN5c3RlY2gwFQYDVQQLEw40MjIyMjkxNTAwMDE5MTAaBgNVBAsTE0NlcnRpZmljYWRvIERpZ2l0YWwxJTAjBgNVBAMTHEJDTyBNRVJDQU5USUwgRE8gQlJBU0lMIFMuQS4xNDAyBgoJkiaJk/IsZAEBEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwNs9HLkqnAAbEDiPoznFZEpWAUIVF9QO2ASkjwOFYMYnw0TaS+Nl9htD8PGkO0QksZaGM/w4OIAegBrRdRF4C7K2go+utXo1pAQqHv1aiTAv+f7oFzdkW7fNdAKUfZWNfECZ75PzpbmcfJ5SE4/cnmqNGhgOC9yudIrR2uH6piapnH9ggfuNtY0v7yS43HFaQnDIYbFEdYM2tbOh79fOZ2qrFLiTMhJqMow9faQ/zAeXBZu2WbuycXHis1RqYLOWZCWcAWlZWU0h0uA/9Gqg+SBLyAsY0UGtXshlHPHnOgyAB15wT6v/eJNLNwYC7sRIK3tp0mI/flWDhc+NoywVbAgMBAAGjggMQMIIDDDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBT1ZPOv9znpgcuzYvgbzhBEhzXNoDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3JsMGwGA1UdEQRlMGOgFwYFYEwBAwKgDgwMV2VzbGV5IFNpbHZhoBkGBWBMAQMDoBAMDjE3MTg0MDM3MDAwMTEwoBYGBWBMAQMEoA0MCzMwOTMyNzQzMDMwoBUGBWBMAQMHoAwMCjEyMzQ1NjY3ODkwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEACDnwrVsT8E468Q+FxBawCnHvNq/C9rBPFfItc1IedzKImIYnvb3dFBIW6P3rvCS83bAzsQ9u2W2jU3V8KjhSy1Q/libayf/urSmKhHrzep8/wRoqiCd4FQJmGZoJRdkug4fAR0KrOkl6tKs2A25tU/tjiSYGYHhKJAOoRKSnalUCmxkektUYpwGkLEKNhfA0wLaS6cFF35WS3WsnuS6+5/IhYxjeYFS7/F3HCcqJZDhwb/NRSHuSNxBROHmzmVj9WRb7RHZvb0UfBCHOiW86t0ydmx8pPjpchPqmuQmyfJWKe775oBF15doKYYH++bnxZ7aPI+fP6Nry55ljODfEbA\u003d\u003d"
      ],
      "n": "sDbPRy5KpwAGxA4j6M5xWRKVgFCFRfUDtgEpI8DhWDGJ8NE2kvjZfYbQ_DxpDtEJLGWhjP8ODiAHoAa0XUReAuytoKPrrV6NaQEKh79WokwL_n-6Bc3ZFu3zXQClH2VjXxAme-T86W5nHyeUhOP3J5qjRoYDgvcrnSK0drh-qYmqZx_YIH7jbWNL-8kuNxxWkJwyGGxRHWDNrWzoe_XzmdqqxS4kzISajKMPX2kP8wHlwWbtlm7snFx4rNUamCzlmQlnAFpWVlNIdLgP_RqoPkgS8gLGNFBrV7IZRzx5zoMgAdecE-r_3iTSzcGAu7ESCt7adJiP35Vg4XPjaMsFWw",
      "e": "AQAB",
      "kid": "8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM",
      "x5u": "https://keystore.sandbox.directory.openbankingbrasil.org.br/5d249486-c697-5295-a856-9955ed3ac332/8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM.pem",
      "x5t#256": "8ubtGkk5wQrNGN2Wv7GHjLc-XqZcxUugHD9xYNzYWJM"
    }
  ]
}
2022-03-31 23:01:24 SUCCESS
FAPIBrazilValidateJwtSignatureUsingOrganizationJwks
jwt signature validated
jwt
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ijh1YnRHa2s1d1FyTkdOMld2N0dIakxjLVhxWmN4VXVnSEQ5eFlOellXSk0ifQ.eyJkYXRhIjp7ImxvZ2dlZFVzZXIiOnsiZG9jdW1lbnQiOnsiaWRlbnRpZmljYXRpb24iOiI1Nzc4NDUxODA2NCIsInJlbCI6IkNQRiJ9fSwiY3JlZGl0b3IiOnsiY3BmQ25waiI6IjU1MTU1MTE0ODQ1IiwibmFtZSI6IkhPTU9MT0dBQ0FPIFBJWCIsInBlcnNvblR5cGUiOiJQRVNTT0FfTkFUVVJBTCJ9LCJwYXltZW50Ijp7ImFtb3VudCI6IjEuMTUiLCJjdXJyZW5jeSI6IkJSTCIsImRhdGUiOiIyMDIxLTExLTExIiwiZGV0YWlscyI6eyJjcmVkaXRvckFjY291bnQiOnsiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjkyODk0OTIyIiwiaXNzdWVyIjoiMDAwMSIsIm51bWJlciI6IjEwMTczNzIyIn0sImxvY2FsSW5zdHJ1bWVudCI6IkRJQ1QiLCJwcm94eSI6IjU1MTU1MTE0ODQ1In0sImliZ2VUb3duQ29kZSI6IjUzMDAxMDgiLCJ0eXBlIjoiUElYIn0sImRlYnRvckFjY291bnQiOnsiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjM3MjQxMjMwIiwiaXNzdWVyIjoiMDAwMSIsIm51bWJlciI6IjQyNjEwNzM1NzMifX0sImlhdCI6MTY0ODc2NzY4NCwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL21lcmNhbnRpbC9wYXltZW50cy92MS9jb25zZW50cyIsImlzcyI6IjVkMjQ5NDg2LWM2OTctNTI5NS1hODU2LTk5NTVlZDNhYzMzMiIsImp0aSI6ImVkMTc2ODBhLWJmNTUtNDkyMC1hMTQ5LWE1Mzc3NGE3YTc2ZiJ9.k06j-5BIaxG1rELXxs09CJ2z35G4NJjWvsLWT8EMeTPR46onkPvAtaPxKhd0gtBRCPenIvvaJbuSHDMRD_I00bSK7eXZZOLKPGuUSIooz72Bcrot14jzL-ZhmWXlA_hzkecJNlYyIkez5oERH2j-LIYyKCVuUffoW8MAzZumAHsgQrcNANks26vFNxYqy2pShrsYtsYAYaWN52R2a7u5oDWeVYRTsBGW_t278RPHHKhZPfPK_UuOqjdtzjPRKnExzFXAXms9LrlWtQNbnt5P68Z1Ou19iMdjOR3bzDoqRZU91x79nVyaE2j1jyNZyNYCbPmdnxra-QRasbugwWmhnQ
2022-03-31 23:01:24 SUCCESS
CreateFapiInteractionIdIfNeeded
Created new FAPI interaction ID
fapi_interaction_id
e8fd337b-3d55-4c6c-8b7d-8fe756185fde
2022-03-31 23:01:24 SUCCESS
FAPIBrazilGenerateNewPaymentsConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "e8fd337b-3d55-4c6c-8b7d-8fe756185fde"
}
consentId
urn:conformance:oidf:NN7tQCzSAG
consent_response
{
  "data": {
    "consentId": "urn:conformance:oidf:NN7tQCzSAG",
    "creationDateTime": "2022-03-31T23:01:24Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2022-03-31T23:01:24Z",
    "expirationDateTime": "2022-04-01T01:01:24Z",
    "transactionFromDateTime": "2022-03-31T22:56:24Z",
    "transactionToDateTime": "2022-04-01T01:01:24Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/mercantilpayments/v1/consents"
    },
    "meta": {
      "totalRecords": 1,
      "totalPages": 1,
      "requestDateTime": "2022-03-31T23:01:24Z"
    },
    "creditor": {
      "name": "HOMOLOGACAO PIX",
      "cpfCnpj": "55155114845",
      "personType": "PESSOA_NATURAL"
    },
    "loggedUser": {
      "document": {
        "identification": "57784518064",
        "rel": "CPF"
      }
    },
    "payment": {
      "date": "2021-11-11",
      "amount": "1.15",
      "currency": "BRL",
      "details": {
        "proxy": "55155114845",
        "localInstrument": "DICT",
        "creditorAccount": {
          "number": "10173722",
          "accountType": "CACC",
          "ispb": "92894922",
          "issuer": "0001"
        }
      },
      "ibgeTownCode": "5300108",
      "type": "PIX"
    },
    "debtorAccount": {
      "number": "4261073573",
      "accountType": "CACC",
      "ispb": "37241230",
      "issuer": "0001"
    }
  },
  "aud": "5d249486-c697-5295-a856-9955ed3ac332",
  "iat": 1648767684,
  "jti": "f5bc62ab-3514-478f-823c-608621bf9393",
  "iss": "74e929d9-33b6-4d85-8ba7-c146c867a817"
}
2022-03-31 23:01:24 SUCCESS
FAPIBrazilSignPaymentConsentResponse
Signed the payment consent response
signed_consent_response
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiI3NGU5MjlkOS0zM2I2LTRkODUtOGJhNy1jMTQ2Yzg2N2E4MTciLCJhdWQiOiI1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIiLCJkYXRhIjp7ImRlYnRvckFjY291bnQiOnsibnVtYmVyIjoiNDI2MTA3MzU3MyIsImFjY291bnRUeXBlIjoiQ0FDQyIsImlzcGIiOiIzNzI0MTIzMCIsImlzc3VlciI6IjAwMDEifSwiZXhwaXJhdGlvbkRhdGVUaW1lIjoiMjAyMi0wNC0wMVQwMTowMToyNFoiLCJ0cmFuc2FjdGlvblRvRGF0ZVRpbWUiOiIyMDIyLTA0LTAxVDAxOjAxOjI0WiIsImxvZ2dlZFVzZXIiOnsiZG9jdW1lbnQiOnsiaWRlbnRpZmljYXRpb24iOiI1Nzc4NDUxODA2NCIsInJlbCI6IkNQRiJ9fSwiY29uc2VudElkIjoidXJuOmNvbmZvcm1hbmNlOm9pZGY6Tk43dFFDelNBRyIsInRyYW5zYWN0aW9uRnJvbURhdGVUaW1lIjoiMjAyMi0wMy0zMVQyMjo1NjoyNFoiLCJtZXRhIjp7InRvdGFsUmVjb3JkcyI6MSwicmVxdWVzdERhdGVUaW1lIjoiMjAyMi0wMy0zMVQyMzowMToyNFoiLCJ0b3RhbFBhZ2VzIjoxfSwic3RhdHVzVXBkYXRlRGF0ZVRpbWUiOiIyMDIyLTAzLTMxVDIzOjAxOjI0WiIsImxpbmtzIjp7InNlbGYiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbWVyY2FudGlscGF5bWVudHNcL3YxXC9jb25zZW50cyJ9LCJjcmVkaXRvciI6eyJuYW1lIjoiSE9NT0xPR0FDQU8gUElYIiwiY3BmQ25waiI6IjU1MTU1MTE0ODQ1IiwicGVyc29uVHlwZSI6IlBFU1NPQV9OQVRVUkFMIn0sInBheW1lbnQiOnsiZGF0ZSI6IjIwMjEtMTEtMTEiLCJhbW91bnQiOiIxLjE1IiwiY3VycmVuY3kiOiJCUkwiLCJkZXRhaWxzIjp7InByb3h5IjoiNTUxNTUxMTQ4NDUiLCJsb2NhbEluc3RydW1lbnQiOiJESUNUIiwiY3JlZGl0b3JBY2NvdW50Ijp7Im51bWJlciI6IjEwMTczNzIyIiwiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjkyODk0OTIyIiwiaXNzdWVyIjoiMDAwMSJ9fSwiaWJnZVRvd25Db2RlIjoiNTMwMDEwOCIsInR5cGUiOiJQSVgifSwiY3JlYXRpb25EYXRlVGltZSI6IjIwMjItMDMtMzFUMjM6MDE6MjRaIiwic3RhdHVzIjoiQVdBSVRJTkdfQVVUSE9SSVNBVElPTiJ9LCJpYXQiOjE2NDg3Njc2ODQsImp0aSI6ImY1YmM2MmFiLTM1MTQtNDc4Zi04MjNjLTYwODYyMWJmOTM5MyJ9.Bv2B67Lasc6422b0P1hyfnBV4G0STskE0O6vFOP25miPEdgWfMHMQJVlpc5n4Swu4JFLDkbG3k_ipD71VmsyOxI2T5R6Bo20mQLD9aPPNCtPXkG4S_pCTSILGVHFmSlu4gAY3W8jcyxa50hxHlFpa3iFgBC6r5e_zeooub4ibwfD7dH30_bFujZEHj-SGLRX2ElsSeFhoqbJGm9v6e93SqyinP3tOF6izmRq6Wc3oPzNPIkcPjZB_rmnbwLN_bMzzZUCTGC4A7vqWXTXdgC9aYX4cPCQVodGycGRajePjFiwV4VibGKFLX1-9YfzDzeLQmn1Ce8mZeU-QLfmFG-dsw
2022-03-31 23:01:24
ClearAccessTokenFromRequest
Condition ran but did not log anything
2022-03-31 23:01:24 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "e8fd337b-3d55-4c6c-8b7d-8fe756185fde"
  ],
  "Content-Type": [
    "application/jwt"
  ]
}
outgoing_body
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiI3NGU5MjlkOS0zM2I2LTRkODUtOGJhNy1jMTQ2Yzg2N2E4MTciLCJhdWQiOiI1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIiLCJkYXRhIjp7ImRlYnRvckFjY291bnQiOnsibnVtYmVyIjoiNDI2MTA3MzU3MyIsImFjY291bnRUeXBlIjoiQ0FDQyIsImlzcGIiOiIzNzI0MTIzMCIsImlzc3VlciI6IjAwMDEifSwiZXhwaXJhdGlvbkRhdGVUaW1lIjoiMjAyMi0wNC0wMVQwMTowMToyNFoiLCJ0cmFuc2FjdGlvblRvRGF0ZVRpbWUiOiIyMDIyLTA0LTAxVDAxOjAxOjI0WiIsImxvZ2dlZFVzZXIiOnsiZG9jdW1lbnQiOnsiaWRlbnRpZmljYXRpb24iOiI1Nzc4NDUxODA2NCIsInJlbCI6IkNQRiJ9fSwiY29uc2VudElkIjoidXJuOmNvbmZvcm1hbmNlOm9pZGY6Tk43dFFDelNBRyIsInRyYW5zYWN0aW9uRnJvbURhdGVUaW1lIjoiMjAyMi0wMy0zMVQyMjo1NjoyNFoiLCJtZXRhIjp7InRvdGFsUmVjb3JkcyI6MSwicmVxdWVzdERhdGVUaW1lIjoiMjAyMi0wMy0zMVQyMzowMToyNFoiLCJ0b3RhbFBhZ2VzIjoxfSwic3RhdHVzVXBkYXRlRGF0ZVRpbWUiOiIyMDIyLTAzLTMxVDIzOjAxOjI0WiIsImxpbmtzIjp7InNlbGYiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbWVyY2FudGlscGF5bWVudHNcL3YxXC9jb25zZW50cyJ9LCJjcmVkaXRvciI6eyJuYW1lIjoiSE9NT0xPR0FDQU8gUElYIiwiY3BmQ25waiI6IjU1MTU1MTE0ODQ1IiwicGVyc29uVHlwZSI6IlBFU1NPQV9OQVRVUkFMIn0sInBheW1lbnQiOnsiZGF0ZSI6IjIwMjEtMTEtMTEiLCJhbW91bnQiOiIxLjE1IiwiY3VycmVuY3kiOiJCUkwiLCJkZXRhaWxzIjp7InByb3h5IjoiNTUxNTUxMTQ4NDUiLCJsb2NhbEluc3RydW1lbnQiOiJESUNUIiwiY3JlZGl0b3JBY2NvdW50Ijp7Im51bWJlciI6IjEwMTczNzIyIiwiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjkyODk0OTIyIiwiaXNzdWVyIjoiMDAwMSJ9fSwiaWJnZVRvd25Db2RlIjoiNTMwMDEwOCIsInR5cGUiOiJQSVgifSwiY3JlYXRpb25EYXRlVGltZSI6IjIwMjItMDMtMzFUMjM6MDE6MjRaIiwic3RhdHVzIjoiQVdBSVRJTkdfQVVUSE9SSVNBVElPTiJ9LCJpYXQiOjE2NDg3Njc2ODQsImp0aSI6ImY1YmM2MmFiLTM1MTQtNDc4Zi04MjNjLTYwODYyMWJmOTM5MyJ9.Bv2B67Lasc6422b0P1hyfnBV4G0STskE0O6vFOP25miPEdgWfMHMQJVlpc5n4Swu4JFLDkbG3k_ipD71VmsyOxI2T5R6Bo20mQLD9aPPNCtPXkG4S_pCTSILGVHFmSlu4gAY3W8jcyxa50hxHlFpa3iFgBC6r5e_zeooub4ibwfD7dH30_bFujZEHj-SGLRX2ElsSeFhoqbJGm9v6e93SqyinP3tOF6izmRq6Wc3oPzNPIkcPjZB_rmnbwLN_bMzzZUCTGC4A7vqWXTXdgC9aYX4cPCQVodGycGRajePjFiwV4VibGKFLX1-9YfzDzeLQmn1Ce8mZeU-QLfmFG-dsw
outgoing_path
payments/v1/consents
2022-03-31 23:01:24 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "3482172559968401009",
  "x-datadog-parent-id": "7347333165878970300",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/mercantil/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-31 23:01:24 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:24 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
outgoing_path
jwks
2022-03-31 23:01:25 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "PostmanRuntime/7.28.4",
  "accept": "*/*",
  "cache-control": "no-cache",
  "postman-token": "2805eb0c-e72c-473a-9992-17f2a9d16154",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/mercantil/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "client_id": "mercantil-bank",
  "scope": "openid consent:urn:conformance:oidf:NN7tQCzSAG payments",
  "response_type": "code",
  "redirect_uri": "https://produtosopbhml.mercantildobrasil.com.br/payment/callback",
