Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-05-11 06:25:29 INFO
TEST-RUNNER
Test instance gYTnCPAfLfeRWlm created
baseUrl
https://www.certification.openid.net/test/a/fwiwidk
variant
{
  "client_auth_type": "private_key_jwt",
  "ciba_mode": "poll",
  "fapi_profile": "plain_fapi",
  "client_registration": "static_client"
}
alias
fwiwidk
description
planId
5TITriHnFuJuH
config
{
  "alias": "fwiwidk",
  "automated_ciba_approval_url": "https://ciba-mobile.securitypoc.com/automated_ciba_approval_url?action\u003d{action}\u0026token\u003d{auth_req_id}",
  "server": {
    "discoveryUrl": "https://ciba-mobile.securitypoc.com/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "2gJT3oQVIK9bnKrfamZ4",
    "scope": "openid email",
    "jwks": {
      "keys": [
        {
          "kid": "OR5xHLDjTbwxAtPAm3XtbCH-rnB-YKecLyzudZrdUm0",
          "alg": "ES256",
          "kty": "EC",
          "crv": "P-256",
          "x": "XGyC1rR-KXGnjrvo3ZEOu9zsuQIBnms390M3TFdA2fA",
          "y": "UzBoxWLr18EeVSWLI178SKug139tDr5vmRMhl26h4HI",
          "d": "A-FY0gKFTDvAyyM6cm9ERbQbTKgLNwosMNj-A5-CDUI"
        }
      ]
    },
    "hint_type": "login_hint",
    "hint_value": "testuser"
  },
  "client2": {
    "client_id": "GIi4p8SCIhNO8g98blye",
    "scope": "openid",
    "jwks": {
      "keys": [
        {
          "kid": "6RHpOyxdsQPzYz6uNmAC9YHuxrAUbGe4RZHuT218NfE",
          "alg": "ES256",
          "kty": "EC",
          "crv": "P-256",
          "x": "_9HZpw98HIP6hmCSXfv8u00cIy5UQ_XZ7krXJID-ydI",
          "y": "AGjAW113d8wl_SfZMBXA6i1y9R2OrhlwcpuYYJpQE9s",
          "d": "ALhGSwgtKne65I2OyEaUzUzKe0GUhjViKo2xvIeoiU8X"
        }
      ]
    },
    "acr_value": "urn:acr2"
  },
  "resource": {
    "resourceUrl": "https://ciba-mobile.securitypoc.com/ivcreds"
  },
  "mtls": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UE\nAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAW\nMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\nAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0\nQdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdH\nagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2h\nr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0sn\nYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9V\nn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNq\nyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/\nMA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2\nBzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDY\ngZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0b\nS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf\n1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk\n0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZ\ntREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711o\nTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuI\nsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Lo\nok3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd\n2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33y\nCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7L\nmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kW\ngTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwM\ngkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwb\nW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19n\na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhB\nshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT\n5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSj\nV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQ\naaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rth\nhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkm\nbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKo\nTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+d\nHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbt\nJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94\nK/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8b\nwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPK\nt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY\n49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVj\nMRiRD1Juu/Pv7B0QCn98y+W9\n-----END PRIVATE KEY-----\n",
    "ca": "-----BEGIN CERTIFICATE-----\nMIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UE\nAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAW\nMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\nAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0\nQdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdH\nagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2h\nr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0sn\nYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9V\nn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNq\nyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/\nMA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2\nBzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDY\ngZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0b\nS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf\n1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk\n0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP\n-----END CERTIFICATE-----\n"
  },
  "mtls2": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UE\nAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFow\nFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7\nhidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIg\nwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvY\nuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt\n1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs\n4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo\n2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2g\nOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7e\ngPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BI\ntd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPE\noJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9eP\nPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54Mj\nBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKh\nELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF\n3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLam\nqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+5\n58fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hO\ndebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPu\nsO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6\nFDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDP\nlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBL\nmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+\npUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeM\ntWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81O\nOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb\n/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJG\nPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIG\nMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7\nxPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxy\nhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcih\nWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ\n+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZs\nGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZh\nO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2\nsfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q6\n5HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoK\nIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4Q\nPDq1ObkZdDBcEscAK6gQPlI\u003d\n-----END PRIVATE KEY-----\n",
    "ca": "-----BEGIN CERTIFICATE-----\nMIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UE\nAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFow\nFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7\nhidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIg\nwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvY\nuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt\n1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs\n4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo\n2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2g\nOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7e\ngPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BI\ntd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPE\noJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9eP\nPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54Mj\nBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d\n-----END CERTIFICATE-----\n"
  }
}
testName
fapi-ciba-id1-refresh-token
2022-05-11 06:25:29 SUCCESS
CreateCIBANotificationEndpointUri
Created ciba notification endpoint URI
notification_uri
https://www.certification.openid.net/test/a/fwiwidk/ciba-notification-endpoint
2022-05-11 06:25:29
GetDynamicServerConfiguration
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-05-11 06:25:29 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json",
  "date": "Wed, 11 May 2022 06:25:29 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "server": "IBM Security Verify Access",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000pn6yz5mro3Lj_5jSdxdSKEB:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly"
}
response_body
{"issuer":"https://ciba-mobile.securitypoc.com",
"authorization_endpoint": "https://ciba-mobile.securitypoc.com/oauth2/authorize",
"token_endpoint":"https://ciba-mobile.securitypoc.com/oauth2/token",
"userinfo_endpoint":"https://ciba-mobile.securitypoc.com/oauth2/userinfo",
"jwks_uri":"https://ciba-mobile.securitypoc.com/oauth2/jwks/CIBA",
"response_types_supported":["none"],
"response_modes_supported":["fragment","form_post"],
"subject_types_supported":["public"],
"token_endpoint_auth_methods_supported":["private_key_jwt","client_secret_post","client_secret_basic","tls_client_auth","self_signed_tls_client_auth"],
"grant_types_supported":["urn:ietf:params:oauth:grant-type:device_code","refresh_token","urn:openid:params:grant-type:ciba"],
"id_token_signing_alg_values_supported":["ES256"],
"id_token_encryption_alg_values_supported":[],
"id_token_encryption_enc_values_supported":[],
"poc":"https://ciba-mobile.securitypoc.com/mga/",
"name":"CIBA",
"introspection_endpoint":"https://ciba-mobile.securitypoc.com/oauth2/introspect",
"revocation_endpoint":"https://ciba-mobile.securitypoc.com/oauth2/revoke",
"registration_endpoint":"https://ciba-mobile.securitypoc.com/oauth2/register/CIBA",
"device_authorize_endpoint":"https://ciba-mobile.securitypoc.com/oauth2/device_authorize",
"user_authorize_endpoint": "https://ciba.securitypoc.com/oauth2/user_authorize ",
"scopes_supported":["openid"],
"userinfo_signing_alg_values_supported":["ES256"],
"request_object_signing_alg_values_supported":["ES256"],
"token_endpoint_auth_signing_alg_values_supported":["ES256"],
"claims_parameter_supported":true ,
"request_parameter_supported":true,
"backchannel_authentication_endpoint": "https://ciba-mobile.securitypoc.com/oauth2/ciba ",
"backchannel_token_delivery_modes_supported":["poll","ping"],
"backchannel_authentication_request_signing_alg_values_supported":["ES256"],
"tls_client_certificate_bound_access_tokens": true
}
2022-05-11 06:25:29 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
issuer
https://ciba-mobile.securitypoc.com
authorization_endpoint
https://ciba-mobile.securitypoc.com/oauth2/authorize
token_endpoint
https://ciba-mobile.securitypoc.com/oauth2/token
userinfo_endpoint
https://ciba-mobile.securitypoc.com/oauth2/userinfo
jwks_uri
https://ciba-mobile.securitypoc.com/oauth2/jwks/CIBA
response_types_supported
[
  "none"
]
response_modes_supported
[
  "fragment",
  "form_post"
]
subject_types_supported
[
  "public"
]
token_endpoint_auth_methods_supported
[
  "private_key_jwt",
  "client_secret_post",
  "client_secret_basic",
  "tls_client_auth",
  "self_signed_tls_client_auth"
]
grant_types_supported
[
  "urn:ietf:params:oauth:grant-type:device_code",
  "refresh_token",
  "urn:openid:params:grant-type:ciba"
]
id_token_signing_alg_values_supported
[
  "ES256"
]
id_token_encryption_alg_values_supported
[]
id_token_encryption_enc_values_supported
[]
poc
https://ciba-mobile.securitypoc.com/mga/
name
CIBA
introspection_endpoint
https://ciba-mobile.securitypoc.com/oauth2/introspect
revocation_endpoint
https://ciba-mobile.securitypoc.com/oauth2/revoke
registration_endpoint
https://ciba-mobile.securitypoc.com/oauth2/register/CIBA
device_authorize_endpoint
https://ciba-mobile.securitypoc.com/oauth2/device_authorize
user_authorize_endpoint
https://ciba.securitypoc.com/oauth2/user_authorize 
scopes_supported
[
  "openid"
]
userinfo_signing_alg_values_supported
[
  "ES256"
]
request_object_signing_alg_values_supported
[
  "ES256"
]
token_endpoint_auth_signing_alg_values_supported
[
  "ES256"
]
claims_parameter_supported
true
request_parameter_supported
true
backchannel_authentication_endpoint
https://ciba-mobile.securitypoc.com/oauth2/ciba 
backchannel_token_delivery_modes_supported
[
  "poll",
  "ping"
]
backchannel_authentication_request_signing_alg_values_supported
[
  "ES256"
]
tls_client_certificate_bound_access_tokens
true
2022-05-11 06:25:29 SUCCESS
AddMTLSEndpointAliasesToEnvironment
Added mtls_endpoint_aliases to environment
2022-05-11 06:25:29 SUCCESS
CheckCIBAServerConfiguration
Found required server configuration keys
required
[
  "backchannel_authentication_endpoint",
  "token_endpoint",
  "issuer"
]
2022-05-11 06:25:29
FetchServerKeys
Fetching server key
jwks_uri
https://ciba-mobile.securitypoc.com/oauth2/jwks/CIBA
2022-05-11 06:25:29
FetchServerKeys
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/jwks/CIBA
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-05-11 06:25:29 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json",
  "date": "Wed, 11 May 2022 06:25:29 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-cache\u003d\"set-cookie, set-cookie2\"",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": "AMWEBJCT!%2Fmga!JSESSIONID\u003d00003q9lIPU1J_Bg6KltzIW7RyY:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly"
}
response_body
