Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-03-25 02:36:06 INFO
TEST-RUNNER
Test instance 8pIsBPqWjSNdT1x created
baseUrl
https://www.certification.openid.net/test/a/xp
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "pushed",
  "fapi_profile": "openbanking_brazil",
  "fapi_jarm_type": "oidc",
  "fapi_response_mode": "plain_response"
}
alias
xp
description
Banco XP - Recepção de dados
planId
CRxrJSa3FEtLK
config
{
  "alias": "xp",
  "description": "Banco XP - Recepção de dados",
  "server": {
    "jwks": {
      "keys": [
        {
          "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
          "kty": "RSA",
          "alg": "PS256",
          "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
          "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
          "e": "AQAB",
          "use": "sig",
          "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
          "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
          "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
          "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
          "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
          "x5c": [
            "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
          ]
        },
        {
          "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
          "kty": "RSA",
          "alg": "RSA-OAEP",
          "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
          "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
          "e": "AQAB",
          "use": "enc",
          "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
          "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
          "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
          "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
          "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
        }
      ]
    }
  },
  "client": {
    "client_id": "xp-bank",
    "redirect_uri": "https://openbanking-redirect-hml.xpi.com.br/",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "alg": "PS256",
          "n": "uEKxEU50B_axhkUdW_8ga6ijE4pAP2Al2nc9-DAQKY_DBrnIBf78-eT2bUA4a-oX5wDrSK916zqOGHiPu4flOuSsv0qf4AluK8ceVCyTzqZjAS3RXACj3d8wUmy8q_EHN25jK3cC8P5Rpi3vEUZJQ64jIXacnHLBToY-7VKBzPJXSnGTmBKZu2tjE161o2Oc33q5lJTuRIMWuzDrcfhFbE-gNWhGfY93x0zXpFBG8XWqHkpA0gUlGk7D2iJpmESaeKnH4Zf1V0JtKZ5DrjGDUGPvEcQoX6v-LJu9ZLJthvP8TOy8E8rXYWUrlLZ6OORCgy-6cokI2UR8lpPsIjCHjQ",
          "e": "AQAB",
          "kid": "15a63bcc71f57382bce6802c6fc38a4f4fb37188627fc047957492a910d24ded"
        },
        {
          "kty": "RSA",
          "use": "enc",
          "alg": "RSA-OAEP",
          "n": "vgOYeechKwQbNww_1P5uoUkVfAIRp7j4wmJNSRsnC5LCsBPNZO_5dhvzJz1AtCCrTcwSy5HzpmtMbC0V9eXXIlWB_HKx0Ge-WK-m979kYFRTl_mntUe8M5JBSsozfaRmisK40dPHdt6mopyZAqcG0f05W7rKq-0WGdDS-h9JHAUxztRc8JX8xConlDKH4B506fVn5N8ahk6EZuMWRTDEsUCAB-lOT-JiAjMCuFvLPhPkApwnwps_oyoIZKInRgQuXjms1QdoyVyQcA50ZyfLMz0ekr3LySVd6KiIHF_UcNgObJ98ZFBaiet184dYSo79IA35GY_USm4OO0dICVMCNQ",
          "e": "AQAB",
          "kid": "1977947890e65b99342b1c82d19f51dcfe12e05ebc32d6dc85298e2bd4d2f753"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIG4TCCBcmgAwIBAgIUVTan/A52h2NWYMtXiUI/KsGJIeEwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDMwMFoXDTIzMDQwOTE0\nNDMwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp\nbyBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3\nMTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku\nY29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0\nZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is\nZAEBEyQwNjc0YWVkMC1jZDQzLTQ5ODAtOThjNC1iMjBjMjE5ZTU2ZGEwggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmQXmkidOfL8Rie4T0kWoND/awUt5x\n4NOa7EhiXBomwDqaL+e7HiGM8r9JpMrE8HzYiAzbg5lZBEB1FJ9M9j5JgVo+Q3rV\n0v/BKix6YLotBY3G5JKqdwGW5PQDcfszAu5vYLM5tnysnohCiRuBr5s2gZhTJ1Ab\nkV9V/+PXXNfDLVvVV3KqZCK7iEkvxmeZy0ImiK5SuQCCT80AeyHJTepxWaRtqYY4\ndR/tkKtLDoCYepQcPYn5nFbIcdATC49Z02R9yxgEjRAyvT/pU7MQv6VD2prl1cr+\niH+YV+qqxxExRr7Lf3Pf4gXgijSF3xxyBJ4ObA0v53suNIpNLXUnZOaNAgMBAAGj\nggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRh7YIK0Ug6ujrJIn34QRkt\nNHPVWTAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB\nAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i\nYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js\nMBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM\nMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB\ngDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs\neSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl\nciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2\naWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl\naXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m\nIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k\nIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v\nY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll\nczANBgkqhkiG9w0BAQsFAAOCAQEAK8zudMELp+lFVDrYifGUBSGKdRv9ZOyui/IV\nfl1EBP2zmTj5MMuo+LxBDv0OC5S1pp74F7DxbMOyfm9duG16MR7xb0Lm9vqkYA3G\nMfZZMGfMTY9+JDNcyQiIZ5KsRJ6gMPxHaIA2mbr+jxuThfVyPXaPt4k/OEnjXTzk\ngJxXk8Qo1IhWqR+loAPsSu7mQ/Kce/alcUn4guRf0ZGk+v4o2SG560Lhga7OCBJA\nx9I5dJKNbw9il/6ln6UKhLNMwdvU4VkWopZ7DGSkO4jE2ATdV3iL2mIOGnbQSwlf\nfbOrwrlnb+zmXKEMfbgZJNjAT3yNU+ZtAamq7lC/hjG5LqTeVg\u003d\u003d\n-----END CERTIFICATE-----"
  },
  "client2": {
    "client_id": "xp-bank-two",
    "redirect_uri": "https://openbanking-redirect-hml.xpi.com.br/",
    "id_token_encrypted_response_alg": "RSA-OAEP",
    "id_token_encrypted_response_enc": "A256GCM",
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0\nNDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp\nbyBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3\nMTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku\nY29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0\nZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is\nZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p\nf2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X\n9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy\nFGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe\nq0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c\njsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj\nggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz\nsDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB\nAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i\nYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js\nMBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM\nMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB\ngDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs\neSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl\nciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2\naWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl\naXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m\nIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k\nIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v\nY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll\nczANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/\n/LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb\nU930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV\nSvi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN\nDTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE\nG4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A\u003d\u003d\n-----END CERTIFICATE-----",
    "jwks": {
      "keys": [
        {
          "kty": "RSA",
          "use": "sig",
          "alg": "PS256",
          "n": "012Bdbiby0gag3vEL_kwWLsBWExuJWPf6h6icbjEAKqLUW1TkFA6JQGXCUm3sYPVTqyh7P2a3ogy1t7xjE73ybPRxxcUY4ta7Pjbf38R7t4wwC9vvDvlZ5kS_samRUSxWv-I9JT0PZ78fR09NGtyEjI1zgN-dzqQIWOIbQBLTWNl_6HqrtiTwWojhdhxROywj_nBNW_LB7oXxisQRD2So0KstLnGtKeMHiRJvEFwv7R7H6sLYe0uj9jt2tkdI702EQi4vhMc_M5q7hID1_9gDcP9HWbTt8-QVMC_DDG6lLnp3FyU-LlblSSfWt-vNVn4Szo1LdOl8ywqMoS5uE_Ujw",
          "e": "AQAB",
          "kid": "deaf94cb7cb9b97be30d3cc289bfa7c9d7425030164da2a2ea8e242875692fb4"
        },
        {
          "kty": "RSA",
          "use": "enc",
          "alg": "RSA-OAEP",
          "n": "pzC_7Y7yQ0X-UNUIvgO5sLXj7wiuYyAR55_0HhPkgMKJs2NlliJdei8TkHvCUXX2vuOD-c2wYZ4Ym9h9etVXHPiEEW1432GY533d-cogn2Y1QdBsDc7iNPriK7uENoQwNusN1CrDz7kAh4YzQfGqlvM9fAyxOCsCfViq7ZM82S88_uwcmm2kB5Ns8NulKGLyxZhB1g0xqVjDtVlkArAGaoTsIRjRJsECcPTrjQn1155eBe3KyTiyny7iMM2-Xh4lcVUQQXquykT9y0Wzmxf40VPfQ4GwM4KpurRyPsZs6qAeJUxCAJqVJvhzP1lh_7_STmLB0fgVEsn_3howRYLNmQ",
          "e": "AQAB",
          "kid": "a8a613c7223bba1f4a2a0aacbb07cb9551c850a69473202971112d233c873d69"
        }
      ]
    }
  },
  "directory": {
    "keystore": "https://keystore.sandbox.directory.openbankingbrasil.org.br/"
  }
}
testName
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
2022-03-25 02:36:06 SUCCESS
FAPIBrazilGenerateServerConfiguration
Created server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/xp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/xp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/xp/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/xp/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/xp/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/xp/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true
}
issuer
https://www.certification.openid.net/test/a/xp/
discoveryUrl
https://www.certification.openid.net/test/a/xp/.well-known/openid-configuration
2022-03-25 02:36:06 SUCCESS
LoadServerJWKs
Parsed public and private JWK sets
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_encryption_keys
{
  "keys": [
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
server_public_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "alg": "PS256",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "alg": "RSA-OAEP",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2022-03-25 02:36:06 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-03-25 02:36:06
SetServerSigningAlgToPS256
Successfully set signing algorithm to PS256
2022-03-25 02:36:06
FAPIBrazilSetGrantTypesSupportedInServerConfiguration
Successfully set grant_types_supported
server
{
  "issuer": "https://www.certification.openid.net/test/a/xp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/xp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/xp/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/xp/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/xp/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/xp/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ]
}
2022-03-25 02:36:06
AddClaimsParameterSupportedTrueToServerConfiguration
Successfully added claims_parameter_supported to server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/xp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/xp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/xp/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/xp/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/xp/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/xp/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true
}
2022-03-25 02:36:06
FAPIBrazilAddBrazilSpecificSettingsToServerConfiguration
Added open banking Brazil specific server settings
server
{
  "issuer": "https://www.certification.openid.net/test/a/xp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/xp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/xp/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/xp/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/xp/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/xp/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ]
}
2022-03-25 02:36:06
SetTokenEndpointAuthMethodsSupportedToPrivateKeyJWTOnly
Changed token_endpoint_auth_methods_supported to private_key_jwt only in server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/xp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/xp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/xp/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/xp/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/xp/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/xp/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/userinfo"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ]