  "request": "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJjdHkiOiJvYXV0aC1hdXRoei1yZXErand0Iiwia2lkIjoiMGZlNTAyZGQtMTRmMC00ZjQ1LTgwZjktZmViOWEyMTZmOTk2In0.gjN13LNNjrOhlTyGL9QLELv1O8yFbtr3Sbpv5DLCtLAdux0ptIlLYZmbkCAi0vooLME9i7DVe70IMzmXDc9F2ywjE0AcBSEnUhlUbtCa0p41P08n4gKH1UcKLpwXs02CS2vA2VQTyYdXfVOP1GWvpotp7wNeF9eGC5pyBAKWz2OFg--8my7qlYSG1oj9lWsavMCISVv3J_0PPLznYcbCDV2fGKdB6SosCr8qEOIEgkFdkFmSsCcJTnQgxDaKmO7fxv0IZbWt7ZLWhXflJoaN-y3jw2AcPT2JqxSCL4FdabIdnblmaFsjUPwGjTdLb4SnfHqrhzDtyC9lJfM1sEzMMQ.mHrmHGx659MdkdsM.QTlxyhFnznPkm8WbKHbobgXukOTQdt6Hpo-53uqdsfX9_1fUMy-vNhcVZwTQcPzmB2lDUTidJe0Jh70hwAGOoAWeJr0iFwFLic5QJKZRFirTYJ7M-SkN9ohAJy6AFbwmpy2kxfODsDTGZdN4apDXP4uG7-DYhs2FqLWnHuVB69Fdy_LvndeYFpln5tA292nfAvhyH5PU2pXeze9RPH_chRLzPCqD5i731pA7vQQwGwHVdh8Ja4Do48Pq7uwqd4e8lgDRGjY7_FxMsSDSndqlx5o8b-WP6pqXWZKvCnA6a6nGeAepGeHHwvPapb3A02Qcc7luhoh6DtZoTyeKHAAmFj2fi16Qo3lbIGAyvsICcIFWsRhj6nOKAYfjN5c5BB-aHrDz7Qd7M1Icer1dHsG5QLvB6PeuybL8eFz68VSdhTVrPhPh-xth4o2H_DTLaK0SqZERBtpHBU8zGB0PY6UmGYQJqY6prDFDAUp3dAN6UpzK3n0sMYDNF6Nmz45gLWHSr3oz91p7pkkg4DFiYKv9UowCXDhmvfXaM7LhhnYdl9EHh_wQ3CT7RffwqbVA9ebny7zBCqsG-jj6yGQvXm7rg34jdwOqMwgUKicQbrA3f12OK_lbENOVKN4iJX-AF93TAtNwQIBywFx-EzRTpnelXIc6NTcMPchT2EeAyf4vcmHdYBk2dfrIE6Q2bDcHyOWC0vkKvpj5deoZtUxxEqlClBMRkgk1Itfgoplrd1tpog_tyvn6vjr7GFpwhxt76BVx7qtoB1-NLax8W9-s1YMXbMCzwzUqVuwaexCF0dAAt7GhRZofFwsYXRS7NvnquXJBh-HGNvg-s4ko_1ItozXfUGzSjNmIi0LEGfMrPg_xuOj88a1xxrUR-l-Ln_i03wKNxKY_O7elw-rov30ufniEhl6YBDBp92Pu0JoCI5urs_s6bg6ObBwkgmXWe_MVqdNMLa3Ht6O-capRGfI0xWWt_SXQsqxeQvyIgON4tCJ6q7RMZ8ELjtqSkyPchcQFsDZ12VQa8oKQk5moGfcipyXlnldrC5gmIocsRgq6WY3lI-sPpe59k8uKRTFaOqAw6JmVS8O6umIvRtEb5gHkfE076mdIZ8T379QQ7TsDHOPPUnfnktmtWrmtkDRYSKdjwIg8Y043utYgfYYqHi7uPBocI9uSOcd_nZu7n_CFXesxMY_dxSpoXWu3a6ODecdkjpNXGC1ye5ds8wNMLoUx9K3zIXduI7vJyEiwfAsaKb9owk9sAmy8MyJzP2hTsFY2GIGBe73qsyfcXMgvPiYrTWb2u1TlDyWQ6cOqUOQ6Qn64xE0sxp4GiMMsTcKng6ORdaczEhAS27yewqCWgey3FOl_IYZUibMLU8W0a5z1bAWOIWo5pAujCH7_0HmX6xpDQbl06-JTz8Euj-S3H-ogTz5no6fJBiPkb8WapiYqwGcShq3IfBNnOQwIOMqtSkYbmBkqgKKW-6UDpjqGZ5C45GiaBjwXrz_nli59lWek1-ECgE-WDXBMuhxYjEFtpKDCFOhVYO03ymkjICudQFdjqi4W1M0l_KLgkPQlYs6K7Zkh3Yja5ZAfeUTZeoHd5eDxy6ITxjteL7NsQbKzzWghojDBfF2TAD5NNjxF13QTjOfdDmnvE8lsNreQkWpgqn-YKfsxsl1d4nm1OWhZFKxSpatYp6xP-BBmuSVb86nx-wXSbiV8xGukea23_6wv0L_5QjBQ0vCiqOAJAOsyd1XN4kfJeY9Qs5QxSC0mivIerfgmLKPE0hKu3xiJTan4SISOHy6gK3UJLUiuLIsESVuG4ohtyB6OAtI-RLJ2GTGhAxuEJtupwRGSmZX5ZiQ0IblvjTtP1C2W1odKtstt1yVCWe88KCe1CCUXE6gkaw9g1iJQzGJxKfwtaJFv4Emvj6RAcnRZqpcvnK5yRPcu.roikpC4YKPC3Ej1q9l4lqQ"
}
incoming_body
2022-03-31 23:01:25 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2022-03-31 23:01:25 SUCCESS
ExtractRequestObject
Parsed request object
request_object
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiIzYTEzNzlhMGM4YWZiYTViNmY1NTM2NWNiM2VlMGE1MTFjOGU3ZGRiMWY3M2QzYjQ0M2I2ODMxY2JkMzc4ZmZlIn0.eyJub25jZSI6IlR2N3FLV1hRbXRoQzVmQUE4Zm5KeDZuNWN4cWEtUWFSM1ZmamsxbVV1bGMiLCJzdGF0ZSI6IjNaQ2JiYTQ0WWYwRnFOSEtrMTVtR19ZbUJlVVE4WC1zUEZaU1MzSHdRQmsiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZTpvaWRmOk5ON3RRQ3pTQUcgcGF5bWVudHMiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vcHJvZHV0b3NvcGJobWwubWVyY2FudGlsZG9icmFzaWwuY29tLmJyL3BheW1lbnQvY2FsbGJhY2siLCJjbGFpbXMiOnsiaWRfdG9rZW4iOnsiYWNyIjp7InZhbHVlcyI6WyJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiXSwiZXNzZW50aWFsIjp0cnVlfX19LCJjb2RlX2NoYWxsZW5nZSI6IjQ1OUJVcjZhOTlQTnBYWkpZajJJeVAzbW0tZkhxVUZLX2JLZGV3RnFpN2ciLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiaXNzIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL21lcmNhbnRpbC8iLCJjbGllbnRfaWQiOiJtZXJjYW50aWwtYmFuayIsImp0aSI6ImRUbUh6LURFRHp1U2dVQk9yWHp2dVZLMnNDSzZXaXRIcTM4elZKaWRFS00iLCJpYXQiOjE2NDg3Njc2ODQsImV4cCI6MTY0ODc2Nzk4NCwibmJmIjoxNjQ4NzY3Njg0fQ.mUoaObtKiMqr9g-UBEoAHI4Y2kO_DbGTumeX0DbovuTj_dpR4FqHRHAl29xv4_jHiWTYMuO9FPPcOf8aW-CVLQJkoOXwnCfX4sE6w7hmTQbTlpyhdT3MPpsVF8yU8WOzGNyfwJ1y654zBKg8wDnKzB62ZiRnfNwGBBj0Nbb_bsLkxzOUznD8Z3SRlCno21xeCPWBeN-9dIKxGnnadIr6wUDjNntNmriBL425p21oLZ7H76bCxFg_Lj3RKlL3vY9UfbtI2HqYQFpMlAE8HrQehHhDFkmstxsczne7nZF4JnHb5Jl_xTJ0baqZtbx2bbXqXj6BL26-x2Qpxkg2N5rAdw",
  "header": {
    "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe",
    "typ": "oauth-authz-req+jwt",
    "alg": "PS256"
  },
  "claims": {
    "iss": "mercantil-bank",
    "response_type": "code",
    "code_challenge_method": "S256",
    "nonce": "Tv7qKWXQmthC5fAA8fnJx6n5cxqa-QaR3Vfjk1mUulc",
    "client_id": "mercantil-bank",
    "aud": "https://www.certification.openid.net/test/a/mercantil/",
    "nbf": 1648767684,
    "scope": "openid consent:urn:conformance:oidf:NN7tQCzSAG payments",
    "claims": {
      "id_token": {
        "acr": {
          "values": [
            "urn:brasil:openbanking:loa2",
            "urn:brasil:openbanking:loa3"
          ],
          "essential": true
        }
      }
    },
    "state": "3ZCbba44Yf0FqNHKk15mG_YmBeUQ8X-sPFZSS3HwQBk",
    "redirect_uri": "https://produtosopbhml.mercantildobrasil.com.br/payment/callback",
    "exp": 1648767984,
    "iat": 1648767684,
    "code_challenge": "459BUr6a99PNpXZJYj2IyP3mm-fHqUFK_bKdewFqi7g",
    "jti": "dTmHz-DEDzuSgUBOrXzvuVK2sCK6WitHq38zVJidEKM"
  },
  "jwe_header": {
    "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
    "cty": "oauth-authz-req+jwt",
    "enc": "A256GCM",
    "alg": "RSA-OAEP"
  }
}
2022-03-31 23:01:25 SUCCESS
EnsureRequestObjectWasEncrypted
Request object was encrypted
jwe_header
{
  "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
  "cty": "oauth-authz-req+jwt",
  "enc": "A256GCM",
  "alg": "RSA-OAEP"
}
2022-03-31 23:01:25 SUCCESS
FAPIBrazilEnsureRequestObjectEncryptedUsingRSAOAEPA256GCM
Request object was encrypted using RSA-OAEP and A256GCM
jwe_header
{
  "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
  "cty": "oauth-authz-req+jwt",
  "enc": "A256GCM",
  "alg": "RSA-OAEP"
}
2022-03-31 23:01:25 SUCCESS
ValidateEncryptedRequestObjectHasKid
kid was found in the encrypted request object header
kid
0fe502dd-14f0-4f45-80f9-feb9a216f996
2022-03-31 23:01:25 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "mercantil-bank",
  "scope": "openid consent:urn:conformance:oidf:NN7tQCzSAG payments",
  "response_type": "code",
  "redirect_uri": "https://produtosopbhml.mercantildobrasil.com.br/payment/callback",
  "request": "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJjdHkiOiJvYXV0aC1hdXRoei1yZXErand0Iiwia2lkIjoiMGZlNTAyZGQtMTRmMC00ZjQ1LTgwZjktZmViOWEyMTZmOTk2In0.gjN13LNNjrOhlTyGL9QLELv1O8yFbtr3Sbpv5DLCtLAdux0ptIlLYZmbkCAi0vooLME9i7DVe70IMzmXDc9F2ywjE0AcBSEnUhlUbtCa0p41P08n4gKH1UcKLpwXs02CS2vA2VQTyYdXfVOP1GWvpotp7wNeF9eGC5pyBAKWz2OFg--8my7qlYSG1oj9lWsavMCISVv3J_0PPLznYcbCDV2fGKdB6SosCr8qEOIEgkFdkFmSsCcJTnQgxDaKmO7fxv0IZbWt7ZLWhXflJoaN-y3jw2AcPT2JqxSCL4FdabIdnblmaFsjUPwGjTdLb4SnfHqrhzDtyC9lJfM1sEzMMQ.mHrmHGx659MdkdsM.QTlxyhFnznPkm8WbKHbobgXukOTQdt6Hpo-53uqdsfX9_1fUMy-vNhcVZwTQcPzmB2lDUTidJe0Jh70hwAGOoAWeJr0iFwFLic5QJKZRFirTYJ7M-SkN9ohAJy6AFbwmpy2kxfODsDTGZdN4apDXP4uG7-DYhs2FqLWnHuVB69Fdy_LvndeYFpln5tA292nfAvhyH5PU2pXeze9RPH_chRLzPCqD5i731pA7vQQwGwHVdh8Ja4Do48Pq7uwqd4e8lgDRGjY7_FxMsSDSndqlx5o8b-WP6pqXWZKvCnA6a6nGeAepGeHHwvPapb3A02Qcc7luhoh6DtZoTyeKHAAmFj2fi16Qo3lbIGAyvsICcIFWsRhj6nOKAYfjN5c5BB-aHrDz7Qd7M1Icer1dHsG5QLvB6PeuybL8eFz68VSdhTVrPhPh-xth4o2H_DTLaK0SqZERBtpHBU8zGB0PY6UmGYQJqY6prDFDAUp3dAN6UpzK3n0sMYDNF6Nmz45gLWHSr3oz91p7pkkg4DFiYKv9UowCXDhmvfXaM7LhhnYdl9EHh_wQ3CT7RffwqbVA9ebny7zBCqsG-jj6yGQvXm7rg34jdwOqMwgUKicQbrA3f12OK_lbENOVKN4iJX-AF93TAtNwQIBywFx-EzRTpnelXIc6NTcMPchT2EeAyf4vcmHdYBk2dfrIE6Q2bDcHyOWC0vkKvpj5deoZtUxxEqlClBMRkgk1Itfgoplrd1tpog_tyvn6vjr7GFpwhxt76BVx7qtoB1-NLax8W9-s1YMXbMCzwzUqVuwaexCF0dAAt7GhRZofFwsYXRS7NvnquXJBh-HGNvg-s4ko_1ItozXfUGzSjNmIi0LEGfMrPg_xuOj88a1xxrUR-l-Ln_i03wKNxKY_O7elw-rov30ufniEhl6YBDBp92Pu0JoCI5urs_s6bg6ObBwkgmXWe_MVqdNMLa3Ht6O-capRGfI0xWWt_SXQsqxeQvyIgON4tCJ6q7RMZ8ELjtqSkyPchcQFsDZ12VQa8oKQk5moGfcipyXlnldrC5gmIocsRgq6WY3lI-sPpe59k8uKRTFaOqAw6JmVS8O6umIvRtEb5gHkfE076mdIZ8T379QQ7TsDHOPPUnfnktmtWrmtkDRYSKdjwIg8Y043utYgfYYqHi7uPBocI9uSOcd_nZu7n_CFXesxMY_dxSpoXWu3a6ODecdkjpNXGC1ye5ds8wNMLoUx9K3zIXduI7vJyEiwfAsaKb9owk9sAmy8MyJzP2hTsFY2GIGBe73qsyfcXMgvPiYrTWb2u1TlDyWQ6cOqUOQ6Qn64xE0sxp4GiMMsTcKng6ORdaczEhAS27yewqCWgey3FOl_IYZUibMLU8W0a5z1bAWOIWo5pAujCH7_0HmX6xpDQbl06-JTz8Euj-S3H-ogTz5no6fJBiPkb8WapiYqwGcShq3IfBNnOQwIOMqtSkYbmBkqgKKW-6UDpjqGZ5C45GiaBjwXrz_nli59lWek1-ECgE-WDXBMuhxYjEFtpKDCFOhVYO03ymkjICudQFdjqi4W1M0l_KLgkPQlYs6K7Zkh3Yja5ZAfeUTZeoHd5eDxy6ITxjteL7NsQbKzzWghojDBfF2TAD5NNjxF13QTjOfdDmnvE8lsNreQkWpgqn-YKfsxsl1d4nm1OWhZFKxSpatYp6xP-BBmuSVb86nx-wXSbiV8xGukea23_6wv0L_5QjBQ0vCiqOAJAOsyd1XN4kfJeY9Qs5QxSC0mivIerfgmLKPE0hKu3xiJTan4SISOHy6gK3UJLUiuLIsESVuG4ohtyB6OAtI-RLJ2GTGhAxuEJtupwRGSmZX5ZiQ0IblvjTtP1C2W1odKtstt1yVCWe88KCe1CCUXE6gkaw9g1iJQzGJxKfwtaJFv4Emvj6RAcnRZqpcvnK5yRPcu.roikpC4YKPC3Ej1q9l4lqQ",
  "iss": "mercantil-bank",
  "code_challenge_method": "S256",
  "nonce": "Tv7qKWXQmthC5fAA8fnJx6n5cxqa-QaR3Vfjk1mUulc",
  "aud": "https://www.certification.openid.net/test/a/mercantil/",
  "nbf": 1648767684,
  "claims": {
    "id_token": {
      "acr": {
        "values": [
          "urn:brasil:openbanking:loa2",
          "urn:brasil:openbanking:loa3"
        ],
        "essential": true
      }
    }
  },
  "state": "3ZCbba44Yf0FqNHKk15mG_YmBeUQ8X-sPFZSS3HwQBk",
  "exp": 1648767984,
  "iat": 1648767684,
  "code_challenge": "459BUr6a99PNpXZJYj2IyP3mm-fHqUFK_bKdewFqi7g",
  "jti": "dTmHz-DEDzuSgUBOrXzvuVK2sCK6WitHq38zVJidEKM"
}
2022-03-31 23:01:25 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2022-03-31 23:01:25 SUCCESS
FAPIBrazilValidateRequestObjectIdTokenACRClaims
Acr value in request object is as expected
received
[
  "urn:brasil:openbanking:loa3"
]
2022-03-31 23:01:25 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Mar 31, 2022, 11:06:24 PM"
2022-03-31 23:01:25 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Mar 31, 2022, 11:01:24 PM"
now
"Mar 31, 2022, 11:01:25 PM"
2022-03-31 23:01:25
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2022-03-31 23:01:25 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2022-03-31 23:01:25 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2022-03-31 23:01:25 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2022-03-31 23:01:25 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2022-03-31 23:01:25 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiIzYTEzNzlhMGM4YWZiYTViNmY1NTM2NWNiM2VlMGE1MTFjOGU3ZGRiMWY3M2QzYjQ0M2I2ODMxY2JkMzc4ZmZlIn0.eyJub25jZSI6IlR2N3FLV1hRbXRoQzVmQUE4Zm5KeDZuNWN4cWEtUWFSM1ZmamsxbVV1bGMiLCJzdGF0ZSI6IjNaQ2JiYTQ0WWYwRnFOSEtrMTVtR19ZbUJlVVE4WC1zUEZaU1MzSHdRQmsiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZTpvaWRmOk5ON3RRQ3pTQUcgcGF5bWVudHMiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vcHJvZHV0b3NvcGJobWwubWVyY2FudGlsZG9icmFzaWwuY29tLmJyL3BheW1lbnQvY2FsbGJhY2siLCJjbGFpbXMiOnsiaWRfdG9rZW4iOnsiYWNyIjp7InZhbHVlcyI6WyJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTIiLCJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiXSwiZXNzZW50aWFsIjp0cnVlfX19LCJjb2RlX2NoYWxsZW5nZSI6IjQ1OUJVcjZhOTlQTnBYWkpZajJJeVAzbW0tZkhxVUZLX2JLZGV3RnFpN2ciLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwiaXNzIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL21lcmNhbnRpbC8iLCJjbGllbnRfaWQiOiJtZXJjYW50aWwtYmFuayIsImp0aSI6ImRUbUh6LURFRHp1U2dVQk9yWHp2dVZLMnNDSzZXaXRIcTM4elZKaWRFS00iLCJpYXQiOjE2NDg3Njc2ODQsImV4cCI6MTY0ODc2Nzk4NCwibmJmIjoxNjQ4NzY3Njg0fQ.mUoaObtKiMqr9g-UBEoAHI4Y2kO_DbGTumeX0DbovuTj_dpR4FqHRHAl29xv4_jHiWTYMuO9FPPcOf8aW-CVLQJkoOXwnCfX4sE6w7hmTQbTlpyhdT3MPpsVF8yU8WOzGNyfwJ1y654zBKg8wDnKzB62ZiRnfNwGBBj0Nbb_bsLkxzOUznD8Z3SRlCno21xeCPWBeN-9dIKxGnnadIr6wUDjNntNmriBL425p21oLZ7H76bCxFg_Lj3RKlL3vY9UfbtI2HqYQFpMlAE8HrQehHhDFkmstxsczne7nZF4JnHb5Jl_xTJ0baqZtbx2bbXqXj6BL26-x2Qpxkg2N5rAdw