{"keys":[{"kty":"RSA","kid":"xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU","use":"sig","alg":"ES256","n":"zFgxiZmeQcvzeI4muwyWsF0B6hlTfttggiPFisr4DgEswxj4wtCc5-YxZmGtylkykH52Hx8uXWQPKBTKRtSa3Tdj3W85uqSOfeywJVRphulA9UX_KgG0jvvxh5AheNnjzdQvrioZhHYmOBR6Kr4GgggoNVpZ_5thh2WmV1R36K3JCbmuDxDwxP8ZHv0-LeY8m8wuvU_DONwBdippS6Rz2ndQvLm6Et-W9PsWdXII3nU5VTOSjV76ek0QWLemRlYoIS7bSRWqijGa9ke9BB_15XXXivoBc55glmy0Z928mlmoAn5PIMuslb2uHQDHBEpqc5UMpCbU7aee0TMrQxQDsw","e":"AQAB","x5c":["MIIDGDCCAgCgAwIBAgIIPeSzEfXhIykwDQYJKoZIhvcNAQELBQAwKjELMAkGA1UEBhMCdXMxDDAKBgNVBAoTA2libTENMAsGA1UEAxMEaXNhbTAeFw0yMjA0MTEwMDEwMjBaFw0zMjA0MDkwMDEwMjBaMCoxCzAJBgNVBAYTAnVzMQwwCgYDVQQKEwNpYm0xDTALBgNVBAMTBGlzYW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMWDGJmZ5By/N4jia7DJawXQHqGVN+22CCI8WKyvgOASzDGPjC0Jzn5jFmYa3KWTKQfnYfHy5dZA8oFMpG1JrdN2Pdbzm6pI597LAlVGmG6UD1Rf8qAbSO+/GHkCF42ePN1C+uKhmEdiY4FHoqvgaCCCg1Wln/m2GHZaZXVHforckJua4PEPDE/xke/T4t5jybzC69T8M43AF2KmlLpHPad1C8uboS35b0+xZ1cgjedTlVM5KNXvp6TRBYt6ZGVighLttJFaqKMZr2R70EH/XlddeK+gFznmCWbLRn3byaWagCfk8gy6yVva4dAMcESmpzlQykJtTtp57RMytDFAOzAgMBAAGjQjBAMB0GA1UdDgQWBBR1IX33CL3uNO0QkTwJVUnYzEmgFDAfBgNVHSMEGDAWgBR1IX33CL3uNO0QkTwJVUnYzEmgFDANBgkqhkiG9w0BAQsFAAOCAQEArj3+CkR5B6VxznL+qRr3iC3GckoSiGE3nWd6tn5ILgJK3jbFDAqc3UGerxM7GlKsHqjbYh1voLwtFpUJvp/nT6mApmCZ7XPyFM+4fNn7OejuePeN6x69xfjygeGOgMuE3msdUAAV+rEp7ZGM+wqG8WUQEB0Q+r/ZpZrr+4JfWqqbt+RkdvIjt4lHnMSVoQgK1gGmctJgsphSIOxF1XZRIn7OkjYUKlTg801TWh2FZ598NnmqAnz0zbT/mj2w2/E0QcnNCmQuxieeA1ww+clUrqgcYxDWoCvCXKutnA5nS+IAQ6HcgvQi3oSxBg20rb0WKOuPWnNIs7XZK8NzPT2UKw=="],"x5t":"lDgpAobsdMmL4sjOqP-j9XzoT_Y","x5t#S256":"xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU"},{"kty":"EC","kid":"JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg","use":"sig","alg":"ES256","x":"t5bqdouWhI2V1cM261rXswZKfBXQX_pXrNjndOvPTPk","y":"8JIfMkQMvl0Ffl_4IbD0k95d6I5b-rAxN-WI-NM0tKU","crv":"P-256","x5c":["MIIBajCCAQ6gAwIBAgIIY/XXnta+gyswDAYIKoZIzj0EAwIFADAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwHhcNMjIwMzIyMDAyNzI1WhcNNDkwODA3MDAyNzI1WjAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS3lup2i5aEjZXVwzbrWtezBkp8FdBf+les2Od0689M+fCSHzJEDL5dBX5f+CGw9JPeXeiOW/qwMTfliPjTNLSlo0IwQDAdBgNVHQ4EFgQUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwHwYDVR0jBBgwFoAUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwDAYIKoZIzj0EAwIFAANIADBFAiBDimGoKrguaoezKOmcJ8Wm+ivw8bV8bN37DIztpwXoOAIhAOLcCrCwwmm9oS4Jh6aqWF9POnVfbeDMw0yQf0g3gbNK"],"x5t":"Eocy22APs5b9mFhm7JYcHEwFlAQ","x5t#S256":"JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg"},{"kty":"EC","kid":"LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE","use":"sig","alg":"ES256","x":"DxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2Wljc","y":"33mJhmf3sR8Inv1jO0aMn71T6BXclz4rgUathn8OATk","crv":"P-256","x5c":["MIIEajCCA1KgAwIBAgIQP5KHvp0dpKN6nfYoLndaxDANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTUwNTEyMDAwMDAwWhcNMjUwNTExMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTEwLwYDVQQDEyhTeW1hbnRlYyBDbGFzcyAzIEVDQyAyNTYgYml0IFNTTCBDQSAtIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2WljffeYmGZ/exHwie/WM7RoyfvVPoFdyXPiuBRq2Gfw4BOaOCAV0wggFZMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKwYDVR0RBCQwIqQgMB4xHDAaBgNVBAMTE1NZTUMtRUNDLUNBLXAyNTYtMjIwHQYDVR0OBBYEFCXwiuFLetkBlQrtxlPxjHgf2fP4MB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBCwUAA4IBAQAMMGUXBaWTdaLxsTGtcB/naqjIQrLvoV9NG+7MoHpGd/69dZ/h2zOy7sGFUHoG/0HGRA9rxT/5w5GkEVIVkxtWyIWWq6rs4CTZt8Bej/KHYRbojtEDUkCTZSTLiCvguPyvinXgxy+LHT+PmdtEfXsvcdbeBSWUYpOsDYvD2hNtz9dwOd5nBosMApmdxt+z7LQyZu8wMnfI1U6IMO+RWowxZ8uy0oswdFYd32l9xe+aAE/ky9alLu/M9pvxiUKufqHJRgDBKA6uDjHLMPX+/nxXaNCPX3SI4KVZ1stHQ/U5oNlMdHN9umAvlU313g0IgJrjsQ2nIdf9dsdP+6lrmP7s"],"x5t":"_jxBkB82Wcbt3AwcLYXQsg5klhQ","x5t#S256":"LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE"},{"kty":"RSA","kid":"ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98","use":"sig","alg":"ES256","n":"ryQICCl6NZ5gDKrnSztO3Hy8PEUcuyvg_ikC-VcIo2SFFSf18a3IMYldIugqqqZCs4_4uVW3sbdLs_6PfgdX7O9D22ZiFWHPYA2k2N744MNiCD1UE-tJyllUhSblK48bn-v1oZHCM0nYQ2NqUkvSj-hwUU3RiWl7x3D2s9wSdNt7XUtW05a_FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTdOrUZ_wK69Dzu4IvrN4vs9Nes8vbwPa_ddZEzGR0cQMt0JBkhk9kU_qwqUseP1QRJ5I1jR4g8aYPL_ke9K35PxZWuDp3U0UPAZ3PjFAh-5T-fc7gzCs9dPzSHloruU-glFQ","e":"AQAB","x5c":["MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq"],"x5t":"TrbVeEmbHM9fWB6tVr49m2dEpeU","x5t#S256":"ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98"},{"kty":"EC","kid":"RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug","use":"sig","alg":"ES256","x":"4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc_ITa4jVMU9tWRlUvzlgKNcR7E2Munn17v","y":"oOZ_WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuM","crv":"P-384","x5c":["MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBTZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/AbuiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/63qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoBUEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQdEa8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc="],"x5t":"Vu58JwaDFi2DuurMeQ4iRxraq-g","x5t#S256":"RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug"},{"kty":"RSA","kid":"Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE","use":"sig","alg":"ES256","n":"4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U_dDxGkAV53ijSLdhwZAAIEJzs4bg7_fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV_Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C_dxC__AH2hdmoRBBYMql1GNXRor5H4idq9Joz-EkIYIvUX7Q6hL-hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv-zbMUZBfHWymeMr_y7vrTC0LUq7dBMtoM1O_4gdW7jVg_tRvoSSiicNoxBN33shbyTApOB6jtSj1etX-jkMOvJw","e":"AQAB","x5c":["MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQkCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4="],"x5t":"qJhdOmXl5cSy19ZtQMbdL7GcVDY","x5t#S256":"Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE"},{"kty":"RSA","kid":"jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c","use":"sig","alg":"ES256","n":"wfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN-wyKPhXLwhPZpx8vxdBvKd2hZYFL-rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R-Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf_IGjUS6_kIb0Q3twDFV1at8x_uFb2H1q-Rne0iXtTky-rzxah8Kus1F4_9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc_7e4XIYN-nzQhi4nx5F5O4yt_LRbUwHrd0__DZepBKTIMtffrCE6AUPcJJP_HrrTWMpaTenabs7CO-Gf-816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx_OwyA_pOB12L_HB1tRTIaR_AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh_cok9LtpSsAYB-ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B_RT9qkcUhcQaS9a6LrHHGYexmp2_OSQO2zhaJQwFxl7-oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS_DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgc","e":"AQAB","x5c":["MIIFLDCCAxQCCQDlWmWOLdLO/TANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhvcGVubGRhcDAeFw0yMjA0MTIwMDAxMDhaFw00OTA4MjcwMDAxMDhaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCG9wZW5sZGFwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN+wyKPhXLwhPZpx8vxdBvKd2hZYFL+rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R+Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf/IGjUS6/kIb0Q3twDFV1at8x/uFb2H1q+Rne0iXtTky+rzxah8Kus1F4/9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc/7e4XIYN+nzQhi4nx5F5O4yt/LRbUwHrd0//DZepBKTIMtffrCE6AUPcJJP/HrrTWMpaTenabs7CO+Gf+816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx/OwyA/pOB12L/HB1tRTIaR/AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh/cok9LtpSsAYB+ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B/RT9qkcUhcQaS9a6LrHHGYexmp2/OSQO2zhaJQwFxl7+oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS/DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgcCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAQ/8CHXFlDOq8TvDSjWu602G9UiEvqnBUWzZ5TbVQeIH54xzNTCjemx908fknEgSDSy4W1VOmckV9tbNtt3dIUyFna0b7ZzzfVnvGQYynjGPaYYBjnLi/SeHSv6U6qKuvRV7pTXRJadFVBupmARt2L3CxGKRhwu4DJnOKbLMKFy13PifyPurez5tpnVa1/Cl+GmB0oLdLMe9ielMHMNn3B/w+pUcCvwoAADnlfM44S65w2XqfVswNNoacLx1DrzwjX5RoV+ACC2CWOVYcQdJdwT76fBtbo0QJIz3hKLbZqa3TXpprAg49xztukar/7W3PwjYO7VrbGuBHg6h8yHmlUKpVcDJZ7IMVWh+a+ONglDKnBCCew736v1KtZTEG8D5IGeZAd/H9d0YiCcRTSfM+Pml3OO11UI7rycyaiZQfg4YXZ2zpX2GqbAoMTKYGi6KwD2ufn0U85Y7bkGDNyUbaJzdaOtt7F23MZiZdn3ixtgqpXSJv1SRngf7lpfBg7qcu1f3CC5I3vl3J7mIYKKiRsXdK0vwGDrEFSodrnDJsvWZ2mYtaS1l9Q1TII+5a0VLLe6tKWbFEiU6YIVG2Ptyr5Rsbw/bOXzuzjkIDRSEa8kSPQfEfqMZZdMvca9zoKHFFG3xgjHYmfWj5UHBL56G0eKd41HoWx8fa5ws2B4b2shk="],"x5t":"IScnlIM-ZZed9eRjj8iqjI8-oI0","x5t#S256":"jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c"},{"kty":"RSA","kid":"B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0","use":"sig","alg":"ES256","n":"6FocmJCFqZf8gt7QTvM5dPA2n-wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF_is6bl-Jfam5TPCYE7rCEbla4Ivy1uj-LmvLbeDdf6fZoi-p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y_PP13xTNZQpMQSR6Jre8_2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ-YqU4z38BLshPTynZQjr42ORRoxZ-4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL_oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py_U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6_TmnZ1pJfMmLA_VdktmEfhl_rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO-shfiKcJsQKrCrebHTAk","e":"AQAB","x5c":["MIIFLDCCAxQCCQDBbB0qqpk6EDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhwb3N0Z3JlczAeFw0yMjA0MTIwMDAzMDlaFw00OTA4MjcwMDAzMDlaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCHBvc3RncmVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6FocmJCFqZf8gt7QTvM5dPA2n+wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF/is6bl+Jfam5TPCYE7rCEbla4Ivy1uj+LmvLbeDdf6fZoi+p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y/PP13xTNZQpMQSR6Jre8/2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ+YqU4z38BLshPTynZQjr42ORRoxZ+4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL/oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py/U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6/TmnZ1pJfMmLA/VdktmEfhl/rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO+shfiKcJsQKrCrebHTAkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAAaPSzpiFZEG9hAGB+6wRz9tGInO0tCmV+GB/i9PFX572JJiLGEtetYyxv95V5yQrq40Rwl5/ekyZhjd6M56m8HVWiO465e0gMsph3WQe7yyNC+zmYr50II6MtjgaCMSY6WCeE+4rtkUKX4pZpDKEwcJI2UmMfa0iDTp4CTe+n5XfQOLVHh8NaXA3qabaRwtW3JOHhz2FPulDfFD9yTY/yvIBWr/HN89pmVRod9pJ3RjAGXhUFRNcZX/KrKddqchLg57I39qLshWG6tVfirBJzLtBYGsNMoovZjt5K5Msv6gpz2HraAX4stzvkMB1djTgaIuvQLM+3w7cSX6Wnjdz1IDUFdptDfEefLxoOXiMu/YHnYfewzKUXDCzsqM+JejpLSYrHKMLaKIWoTuid/84Rm1AkiQzQpyMn0GcaJNV0h/5oBjeJIBuUkO8pmAPzngamZLIM+F8BssVRsbfSCG2oa75J2qiLCd4kCrAa1kuiDqv+JhBnqu9dQvcqWPNe0POgfG9IG2M2++Jrcs+qdy9Rc6QkkEDifIq4GuKh2a2pvns7DsCjOoRxJBzpTmC86UCQt7leg5JArfXiXQ0ZR/jdOdgn0l1AUSvjqN18q6WgDvhS5R5K+ivpoVItCBQbpyfXBXPWEcZaASZwTVBpP1F+X/w3iHOiYj7IasZzj9DCtQ="],"x5t":"wuGBkt_32Le2KNH8LA4eIvl4OaQ","x5t#S256":"B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0"},{"kty":"EC","kid":"j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws","use":"sig","alg":"ES256","x":"nLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f8","y":"oBXY7xcLQyeSPEII17_fWDi4X_aJ5Wpo3IvIlp1z51E","crv":"P-256","x5c":["MIIFPjCCBOSgAwIBAgIQDcoB0eBgcUSL1tRgbrVe5jAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMXQ2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjEwNzE2MDAwMDAwWhcNMjIwNzE1MjM1OTU5WjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEeMBwGA1UEAxMVc25pLmNsb3VkZmxhcmVzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f+gFdjvFwtDJ5I8QgjXv99YOLhf9onlamjci8iWnXPnUaOCA38wggN7MB8GA1UdIwQYMBaAFKXON+rrsHUOlGeItEX62SQQh5YfMB0GA1UdDgQWBBTUhRahZ5+BtKoZClu71NJoYSmbmTBEBgNVHREEPTA7ghVzbmkuY2xvdWRmbGFyZXNzbC5jb22CESouc2VjdXJpdHlwb2MuY29tgg9zZWN1cml0eXBvYy5jb20wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXqwD+hnAAAEAwBHMEUCIDCBiGTPmSMM2E5j08lHy6CrM5wgXc1cLBz07lH7/oZFAiEAliKe6M4qNjsjvxlExlr24AQyOF0Qm1u+WBKhkVnWLrkAdgBRo7D1/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAXqwD+iiAAAEAwBHMEUCIQC/pzfjwl0K2vzB8Hmn46eLIul2H3wnBITr462hswIc1QIgQcejxHsgdhisnEQT+8tOlmgxwzSaeBNJeqYggd95CskAdwBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXqwD+hCAAAEAwBIMEYCIQDc4nhAUjHHiRC79K5sIQ0qKILeFM6F9OE+/NBi/t/PXgIhALMs8JrmU9MK4VbFbC9E0BqH4oPSm1UF/8TvWRd47VpkMAoGCCqGSM49BAMCA0gAMEUCIQCjcEVBNE/aTnuEWtZ0ZKFKOu4cCj5VEHhS8F87jypXswIgJQVUAsXzFCiohsA7Ng7BJY/T7ASRYg83LjQayEI52Gs="],"x5t":"7JUZWIyx0BZpwO7Zx0MpbufjKEQ","x5t#S256":"j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws"},{"kty":"EC","kid":"OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo","use":"sig","alg":"ES256","x":"ua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj78","y":"u03vYUbEyXPUJE_g7hzObLNRcS9q7kwFCXfTcmKkm9c","crv":"P-256","x5c":["MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVDQyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un+ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFelpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1HgoE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw6DEdfgkfCv4+3ao8XnTSrLE="],"x5t":"s912BtK1qLShN3Hb7MnuHOyvo4o","x5t#S256":"OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo"},{"kty":"RSA","kid":"lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY","use":"sig","alg":"ES256","n":"regkc_QUN_ObnitXKByHvty33ziQjG485legePd1wqL-9Wpu9gBPKNveaIZsRJO2sWP9FBJrvx_S6jGbIX7RMzy6SPXded-zuP8S8SGaS8GKhnFpSmZmbI9-PHC_rSkiBvPkwOaAruJLj7eZfpQDn9NHl3yZSCNT6DiuTwpvgy7RSVeMgHS22i_QOI17A3AhG3XyMDz6j67d2mOr6xZPwo4RS37PC-j_tXcu9LJ7SuBMEiUMcI0DKaDhUyTsE9nuGb8Qs0qMP4mjYVHerIcHlPRjcewu4m9bmIHhiVw0eWx27zuQYnnm26SaLybF0BDhDt7ZEI4W-7f3qPfH5QIHmI82CJXn4jeWDTZ1nvsOcrEdm7wD-UkF2IHdBbQq1kHprAF2lQoP2N_VvRIfNS8oF2zSmMGoCWR3bkc3us6sWV5onX9y1onFBkEpPlk-3Sb1JMkRp1qjTEAfRqGZtac6UW6GO559cqcSBXhZ7T5ReBULA4-N0C8Fsj57ShxLcwUS_Mbq4FATfEOTdLPKdOeOHwEI0DDUW3E2tAe6wTAwXEi3gjuYpn1giqKjKYLMur2DBBuigwNBodYF8RvCtvCofIY7RqhIKojcdpp2vx9qpT0Zj-s482TeyCsNCij_99viFULUItAnXeF5_hjncIitTubZizrG3SdRbv-8ZPUzQ08","e":"AQAB","x5c":["MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZLubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc="],"x5t":"yr0qeaEHajHyHSU2NcsDnUMppeg","x5t#S256":"lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY"},{"kty":"RSA","kid":"Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0","use":"sig","alg":"ES256","n":"uwIVKMz2oJTTDxLsjVWSw_iC8ZmmekKIp10mqrUrucVMsa-Oa_l1yKPXD0eUFFU1V4yeqKI5GfWCPEKpTm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh_o3cbMT5xys4Zvv2-Q7RVJFlqnBU840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8-muLj1cpmfgwF126cm_7gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT_zqItkel_xMY6pgJdz-dU_nPAeX1pnAXFK9jpP-Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1RoYvbFQ","e":"AQAB","x5c":["MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAwWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3MgRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cPR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdxsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8ZutmNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxgZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6WPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wlikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQzCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BImlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1OyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90IdshCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6ZvMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqXnLRbwHOoq7hHwg=="],"x5t":"oFM3W_6E6LdIeCx87hWCemr1pAU","x5t#S256":"Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0"}]}
2022-05-11 06:25:29
FetchServerKeys
Found JWK set string
jwk_string