}
2022-03-25 02:36:06
AddPushedAuthorizationRequestEndpointToServerConfig
Added pushed_authorization_request_endpoint to server configuration
endpoint
https://www.certification.openid.net/test/a/xp/par
2022-03-25 02:36:06
AddRequirePushedAuthorizationRequestsToServerConfig
Added require_pushed_authorization_requests to server configuration
value
true
2022-03-25 02:36:06 SUCCESS
AddResponseTypeCodeIdTokenToServerConfiguration
Added code id_token as response type supported
response_types_supported
[
  "code id_token"
]
2022-03-25 02:36:06 SUCCESS
FAPIBrazilAddTokenEndpointAuthSigningAlgValuesSupportedToServer
Set token_endpoint_auth_signing_alg_values_supported
values
[
  "PS256"
]
2022-03-25 02:36:06 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-03-25 02:36:06 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "d": "ZvivfZxJMbbdTQmxyE0lmE6ZuH8cMQOLyZxdaA5pNwm7ZEnPBEftZs8aR9ijhCDWMieui3h--rXwlXqbEm3g1sVgQ-WKTFV-NLKaJC1h-EU5HKdlOflstr7x57zhKp60ZIK69GyEXyJccUfzcD32u8raec9NplQ2MqS5MA1lnQFlocFoX1RNU4tSpEdJQq2UzqtX5WPhc88A6fTc1xu2fA5wyxzZu7fUjIETzLimcu-dDaEvvgm7c_A1ulm8EQuCN10k3FrIIe9RfuXHyxh9Rcd0aiIP9qwitxd5Cl0io7zby8MBIAaSei2co7y4tciBt4AfnzpBlGbtjgfr2gxD0Q",
      "e": "AQAB",
      "use": "sig",
      "kid": "X5d4vFYfLxaG1gg8_l3bFYFhUaUVmE6PaEsRWX2EYqM",
      "x5c": [
        "MIIGqzCCBZOgAwIBAgIUdUCw8bQZidnZ6uERKJuN9u4RGvcwDQYJKoZIhvcNAQELBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwxFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNBTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIxMDgxNjA5NTUwMFoXDTIyMDkxNTA5NTUwMFowgacxCzAJBgNVBAYTAkJSMRMwEQYDVQQKEwpJQ1AtQnJhc2lsMS8wDAYDVQQLEwUxMjM0NTAOBgNVBAsTB2NlcnRtYW4wDwYDVQQLEwhhZ29vZG9uZTEcMBoGA1UEAxMTT3BlbiBCYW5raW5nIEJyYXNpbDE0MDIGCgmSJomT8ixkAQETJDc0ZTkyOWQ5LTMzYjYtNGQ4NS04YmE3LWMxNDZjODY3YTgxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyF1agPcwq5ms99Flo82XsXUroWoD/6FX4AfmOUu113h4VOLYaO3N8HDYbKxgii2En/+O61e/Ptjn4T2PVq0iVcqiF6Gp4sKE5w/bKZRfdCe8qIPS4D+JKpFpesJvIHUeQvlAuBp5dA9nGSpxOjGe5P2+ZzNGXwvux/2ztdweGmKbtOvbYe4RVhiu6bOubog8XEBmD96EnqmoROasH1Hn9kDJIclbTP51j/TlQMzhrSfJJuE3Qq6vWhe/DaPbtmELmlDiYHjp8CjAY5oBMHLmkHvQxEBV4cwbUZj5ZpdqU8tkA78XtR4DkzrJ4fYoBb1+9ABq6GNzxWPpSQMQuBXdsCAwEAAaOCAwIwggL+MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJwv7oHX2exZL304ru+4eGVypHlxMB8GA1UdIwQYMBaAFIZ/WK0X9YK2TrQFs/uwzhFD30y+MEwGCCsGAQUFBwEBBEAwPjA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwuc2FuZGJveC5wa2kub3BlbmJhbmtpbmdicmFzaWwub3JnLmJyL2lzc3Vlci5jcmwwXgYDVR0RBFcwVaAZBgVgTAEDAqAQDA5NaWNoYWVsIEZyYXNlcqAYBgVgTAEDA6APDA0xMzM1MzIzNjAwMTg5oA0GBWBMAQMEoAQMAm5voA8GBWBMAQMHoAYMBGFsb3QwDgYDVR0PAQH/BAQDAgbAMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIBgDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVseSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhlciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNlaXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5kIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8vY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2llczANBgkqhkiG9w0BAQsFAAOCAQEAtKn/QnJqKLp52YB14x+M21qwz67utFkWjhauQe0elXupjY5NWZb5wLrGYNOZQzRe2JRzcBbGN6P7lCweRfxMkSGh9YrXbrkBXLEPtLHpTVEy65v1tWl02lC+ooVPyQpSjAQL0L69OQ7s7rnIXyb3rkSUzuGSxsLU1AXpWj0oYFB4wdeIdPAVPs83frC5s4kz42JruSAE2vsbvQURTVPChh+hO6+R6Irz+ZEZ1NSgjQkxvOXHW53CkXZSjjHbAB/nbJYi7YyK7kck99r38Ba/WBfIfywdFVVYfiiW5TS6XbQeVeilmmt5MLxBz96FxR6E6WR+cQwybEe94Fb/jD6xHA\u003d\u003d"
      ],
      "dp": "bQ9aXj8tHnj0qO8aAWapGokWX78OlvNzytYg4JSGyJ7pUQnRB4Ds2Lai6kgjniUiu5MX2kdceDbHykG5R-WDj0Ztv6UPV3jA3cOjDwVzwmiwBVmVQNRxzK31Ra8f4YJs9_o0bjmVvXQRchY9l9_Xkk_Hev2F2A540Fhk0tlbUBE",
      "dq": "XPYDZ_kxwZjtQb-XUBLBcvNV1jcDhba2stysXGv0SfvsxOg6G3qZ5xtsiyQxzAYen0LRttCBXkZXEtXXAodLRvJMwUXuYWtNCrBqxYDHkJogUDPnBXq-Hig6x8fsDJunH8JooCc-3WcFpHQcIZZdcwyXPVi59eAfWCwJlgHYYHk",
      "n": "3IXVqA9zCrmaz30WWjzZexdSuhagP_oVfgB-Y5S7XXeHhU4tho7c3wcNhsrGCKLYSf_47rV78-2OfhPY9WrSJVyqIXoaniwoTnD9splF90J7yog9LgP4kqkWl6wm8gdR5C-UC4Gnl0D2cZKnE6MZ7k_b5nM0ZfC-7H_bO13B4aYpu069th7hFWGK7ps65uiDxcQGYP3oSeqahE5qwfUef2QMkhyVtM_nWP9OVAzOGtJ8km4TdCrq9aF78No9u2YQuaUOJgeOnwKMBjmgEwcuaQe9DEQFXhzBtRmPlml2pTy2QDvxe1HgOTOsnh9igFvX70AGroY3PFY-lJAxC4Fd2w",
      "p": "_QaFFuyZriEWtbiKexy7pIYicgU0ePMepvyNuiiFqlsUFQ24q9gp_iWECDhi8qqss__i1LW_eHQATKWfqUc6HdDY-ickJXvVktrQiT-buvJ24iTtK_NooPMKQW976NIX39_sEPJ6ceo9ZDFxTTCkmJus3eXDJmRZT2YzSZJcvcc",
      "kty": "RSA",
      "q": "3x1_dyovnWXSr7y7ufe6AHUV0kHBYVrGW2vdNZxKrrgBW5r2mm93NnHsrG-mJlzW7kG_jR41bWf74sucGdwXTx96riRVy8bov9SzPCDl9_QCHzPpqZOxjngfzQYq1L1qJA2BAie0Sq6YZhgLJ1fWPLutEO5soIYAkLXSJ9IVb00",
      "qi": "eHhOb5NUDfMGXwNscjEcMrMFS425qsoJAXfGJ10hm8svZOkNYgVpb7Hs7oT8XytanRl0Gk8gKH0yhvya65B5ipyby17uBMkikNN-EeYoY2AkvEfM_nO0dvHbDdF11rkM5Q_SEDlGmojxnx4_Euj8WeuSgcwiCQkR23aZlQGx1Mg",
      "alg": "PS256"
    },
    {
      "p": "6-RGunw1LGXpsGIabzcG8n_ITbahS9waTzjcwLkzjWjyR5hxnTSrCMas9EsOuIt3qvkdf02psgwi-J0ZX680ujaXdeiPAeuOUbsLPBOhRuu-ySXxMTT7uiwWJmF5LtBx8Qd3hRV2sd9zOhYzSohcmWp8w_uKTOYrFzGtWMvlGic",
      "kty": "RSA",
      "q": "vn3cUU9RFc7pB3fjiEPGwYGA_h8f2X6dOqy-JYIMIiuYhPq6cT8xIlE-sHs58kZzC1QbOBc4y-qRyqj1L4StPaYH4mtJU0s_6A_b9Cai96yzYYmMr92be2nCFMxBpmpBhN21AIdGc640OxgWMdz5OVo455v1uIEQGPr2aDpOzVs",
      "d": "QrIJ9tPG7pSrt1KKSU-9EbAq-hU92FzEV9GwzuG_dbBPyRLYNVfAz-Yb8ug3YLuqec_kcB5JCep7QkYHgpNdX5WXFxARCpXa-J7Xq50oBdiAS2ehLpnYHXpJI7HqOcH9ASZML_MXjI8e_EpsI7Yk6xJ9qxk8bXGupw0C6anwL3NBe232zA7I1FnwL9tpZVOLPupeok7HMRbFc6QSR3dA54zJmkyEbyOSqzRqCK_g7AB_RcMImN0SoCg0epxZjrculIXPG0Gl1T3TG3WY-CBUtAkI1chFMGCgYF_v-FMSun8N6igilPC5O683BMcJoTK745khMCv7FcSCSFVh0H5vKQ",
      "e": "AQAB",
      "use": "enc",
      "kid": "0fe502dd-14f0-4f45-80f9-feb9a216f996",
      "qi": "W6TMI3L-Ob-Jx61TdYqN5gBoBsWF6KWuCmiE9ZiwJiMVCv5ddEbFafBuiIQgRnby1VpnH9j5KVb5PT_V78ohKFmpfL7ErXQerf_pJkEtvgK9lQta1EM1HMoShrJ4GdHPym_BZzDDmt6njvwTfSg95y28h-j5epuywcwu6TwAUA8",
      "dp": "a9rjD-8srNEoKVKhvYoObiBI6GeBllrb2K8qGCBV1ulOJbgo8nUbYpbci5Ip9-0k2RKwDv3mghcUglHqQRqt5BqD5BBiGsGmP-5is6RSEEhH4lar0hDkq_nuYrwcmXALOOZuGnZ239tIJx3xc7mnhSnwQ_emA4UV3LQFC12mse8",
      "alg": "RSA-OAEP",
      "dq": "Qk8TiyY-BoZg7Z2ZEYzuOdu3qD3zW0VMu-j3w5yyVo6wZ9HTZqplkxmO5eXvNNu7Hj1nwC2tMqZzm4UW3DSmDWinI_TOsHToSQKEQUfVwLtYMeKsm2dbwSj-SzkSvTgNmI-IeyebqZcBTXTD_RV7l7BFULIkZdZfYSKy9XMejTM",
      "n": "r4dl-ApW6c-fvDbfSVxHpdV8zi8VQW4b9-uHMRq7dzqCkvP8OAG1R3plSr1N6fL_YLiIr9y621XkyRiMEKR7-DeqGsLf2ZTaqrZ1LfYgjsc2i9o3NSOeSgBwKGmT7h1OgxZSbhLzo7Xaktu3CCUZCOWLzs7LKo_CvKkcTF7tPhK9jYjdTsdsnS0RJOPjYQe7JO83Mvhd1Ty3F-Qycd-cKKMSjcQRiHt9jKd09kA2fKVlFwbm2M1PM3NdtnMaOUw31-XC4ixay47XTMqnmX7-op7qYV9wXbeZmjTsAKFuTGwJiGJrOTfqciDLBW8IpGC2BzFJ5rYmRu0kAttpvkOG3Q"
    }
  ]
}
2022-03-25 02:36:06 SUCCESS
LoadUserInfo
Added user information
user_info
{
  "sub": "user-subject-1234531",
  "name": "Demo T. User",
  "email": "user@example.com",
  "email_verified": false
}
Verify configuration of first client
2022-03-25 02:36:06 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
xp-bank
redirect_uri
https://openbanking-redirect-hml.xpi.com.br/
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "uEKxEU50B_axhkUdW_8ga6ijE4pAP2Al2nc9-DAQKY_DBrnIBf78-eT2bUA4a-oX5wDrSK916zqOGHiPu4flOuSsv0qf4AluK8ceVCyTzqZjAS3RXACj3d8wUmy8q_EHN25jK3cC8P5Rpi3vEUZJQ64jIXacnHLBToY-7VKBzPJXSnGTmBKZu2tjE161o2Oc33q5lJTuRIMWuzDrcfhFbE-gNWhGfY93x0zXpFBG8XWqHkpA0gUlGk7D2iJpmESaeKnH4Zf1V0JtKZ5DrjGDUGPvEcQoX6v-LJu9ZLJthvP8TOy8E8rXYWUrlLZ6OORCgy-6cokI2UR8lpPsIjCHjQ",
      "e": "AQAB",
      "kid": "15a63bcc71f57382bce6802c6fc38a4f4fb37188627fc047957492a910d24ded"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "vgOYeechKwQbNww_1P5uoUkVfAIRp7j4wmJNSRsnC5LCsBPNZO_5dhvzJz1AtCCrTcwSy5HzpmtMbC0V9eXXIlWB_HKx0Ge-WK-m979kYFRTl_mntUe8M5JBSsozfaRmisK40dPHdt6mopyZAqcG0f05W7rKq-0WGdDS-h9JHAUxztRc8JX8xConlDKH4B506fVn5N8ahk6EZuMWRTDEsUCAB-lOT-JiAjMCuFvLPhPkApwnwps_oyoIZKInRgQuXjms1QdoyVyQcA50ZyfLMz0ekr3LySVd6KiIHF_UcNgObJ98ZFBaiet184dYSo79IA35GY_USm4OO0dICVMCNQ",
      "e": "AQAB",
      "kid": "1977947890e65b99342b1c82d19f51dcfe12e05ebc32d6dc85298e2bd4d2f753"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIG4TCCBcmgAwIBAgIUVTan/A52h2NWYMtXiUI/KsGJIeEwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDMwMFoXDTIzMDQwOTE0
NDMwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp
byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3
MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku
Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0
ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is
ZAEBEyQwNjc0YWVkMC1jZDQzLTQ5ODAtOThjNC1iMjBjMjE5ZTU2ZGEwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmQXmkidOfL8Rie4T0kWoND/awUt5x
4NOa7EhiXBomwDqaL+e7HiGM8r9JpMrE8HzYiAzbg5lZBEB1FJ9M9j5JgVo+Q3rV
0v/BKix6YLotBY3G5JKqdwGW5PQDcfszAu5vYLM5tnysnohCiRuBr5s2gZhTJ1Ab
kV9V/+PXXNfDLVvVV3KqZCK7iEkvxmeZy0ImiK5SuQCCT80AeyHJTepxWaRtqYY4
dR/tkKtLDoCYepQcPYn5nFbIcdATC49Z02R9yxgEjRAyvT/pU7MQv6VD2prl1cr+
iH+YV+qqxxExRr7Lf3Pf4gXgijSF3xxyBJ4ObA0v53suNIpNLXUnZOaNAgMBAAGj
ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRh7YIK0Ug6ujrJIn34QRkt
NHPVWTAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB
AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i
YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js
MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM
MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB
gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs
eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl
ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2
aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl
aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m
IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k
IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v
Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll
czANBgkqhkiG9w0BAQsFAAOCAQEAK8zudMELp+lFVDrYifGUBSGKdRv9ZOyui/IV
fl1EBP2zmTj5MMuo+LxBDv0OC5S1pp74F7DxbMOyfm9duG16MR7xb0Lm9vqkYA3G
MfZZMGfMTY9+JDNcyQiIZ5KsRJ6gMPxHaIA2mbr+jxuThfVyPXaPt4k/OEnjXTzk
gJxXk8Qo1IhWqR+loAPsSu7mQ/Kce/alcUn4guRf0ZGk+v4o2SG560Lhga7OCBJA
x9I5dJKNbw9il/6ln6UKhLNMwdvU4VkWopZ7DGSkO4jE2ATdV3iL2mIOGnbQSwlf
fbOrwrlnb+zmXKEMfbgZJNjAT3yNU+ZtAamq7lC/hjG5LqTeVg==
-----END CERTIFICATE-----
2022-03-25 02:36:06 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-03-25 02:36:06 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "uEKxEU50B_axhkUdW_8ga6ijE4pAP2Al2nc9-DAQKY_DBrnIBf78-eT2bUA4a-oX5wDrSK916zqOGHiPu4flOuSsv0qf4AluK8ceVCyTzqZjAS3RXACj3d8wUmy8q_EHN25jK3cC8P5Rpi3vEUZJQ64jIXacnHLBToY-7VKBzPJXSnGTmBKZu2tjE161o2Oc33q5lJTuRIMWuzDrcfhFbE-gNWhGfY93x0zXpFBG8XWqHkpA0gUlGk7D2iJpmESaeKnH4Zf1V0JtKZ5DrjGDUGPvEcQoX6v-LJu9ZLJthvP8TOy8E8rXYWUrlLZ6OORCgy-6cokI2UR8lpPsIjCHjQ",
      "e": "AQAB",
      "kid": "15a63bcc71f57382bce6802c6fc38a4f4fb37188627fc047957492a910d24ded"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "vgOYeechKwQbNww_1P5uoUkVfAIRp7j4wmJNSRsnC5LCsBPNZO_5dhvzJz1AtCCrTcwSy5HzpmtMbC0V9eXXIlWB_HKx0Ge-WK-m979kYFRTl_mntUe8M5JBSsozfaRmisK40dPHdt6mopyZAqcG0f05W7rKq-0WGdDS-h9JHAUxztRc8JX8xConlDKH4B506fVn5N8ahk6EZuMWRTDEsUCAB-lOT-JiAjMCuFvLPhPkApwnwps_oyoIZKInRgQuXjms1QdoyVyQcA50ZyfLMz0ekr3LySVd6KiIHF_UcNgObJ98ZFBaiet184dYSo79IA35GY_USm4OO0dICVMCNQ",
      "e": "AQAB",
      "kid": "1977947890e65b99342b1c82d19f51dcfe12e05ebc32d6dc85298e2bd4d2f753"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "15a63bcc71f57382bce6802c6fc38a4f4fb37188627fc047957492a910d24ded",
      "alg": "PS256",
      "n": "uEKxEU50B_axhkUdW_8ga6ijE4pAP2Al2nc9-DAQKY_DBrnIBf78-eT2bUA4a-oX5wDrSK916zqOGHiPu4flOuSsv0qf4AluK8ceVCyTzqZjAS3RXACj3d8wUmy8q_EHN25jK3cC8P5Rpi3vEUZJQ64jIXacnHLBToY-7VKBzPJXSnGTmBKZu2tjE161o2Oc33q5lJTuRIMWuzDrcfhFbE-gNWhGfY93x0zXpFBG8XWqHkpA0gUlGk7D2iJpmESaeKnH4Zf1V0JtKZ5DrjGDUGPvEcQoX6v-LJu9ZLJthvP8TOy8E8rXYWUrlLZ6OORCgy-6cokI2UR8lpPsIjCHjQ"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "1977947890e65b99342b1c82d19f51dcfe12e05ebc32d6dc85298e2bd4d2f753",
      "alg": "RSA-OAEP",