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 28697923722953940779169914565097056151041985270599626042098785497905034874366448668774789552282155548846354768404958317581049277420644234289397018228278363965215376498233539596709489679342928669024610137713777103485895059893712654254223951275926412957564504965449927504992213807153016427032599737169849948759691928940465686601603381685456556006807803669946850998811635024976485679414693488180666013031598421037622359777840541049544342015704745229781753483064581019762903475420759831503017030996116039014004430502562732661654599802022393755245281112653708515243701496993128293416201822025135753680227624070748165502401
  public exponent: 65537
2022-03-31 23:01:25 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://produtosopbhml.mercantildobrasil.com.br/payment/callback
2022-03-31 23:01:25 SUCCESS
EnsureRequiredAuthorizationRequestParametersMatchRequestObject
Required http request parameters match request object claims
response_type
code
client_id
mercantil-bank
2022-03-31 23:01:25 SUCCESS
EnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2022-03-31 23:01:25 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid consent:urn:conformance:oidf:NN7tQCzSAG payments
2022-03-31 23:01:25 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "openid",
  "consent:urn:conformance:oidf:NN7tQCzSAG",
  "payments"
]
expected
consent:urn:conformance:oidf:NN7tQCzSAG
2022-03-31 23:01:25 SUCCESS
EnsureScopeContainsPayments
Found payments scope in request
actual
[
  "openid",
  "consent:urn:conformance:oidf:NN7tQCzSAG",
  "payments"
]
2022-03-31 23:01:25 SUCCESS
EnsureResponseTypeIsCode
Response type is expected value
expected
code
2022-03-31 23:01:25 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
mercantil-bank
2022-03-31 23:01:25 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
ZhM6FabzkW8tecFw2qSQ4TlDRI343N8U
2022-03-31 23:01:25 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
Tv7qKWXQmthC5fAA8fnJx6n5cxqa-QaR3Vfjk1mUulc
2022-03-31 23:01:25 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance:oidf:NN7tQCzSAG",
    "creationDateTime": "2022-03-31T23:01:24Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2022-03-31T23:01:25Z",
    "expirationDateTime": "2022-04-01T01:01:24Z",
    "transactionFromDateTime": "2022-03-31T22:56:24Z",
    "transactionToDateTime": "2022-04-01T01:01:24Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/mercantilpayments/v1/consents"
    },
    "meta": {
      "totalRecords": 1,
      "totalPages": 1,
      "requestDateTime": "2022-03-31T23:01:24Z"
    },
    "creditor": {
      "name": "HOMOLOGACAO PIX",
      "cpfCnpj": "55155114845",
      "personType": "PESSOA_NATURAL"
    },
    "loggedUser": {
      "document": {
        "identification": "57784518064",
        "rel": "CPF"
      }
    },
    "payment": {
      "date": "2021-11-11",
      "amount": "1.15",
      "currency": "BRL",
      "details": {
        "proxy": "55155114845",
        "localInstrument": "DICT",
        "creditorAccount": {
          "number": "10173722",
          "accountType": "CACC",
          "ispb": "92894922",
          "issuer": "0001"
        }
      },
      "ibgeTownCode": "5300108",
      "type": "PIX"
    },
    "debtorAccount": {
      "number": "4261073573",
      "accountType": "CACC",
      "ispb": "37241230",
      "issuer": "0001"
    }
  },
  "aud": "5d249486-c697-5295-a856-9955ed3ac332",
  "iat": 1648767684,
  "jti": "f5bc62ab-3514-478f-823c-608621bf9393",
  "iss": "74e929d9-33b6-4d85-8ba7-c146c867a817"
}
2022-03-31 23:01:25 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://produtosopbhml.mercantildobrasil.com.br/payment/callback",
  "state": "3ZCbba44Yf0FqNHKk15mG_YmBeUQ8X-sPFZSS3HwQBk"
}
2022-03-31 23:01:25 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://produtosopbhml.mercantildobrasil.com.br/payment/callback",
  "state": "3ZCbba44Yf0FqNHKk15mG_YmBeUQ8X-sPFZSS3HwQBk",
  "code": "ZhM6FabzkW8tecFw2qSQ4TlDRI343N8U"
}
2022-03-31 23:01:25
GenerateJARMResponseClaims
Created JARM response claims
iss
https://www.certification.openid.net/test/a/mercantil/
aud
mercantil-bank
code
ZhM6FabzkW8tecFw2qSQ4TlDRI343N8U
state
3ZCbba44Yf0FqNHKk15mG_YmBeUQ8X-sPFZSS3HwQBk
exp
1648768285
2022-03-31 23:01:25 SUCCESS
SignJARMResponse
Signed the JARM response
jarm_response
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbWVyY2FudGlsXC8iLCJhdWQiOiJtZXJjYW50aWwtYmFuayIsImNvZGUiOiJaaE02RmFiemtXOHRlY0Z3MnFTUTRUbERSSTM0M044VSIsInN0YXRlIjoiM1pDYmJhNDRZZjBGcU5IS2sxNW1HX1ltQmVVUThYLXNQRlpTUzNId1FCayIsImV4cCI6MTY0ODc2ODI4NX0.lJAUQG3HwEjVnIj1f4rGYyfml_xMEKpzH1WGZ8eAnzqgO5P3z-LalH6AUZISZvsWOuqiSrTNBjUb673OEiY7McPXHb9qzfbLICvZRY-fl9vZ50XvPEw2KSj-yQBLDqe0XXPJElXF0gYzM9Sm27Q8_5MkXALKF78Mk_IdrEHS1ANEsD0npX44wdVwpkp3Vsx09x52vhZyo6X9VuEHlhUlnrvrcPEMqEbLfsOgHVCPYisqapvdd5m-6HbqtT4WCvsluWKx30SqKDn1MRp9o1bgPKaYQBNUdgGe59DKTFvXD8cT7jkBPaKpH1XL37mquJ6-_K7i2VRTKVFLfIKDH7--bw
2022-03-31 23:01:25 INFO
EncryptJARMResponse
Skipped evaluation due to missing required element: client authorization_encrypted_response_alg
path
authorization_encrypted_response_alg
mapped
object
client
2022-03-31 23:01:25
SendJARMResponseWitResponseModeQuery
Redirecting back to client
uri
https://produtosopbhml.mercantildobrasil.com.br/payment/callback?response=eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbWVyY2FudGlsXC8iLCJhdWQiOiJtZXJjYW50aWwtYmFuayIsImNvZGUiOiJaaE02RmFiemtXOHRlY0Z3MnFTUTRUbERSSTM0M044VSIsInN0YXRlIjoiM1pDYmJhNDRZZjBGcU5IS2sxNW1HX1ltQmVVUThYLXNQRlpTUzNId1FCayIsImV4cCI6MTY0ODc2ODI4NX0.lJAUQG3HwEjVnIj1f4rGYyfml_xMEKpzH1WGZ8eAnzqgO5P3z-LalH6AUZISZvsWOuqiSrTNBjUb673OEiY7McPXHb9qzfbLICvZRY-fl9vZ50XvPEw2KSj-yQBLDqe0XXPJElXF0gYzM9Sm27Q8_5MkXALKF78Mk_IdrEHS1ANEsD0npX44wdVwpkp3Vsx09x52vhZyo6X9VuEHlhUlnrvrcPEMqEbLfsOgHVCPYisqapvdd5m-6HbqtT4WCvsluWKx30SqKDn1MRp9o1bgPKaYQBNUdgGe59DKTFvXD8cT7jkBPaKpH1XL37mquJ6-_K7i2VRTKVFLfIKDH7--bw
2022-03-31 23:01:25 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://produtosopbhml.mercantildobrasil.com.br/payment/callback?response=eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbWVyY2FudGlsXC8iLCJhdWQiOiJtZXJjYW50aWwtYmFuayIsImNvZGUiOiJaaE02RmFiemtXOHRlY0Z3MnFTUTRUbERSSTM0M044VSIsInN0YXRlIjoiM1pDYmJhNDRZZjBGcU5IS2sxNW1HX1ltQmVVUThYLXNQRlpTUzNId1FCayIsImV4cCI6MTY0ODc2ODI4NX0.lJAUQG3HwEjVnIj1f4rGYyfml_xMEKpzH1WGZ8eAnzqgO5P3z-LalH6AUZISZvsWOuqiSrTNBjUb673OEiY7McPXHb9qzfbLICvZRY-fl9vZ50XvPEw2KSj-yQBLDqe0XXPJElXF0gYzM9Sm27Q8_5MkXALKF78Mk_IdrEHS1ANEsD0npX44wdVwpkp3Vsx09x52vhZyo6X9VuEHlhUlnrvrcPEMqEbLfsOgHVCPYisqapvdd5m-6HbqtT4WCvsluWKx30SqKDn1MRp9o1bgPKaYQBNUdgGe59DKTFvXD8cT7jkBPaKpH1XL37mquJ6-_K7i2VRTKVFLfIKDH7--bw]
outgoing_path
authorize
2022-03-31 23:01:26 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "413894615231403452",
  "x-datadog-parent-id": "4156406196746059018",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/mercantil/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-31 23:01:26 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:26 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "jwt"
  ],
  "authorization_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-03-31 23:01:26 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/jwks
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "413894615231403452",
  "x-datadog-parent-id": "5591446895799528023",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/mercantil/jwks
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-31 23:01:26 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:26 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
outgoing_path
jwks
2022-03-31 23:01:26 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test-mtls/a/mercantil/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "413894615231403452",
  "x-datadog-parent-id": "3287312072769733311",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close",
  "content-length": "1257"
}
incoming_path
/test-mtls/a/mercantil/token
incoming_body_form_params
{
  "grant_type": "authorization_code",
  "code": "ZhM6FabzkW8tecFw2qSQ4TlDRI343N8U",
  "redirect_uri": "https://produtosopbhml.mercantildobrasil.com.br/payment/callback",
  "code_verifier": "OG223v9AVXEt6JMtmwIwlIYgpqAuhn-LccmkAf_enc0",
  "client_id": "mercantil-bank",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODYsImV4cCI6MTY0ODc2Nzc0NiwianRpIjoicnpoc1ZUVmF2bDdJbW94OThZSWgza2NCTzVkeWhJejNhQm9jd1ZXdnNMSSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.sqfWKWXMYZy6AesZy8CE-iLtlrn0mqSClhhcUHMxJEwKVoSZ6L_-pV6kdQ0EEiVegUniaG828dxttFixjS_Jgt6CQQahGHFN7H8z4ZGaJ8qyQ9YuwZ3qgK0f3NShb0yCjr0Sd0nnZgSAo17-WoA_0hpZaD4qf0VP65MxDP4Bg-thFSeaD-Peaqu5zKawh_DSpF6FeGiwB_nwHiHTvCzlVt7N37P5HUhAaZv8luYd13SGwCRiHEssey4_BkkXUdeD0hhchkzyitXH1VWMswJrD2KlSLRXKu2je1iqJfsx7ThnuwhwW10Bgf9KGo6CQXP-MqUpX64l7HXbPX6Int0S1w",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=authorization_code&code=ZhM6FabzkW8tecFw2qSQ4TlDRI343N8U&redirect_uri=https%3A%2F%2Fprodutosopbhml.mercantildobrasil.com.br%2Fpayment%2Fcallback&code_verifier=OG223v9AVXEt6JMtmwIwlIYgpqAuhn-LccmkAf_enc0&client_id=mercantil-bank&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODYsImV4cCI6MTY0ODc2Nzc0NiwianRpIjoicnpoc1ZUVmF2bDdJbW94OThZSWgza2NCTzVkeWhJejNhQm9jd1ZXdnNMSSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.sqfWKWXMYZy6AesZy8CE-iLtlrn0mqSClhhcUHMxJEwKVoSZ6L_-pV6kdQ0EEiVegUniaG828dxttFixjS_Jgt6CQQahGHFN7H8z4ZGaJ8qyQ9YuwZ3qgK0f3NShb0yCjr0Sd0nnZgSAo17-WoA_0hpZaD4qf0VP65MxDP4Bg-thFSeaD-Peaqu5zKawh_DSpF6FeGiwB_nwHiHTvCzlVt7N37P5HUhAaZv8luYd13SGwCRiHEssey4_BkkXUdeD0hhchkzyitXH1VWMswJrD2KlSLRXKu2je1iqJfsx7ThnuwhwW10Bgf9KGo6CQXP-MqUpX64l7HXbPX6Int0S1w&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-03-31 23:01:26 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-03-31 23:01:26 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
mercantil-bank