{"keys":[{"kty":"RSA","kid":"xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU","use":"sig","alg":"ES256","n":"zFgxiZmeQcvzeI4muwyWsF0B6hlTfttggiPFisr4DgEswxj4wtCc5-YxZmGtylkykH52Hx8uXWQPKBTKRtSa3Tdj3W85uqSOfeywJVRphulA9UX_KgG0jvvxh5AheNnjzdQvrioZhHYmOBR6Kr4GgggoNVpZ_5thh2WmV1R36K3JCbmuDxDwxP8ZHv0-LeY8m8wuvU_DONwBdippS6Rz2ndQvLm6Et-W9PsWdXII3nU5VTOSjV76ek0QWLemRlYoIS7bSRWqijGa9ke9BB_15XXXivoBc55glmy0Z928mlmoAn5PIMuslb2uHQDHBEpqc5UMpCbU7aee0TMrQxQDsw","e":"AQAB","x5c":["MIIDGDCCAgCgAwIBAgIIPeSzEfXhIykwDQYJKoZIhvcNAQELBQAwKjELMAkGA1UEBhMCdXMxDDAKBgNVBAoTA2libTENMAsGA1UEAxMEaXNhbTAeFw0yMjA0MTEwMDEwMjBaFw0zMjA0MDkwMDEwMjBaMCoxCzAJBgNVBAYTAnVzMQwwCgYDVQQKEwNpYm0xDTALBgNVBAMTBGlzYW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMWDGJmZ5By/N4jia7DJawXQHqGVN+22CCI8WKyvgOASzDGPjC0Jzn5jFmYa3KWTKQfnYfHy5dZA8oFMpG1JrdN2Pdbzm6pI597LAlVGmG6UD1Rf8qAbSO+/GHkCF42ePN1C+uKhmEdiY4FHoqvgaCCCg1Wln/m2GHZaZXVHforckJua4PEPDE/xke/T4t5jybzC69T8M43AF2KmlLpHPad1C8uboS35b0+xZ1cgjedTlVM5KNXvp6TRBYt6ZGVighLttJFaqKMZr2R70EH/XlddeK+gFznmCWbLRn3byaWagCfk8gy6yVva4dAMcESmpzlQykJtTtp57RMytDFAOzAgMBAAGjQjBAMB0GA1UdDgQWBBR1IX33CL3uNO0QkTwJVUnYzEmgFDAfBgNVHSMEGDAWgBR1IX33CL3uNO0QkTwJVUnYzEmgFDANBgkqhkiG9w0BAQsFAAOCAQEArj3+CkR5B6VxznL+qRr3iC3GckoSiGE3nWd6tn5ILgJK3jbFDAqc3UGerxM7GlKsHqjbYh1voLwtFpUJvp/nT6mApmCZ7XPyFM+4fNn7OejuePeN6x69xfjygeGOgMuE3msdUAAV+rEp7ZGM+wqG8WUQEB0Q+r/ZpZrr+4JfWqqbt+RkdvIjt4lHnMSVoQgK1gGmctJgsphSIOxF1XZRIn7OkjYUKlTg801TWh2FZ598NnmqAnz0zbT/mj2w2/E0QcnNCmQuxieeA1ww+clUrqgcYxDWoCvCXKutnA5nS+IAQ6HcgvQi3oSxBg20rb0WKOuPWnNIs7XZK8NzPT2UKw=="],"x5t":"lDgpAobsdMmL4sjOqP-j9XzoT_Y","x5t#S256":"xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU"},{"kty":"EC","kid":"JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg","use":"sig","alg":"ES256","x":"t5bqdouWhI2V1cM261rXswZKfBXQX_pXrNjndOvPTPk","y":"8JIfMkQMvl0Ffl_4IbD0k95d6I5b-rAxN-WI-NM0tKU","crv":"P-256","x5c":["MIIBajCCAQ6gAwIBAgIIY/XXnta+gyswDAYIKoZIzj0EAwIFADAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwHhcNMjIwMzIyMDAyNzI1WhcNNDkwODA3MDAyNzI1WjAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS3lup2i5aEjZXVwzbrWtezBkp8FdBf+les2Od0689M+fCSHzJEDL5dBX5f+CGw9JPeXeiOW/qwMTfliPjTNLSlo0IwQDAdBgNVHQ4EFgQUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwHwYDVR0jBBgwFoAUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwDAYIKoZIzj0EAwIFAANIADBFAiBDimGoKrguaoezKOmcJ8Wm+ivw8bV8bN37DIztpwXoOAIhAOLcCrCwwmm9oS4Jh6aqWF9POnVfbeDMw0yQf0g3gbNK"],"x5t":"Eocy22APs5b9mFhm7JYcHEwFlAQ","x5t#S256":"JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg"},{"kty":"EC","kid":"LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE","use":"sig","alg":"ES256","x":"DxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2Wljc","y":"33mJhmf3sR8Inv1jO0aMn71T6BXclz4rgUathn8OATk","crv":"P-256","x5c":["MIIEajCCA1KgAwIBAgIQP5KHvp0dpKN6nfYoLndaxDANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTUwNTEyMDAwMDAwWhcNMjUwNTExMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTEwLwYDVQQDEyhTeW1hbnRlYyBDbGFzcyAzIEVDQyAyNTYgYml0IFNTTCBDQSAtIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2WljffeYmGZ/exHwie/WM7RoyfvVPoFdyXPiuBRq2Gfw4BOaOCAV0wggFZMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKwYDVR0RBCQwIqQgMB4xHDAaBgNVBAMTE1NZTUMtRUNDLUNBLXAyNTYtMjIwHQYDVR0OBBYEFCXwiuFLetkBlQrtxlPxjHgf2fP4MB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBCwUAA4IBAQAMMGUXBaWTdaLxsTGtcB/naqjIQrLvoV9NG+7MoHpGd/69dZ/h2zOy7sGFUHoG/0HGRA9rxT/5w5GkEVIVkxtWyIWWq6rs4CTZt8Bej/KHYRbojtEDUkCTZSTLiCvguPyvinXgxy+LHT+PmdtEfXsvcdbeBSWUYpOsDYvD2hNtz9dwOd5nBosMApmdxt+z7LQyZu8wMnfI1U6IMO+RWowxZ8uy0oswdFYd32l9xe+aAE/ky9alLu/M9pvxiUKufqHJRgDBKA6uDjHLMPX+/nxXaNCPX3SI4KVZ1stHQ/U5oNlMdHN9umAvlU313g0IgJrjsQ2nIdf9dsdP+6lrmP7s"],"x5t":"_jxBkB82Wcbt3AwcLYXQsg5klhQ","x5t#S256":"LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE"},{"kty":"RSA","kid":"ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98","use":"sig","alg":"ES256","n":"ryQICCl6NZ5gDKrnSztO3Hy8PEUcuyvg_ikC-VcIo2SFFSf18a3IMYldIugqqqZCs4_4uVW3sbdLs_6PfgdX7O9D22ZiFWHPYA2k2N744MNiCD1UE-tJyllUhSblK48bn-v1oZHCM0nYQ2NqUkvSj-hwUU3RiWl7x3D2s9wSdNt7XUtW05a_FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTdOrUZ_wK69Dzu4IvrN4vs9Nes8vbwPa_ddZEzGR0cQMt0JBkhk9kU_qwqUseP1QRJ5I1jR4g8aYPL_ke9K35PxZWuDp3U0UPAZ3PjFAh-5T-fc7gzCs9dPzSHloruU-glFQ","e":"AQAB","x5c":["MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq"],"x5t":"TrbVeEmbHM9fWB6tVr49m2dEpeU","x5t#S256":"ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98"},{"kty":"EC","kid":"RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug","use":"sig","alg":"ES256","x":"4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc_ITa4jVMU9tWRlUvzlgKNcR7E2Munn17v","y":"oOZ_WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuM","crv":"P-384","x5c":["MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBTZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/AbuiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/63qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoBUEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQdEa8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc="],"x5t":"Vu58JwaDFi2DuurMeQ4iRxraq-g","x5t#S256":"RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug"},{"kty":"RSA","kid":"Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE","use":"sig","alg":"ES256","n":"4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U_dDxGkAV53ijSLdhwZAAIEJzs4bg7_fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV_Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C_dxC__AH2hdmoRBBYMql1GNXRor5H4idq9Joz-EkIYIvUX7Q6hL-hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv-zbMUZBfHWymeMr_y7vrTC0LUq7dBMtoM1O_4gdW7jVg_tRvoSSiicNoxBN33shbyTApOB6jtSj1etX-jkMOvJw","e":"AQAB","x5c":["MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQkCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4="],"x5t":"qJhdOmXl5cSy19ZtQMbdL7GcVDY","x5t#S256":"Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE"},{"kty":"RSA","kid":"jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c","use":"sig","alg":"ES256","n":"wfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN-wyKPhXLwhPZpx8vxdBvKd2hZYFL-rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R-Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf_IGjUS6_kIb0Q3twDFV1at8x_uFb2H1q-Rne0iXtTky-rzxah8Kus1F4_9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc_7e4XIYN-nzQhi4nx5F5O4yt_LRbUwHrd0__DZepBKTIMtffrCE6AUPcJJP_HrrTWMpaTenabs7CO-Gf-816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx_OwyA_pOB12L_HB1tRTIaR_AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh_cok9LtpSsAYB-ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B_RT9qkcUhcQaS9a6LrHHGYexmp2_OSQO2zhaJQwFxl7-oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS_DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgc","e":"AQAB","x5c":["MIIFLDCCAxQCCQDlWmWOLdLO/TANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhvcGVubGRhcDAeFw0yMjA0MTIwMDAxMDhaFw00OTA4MjcwMDAxMDhaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCG9wZW5sZGFwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN+wyKPhXLwhPZpx8vxdBvKd2hZYFL+rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R+Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf/IGjUS6/kIb0Q3twDFV1at8x/uFb2H1q+Rne0iXtTky+rzxah8Kus1F4/9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc/7e4XIYN+nzQhi4nx5F5O4yt/LRbUwHrd0//DZepBKTIMtffrCE6AUPcJJP/HrrTWMpaTenabs7CO+Gf+816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx/OwyA/pOB12L/HB1tRTIaR/AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh/cok9LtpSsAYB+ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B/RT9qkcUhcQaS9a6LrHHGYexmp2/OSQO2zhaJQwFxl7+oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS/DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgcCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAQ/8CHXFlDOq8TvDSjWu602G9UiEvqnBUWzZ5TbVQeIH54xzNTCjemx908fknEgSDSy4W1VOmckV9tbNtt3dIUyFna0b7ZzzfVnvGQYynjGPaYYBjnLi/SeHSv6U6qKuvRV7pTXRJadFVBupmARt2L3CxGKRhwu4DJnOKbLMKFy13PifyPurez5tpnVa1/Cl+GmB0oLdLMe9ielMHMNn3B/w+pUcCvwoAADnlfM44S65w2XqfVswNNoacLx1DrzwjX5RoV+ACC2CWOVYcQdJdwT76fBtbo0QJIz3hKLbZqa3TXpprAg49xztukar/7W3PwjYO7VrbGuBHg6h8yHmlUKpVcDJZ7IMVWh+a+ONglDKnBCCew736v1KtZTEG8D5IGeZAd/H9d0YiCcRTSfM+Pml3OO11UI7rycyaiZQfg4YXZ2zpX2GqbAoMTKYGi6KwD2ufn0U85Y7bkGDNyUbaJzdaOtt7F23MZiZdn3ixtgqpXSJv1SRngf7lpfBg7qcu1f3CC5I3vl3J7mIYKKiRsXdK0vwGDrEFSodrnDJsvWZ2mYtaS1l9Q1TII+5a0VLLe6tKWbFEiU6YIVG2Ptyr5Rsbw/bOXzuzjkIDRSEa8kSPQfEfqMZZdMvca9zoKHFFG3xgjHYmfWj5UHBL56G0eKd41HoWx8fa5ws2B4b2shk="],"x5t":"IScnlIM-ZZed9eRjj8iqjI8-oI0","x5t#S256":"jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c"},{"kty":"RSA","kid":"B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0","use":"sig","alg":"ES256","n":"6FocmJCFqZf8gt7QTvM5dPA2n-wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF_is6bl-Jfam5TPCYE7rCEbla4Ivy1uj-LmvLbeDdf6fZoi-p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y_PP13xTNZQpMQSR6Jre8_2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ-YqU4z38BLshPTynZQjr42ORRoxZ-4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL_oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py_U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6_TmnZ1pJfMmLA_VdktmEfhl_rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO-shfiKcJsQKrCrebHTAk","e":"AQAB","x5c":["MIIFLDCCAxQCCQDBbB0qqpk6EDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhwb3N0Z3JlczAeFw0yMjA0MTIwMDAzMDlaFw00OTA4MjcwMDAzMDlaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCHBvc3RncmVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6FocmJCFqZf8gt7QTvM5dPA2n+wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF/is6bl+Jfam5TPCYE7rCEbla4Ivy1uj+LmvLbeDdf6fZoi+p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y/PP13xTNZQpMQSR6Jre8/2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ+YqU4z38BLshPTynZQjr42ORRoxZ+4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL/oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py/U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6/TmnZ1pJfMmLA/VdktmEfhl/rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO+shfiKcJsQKrCrebHTAkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAAaPSzpiFZEG9hAGB+6wRz9tGInO0tCmV+GB/i9PFX572JJiLGEtetYyxv95V5yQrq40Rwl5/ekyZhjd6M56m8HVWiO465e0gMsph3WQe7yyNC+zmYr50II6MtjgaCMSY6WCeE+4rtkUKX4pZpDKEwcJI2UmMfa0iDTp4CTe+n5XfQOLVHh8NaXA3qabaRwtW3JOHhz2FPulDfFD9yTY/yvIBWr/HN89pmVRod9pJ3RjAGXhUFRNcZX/KrKddqchLg57I39qLshWG6tVfirBJzLtBYGsNMoovZjt5K5Msv6gpz2HraAX4stzvkMB1djTgaIuvQLM+3w7cSX6Wnjdz1IDUFdptDfEefLxoOXiMu/YHnYfewzKUXDCzsqM+JejpLSYrHKMLaKIWoTuid/84Rm1AkiQzQpyMn0GcaJNV0h/5oBjeJIBuUkO8pmAPzngamZLIM+F8BssVRsbfSCG2oa75J2qiLCd4kCrAa1kuiDqv+JhBnqu9dQvcqWPNe0POgfG9IG2M2++Jrcs+qdy9Rc6QkkEDifIq4GuKh2a2pvns7DsCjOoRxJBzpTmC86UCQt7leg5JArfXiXQ0ZR/jdOdgn0l1AUSvjqN18q6WgDvhS5R5K+ivpoVItCBQbpyfXBXPWEcZaASZwTVBpP1F+X/w3iHOiYj7IasZzj9DCtQ="],"x5t":"wuGBkt_32Le2KNH8LA4eIvl4OaQ","x5t#S256":"B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0"},{"kty":"EC","kid":"j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws","use":"sig","alg":"ES256","x":"nLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f8","y":"oBXY7xcLQyeSPEII17_fWDi4X_aJ5Wpo3IvIlp1z51E","crv":"P-256","x5c":["MIIFPjCCBOSgAwIBAgIQDcoB0eBgcUSL1tRgbrVe5jAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMXQ2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjEwNzE2MDAwMDAwWhcNMjIwNzE1MjM1OTU5WjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEeMBwGA1UEAxMVc25pLmNsb3VkZmxhcmVzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f+gFdjvFwtDJ5I8QgjXv99YOLhf9onlamjci8iWnXPnUaOCA38wggN7MB8GA1UdIwQYMBaAFKXON+rrsHUOlGeItEX62SQQh5YfMB0GA1UdDgQWBBTUhRahZ5+BtKoZClu71NJoYSmbmTBEBgNVHREEPTA7ghVzbmkuY2xvdWRmbGFyZXNzbC5jb22CESouc2VjdXJpdHlwb2MuY29tgg9zZWN1cml0eXBvYy5jb20wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXqwD+hnAAAEAwBHMEUCIDCBiGTPmSMM2E5j08lHy6CrM5wgXc1cLBz07lH7/oZFAiEAliKe6M4qNjsjvxlExlr24AQyOF0Qm1u+WBKhkVnWLrkAdgBRo7D1/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAXqwD+iiAAAEAwBHMEUCIQC/pzfjwl0K2vzB8Hmn46eLIul2H3wnBITr462hswIc1QIgQcejxHsgdhisnEQT+8tOlmgxwzSaeBNJeqYggd95CskAdwBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXqwD+hCAAAEAwBIMEYCIQDc4nhAUjHHiRC79K5sIQ0qKILeFM6F9OE+/NBi/t/PXgIhALMs8JrmU9MK4VbFbC9E0BqH4oPSm1UF/8TvWRd47VpkMAoGCCqGSM49BAMCA0gAMEUCIQCjcEVBNE/aTnuEWtZ0ZKFKOu4cCj5VEHhS8F87jypXswIgJQVUAsXzFCiohsA7Ng7BJY/T7ASRYg83LjQayEI52Gs="],"x5t":"7JUZWIyx0BZpwO7Zx0MpbufjKEQ","x5t#S256":"j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws"},{"kty":"EC","kid":"OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo","use":"sig","alg":"ES256","x":"ua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj78","y":"u03vYUbEyXPUJE_g7hzObLNRcS9q7kwFCXfTcmKkm9c","crv":"P-256","x5c":["MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVDQyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un+ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFelpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1HgoE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw6DEdfgkfCv4+3ao8XnTSrLE="],"x5t":"s912BtK1qLShN3Hb7MnuHOyvo4o","x5t#S256":"OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo"},{"kty":"RSA","kid":"lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY","use":"sig","alg":"ES256","n":"regkc_QUN_ObnitXKByHvty33ziQjG485legePd1wqL-9Wpu9gBPKNveaIZsRJO2sWP9FBJrvx_S6jGbIX7RMzy6SPXded-zuP8S8SGaS8GKhnFpSmZmbI9-PHC_rSkiBvPkwOaAruJLj7eZfpQDn9NHl3yZSCNT6DiuTwpvgy7RSVeMgHS22i_QOI17A3AhG3XyMDz6j67d2mOr6xZPwo4RS37PC-j_tXcu9LJ7SuBMEiUMcI0DKaDhUyTsE9nuGb8Qs0qMP4mjYVHerIcHlPRjcewu4m9bmIHhiVw0eWx27zuQYnnm26SaLybF0BDhDt7ZEI4W-7f3qPfH5QIHmI82CJXn4jeWDTZ1nvsOcrEdm7wD-UkF2IHdBbQq1kHprAF2lQoP2N_VvRIfNS8oF2zSmMGoCWR3bkc3us6sWV5onX9y1onFBkEpPlk-3Sb1JMkRp1qjTEAfRqGZtac6UW6GO559cqcSBXhZ7T5ReBULA4-N0C8Fsj57ShxLcwUS_Mbq4FATfEOTdLPKdOeOHwEI0DDUW3E2tAe6wTAwXEi3gjuYpn1giqKjKYLMur2DBBuigwNBodYF8RvCtvCofIY7RqhIKojcdpp2vx9qpT0Zj-s482TeyCsNCij_99viFULUItAnXeF5_hjncIitTubZizrG3SdRbv-8ZPUzQ08","e":"AQAB","x5c":["MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZLubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc="],"x5t":"yr0qeaEHajHyHSU2NcsDnUMppeg","x5t#S256":"lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY"},{"kty":"RSA","kid":"Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0","use":"sig","alg":"ES256","n":"uwIVKMz2oJTTDxLsjVWSw_iC8ZmmekKIp10mqrUrucVMsa-Oa_l1yKPXD0eUFFU1V4yeqKI5GfWCPEKpTm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh_o3cbMT5xys4Zvv2-Q7RVJFlqnBU840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8-muLj1cpmfgwF126cm_7gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT_zqItkel_xMY6pgJdz-dU_nPAeX1pnAXFK9jpP-Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1RoYvbFQ","e":"AQAB","x5c":["MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAwWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3MgRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cPR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdxsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8ZutmNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxgZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6WPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wlikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQzCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BImlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1OyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90IdshCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6ZvMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqXnLRbwHOoq7hHwg=="],"x5t":"oFM3W_6E6LdIeCx87hWCemr1pAU","x5t#S256":"Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0"}]}
2022-05-11 06:25:29 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "kid": "xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU",
      "use": "sig",
      "alg": "ES256",
      "n": "zFgxiZmeQcvzeI4muwyWsF0B6hlTfttggiPFisr4DgEswxj4wtCc5-YxZmGtylkykH52Hx8uXWQPKBTKRtSa3Tdj3W85uqSOfeywJVRphulA9UX_KgG0jvvxh5AheNnjzdQvrioZhHYmOBR6Kr4GgggoNVpZ_5thh2WmV1R36K3JCbmuDxDwxP8ZHv0-LeY8m8wuvU_DONwBdippS6Rz2ndQvLm6Et-W9PsWdXII3nU5VTOSjV76ek0QWLemRlYoIS7bSRWqijGa9ke9BB_15XXXivoBc55glmy0Z928mlmoAn5PIMuslb2uHQDHBEpqc5UMpCbU7aee0TMrQxQDsw",
      "e": "AQAB",
      "x5c": [