      "n": "vgOYeechKwQbNww_1P5uoUkVfAIRp7j4wmJNSRsnC5LCsBPNZO_5dhvzJz1AtCCrTcwSy5HzpmtMbC0V9eXXIlWB_HKx0Ge-WK-m979kYFRTl_mntUe8M5JBSsozfaRmisK40dPHdt6mopyZAqcG0f05W7rKq-0WGdDS-h9JHAUxztRc8JX8xConlDKH4B506fVn5N8ahk6EZuMWRTDEsUCAB-lOT-JiAjMCuFvLPhPkApwnwps_oyoIZKInRgQuXjms1QdoyVyQcA50ZyfLMz0ekr3LySVd6KiIHF_UcNgObJ98ZFBaiet184dYSo79IA35GY_USm4OO0dICVMCNQ"
    }
  ]
}
2022-03-25 02:36:06 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-03-25 02:36:06 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-03-25 02:36:06 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "uEKxEU50B_axhkUdW_8ga6ijE4pAP2Al2nc9-DAQKY_DBrnIBf78-eT2bUA4a-oX5wDrSK916zqOGHiPu4flOuSsv0qf4AluK8ceVCyTzqZjAS3RXACj3d8wUmy8q_EHN25jK3cC8P5Rpi3vEUZJQ64jIXacnHLBToY-7VKBzPJXSnGTmBKZu2tjE161o2Oc33q5lJTuRIMWuzDrcfhFbE-gNWhGfY93x0zXpFBG8XWqHkpA0gUlGk7D2iJpmESaeKnH4Zf1V0JtKZ5DrjGDUGPvEcQoX6v-LJu9ZLJthvP8TOy8E8rXYWUrlLZ6OORCgy-6cokI2UR8lpPsIjCHjQ",
      "e": "AQAB",
      "kid": "15a63bcc71f57382bce6802c6fc38a4f4fb37188627fc047957492a910d24ded"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "vgOYeechKwQbNww_1P5uoUkVfAIRp7j4wmJNSRsnC5LCsBPNZO_5dhvzJz1AtCCrTcwSy5HzpmtMbC0V9eXXIlWB_HKx0Ge-WK-m979kYFRTl_mntUe8M5JBSsozfaRmisK40dPHdt6mopyZAqcG0f05W7rKq-0WGdDS-h9JHAUxztRc8JX8xConlDKH4B506fVn5N8ahk6EZuMWRTDEsUCAB-lOT-JiAjMCuFvLPhPkApwnwps_oyoIZKInRgQuXjms1QdoyVyQcA50ZyfLMz0ekr3LySVd6KiIHF_UcNgObJ98ZFBaiet184dYSo79IA35GY_USm4OO0dICVMCNQ",
      "e": "AQAB",
      "kid": "1977947890e65b99342b1c82d19f51dcfe12e05ebc32d6dc85298e2bd4d2f753"
    }
  ]
}
Verify configuration of second client
2022-03-25 02:36:06 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
xp-bank-two
redirect_uri
https://openbanking-redirect-hml.xpi.com.br/
id_token_encrypted_response_alg
RSA-OAEP
id_token_encrypted_response_enc
A256GCM
certificate
-----BEGIN CERTIFICATE-----
MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0
NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp
byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3
MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku
Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0
ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is
ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p
f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X
9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy
FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe
q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c
jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj
ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz
sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB
AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i
YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js
MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM
MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB
gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs
eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl
ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2
aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl
aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m
IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k
IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v
Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll
czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/
/LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb
U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV
Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN
DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE
G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A==
-----END CERTIFICATE-----
jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "012Bdbiby0gag3vEL_kwWLsBWExuJWPf6h6icbjEAKqLUW1TkFA6JQGXCUm3sYPVTqyh7P2a3ogy1t7xjE73ybPRxxcUY4ta7Pjbf38R7t4wwC9vvDvlZ5kS_samRUSxWv-I9JT0PZ78fR09NGtyEjI1zgN-dzqQIWOIbQBLTWNl_6HqrtiTwWojhdhxROywj_nBNW_LB7oXxisQRD2So0KstLnGtKeMHiRJvEFwv7R7H6sLYe0uj9jt2tkdI702EQi4vhMc_M5q7hID1_9gDcP9HWbTt8-QVMC_DDG6lLnp3FyU-LlblSSfWt-vNVn4Szo1LdOl8ywqMoS5uE_Ujw",
      "e": "AQAB",
      "kid": "deaf94cb7cb9b97be30d3cc289bfa7c9d7425030164da2a2ea8e242875692fb4"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "pzC_7Y7yQ0X-UNUIvgO5sLXj7wiuYyAR55_0HhPkgMKJs2NlliJdei8TkHvCUXX2vuOD-c2wYZ4Ym9h9etVXHPiEEW1432GY533d-cogn2Y1QdBsDc7iNPriK7uENoQwNusN1CrDz7kAh4YzQfGqlvM9fAyxOCsCfViq7ZM82S88_uwcmm2kB5Ns8NulKGLyxZhB1g0xqVjDtVlkArAGaoTsIRjRJsECcPTrjQn1155eBe3KyTiyny7iMM2-Xh4lcVUQQXquykT9y0Wzmxf40VPfQ4GwM4KpurRyPsZs6qAeJUxCAJqVJvhzP1lh_7_STmLB0fgVEsn_3howRYLNmQ",
      "e": "AQAB",
      "kid": "a8a613c7223bba1f4a2a0aacbb07cb9551c850a69473202971112d233c873d69"
    }
  ]
}
2022-03-25 02:36:06 SUCCESS
ValidateClientJWKsPublicPart
Valid client JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-03-25 02:36:06 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "012Bdbiby0gag3vEL_kwWLsBWExuJWPf6h6icbjEAKqLUW1TkFA6JQGXCUm3sYPVTqyh7P2a3ogy1t7xjE73ybPRxxcUY4ta7Pjbf38R7t4wwC9vvDvlZ5kS_samRUSxWv-I9JT0PZ78fR09NGtyEjI1zgN-dzqQIWOIbQBLTWNl_6HqrtiTwWojhdhxROywj_nBNW_LB7oXxisQRD2So0KstLnGtKeMHiRJvEFwv7R7H6sLYe0uj9jt2tkdI702EQi4vhMc_M5q7hID1_9gDcP9HWbTt8-QVMC_DDG6lLnp3FyU-LlblSSfWt-vNVn4Szo1LdOl8ywqMoS5uE_Ujw",
      "e": "AQAB",
      "kid": "deaf94cb7cb9b97be30d3cc289bfa7c9d7425030164da2a2ea8e242875692fb4"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "pzC_7Y7yQ0X-UNUIvgO5sLXj7wiuYyAR55_0HhPkgMKJs2NlliJdei8TkHvCUXX2vuOD-c2wYZ4Ym9h9etVXHPiEEW1432GY533d-cogn2Y1QdBsDc7iNPriK7uENoQwNusN1CrDz7kAh4YzQfGqlvM9fAyxOCsCfViq7ZM82S88_uwcmm2kB5Ns8NulKGLyxZhB1g0xqVjDtVlkArAGaoTsIRjRJsECcPTrjQn1155eBe3KyTiyny7iMM2-Xh4lcVUQQXquykT9y0Wzmxf40VPfQ4GwM4KpurRyPsZs6qAeJUxCAJqVJvhzP1lh_7_STmLB0fgVEsn_3howRYLNmQ",
      "e": "AQAB",
      "kid": "a8a613c7223bba1f4a2a0aacbb07cb9551c850a69473202971112d233c873d69"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "deaf94cb7cb9b97be30d3cc289bfa7c9d7425030164da2a2ea8e242875692fb4",
      "alg": "PS256",
      "n": "012Bdbiby0gag3vEL_kwWLsBWExuJWPf6h6icbjEAKqLUW1TkFA6JQGXCUm3sYPVTqyh7P2a3ogy1t7xjE73ybPRxxcUY4ta7Pjbf38R7t4wwC9vvDvlZ5kS_samRUSxWv-I9JT0PZ78fR09NGtyEjI1zgN-dzqQIWOIbQBLTWNl_6HqrtiTwWojhdhxROywj_nBNW_LB7oXxisQRD2So0KstLnGtKeMHiRJvEFwv7R7H6sLYe0uj9jt2tkdI702EQi4vhMc_M5q7hID1_9gDcP9HWbTt8-QVMC_DDG6lLnp3FyU-LlblSSfWt-vNVn4Szo1LdOl8ywqMoS5uE_Ujw"
    },
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "enc",
      "kid": "a8a613c7223bba1f4a2a0aacbb07cb9551c850a69473202971112d233c873d69",
      "alg": "RSA-OAEP",
      "n": "pzC_7Y7yQ0X-UNUIvgO5sLXj7wiuYyAR55_0HhPkgMKJs2NlliJdei8TkHvCUXX2vuOD-c2wYZ4Ym9h9etVXHPiEEW1432GY533d-cogn2Y1QdBsDc7iNPriK7uENoQwNusN1CrDz7kAh4YzQfGqlvM9fAyxOCsCfViq7ZM82S88_uwcmm2kB5Ns8NulKGLyxZhB1g0xqVjDtVlkArAGaoTsIRjRJsECcPTrjQn1155eBe3KyTiyny7iMM2-Xh4lcVUQQXquykT9y0Wzmxf40VPfQ4GwM4KpurRyPsZs6qAeJUxCAJqVJvhzP1lh_7_STmLB0fgVEsn_3howRYLNmQ"
    }
  ]
}
2022-03-25 02:36:06 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-03-25 02:36:06 SUCCESS
EnsureClientJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-03-25 02:36:06 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "use": "sig",
      "alg": "PS256",
      "n": "012Bdbiby0gag3vEL_kwWLsBWExuJWPf6h6icbjEAKqLUW1TkFA6JQGXCUm3sYPVTqyh7P2a3ogy1t7xjE73ybPRxxcUY4ta7Pjbf38R7t4wwC9vvDvlZ5kS_samRUSxWv-I9JT0PZ78fR09NGtyEjI1zgN-dzqQIWOIbQBLTWNl_6HqrtiTwWojhdhxROywj_nBNW_LB7oXxisQRD2So0KstLnGtKeMHiRJvEFwv7R7H6sLYe0uj9jt2tkdI702EQi4vhMc_M5q7hID1_9gDcP9HWbTt8-QVMC_DDG6lLnp3FyU-LlblSSfWt-vNVn4Szo1LdOl8ywqMoS5uE_Ujw",
      "e": "AQAB",
      "kid": "deaf94cb7cb9b97be30d3cc289bfa7c9d7425030164da2a2ea8e242875692fb4"
    },
    {
      "kty": "RSA",
      "use": "enc",
      "alg": "RSA-OAEP",
      "n": "pzC_7Y7yQ0X-UNUIvgO5sLXj7wiuYyAR55_0HhPkgMKJs2NlliJdei8TkHvCUXX2vuOD-c2wYZ4Ym9h9etVXHPiEEW1432GY533d-cogn2Y1QdBsDc7iNPriK7uENoQwNusN1CrDz7kAh4YzQfGqlvM9fAyxOCsCfViq7ZM82S88_uwcmm2kB5Ns8NulKGLyxZhB1g0xqVjDtVlkArAGaoTsIRjRJsECcPTrjQn1155eBe3KyTiyny7iMM2-Xh4lcVUQQXquykT9y0Wzmxf40VPfQ4GwM4KpurRyPsZs6qAeJUxCAJqVJvhzP1lh_7_STmLB0fgVEsn_3howRYLNmQ",
      "e": "AQAB",
      "kid": "a8a613c7223bba1f4a2a0aacbb07cb9551c850a69473202971112d233c873d69"
    }
  ]
}
2022-03-25 02:36:06 SUCCESS
FAPIEnsureClientJwksContainsAnEncryptionKey
Found an encryption key in client jwks
kid
a8a613c7223bba1f4a2a0aacbb07cb9551c850a69473202971112d233c873d69
algorithm
RSA-OAEP
2022-03-25 02:36:06
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Setup Done
2022-03-25 02:36:08 INCOMING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Incoming HTTP request to /test/a/xp/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "710052890436720395",
  "x-datadog-parent-id": "2507944828277519224",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/xp/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-25 02:36:08 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-25 02:36:08 OUTGOING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Response to HTTP request to test instance 8pIsBPqWjSNdT1x
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/xp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/xp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/xp/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/xp/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/xp/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/xp/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/xp/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-03-25 02:36:08 INCOMING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Incoming HTTP request to /test-mtls/a/xp/token
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "710052890436720395",
  "x-datadog-parent-id": "6088484738273421812",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close",
  "content-length": "1049"
}
incoming_path
/test-mtls/a/xp/token
incoming_body_form_params
{
  "grant_type": "client_credentials",
  "scope": "consents",
  "client_id": "xp-bank-two",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRlYWY5NGNiN2NiOWI5N2JlMzBkM2NjMjg5YmZhN2M5ZDc0MjUwMzAxNjRkYTJhMmVhOGUyNDI4NzU2OTJmYjQifQ.eyJpYXQiOjE2NDgxNzU3NjgsImV4cCI6MTY0ODE3NTgyOCwianRpIjoid1NheDVSdEpkek9kbl94TlQ0V2QtVnpSU1B1cHdRcHhFZzYwVDk1U1FSZyIsImlzcyI6InhwLWJhbmstdHdvIiwic3ViIjoieHAtYmFuay10d28iLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS94cC8iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3hwL3Rva2VuIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL3hwL3Rva2VuIl19.DFF_c1MLvEhKmnuJD8j209bvLiT4IaR3oNOGTYWfxOUCvRvPdFQvSL1TdVcmeBsp-e7ZP6lkrVLRtZ_aYYEQ6l9Sg8bDJIhGA2Fg62hGY44rrxlioQaJqs1JKbg0AeX-ncM0SymznTPD_-N_BZhPw19nanGJ61i5QmzFX3bZqVHW20OEFCacU5ZyQDa9idqNqKlzU2Op7ea910N254lCSF9ky4s1ULSaDN37UopiKJvCWsjIS4MiwQiv-wFMMx9RpDClFtI0IP97Tzfn6hZTrMoh0WOnXEZaWDmps9PMbGqrRV2WBLIuJITI9MV6PK-sNzIkbwCEwNJS2efAm31WWw",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0 NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3 MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0 ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X 9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2 aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/ /LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
grant_type=client_credentials&scope=consents&client_id=xp-bank-two&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRlYWY5NGNiN2NiOWI5N2JlMzBkM2NjMjg5YmZhN2M5ZDc0MjUwMzAxNjRkYTJhMmVhOGUyNDI4NzU2OTJmYjQifQ.eyJpYXQiOjE2NDgxNzU3NjgsImV4cCI6MTY0ODE3NTgyOCwianRpIjoid1NheDVSdEpkek9kbl94TlQ0V2QtVnpSU1B1cHdRcHhFZzYwVDk1U1FSZyIsImlzcyI6InhwLWJhbmstdHdvIiwic3ViIjoieHAtYmFuay10d28iLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS94cC8iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3hwL3Rva2VuIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL3hwL3Rva2VuIl19.DFF_c1MLvEhKmnuJD8j209bvLiT4IaR3oNOGTYWfxOUCvRvPdFQvSL1TdVcmeBsp-e7ZP6lkrVLRtZ_aYYEQ6l9Sg8bDJIhGA2Fg62hGY44rrxlioQaJqs1JKbg0AeX-ncM0SymznTPD_-N_BZhPw19nanGJ61i5QmzFX3bZqVHW20OEFCacU5ZyQDa9idqNqKlzU2Op7ea910N254lCSF9ky4s1ULSaDN37UopiKJvCWsjIS4MiwQiv-wFMMx9RpDClFtI0IP97Tzfn6hZTrMoh0WOnXEZaWDmps9PMbGqrRV2WBLIuJITI9MV6PK-sNzIkbwCEwNJS2efAm31WWw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-03-25 02:36:08 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Token endpoint
2022-03-25 02:36:08 SUCCESS