2022-03-31 23:01:26 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw\nNDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl\nbG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT\nLkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz\nMzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO\nMTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw\nEQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl\nYi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb\nzNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn\nZzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj\nirbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs\n05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T\npl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/\nBAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU\nhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB\nhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu\nYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu\nYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj\nYW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1\nad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N\na9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj\n1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI\nbcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V\nmRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d7090548b-48eb-44ac-9432-d544d536caa1,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3137313834303337303030313130,CN\u003dmercantildobrasil.com.br,OU\u003d5d249486-c697-5295-a856-9955ed3ac332,O\u003dBCO MERCANTIL DO BRASIL S.A.,L\u003dBelo Horizonte,ST\u003dMG,C\u003dBR"
  },
  "sanDnsNames": [
    "mercantildobrasil.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-31 23:01:26 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-31 23:01:26 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw
NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl
bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT
LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz
MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO
MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw
EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl
Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb
zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn
Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj
irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs
05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T
pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU
hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB
hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu
YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu
YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj
YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1
ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N
a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj
1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI
bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V
mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw==
-----END CERTIFICATE-----
2022-03-31 23:01:26 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODYsImV4cCI6MTY0ODc2Nzc0NiwianRpIjoicnpoc1ZUVmF2bDdJbW94OThZSWgza2NCTzVkeWhJejNhQm9jd1ZXdnNMSSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.sqfWKWXMYZy6AesZy8CE-iLtlrn0mqSClhhcUHMxJEwKVoSZ6L_-pV6kdQ0EEiVegUniaG828dxttFixjS_Jgt6CQQahGHFN7H8z4ZGaJ8qyQ9YuwZ3qgK0f3NShb0yCjr0Sd0nnZgSAo17-WoA_0hpZaD4qf0VP65MxDP4Bg-thFSeaD-Peaqu5zKawh_DSpF6FeGiwB_nwHiHTvCzlVt7N37P5HUhAaZv8luYd13SGwCRiHEssey4_BkkXUdeD0hhchkzyitXH1VWMswJrD2KlSLRXKu2je1iqJfsx7ThnuwhwW10Bgf9KGo6CQXP-MqUpX64l7HXbPX6Int0S1w",
  "header": {
    "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "mercantil-bank",
    "aud": [
      "https://www.certification.openid.net/test/a/mercantil/",
      "https://www.certification.openid.net/test/a/mercantil/token",
      "https://www.certification.openid.net/test-mtls/a/mercantil/token"
    ],
    "iss": "mercantil-bank",
    "exp": 1648767746,
    "iat": 1648767686,
    "jti": "rzhsVTVavl7Imox98YIh3kcBO5dyhIz3aBocwVWvsLI"
  }
}
2022-03-31 23:01:26
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-03-31 23:01:26 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODYsImV4cCI6MTY0ODc2Nzc0NiwianRpIjoicnpoc1ZUVmF2bDdJbW94OThZSWgza2NCTzVkeWhJejNhQm9jd1ZXdnNMSSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.sqfWKWXMYZy6AesZy8CE-iLtlrn0mqSClhhcUHMxJEwKVoSZ6L_-pV6kdQ0EEiVegUniaG828dxttFixjS_Jgt6CQQahGHFN7H8z4ZGaJ8qyQ9YuwZ3qgK0f3NShb0yCjr0Sd0nnZgSAo17-WoA_0hpZaD4qf0VP65MxDP4Bg-thFSeaD-Peaqu5zKawh_DSpF6FeGiwB_nwHiHTvCzlVt7N37P5HUhAaZv8luYd13SGwCRiHEssey4_BkkXUdeD0hhchkzyitXH1VWMswJrD2KlSLRXKu2je1iqJfsx7ThnuwhwW10Bgf9KGo6CQXP-MqUpX64l7HXbPX6Int0S1w
2022-03-31 23:01:26 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-03-31 23:01:26 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-03-31 23:01:26 SUCCESS
ValidateAuthorizationCode
Found authorization code
authorization_code
ZhM6FabzkW8tecFw2qSQ4TlDRI343N8U
2022-03-31 23:01:26 SUCCESS
ValidateRedirectUri
Found redirect uri
redirect_uri
https://produtosopbhml.mercantildobrasil.com.br/payment/callback
2022-03-31 23:01:26 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
1qmMtKJuh5r1dyGn29y0eXKzxsZk92OVQERrXCwc5tiA7ssnWV
2022-03-31 23:01:26 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
s0me3ZNFo-s5vVAHdqWPRA
2022-03-31 23:01:26
CreateRefreshToken
Created refresh token
refresh_token
nmSOHCyadnijnVDVameaBwTPBQejjSYSgzmivqGsyKTjwGRYkS1370369323?'|=/
2022-03-31 23:01:26 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/mercantil/
sub
user-subject-1234531
aud
mercantil-bank
nonce
Tv7qKWXQmthC5fAA8fnJx6n5cxqa-QaR3Vfjk1mUulc
iat
1648767686
exp
1648767986
2022-03-31 23:01:26 SUCCESS
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Added claims to id_token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/mercantil/",
  "sub": "user-subject-1234531",
  "aud": "mercantil-bank",
  "nonce": "Tv7qKWXQmthC5fAA8fnJx6n5cxqa-QaR3Vfjk1mUulc",
  "iat": 1648767686,
  "exp": 1648767986
}
2022-03-31 23:01:26 SUCCESS
AddAtHashToIdTokenClaims
Added at_hash to ID token claims
at_hash
s0me3ZNFo-s5vVAHdqWPRA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/mercantil/",
  "sub": "user-subject-1234531",
  "aud": "mercantil-bank",
  "nonce": "Tv7qKWXQmthC5fAA8fnJx6n5cxqa-QaR3Vfjk1mUulc",
  "iat": 1648767686,
  "exp": 1648767986,
  "at_hash": "s0me3ZNFo-s5vVAHdqWPRA"
}
2022-03-31 23:01:26 SUCCESS
FAPIBrazilAddACRClaimToIdTokenClaims
Added acr value to id_token_claims
acr_value
urn:brasil:openbanking:loa3
claims
{
  "iss": "https://www.certification.openid.net/test/a/mercantil/",
  "sub": "user-subject-1234531",
  "aud": "mercantil-bank",
  "nonce": "Tv7qKWXQmthC5fAA8fnJx6n5cxqa-QaR3Vfjk1mUulc",
  "iat": 1648767686,
  "exp": 1648767986,
  "at_hash": "s0me3ZNFo-s5vVAHdqWPRA",
  "acr": "urn:brasil:openbanking:loa3"
}
2022-03-31 23:01:26 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiczBtZTNaTkZvLXM1dlZBSGRxV1BSQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoibWVyY2FudGlsLWJhbmsiLCJhY3IiOiJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbWVyY2FudGlsXC8iLCJleHAiOjE2NDg3Njc5ODYsIm5vbmNlIjoiVHY3cUtXWFFtdGhDNWZBQThmbkp4Nm41Y3hxYS1RYVIzVmZqazFtVXVsYyIsImlhdCI6MTY0ODc2NzY4Nn0.MuLZxGEp0eit_R3DkddQztHBsNLURjZjGUKUnefkEApHEJjoyFT5tQ1hCv8SHp-gdQdDfv5r9Whd34NpnZgs8AyhJu9-ZyyjIQn5bbdtgatQ2EXjybWS0en9tAvQaJ6OYZUZtjCv9S96rgJYkstk5kRwM-hM_OWncr-C650YQIOIURo0GvKeBejsmjCWKQ_FULzlvaRc3ez3ltC6TGT0jmPkMhVIMdFueSTftU-twVOIbq83GX9Rjf-mKElNm2WrOVyXjHpfgcwgG5_PpiVYjxK4ZCQaK9sGgP7tDvkfizrDOCN7SufxfJqyeHDb7fwJhIS3zbsc9weAEw_zqgHfhA
2022-03-31 23:01:26 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
1qmMtKJuh5r1dyGn29y0eXKzxsZk92OVQERrXCwc5tiA7ssnWV
token_type
Bearer
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiczBtZTNaTkZvLXM1dlZBSGRxV1BSQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoibWVyY2FudGlsLWJhbmsiLCJhY3IiOiJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbWVyY2FudGlsXC8iLCJleHAiOjE2NDg3Njc5ODYsIm5vbmNlIjoiVHY3cUtXWFFtdGhDNWZBQThmbkp4Nm41Y3hxYS1RYVIzVmZqazFtVXVsYyIsImlhdCI6MTY0ODc2NzY4Nn0.MuLZxGEp0eit_R3DkddQztHBsNLURjZjGUKUnefkEApHEJjoyFT5tQ1hCv8SHp-gdQdDfv5r9Whd34NpnZgs8AyhJu9-ZyyjIQn5bbdtgatQ2EXjybWS0en9tAvQaJ6OYZUZtjCv9S96rgJYkstk5kRwM-hM_OWncr-C650YQIOIURo0GvKeBejsmjCWKQ_FULzlvaRc3ez3ltC6TGT0jmPkMhVIMdFueSTftU-twVOIbq83GX9Rjf-mKElNm2WrOVyXjHpfgcwgG5_PpiVYjxK4ZCQaK9sGgP7tDvkfizrDOCN7SufxfJqyeHDb7fwJhIS3zbsc9weAEw_zqgHfhA
refresh_token
nmSOHCyadnijnVDVameaBwTPBQejjSYSgzmivqGsyKTjwGRYkS1370369323?'|=/
scope
openid consent:urn:conformance:oidf:NN7tQCzSAG payments
2022-03-31 23:01:26
RemoveIssuedAccessTokenFromEnvironment
Removed access_token and token_type from environment
2022-03-31 23:01:26 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "1qmMtKJuh5r1dyGn29y0eXKzxsZk92OVQERrXCwc5tiA7ssnWV",
  "token_type": "Bearer",
  "id_token": "eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJhdF9oYXNoIjoiczBtZTNaTkZvLXM1dlZBSGRxV1BSQSIsInN1YiI6InVzZXItc3ViamVjdC0xMjM0NTMxIiwiYXVkIjoibWVyY2FudGlsLWJhbmsiLCJhY3IiOiJ1cm46YnJhc2lsOm9wZW5iYW5raW5nOmxvYTMiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwvbWVyY2FudGlsXC8iLCJleHAiOjE2NDg3Njc5ODYsIm5vbmNlIjoiVHY3cUtXWFFtdGhDNWZBQThmbkp4Nm41Y3hxYS1RYVIzVmZqazFtVXVsYyIsImlhdCI6MTY0ODc2NzY4Nn0.MuLZxGEp0eit_R3DkddQztHBsNLURjZjGUKUnefkEApHEJjoyFT5tQ1hCv8SHp-gdQdDfv5r9Whd34NpnZgs8AyhJu9-ZyyjIQn5bbdtgatQ2EXjybWS0en9tAvQaJ6OYZUZtjCv9S96rgJYkstk5kRwM-hM_OWncr-C650YQIOIURo0GvKeBejsmjCWKQ_FULzlvaRc3ez3ltC6TGT0jmPkMhVIMdFueSTftU-twVOIbq83GX9Rjf-mKElNm2WrOVyXjHpfgcwgG5_PpiVYjxK4ZCQaK9sGgP7tDvkfizrDOCN7SufxfJqyeHDb7fwJhIS3zbsc9weAEw_zqgHfhA",
  "refresh_token": "nmSOHCyadnijnVDVameaBwTPBQejjSYSgzmivqGsyKTjwGRYkS1370369323?\u0027|\u003d/",
  "scope": "openid consent:urn:conformance:oidf:NN7tQCzSAG payments"
}
outgoing_path
token
2022-03-31 23:01:27 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test-mtls/a/mercantil/payments/v1/pix/payments
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/jwt",
  "x-idempotency-key": "810bebc6-80fb-49be-bdcd-3ffeda301f04",
  "authorization": "Bearer 1qmMtKJuh5r1dyGn29y0eXKzxsZk92OVQERrXCwc5tiA7ssnWV",
  "user-agent": "PostmanRuntime/7.28.4",
  "accept": "*/*",
  "cache-control": "no-cache",
  "postman-token": "5641487c-a1c4-4ee5-b42d-671e7604ad8d",
  "accept-encoding": "gzip, deflate, br",
  "cookie": "JSESSIONID\u003dCF9ADD4B841D4DEC7D2EEC0697943035",
  "connection": "close",
  "content-length": "1056"
}
incoming_path
/test-mtls/a/mercantil/payments/v1/pix/payments
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ijh1YnRHa2s1d1FyTkdOMld2N0dIakxjLVhxWmN4VXVnSEQ5eFlOellXSk0ifQ.eyJkYXRhIjp7ImxvY2FsSW5zdHJ1bWVudCI6IkRJQ1QiLCJwYXltZW50Ijp7ImFtb3VudCI6IjEuMTUiLCJjdXJyZW5jeSI6IkJSTCJ9LCJjcmVkaXRvckFjY291bnQiOnsiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjkyODk0OTIyIiwiaXNzdWVyIjoiMDAwMSIsIm51bWJlciI6IjEwMTczNzIyIn0sImNucGpJbml0aWF0b3IiOiIyMDc0NzQzNjAwMDE1NiIsImliZ2VUb3duQ29kZSI6IjUzMDAxMDgiLCJwcm94eSI6IjU1MTU1MTE0ODQ1In0sImlhdCI6MTY0ODc2NzY4NywiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL21lcmNhbnRpbC9wYXltZW50cy92MS9waXgvcGF5bWVudHMiLCJpc3MiOiI1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIiLCJqdGkiOiI4OTMwOWFiYi1iZDJhLTQxOTUtYWVjZC02YzNlYjEyY2JlZDUifQ.nVKGx8CFk4Pl2dlHbapMMrebPH66tKL3yXjDLWKheUTZgjTP5kzAaTTVZVhmoowiy0Tsr9_ka6oKrdde4xswNgpbPFT_voZzlr-fPb8h4OGIeQsc60miuwvvUMofWYEA2wSbld4ZgO0rmddEM652QBMO7fl4Km1eop1ljqT6Dnl3hqFcw-cHNacpGJUHRSnJYQVa_SXWQufU47jFt86WunatwxL4jkzBT_YZ-h-Q93ay-T4TChEA9h66VpNbL5v1SMniNqtk5g_wO0o5AfdhCwFRcTVgJ9BTDfs5Eyv2h1vFUz2A0BMpGjHx3YoePrqRZME8gzhPWXuzPttCiUt-Vw