        "MIIDGDCCAgCgAwIBAgIIPeSzEfXhIykwDQYJKoZIhvcNAQELBQAwKjELMAkGA1UEBhMCdXMxDDAKBgNVBAoTA2libTENMAsGA1UEAxMEaXNhbTAeFw0yMjA0MTEwMDEwMjBaFw0zMjA0MDkwMDEwMjBaMCoxCzAJBgNVBAYTAnVzMQwwCgYDVQQKEwNpYm0xDTALBgNVBAMTBGlzYW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMWDGJmZ5By/N4jia7DJawXQHqGVN+22CCI8WKyvgOASzDGPjC0Jzn5jFmYa3KWTKQfnYfHy5dZA8oFMpG1JrdN2Pdbzm6pI597LAlVGmG6UD1Rf8qAbSO+/GHkCF42ePN1C+uKhmEdiY4FHoqvgaCCCg1Wln/m2GHZaZXVHforckJua4PEPDE/xke/T4t5jybzC69T8M43AF2KmlLpHPad1C8uboS35b0+xZ1cgjedTlVM5KNXvp6TRBYt6ZGVighLttJFaqKMZr2R70EH/XlddeK+gFznmCWbLRn3byaWagCfk8gy6yVva4dAMcESmpzlQykJtTtp57RMytDFAOzAgMBAAGjQjBAMB0GA1UdDgQWBBR1IX33CL3uNO0QkTwJVUnYzEmgFDAfBgNVHSMEGDAWgBR1IX33CL3uNO0QkTwJVUnYzEmgFDANBgkqhkiG9w0BAQsFAAOCAQEArj3+CkR5B6VxznL+qRr3iC3GckoSiGE3nWd6tn5ILgJK3jbFDAqc3UGerxM7GlKsHqjbYh1voLwtFpUJvp/nT6mApmCZ7XPyFM+4fNn7OejuePeN6x69xfjygeGOgMuE3msdUAAV+rEp7ZGM+wqG8WUQEB0Q+r/ZpZrr+4JfWqqbt+RkdvIjt4lHnMSVoQgK1gGmctJgsphSIOxF1XZRIn7OkjYUKlTg801TWh2FZ598NnmqAnz0zbT/mj2w2/E0QcnNCmQuxieeA1ww+clUrqgcYxDWoCvCXKutnA5nS+IAQ6HcgvQi3oSxBg20rb0WKOuPWnNIs7XZK8NzPT2UKw\u003d\u003d"
      ],
      "x5t": "lDgpAobsdMmL4sjOqP-j9XzoT_Y",
      "x5t#S256": "xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU"
    },
    {
      "kty": "EC",
      "kid": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg",
      "use": "sig",
      "alg": "ES256",
      "x": "t5bqdouWhI2V1cM261rXswZKfBXQX_pXrNjndOvPTPk",
      "y": "8JIfMkQMvl0Ffl_4IbD0k95d6I5b-rAxN-WI-NM0tKU",
      "crv": "P-256",
      "x5c": [
        "MIIBajCCAQ6gAwIBAgIIY/XXnta+gyswDAYIKoZIzj0EAwIFADAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwHhcNMjIwMzIyMDAyNzI1WhcNNDkwODA3MDAyNzI1WjAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS3lup2i5aEjZXVwzbrWtezBkp8FdBf+les2Od0689M+fCSHzJEDL5dBX5f+CGw9JPeXeiOW/qwMTfliPjTNLSlo0IwQDAdBgNVHQ4EFgQUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwHwYDVR0jBBgwFoAUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwDAYIKoZIzj0EAwIFAANIADBFAiBDimGoKrguaoezKOmcJ8Wm+ivw8bV8bN37DIztpwXoOAIhAOLcCrCwwmm9oS4Jh6aqWF9POnVfbeDMw0yQf0g3gbNK"
      ],
      "x5t": "Eocy22APs5b9mFhm7JYcHEwFlAQ",
      "x5t#S256": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg"
    },
    {
      "kty": "EC",
      "kid": "LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE",
      "use": "sig",
      "alg": "ES256",
      "x": "DxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2Wljc",
      "y": "33mJhmf3sR8Inv1jO0aMn71T6BXclz4rgUathn8OATk",
      "crv": "P-256",
      "x5c": [
        "MIIEajCCA1KgAwIBAgIQP5KHvp0dpKN6nfYoLndaxDANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTUwNTEyMDAwMDAwWhcNMjUwNTExMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTEwLwYDVQQDEyhTeW1hbnRlYyBDbGFzcyAzIEVDQyAyNTYgYml0IFNTTCBDQSAtIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2WljffeYmGZ/exHwie/WM7RoyfvVPoFdyXPiuBRq2Gfw4BOaOCAV0wggFZMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKwYDVR0RBCQwIqQgMB4xHDAaBgNVBAMTE1NZTUMtRUNDLUNBLXAyNTYtMjIwHQYDVR0OBBYEFCXwiuFLetkBlQrtxlPxjHgf2fP4MB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBCwUAA4IBAQAMMGUXBaWTdaLxsTGtcB/naqjIQrLvoV9NG+7MoHpGd/69dZ/h2zOy7sGFUHoG/0HGRA9rxT/5w5GkEVIVkxtWyIWWq6rs4CTZt8Bej/KHYRbojtEDUkCTZSTLiCvguPyvinXgxy+LHT+PmdtEfXsvcdbeBSWUYpOsDYvD2hNtz9dwOd5nBosMApmdxt+z7LQyZu8wMnfI1U6IMO+RWowxZ8uy0oswdFYd32l9xe+aAE/ky9alLu/M9pvxiUKufqHJRgDBKA6uDjHLMPX+/nxXaNCPX3SI4KVZ1stHQ/U5oNlMdHN9umAvlU313g0IgJrjsQ2nIdf9dsdP+6lrmP7s"
      ],
      "x5t": "_jxBkB82Wcbt3AwcLYXQsg5klhQ",
      "x5t#S256": "LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE"
    },
    {
      "kty": "RSA",
      "kid": "ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98",
      "use": "sig",
      "alg": "ES256",
      "n": "ryQICCl6NZ5gDKrnSztO3Hy8PEUcuyvg_ikC-VcIo2SFFSf18a3IMYldIugqqqZCs4_4uVW3sbdLs_6PfgdX7O9D22ZiFWHPYA2k2N744MNiCD1UE-tJyllUhSblK48bn-v1oZHCM0nYQ2NqUkvSj-hwUU3RiWl7x3D2s9wSdNt7XUtW05a_FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTdOrUZ_wK69Dzu4IvrN4vs9Nes8vbwPa_ddZEzGR0cQMt0JBkhk9kU_qwqUseP1QRJ5I1jR4g8aYPL_ke9K35PxZWuDp3U0UPAZ3PjFAh-5T-fc7gzCs9dPzSHloruU-glFQ",
      "e": "AQAB",
      "x5c": [
        "MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq"
      ],
      "x5t": "TrbVeEmbHM9fWB6tVr49m2dEpeU",
      "x5t#S256": "ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98"
    },
    {
      "kty": "EC",
      "kid": "RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug",
      "use": "sig",
      "alg": "ES256",
      "x": "4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc_ITa4jVMU9tWRlUvzlgKNcR7E2Munn17v",
      "y": "oOZ_WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuM",
      "crv": "P-384",
      "x5c": [
        "MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBTZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/AbuiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/63qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoBUEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQdEa8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc\u003d"
      ],
      "x5t": "Vu58JwaDFi2DuurMeQ4iRxraq-g",
      "x5t#S256": "RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug"
    },
    {
      "kty": "RSA",
      "kid": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE",
      "use": "sig",
      "alg": "ES256",
      "n": "4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U_dDxGkAV53ijSLdhwZAAIEJzs4bg7_fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV_Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C_dxC__AH2hdmoRBBYMql1GNXRor5H4idq9Joz-EkIYIvUX7Q6hL-hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv-zbMUZBfHWymeMr_y7vrTC0LUq7dBMtoM1O_4gdW7jVg_tRvoSSiicNoxBN33shbyTApOB6jtSj1etX-jkMOvJw",
      "e": "AQAB",
      "x5c": [
        "MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQkCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4\u003d"
      ],
      "x5t": "qJhdOmXl5cSy19ZtQMbdL7GcVDY",
      "x5t#S256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE"
    },
    {
      "kty": "RSA",
      "kid": "jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c",
      "use": "sig",
      "alg": "ES256",
      "n": "wfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN-wyKPhXLwhPZpx8vxdBvKd2hZYFL-rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R-Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf_IGjUS6_kIb0Q3twDFV1at8x_uFb2H1q-Rne0iXtTky-rzxah8Kus1F4_9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc_7e4XIYN-nzQhi4nx5F5O4yt_LRbUwHrd0__DZepBKTIMtffrCE6AUPcJJP_HrrTWMpaTenabs7CO-Gf-816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx_OwyA_pOB12L_HB1tRTIaR_AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh_cok9LtpSsAYB-ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B_RT9qkcUhcQaS9a6LrHHGYexmp2_OSQO2zhaJQwFxl7-oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS_DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgc",
      "e": "AQAB",
      "x5c": [
        "MIIFLDCCAxQCCQDlWmWOLdLO/TANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhvcGVubGRhcDAeFw0yMjA0MTIwMDAxMDhaFw00OTA4MjcwMDAxMDhaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCG9wZW5sZGFwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN+wyKPhXLwhPZpx8vxdBvKd2hZYFL+rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R+Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf/IGjUS6/kIb0Q3twDFV1at8x/uFb2H1q+Rne0iXtTky+rzxah8Kus1F4/9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc/7e4XIYN+nzQhi4nx5F5O4yt/LRbUwHrd0//DZepBKTIMtffrCE6AUPcJJP/HrrTWMpaTenabs7CO+Gf+816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx/OwyA/pOB12L/HB1tRTIaR/AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh/cok9LtpSsAYB+ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B/RT9qkcUhcQaS9a6LrHHGYexmp2/OSQO2zhaJQwFxl7+oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS/DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgcCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAQ/8CHXFlDOq8TvDSjWu602G9UiEvqnBUWzZ5TbVQeIH54xzNTCjemx908fknEgSDSy4W1VOmckV9tbNtt3dIUyFna0b7ZzzfVnvGQYynjGPaYYBjnLi/SeHSv6U6qKuvRV7pTXRJadFVBupmARt2L3CxGKRhwu4DJnOKbLMKFy13PifyPurez5tpnVa1/Cl+GmB0oLdLMe9ielMHMNn3B/w+pUcCvwoAADnlfM44S65w2XqfVswNNoacLx1DrzwjX5RoV+ACC2CWOVYcQdJdwT76fBtbo0QJIz3hKLbZqa3TXpprAg49xztukar/7W3PwjYO7VrbGuBHg6h8yHmlUKpVcDJZ7IMVWh+a+ONglDKnBCCew736v1KtZTEG8D5IGeZAd/H9d0YiCcRTSfM+Pml3OO11UI7rycyaiZQfg4YXZ2zpX2GqbAoMTKYGi6KwD2ufn0U85Y7bkGDNyUbaJzdaOtt7F23MZiZdn3ixtgqpXSJv1SRngf7lpfBg7qcu1f3CC5I3vl3J7mIYKKiRsXdK0vwGDrEFSodrnDJsvWZ2mYtaS1l9Q1TII+5a0VLLe6tKWbFEiU6YIVG2Ptyr5Rsbw/bOXzuzjkIDRSEa8kSPQfEfqMZZdMvca9zoKHFFG3xgjHYmfWj5UHBL56G0eKd41HoWx8fa5ws2B4b2shk\u003d"
      ],
      "x5t": "IScnlIM-ZZed9eRjj8iqjI8-oI0",
      "x5t#S256": "jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c"
    },
    {
      "kty": "RSA",
      "kid": "B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0",
      "use": "sig",
      "alg": "ES256",
      "n": "6FocmJCFqZf8gt7QTvM5dPA2n-wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF_is6bl-Jfam5TPCYE7rCEbla4Ivy1uj-LmvLbeDdf6fZoi-p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y_PP13xTNZQpMQSR6Jre8_2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ-YqU4z38BLshPTynZQjr42ORRoxZ-4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL_oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py_U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6_TmnZ1pJfMmLA_VdktmEfhl_rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO-shfiKcJsQKrCrebHTAk",
      "e": "AQAB",
      "x5c": [
        "MIIFLDCCAxQCCQDBbB0qqpk6EDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhwb3N0Z3JlczAeFw0yMjA0MTIwMDAzMDlaFw00OTA4MjcwMDAzMDlaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCHBvc3RncmVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6FocmJCFqZf8gt7QTvM5dPA2n+wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF/is6bl+Jfam5TPCYE7rCEbla4Ivy1uj+LmvLbeDdf6fZoi+p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y/PP13xTNZQpMQSR6Jre8/2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ+YqU4z38BLshPTynZQjr42ORRoxZ+4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL/oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py/U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6/TmnZ1pJfMmLA/VdktmEfhl/rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO+shfiKcJsQKrCrebHTAkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAAaPSzpiFZEG9hAGB+6wRz9tGInO0tCmV+GB/i9PFX572JJiLGEtetYyxv95V5yQrq40Rwl5/ekyZhjd6M56m8HVWiO465e0gMsph3WQe7yyNC+zmYr50II6MtjgaCMSY6WCeE+4rtkUKX4pZpDKEwcJI2UmMfa0iDTp4CTe+n5XfQOLVHh8NaXA3qabaRwtW3JOHhz2FPulDfFD9yTY/yvIBWr/HN89pmVRod9pJ3RjAGXhUFRNcZX/KrKddqchLg57I39qLshWG6tVfirBJzLtBYGsNMoovZjt5K5Msv6gpz2HraAX4stzvkMB1djTgaIuvQLM+3w7cSX6Wnjdz1IDUFdptDfEefLxoOXiMu/YHnYfewzKUXDCzsqM+JejpLSYrHKMLaKIWoTuid/84Rm1AkiQzQpyMn0GcaJNV0h/5oBjeJIBuUkO8pmAPzngamZLIM+F8BssVRsbfSCG2oa75J2qiLCd4kCrAa1kuiDqv+JhBnqu9dQvcqWPNe0POgfG9IG2M2++Jrcs+qdy9Rc6QkkEDifIq4GuKh2a2pvns7DsCjOoRxJBzpTmC86UCQt7leg5JArfXiXQ0ZR/jdOdgn0l1AUSvjqN18q6WgDvhS5R5K+ivpoVItCBQbpyfXBXPWEcZaASZwTVBpP1F+X/w3iHOiYj7IasZzj9DCtQ\u003d"
      ],
      "x5t": "wuGBkt_32Le2KNH8LA4eIvl4OaQ",
      "x5t#S256": "B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0"
    },
    {
      "kty": "EC",
      "kid": "j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws",
      "use": "sig",
      "alg": "ES256",
      "x": "nLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f8",
      "y": "oBXY7xcLQyeSPEII17_fWDi4X_aJ5Wpo3IvIlp1z51E",
      "crv": "P-256",
      "x5c": [
        "MIIFPjCCBOSgAwIBAgIQDcoB0eBgcUSL1tRgbrVe5jAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMXQ2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjEwNzE2MDAwMDAwWhcNMjIwNzE1MjM1OTU5WjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEeMBwGA1UEAxMVc25pLmNsb3VkZmxhcmVzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f+gFdjvFwtDJ5I8QgjXv99YOLhf9onlamjci8iWnXPnUaOCA38wggN7MB8GA1UdIwQYMBaAFKXON+rrsHUOlGeItEX62SQQh5YfMB0GA1UdDgQWBBTUhRahZ5+BtKoZClu71NJoYSmbmTBEBgNVHREEPTA7ghVzbmkuY2xvdWRmbGFyZXNzbC5jb22CESouc2VjdXJpdHlwb2MuY29tgg9zZWN1cml0eXBvYy5jb20wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXqwD+hnAAAEAwBHMEUCIDCBiGTPmSMM2E5j08lHy6CrM5wgXc1cLBz07lH7/oZFAiEAliKe6M4qNjsjvxlExlr24AQyOF0Qm1u+WBKhkVnWLrkAdgBRo7D1/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAXqwD+iiAAAEAwBHMEUCIQC/pzfjwl0K2vzB8Hmn46eLIul2H3wnBITr462hswIc1QIgQcejxHsgdhisnEQT+8tOlmgxwzSaeBNJeqYggd95CskAdwBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXqwD+hCAAAEAwBIMEYCIQDc4nhAUjHHiRC79K5sIQ0qKILeFM6F9OE+/NBi/t/PXgIhALMs8JrmU9MK4VbFbC9E0BqH4oPSm1UF/8TvWRd47VpkMAoGCCqGSM49BAMCA0gAMEUCIQCjcEVBNE/aTnuEWtZ0ZKFKOu4cCj5VEHhS8F87jypXswIgJQVUAsXzFCiohsA7Ng7BJY/T7ASRYg83LjQayEI52Gs\u003d"
      ],
      "x5t": "7JUZWIyx0BZpwO7Zx0MpbufjKEQ",
      "x5t#S256": "j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws"
    },
    {
      "kty": "EC",
      "kid": "OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo",
      "use": "sig",
      "alg": "ES256",
      "x": "ua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj78",
      "y": "u03vYUbEyXPUJE_g7hzObLNRcS9q7kwFCXfTcmKkm9c",
      "crv": "P-256",
      "x5c": [
        "MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVDQyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un+ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFelpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1HgoE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw6DEdfgkfCv4+3ao8XnTSrLE\u003d"
      ],
      "x5t": "s912BtK1qLShN3Hb7MnuHOyvo4o",
      "x5t#S256": "OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo"
    },
    {
      "kty": "RSA",
      "kid": "lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY",
      "use": "sig",
      "alg": "ES256",
      "n": "regkc_QUN_ObnitXKByHvty33ziQjG485legePd1wqL-9Wpu9gBPKNveaIZsRJO2sWP9FBJrvx_S6jGbIX7RMzy6SPXded-zuP8S8SGaS8GKhnFpSmZmbI9-PHC_rSkiBvPkwOaAruJLj7eZfpQDn9NHl3yZSCNT6DiuTwpvgy7RSVeMgHS22i_QOI17A3AhG3XyMDz6j67d2mOr6xZPwo4RS37PC-j_tXcu9LJ7SuBMEiUMcI0DKaDhUyTsE9nuGb8Qs0qMP4mjYVHerIcHlPRjcewu4m9bmIHhiVw0eWx27zuQYnnm26SaLybF0BDhDt7ZEI4W-7f3qPfH5QIHmI82CJXn4jeWDTZ1nvsOcrEdm7wD-UkF2IHdBbQq1kHprAF2lQoP2N_VvRIfNS8oF2zSmMGoCWR3bkc3us6sWV5onX9y1onFBkEpPlk-3Sb1JMkRp1qjTEAfRqGZtac6UW6GO559cqcSBXhZ7T5ReBULA4-N0C8Fsj57ShxLcwUS_Mbq4FATfEOTdLPKdOeOHwEI0DDUW3E2tAe6wTAwXEi3gjuYpn1giqKjKYLMur2DBBuigwNBodYF8RvCtvCofIY7RqhIKojcdpp2vx9qpT0Zj-s482TeyCsNCij_99viFULUItAnXeF5_hjncIitTubZizrG3SdRbv-8ZPUzQ08",
      "e": "AQAB",
      "x5c": [
        "MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZLubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc\u003d"
      ],
      "x5t": "yr0qeaEHajHyHSU2NcsDnUMppeg",
      "x5t#S256": "lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY"
    },
    {
      "kty": "RSA",
      "kid": "Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0",
      "use": "sig",
      "alg": "ES256",
      "n": "uwIVKMz2oJTTDxLsjVWSw_iC8ZmmekKIp10mqrUrucVMsa-Oa_l1yKPXD0eUFFU1V4yeqKI5GfWCPEKpTm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh_o3cbMT5xys4Zvv2-Q7RVJFlqnBU840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8-muLj1cpmfgwF126cm_7gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT_zqItkel_xMY6pgJdz-dU_nPAeX1pnAXFK9jpP-Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1RoYvbFQ",
      "e": "AQAB",
      "x5c": [