CheckClientIdMatchesOnTokenRequestIfPresent
Extracted client_id matches the expected value
client_id
xp-bank-two
2022-03-25 02:36:08 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0 NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3 MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0 ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X 9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2 aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/ /LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0\nNDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp\nbyBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3\nMTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku\nY29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0\nZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is\nZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p\nf2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X\n9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy\nFGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe\nq0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c\njsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj\nggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz\nsDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB\nAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i\nYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js\nMBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM\nMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB\ngDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs\neSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl\nciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2\naWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl\naXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m\nIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k\nIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v\nY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll\nczANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/\n/LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb\nU930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV\nSvi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN\nDTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE\nG4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d6ab7e84d-a489-479e-9b8d-f52a768f5ce3,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3333323634363638303030313033,CN\u003dxpi.com.br,OU\u003d79717d71-0cf4-58f6-b2d0-370d5404d383,O\u003dBCO XP S.A.,L\u003dRio de Janeiro,ST\u003dRJ,C\u003dBR"
  },
  "sanDnsNames": [
    "xpi.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-25 02:36:08 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-25 02:36:08 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0
NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp
byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3
MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku
Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0
ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is
ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p
f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X
9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy
FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe
q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c
jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj
ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz
sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB
AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i
YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js
MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM
MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB
gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs
eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl
ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2
aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl
aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m
IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k
IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v
Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll
czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/
/LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb
U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV
Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN
DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE
G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A==
-----END CERTIFICATE-----
2022-03-25 02:36:08 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRlYWY5NGNiN2NiOWI5N2JlMzBkM2NjMjg5YmZhN2M5ZDc0MjUwMzAxNjRkYTJhMmVhOGUyNDI4NzU2OTJmYjQifQ.eyJpYXQiOjE2NDgxNzU3NjgsImV4cCI6MTY0ODE3NTgyOCwianRpIjoid1NheDVSdEpkek9kbl94TlQ0V2QtVnpSU1B1cHdRcHhFZzYwVDk1U1FSZyIsImlzcyI6InhwLWJhbmstdHdvIiwic3ViIjoieHAtYmFuay10d28iLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS94cC8iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3hwL3Rva2VuIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL3hwL3Rva2VuIl19.DFF_c1MLvEhKmnuJD8j209bvLiT4IaR3oNOGTYWfxOUCvRvPdFQvSL1TdVcmeBsp-e7ZP6lkrVLRtZ_aYYEQ6l9Sg8bDJIhGA2Fg62hGY44rrxlioQaJqs1JKbg0AeX-ncM0SymznTPD_-N_BZhPw19nanGJ61i5QmzFX3bZqVHW20OEFCacU5ZyQDa9idqNqKlzU2Op7ea910N254lCSF9ky4s1ULSaDN37UopiKJvCWsjIS4MiwQiv-wFMMx9RpDClFtI0IP97Tzfn6hZTrMoh0WOnXEZaWDmps9PMbGqrRV2WBLIuJITI9MV6PK-sNzIkbwCEwNJS2efAm31WWw",
  "header": {
    "kid": "deaf94cb7cb9b97be30d3cc289bfa7c9d7425030164da2a2ea8e242875692fb4",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "xp-bank-two",
    "aud": [
      "https://www.certification.openid.net/test/a/xp/",
      "https://www.certification.openid.net/test/a/xp/token",
      "https://www.certification.openid.net/test-mtls/a/xp/token"
    ],
    "iss": "xp-bank-two",
    "exp": 1648175828,
    "iat": 1648175768,
    "jti": "wSax5RtJdzOdn_xNT4Wd-VzRSPupwQpxEg60T95SQRg"
  }
}
2022-03-25 02:36:08
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-03-25 02:36:08 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRlYWY5NGNiN2NiOWI5N2JlMzBkM2NjMjg5YmZhN2M5ZDc0MjUwMzAxNjRkYTJhMmVhOGUyNDI4NzU2OTJmYjQifQ.eyJpYXQiOjE2NDgxNzU3NjgsImV4cCI6MTY0ODE3NTgyOCwianRpIjoid1NheDVSdEpkek9kbl94TlQ0V2QtVnpSU1B1cHdRcHhFZzYwVDk1U1FSZyIsImlzcyI6InhwLWJhbmstdHdvIiwic3ViIjoieHAtYmFuay10d28iLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS94cC8iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3hwL3Rva2VuIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL3hwL3Rva2VuIl19.DFF_c1MLvEhKmnuJD8j209bvLiT4IaR3oNOGTYWfxOUCvRvPdFQvSL1TdVcmeBsp-e7ZP6lkrVLRtZ_aYYEQ6l9Sg8bDJIhGA2Fg62hGY44rrxlioQaJqs1JKbg0AeX-ncM0SymznTPD_-N_BZhPw19nanGJ61i5QmzFX3bZqVHW20OEFCacU5ZyQDa9idqNqKlzU2Op7ea910N254lCSF9ky4s1ULSaDN37UopiKJvCWsjIS4MiwQiv-wFMMx9RpDClFtI0IP97Tzfn6hZTrMoh0WOnXEZaWDmps9PMbGqrRV2WBLIuJITI9MV6PK-sNzIkbwCEwNJS2efAm31WWw
2022-03-25 02:36:08 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-03-25 02:36:08 SUCCESS
ValidateClientAssertionClaims
Client Assertion passed all validation checks
2022-03-25 02:36:08 SUCCESS
FAPIBrazilExtractRequestedScopeFromClientCredentialsGrant
Found 'consents' scope in request
actual
[
  "consents"
]
expected
consents
2022-03-25 02:36:08 SUCCESS
GenerateBearerAccessToken
Generated access token
access_token
i2TexquR0HgoNIVdEYZXrfPEKBohyWI5lRyq2yb65Kv0u64fyF
2022-03-25 02:36:08 SUCCESS
CreateTokenEndpointResponse
Created token endpoint response
access_token
i2TexquR0HgoNIVdEYZXrfPEKBohyWI5lRyq2yb65Kv0u64fyF
token_type
Bearer
2022-03-25 02:36:08
CopyAccessTokenToClientCredentialsField
Condition ran but did not log anything
2022-03-25 02:36:08 OUTGOING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Response to HTTP request to test instance 8pIsBPqWjSNdT1x
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "access_token": "i2TexquR0HgoNIVdEYZXrfPEKBohyWI5lRyq2yb65Kv0u64fyF",
  "token_type": "Bearer"
}
outgoing_path
token
2022-03-25 02:36:09 INCOMING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Incoming HTTP request to /test-mtls/a/xp/consents/v1/consents
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "application/json, text/plain, */*",
  "content-type": "application/json",
  "authorization": "Bearer i2TexquR0HgoNIVdEYZXrfPEKBohyWI5lRyq2yb65Kv0u64fyF",
  "user-agent": "axios/0.24.0",
  "x-datadog-trace-id": "710052890436720395",
  "x-datadog-parent-id": "5411903750743974234",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close",
  "content-length": "1186"
}
incoming_path
/test-mtls/a/xp/consents/v1/consents
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0 NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3 MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0 ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X 9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2 aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/ /LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A== -----END CERTIFICATE-----
incoming_body_json
{
  "data": {
    "loggedUser": {
      "document": {
        "identification": "57784518064",
        "rel": "CPF"
      }
    },
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_OVERDRAFT_LIMITS_READ",
      "ACCOUNTS_BALANCES_READ",
      "ACCOUNTS_TRANSACTIONS_READ",
      "CREDIT_CARDS_ACCOUNTS_BILLS_READ",
      "CREDIT_CARDS_ACCOUNTS_BILLS_TRANSACTIONS_READ",
      "CREDIT_CARDS_ACCOUNTS_LIMITS_READ",
      "CREDIT_CARDS_ACCOUNTS_READ",
      "CREDIT_CARDS_ACCOUNTS_TRANSACTIONS_READ",
      "CUSTOMERS_PERSONAL_ADITTIONALINFO_READ",
      "CUSTOMERS_PERSONAL_IDENTIFICATIONS_READ",
      "LOANS_READ",
      "LOANS_WARRANTIES_READ",
      "LOANS_SCHEDULED_INSTALMENTS_READ",
      "LOANS_PAYMENTS_READ",
      "FINANCINGS_READ",
      "FINANCINGS_WARRANTIES_READ",
      "FINANCINGS_SCHEDULED_INSTALMENTS_READ",
      "FINANCINGS_PAYMENTS_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_WARRANTIES_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_SCHEDULED_INSTALMENTS_READ",
      "UNARRANGED_ACCOUNTS_OVERDRAFT_PAYMENTS_READ",
      "INVOICE_FINANCINGS_READ",
      "INVOICE_FINANCINGS_WARRANTIES_READ",
      "INVOICE_FINANCINGS_SCHEDULED_INSTALMENTS_READ",
      "INVOICE_FINANCINGS_PAYMENTS_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2021-12-31T00:00:00.000Z",
    "transactionFromDateTime": "2021-08-10T00:00:00.000Z",
    "transactionToDateTime": "2021-12-31T23:59:59.000Z"
  }
}
incoming_query_string_params
{}
incoming_body
{"data":{"loggedUser":{"document":{"identification":"57784518064","rel":"CPF"}},"permissions":["ACCOUNTS_READ","ACCOUNTS_OVERDRAFT_LIMITS_READ","ACCOUNTS_BALANCES_READ","ACCOUNTS_TRANSACTIONS_READ","CREDIT_CARDS_ACCOUNTS_BILLS_READ","CREDIT_CARDS_ACCOUNTS_BILLS_TRANSACTIONS_READ","CREDIT_CARDS_ACCOUNTS_LIMITS_READ","CREDIT_CARDS_ACCOUNTS_READ","CREDIT_CARDS_ACCOUNTS_TRANSACTIONS_READ","CUSTOMERS_PERSONAL_ADITTIONALINFO_READ","CUSTOMERS_PERSONAL_IDENTIFICATIONS_READ","LOANS_READ","LOANS_WARRANTIES_READ","LOANS_SCHEDULED_INSTALMENTS_READ","LOANS_PAYMENTS_READ","FINANCINGS_READ","FINANCINGS_WARRANTIES_READ","FINANCINGS_SCHEDULED_INSTALMENTS_READ","FINANCINGS_PAYMENTS_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_WARRANTIES_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_SCHEDULED_INSTALMENTS_READ","UNARRANGED_ACCOUNTS_OVERDRAFT_PAYMENTS_READ","INVOICE_FINANCINGS_READ","INVOICE_FINANCINGS_WARRANTIES_READ","INVOICE_FINANCINGS_SCHEDULED_INSTALMENTS_READ","INVOICE_FINANCINGS_PAYMENTS_READ","RESOURCES_READ"],"expirationDateTime":"2021-12-31T00:00:00.000Z","transactionFromDateTime":"2021-08-10T00:00:00.000Z","transactionToDateTime":"2021-12-31T23:59:59.000Z"}}
2022-03-25 02:36:09 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
New consent endpoint