2022-03-31 23:01:27 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Payment initiation endpoint (always rejected)
2022-03-31 23:01:27 SUCCESS
LogAccessTokenAlwaysRejectedToForceARefreshGrant
This call will be always rejected. The client must obtain a new access token twice using the refresh_token
2022-03-31 23:01:27 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
401
outgoing_headers
{
  "WWW-Authenticate": [
    "Bearer realm\u003d\"conformancesuite\", error\u003d\"invalid_token\", error_description\u003d\"Invalid access token. This test requires you to obtain a new access token twice using the refresh_token\""
  ]
}
outgoing_body
outgoing_path
payments/v1/pix/payments
2022-03-31 23:01:28 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "8915795655523999140",
  "x-datadog-parent-id": "8599372432722894924",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/mercantil/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-31 23:01:28 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:28 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "jwt"
  ],
  "authorization_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-03-31 23:01:28 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "8915795655523999140",
  "x-datadog-parent-id": "3764486031599988640",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/mercantil/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-31 23:01:28 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:28 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "jwt"
  ],
  "authorization_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-03-31 23:01:28 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test-mtls/a/mercantil/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "8915795655523999140",
  "x-datadog-parent-id": "7157011304731845248",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close",
  "content-length": "1158"
}
incoming_path
/test-mtls/a/mercantil/token
incoming_body_form_params
{
  "grant_type": "refresh_token",
  "refresh_token": "nmSOHCyadnijnVDVameaBwTPBQejjSYSgzmivqGsyKTjwGRYkS1370369323?\u0027|\u003d/",
  "client_id": "mercantil-bank",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODgsImV4cCI6MTY0ODc2Nzc0OCwianRpIjoicldxYUYzNkRUSmRqeWNXRzVIT3NTTUVXR25wc2J3OHlwMjlLbHBjaFQ3byIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.h1Ir9eC4odiooIulS1wmiNn9HDY4zKxo3__IKkVtfrpCNW5uy5a4O7eTZWDnC8Pqjw0Xa8sx-RwHPBrko2j-s0VmjBxhei_2OKPeZ3pk8xlgiYzPO_WK46VVtPt5QK9iS6Cmz6b00VcEF6GsILhWoc3iQPubx77XbRyBj9IpF77RCIuHRyXsO8yayDS3Y8AxHjaK0l56X5-SPLQPvhcTc9Db1nm6AdyBHvfXDUuuAm2GCPsJQBBhiKcsjczW67WCpg-JRXqbcCBWvUBT42x8s_Mm4xjugIpkT1KGKORF0WBsHYB6RBZF21zwWS2wc2iy7ivMc5wgcWdy3ApWI6o80Q",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=refresh_token&refresh_token=nmSOHCyadnijnVDVameaBwTPBQejjSYSgzmivqGsyKTjwGRYkS1370369323%3F%27%7C%3D%2F&client_id=mercantil-bank&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODgsImV4cCI6MTY0ODc2Nzc0OCwianRpIjoicldxYUYzNkRUSmRqeWNXRzVIT3NTTUVXR25wc2J3OHlwMjlLbHBjaFQ3byIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.h1Ir9eC4odiooIulS1wmiNn9HDY4zKxo3__IKkVtfrpCNW5uy5a4O7eTZWDnC8Pqjw0Xa8sx-RwHPBrko2j-s0VmjBxhei_2OKPeZ3pk8xlgiYzPO_WK46VVtPt5QK9iS6Cmz6b00VcEF6GsILhWoc3iQPubx77XbRyBj9IpF77RCIuHRyXsO8yayDS3Y8AxHjaK0l56X5-SPLQPvhcTc9Db1nm6AdyBHvfXDUuuAm2GCPsJQBBhiKcsjczW67WCpg-JRXqbcCBWvUBT42x8s_Mm4xjugIpkT1KGKORF0WBsHYB6RBZF21zwWS2wc2iy7ivMc5wgcWdy3ApWI6o80Q&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-03-31 23:01:28 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-03-31 23:01:28 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
mercantil-bank
2022-03-31 23:01:28 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw\nNDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl\nbG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT\nLkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz\nMzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO\nMTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw\nEQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl\nYi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb\nzNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn\nZzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj\nirbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs\n05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T\npl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/\nBAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU\nhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB\nhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu\nYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu\nYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj\nYW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1\nad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N\na9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj\n1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI\nbcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V\nmRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d7090548b-48eb-44ac-9432-d544d536caa1,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3137313834303337303030313130,CN\u003dmercantildobrasil.com.br,OU\u003d5d249486-c697-5295-a856-9955ed3ac332,O\u003dBCO MERCANTIL DO BRASIL S.A.,L\u003dBelo Horizonte,ST\u003dMG,C\u003dBR"
  },
  "sanDnsNames": [
    "mercantildobrasil.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-31 23:01:28 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-31 23:01:28 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw
NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl
bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT
LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz
MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO
MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw
EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl
Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb
zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn
Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj
irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs
05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T
pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU
hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB
hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu
YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu
YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj
YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1
ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N
a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj
1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI
bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V
mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw==
-----END CERTIFICATE-----
2022-03-31 23:01:28 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODgsImV4cCI6MTY0ODc2Nzc0OCwianRpIjoicldxYUYzNkRUSmRqeWNXRzVIT3NTTUVXR25wc2J3OHlwMjlLbHBjaFQ3byIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.h1Ir9eC4odiooIulS1wmiNn9HDY4zKxo3__IKkVtfrpCNW5uy5a4O7eTZWDnC8Pqjw0Xa8sx-RwHPBrko2j-s0VmjBxhei_2OKPeZ3pk8xlgiYzPO_WK46VVtPt5QK9iS6Cmz6b00VcEF6GsILhWoc3iQPubx77XbRyBj9IpF77RCIuHRyXsO8yayDS3Y8AxHjaK0l56X5-SPLQPvhcTc9Db1nm6AdyBHvfXDUuuAm2GCPsJQBBhiKcsjczW67WCpg-JRXqbcCBWvUBT42x8s_Mm4xjugIpkT1KGKORF0WBsHYB6RBZF21zwWS2wc2iy7ivMc5wgcWdy3ApWI6o80Q",
  "header": {
    "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "mercantil-bank",
    "aud": [
      "https://www.certification.openid.net/test/a/mercantil/",
      "https://www.certification.openid.net/test/a/mercantil/token",
      "https://www.certification.openid.net/test-mtls/a/mercantil/token"
    ],
    "iss": "mercantil-bank",
    "exp": 1648767748,
    "iat": 1648767688,
    "jti": "rWqaF36DTJdjycWG5HOsSMEWGnpsbw8yp29KlpchT7o"
  }
}
2022-03-31 23:01:28
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-03-31 23:01:28 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODgsImV4cCI6MTY0ODc2Nzc0OCwianRpIjoicldxYUYzNkRUSmRqeWNXRzVIT3NTTUVXR25wc2J3OHlwMjlLbHBjaFQ3byIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.h1Ir9eC4odiooIulS1wmiNn9HDY4zKxo3__IKkVtfrpCNW5uy5a4O7eTZWDnC8Pqjw0Xa8sx-RwHPBrko2j-s0VmjBxhei_2OKPeZ3pk8xlgiYzPO_WK46VVtPt5QK9iS6Cmz6b00VcEF6GsILhWoc3iQPubx77XbRyBj9IpF77RCIuHRyXsO8yayDS3Y8AxHjaK0l56X5-SPLQPvhcTc9Db1nm6AdyBHvfXDUuuAm2GCPsJQBBhiKcsjczW67WCpg-JRXqbcCBWvUBT42x8s_Mm4xjugIpkT1KGKORF0WBsHYB6RBZF21zwWS2wc2iy7ivMc5wgcWdy3ApWI6o80Q
2022-03-31 23:01:28 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-03-31 23:01:28 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-03-31 23:01:28 SUCCESS
ValidateRefreshToken
refresh_token parameter matches the expected value.
refresh_token
nmSOHCyadnijnVDVameaBwTPBQejjSYSgzmivqGsyKTjwGRYkS1370369323?'|=/
2022-03-31 23:01:28 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
tv8AwGpIaHkUOq3gVcugurmr2TP3GGweue5pEpEKb8MQ9JohJ4
2022-03-31 23:01:28 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
lWcU91W5G_8Ps9hw2dd71A
2022-03-31 23:01:28
CreateRefreshToken
Created refresh token
refresh_token
QBCBoXjwkXgWXfaJznNSqWhHqBHzmZqKeNAfWPFjveEUzTXkwB0023482490.@#^.
2022-03-31 23:01:28 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
tv8AwGpIaHkUOq3gVcugurmr2TP3GGweue5pEpEKb8MQ9JohJ4
token_type
Bearer
refresh_token
QBCBoXjwkXgWXfaJznNSqWhHqBHzmZqKeNAfWPFjveEUzTXkwB0023482490.@#^.
scope
openid consent:urn:conformance:oidf:NN7tQCzSAG payments
2022-03-31 23:01:28 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "tv8AwGpIaHkUOq3gVcugurmr2TP3GGweue5pEpEKb8MQ9JohJ4",
  "token_type": "Bearer",
  "refresh_token": "QBCBoXjwkXgWXfaJznNSqWhHqBHzmZqKeNAfWPFjveEUzTXkwB0023482490.@#^.",
  "scope": "openid consent:urn:conformance:oidf:NN7tQCzSAG payments"
}
outgoing_path
token
2022-03-31 23:01:29 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test-mtls/a/mercantil/payments/v1/pix/payments
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/jwt",
  "x-idempotency-key": "548286bf-4900-4b94-b9ac-e47a4c085b85",
  "authorization": "Bearer tv8AwGpIaHkUOq3gVcugurmr2TP3GGweue5pEpEKb8MQ9JohJ4",
  "user-agent": "PostmanRuntime/7.28.4",
  "accept": "*/*",
  "cache-control": "no-cache",
  "postman-token": "9fa0861c-673e-48b0-b3dc-9b095ac538ac",
  "accept-encoding": "gzip, deflate, br",
  "cookie": "JSESSIONID\u003dCF9ADD4B841D4DEC7D2EEC0697943035",
  "connection": "close",
  "content-length": "1056"