        "MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAwWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3MgRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cPR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdxsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8ZutmNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxgZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6WPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wlikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQzCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BImlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1OyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90IdshCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6ZvMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqXnLRbwHOoq7hHwg\u003d\u003d"
      ],
      "x5t": "oFM3W_6E6LdIeCx87hWCemr1pAU",
      "x5t#S256": "Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0"
    }
  ]
}
2022-05-11 06:25:29 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "kid": "xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU",
      "use": "sig",
      "alg": "ES256",
      "n": "zFgxiZmeQcvzeI4muwyWsF0B6hlTfttggiPFisr4DgEswxj4wtCc5-YxZmGtylkykH52Hx8uXWQPKBTKRtSa3Tdj3W85uqSOfeywJVRphulA9UX_KgG0jvvxh5AheNnjzdQvrioZhHYmOBR6Kr4GgggoNVpZ_5thh2WmV1R36K3JCbmuDxDwxP8ZHv0-LeY8m8wuvU_DONwBdippS6Rz2ndQvLm6Et-W9PsWdXII3nU5VTOSjV76ek0QWLemRlYoIS7bSRWqijGa9ke9BB_15XXXivoBc55glmy0Z928mlmoAn5PIMuslb2uHQDHBEpqc5UMpCbU7aee0TMrQxQDsw",
      "e": "AQAB",
      "x5c": [
        "MIIDGDCCAgCgAwIBAgIIPeSzEfXhIykwDQYJKoZIhvcNAQELBQAwKjELMAkGA1UEBhMCdXMxDDAKBgNVBAoTA2libTENMAsGA1UEAxMEaXNhbTAeFw0yMjA0MTEwMDEwMjBaFw0zMjA0MDkwMDEwMjBaMCoxCzAJBgNVBAYTAnVzMQwwCgYDVQQKEwNpYm0xDTALBgNVBAMTBGlzYW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMWDGJmZ5By/N4jia7DJawXQHqGVN+22CCI8WKyvgOASzDGPjC0Jzn5jFmYa3KWTKQfnYfHy5dZA8oFMpG1JrdN2Pdbzm6pI597LAlVGmG6UD1Rf8qAbSO+/GHkCF42ePN1C+uKhmEdiY4FHoqvgaCCCg1Wln/m2GHZaZXVHforckJua4PEPDE/xke/T4t5jybzC69T8M43AF2KmlLpHPad1C8uboS35b0+xZ1cgjedTlVM5KNXvp6TRBYt6ZGVighLttJFaqKMZr2R70EH/XlddeK+gFznmCWbLRn3byaWagCfk8gy6yVva4dAMcESmpzlQykJtTtp57RMytDFAOzAgMBAAGjQjBAMB0GA1UdDgQWBBR1IX33CL3uNO0QkTwJVUnYzEmgFDAfBgNVHSMEGDAWgBR1IX33CL3uNO0QkTwJVUnYzEmgFDANBgkqhkiG9w0BAQsFAAOCAQEArj3+CkR5B6VxznL+qRr3iC3GckoSiGE3nWd6tn5ILgJK3jbFDAqc3UGerxM7GlKsHqjbYh1voLwtFpUJvp/nT6mApmCZ7XPyFM+4fNn7OejuePeN6x69xfjygeGOgMuE3msdUAAV+rEp7ZGM+wqG8WUQEB0Q+r/ZpZrr+4JfWqqbt+RkdvIjt4lHnMSVoQgK1gGmctJgsphSIOxF1XZRIn7OkjYUKlTg801TWh2FZ598NnmqAnz0zbT/mj2w2/E0QcnNCmQuxieeA1ww+clUrqgcYxDWoCvCXKutnA5nS+IAQ6HcgvQi3oSxBg20rb0WKOuPWnNIs7XZK8NzPT2UKw\u003d\u003d"
      ],
      "x5t": "lDgpAobsdMmL4sjOqP-j9XzoT_Y",
      "x5t#S256": "xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU"
    },
    {
      "kty": "EC",
      "kid": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg",
      "use": "sig",
      "alg": "ES256",
      "x": "t5bqdouWhI2V1cM261rXswZKfBXQX_pXrNjndOvPTPk",
      "y": "8JIfMkQMvl0Ffl_4IbD0k95d6I5b-rAxN-WI-NM0tKU",
      "crv": "P-256",
      "x5c": [
        "MIIBajCCAQ6gAwIBAgIIY/XXnta+gyswDAYIKoZIzj0EAwIFADAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwHhcNMjIwMzIyMDAyNzI1WhcNNDkwODA3MDAyNzI1WjAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS3lup2i5aEjZXVwzbrWtezBkp8FdBf+les2Od0689M+fCSHzJEDL5dBX5f+CGw9JPeXeiOW/qwMTfliPjTNLSlo0IwQDAdBgNVHQ4EFgQUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwHwYDVR0jBBgwFoAUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwDAYIKoZIzj0EAwIFAANIADBFAiBDimGoKrguaoezKOmcJ8Wm+ivw8bV8bN37DIztpwXoOAIhAOLcCrCwwmm9oS4Jh6aqWF9POnVfbeDMw0yQf0g3gbNK"
      ],
      "x5t": "Eocy22APs5b9mFhm7JYcHEwFlAQ",
      "x5t#S256": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg"
    },
    {
      "kty": "EC",
      "kid": "LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE",
      "use": "sig",
      "alg": "ES256",
      "x": "DxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2Wljc",
      "y": "33mJhmf3sR8Inv1jO0aMn71T6BXclz4rgUathn8OATk",
      "crv": "P-256",
      "x5c": [
        "MIIEajCCA1KgAwIBAgIQP5KHvp0dpKN6nfYoLndaxDANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTUwNTEyMDAwMDAwWhcNMjUwNTExMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTEwLwYDVQQDEyhTeW1hbnRlYyBDbGFzcyAzIEVDQyAyNTYgYml0IFNTTCBDQSAtIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2WljffeYmGZ/exHwie/WM7RoyfvVPoFdyXPiuBRq2Gfw4BOaOCAV0wggFZMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKwYDVR0RBCQwIqQgMB4xHDAaBgNVBAMTE1NZTUMtRUNDLUNBLXAyNTYtMjIwHQYDVR0OBBYEFCXwiuFLetkBlQrtxlPxjHgf2fP4MB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBCwUAA4IBAQAMMGUXBaWTdaLxsTGtcB/naqjIQrLvoV9NG+7MoHpGd/69dZ/h2zOy7sGFUHoG/0HGRA9rxT/5w5GkEVIVkxtWyIWWq6rs4CTZt8Bej/KHYRbojtEDUkCTZSTLiCvguPyvinXgxy+LHT+PmdtEfXsvcdbeBSWUYpOsDYvD2hNtz9dwOd5nBosMApmdxt+z7LQyZu8wMnfI1U6IMO+RWowxZ8uy0oswdFYd32l9xe+aAE/ky9alLu/M9pvxiUKufqHJRgDBKA6uDjHLMPX+/nxXaNCPX3SI4KVZ1stHQ/U5oNlMdHN9umAvlU313g0IgJrjsQ2nIdf9dsdP+6lrmP7s"
      ],
      "x5t": "_jxBkB82Wcbt3AwcLYXQsg5klhQ",
      "x5t#S256": "LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE"
    },
    {
      "kty": "RSA",
      "kid": "ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98",
      "use": "sig",
      "alg": "ES256",
      "n": "ryQICCl6NZ5gDKrnSztO3Hy8PEUcuyvg_ikC-VcIo2SFFSf18a3IMYldIugqqqZCs4_4uVW3sbdLs_6PfgdX7O9D22ZiFWHPYA2k2N744MNiCD1UE-tJyllUhSblK48bn-v1oZHCM0nYQ2NqUkvSj-hwUU3RiWl7x3D2s9wSdNt7XUtW05a_FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTdOrUZ_wK69Dzu4IvrN4vs9Nes8vbwPa_ddZEzGR0cQMt0JBkhk9kU_qwqUseP1QRJ5I1jR4g8aYPL_ke9K35PxZWuDp3U0UPAZ3PjFAh-5T-fc7gzCs9dPzSHloruU-glFQ",
      "e": "AQAB",
      "x5c": [
        "MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq"
      ],
      "x5t": "TrbVeEmbHM9fWB6tVr49m2dEpeU",
      "x5t#S256": "ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98"
    },
    {
      "kty": "EC",
      "kid": "RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug",
      "use": "sig",
      "alg": "ES256",
      "x": "4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc_ITa4jVMU9tWRlUvzlgKNcR7E2Munn17v",
      "y": "oOZ_WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuM",
      "crv": "P-384",
      "x5c": [
        "MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBTZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/AbuiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/63qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoBUEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQdEa8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc\u003d"
      ],
      "x5t": "Vu58JwaDFi2DuurMeQ4iRxraq-g",
      "x5t#S256": "RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug"
    },
    {
      "kty": "RSA",
      "kid": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE",
      "use": "sig",
      "alg": "ES256",
      "n": "4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U_dDxGkAV53ijSLdhwZAAIEJzs4bg7_fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV_Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C_dxC__AH2hdmoRBBYMql1GNXRor5H4idq9Joz-EkIYIvUX7Q6hL-hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv-zbMUZBfHWymeMr_y7vrTC0LUq7dBMtoM1O_4gdW7jVg_tRvoSSiicNoxBN33shbyTApOB6jtSj1etX-jkMOvJw",
      "e": "AQAB",
      "x5c": [
        "MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQkCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4\u003d"
      ],
      "x5t": "qJhdOmXl5cSy19ZtQMbdL7GcVDY",
      "x5t#S256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE"
    },
    {
      "kty": "RSA",
      "kid": "jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c",
      "use": "sig",
      "alg": "ES256",
      "n": "wfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN-wyKPhXLwhPZpx8vxdBvKd2hZYFL-rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R-Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf_IGjUS6_kIb0Q3twDFV1at8x_uFb2H1q-Rne0iXtTky-rzxah8Kus1F4_9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc_7e4XIYN-nzQhi4nx5F5O4yt_LRbUwHrd0__DZepBKTIMtffrCE6AUPcJJP_HrrTWMpaTenabs7CO-Gf-816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx_OwyA_pOB12L_HB1tRTIaR_AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh_cok9LtpSsAYB-ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B_RT9qkcUhcQaS9a6LrHHGYexmp2_OSQO2zhaJQwFxl7-oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS_DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgc",
      "e": "AQAB",
      "x5c": [
        "MIIFLDCCAxQCCQDlWmWOLdLO/TANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhvcGVubGRhcDAeFw0yMjA0MTIwMDAxMDhaFw00OTA4MjcwMDAxMDhaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCG9wZW5sZGFwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN+wyKPhXLwhPZpx8vxdBvKd2hZYFL+rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R+Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf/IGjUS6/kIb0Q3twDFV1at8x/uFb2H1q+Rne0iXtTky+rzxah8Kus1F4/9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc/7e4XIYN+nzQhi4nx5F5O4yt/LRbUwHrd0//DZepBKTIMtffrCE6AUPcJJP/HrrTWMpaTenabs7CO+Gf+816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx/OwyA/pOB12L/HB1tRTIaR/AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh/cok9LtpSsAYB+ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B/RT9qkcUhcQaS9a6LrHHGYexmp2/OSQO2zhaJQwFxl7+oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS/DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgcCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAQ/8CHXFlDOq8TvDSjWu602G9UiEvqnBUWzZ5TbVQeIH54xzNTCjemx908fknEgSDSy4W1VOmckV9tbNtt3dIUyFna0b7ZzzfVnvGQYynjGPaYYBjnLi/SeHSv6U6qKuvRV7pTXRJadFVBupmARt2L3CxGKRhwu4DJnOKbLMKFy13PifyPurez5tpnVa1/Cl+GmB0oLdLMe9ielMHMNn3B/w+pUcCvwoAADnlfM44S65w2XqfVswNNoacLx1DrzwjX5RoV+ACC2CWOVYcQdJdwT76fBtbo0QJIz3hKLbZqa3TXpprAg49xztukar/7W3PwjYO7VrbGuBHg6h8yHmlUKpVcDJZ7IMVWh+a+ONglDKnBCCew736v1KtZTEG8D5IGeZAd/H9d0YiCcRTSfM+Pml3OO11UI7rycyaiZQfg4YXZ2zpX2GqbAoMTKYGi6KwD2ufn0U85Y7bkGDNyUbaJzdaOtt7F23MZiZdn3ixtgqpXSJv1SRngf7lpfBg7qcu1f3CC5I3vl3J7mIYKKiRsXdK0vwGDrEFSodrnDJsvWZ2mYtaS1l9Q1TII+5a0VLLe6tKWbFEiU6YIVG2Ptyr5Rsbw/bOXzuzjkIDRSEa8kSPQfEfqMZZdMvca9zoKHFFG3xgjHYmfWj5UHBL56G0eKd41HoWx8fa5ws2B4b2shk\u003d"
      ],
      "x5t": "IScnlIM-ZZed9eRjj8iqjI8-oI0",
      "x5t#S256": "jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c"
    },
    {
      "kty": "RSA",
      "kid": "B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0",
      "use": "sig",
      "alg": "ES256",
      "n": "6FocmJCFqZf8gt7QTvM5dPA2n-wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF_is6bl-Jfam5TPCYE7rCEbla4Ivy1uj-LmvLbeDdf6fZoi-p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y_PP13xTNZQpMQSR6Jre8_2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ-YqU4z38BLshPTynZQjr42ORRoxZ-4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL_oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py_U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6_TmnZ1pJfMmLA_VdktmEfhl_rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO-shfiKcJsQKrCrebHTAk",
      "e": "AQAB",
      "x5c": [
        "MIIFLDCCAxQCCQDBbB0qqpk6EDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhwb3N0Z3JlczAeFw0yMjA0MTIwMDAzMDlaFw00OTA4MjcwMDAzMDlaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCHBvc3RncmVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6FocmJCFqZf8gt7QTvM5dPA2n+wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF/is6bl+Jfam5TPCYE7rCEbla4Ivy1uj+LmvLbeDdf6fZoi+p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y/PP13xTNZQpMQSR6Jre8/2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ+YqU4z38BLshPTynZQjr42ORRoxZ+4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL/oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py/U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6/TmnZ1pJfMmLA/VdktmEfhl/rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO+shfiKcJsQKrCrebHTAkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAAaPSzpiFZEG9hAGB+6wRz9tGInO0tCmV+GB/i9PFX572JJiLGEtetYyxv95V5yQrq40Rwl5/ekyZhjd6M56m8HVWiO465e0gMsph3WQe7yyNC+zmYr50II6MtjgaCMSY6WCeE+4rtkUKX4pZpDKEwcJI2UmMfa0iDTp4CTe+n5XfQOLVHh8NaXA3qabaRwtW3JOHhz2FPulDfFD9yTY/yvIBWr/HN89pmVRod9pJ3RjAGXhUFRNcZX/KrKddqchLg57I39qLshWG6tVfirBJzLtBYGsNMoovZjt5K5Msv6gpz2HraAX4stzvkMB1djTgaIuvQLM+3w7cSX6Wnjdz1IDUFdptDfEefLxoOXiMu/YHnYfewzKUXDCzsqM+JejpLSYrHKMLaKIWoTuid/84Rm1AkiQzQpyMn0GcaJNV0h/5oBjeJIBuUkO8pmAPzngamZLIM+F8BssVRsbfSCG2oa75J2qiLCd4kCrAa1kuiDqv+JhBnqu9dQvcqWPNe0POgfG9IG2M2++Jrcs+qdy9Rc6QkkEDifIq4GuKh2a2pvns7DsCjOoRxJBzpTmC86UCQt7leg5JArfXiXQ0ZR/jdOdgn0l1AUSvjqN18q6WgDvhS5R5K+ivpoVItCBQbpyfXBXPWEcZaASZwTVBpP1F+X/w3iHOiYj7IasZzj9DCtQ\u003d"
      ],
      "x5t": "wuGBkt_32Le2KNH8LA4eIvl4OaQ",
      "x5t#S256": "B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0"
    },
    {
      "kty": "EC",
      "kid": "j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws",
      "use": "sig",
      "alg": "ES256",
      "x": "nLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f8",
      "y": "oBXY7xcLQyeSPEII17_fWDi4X_aJ5Wpo3IvIlp1z51E",
      "crv": "P-256",
      "x5c": [
        "MIIFPjCCBOSgAwIBAgIQDcoB0eBgcUSL1tRgbrVe5jAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMXQ2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjEwNzE2MDAwMDAwWhcNMjIwNzE1MjM1OTU5WjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEeMBwGA1UEAxMVc25pLmNsb3VkZmxhcmVzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f+gFdjvFwtDJ5I8QgjXv99YOLhf9onlamjci8iWnXPnUaOCA38wggN7MB8GA1UdIwQYMBaAFKXON+rrsHUOlGeItEX62SQQh5YfMB0GA1UdDgQWBBTUhRahZ5+BtKoZClu71NJoYSmbmTBEBgNVHREEPTA7ghVzbmkuY2xvdWRmbGFyZXNzbC5jb22CESouc2VjdXJpdHlwb2MuY29tgg9zZWN1cml0eXBvYy5jb20wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXqwD+hnAAAEAwBHMEUCIDCBiGTPmSMM2E5j08lHy6CrM5wgXc1cLBz07lH7/oZFAiEAliKe6M4qNjsjvxlExlr24AQyOF0Qm1u+WBKhkVnWLrkAdgBRo7D1/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAXqwD+iiAAAEAwBHMEUCIQC/pzfjwl0K2vzB8Hmn46eLIul2H3wnBITr462hswIc1QIgQcejxHsgdhisnEQT+8tOlmgxwzSaeBNJeqYggd95CskAdwBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXqwD+hCAAAEAwBIMEYCIQDc4nhAUjHHiRC79K5sIQ0qKILeFM6F9OE+/NBi/t/PXgIhALMs8JrmU9MK4VbFbC9E0BqH4oPSm1UF/8TvWRd47VpkMAoGCCqGSM49BAMCA0gAMEUCIQCjcEVBNE/aTnuEWtZ0ZKFKOu4cCj5VEHhS8F87jypXswIgJQVUAsXzFCiohsA7Ng7BJY/T7ASRYg83LjQayEI52Gs\u003d"
      ],
      "x5t": "7JUZWIyx0BZpwO7Zx0MpbufjKEQ",
      "x5t#S256": "j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws"
    },
    {
      "kty": "EC",
      "kid": "OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo",
      "use": "sig",
      "alg": "ES256",
      "x": "ua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj78",
      "y": "u03vYUbEyXPUJE_g7hzObLNRcS9q7kwFCXfTcmKkm9c",
      "crv": "P-256",
      "x5c": [
        "MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVDQyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un+ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFelpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1HgoE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw6DEdfgkfCv4+3ao8XnTSrLE\u003d"
      ],
      "x5t": "s912BtK1qLShN3Hb7MnuHOyvo4o",
      "x5t#S256": "OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo"
    },
    {
      "kty": "RSA",
      "kid": "lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY",
      "use": "sig",
      "alg": "ES256",