2022-03-25 02:36:09 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0 NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3 MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0 ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X 9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2 aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/ /LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0\nNDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp\nbyBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3\nMTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku\nY29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0\nZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is\nZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p\nf2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X\n9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy\nFGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe\nq0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c\njsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj\nggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz\nsDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB\nAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i\nYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js\nMBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM\nMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB\ngDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs\neSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl\nciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2\naWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl\naXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m\nIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k\nIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v\nY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll\nczANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/\n/LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb\nU930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV\nSvi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN\nDTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE\nG4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d6ab7e84d-a489-479e-9b8d-f52a768f5ce3,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3333323634363638303030313033,CN\u003dxpi.com.br,OU\u003d79717d71-0cf4-58f6-b2d0-370d5404d383,O\u003dBCO XP S.A.,L\u003dRio de Janeiro,ST\u003dRJ,C\u003dBR"
  },
  "sanDnsNames": [
    "xpi.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-25 02:36:09 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-25 02:36:09 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0
NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp
byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3
MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku
Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0
ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is
ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p
f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X
9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy
FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe
q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c
jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj
ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz
sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB
AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i
YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js
MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM
MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB
gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs
eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl
ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2
aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl
aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m
IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k
IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v
Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll
czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/
/LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb
U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV
Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN
DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE
G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A==
-----END CERTIFICATE-----
2022-03-25 02:36:09 SUCCESS
EnsureIncomingRequestMethodIsPost
Client correctly used http POST method
2022-03-25 02:36:09 SUCCESS
EnsureBearerAccessTokenNotInParams
Client correctly did not send access token in query parameters or form body
2022-03-25 02:36:09 SUCCESS
ExtractBearerAccessTokenFromHeader
Found access token on incoming request
access_token
i2TexquR0HgoNIVdEYZXrfPEKBohyWI5lRyq2yb65Kv0u64fyF
2022-03-25 02:36:09 SUCCESS
RequireBearerClientCredentialsAccessToken
Found access token in request
actual
i2TexquR0HgoNIVdEYZXrfPEKBohyWI5lRyq2yb65Kv0u64fyF
2022-03-25 02:36:09 INFO
ExtractFapiDateHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-auth-date
path
headers.x-fapi-auth-date
mapped
object
incoming_request
2022-03-25 02:36:09 INFO
ExtractFapiIpAddressHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-customer-ip-address
path
headers.x-fapi-customer-ip-address
mapped
object
incoming_request
2022-03-25 02:36:09 INFO
ExtractFapiInteractionIdHeader
Skipped evaluation due to missing required element: incoming_request headers.x-fapi-interaction-id
path
headers.x-fapi-interaction-id
mapped
object
incoming_request
2022-03-25 02:36:09 SUCCESS
FAPIBrazilEnsureClientCredentialsScopeContainedConsents
The token request which was used to obtain the access token contained 'consents' scope
actual
[
  "consents"
]
2022-03-25 02:36:09
FAPIBrazilExtractConsentRequest
Condition ran but did not log anything
2022-03-25 02:36:09 SUCCESS
CreateFapiInteractionIdIfNeeded
Created new FAPI interaction ID
fapi_interaction_id
02246d6a-7cb8-4b54-bb0a-7b757b7bedc4
2022-03-25 02:36:09 SUCCESS
FAPIBrazilGenerateNewConsentResponse
Created consent response
headers
{
  "x-fapi-interaction-id": "02246d6a-7cb8-4b54-bb0a-7b757b7bedc4"
}
consentId
urn:conformance:oidf:wbIA7UTKxP
consent_response
{
  "data": {
    "consentId": "urn:conformance:oidf:wbIA7UTKxP",
    "creationDateTime": "2022-03-25T02:36:09Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2022-03-25T02:36:09Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2022-03-25T04:36:09Z",
    "transactionFromDateTime": "2022-03-25T02:31:09Z",
    "transactionToDateTime": "2022-03-25T04:36:09Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/xpconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-03-25T02:36:09Z"
  }
}
2022-03-25 02:36:09
ClearAccessTokenFromRequest
Condition ran but did not log anything
2022-03-25 02:36:09 OUTGOING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Response to HTTP request to test instance 8pIsBPqWjSNdT1x
outgoing_status_code
201
outgoing_headers
{
  "x-fapi-interaction-id": [
    "02246d6a-7cb8-4b54-bb0a-7b757b7bedc4"
  ]
}
outgoing_body
{
  "data": {
    "consentId": "urn:conformance:oidf:wbIA7UTKxP",
    "creationDateTime": "2022-03-25T02:36:09Z",
    "status": "AWAITING_AUTHORISATION",
    "statusUpdateDateTime": "2022-03-25T02:36:09Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2022-03-25T04:36:09Z",
    "transactionFromDateTime": "2022-03-25T02:31:09Z",
    "transactionToDateTime": "2022-03-25T04:36:09Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/xpconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-03-25T02:36:09Z"
  }
}
outgoing_path
consents/v1/consents
2022-03-25 02:36:10 INCOMING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Incoming HTTP request to /test-mtls/a/xp/par
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "710052890436720395",
  "x-datadog-parent-id": "8293271298902112481",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close",
  "content-length": "2443"
}
incoming_path
/test-mtls/a/xp/par
incoming_body_form_params
{
  "request": "eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJkZWFmOTRjYjdjYjliOTdiZTMwZDNjYzI4OWJmYTdjOWQ3NDI1MDMwMTY0ZGEyYTJlYThlMjQyODc1NjkyZmI0In0.eyJub25jZSI6InhXaUhFUjMzeHVwalVlMThTYlJYLWRqUkJWVk10dUhDUUF2dU1JRjhTQnMiLCJzdGF0ZSI6Im5QVEhwX01hNlk2alJ3dnVOaXZWeGUtenNCeVBha0lIeGZvMVBRUEgxTWMiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZTpvaWRmOndiSUE3VVRLeFAgYWNjb3VudHMgcmVzb3VyY2VzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczovL29wZW5iYW5raW5nLXJlZGlyZWN0LWhtbC54cGkuY29tLmJyLyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMiIsInVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMyJdLCJlc3NlbnRpYWwiOnRydWV9fX0sImNvZGVfY2hhbGxlbmdlIjoiQmo5ckw2bEJrMHhnblNuLW5fcTEwTlhLZWtfVUltT0ROTFV5VS1iSmQwayIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJpc3MiOiJ4cC1iYW5rLXR3byIsImF1ZCI6Imh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EveHAvIiwiY2xpZW50X2lkIjoieHAtYmFuay10d28iLCJqdGkiOiJQaUpWY200R2Y2b1JwcmVHYjJXY2NSdzc2NUhnLWU1RmMwUzNDdy1WWWJjIiwiaWF0IjoxNjQ4MTc1NzY5LCJleHAiOjE2NDgxNzYwNjksIm5iZiI6MTY0ODE3NTc2OX0.Mq9zXkXriJfwNGCtH1QR5j8sjr_z8-EQADUyVXiK24XWzVTe2feVqaUEyYBkYvKXz3UNZjYR0Myz2tU21D9ce3NAhkiDSznVGA0OrQiQ6m8dyKtrRavOsOya5Rqssa6BEGr0MC1ZfEmxjhDmaCXzGcdORQySYohs6jNRLfCOFNbXh2wb8hen2lwk3E-aiYaUNiqvu0m_ceCg-q74xAAYJSVIPl3nv2_omWvRp6wnq5DUyXoCsmgznT7M5YXoJ36lEvmhDrJxHN9ma7DzxLbFWNhzGYk3FOljTUwomaw6gn1QuCOdBVsRFOmp4-32H3dtjrfx_fZilA6mAVVLgL3kvQ",
  "client_id": "xp-bank-two",
  "client_assertion": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRlYWY5NGNiN2NiOWI5N2JlMzBkM2NjMjg5YmZhN2M5ZDc0MjUwMzAxNjRkYTJhMmVhOGUyNDI4NzU2OTJmYjQifQ.eyJpYXQiOjE2NDgxNzU3NjksImV4cCI6MTY0ODE3NTgyOSwianRpIjoiQ1pBT3Q2TnI3d0RUdkVja3p0R0g0Ym9jbWdiM21HOHVLWHh2ZXd4WU0wRSIsImlzcyI6InhwLWJhbmstdHdvIiwic3ViIjoieHAtYmFuay10d28iLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS94cC8iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3hwL3Rva2VuIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL3hwL3Rva2VuIl19.RMw6CmiZFDWtOl4-Vzp20aNDJ5qlG6R3EmR-yOGuqb08gmZh2kLugJ5FW9W6oq22vqEKX4eGK2z6LGfBo-yLD7FCfL9QVA0ixJ31Sdv2uB-up2XLLppxiJaEGNu0jgjT835YJNkUxy0P3n_vTtadPo4ZYSeO_Xduay3NrC3XuFSS9lTAVIQGzfSW345XKyE6-4auCOjw1BDpVRaIE_p18tAoLC8yRYfhM7L0cz3ELHVItombe249W-YPu5cMfhKuoi61-I16VddEkgzP5EGhAf2H07SYT28p-xzySFmOlVsdrGZME8QsNaREulmgW_ag1goyhl0rQTK71xa3L-PLzg",
  "client_assertion_type": "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
}
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
-----BEGIN CERTIFICATE----- MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0 NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3 MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0 ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X 9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2 aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/ /LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A== -----END CERTIFICATE-----
incoming_body_json
incoming_query_string_params
{}
incoming_body
request=eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJkZWFmOTRjYjdjYjliOTdiZTMwZDNjYzI4OWJmYTdjOWQ3NDI1MDMwMTY0ZGEyYTJlYThlMjQyODc1NjkyZmI0In0.eyJub25jZSI6InhXaUhFUjMzeHVwalVlMThTYlJYLWRqUkJWVk10dUhDUUF2dU1JRjhTQnMiLCJzdGF0ZSI6Im5QVEhwX01hNlk2alJ3dnVOaXZWeGUtenNCeVBha0lIeGZvMVBRUEgxTWMiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZTpvaWRmOndiSUE3VVRLeFAgYWNjb3VudHMgcmVzb3VyY2VzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczovL29wZW5iYW5raW5nLXJlZGlyZWN0LWhtbC54cGkuY29tLmJyLyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMiIsInVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMyJdLCJlc3NlbnRpYWwiOnRydWV9fX0sImNvZGVfY2hhbGxlbmdlIjoiQmo5ckw2bEJrMHhnblNuLW5fcTEwTlhLZWtfVUltT0ROTFV5VS1iSmQwayIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJpc3MiOiJ4cC1iYW5rLXR3byIsImF1ZCI6Imh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EveHAvIiwiY2xpZW50X2lkIjoieHAtYmFuay10d28iLCJqdGkiOiJQaUpWY200R2Y2b1JwcmVHYjJXY2NSdzc2NUhnLWU1RmMwUzNDdy1WWWJjIiwiaWF0IjoxNjQ4MTc1NzY5LCJleHAiOjE2NDgxNzYwNjksIm5iZiI6MTY0ODE3NTc2OX0.Mq9zXkXriJfwNGCtH1QR5j8sjr_z8-EQADUyVXiK24XWzVTe2feVqaUEyYBkYvKXz3UNZjYR0Myz2tU21D9ce3NAhkiDSznVGA0OrQiQ6m8dyKtrRavOsOya5Rqssa6BEGr0MC1ZfEmxjhDmaCXzGcdORQySYohs6jNRLfCOFNbXh2wb8hen2lwk3E-aiYaUNiqvu0m_ceCg-q74xAAYJSVIPl3nv2_omWvRp6wnq5DUyXoCsmgznT7M5YXoJ36lEvmhDrJxHN9ma7DzxLbFWNhzGYk3FOljTUwomaw6gn1QuCOdBVsRFOmp4-32H3dtjrfx_fZilA6mAVVLgL3kvQ&client_id=xp-bank-two&client_assertion=eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRlYWY5NGNiN2NiOWI5N2JlMzBkM2NjMjg5YmZhN2M5ZDc0MjUwMzAxNjRkYTJhMmVhOGUyNDI4NzU2OTJmYjQifQ.eyJpYXQiOjE2NDgxNzU3NjksImV4cCI6MTY0ODE3NTgyOSwianRpIjoiQ1pBT3Q2TnI3d0RUdkVja3p0R0g0Ym9jbWdiM21HOHVLWHh2ZXd4WU0wRSIsImlzcyI6InhwLWJhbmstdHdvIiwic3ViIjoieHAtYmFuay10d28iLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS94cC8iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3hwL3Rva2VuIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL3hwL3Rva2VuIl19.RMw6CmiZFDWtOl4-Vzp20aNDJ5qlG6R3EmR-yOGuqb08gmZh2kLugJ5FW9W6oq22vqEKX4eGK2z6LGfBo-yLD7FCfL9QVA0ixJ31Sdv2uB-up2XLLppxiJaEGNu0jgjT835YJNkUxy0P3n_vTtadPo4ZYSeO_Xduay3NrC3XuFSS9lTAVIQGzfSW345XKyE6-4auCOjw1BDpVRaIE_p18tAoLC8yRYfhM7L0cz3ELHVItombe249W-YPu5cMfhKuoi61-I16VddEkgzP5EGhAf2H07SYT28p-xzySFmOlVsdrGZME8QsNaREulmgW_ag1goyhl0rQTK71xa3L-PLzg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