}
incoming_path
/test-mtls/a/mercantil/payments/v1/pix/payments
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ijh1YnRHa2s1d1FyTkdOMld2N0dIakxjLVhxWmN4VXVnSEQ5eFlOellXSk0ifQ.eyJkYXRhIjp7ImxvY2FsSW5zdHJ1bWVudCI6IkRJQ1QiLCJwYXltZW50Ijp7ImFtb3VudCI6IjEuMTUiLCJjdXJyZW5jeSI6IkJSTCJ9LCJjcmVkaXRvckFjY291bnQiOnsiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjkyODk0OTIyIiwiaXNzdWVyIjoiMDAwMSIsIm51bWJlciI6IjEwMTczNzIyIn0sImNucGpJbml0aWF0b3IiOiIyMDc0NzQzNjAwMDE1NiIsImliZ2VUb3duQ29kZSI6IjUzMDAxMDgiLCJwcm94eSI6IjU1MTU1MTE0ODQ1In0sImlhdCI6MTY0ODc2NzY4OCwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL21lcmNhbnRpbC9wYXltZW50cy92MS9waXgvcGF5bWVudHMiLCJpc3MiOiI1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIiLCJqdGkiOiIyNmQ0MDhjNi1kMGUwLTQ5NDAtODE2YS1hMjFjZGI1M2EzNDgifQ.WXAEzSq8CISbIajTiNgbONWFlsGxPJfXjYSP8-wN5cElSBqLk5Q5FwqjAZj3GWhpLBXCJcVOPo0YkZkCVsS0rrAHt8e4I_BDMvC2FWN3w7drMYgJ6f6G500vRVvPYpMjw8diXI6cJCMsYrSB0T-HxPlcyClG280wHEk9axgldEKNzLPsXdTuNrEni2N-I-tqo3clfEykbqDoTLWKVbm8UoaKJt4nBn8S4oZuBbgJ0hcLzd2MbFrfyLLkeaM1LcC8XrChxfPvebm0Yd4az4tH7dax3yQqDxPdIeShE8LT3B_c438o-_kthS2MmLpLYGFgBJ2nA1WeDa6teW1i9InOuw
2022-03-31 23:01:29 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Payment initiation endpoint (always rejected)
2022-03-31 23:01:29 SUCCESS
LogAccessTokenAlwaysRejectedToForceARefreshGrant
This call will be always rejected. The client must obtain a new access token twice using the refresh_token
2022-03-31 23:01:29 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
401
outgoing_headers
{
  "WWW-Authenticate": [
    "Bearer realm\u003d\"conformancesuite\", error\u003d\"invalid_token\", error_description\u003d\"Invalid access token. This test requires you to obtain a new access token twice using the refresh_token\""
  ]
}
outgoing_body
outgoing_path
payments/v1/pix/payments
2022-03-31 23:01:29 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "633969386249564191",
  "x-datadog-parent-id": "4811292754439672764",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/mercantil/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-31 23:01:29 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:29 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "jwt"
  ],
  "authorization_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-03-31 23:01:29 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test/a/mercantil/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "633969386249564191",
  "x-datadog-parent-id": "8696516870831121462",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/mercantil/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-31 23:01:29 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:29 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/mercantil/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/mercantil/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/mercantil/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/mercantil/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/mercantil/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/mercantil/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/mercantil/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "response_types_supported": [
    "code"
  ],
  "response_modes_supported": [
    "jwt"
  ],
  "authorization_signing_alg_values_supported": [
    "PS256"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-03-31 23:01:29 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test-mtls/a/mercantil/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "633969386249564191",
  "x-datadog-parent-id": "3755673635636726510",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close",
  "content-length": "1154"
}
incoming_path
/test-mtls/a/mercantil/token
incoming_body_form_params
{
  "grant_type": "refresh_token",
  "refresh_token": "QBCBoXjwkXgWXfaJznNSqWhHqBHzmZqKeNAfWPFjveEUzTXkwB0023482490.@#^.",
  "client_id": "mercantil-bank",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODksImV4cCI6MTY0ODc2Nzc0OSwianRpIjoiczF1NEp5TFplMmNJOEUyUUlHNWNaR3FZZndoVE96MVplNGxkUVp3ZUNDQSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.d8UWvA-ZOtLKVO_f9PjCyDaLG6IsEl8uR28EpUGftDWrg24lAlR2hdUKzyCX_eS_GStx7ApsNtQ4hjDEIhThxwOIihyieo5FXfMJxv_dXsNL70N_YMhWLcJpqFnfJzZTO5yxKKFMy6r9QXeUkEojHK7immr2PlIj-FX1uDa_4deOB3zixEnEesI5s8O1IT81Mb5WjI6Gy5pIQinxz8f17F-BbvGZTWasTiuPW1D66Vau8rgl1RjwFn8ppPyjNtnKIgC-PKYM_lUxcYEbI0-9JX1QN22T9LpaSL7m9O7w53leFEMY4WuO55zQ9ijuspvD0HQl-7zBNPpatY64aWU89A",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=refresh_token&refresh_token=QBCBoXjwkXgWXfaJznNSqWhHqBHzmZqKeNAfWPFjveEUzTXkwB0023482490.%40%23%5E.&client_id=mercantil-bank&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODksImV4cCI6MTY0ODc2Nzc0OSwianRpIjoiczF1NEp5TFplMmNJOEUyUUlHNWNaR3FZZndoVE96MVplNGxkUVp3ZUNDQSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.d8UWvA-ZOtLKVO_f9PjCyDaLG6IsEl8uR28EpUGftDWrg24lAlR2hdUKzyCX_eS_GStx7ApsNtQ4hjDEIhThxwOIihyieo5FXfMJxv_dXsNL70N_YMhWLcJpqFnfJzZTO5yxKKFMy6r9QXeUkEojHK7immr2PlIj-FX1uDa_4deOB3zixEnEesI5s8O1IT81Mb5WjI6Gy5pIQinxz8f17F-BbvGZTWasTiuPW1D66Vau8rgl1RjwFn8ppPyjNtnKIgC-PKYM_lUxcYEbI0-9JX1QN22T9LpaSL7m9O7w53leFEMY4WuO55zQ9ijuspvD0HQl-7zBNPpatY64aWU89A&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-03-31 23:01:29 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-03-31 23:01:29 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
mercantil-bank
2022-03-31 23:01:29 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw\nNDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl\nbG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT\nLkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz\nMzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO\nMTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw\nEQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl\nYi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb\nzNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn\nZzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj\nirbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs\n05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T\npl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/\nBAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU\nhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB\nhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu\nYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu\nYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj\nYW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1\nad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N\na9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj\n1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI\nbcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V\nmRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d7090548b-48eb-44ac-9432-d544d536caa1,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3137313834303337303030313130,CN\u003dmercantildobrasil.com.br,OU\u003d5d249486-c697-5295-a856-9955ed3ac332,O\u003dBCO MERCANTIL DO BRASIL S.A.,L\u003dBelo Horizonte,ST\u003dMG,C\u003dBR"
  },
  "sanDnsNames": [
    "mercantildobrasil.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-31 23:01:29 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-31 23:01:29 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw
NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl
bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT
LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz
MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO
MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw
EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl
Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb
zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn
Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj
irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs
05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T
pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU
hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB
hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu
YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu
YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj
YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1
ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N
a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj
1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI
bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V
mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw==
-----END CERTIFICATE-----
2022-03-31 23:01:29 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODksImV4cCI6MTY0ODc2Nzc0OSwianRpIjoiczF1NEp5TFplMmNJOEUyUUlHNWNaR3FZZndoVE96MVplNGxkUVp3ZUNDQSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.d8UWvA-ZOtLKVO_f9PjCyDaLG6IsEl8uR28EpUGftDWrg24lAlR2hdUKzyCX_eS_GStx7ApsNtQ4hjDEIhThxwOIihyieo5FXfMJxv_dXsNL70N_YMhWLcJpqFnfJzZTO5yxKKFMy6r9QXeUkEojHK7immr2PlIj-FX1uDa_4deOB3zixEnEesI5s8O1IT81Mb5WjI6Gy5pIQinxz8f17F-BbvGZTWasTiuPW1D66Vau8rgl1RjwFn8ppPyjNtnKIgC-PKYM_lUxcYEbI0-9JX1QN22T9LpaSL7m9O7w53leFEMY4WuO55zQ9ijuspvD0HQl-7zBNPpatY64aWU89A",
  "header": {
    "kid": "3a1379a0c8afba5b6f55365cb3ee0a511c8e7ddb1f73d3b443b6831cbd378ffe",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "mercantil-bank",
    "aud": [
      "https://www.certification.openid.net/test/a/mercantil/",
      "https://www.certification.openid.net/test/a/mercantil/token",
      "https://www.certification.openid.net/test-mtls/a/mercantil/token"
    ],
    "iss": "mercantil-bank",
    "exp": 1648767749,
    "iat": 1648767689,
    "jti": "s1u4JyLZe2cI8E2QIG5cZGqYfwhTOz1Ze4ldQZweCCA"
  }
}
2022-03-31 23:01:29
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-03-31 23:01:29 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjNhMTM3OWEwYzhhZmJhNWI2ZjU1MzY1Y2IzZWUwYTUxMWM4ZTdkZGIxZjczZDNiNDQzYjY4MzFjYmQzNzhmZmUifQ.eyJpYXQiOjE2NDg3Njc2ODksImV4cCI6MTY0ODc2Nzc0OSwianRpIjoiczF1NEp5TFplMmNJOEUyUUlHNWNaR3FZZndoVE96MVplNGxkUVp3ZUNDQSIsImlzcyI6Im1lcmNhbnRpbC1iYW5rIiwic3ViIjoibWVyY2FudGlsLWJhbmsiLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS9tZXJjYW50aWwvdG9rZW4iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC1tdGxzL2EvbWVyY2FudGlsL3Rva2VuIl19.d8UWvA-ZOtLKVO_f9PjCyDaLG6IsEl8uR28EpUGftDWrg24lAlR2hdUKzyCX_eS_GStx7ApsNtQ4hjDEIhThxwOIihyieo5FXfMJxv_dXsNL70N_YMhWLcJpqFnfJzZTO5yxKKFMy6r9QXeUkEojHK7immr2PlIj-FX1uDa_4deOB3zixEnEesI5s8O1IT81Mb5WjI6Gy5pIQinxz8f17F-BbvGZTWasTiuPW1D66Vau8rgl1RjwFn8ppPyjNtnKIgC-PKYM_lUxcYEbI0-9JX1QN22T9LpaSL7m9O7w53leFEMY4WuO55zQ9ijuspvD0HQl-7zBNPpatY64aWU89A
2022-03-31 23:01:29 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-03-31 23:01:29 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-03-31 23:01:29 SUCCESS
ValidateRefreshToken
refresh_token parameter matches the expected value.