      "n": "regkc_QUN_ObnitXKByHvty33ziQjG485legePd1wqL-9Wpu9gBPKNveaIZsRJO2sWP9FBJrvx_S6jGbIX7RMzy6SPXded-zuP8S8SGaS8GKhnFpSmZmbI9-PHC_rSkiBvPkwOaAruJLj7eZfpQDn9NHl3yZSCNT6DiuTwpvgy7RSVeMgHS22i_QOI17A3AhG3XyMDz6j67d2mOr6xZPwo4RS37PC-j_tXcu9LJ7SuBMEiUMcI0DKaDhUyTsE9nuGb8Qs0qMP4mjYVHerIcHlPRjcewu4m9bmIHhiVw0eWx27zuQYnnm26SaLybF0BDhDt7ZEI4W-7f3qPfH5QIHmI82CJXn4jeWDTZ1nvsOcrEdm7wD-UkF2IHdBbQq1kHprAF2lQoP2N_VvRIfNS8oF2zSmMGoCWR3bkc3us6sWV5onX9y1onFBkEpPlk-3Sb1JMkRp1qjTEAfRqGZtac6UW6GO559cqcSBXhZ7T5ReBULA4-N0C8Fsj57ShxLcwUS_Mbq4FATfEOTdLPKdOeOHwEI0DDUW3E2tAe6wTAwXEi3gjuYpn1giqKjKYLMur2DBBuigwNBodYF8RvCtvCofIY7RqhIKojcdpp2vx9qpT0Zj-s482TeyCsNCij_99viFULUItAnXeF5_hjncIitTubZizrG3SdRbv-8ZPUzQ08",
      "e": "AQAB",
      "x5c": [
        "MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZLubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc\u003d"
      ],
      "x5t": "yr0qeaEHajHyHSU2NcsDnUMppeg",
      "x5t#S256": "lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY"
    },
    {
      "kty": "RSA",
      "kid": "Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0",
      "use": "sig",
      "alg": "ES256",
      "n": "uwIVKMz2oJTTDxLsjVWSw_iC8ZmmekKIp10mqrUrucVMsa-Oa_l1yKPXD0eUFFU1V4yeqKI5GfWCPEKpTm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh_o3cbMT5xys4Zvv2-Q7RVJFlqnBU840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8-muLj1cpmfgwF126cm_7gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT_zqItkel_xMY6pgJdz-dU_nPAeX1pnAXFK9jpP-Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1RoYvbFQ",
      "e": "AQAB",
      "x5c": [
        "MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAwWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3MgRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cPR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdxsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8ZutmNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxgZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6WPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wlikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQzCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BImlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1OyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90IdshCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6ZvMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqXnLRbwHOoq7hHwg\u003d\u003d"
      ],
      "x5t": "oFM3W_6E6LdIeCx87hWCemr1pAU",
      "x5t#S256": "Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0"
    }
  ]
}
2022-05-11 06:25:29 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-05-11 06:25:29 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-05-11 06:25:29 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-05-11 06:25:29 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "kty": "RSA",
      "kid": "xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU",
      "use": "sig",
      "alg": "ES256",
      "n": "zFgxiZmeQcvzeI4muwyWsF0B6hlTfttggiPFisr4DgEswxj4wtCc5-YxZmGtylkykH52Hx8uXWQPKBTKRtSa3Tdj3W85uqSOfeywJVRphulA9UX_KgG0jvvxh5AheNnjzdQvrioZhHYmOBR6Kr4GgggoNVpZ_5thh2WmV1R36K3JCbmuDxDwxP8ZHv0-LeY8m8wuvU_DONwBdippS6Rz2ndQvLm6Et-W9PsWdXII3nU5VTOSjV76ek0QWLemRlYoIS7bSRWqijGa9ke9BB_15XXXivoBc55glmy0Z928mlmoAn5PIMuslb2uHQDHBEpqc5UMpCbU7aee0TMrQxQDsw",
      "e": "AQAB",
      "x5c": [
        "MIIDGDCCAgCgAwIBAgIIPeSzEfXhIykwDQYJKoZIhvcNAQELBQAwKjELMAkGA1UEBhMCdXMxDDAKBgNVBAoTA2libTENMAsGA1UEAxMEaXNhbTAeFw0yMjA0MTEwMDEwMjBaFw0zMjA0MDkwMDEwMjBaMCoxCzAJBgNVBAYTAnVzMQwwCgYDVQQKEwNpYm0xDTALBgNVBAMTBGlzYW0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMWDGJmZ5By/N4jia7DJawXQHqGVN+22CCI8WKyvgOASzDGPjC0Jzn5jFmYa3KWTKQfnYfHy5dZA8oFMpG1JrdN2Pdbzm6pI597LAlVGmG6UD1Rf8qAbSO+/GHkCF42ePN1C+uKhmEdiY4FHoqvgaCCCg1Wln/m2GHZaZXVHforckJua4PEPDE/xke/T4t5jybzC69T8M43AF2KmlLpHPad1C8uboS35b0+xZ1cgjedTlVM5KNXvp6TRBYt6ZGVighLttJFaqKMZr2R70EH/XlddeK+gFznmCWbLRn3byaWagCfk8gy6yVva4dAMcESmpzlQykJtTtp57RMytDFAOzAgMBAAGjQjBAMB0GA1UdDgQWBBR1IX33CL3uNO0QkTwJVUnYzEmgFDAfBgNVHSMEGDAWgBR1IX33CL3uNO0QkTwJVUnYzEmgFDANBgkqhkiG9w0BAQsFAAOCAQEArj3+CkR5B6VxznL+qRr3iC3GckoSiGE3nWd6tn5ILgJK3jbFDAqc3UGerxM7GlKsHqjbYh1voLwtFpUJvp/nT6mApmCZ7XPyFM+4fNn7OejuePeN6x69xfjygeGOgMuE3msdUAAV+rEp7ZGM+wqG8WUQEB0Q+r/ZpZrr+4JfWqqbt+RkdvIjt4lHnMSVoQgK1gGmctJgsphSIOxF1XZRIn7OkjYUKlTg801TWh2FZ598NnmqAnz0zbT/mj2w2/E0QcnNCmQuxieeA1ww+clUrqgcYxDWoCvCXKutnA5nS+IAQ6HcgvQi3oSxBg20rb0WKOuPWnNIs7XZK8NzPT2UKw\u003d\u003d"
      ],
      "x5t": "lDgpAobsdMmL4sjOqP-j9XzoT_Y",
      "x5t#S256": "xw3CGrEOKYken61T1sfeSgR_qH9PEWCCLZpLAeVSNyU"
    },
    {
      "kty": "EC",
      "kid": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg",
      "use": "sig",
      "alg": "ES256",
      "x": "t5bqdouWhI2V1cM261rXswZKfBXQX_pXrNjndOvPTPk",
      "y": "8JIfMkQMvl0Ffl_4IbD0k95d6I5b-rAxN-WI-NM0tKU",
      "crv": "P-256",
      "x5c": [
        "MIIBajCCAQ6gAwIBAgIIY/XXnta+gyswDAYIKoZIzj0EAwIFADAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwHhcNMjIwMzIyMDAyNzI1WhcNNDkwODA3MDAyNzI1WjAXMRUwEwYDVQQDDAx0b2tlbl9zaWduZXIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS3lup2i5aEjZXVwzbrWtezBkp8FdBf+les2Od0689M+fCSHzJEDL5dBX5f+CGw9JPeXeiOW/qwMTfliPjTNLSlo0IwQDAdBgNVHQ4EFgQUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwHwYDVR0jBBgwFoAUx5Y3qy0OA4eNBv/rFLIWtGUqxrYwDAYIKoZIzj0EAwIFAANIADBFAiBDimGoKrguaoezKOmcJ8Wm+ivw8bV8bN37DIztpwXoOAIhAOLcCrCwwmm9oS4Jh6aqWF9POnVfbeDMw0yQf0g3gbNK"
      ],
      "x5t": "Eocy22APs5b9mFhm7JYcHEwFlAQ",
      "x5t#S256": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg"
    },
    {
      "kty": "EC",
      "kid": "LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE",
      "use": "sig",
      "alg": "ES256",
      "x": "DxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2Wljc",
      "y": "33mJhmf3sR8Inv1jO0aMn71T6BXclz4rgUathn8OATk",
      "crv": "P-256",
      "x5c": [
        "MIIEajCCA1KgAwIBAgIQP5KHvp0dpKN6nfYoLndaxDANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTUwNTEyMDAwMDAwWhcNMjUwNTExMjM1OTU5WjCBgDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTEwLwYDVQQDEyhTeW1hbnRlYyBDbGFzcyAzIEVDQyAyNTYgYml0IFNTTCBDQSAtIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEDxukkdfnrOfRTk63ZFvhj39uBNOrONtEt0Bcbb2WljffeYmGZ/exHwie/WM7RoyfvVPoFdyXPiuBRq2Gfw4BOaOCAV0wggFZMC4GCCsGAQUFBwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwZQYDVR0gBF4wXDBaBgpghkgBhvhFAQc2MEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9zLnN5bWNiLmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKwYDVR0RBCQwIqQgMB4xHDAaBgNVBAMTE1NZTUMtRUNDLUNBLXAyNTYtMjIwHQYDVR0OBBYEFCXwiuFLetkBlQrtxlPxjHgf2fP4MB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBCwUAA4IBAQAMMGUXBaWTdaLxsTGtcB/naqjIQrLvoV9NG+7MoHpGd/69dZ/h2zOy7sGFUHoG/0HGRA9rxT/5w5GkEVIVkxtWyIWWq6rs4CTZt8Bej/KHYRbojtEDUkCTZSTLiCvguPyvinXgxy+LHT+PmdtEfXsvcdbeBSWUYpOsDYvD2hNtz9dwOd5nBosMApmdxt+z7LQyZu8wMnfI1U6IMO+RWowxZ8uy0oswdFYd32l9xe+aAE/ky9alLu/M9pvxiUKufqHJRgDBKA6uDjHLMPX+/nxXaNCPX3SI4KVZ1stHQ/U5oNlMdHN9umAvlU313g0IgJrjsQ2nIdf9dsdP+6lrmP7s"
      ],
      "x5t": "_jxBkB82Wcbt3AwcLYXQsg5klhQ",
      "x5t#S256": "LihhKJtczt7K5MMb8mLg-wwptsFTBXNEJzHKZdgh6QE"
    },
    {
      "kty": "RSA",
      "kid": "ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98",
      "use": "sig",
      "alg": "ES256",
      "n": "ryQICCl6NZ5gDKrnSztO3Hy8PEUcuyvg_ikC-VcIo2SFFSf18a3IMYldIugqqqZCs4_4uVW3sbdLs_6PfgdX7O9D22ZiFWHPYA2k2N744MNiCD1UE-tJyllUhSblK48bn-v1oZHCM0nYQ2NqUkvSj-hwUU3RiWl7x3D2s9wSdNt7XUtW05a_FXehsPSiJfKvHJJnGOX0BgTvkLnkAOTdOrUZ_wK69Dzu4IvrN4vs9Nes8vbwPa_ddZEzGR0cQMt0JBkhk9kU_qwqUseP1QRJ5I1jR4g8aYPL_ke9K35PxZWuDp3U0UPAZ3PjFAh-5T-fc7gzCs9dPzSHloruU-glFQ",
      "e": "AQAB",
      "x5c": [
        "MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq"
      ],
      "x5t": "TrbVeEmbHM9fWB6tVr49m2dEpeU",
      "x5t#S256": "ms-rfkPI2IDQayYqlN7u5LRlmYnD0Mrxm69kBeQat98"
    },
    {
      "kty": "EC",
      "kid": "RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug",
      "use": "sig",
      "alg": "ES256",
      "x": "4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc_ITa4jVMU9tWRlUvzlgKNcR7E2Munn17v",
      "y": "oOZ_WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuM",
      "crv": "P-384",
      "x5c": [
        "MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBTZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6gLGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/AbuiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/63qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoBUEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQdEa8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc\u003d"
      ],
      "x5t": "Vu58JwaDFi2DuurMeQ4iRxraq-g",
      "x5t#S256": "RYRGunXZMukU8jwrV7fRku3bwhgdlY4Rga1SUXR6Hug"
    },
    {
      "kty": "RSA",
      "kid": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE",
      "use": "sig",
      "alg": "ES256",
      "n": "4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U_dDxGkAV53ijSLdhwZAAIEJzs4bg7_fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV_Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C_dxC__AH2hdmoRBBYMql1GNXRor5H4idq9Joz-EkIYIvUX7Q6hL-hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv-zbMUZBfHWymeMr_y7vrTC0LUq7dBMtoM1O_4gdW7jVg_tRvoSSiicNoxBN33shbyTApOB6jtSj1etX-jkMOvJw",
      "e": "AQAB",
      "x5c": [
        "MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQkCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4\u003d"
      ],
      "x5t": "qJhdOmXl5cSy19ZtQMbdL7GcVDY",
      "x5t#S256": "Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE"
    },
    {
      "kty": "RSA",
      "kid": "jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c",
      "use": "sig",
      "alg": "ES256",
      "n": "wfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN-wyKPhXLwhPZpx8vxdBvKd2hZYFL-rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R-Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf_IGjUS6_kIb0Q3twDFV1at8x_uFb2H1q-Rne0iXtTky-rzxah8Kus1F4_9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc_7e4XIYN-nzQhi4nx5F5O4yt_LRbUwHrd0__DZepBKTIMtffrCE6AUPcJJP_HrrTWMpaTenabs7CO-Gf-816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx_OwyA_pOB12L_HB1tRTIaR_AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh_cok9LtpSsAYB-ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B_RT9qkcUhcQaS9a6LrHHGYexmp2_OSQO2zhaJQwFxl7-oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS_DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgc",
      "e": "AQAB",
      "x5c": [
        "MIIFLDCCAxQCCQDlWmWOLdLO/TANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhvcGVubGRhcDAeFw0yMjA0MTIwMDAxMDhaFw00OTA4MjcwMDAxMDhaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCG9wZW5sZGFwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwfzNyXOBHfOll12HdSxOpISiZzH4TupQXb2Q5FimrDTZERmgAHqN+wyKPhXLwhPZpx8vxdBvKd2hZYFL+rkvF1AsbdQ27uJNAEewOukULqbRyzKrzBYL77R+Ipe6vEASjMrdf7LHOz8G8sPR28XSvN5FbWl4Uq5Gf/IGjUS6/kIb0Q3twDFV1at8x/uFb2H1q+Rne0iXtTky+rzxah8Kus1F4/9PbEQbsMcKCVsncg7on85C9VU2dOlDijJM3HLMtsyM5SVVCpHGKNEc/7e4XIYN+nzQhi4nx5F5O4yt/LRbUwHrd0//DZepBKTIMtffrCE6AUPcJJP/HrrTWMpaTenabs7CO+Gf+816XUl06REIjJYCmaSMWZLtESLooxxGVS80YocQ6bhkx/OwyA/pOB12L/HB1tRTIaR/AbwvELIWMcmRQi3ezS0Ah7X5Iq7hYVtLBXaV3wrGHh/cok9LtpSsAYB+ckQuZjlQ4dW3wKRq9rG2A5CW9N1yNFahsUY25R4PxS1VgvQ8CngIVhD8B/RT9qkcUhcQaS9a6LrHHGYexmp2/OSQO2zhaJQwFxl7+oREsCwtQsRr02TKZBSUcC7Zxl68dsI44L0y79HHvcHS/DC9K95aBRFnAfPzLvctM02CLI3kymRDgaPdd2lrWBvFOgqjtHP6TgCRigqcYgcCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAQ/8CHXFlDOq8TvDSjWu602G9UiEvqnBUWzZ5TbVQeIH54xzNTCjemx908fknEgSDSy4W1VOmckV9tbNtt3dIUyFna0b7ZzzfVnvGQYynjGPaYYBjnLi/SeHSv6U6qKuvRV7pTXRJadFVBupmARt2L3CxGKRhwu4DJnOKbLMKFy13PifyPurez5tpnVa1/Cl+GmB0oLdLMe9ielMHMNn3B/w+pUcCvwoAADnlfM44S65w2XqfVswNNoacLx1DrzwjX5RoV+ACC2CWOVYcQdJdwT76fBtbo0QJIz3hKLbZqa3TXpprAg49xztukar/7W3PwjYO7VrbGuBHg6h8yHmlUKpVcDJZ7IMVWh+a+ONglDKnBCCew736v1KtZTEG8D5IGeZAd/H9d0YiCcRTSfM+Pml3OO11UI7rycyaiZQfg4YXZ2zpX2GqbAoMTKYGi6KwD2ufn0U85Y7bkGDNyUbaJzdaOtt7F23MZiZdn3ixtgqpXSJv1SRngf7lpfBg7qcu1f3CC5I3vl3J7mIYKKiRsXdK0vwGDrEFSodrnDJsvWZ2mYtaS1l9Q1TII+5a0VLLe6tKWbFEiU6YIVG2Ptyr5Rsbw/bOXzuzjkIDRSEa8kSPQfEfqMZZdMvca9zoKHFFG3xgjHYmfWj5UHBL56G0eKd41HoWx8fa5ws2B4b2shk\u003d"
      ],
      "x5t": "IScnlIM-ZZed9eRjj8iqjI8-oI0",
      "x5t#S256": "jKdU4I4wMHZhzE9yt85i-MbhENLdc9dEI0p9DsFS26c"
    },
    {
      "kty": "RSA",
      "kid": "B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0",
      "use": "sig",
      "alg": "ES256",
      "n": "6FocmJCFqZf8gt7QTvM5dPA2n-wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF_is6bl-Jfam5TPCYE7rCEbla4Ivy1uj-LmvLbeDdf6fZoi-p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y_PP13xTNZQpMQSR6Jre8_2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ-YqU4z38BLshPTynZQjr42ORRoxZ-4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL_oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py_U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6_TmnZ1pJfMmLA_VdktmEfhl_rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO-shfiKcJsQKrCrebHTAk",
      "e": "AQAB",
      "x5c": [
        "MIIFLDCCAxQCCQDBbB0qqpk6EDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDETMBEGA1UEBwwKR29sZCBDb2FzdDEMMAoGA1UECgwDSUJNMREwDwYDVQQDDAhwb3N0Z3JlczAeFw0yMjA0MTIwMDAzMDlaFw00OTA4MjcwMDAzMDlaMFgxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMRMwEQYDVQQHDApHb2xkIENvYXN0MQwwCgYDVQQKDANJQk0xETAPBgNVBAMMCHBvc3RncmVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6FocmJCFqZf8gt7QTvM5dPA2n+wy43cKv3HxU5PoQ7b57lcGV6NwwR0Dkh5LbczjgTAJQKdlbORV15MyzB4NGkR9hA19ZaT2vWa8wBrF339PsOCHGPSu3AwpF/is6bl+Jfam5TPCYE7rCEbla4Ivy1uj+LmvLbeDdf6fZoi+p2vBR7ntxWvh6ZIhOZou1Wc6dbd0wJnf1FR3WuuNywyvie81y/PP13xTNZQpMQSR6Jre8/2Fus36s22Irins0yqL8fYNMKpMSvMCpclCugw0d8A4qZc9xi4FPqiA64XqBQJwmFZ9eZ+YqU4z38BLshPTynZQjr42ORRoxZ+4dbC0c8qinB8e23qJ1xHBCsk9TvgIGKL/oqRssOUjLoAuXJuAerlYKH9s3yQYVjymaDllOO9joIHtWD1RiVBNpmXYx5EEQUz63ipbb9gR8LjoBkdo9mcIUNJf3gFci1zEgEqSNFe1TOIziaGJtLN7e6ejULSz9GYPbjh2le3py/U4rbARemfWNCstqFZWh7GgriR0kHR1Z0XkvgJgbOFkaUQS8KXFGGTwX0iao2nwqSdU1eI0z6/TmnZ1pJfMmLA/VdktmEfhl/rBDg0neSWQ7CgH1OJtQl3BMAzmn8oX1EmK6lgnFo97rYPc7LjpP4wYB0gBpeO+shfiKcJsQKrCrebHTAkCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAAaPSzpiFZEG9hAGB+6wRz9tGInO0tCmV+GB/i9PFX572JJiLGEtetYyxv95V5yQrq40Rwl5/ekyZhjd6M56m8HVWiO465e0gMsph3WQe7yyNC+zmYr50II6MtjgaCMSY6WCeE+4rtkUKX4pZpDKEwcJI2UmMfa0iDTp4CTe+n5XfQOLVHh8NaXA3qabaRwtW3JOHhz2FPulDfFD9yTY/yvIBWr/HN89pmVRod9pJ3RjAGXhUFRNcZX/KrKddqchLg57I39qLshWG6tVfirBJzLtBYGsNMoovZjt5K5Msv6gpz2HraAX4stzvkMB1djTgaIuvQLM+3w7cSX6Wnjdz1IDUFdptDfEefLxoOXiMu/YHnYfewzKUXDCzsqM+JejpLSYrHKMLaKIWoTuid/84Rm1AkiQzQpyMn0GcaJNV0h/5oBjeJIBuUkO8pmAPzngamZLIM+F8BssVRsbfSCG2oa75J2qiLCd4kCrAa1kuiDqv+JhBnqu9dQvcqWPNe0POgfG9IG2M2++Jrcs+qdy9Rc6QkkEDifIq4GuKh2a2pvns7DsCjOoRxJBzpTmC86UCQt7leg5JArfXiXQ0ZR/jdOdgn0l1AUSvjqN18q6WgDvhS5R5K+ivpoVItCBQbpyfXBXPWEcZaASZwTVBpP1F+X/w3iHOiYj7IasZzj9DCtQ\u003d"
      ],
      "x5t": "wuGBkt_32Le2KNH8LA4eIvl4OaQ",
      "x5t#S256": "B-wwwOTwKl1WEbV3QY39rZfLiCL-YHNJsih2BZOsJC0"
    },
    {
      "kty": "EC",
      "kid": "j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws",
      "use": "sig",
      "alg": "ES256",
      "x": "nLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f8",
      "y": "oBXY7xcLQyeSPEII17_fWDi4X_aJ5Wpo3IvIlp1z51E",
      "crv": "P-256",
      "x5c": [