2022-03-25 02:36:10 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
PAR endpoint
2022-03-25 02:36:10 SUCCESS
ExtractClientCertificateFromTokenEndpointRequestHeaders
Extracted client certificate
client_certificate
{
  "cert": "-----BEGIN CERTIFICATE----- MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0 NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3 MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0 ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X 9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2 aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/ /LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A\u003d\u003d -----END CERTIFICATE-----",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL\nBQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx\nFTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB\nTkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0\nNDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp\nbyBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3\nMTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku\nY29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0\nZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is\nZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p\nf2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X\n9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy\nFGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe\nq0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c\njsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj\nggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz\nsDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB\nAQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i\nYW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js\nLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js\nMBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM\nMAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB\ngDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs\neSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl\nciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2\naWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl\naXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m\nIHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k\nIHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v\nY3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll\nczANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/\n/LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb\nU930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV\nSvi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN\nDTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE\nG4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A\u003d\u003d\n-----END CERTIFICATE-----",
  "subject": {
    "dn": "UID\u003d6ab7e84d-a489-479e-9b8d-f52a768f5ce3,1.3.6.1.4.1.311.60.2.1.3\u003d#13024252,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,2.5.4.5\u003d#130e3333323634363638303030313033,CN\u003dxpi.com.br,OU\u003d79717d71-0cf4-58f6-b2d0-370d5404d383,O\u003dBCO XP S.A.,L\u003dRio de Janeiro,ST\u003dRJ,C\u003dBR"
  },
  "sanDnsNames": [
    "xpi.com.br"
  ],
  "sanUris": [],
  "sanIPs": [],
  "sanEmails": []
}
2022-03-25 02:36:10 SUCCESS
CheckForClientCertificate
Found client certificate
2022-03-25 02:36:10 SUCCESS
EnsureClientCertificateMatches
Presented certificate matches registered certificate
actual
-----BEGIN CERTIFICATE-----
MIIG4TCCBcmgAwIBAgIUMnxi2E7fyORb8/hfKsRfDVgTyAkwDQYJKoZIhvcNAQEL
BQAwcTELMAkGA1UEBhMCQlIxHDAaBgNVBAoTE09wZW4gQmFua2luZyBCcmFzaWwx
FTATBgNVBAsTDE9wZW4gQmFua2luZzEtMCsGA1UEAxMkT3BlbiBCYW5raW5nIFNB
TkRCT1ggSXNzdWluZyBDQSAtIEcxMB4XDTIyMDMxMDE0NDYwMFoXDTIzMDQwOTE0
NDYwMFowggEQMQswCQYDVQQGEwJCUjELMAkGA1UECBMCUkoxFzAVBgNVBAcTDlJp
byBkZSBKYW5laXJvMRQwEgYDVQQKEwtCQ08gWFAgUy5BLjEtMCsGA1UECxMkNzk3
MTdkNzEtMGNmNC01OGY2LWIyZDAtMzcwZDU0MDRkMzgzMRMwEQYDVQQDEwp4cGku
Y29tLmJyMRcwFQYDVQQFEw4zMzI2NDY2ODAwMDEwMzEdMBsGA1UEDxMUUHJpdmF0
ZSBPcmdhbml6YXRpb24xEzARBgsrBgEEAYI3PAIBAxMCQlIxNDAyBgoJkiaJk/Is
ZAEBEyQ2YWI3ZTg0ZC1hNDg5LTQ3OWUtOWI4ZC1mNTJhNzY4ZjVjZTMwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCleJvZUBcvtczbPO6jcLAjCzOexl7p
f2KGDDPHZ+Ddp99fOVQRProFdWqbT3vjtSIxXMZRgscl+pucbcVnkTSMMh8+DI6X
9HasYOhw3GVPzj6zf1VEtXrgKc57gOt2462BFN6qsLQkZE+qgGhyfSiOdYUREmjy
FGl7OPo/N5geErMTvDfnz2FXUbg1IfniIJI5+cI61U3pa2C67GZF24bHzkwjPPGe
q0Y0fjK6itDPm1h9uW+fKvfVR5RGB8uwDJVOoiarlAOIuh5FhXW0ohsRUtel/r7c
jsRtDVW5o2VOoVTCKinFEfu8xj7mXWjXrB7/mmE4/JXfImvoLwYQGu6DAgMBAAGj
ggLOMIICyjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSjiVYxezINRKHAn1tneyOz
sDeUBDAfBgNVHSMEGDAWgBSGf1itF/WCtk60BbP7sM4RQ99MvjBMBggrBgEFBQcB
AQRAMD4wPAYIKwYBBQUHMAGGMGh0dHA6Ly9vY3NwLnNhbmRib3gucGtpLm9wZW5i
YW5raW5nYnJhc2lsLm9yZy5icjBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3Js
LnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9pc3N1ZXIuY3Js
MBUGA1UdEQQOMAyCCnhwaS5jb20uYnIwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM
MAoGCCsGAQUFBwMCMIIBoQYDVR0gBIIBmDCCAZQwggGQBgorBgEEAYO6L2QBMIIB
gDCCATYGCCsGAQUFBwICMIIBKAyCASRUaGlzIENlcnRpZmljYXRlIGlzIHNvbGVs
eSBmb3IgdXNlIHdpdGggUmFpZGlhbSBTZXJ2aWNlcyBMaW1pdGVkIGFuZCBvdGhl
ciBwYXJ0aWNpcGF0aW5nIG9yZ2FuaXNhdGlvbnMgdXNpbmcgUmFpZGlhbSBTZXJ2
aWNlcyBMaW1pdGVkcyBUcnVzdCBGcmFtZXdvcmsgU2VydmljZXMuIEl0cyByZWNl
aXB0LCBwb3NzZXNzaW9uIG9yIHVzZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m
IHRoZSBSYWlkaWFtIFNlcnZpY2VzIEx0ZCBDZXJ0aWNpY2F0ZSBQb2xpY3kgYW5k
IHJlbGF0ZWQgZG9jdW1lbnRzIHRoZXJlaW4uMEQGCCsGAQUFBwIBFjhodHRwOi8v
Y3BzLnNhbmRib3gucGtpLm9wZW5iYW5raW5nYnJhc2lsLm9yZy5ici9wb2xpY2ll
czANBgkqhkiG9w0BAQsFAAOCAQEA2lqeV/ACHCjugwoaW+s0VEf3Q303D6ev5MU/
/LsXp16CvAw5IGDM2zvxB6d6NEPalRQW6516LvuNd9smQSrsWceN84FUEV4cj+Mb
U930QV0m5GPVtSDAxO6bijN1HCdUeWZSfQMVfgQdbjTb2QeHQuqXzg3mwNdNGFwV
Svi7aeVjV9EF+U3/Q1UdTcg4E/ZYXPkV0dXHU5LRDIn2SEhpl2FkIFUzffeMo0LN
DTPN+Py3X9yQqtu1lT/gnBFty70M8K3YOppM7yxyv6UU2MYVGUNEoSsmZsFQeHXE
G4nQeYbVD/T4dNYqAAqgecF+/+MTq+ESI4liTH3BQR0FNNn41A==
-----END CERTIFICATE-----
2022-03-25 02:36:10 SUCCESS
ExtractClientAssertion
Parsed client assertion
client_assertion
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRlYWY5NGNiN2NiOWI5N2JlMzBkM2NjMjg5YmZhN2M5ZDc0MjUwMzAxNjRkYTJhMmVhOGUyNDI4NzU2OTJmYjQifQ.eyJpYXQiOjE2NDgxNzU3NjksImV4cCI6MTY0ODE3NTgyOSwianRpIjoiQ1pBT3Q2TnI3d0RUdkVja3p0R0g0Ym9jbWdiM21HOHVLWHh2ZXd4WU0wRSIsImlzcyI6InhwLWJhbmstdHdvIiwic3ViIjoieHAtYmFuay10d28iLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS94cC8iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3hwL3Rva2VuIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL3hwL3Rva2VuIl19.RMw6CmiZFDWtOl4-Vzp20aNDJ5qlG6R3EmR-yOGuqb08gmZh2kLugJ5FW9W6oq22vqEKX4eGK2z6LGfBo-yLD7FCfL9QVA0ixJ31Sdv2uB-up2XLLppxiJaEGNu0jgjT835YJNkUxy0P3n_vTtadPo4ZYSeO_Xduay3NrC3XuFSS9lTAVIQGzfSW345XKyE6-4auCOjw1BDpVRaIE_p18tAoLC8yRYfhM7L0cz3ELHVItombe249W-YPu5cMfhKuoi61-I16VddEkgzP5EGhAf2H07SYT28p-xzySFmOlVsdrGZME8QsNaREulmgW_ag1goyhl0rQTK71xa3L-PLzg",
  "header": {
    "kid": "deaf94cb7cb9b97be30d3cc289bfa7c9d7425030164da2a2ea8e242875692fb4",
    "typ": "JWT",
    "alg": "PS256"
  },
  "claims": {
    "sub": "xp-bank-two",
    "aud": [
      "https://www.certification.openid.net/test/a/xp/",
      "https://www.certification.openid.net/test/a/xp/token",
      "https://www.certification.openid.net/test-mtls/a/xp/token"
    ],
    "iss": "xp-bank-two",
    "exp": 1648175829,
    "iat": 1648175769,
    "jti": "CZAOt6Nr7wDTvEckztGH4bocmgb3mG8uKXxvewxYM0E"
  }
}
2022-03-25 02:36:10
EnsureClientAssertionSignatureAlgorithmMatchesRegistered
token_endpoint_auth_signing_alg is not set for the client, any supported algorithm can be used
2022-03-25 02:36:10 SUCCESS
ValidateClientAssertionSignature
client_assertion signature validated
client_assertion
eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImRlYWY5NGNiN2NiOWI5N2JlMzBkM2NjMjg5YmZhN2M5ZDc0MjUwMzAxNjRkYTJhMmVhOGUyNDI4NzU2OTJmYjQifQ.eyJpYXQiOjE2NDgxNzU3NjksImV4cCI6MTY0ODE3NTgyOSwianRpIjoiQ1pBT3Q2TnI3d0RUdkVja3p0R0g0Ym9jbWdiM21HOHVLWHh2ZXd4WU0wRSIsImlzcyI6InhwLWJhbmstdHdvIiwic3ViIjoieHAtYmFuay10d28iLCJhdWQiOlsiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QvYS94cC8iLCJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL3hwL3Rva2VuIiwiaHR0cHM6Ly93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0L3Rlc3QtbXRscy9hL3hwL3Rva2VuIl19.RMw6CmiZFDWtOl4-Vzp20aNDJ5qlG6R3EmR-yOGuqb08gmZh2kLugJ5FW9W6oq22vqEKX4eGK2z6LGfBo-yLD7FCfL9QVA0ixJ31Sdv2uB-up2XLLppxiJaEGNu0jgjT835YJNkUxy0P3n_vTtadPo4ZYSeO_Xduay3NrC3XuFSS9lTAVIQGzfSW345XKyE6-4auCOjw1BDpVRaIE_p18tAoLC8yRYfhM7L0cz3ELHVItombe249W-YPu5cMfhKuoi61-I16VddEkgzP5EGhAf2H07SYT28p-xzySFmOlVsdrGZME8QsNaREulmgW_ag1goyhl0rQTK71xa3L-PLzg
2022-03-25 02:36:10 SUCCESS
EnsureClientAssertionTypeIsJwt
Found JWT assertion type
assertion type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-03-25 02:36:10 SUCCESS
ValidateClientAssertionClaimsForPAREndpoint
Client Assertion passed all validation checks
2022-03-25 02:36:10 SUCCESS
ExtractRequestObjectFromPAREndpointRequest
Parsed request object
request_object
{
  "value": "eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJkZWFmOTRjYjdjYjliOTdiZTMwZDNjYzI4OWJmYTdjOWQ3NDI1MDMwMTY0ZGEyYTJlYThlMjQyODc1NjkyZmI0In0.eyJub25jZSI6InhXaUhFUjMzeHVwalVlMThTYlJYLWRqUkJWVk10dUhDUUF2dU1JRjhTQnMiLCJzdGF0ZSI6Im5QVEhwX01hNlk2alJ3dnVOaXZWeGUtenNCeVBha0lIeGZvMVBRUEgxTWMiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZTpvaWRmOndiSUE3VVRLeFAgYWNjb3VudHMgcmVzb3VyY2VzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczovL29wZW5iYW5raW5nLXJlZGlyZWN0LWhtbC54cGkuY29tLmJyLyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMiIsInVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMyJdLCJlc3NlbnRpYWwiOnRydWV9fX0sImNvZGVfY2hhbGxlbmdlIjoiQmo5ckw2bEJrMHhnblNuLW5fcTEwTlhLZWtfVUltT0ROTFV5VS1iSmQwayIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJpc3MiOiJ4cC1iYW5rLXR3byIsImF1ZCI6Imh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EveHAvIiwiY2xpZW50X2lkIjoieHAtYmFuay10d28iLCJqdGkiOiJQaUpWY200R2Y2b1JwcmVHYjJXY2NSdzc2NUhnLWU1RmMwUzNDdy1WWWJjIiwiaWF0IjoxNjQ4MTc1NzY5LCJleHAiOjE2NDgxNzYwNjksIm5iZiI6MTY0ODE3NTc2OX0.Mq9zXkXriJfwNGCtH1QR5j8sjr_z8-EQADUyVXiK24XWzVTe2feVqaUEyYBkYvKXz3UNZjYR0Myz2tU21D9ce3NAhkiDSznVGA0OrQiQ6m8dyKtrRavOsOya5Rqssa6BEGr0MC1ZfEmxjhDmaCXzGcdORQySYohs6jNRLfCOFNbXh2wb8hen2lwk3E-aiYaUNiqvu0m_ceCg-q74xAAYJSVIPl3nv2_omWvRp6wnq5DUyXoCsmgznT7M5YXoJ36lEvmhDrJxHN9ma7DzxLbFWNhzGYk3FOljTUwomaw6gn1QuCOdBVsRFOmp4-32H3dtjrfx_fZilA6mAVVLgL3kvQ",
  "header": {
    "kid": "deaf94cb7cb9b97be30d3cc289bfa7c9d7425030164da2a2ea8e242875692fb4",
    "typ": "oauth-authz-req+jwt",
    "alg": "PS256"
  },
  "claims": {
    "iss": "xp-bank-two",
    "response_type": "code id_token",
    "code_challenge_method": "S256",
    "nonce": "xWiHER33xupjUe18SbRX-djRBVVMtuHCQAvuMIF8SBs",
    "client_id": "xp-bank-two",
    "aud": "https://www.certification.openid.net/test/a/xp/",
    "nbf": 1648175769,
    "scope": "openid consent:urn:conformance:oidf:wbIA7UTKxP accounts resources",
    "claims": {
      "id_token": {
        "acr": {
          "values": [
            "urn:brasil:openbanking:loa2",
            "urn:brasil:openbanking:loa3"
          ],