refresh_token
QBCBoXjwkXgWXfaJznNSqWhHqBHzmZqKeNAfWPFjveEUzTXkwB0023482490.@#^.
2022-03-31 23:01:29 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
s5CoeFPyvYbcSwC5ZIyriImpWIHynFIwpUvrdaxkMw4Q4rM8Tl
2022-03-31 23:01:29 SUCCESS
CalculateAtHash
Successful at_hash encoding
at_hash
aBUDE2RGDAt_H3JGQXvsXw
2022-03-31 23:01:29
CreateRefreshToken
Created refresh token
refresh_token
CQPFKOctAWIbdahalYqjoJaQSKbROdEnoYzNqThMkdqLpvcPYS2023473120}.~,)
2022-03-31 23:01:29 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
s5CoeFPyvYbcSwC5ZIyriImpWIHynFIwpUvrdaxkMw4Q4rM8Tl
token_type
Bearer
refresh_token
CQPFKOctAWIbdahalYqjoJaQSKbROdEnoYzNqThMkdqLpvcPYS2023473120}.~,)
scope
openid consent:urn:conformance:oidf:NN7tQCzSAG payments
2022-03-31 23:01:29 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "s5CoeFPyvYbcSwC5ZIyriImpWIHynFIwpUvrdaxkMw4Q4rM8Tl",
  "token_type": "Bearer",
  "refresh_token": "CQPFKOctAWIbdahalYqjoJaQSKbROdEnoYzNqThMkdqLpvcPYS2023473120}.~,)",
  "scope": "openid consent:urn:conformance:oidf:NN7tQCzSAG payments"
}
outgoing_path
token
2022-03-31 23:01:30 INCOMING
fapi1-advanced-final-client-refresh-token-test
Incoming HTTP request to /test-mtls/a/mercantil/payments/v1/pix/payments
incoming_headers
{
  "host": "www.certification.openid.net",
  "content-type": "application/jwt",
  "x-idempotency-key": "8970cf3b-9816-4ca8-b61b-3bc9bf230822",
  "authorization": "Bearer s5CoeFPyvYbcSwC5ZIyriImpWIHynFIwpUvrdaxkMw4Q4rM8Tl",
  "user-agent": "PostmanRuntime/7.28.4",
  "accept": "*/*",
  "cache-control": "no-cache",
  "postman-token": "c75c88ec-6cf9-4bfb-828f-3524ae224507",
  "accept-encoding": "gzip, deflate, br",
  "cookie": "JSESSIONID\u003dCF9ADD4B841D4DEC7D2EEC0697943035",
  "connection": "close",
  "content-length": "1056"
}
incoming_path
/test-mtls/a/mercantil/payments/v1/pix/payments
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ijh1YnRHa2s1d1FyTkdOMld2N0dIakxjLVhxWmN4VXVnSEQ5eFlOellXSk0ifQ.eyJkYXRhIjp7ImxvY2FsSW5zdHJ1bWVudCI6IkRJQ1QiLCJwYXltZW50Ijp7ImFtb3VudCI6IjEuMTUiLCJjdXJyZW5jeSI6IkJSTCJ9LCJjcmVkaXRvckFjY291bnQiOnsiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjkyODk0OTIyIiwiaXNzdWVyIjoiMDAwMSIsIm51bWJlciI6IjEwMTczNzIyIn0sImNucGpJbml0aWF0b3IiOiIyMDc0NzQzNjAwMDE1NiIsImliZ2VUb3duQ29kZSI6IjUzMDAxMDgiLCJwcm94eSI6IjU1MTU1MTE0ODQ1In0sImlhdCI6MTY0ODc2NzY5MCwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL21lcmNhbnRpbC9wYXltZW50cy92MS9waXgvcGF5bWVudHMiLCJpc3MiOiI1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIiLCJqdGkiOiJlOGY1NDY3ZC04NGM0LTQ0Y2YtYjkzNy1mMTMwMTZlODc4Y2QifQ.oGx_LWrDRgyeOGhhh6r1q-JXyt0dXxi4u9l2SjvIKhHi1_Ok4PT1to_G077Q6bqfHxd2KVFtfw4de1qQ2wiQ6R-PHSLr94xMcukhmto8BkEuxOwfCeZ7sE_SlptplmvezkkafhTsZ0a0aERCQMLH4J4dtz_r6o6Y7I1wE2QtfpI8LYpgG9kXC6sqBnivwzw-GT4meQ5Q-i_TajtQvf_dUcmOefuz9Do23Y2OO_7f6Ta9p4fJOWB6rnTkFM7fOJJDXR6jC0jIjdNhvTW3d7jwOFcFUwbV5Ugi5I3G3CclxvM1RkIOWUSzLozk2wqNis8j0fzX808uPhlN2OyHT2zaVQ
2022-03-31 23:01:30 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-31 23:01:30 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs 05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/ BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0 LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1 ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj 1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw\nNDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl\nbG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT\nLkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz\nMzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO\nMTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw\nEQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl\nYi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb\nzNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn\nZzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj\nirbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs\n05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T\npl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/\nBAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU\nhn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB\nhjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu\nYnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu\nYmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj\nYW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG\nCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC\nATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm\nb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw\nYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl\ncyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0\nLCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo\nZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl\nbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN\nBgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1\nad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N\na9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj\n1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI\nbcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V\nmRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d7090548b-48eb-44ac-9432-d544d536caa1,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3137313834303337303030313130,CN\u003dmercantildobrasil.com.br,OU\u003d5d249486-c697-5295-a856-9955ed3ac332,O\u003dBCO MERCANTIL DO BRASIL S.A.,L\u003dBelo Horizonte,ST\u003dMG,C\u003dBR"
  },
  "sanDnsNames": [
    "mercantildobrasil.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-31 23:01:30 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-31 23:01:30 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIHDjCCBfagAwIBAgIUQsrznpQM2gWDplbWY0kRjummIc8wDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMyNDIwNDMwMFoXDTIzMDQyMzIw
NDMwMFowggEvMQswCQYDVQQGEwJCUjELMAkGA1UECBMCTUcxFzAVBgNVBAcTDkJl
bG8gSG9yaXpvbnRlMSUwIwYDVQQKExxCQ08gTUVSQ0FOVElMIERPIEJSQVNJTCBT
LkEuMS0wKwYDVQQLEyQ1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMz
MzIxITAfBgNVBAMTGG1lcmNhbnRpbGRvYnJhc2lsLmNvbS5icjEXMBUGA1UEBRMO
MTcxODQwMzcwMDAxMTAxHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5pemF0aW9uMRMw
EQYLKwYBBAGCNzwCAQMTAkJSMTQwMgYKCZImiZPyLGQBARMkNzA5MDU0OGItNDhl
Yi00NGFjLTk0MzItZDU0NGQ1MzZjYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA2v4FOEIqbdkpXv/2PwWDdLVYqJPyKMNebziaTGVnENR5eK4YbHtb
zNi9yLlKuxRy3DPVA+mg7VD7T/Nn82jUnWlcKp07UFGV7pEboDgOB77tc6SCYNJn
Zzr6F1D/GcRg7IWfhVo4RT3PROBTkT/cjt8c/SZzTmc03mbGZ1X31IpGk7982cFj
irbxD4HVh9IuGi1VyBkwLihlOxmyZXdDM70ZGVHAsiTMysGpE0J/crVXHpvwaUGs
05uFvrQhd21XJ/fs1pv11Oa0IO8aZM4zU5HUTBdbAQ2xMoHrH+kuV0tWgkTRVS6T
pl6FchNLGsc+RWkXZ1Sylz7LXurYURExEwIDAQABo4IC3DCCAtgwDAYDVR0TAQH/
BAIwADAdBgNVHQ4EFgQU8RHTFIMywlsmm87Fy4JicZe76xAwHwYDVR0jBBgwFoAU
hn9YrRf1grZOtAWz+7DOEUPfTL4wTAYIKwYBBQUHAQEEQDA+MDwGCCsGAQUFBzAB
hjBodHRwOi8vb2NzcC5zYW5kYm94LnBraS5vcGVuYmFua2luZ2JyYXNpbC5vcmcu
YnIwSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybC5zYW5kYm94LnBraS5vcGVu
YmFua2luZ2JyYXNpbC5vcmcuYnIvaXNzdWVyLmNybDAjBgNVHREEHDAaghhtZXJj
YW50aWxkb2JyYXNpbC5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoG
CCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCC
ATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBm
b3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBw
YXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNl
cyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0
LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
ZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJl
bGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3Bz
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczAN
BgkqhkiG9w0BAQsFAAOCAQEAWhYIjqKDwdYkYOr0nutlR/46Vw8YNLK+9kWGPFD1
ad0fodzcd00pgc3AZWn+LoTwMq4tbiizWqERZp/BfZ35Aym5J+zFRj25Ehkxll6N
a9QCz/prR3sXm8GM5taZxwwe0BJYaPpsef1HxiDdJ3h35PY/7iOOCam5ZNFTPapj
1OutGvJ+nb7Iipp6xwHQoArgwuiWrtJMBOt3Sstnayp4CJKVlQklhSl5isynxwmI
bcVMPbhrWw6xbI1g69xBjx94Ja3acx4RzmIPJ6ru2jZvHQfI81jkIelNm55pbG7V
mRpDP2JgVvsABBpelBD3BCytwmWjpG8m8CH6JTGGFNbNRw==
-----END CERTIFICATE-----
Payment initiation endpoint
2022-03-31 23:01:30 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2022-03-31 23:01:30 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2022-03-31 23:01:30 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
s5CoeFPyvYbcSwC5ZIyriImpWIHynFIwpUvrdaxkMw4Q4rM8Tl
2022-03-31 23:01:30 SUCCESS
RequireBearerAccessToken
Found access token in request
actual
s5CoeFPyvYbcSwC5ZIyriImpWIHynFIwpUvrdaxkMw4Q4rM8Tl
2022-03-31 23:01:30 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2022-03-31 23:01:30 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2022-03-31 23:01:30 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2022-03-31 23:01:30 SUCCESS