        "MIIFPjCCBOSgAwIBAgIQDcoB0eBgcUSL1tRgbrVe5jAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEgMB4GA1UEAxMXQ2xvdWRmbGFyZSBJbmMgRUNDIENBLTMwHhcNMjEwNzE2MDAwMDAwWhcNMjIwNzE1MjM1OTU5WjB1MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQQ2xvdWRmbGFyZSwgSW5jLjEeMBwGA1UEAxMVc25pLmNsb3VkZmxhcmVzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLCRTBh1a36xcaBIihQmmBKCKGhcdxQePVuZSP8h0f+gFdjvFwtDJ5I8QgjXv99YOLhf9onlamjci8iWnXPnUaOCA38wggN7MB8GA1UdIwQYMBaAFKXON+rrsHUOlGeItEX62SQQh5YfMB0GA1UdDgQWBBTUhRahZ5+BtKoZClu71NJoYSmbmTBEBgNVHREEPTA7ghVzbmkuY2xvdWRmbGFyZXNzbC5jb22CESouc2VjdXJpdHlwb2MuY29tgg9zZWN1cml0eXBvYy5jb20wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vQ2xvdWRmbGFyZUluY0VDQ0NBLTMuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Nsb3VkZmxhcmVJbmNFQ0NDQS0zLmNydDAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdgBGpVXrdfqRIDC1oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAXqwD+hnAAAEAwBHMEUCIDCBiGTPmSMM2E5j08lHy6CrM5wgXc1cLBz07lH7/oZFAiEAliKe6M4qNjsjvxlExlr24AQyOF0Qm1u+WBKhkVnWLrkAdgBRo7D1/QF5nFZtuDd4jwykeswbJ8v3nohCmg3+1IsF5QAAAXqwD+iiAAAEAwBHMEUCIQC/pzfjwl0K2vzB8Hmn46eLIul2H3wnBITr462hswIc1QIgQcejxHsgdhisnEQT+8tOlmgxwzSaeBNJeqYggd95CskAdwBByMqx3yJGShDGoToJQodeTjGLGwPr60vHaPCQYpYG9gAAAXqwD+hCAAAEAwBIMEYCIQDc4nhAUjHHiRC79K5sIQ0qKILeFM6F9OE+/NBi/t/PXgIhALMs8JrmU9MK4VbFbC9E0BqH4oPSm1UF/8TvWRd47VpkMAoGCCqGSM49BAMCA0gAMEUCIQCjcEVBNE/aTnuEWtZ0ZKFKOu4cCj5VEHhS8F87jypXswIgJQVUAsXzFCiohsA7Ng7BJY/T7ASRYg83LjQayEI52Gs\u003d"
      ],
      "x5t": "7JUZWIyx0BZpwO7Zx0MpbufjKEQ",
      "x5t#S256": "j5gNK4hzzYspsDUHZWmR0W_Aozt37H4XkR-Ckp-0Lws"
    },
    {
      "kty": "EC",
      "kid": "OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo",
      "use": "sig",
      "alg": "ES256",
      "x": "ua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj78",
      "y": "u03vYUbEyXPUJE_g7hzObLNRcS9q7kwFCXfTcmKkm9c",
      "crv": "P-256",
      "x5c": [
        "MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIwMDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNVBAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVDQyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAenQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un+ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFelpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1HgoE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw6DEdfgkfCv4+3ao8XnTSrLE\u003d"
      ],
      "x5t": "s912BtK1qLShN3Hb7MnuHOyvo4o",
      "x5t#S256": "OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo"
    },
    {
      "kty": "RSA",
      "kid": "lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY",
      "use": "sig",
      "alg": "ES256",
      "n": "regkc_QUN_ObnitXKByHvty33ziQjG485legePd1wqL-9Wpu9gBPKNveaIZsRJO2sWP9FBJrvx_S6jGbIX7RMzy6SPXded-zuP8S8SGaS8GKhnFpSmZmbI9-PHC_rSkiBvPkwOaAruJLj7eZfpQDn9NHl3yZSCNT6DiuTwpvgy7RSVeMgHS22i_QOI17A3AhG3XyMDz6j67d2mOr6xZPwo4RS37PC-j_tXcu9LJ7SuBMEiUMcI0DKaDhUyTsE9nuGb8Qs0qMP4mjYVHerIcHlPRjcewu4m9bmIHhiVw0eWx27zuQYnnm26SaLybF0BDhDt7ZEI4W-7f3qPfH5QIHmI82CJXn4jeWDTZ1nvsOcrEdm7wD-UkF2IHdBbQq1kHprAF2lQoP2N_VvRIfNS8oF2zSmMGoCWR3bkc3us6sWV5onX9y1onFBkEpPlk-3Sb1JMkRp1qjTEAfRqGZtac6UW6GO559cqcSBXhZ7T5ReBULA4-N0C8Fsj57ShxLcwUS_Mbq4FATfEOTdLPKdOeOHwEI0DDUW3E2tAe6wTAwXEi3gjuYpn1giqKjKYLMur2DBBuigwNBodYF8RvCtvCofIY7RqhIKojcdpp2vx9qpT0Zj-s482TeyCsNCij_99viFULUItAnXeF5_hjncIitTubZizrG3SdRbv-8ZPUzQ08",
      "e": "AQAB",
      "x5c": [
        "MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZLubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc\u003d"
      ],
      "x5t": "yr0qeaEHajHyHSU2NcsDnUMppeg",
      "x5t#S256": "lrzsBiZJdvN0YHeazyjFp8_oo8Cq4RqP_O4FwL3fCMY"
    },
    {
      "kty": "RSA",
      "kid": "Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0",
      "use": "sig",
      "alg": "ES256",
      "n": "uwIVKMz2oJTTDxLsjVWSw_iC8ZmmekKIp10mqrUrucVMsa-Oa_l1yKPXD0eUFFU1V4yeqKI5GfWCPEKpTm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh_o3cbMT5xys4Zvv2-Q7RVJFlqnBU840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8-muLj1cpmfgwF126cm_7gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT_zqItkel_xMY6pgJdz-dU_nPAeX1pnAXFK9jpP-Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1RoYvbFQ",
      "e": "AQAB",
      "x5c": [
        "MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAwWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3MgRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cPR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdxsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8ZutmNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxgZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6WPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wlikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQzCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BImlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1OyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90IdshCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6ZvMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqXnLRbwHOoq7hHwg\u003d\u003d"
      ],
      "x5t": "oFM3W_6E6LdIeCx87hWCemr1pAU",
      "x5t#S256": "Z63RFmsCCuYbj1_JaBPATCqliZYHloZVcqPH5zdhPf0"
    }
  ]
}
Verify First client: static client configuration
2022-05-11 06:25:29 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
2gJT3oQVIK9bnKrfamZ4
scope
openid email
jwks
{
  "keys": [
    {
      "kid": "OR5xHLDjTbwxAtPAm3XtbCH-rnB-YKecLyzudZrdUm0",
      "alg": "ES256",
      "kty": "EC",
      "crv": "P-256",
      "x": "XGyC1rR-KXGnjrvo3ZEOu9zsuQIBnms390M3TFdA2fA",
      "y": "UzBoxWLr18EeVSWLI178SKug139tDr5vmRMhl26h4HI",
      "d": "A-FY0gKFTDvAyyM6cm9ERbQbTKgLNwosMNj-A5-CDUI"
    }
  ]
}
hint_type
login_hint
hint_value
testuser
2022-05-11 06:25:29 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2022-05-11 06:25:29 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kid": "OR5xHLDjTbwxAtPAm3XtbCH-rnB-YKecLyzudZrdUm0",
      "alg": "ES256",
      "kty": "EC",
      "crv": "P-256",
      "x": "XGyC1rR-KXGnjrvo3ZEOu9zsuQIBnms390M3TFdA2fA",
      "y": "UzBoxWLr18EeVSWLI178SKug139tDr5vmRMhl26h4HI",
      "d": "A-FY0gKFTDvAyyM6cm9ERbQbTKgLNwosMNj-A5-CDUI"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "kid": "OR5xHLDjTbwxAtPAm3XtbCH-rnB-YKecLyzudZrdUm0",
      "x": "XGyC1rR-KXGnjrvo3ZEOu9zsuQIBnms390M3TFdA2fA",
      "y": "UzBoxWLr18EeVSWLI178SKug139tDr5vmRMhl26h4HI",
      "alg": "ES256"
    }
  ]
}
2022-05-11 06:25:29 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2022-05-11 06:25:29 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP
key
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9
ca
MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP
2022-05-11 06:25:29 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2022-05-11 06:25:29 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-05-11 06:25:29 SUCCESS
FAPICheckKeyAlgInClientJWKs
Keys in client JWKS all have permitted 'alg'
permitted
[
  "ES256",
  "PS256"
]
2022-05-11 06:25:29 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kid": "OR5xHLDjTbwxAtPAm3XtbCH-rnB-YKecLyzudZrdUm0",
      "alg": "ES256",
      "kty": "EC",
      "crv": "P-256",
      "x": "XGyC1rR-KXGnjrvo3ZEOu9zsuQIBnms390M3TFdA2fA",
      "y": "UzBoxWLr18EeVSWLI178SKug139tDr5vmRMhl26h4HI",
      "d": "A-FY0gKFTDvAyyM6cm9ERbQbTKgLNwosMNj-A5-CDUI"
    }
  ]
}
2022-05-11 06:25:29 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify Second client: static client configuration
2022-05-11 06:25:29 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
GIi4p8SCIhNO8g98blye
scope
openid
jwks
{
  "keys": [
    {
      "kid": "6RHpOyxdsQPzYz6uNmAC9YHuxrAUbGe4RZHuT218NfE",
      "alg": "ES256",
      "kty": "EC",
      "crv": "P-256",
      "x": "_9HZpw98HIP6hmCSXfv8u00cIy5UQ_XZ7krXJID-ydI",
      "y": "AGjAW113d8wl_SfZMBXA6i1y9R2OrhlwcpuYYJpQE9s",
      "d": "ALhGSwgtKne65I2OyEaUzUzKe0GUhjViKo2xvIeoiU8X"
    }
  ]
}
acr_value
urn:acr2
2022-05-11 06:25:29 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2022-05-11 06:25:29 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kid": "6RHpOyxdsQPzYz6uNmAC9YHuxrAUbGe4RZHuT218NfE",
      "alg": "ES256",
      "kty": "EC",
      "crv": "P-256",
      "x": "_9HZpw98HIP6hmCSXfv8u00cIy5UQ_XZ7krXJID-ydI",
      "y": "AGjAW113d8wl_SfZMBXA6i1y9R2OrhlwcpuYYJpQE9s",
      "d": "ALhGSwgtKne65I2OyEaUzUzKe0GUhjViKo2xvIeoiU8X"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "kid": "6RHpOyxdsQPzYz6uNmAC9YHuxrAUbGe4RZHuT218NfE",
      "x": "_9HZpw98HIP6hmCSXfv8u00cIy5UQ_XZ7krXJID-ydI",
      "y": "AGjAW113d8wl_SfZMBXA6i1y9R2OrhlwcpuYYJpQE9s",
      "alg": "ES256"
    }
  ]
}
2022-05-11 06:25:29 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2022-05-11 06:25:29 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo=
key
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKhELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLamqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+558fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hOdebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPusO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6FDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDPlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBLmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+pUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeMtWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81OOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJGPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIGMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7xPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxyhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcihWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZsGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZhO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2sfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q65HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoKIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4QPDq1ObkZdDBcEscAK6gQPlI=
ca
MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo=
2022-05-11 06:25:29 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2022-05-11 06:25:29 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-05-11 06:25:29 SUCCESS
FAPICheckKeyAlgInClientJWKs
Keys in client JWKS all have permitted 'alg'
permitted
[
  "ES256",
  "PS256"
]
2022-05-11 06:25:29 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kid": "6RHpOyxdsQPzYz6uNmAC9YHuxrAUbGe4RZHuT218NfE",
      "alg": "ES256",
      "kty": "EC",
      "crv": "P-256",
      "x": "_9HZpw98HIP6hmCSXfv8u00cIy5UQ_XZ7krXJID-ydI",
      "y": "AGjAW113d8wl_SfZMBXA6i1y9R2OrhlwcpuYYJpQE9s",
      "d": "ALhGSwgtKne65I2OyEaUzUzKe0GUhjViKo2xvIeoiU8X"
    }
  ]
}
2022-05-11 06:25:29 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2022-05-11 06:25:29 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://ciba-mobile.securitypoc.com/ivcreds
2022-05-11 06:25:29 SUCCESS
SetProtectedResourceUrlToSingleResourceEndpoint
Set protected resource URL
protected_resource_url
https://ciba-mobile.securitypoc.com/ivcreds
2022-05-11 06:25:29 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "ciba-mobile.securitypoc.com",
  "testPort": 443
}
2022-05-11 06:25:29 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "ciba-mobile.securitypoc.com",
  "testPort": 443
}
accounts_request_endpoint
{
  "testHost": "ciba-mobile.securitypoc.com",
  "testPort": 443
}
2022-05-11 06:25:29
fapi-ciba-id1-refresh-token
Setup Done
Call backchannel authentication endpoint
2022-05-11 06:25:29 SUCCESS
CreateEmptyAuthorizationEndpointRequest
Created empty authorization endpoint request
2022-05-11 06:25:29 SUCCESS
AddScopeToAuthorizationEndpointRequest
Added scope of 'openid email' to authorization endpoint request
scope
openid email
2022-05-11 06:25:29 SUCCESS
AddHintToAuthorizationEndpointRequest
Added hint to authorization endpoint request
login_hint
testuser
2022-05-11 06:25:29 SUCCESS
AddBindingMessageToAuthorizationEndpointRequest
Added binding message to authorization endpoint request
binding_message
1234
2022-05-11 06:25:29 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "scope": "openid email",
  "login_hint": "testuser",
  "binding_message": "1234"
}
2022-05-11 06:25:29 SUCCESS
AddIatToRequestObject
Added iat to request object claims
iat
1.652250329E9
2022-05-11 06:25:29 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.652250629E9
2022-05-11 06:25:29 SUCCESS
AddNbfToRequestObject
Added nbf to request object claims
nbf
1.652250329E9
2022-05-11 06:25:29 SUCCESS
AddJtiToRequestObject
Added jti to request object claims
jti
Z24vRvv7rr4eyvbouwoF
2022-05-11 06:25:29 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://ciba-mobile.securitypoc.com
2022-05-11 06:25:29 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
2gJT3oQVIK9bnKrfamZ4
2022-05-11 06:25:29 SUCCESS
SignRequestObject
Signed the request object
claims
{
  "aud": "https://ciba-mobile.securitypoc.com",
  "login_hint": "testuser",
  "nbf": 1652250329,
  "scope": "openid email",
  "iss": "2gJT3oQVIK9bnKrfamZ4",
  "binding_message": "1234",
  "exp": 1652250629,
  "iat": 1652250329,
  "jti": "Z24vRvv7rr4eyvbouwoF"
}
header
{
  "kid": "OR5xHLDjTbwxAtPAm3XtbCH-rnB-YKecLyzudZrdUm0",
  "alg": "ES256"
}
request_object
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwibG9naW5faGludCI6InRlc3R1c2VyIiwibmJmIjoxNjUyMjUwMzI5LCJzY29wZSI6Im9wZW5pZCBlbWFpbCIsImlzcyI6IjJnSlQzb1FWSUs5Ym5LcmZhbVo0IiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTY1MjI1MDYyOSwiaWF0IjoxNjUyMjUwMzI5LCJqdGkiOiJaMjR2UnZ2N3JyNGV5dmJvdXdvRiJ9.bQFDB9dojpVYt64npFl4KYro_H2qefzjj43BkufZhsvHolYj63fFmjjk5z82xcB5wx6_pzadHhjdTZ1O5jXcig
key
{
  "kty": "EC",
  "d": "A-FY0gKFTDvAyyM6cm9ERbQbTKgLNwosMNj-A5-CDUI",
  "crv": "P-256",
  "kid": "OR5xHLDjTbwxAtPAm3XtbCH-rnB-YKecLyzudZrdUm0",
  "x": "XGyC1rR-KXGnjrvo3ZEOu9zsuQIBnms390M3TFdA2fA",
  "y": "UzBoxWLr18EeVSWLI178SKug139tDr5vmRMhl26h4HI",
  "alg": "ES256"
}
2022-05-11 06:25:29 SUCCESS
CreateBackchannelAuthenticationEndpointRequest
Created backchannel authentication endpoint request
2022-05-11 06:25:29
AddRequestToBackchannelAuthenticationEndpointRequest
request
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwibG9naW5faGludCI6InRlc3R1c2VyIiwibmJmIjoxNjUyMjUwMzI5LCJzY29wZSI6Im9wZW5pZCBlbWFpbCIsImlzcyI6IjJnSlQzb1FWSUs5Ym5LcmZhbVo0IiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTY1MjI1MDYyOSwiaWF0IjoxNjUyMjUwMzI5LCJqdGkiOiJaMjR2UnZ2N3JyNGV5dmJvdXdvRiJ9.bQFDB9dojpVYt64npFl4KYro_H2qefzjj43BkufZhsvHolYj63fFmjjk5z82xcB5wx6_pzadHhjdTZ1O5jXcig
2022-05-11 06:25:29 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2gJT3oQVIK9bnKrfamZ4
sub
2gJT3oQVIK9bnKrfamZ4
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
YbHFJnQ7MMkkUPNprMHg
iat
1652250329
exp
1652250389
2022-05-11 06:25:29 SUCCESS
SetClientAuthenticationAudIssuerIdentifierToBackchannelAuthenticationEndpoint
Add Issuer Identifier as aud value to client_assertion_claims
iss
2gJT3oQVIK9bnKrfamZ4
sub
2gJT3oQVIK9bnKrfamZ4
aud
https://ciba-mobile.securitypoc.com
jti
YbHFJnQ7MMkkUPNprMHg
iat
1652250329
exp
1652250389
2022-05-11 06:25:29 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM4OSwiaWF0IjoxNjUyMjUwMzI5LCJqdGkiOiJZYkhGSm5RN01Na2tVUE5wck1IZyJ9.By46stotN1VJOm1AGkz3U6sYxQTKm3SmLqn9oLy7k_eNOryqINOq8VFPDch92E6D93Gye_t4Ji6r6ydAA7LvoQ
2022-05-11 06:25:29
AddClientAssertionToBackchannelAuthenticationEndpoint
Added client assertion
request
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwibG9naW5faGludCI6InRlc3R1c2VyIiwibmJmIjoxNjUyMjUwMzI5LCJzY29wZSI6Im9wZW5pZCBlbWFpbCIsImlzcyI6IjJnSlQzb1FWSUs5Ym5LcmZhbVo0IiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTY1MjI1MDYyOSwiaWF0IjoxNjUyMjUwMzI5LCJqdGkiOiJaMjR2UnZ2N3JyNGV5dmJvdXdvRiJ9.bQFDB9dojpVYt64npFl4KYro_H2qefzjj43BkufZhsvHolYj63fFmjjk5z82xcB5wx6_pzadHhjdTZ1O5jXcig