          "essential": true
        }
      }
    },
    "state": "nPTHp_Ma6Y6jRwvuNivVxe-zsByPakIHxfo1PQPH1Mc",
    "redirect_uri": "https://openbanking-redirect-hml.xpi.com.br/",
    "exp": 1648176069,
    "iat": 1648175769,
    "code_challenge": "Bj9rL6lBk0xgnSn-n_q10NXKek_UImODNLUyU-bJd0k",
    "jti": "PiJVcm4Gf6oRpreGb2WccRw765Hg-e5Fc0S3Cw-VYbc"
  }
}
2022-03-25 02:36:10 SUCCESS
EnsurePAREndpointRequestDoesNotContainRequestUriParameter
PAR endpoint request does not contain a request_uri parameter
2022-03-25 02:36:10 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2022-03-25 02:36:10 SUCCESS
FAPIValidateRequestObjectSigningAlg
Request object was signed with a permitted algorithm
alg
PS256
2022-03-25 02:36:10 SUCCESS
FAPIBrazilValidateRequestObjectIdTokenACRClaims
Acr value in request object is as expected
received
[
  "urn:brasil:openbanking:loa2",
  "urn:brasil:openbanking:loa3"
]
2022-03-25 02:36:10 SUCCESS
FAPIValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Mar 25, 2022, 2:41:09 AM"
2022-03-25 02:36:10 SUCCESS
FAPI1AdvancedValidateRequestObjectNBFClaim
nbf claim is valid
nbf
"Mar 25, 2022, 2:36:09 AM"
now
"Mar 25, 2022, 2:36:10 AM"
2022-03-25 02:36:10
ValidateRequestObjectClaims
Request object does not contain a max_age claim
2022-03-25 02:36:10 SUCCESS
ValidateRequestObjectClaims
Request object claims passed all validation checks
2022-03-25 02:36:10 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2022-03-25 02:36:10 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2022-03-25 02:36:10 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2022-03-25 02:36:10 SUCCESS
ValidateRequestObjectSignature
Request object signature validated using a key in the client's JWKS and using the client's registered request_object_signing_alg
request_object
eyJhbGciOiJQUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJraWQiOiJkZWFmOTRjYjdjYjliOTdiZTMwZDNjYzI4OWJmYTdjOWQ3NDI1MDMwMTY0ZGEyYTJlYThlMjQyODc1NjkyZmI0In0.eyJub25jZSI6InhXaUhFUjMzeHVwalVlMThTYlJYLWRqUkJWVk10dUhDUUF2dU1JRjhTQnMiLCJzdGF0ZSI6Im5QVEhwX01hNlk2alJ3dnVOaXZWeGUtenNCeVBha0lIeGZvMVBRUEgxTWMiLCJzY29wZSI6Im9wZW5pZCBjb25zZW50OnVybjpjb25mb3JtYW5jZTpvaWRmOndiSUE3VVRLeFAgYWNjb3VudHMgcmVzb3VyY2VzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUgaWRfdG9rZW4iLCJyZWRpcmVjdF91cmkiOiJodHRwczovL29wZW5iYW5raW5nLXJlZGlyZWN0LWhtbC54cGkuY29tLmJyLyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWVzIjpbInVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMiIsInVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMyJdLCJlc3NlbnRpYWwiOnRydWV9fX0sImNvZGVfY2hhbGxlbmdlIjoiQmo5ckw2bEJrMHhnblNuLW5fcTEwTlhLZWtfVUltT0ROTFV5VS1iSmQwayIsImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6IlMyNTYiLCJpc3MiOiJ4cC1iYW5rLXR3byIsImF1ZCI6Imh0dHBzOi8vd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldC90ZXN0L2EveHAvIiwiY2xpZW50X2lkIjoieHAtYmFuay10d28iLCJqdGkiOiJQaUpWY200R2Y2b1JwcmVHYjJXY2NSdzc2NUhnLWU1RmMwUzNDdy1WWWJjIiwiaWF0IjoxNjQ4MTc1NzY5LCJleHAiOjE2NDgxNzYwNjksIm5iZiI6MTY0ODE3NTc2OX0.Mq9zXkXriJfwNGCtH1QR5j8sjr_z8-EQADUyVXiK24XWzVTe2feVqaUEyYBkYvKXz3UNZjYR0Myz2tU21D9ce3NAhkiDSznVGA0OrQiQ6m8dyKtrRavOsOya5Rqssa6BEGr0MC1ZfEmxjhDmaCXzGcdORQySYohs6jNRLfCOFNbXh2wb8hen2lwk3E-aiYaUNiqvu0m_ceCg-q74xAAYJSVIPl3nv2_omWvRp6wnq5DUyXoCsmgznT7M5YXoJ36lEvmhDrJxHN9ma7DzxLbFWNhzGYk3FOljTUwomaw6gn1QuCOdBVsRFOmp4-32H3dtjrfx_fZilA6mAVVLgL3kvQ
request_object_signing_alg
PS256
jwk
Sun RSA public key, 2048 bits
  params: null
  modulus: 26682391728276967194954540950724524766209086808905294588982397069936121562333243663764934195647992343177478262727950898924397071202064562861206174158180200480594996725014075862466053567784281183219703630991981300831241081699301237024475570008190972241380552880852780083495508447044517459224554822510775003365910458994533288189492336450582750156012542850962347524024401052699960522810025005147790986998717668357969776801050900287236559832040317568496341942344842285320185599735791731780123979954387030411843226462141502492679161635325436143104264759677865307365533990321146732182660048619467029047252683002320354530447
  public exponent: 65537
2022-03-25 02:36:10 SUCCESS
EnsureMatchingRedirectUriInRequestObject
Redirect URI matched
actual
https://openbanking-redirect-hml.xpi.com.br/
2022-03-25 02:36:10 SUCCESS
EnsureRequestObjectContainsCodeChallengeWhenUsingPAR
Found required PKCE parameters in request
code_challenge_method
S256
code_challenge
Bj9rL6lBk0xgnSn-n_q10NXKek_UImODNLUyU-bJd0k
2022-03-25 02:36:10 SUCCESS
CreatePAREndpointResponse
Created PAR endpoint response
request_uri
urn:ietf:params:oauth:request_uri:875860cf-e3ca-48b6-9fb3-e230cd2587bf
expires_in
600
2022-03-25 02:36:10 OUTGOING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Response to HTTP request to test instance 8pIsBPqWjSNdT1x
outgoing_status_code
201
outgoing_headers
{}
outgoing_body
{
  "request_uri": "urn:ietf:params:oauth:request_uri:875860cf-e3ca-48b6-9fb3-e230cd2587bf",
  "expires_in": 600
}
outgoing_path
par
2022-03-25 02:36:11 INCOMING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Incoming HTTP request to /test/a/xp/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "PostmanRuntime/7.28.4",
  "accept": "*/*",
  "cache-control": "no-cache",
  "postman-token": "555a1205-45f4-4549-95d4-38cb13496c7a",
  "accept-encoding": "gzip, deflate, br",
  "connection": "close"
}
incoming_path
/test/a/xp/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{
  "client_id": "xp-bank-two",
  "scope": "openid consent:urn:conformance:oidf:wbIA7UTKxP accounts resources",
  "response_type": "code id_token",
  "redirect_uri": "https://openbanking-redirect-hml.xpi.com.br/",
  "request_uri": "urn:ietf:params:oauth:request_uri:875860cf-e3ca-48b6-9fb3-e230cd2587bf"
}
incoming_body
2022-03-25 02:36:11 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
Authorization endpoint
2022-03-25 02:36:11 SUCCESS
EnsureAuthorizationRequestDoesNotContainRequestWhenUsingPAR
Request does not contain a request parameter
2022-03-25 02:36:11 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2022-03-25 02:36:11 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "xp-bank-two",
  "scope": "openid consent:urn:conformance:oidf:wbIA7UTKxP accounts resources",
  "response_type": "code id_token",
  "redirect_uri": "https://openbanking-redirect-hml.xpi.com.br/",
  "iss": "xp-bank-two",
  "code_challenge_method": "S256",
  "nonce": "xWiHER33xupjUe18SbRX-djRBVVMtuHCQAvuMIF8SBs",
  "aud": "https://www.certification.openid.net/test/a/xp/",
  "nbf": 1648175769,
  "claims": {
    "id_token": {
      "acr": {
        "values": [
          "urn:brasil:openbanking:loa2",
          "urn:brasil:openbanking:loa3"
        ],
        "essential": true
      }
    }
  },
  "state": "nPTHp_Ma6Y6jRwvuNivVxe-zsByPakIHxfo1PQPH1Mc",
  "exp": 1648176069,
  "iat": 1648175769,
  "code_challenge": "Bj9rL6lBk0xgnSn-n_q10NXKek_UImODNLUyU-bJd0k",
  "jti": "PiJVcm4Gf6oRpreGb2WccRw765Hg-e5Fc0S3Cw-VYbc"
}
2022-03-25 02:36:11 SUCCESS
EnsureClientIdInAuthorizationRequestParametersMatchRequestObject
client_id http request parameter value matches client_id in request object
2022-03-25 02:36:11 SUCCESS
ExtractRequestedScopes
Requested scopes
scope
openid consent:urn:conformance:oidf:wbIA7UTKxP accounts resources
2022-03-25 02:36:11 SUCCESS
FAPIBrazilValidateConsentScope
Found consent scope in request
actual
[
  "openid",
  "consent:urn:conformance:oidf:wbIA7UTKxP",
  "accounts",
  "resources"
]
expected
consent:urn:conformance:oidf:wbIA7UTKxP
2022-03-25 02:36:11 SUCCESS
EnsureScopeContainsAccounts
Found accounts scope in request
actual
[
  "openid",
  "consent:urn:conformance:oidf:wbIA7UTKxP",
  "accounts",
  "resources"
]
2022-03-25 02:36:11 SUCCESS
EnsureResponseTypeIsCodeIdToken
Response type is expected value
expected
code id_token
2022-03-25 02:36:11 SUCCESS
EnsureOpenIDInScopeRequest
Found 'openid' scope in request
actual
[
  "openid",
  "consent:urn:conformance:oidf:wbIA7UTKxP",
  "accounts",
  "resources"
]
expected
openid
2022-03-25 02:36:11 SUCCESS
EnsureMatchingClientId
Client ID matched
client_id
xp-bank-two
2022-03-25 02:36:11 SUCCESS
CreateAuthorizationCode
Created authorization code
authorization_code
1lrJ2jCSy5AJy2ckdcaGFXv07gYP4h3Q
2022-03-25 02:36:11 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
xWiHER33xupjUe18SbRX-djRBVVMtuHCQAvuMIF8SBs
2022-03-25 02:36:11 SUCCESS
CalculateCHash
Successful c_hash encoding
c_hash
jph4YwtuIz-HW5qPTx_Z6A
2022-03-25 02:36:11 SUCCESS
CalculateSHash
Successful s_hash encoding
s_hash
o0t7sPS6PATMYPKCyyXNAA
2022-03-25 02:36:11 SUCCESS
GenerateIdTokenClaims
Created ID Token Claims
iss
https://www.certification.openid.net/test/a/xp/
sub
user-subject-1234531
aud
xp-bank-two
nonce
xWiHER33xupjUe18SbRX-djRBVVMtuHCQAvuMIF8SBs
iat
1648175771
exp
1648176071
2022-03-25 02:36:11 SUCCESS
FAPIBrazilAddCPFAndCPNJToIdTokenClaims
Added claims to id_token claims
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/xp/",
  "sub": "user-subject-1234531",
  "aud": "xp-bank-two",
  "nonce": "xWiHER33xupjUe18SbRX-djRBVVMtuHCQAvuMIF8SBs",
  "iat": 1648175771,
  "exp": 1648176071
}
2022-03-25 02:36:11 SUCCESS
AddCHashToIdTokenClaims
Added c_hash to ID token claims
c_hash
jph4YwtuIz-HW5qPTx_Z6A
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/xp/",
  "sub": "user-subject-1234531",
  "aud": "xp-bank-two",
  "nonce": "xWiHER33xupjUe18SbRX-djRBVVMtuHCQAvuMIF8SBs",
  "iat": 1648175771,
  "exp": 1648176071,
  "c_hash": "jph4YwtuIz-HW5qPTx_Z6A"
}
2022-03-25 02:36:11 SUCCESS
AddSHashToIdTokenClaims
Added s_hash to ID token claims
s_hash
o0t7sPS6PATMYPKCyyXNAA
id_token_claims
{
  "iss": "https://www.certification.openid.net/test/a/xp/",
  "sub": "user-subject-1234531",
  "aud": "xp-bank-two",
  "nonce": "xWiHER33xupjUe18SbRX-djRBVVMtuHCQAvuMIF8SBs",
  "iat": 1648175771,
  "exp": 1648176071,
  "c_hash": "jph4YwtuIz-HW5qPTx_Z6A",
  "s_hash": "o0t7sPS6PATMYPKCyyXNAA"
}
2022-03-25 02:36:11 INFO
AddAtHashToIdTokenClaims
Skipped evaluation due to missing required string: at_hash
expected
at_hash
2022-03-25 02:36:11 SUCCESS
FAPIBrazilAddACRClaimToIdTokenClaims
Added acr value to id_token_claims
acr_value
urn:brasil:openbanking:loa2
claims
{
  "iss": "https://www.certification.openid.net/test/a/xp/",
  "sub": "user-subject-1234531",
  "aud": "xp-bank-two",
  "nonce": "xWiHER33xupjUe18SbRX-djRBVVMtuHCQAvuMIF8SBs",
  "iat": 1648175771,
  "exp": 1648176071,
  "c_hash": "jph4YwtuIz-HW5qPTx_Z6A",
  "s_hash": "o0t7sPS6PATMYPKCyyXNAA",
  "acr": "urn:brasil:openbanking:loa2"
}
2022-03-25 02:36:11 SUCCESS
SignIdToken
Signed the ID token
id_token
eyJraWQiOiJYNWQ0dkZZZkx4YUcxZ2c4X2wzYkZZRmhVYVVWbUU2UGFFc1JXWDJFWXFNIiwiYWxnIjoiUFMyNTYifQ.eyJzdWIiOiJ1c2VyLXN1YmplY3QtMTIzNDUzMSIsImF1ZCI6InhwLWJhbmstdHdvIiwiY19oYXNoIjoianBoNFl3dHVJei1IVzVxUFR4X1o2QSIsImFjciI6InVybjpicmFzaWw6b3BlbmJhbmtpbmc6bG9hMiIsInNfaGFzaCI6Im8wdDdzUFM2UEFUTVlQS0N5eVhOQUEiLCJpc3MiOiJodHRwczpcL1wvd3d3LmNlcnRpZmljYXRpb24ub3BlbmlkLm5ldFwvdGVzdFwvYVwveHBcLyIsImV4cCI6MTY0ODE3NjA3MSwibm9uY2UiOiJ4V2lIRVIzM3h1cGpVZTE4U2JSWC1kalJCVlZNdHVIQ1FBdnVNSUY4U0JzIiwiaWF0IjoxNjQ4MTc1NzcxfQ.TLieRaZhDM_OxifqTYyCuXTxs8PQ9t3eCf3mCSDm9bb31LiLbJvwIQhW7lINvNaqd_O4KMO352ALjMP7iGJDrfs9KFnXMzED0NjACc6BLpgClPETcJkQlozqBkqQXdHRdCZXbisE9pqXbUAWkCJWOei0FXvokCjTOIejhQYZBpZkdw7i0U4iamIjhoIiWG9IIBX3xrQ_IsMiGO19OYF4n2Mlgi7m-wyTkar4i0yp7ArKDg5fbp0i27VmMvgGS-DPf_Rnn0NjUykPwNAs-atH7ZyeJQRsdBTtB3b8di-jN_HZSuTd8Zc43RNgSsqxscXNMFnhoNc-y3_mz37tK8Wjsg
2022-03-25 02:36:11
ChangeIdTokenEncryptedResponseAlgToRSA15
Changed id_token_encrypted_response_alg to RSA1_5
2022-03-25 02:36:11
EncryptIdToken
Encrypted the id token
id_token_encrypted_response_alg
RSA1_5
id_token_encrypted_response_enc
A256GCM
id_token