FAPIBrazilEnsureAuthorizationRequestScopesContainPayments
'payments' was included in authorization request scopes
actual
openid consent:urn:conformance:oidf:NN7tQCzSAG payments
expected
payments
2022-03-31 23:01:30 SUCCESS
FAPIBrazilExtractPaymentInitiationRequest
Parsed payment initiation request
payment_initiation_request
{
  "aud": "https://www.certification.openid.net/test-mtls/a/mercantil/payments/v1/pix/payments",
  "data": {
    "proxy": "55155114845",
    "localInstrument": "DICT",
    "creditorAccount": {
      "number": "10173722",
      "accountType": "CACC",
      "ispb": "92894922",
      "issuer": "0001"
    },
    "cnpjInitiator": "20747436000156",
    "payment": {
      "amount": "1.15",
      "currency": "BRL"
    },
    "ibgeTownCode": "5300108"
  },
  "iss": "5d249486-c697-5295-a856-9955ed3ac332",
  "iat": 1648767690,
  "jti": "e8f5467d-84c4-44cf-b937-f13016e878cd"
}
2022-03-31 23:01:30 SUCCESS
FAPIBrazilValidateJwtSignatureUsingOrganizationJwks
jwt signature validated
jwt
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ijh1YnRHa2s1d1FyTkdOMld2N0dIakxjLVhxWmN4VXVnSEQ5eFlOellXSk0ifQ.eyJkYXRhIjp7ImxvY2FsSW5zdHJ1bWVudCI6IkRJQ1QiLCJwYXltZW50Ijp7ImFtb3VudCI6IjEuMTUiLCJjdXJyZW5jeSI6IkJSTCJ9LCJjcmVkaXRvckFjY291bnQiOnsiYWNjb3VudFR5cGUiOiJDQUNDIiwiaXNwYiI6IjkyODk0OTIyIiwiaXNzdWVyIjoiMDAwMSIsIm51bWJlciI6IjEwMTczNzIyIn0sImNucGpJbml0aWF0b3IiOiIyMDc0NzQzNjAwMDE1NiIsImliZ2VUb3duQ29kZSI6IjUzMDAxMDgiLCJwcm94eSI6IjU1MTU1MTE0ODQ1In0sImlhdCI6MTY0ODc2NzY5MCwiYXVkIjoiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL21lcmNhbnRpbC9wYXltZW50cy92MS9waXgvcGF5bWVudHMiLCJpc3MiOiI1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIiLCJqdGkiOiJlOGY1NDY3ZC04NGM0LTQ0Y2YtYjkzNy1mMTMwMTZlODc4Y2QifQ.oGx_LWrDRgyeOGhhh6r1q-JXyt0dXxi4u9l2SjvIKhHi1_Ok4PT1to_G077Q6bqfHxd2KVFtfw4de1qQ2wiQ6R-PHSLr94xMcukhmto8BkEuxOwfCeZ7sE_SlptplmvezkkafhTsZ0a0aERCQMLH4J4dtz_r6o6Y7I1wE2QtfpI8LYpgG9kXC6sqBnivwzw-GT4meQ5Q-i_TajtQvf_dUcmOefuz9Do23Y2OO_7f6Ta9p4fJOWB6rnTkFM7fOJJDXR6jC0jIjdNhvTW3d7jwOFcFUwbV5Ugi5I3G3CclxvM1RkIOWUSzLozk2wqNis8j0fzX808uPhlN2OyHT2zaVQ
2022-03-31 23:01:30 SUCCESS
EnsureIncomingRequestContentTypeIsApplicationJwt
Client correctly used application/jwt content type
2022-03-31 23:01:30 SUCCESS
ExtractXIdempotencyKeyHeader
Found an x-idempotency-key header
idempotency_key
8970cf3b-9816-4ca8-b61b-3bc9bf230822
2022-03-31 23:01:30 SUCCESS
FAPIBrazilValidatePaymentInitiationRequestAud
aud claim matches the endpoint url
aud
https://www.certification.openid.net/test-mtls/a/mercantil/payments/v1/pix/payments
2022-03-31 23:01:30 SUCCESS
FAPIBrazilExtractCertificateSubjectFromIncomingMTLSCertifiate
Extracted subject from the mtls client certificate
subjectdn
UID=7090548b-48eb-44ac-9432-d544d536caa1,1.3.6.1.4.1.311.60.2.1.3=#13024252,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,2.5.4.5=#130e3137313834303337303030313130,CN=mercantildobrasil.com.br,OU=5d249486-c697-5295-a856-9955ed3ac332,O=BCO MERCANTIL DO BRASIL S.A.,L=Belo Horizonte,ST=MG,C=BR
ou
5d249486-c697-5295-a856-9955ed3ac332
brazil_software_id
7090548b-48eb-44ac-9432-d544d536caa1
2022-03-31 23:01:30 SUCCESS
FAPIBrazilEnsurePaymentInitiationRequestIssEqualsOrganizationId
iss claim in payment initiation request matches organizationId in client certificate
iss
5d249486-c697-5295-a856-9955ed3ac332
2022-03-31 23:01:30 SUCCESS
FAPIBrazilEnsurePaymentInitiationRequestJtiIsUUIDv4
jti claim in payment initiation request is a UUIDv4
jti
e8f5467d-84c4-44cf-b937-f13016e878cd
2022-03-31 23:01:30 SUCCESS
FAPIBrazilValidatePaymentInitiationRequestIat
iat claim in payment initiation request is valid
iat
1648767690
2022-03-31 23:01:30 SUCCESS
FAPIBrazilGenerateNewPaymentInitiationResponse
Created payment initiation response
payment_initiation_response_headers
{
  "x-fapi-interaction-id": "e8fd337b-3d55-4c6c-8b7d-8fe756185fde"
}
payment_initiation_response
{
  "data": {
    "proxy": "55155114845",
    "localInstrument": "DICT",
    "creditorAccount": {
      "number": "10173722",
      "accountType": "CACC",
      "ispb": "92894922",
      "issuer": "0001"
    },
    "cnpjInitiator": "20747436000156",
    "payment": {
      "amount": "1.15",
      "currency": "BRL"
    },
    "ibgeTownCode": "5300108",
    "paymentId": "c191d78a-7fb8-4bf0-8257-fb57aa993501",
    "consentId": "urn:conformance:oidf:NN7tQCzSAG",
    "creationDateTime": "2022-03-31T23:01:30Z",
    "statusUpdateDateTime": "2022-03-31T23:01:30Z",
    "status": "ACSP"
  },
  "links": {
    "self": "https://www.certification.openid.net/test/a/mercantilpayments/v1/pix/payments"
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-03-31T23:01:30Z"
  },
  "aud": "5d249486-c697-5295-a856-9955ed3ac332",
  "iat": 1648767690,
  "jti": "a8888c96-6f34-4e6e-9905-85b1856a4361",
  "iss": "74e929d9-33b6-4d85-8ba7-c146c867a817"
}
2022-03-31 23:01:30 SUCCESS
FAPIBrazilSignPaymentInitiationResponse
Signed the payment initiation response
signed_payment_initiation_response
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiI1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIiLCJkYXRhIjp7InByb3h5IjoiNTUxNTUxMTQ4NDUiLCJjb25zZW50SWQiOiJ1cm46Y29uZm9ybWFuY2U6b2lkZjpOTjd0UUN6U0FHIiwibG9jYWxJbnN0cnVtZW50IjoiRElDVCIsInBheW1lbnRJZCI6ImMxOTFkNzhhLTdmYjgtNGJmMC04MjU3LWZiNTdhYTk5MzUwMSIsImNyZWRpdG9yQWNjb3VudCI6eyJudW1iZXIiOiIxMDE3MzcyMiIsImFjY291bnRUeXBlIjoiQ0FDQyIsImlzcGIiOiI5Mjg5NDkyMiIsImlzc3VlciI6IjAwMDEifSwic3RhdHVzVXBkYXRlRGF0ZVRpbWUiOiIyMDIyLTAzLTMxVDIzOjAxOjMwWiIsImNucGpJbml0aWF0b3IiOiIyMDc0NzQzNjAwMDE1NiIsInBheW1lbnQiOnsiYW1vdW50IjoiMS4xNSIsImN1cnJlbmN5IjoiQlJMIn0sImliZ2VUb3duQ29kZSI6IjUzMDAxMDgiLCJjcmVhdGlvbkRhdGVUaW1lIjoiMjAyMi0wMy0zMVQyMzowMTozMFoiLCJzdGF0dXMiOiJBQ1NQIn0sIm1ldGEiOnsidG90YWxSZWNvcmRzIjoxLCJyZXF1ZXN0RGF0ZVRpbWUiOiIyMDIyLTAzLTMxVDIzOjAxOjMwWiIsInRvdGFsUGFnZXMiOjF9LCJpc3MiOiI3NGU5MjlkOS0zM2I2LTRkODUtOGJhNy1jMTQ2Yzg2N2E4MTciLCJsaW5rcyI6eyJzZWxmIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL21lcmNhbnRpbHBheW1lbnRzXC92MVwvcGl4XC9wYXltZW50cyJ9LCJpYXQiOjE2NDg3Njc2OTAsImp0aSI6ImE4ODg4Yzk2LTZmMzQtNGU2ZS05OTA1LTg1YjE4NTZhNDM2MSJ9.rdHtkAGUDd24Qd4b9mHsirb6grVA4nWKd-gz-Jd6Ti4wEgxuRfcdePhfOC1W9Z4WS6fyPOuX7cdURue1_e-5wTfo7AQZKH59EKwtEJUxqDYjSs5jWkgvx_aFB0V_KGlAYBRYEiatk8vc4peT__ddU1KZlT3z-JAOZHycVEZBqKghEaMMESef-qH5N3QiHuIO5w7WaweCkU0O_bqLSw3XEx7_xgc5Mk2cyLFnOGEUa90SDyVpUMfEBLifp8zHEeAfd2YnmM1nzUkjwK_Ntdvvc0I-4E9jZzT2H56_BpY2AYtke8wF0-sX5AE7W6ukR-9_QPHIR0QT0ZjLPRKAG1POIg
2022-03-31 23:01:30
ClearAccessTokenFromRequest
Condition ran but did not log anything
2022-03-31 23:01:30 OUTGOING
fapi1-advanced-final-client-refresh-token-test
Response to HTTP request to test instance hQjqNlDH0UD4Ddw
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "e8fd337b-3d55-4c6c-8b7d-8fe756185fde"
  ],
  "Content-Type": [
    "application/jwt"
  ]
}
outgoing_body
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwidHlwIjoiSldUIiwiYWxnIjoiUFMyNTYifQ.eyJhdWQiOiI1ZDI0OTQ4Ni1jNjk3LTUyOTUtYTg1Ni05OTU1ZWQzYWMzMzIiLCJkYXRhIjp7InByb3h5IjoiNTUxNTUxMTQ4NDUiLCJjb25zZW50SWQiOiJ1cm46Y29uZm9ybWFuY2U6b2lkZjpOTjd0UUN6U0FHIiwibG9jYWxJbnN0cnVtZW50IjoiRElDVCIsInBheW1lbnRJZCI6ImMxOTFkNzhhLTdmYjgtNGJmMC04MjU3LWZiNTdhYTk5MzUwMSIsImNyZWRpdG9yQWNjb3VudCI6eyJudW1iZXIiOiIxMDE3MzcyMiIsImFjY291bnRUeXBlIjoiQ0FDQyIsImlzcGIiOiI5Mjg5NDkyMiIsImlzc3VlciI6IjAwMDEifSwic3RhdHVzVXBkYXRlRGF0ZVRpbWUiOiIyMDIyLTAzLTMxVDIzOjAxOjMwWiIsImNucGpJbml0aWF0b3IiOiIyMDc0NzQzNjAwMDE1NiIsInBheW1lbnQiOnsiYW1vdW50IjoiMS4xNSIsImN1cnJlbmN5IjoiQlJMIn0sImliZ2VUb3duQ29kZSI6IjUzMDAxMDgiLCJjcmVhdGlvbkRhdGVUaW1lIjoiMjAyMi0wMy0zMVQyMzowMTozMFoiLCJzdGF0dXMiOiJBQ1NQIn0sIm1ldGEiOnsidG90YWxSZWNvcmRzIjoxLCJyZXF1ZXN0RGF0ZVRpbWUiOiIyMDIyLTAzLTMxVDIzOjAxOjMwWiIsInRvdGFsUGFnZXMiOjF9LCJpc3MiOiI3NGU5MjlkOS0zM2I2LTRkODUtOGJhNy1jMTQ2Yzg2N2E4MTciLCJsaW5rcyI6eyJzZWxmIjoiaHR0cHM6XC9cL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXRcL3Rlc3RcL2FcL21lcmNhbnRpbHBheW1lbnRzXC92MVwvcGl4XC9wYXltZW50cyJ9LCJpYXQiOjE2NDg3Njc2OTAsImp0aSI6ImE4ODg4Yzk2LTZmMzQtNGU2ZS05OTA1LTg1YjE4NTZhNDM2MSJ9.rdHtkAGUDd24Qd4b9mHsirb6grVA4nWKd-gz-Jd6Ti4wEgxuRfcdePhfOC1W9Z4WS6fyPOuX7cdURue1_e-5wTfo7AQZKH59EKwtEJUxqDYjSs5jWkgvx_aFB0V_KGlAYBRYEiatk8vc4peT__ddU1KZlT3z-JAOZHycVEZBqKghEaMMESef-qH5N3QiHuIO5w7WaweCkU0O_bqLSw3XEx7_xgc5Mk2cyLFnOGEUa90SDyVpUMfEBLifp8zHEeAfd2YnmM1nzUkjwK_Ntdvvc0I-4E9jZzT2H56_BpY2AYtke8wF0-sX5AE7W6ukR-9_QPHIR0QT0ZjLPRKAG1POIg
outgoing_path
payments/v1/pix/payments
2022-03-31 23:01:30 FINISHED
fapi1-advanced-final-client-refresh-token-test
Test has run to completion
testmodule_result
PASSED
2022-03-31 23:01:31
TEST-RUNNER
Alias has now been claimed by another test
alias
mercantil
new_test_id
JwIzxkFXs8DhsPQ
Test Results