eyJraWQiOiJhOGE2MTNjNzIyM2JiYTFmNGEyYTBhYWNiYjA3Y2I5NTUxYzg1MGE2OTQ3MzIwMjk3MTExMmQyMzNjODczZDY5IiwiY3R5IjoiSldUIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6IlJTQTFfNSJ9.FE_IoQzGHQpiWC1ztR0ZyPyKqP7lDUwMzsyva4AOxJ-gj9TU04aDiAhvsrxWx1Ung898-FxVRk7H77b5CFyBB_Ky40uTYPkYDd684SSvL48mdtIDEvfvhZwDLyC0ZB7GET7T7tauV-CrZJfei7me3RZld_PQ27NnFyV6T7YxCh1mYHKsj0rZ0C3sjoymClii9pUlv2Rq6lfBwlK95yKq-iN-wAFn1qdJ72bPSc3RPpFGvFDMvebc8oelbDuGbOQn3Pi74ow_EGt8h_ANquTRvfXvEHmpbWsK2WbALid2jtINe4j8JO3FqVqF_l1D_Z9nasfVsDeo2v5QMwCbDzkirg.GQavGIRJB-642d1i.Ql0w-IYH9kyFREhHVfe-WH3ywO2BbHbf2gwIXP6r-DHKsHqVmEruLF1zdY83gsfMDKaWjVNU545a_w6vzlLo0Jo7uL_2bKjGrROJ4ckfB9akv7ofuHca0dry44m2YW3iJTY5PAuaF7TjwSoQA71qHQ2xXH6eXplfczj3FlD6gtsziUWR8kNjDHH4C87FYHNRy7AO7Vc7Db8x0A8IrfWaggAJ7wgUgPiSxenSlHyPSVEFESndRsN63WnGsf-K5vlGqRx9bomXsDx_4mtrG1-czkdJlB-OJi5TZAmWtkaBJ2XHs_6Klpsopbh1YkocFR5NNBWaTX2Xku83YgTPVF4oipnj3jryGZsEKEXYt6QTQNapEzmLDY5MffS9Qiw7pINKqJqD28b8M3-xVMpgWzoz2lNym-dTNQwsG3GlOSHkb_sau70fWJvqcrsuUjQI_eIPj3cElnyA5JHflCui6cvcVhv-QsIVtKGQJgE7IF8UTiq_0uuyUZ8qqnYSaONPtBIUw9VW5TC3sUMGEd-EFyHUHtiSYM6oSilUPNGHWB6EOUSgCed05o2QARup63q5Nd8QHId-Duo8bU6DFAlD2V0n1PdXdaN4G6IKIBvmZsLNTs5Q9Ihny7Hhd9bCQxr5o6JQPvMWxfJeVnjckiosJcPOdiUzS4z9OvInPnsBfOB_d0YrzawQLo-q14MNMqOLnJ8pJ5i6F-BDNfbSd0FW4zAdeq1jFMqJJ5aFrRhMJyQRTeT30nfjjdP0cEQzhopH-HndN6Xoag0XjzNxxxBI10EwNhTXHYIXjSF85z29vOxjGs5aRvLQm0cZGFFHk3GaZ7HYwlr8NIm9IwUQ1O8ZDERMZp5UhPKh4OM6HuEHuNd-dpdm90rNM4ZJaOvXphVOY1V-CplyMjDPkKUT46pTb7IxkCv2-4rI9mjCklqhzf5olblGO3g177EiLYe43AO2gRnRP1tB7Pq9CrOK6joxKrHLih5NGItbBDiE04NCjNzFwY-3WWEef-e-nkGyH3g-OR7TK--3pKoxLDDujYVjWKCYVvIyIMJT0l9xgqEkg6XKtk-kx5I4uN1ZX3buFkY0RhCHTFLH4sEHPVpC-UsXjN3BA2wsaP61oZE6.A24qSOkbD--nFJ8z9tUAOQ
2022-03-25 02:36:11 SUCCESS
FAPIBrazilChangeConsentStatusToAuthorized
Changed consent status to AUTHORISED
consent
{
  "data": {
    "consentId": "urn:conformance:oidf:wbIA7UTKxP",
    "creationDateTime": "2022-03-25T02:36:09Z",
    "status": "AUTHORISED",
    "statusUpdateDateTime": "2022-03-25T02:36:11Z",
    "permissions": [
      "ACCOUNTS_READ",
      "ACCOUNTS_BALANCES_READ",
      "RESOURCES_READ"
    ],
    "expirationDateTime": "2022-03-25T04:36:09Z",
    "transactionFromDateTime": "2022-03-25T02:31:09Z",
    "transactionToDateTime": "2022-03-25T04:36:09Z",
    "links": {
      "self": "https://www.certification.openid.net/test/a/xpconsents/v1/consents"
    }
  },
  "meta": {
    "totalRecords": 1,
    "totalPages": 1,
    "requestDateTime": "2022-03-25T02:36:09Z"
  }
}
2022-03-25 02:36:11 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "redirect_uri": "https://openbanking-redirect-hml.xpi.com.br/",
  "state": "nPTHp_Ma6Y6jRwvuNivVxe-zsByPakIHxfo1PQPH1Mc"
}
2022-03-25 02:36:11 SUCCESS
AddCodeToAuthorizationEndpointResponseParams
Added code to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://openbanking-redirect-hml.xpi.com.br/",
  "state": "nPTHp_Ma6Y6jRwvuNivVxe-zsByPakIHxfo1PQPH1Mc",
  "code": "1lrJ2jCSy5AJy2ckdcaGFXv07gYP4h3Q"
}
2022-03-25 02:36:11 SUCCESS
AddIdTokenToAuthorizationEndpointResponseParams
Added id_token to authorization endpoint response params
authorization_endpoint_response_params
{
  "redirect_uri": "https://openbanking-redirect-hml.xpi.com.br/",
  "state": "nPTHp_Ma6Y6jRwvuNivVxe-zsByPakIHxfo1PQPH1Mc",
  "code": "1lrJ2jCSy5AJy2ckdcaGFXv07gYP4h3Q",
  "id_token": "eyJraWQiOiJhOGE2MTNjNzIyM2JiYTFmNGEyYTBhYWNiYjA3Y2I5NTUxYzg1MGE2OTQ3MzIwMjk3MTExMmQyMzNjODczZDY5IiwiY3R5IjoiSldUIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6IlJTQTFfNSJ9.FE_IoQzGHQpiWC1ztR0ZyPyKqP7lDUwMzsyva4AOxJ-gj9TU04aDiAhvsrxWx1Ung898-FxVRk7H77b5CFyBB_Ky40uTYPkYDd684SSvL48mdtIDEvfvhZwDLyC0ZB7GET7T7tauV-CrZJfei7me3RZld_PQ27NnFyV6T7YxCh1mYHKsj0rZ0C3sjoymClii9pUlv2Rq6lfBwlK95yKq-iN-wAFn1qdJ72bPSc3RPpFGvFDMvebc8oelbDuGbOQn3Pi74ow_EGt8h_ANquTRvfXvEHmpbWsK2WbALid2jtINe4j8JO3FqVqF_l1D_Z9nasfVsDeo2v5QMwCbDzkirg.GQavGIRJB-642d1i.Ql0w-IYH9kyFREhHVfe-WH3ywO2BbHbf2gwIXP6r-DHKsHqVmEruLF1zdY83gsfMDKaWjVNU545a_w6vzlLo0Jo7uL_2bKjGrROJ4ckfB9akv7ofuHca0dry44m2YW3iJTY5PAuaF7TjwSoQA71qHQ2xXH6eXplfczj3FlD6gtsziUWR8kNjDHH4C87FYHNRy7AO7Vc7Db8x0A8IrfWaggAJ7wgUgPiSxenSlHyPSVEFESndRsN63WnGsf-K5vlGqRx9bomXsDx_4mtrG1-czkdJlB-OJi5TZAmWtkaBJ2XHs_6Klpsopbh1YkocFR5NNBWaTX2Xku83YgTPVF4oipnj3jryGZsEKEXYt6QTQNapEzmLDY5MffS9Qiw7pINKqJqD28b8M3-xVMpgWzoz2lNym-dTNQwsG3GlOSHkb_sau70fWJvqcrsuUjQI_eIPj3cElnyA5JHflCui6cvcVhv-QsIVtKGQJgE7IF8UTiq_0uuyUZ8qqnYSaONPtBIUw9VW5TC3sUMGEd-EFyHUHtiSYM6oSilUPNGHWB6EOUSgCed05o2QARup63q5Nd8QHId-Duo8bU6DFAlD2V0n1PdXdaN4G6IKIBvmZsLNTs5Q9Ihny7Hhd9bCQxr5o6JQPvMWxfJeVnjckiosJcPOdiUzS4z9OvInPnsBfOB_d0YrzawQLo-q14MNMqOLnJ8pJ5i6F-BDNfbSd0FW4zAdeq1jFMqJJ5aFrRhMJyQRTeT30nfjjdP0cEQzhopH-HndN6Xoag0XjzNxxxBI10EwNhTXHYIXjSF85z29vOxjGs5aRvLQm0cZGFFHk3GaZ7HYwlr8NIm9IwUQ1O8ZDERMZp5UhPKh4OM6HuEHuNd-dpdm90rNM4ZJaOvXphVOY1V-CplyMjDPkKUT46pTb7IxkCv2-4rI9mjCklqhzf5olblGO3g177EiLYe43AO2gRnRP1tB7Pq9CrOK6joxKrHLih5NGItbBDiE04NCjNzFwY-3WWEef-e-nkGyH3g-OR7TK--3pKoxLDDujYVjWKCYVvIyIMJT0l9xgqEkg6XKtk-kx5I4uN1ZX3buFkY0RhCHTFLH4sEHPVpC-UsXjN3BA2wsaP61oZE6.A24qSOkbD--nFJ8z9tUAOQ"
}
2022-03-25 02:36:11
SendAuthorizationResponseWithResponseModeFragment
Redirecting back to client
uri
https://openbanking-redirect-hml.xpi.com.br/#state=nPTHp_Ma6Y6jRwvuNivVxe-zsByPakIHxfo1PQPH1Mc&code=1lrJ2jCSy5AJy2ckdcaGFXv07gYP4h3Q&id_token=eyJraWQiOiJhOGE2MTNjNzIyM2JiYTFmNGEyYTBhYWNiYjA3Y2I5NTUxYzg1MGE2OTQ3MzIwMjk3MTExMmQyMzNjODczZDY5IiwiY3R5IjoiSldUIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6IlJTQTFfNSJ9.FE_IoQzGHQpiWC1ztR0ZyPyKqP7lDUwMzsyva4AOxJ-gj9TU04aDiAhvsrxWx1Ung898-FxVRk7H77b5CFyBB_Ky40uTYPkYDd684SSvL48mdtIDEvfvhZwDLyC0ZB7GET7T7tauV-CrZJfei7me3RZld_PQ27NnFyV6T7YxCh1mYHKsj0rZ0C3sjoymClii9pUlv2Rq6lfBwlK95yKq-iN-wAFn1qdJ72bPSc3RPpFGvFDMvebc8oelbDuGbOQn3Pi74ow_EGt8h_ANquTRvfXvEHmpbWsK2WbALid2jtINe4j8JO3FqVqF_l1D_Z9nasfVsDeo2v5QMwCbDzkirg.GQavGIRJB-642d1i.Ql0w-IYH9kyFREhHVfe-WH3ywO2BbHbf2gwIXP6r-DHKsHqVmEruLF1zdY83gsfMDKaWjVNU545a_w6vzlLo0Jo7uL_2bKjGrROJ4ckfB9akv7ofuHca0dry44m2YW3iJTY5PAuaF7TjwSoQA71qHQ2xXH6eXplfczj3FlD6gtsziUWR8kNjDHH4C87FYHNRy7AO7Vc7Db8x0A8IrfWaggAJ7wgUgPiSxenSlHyPSVEFESndRsN63WnGsf-K5vlGqRx9bomXsDx_4mtrG1-czkdJlB-OJi5TZAmWtkaBJ2XHs_6Klpsopbh1YkocFR5NNBWaTX2Xku83YgTPVF4oipnj3jryGZsEKEXYt6QTQNapEzmLDY5MffS9Qiw7pINKqJqD28b8M3-xVMpgWzoz2lNym-dTNQwsG3GlOSHkb_sau70fWJvqcrsuUjQI_eIPj3cElnyA5JHflCui6cvcVhv-QsIVtKGQJgE7IF8UTiq_0uuyUZ8qqnYSaONPtBIUw9VW5TC3sUMGEd-EFyHUHtiSYM6oSilUPNGHWB6EOUSgCed05o2QARup63q5Nd8QHId-Duo8bU6DFAlD2V0n1PdXdaN4G6IKIBvmZsLNTs5Q9Ihny7Hhd9bCQxr5o6JQPvMWxfJeVnjckiosJcPOdiUzS4z9OvInPnsBfOB_d0YrzawQLo-q14MNMqOLnJ8pJ5i6F-BDNfbSd0FW4zAdeq1jFMqJJ5aFrRhMJyQRTeT30nfjjdP0cEQzhopH-HndN6Xoag0XjzNxxxBI10EwNhTXHYIXjSF85z29vOxjGs5aRvLQm0cZGFFHk3GaZ7HYwlr8NIm9IwUQ1O8ZDERMZp5UhPKh4OM6HuEHuNd-dpdm90rNM4ZJaOvXphVOY1V-CplyMjDPkKUT46pTb7IxkCv2-4rI9mjCklqhzf5olblGO3g177EiLYe43AO2gRnRP1tB7Pq9CrOK6joxKrHLih5NGItbBDiE04NCjNzFwY-3WWEef-e-nkGyH3g-OR7TK--3pKoxLDDujYVjWKCYVvIyIMJT0l9xgqEkg6XKtk-kx5I4uN1ZX3buFkY0RhCHTFLH4sEHPVpC-UsXjN3BA2wsaP61oZE6.A24qSOkbD--nFJ8z9tUAOQ
2022-03-25 02:36:11 OUTGOING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Response to HTTP request to test instance 8pIsBPqWjSNdT1x
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [https://openbanking-redirect-hml.xpi.com.br/#state=nPTHp_Ma6Y6jRwvuNivVxe-zsByPakIHxfo1PQPH1Mc&code=1lrJ2jCSy5AJy2ckdcaGFXv07gYP4h3Q&id_token=eyJraWQiOiJhOGE2MTNjNzIyM2JiYTFmNGEyYTBhYWNiYjA3Y2I5NTUxYzg1MGE2OTQ3MzIwMjk3MTExMmQyMzNjODczZDY5IiwiY3R5IjoiSldUIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6IlJTQTFfNSJ9.FE_IoQzGHQpiWC1ztR0ZyPyKqP7lDUwMzsyva4AOxJ-gj9TU04aDiAhvsrxWx1Ung898-FxVRk7H77b5CFyBB_Ky40uTYPkYDd684SSvL48mdtIDEvfvhZwDLyC0ZB7GET7T7tauV-CrZJfei7me3RZld_PQ27NnFyV6T7YxCh1mYHKsj0rZ0C3sjoymClii9pUlv2Rq6lfBwlK95yKq-iN-wAFn1qdJ72bPSc3RPpFGvFDMvebc8oelbDuGbOQn3Pi74ow_EGt8h_ANquTRvfXvEHmpbWsK2WbALid2jtINe4j8JO3FqVqF_l1D_Z9nasfVsDeo2v5QMwCbDzkirg.GQavGIRJB-642d1i.Ql0w-IYH9kyFREhHVfe-WH3ywO2BbHbf2gwIXP6r-DHKsHqVmEruLF1zdY83gsfMDKaWjVNU545a_w6vzlLo0Jo7uL_2bKjGrROJ4ckfB9akv7ofuHca0dry44m2YW3iJTY5PAuaF7TjwSoQA71qHQ2xXH6eXplfczj3FlD6gtsziUWR8kNjDHH4C87FYHNRy7AO7Vc7Db8x0A8IrfWaggAJ7wgUgPiSxenSlHyPSVEFESndRsN63WnGsf-K5vlGqRx9bomXsDx_4mtrG1-czkdJlB-OJi5TZAmWtkaBJ2XHs_6Klpsopbh1YkocFR5NNBWaTX2Xku83YgTPVF4oipnj3jryGZsEKEXYt6QTQNapEzmLDY5MffS9Qiw7pINKqJqD28b8M3-xVMpgWzoz2lNym-dTNQwsG3GlOSHkb_sau70fWJvqcrsuUjQI_eIPj3cElnyA5JHflCui6cvcVhv-QsIVtKGQJgE7IF8UTiq_0uuyUZ8qqnYSaONPtBIUw9VW5TC3sUMGEd-EFyHUHtiSYM6oSilUPNGHWB6EOUSgCed05o2QARup63q5Nd8QHId-Duo8bU6DFAlD2V0n1PdXdaN4G6IKIBvmZsLNTs5Q9Ihny7Hhd9bCQxr5o6JQPvMWxfJeVnjckiosJcPOdiUzS4z9OvInPnsBfOB_d0YrzawQLo-q14MNMqOLnJ8pJ5i6F-BDNfbSd0FW4zAdeq1jFMqJJ5aFrRhMJyQRTeT30nfjjdP0cEQzhopH-HndN6Xoag0XjzNxxxBI10EwNhTXHYIXjSF85z29vOxjGs5aRvLQm0cZGFFHk3GaZ7HYwlr8NIm9IwUQ1O8ZDERMZp5UhPKh4OM6HuEHuNd-dpdm90rNM4ZJaOvXphVOY1V-CplyMjDPkKUT46pTb7IxkCv2-4rI9mjCklqhzf5olblGO3g177EiLYe43AO2gRnRP1tB7Pq9CrOK6joxKrHLih5NGItbBDiE04NCjNzFwY-3WWEef-e-nkGyH3g-OR7TK--3pKoxLDDujYVjWKCYVvIyIMJT0l9xgqEkg6XKtk-kx5I4uN1ZX3buFkY0RhCHTFLH4sEHPVpC-UsXjN3BA2wsaP61oZE6.A24qSOkbD--nFJ8z9tUAOQ]
outgoing_path
authorize
2022-03-25 02:36:12 INCOMING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Incoming HTTP request to /test/a/xp/.well-known/openid-configuration
incoming_headers
{
  "host": "www.certification.openid.net",
  "user-agent": "openid-client/4.7.4 (https://github.com/panva/node-openid-client)",
  "accept": "application/json",
  "accept-encoding": "gzip, deflate, br",
  "x-datadog-trace-id": "5626369856225083435",
  "x-datadog-parent-id": "510596596633940612",
  "x-datadog-sampling-priority": "2",
  "x-datadog-tags": "_dd.p.upstream_services\u003db3BlbmJhbmtpbmctbWFuYWdlbWVudC1zZXJ2aWNlcw\u003d\u003d|2|3|1",
  "connection": "close"
}
incoming_path
/test/a/xp/.well-known/openid-configuration
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_tls_cert
incoming_body_json
incoming_query_string_params
{}
incoming_body
2022-03-25 02:36:12 SUCCESS
EnsureIncomingTls12WithSecureCipherOrTls13
TLS 1.2 in use and cipher is one recommended by BCP195
actual
ECDHE-RSA-AES128-GCM-SHA256
recommended
[
  "DHE-RSA-AES128-GCM-SHA256",
  "ECDHE-RSA-AES128-GCM-SHA256",
  "DHE-RSA-AES256-GCM-SHA384",
  "ECDHE-RSA-AES256-GCM-SHA384"
]
2022-03-25 02:36:12 OUTGOING
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Response to HTTP request to test instance 8pIsBPqWjSNdT1x
outgoing_status_code
200
outgoing_headers
{}
outgoing_body
{
  "issuer": "https://www.certification.openid.net/test/a/xp/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/xp/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/xp/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/xp/jwks",
  "registration_endpoint": "https://www.certification.openid.net/test/a/xp/register",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/xp/userinfo",
  "mtls_endpoint_aliases": {
    "token_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/token",
    "registration_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/register",
    "userinfo_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/userinfo",
    "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test-mtls/a/xp/par"
  },
  "tls_client_certificate_bound_access_tokens": true,
  "request_parameter_supported": true,
  "grant_types_supported": [
    "authorization_code",
    "implicit",
    "client_credentials",
    "refresh_token"
  ],
  "claims_parameter_supported": true,
  "request_object_encryption_alg_values_supported": [
    "RSA-OAEP"
  ],
  "request_object_encryption_enc_values_supported": [
    "A256GCM"
  ],
  "claims_supported": [
    "cpf",
    "cnpj",
    "acr"
  ],
  "acr_values_supported": [
    "urn:brasil:openbanking:loa2",
    "urn:brasil:openbanking:loa3"
  ],
  "id_token_signing_alg_values_supported": [
    "PS256"
  ],
  "request_object_signing_alg_values_supported": [
    "PS256"
  ],
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access",
    "consents",
    "resources",
    "payments"
  ],
  "token_endpoint_auth_methods_supported": [
    "private_key_jwt"
  ],
  "pushed_authorization_request_endpoint": "https://www.certification.openid.net/test/a/xp/par",
  "require_pushed_authorization_requests": true,
  "response_types_supported": [
    "code id_token"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "PS256"
  ]
}
outgoing_path
.well-known/openid-configuration
2022-03-25 02:36:16 FINISHED
fapi1-advanced-final-client-test-encrypted-idtoken-usingrsa15
Test has run to completion
testmodule_result
PASSED
2022-03-25 02:36:17
TEST-RUNNER
Alias has now been claimed by another test
alias
xp
new_test_id
tMCvdaX2460K7vZ
Test Results