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM4OSwiaWF0IjoxNjUyMjUwMzI5LCJqdGkiOiJZYkhGSm5RN01Na2tVUE5wck1IZyJ9.By46stotN1VJOm1AGkz3U6sYxQTKm3SmLqn9oLy7k_eNOryqINOq8VFPDch92E6D93Gye_t4Ji6r6ydAA7LvoQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:29
CallBackchannelAuthenticationEndpoint
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/ciba
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "997"
}
request_body
request=eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwibG9naW5faGludCI6InRlc3R1c2VyIiwibmJmIjoxNjUyMjUwMzI5LCJzY29wZSI6Im9wZW5pZCBlbWFpbCIsImlzcyI6IjJnSlQzb1FWSUs5Ym5LcmZhbVo0IiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTY1MjI1MDYyOSwiaWF0IjoxNjUyMjUwMzI5LCJqdGkiOiJaMjR2UnZ2N3JyNGV5dmJvdXdvRiJ9.bQFDB9dojpVYt64npFl4KYro_H2qefzjj43BkufZhsvHolYj63fFmjjk5z82xcB5wx6_pzadHhjdTZ1O5jXcig&client_assertion=eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM4OSwiaWF0IjoxNjUyMjUwMzI5LCJqdGkiOiJZYkhGSm5RN01Na2tVUE5wck1IZyJ9.By46stotN1VJOm1AGkz3U6sYxQTKm3SmLqn9oLy7k_eNOryqINOq8VFPDch92E6D93Gye_t4Ji6r6ydAA7LvoQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP",
  "key": "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9",
  "ca": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP"
}
2022-05-11 06:25:30 RESPONSE
CallBackchannelAuthenticationEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json",
  "date": "Wed, 11 May 2022 06:25:29 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "server": "IBM Security Verify Access",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-cache",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": "PD-S-SESSION-ID\u003d1_2_1_tkE4QYR0K8IhrH+PJqZKz2ytpSQFqR8dk+gMHvsteNkqd5JP; Path\u003d/; Secure; HttpOnly"
}
response_body
{"auth_req_id":"eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt","expires_in":299,"interval":5}	
2022-05-11 06:25:30
CallBackchannelAuthenticationEndpoint
Backchannel Authentication endpoint response
backchannel_authentication_endpoint_response
{"auth_req_id":"eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt","expires_in":299,"interval":5}	
2022-05-11 06:25:30 SUCCESS
CallBackchannelAuthenticationEndpoint
Parsed backchannel authentication endpoint response
auth_req_id
eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
expires_in
299
interval
5
2022-05-11 06:25:30 SUCCESS
CheckBackchannelAuthenticationEndpointHttpStatus200
Backchannel authentication endpoint http status code was 200
2022-05-11 06:25:30 SUCCESS
CheckBackchannelAuthenticationEndpointContentType
Backchannel authentication endpoint Content-Type: header is application/json
2022-05-11 06:25:30 SUCCESS
CheckIfBackchannelAuthenticationEndpointResponseError
No error from Backchannel authentication endpoint
2022-05-11 06:25:30 SUCCESS
ValidateAuthenticationRequestId
auth_req_id passed all validation checks
2022-05-11 06:25:30 SUCCESS
EnsureMinimumAuthenticationRequestIdLength
auth_req_id is of sufficient length
actual
400
required
128
2022-05-11 06:25:30 SUCCESS
EnsureMinimumAuthenticationRequestIdEntropy
Calculated shannon entropy seems sufficient
actual
257.43792198657275
expected
96.0
value
s
2022-05-11 06:25:30 SUCCESS
EnsureRecommendedAuthenticationRequestIdEntropy
Calculated entropy
actual
257.43792198657275
value
eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
recommended
160.0
2022-05-11 06:25:30 SUCCESS
ValidateAuthenticationRequestIdExpiresIn
expires_in passed all validation checks
expires_in
299
2022-05-11 06:25:30 SUCCESS
ValidateAuthenticationRequestIdInterval
interval passed all validation checks
interval
5
Call token endpoint expecting pending
2022-05-11 06:25:30 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
Created token endpoint request
grant_type
urn:openid:params:grant-type:ciba
2022-05-11 06:25:30
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
2022-05-11 06:25:30 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2gJT3oQVIK9bnKrfamZ4
sub
2gJT3oQVIK9bnKrfamZ4
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
7GD1FWiPu8BXsmcSB4gi
iat
1652250330
exp
1652250390
2022-05-11 06:25:30 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM5MCwiaWF0IjoxNjUyMjUwMzMwLCJqdGkiOiI3R0QxRldpUHU4QlhzbWNTQjRnaSJ9.F-Mh8dV5HS3ObYWaBFN_3blU5jbYjdTfDuiVFyWGKCXiDEDiAVKBdJT8MMX_Tj_7reBP-kQkuw-NWqV6JUDj3A
2022-05-11 06:25:30
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM5MCwiaWF0IjoxNjUyMjUwMzMwLCJqdGkiOiI3R0QxRldpUHU4QlhzbWNTQjRnaSJ9.F-Mh8dV5HS3ObYWaBFN_3blU5jbYjdTfDuiVFyWGKCXiDEDiAVKBdJT8MMX_Tj_7reBP-kQkuw-NWqV6JUDj3A
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:30
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "642"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt&client_assertion=eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM5MCwiaWF0IjoxNjUyMjUwMzMwLCJqdGkiOiI3R0QxRldpUHU4QlhzbWNTQjRnaSJ9.F-Mh8dV5HS3ObYWaBFN_3blU5jbYjdTfDuiVFyWGKCXiDEDiAVKBdJT8MMX_Tj_7reBP-kQkuw-NWqV6JUDj3A&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP",
  "key": "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9",
  "ca": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP"
}
2022-05-11 06:25:30 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "content-language": "en-US",
  "content-length": "100",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:30 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000Asz03Cd6sxoOvBR5wjwptXj:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000QVJKPQZ-MriAYtBcxGxZ-cR:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_CaTahcVbUPwlcd2EwRnDN7+w0d0sOyeCp68c35lpQtTxLwLe; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"error_description":"FBTOAU256E Pending. The auth_req_id is not yet verified.","error":"slow_down"}
2022-05-11 06:25:30 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
error
slow_down
2022-05-11 06:25:30 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Verify token endpoint response is pending or slow_down
2022-05-11 06:25:30 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-05-11 06:25:30 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
slow_down
2022-05-11 06:25:30 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
2022-05-11 06:25:30 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
2022-05-11 06:25:30 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2022-05-11 06:25:30 SUCCESS
EnsureErrorTokenEndpointSlowdownOrAuthorizationPending
error met 'slow_down' or 'authorization_pending'
error
slow_down
Call token endpoint expecting pending (second time)
2022-05-11 06:25:35 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
Created token endpoint request
grant_type
urn:openid:params:grant-type:ciba
2022-05-11 06:25:35
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
2022-05-11 06:25:35 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2gJT3oQVIK9bnKrfamZ4
sub
2gJT3oQVIK9bnKrfamZ4
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
a9dZLcvS3LQkgjBFXz5s
iat
1652250335
exp
1652250395
2022-05-11 06:25:35 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM5NSwiaWF0IjoxNjUyMjUwMzM1LCJqdGkiOiJhOWRaTGN2UzNMUWtnakJGWHo1cyJ9.RjSP9whhIi2gSXqpEfs9-52803aXZOHC2hOf7qzjfC7kxb4AN8joAWb9Kn-cNEt-urVPov415r7PGJWdfrNO2g
2022-05-11 06:25:35
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM5NSwiaWF0IjoxNjUyMjUwMzM1LCJqdGkiOiJhOWRaTGN2UzNMUWtnakJGWHo1cyJ9.RjSP9whhIi2gSXqpEfs9-52803aXZOHC2hOf7qzjfC7kxb4AN8joAWb9Kn-cNEt-urVPov415r7PGJWdfrNO2g
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:35
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "642"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt&client_assertion=eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDM5NSwiaWF0IjoxNjUyMjUwMzM1LCJqdGkiOiJhOWRaTGN2UzNMUWtnakJGWHo1cyJ9.RjSP9whhIi2gSXqpEfs9-52803aXZOHC2hOf7qzjfC7kxb4AN8joAWb9Kn-cNEt-urVPov415r7PGJWdfrNO2g&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP",
  "key": "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9",
  "ca": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP"
}
2022-05-11 06:25:35 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "content-language": "en-US",
  "content-length": "112",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:35 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000nG_DCl1n6ca5SlRIIe9TwPd:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000hTJedz1f_4phsXIT9ixloRu:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_C2IjozRQu6hsxwuodZwAV3jt19jGieZJtge0DwCPlHYP58QW; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"error_description":"FBTOAU256E Pending. The auth_req_id is not yet verified.","error":"authorization_pending"}
2022-05-11 06:25:35 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
error
authorization_pending
2022-05-11 06:25:35 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Verify token endpoint response is pending or slow_down
2022-05-11 06:25:35 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-05-11 06:25:35 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
authorization_pending
2022-05-11 06:25:35 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
2022-05-11 06:25:35 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
2022-05-11 06:25:35 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2022-05-11 06:25:35 SUCCESS
EnsureErrorTokenEndpointSlowdownOrAuthorizationPending
error met 'slow_down' or 'authorization_pending'
error
authorization_pending
2022-05-11 06:25:35
CallAutomatedCibaApprovalEndpoint
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/automated_ciba_approval_url?action=allow&token=eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP",
  "key": "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9",
  "ca": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP"
}
2022-05-11 06:25:36 RESPONSE
CallAutomatedCibaApprovalEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json",
  "date": "Wed, 11 May 2022 06:25:35 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "server": "IBM Security Verify Access",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-cache",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000YvqWkPw45B9CK4J1oUUV_wv:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000w9kz_tnf8cguvO1P-CnGAhl:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_VsYAEwMKM-RwvCQX45ykN2wOTmP1BLARU5zPlrhqqoXnoFXp; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"status":"ok"}	
2022-05-11 06:25:36 SUCCESS
CallAutomatedCibaApprovalEndpoint
Successfully called automated_ciba_approval_url endpoint
response
{"status":"ok"}	
Polling token endpoint waiting for user to authenticate
2022-05-11 06:25:41 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
Created token endpoint request
grant_type
urn:openid:params:grant-type:ciba
2022-05-11 06:25:41
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
2022-05-11 06:25:41 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2gJT3oQVIK9bnKrfamZ4
sub
2gJT3oQVIK9bnKrfamZ4
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
QqLZNGcm8cM21kzqLeM5
iat
1652250341
exp
1652250401
2022-05-11 06:25:41 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQwMSwiaWF0IjoxNjUyMjUwMzQxLCJqdGkiOiJRcUxaTkdjbThjTTIxa3pxTGVNNSJ9.EmlvKpUqben8Ts64wFkHp0dtfYw7USukWafzNYiZ5yTRZIAQdlsVUlNKdcZz57MGLQywg9T9tb3XoK_LgzdElw
2022-05-11 06:25:41
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQwMSwiaWF0IjoxNjUyMjUwMzQxLCJqdGkiOiJRcUxaTkdjbThjTTIxa3pxTGVNNSJ9.EmlvKpUqben8Ts64wFkHp0dtfYw7USukWafzNYiZ5yTRZIAQdlsVUlNKdcZz57MGLQywg9T9tb3XoK_LgzdElw
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:41
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "642"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=eM8vaySlbDmUcgJQ8p2H7TALtCb7NyEgnoQjHhzonih6q8d0Wt&client_assertion=eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQwMSwiaWF0IjoxNjUyMjUwMzQxLCJqdGkiOiJRcUxaTkdjbThjTTIxa3pxTGVNNSJ9.EmlvKpUqben8Ts64wFkHp0dtfYw7USukWafzNYiZ5yTRZIAQdlsVUlNKdcZz57MGLQywg9T9tb3XoK_LgzdElw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP",
  "key": "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9",
  "ca": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP"
}
2022-05-11 06:25:41 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:41 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000cNBnCNRwZgh9qn00EDZ8t1f:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000KlMhE-UzXJ_TjvRQS9kFfj-:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_LtDp5pOYkBZv+xY76xBugEr8S3MD8lp0weEQvefKY-0FzQOK; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"access_token":"8KUV824SvTH328ns6H6FDw4IzdBIi9e7","refresh_token":"XPM53tkh1coQdRzEnrtp5rdI6yD11guwuAJ9PHZ7","scope":"openid email","id_token":"eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNDEsImV4cCI6MTY1MjI1Mzk0MSwibm9uY2UiOiJ1M3YwN3oyb2NmYiIsImlzcyI6Imh0dHBzOi8vY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF0X2hhc2giOiJ6U0w5dnR2MU9CNi1fNDBsOGJ5X21nIiwicnRfaGFzaCI6IkotLVlrRmZ2TEVVRVI3UWpWb09kdGciLCJhY3IiOiJhY3I6YXV0b3Rlc3QifQ.ETlOkXliI_cIdW5Vnn8ZcEWm1dGRuMOIO2XD3M_0C-J6IUMVZDmed_owklkqVJUBLHztOXIQxAIZuVxjLMIXgA","token_type":"bearer","expires_in":3599}
2022-05-11 06:25:41 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
8KUV824SvTH328ns6H6FDw4IzdBIi9e7
refresh_token
XPM53tkh1coQdRzEnrtp5rdI6yD11guwuAJ9PHZ7
scope
openid email
id_token
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNDEsImV4cCI6MTY1MjI1Mzk0MSwibm9uY2UiOiJ1M3YwN3oyb2NmYiIsImlzcyI6Imh0dHBzOi8vY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF0X2hhc2giOiJ6U0w5dnR2MU9CNi1fNDBsOGJ5X21nIiwicnRfaGFzaCI6IkotLVlrRmZ2TEVVRVI3UWpWb09kdGciLCJhY3IiOiJhY3I6YXV0b3Rlc3QifQ.ETlOkXliI_cIdW5Vnn8ZcEWm1dGRuMOIO2XD3M_0C-J6IUMVZDmed_owklkqVJUBLHztOXIQxAIZuVxjLMIXgA
token_type
bearer
expires_in
3599
2022-05-11 06:25:41 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Verify token endpoint response
2022-05-11 06:25:41 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-05-11 06:25:41 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-store, no-cache=set-cookie
pragma_header
no-cache
2022-05-11 06:25:41 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-05-11 06:25:41 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
8KUV824SvTH328ns6H6FDw4IzdBIi9e7
2022-05-11 06:25:41 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
8KUV824SvTH328ns6H6FDw4IzdBIi9e7
type
bearer
2022-05-11 06:25:41 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3599
2022-05-11 06:25:41 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3599
2022-05-11 06:25:41 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
XPM53tkh1coQdRzEnrtp5rdI6yD11guwuAJ9PHZ7
2022-05-11 06:25:41 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
320
required
128
2022-05-11 06:25:41 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
196.12223629333104
expected
96.0
value
s
2022-05-11 06:25:41 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
256
required
128
2022-05-11 06:25:41 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
145.24511249783654
expected
96.0
value
s
2022-05-11 06:25:41 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNDEsImV4cCI6MTY1MjI1Mzk0MSwibm9uY2UiOiJ1M3YwN3oyb2NmYiIsImlzcyI6Imh0dHBzOi8vY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF0X2hhc2giOiJ6U0w5dnR2MU9CNi1fNDBsOGJ5X21nIiwicnRfaGFzaCI6IkotLVlrRmZ2TEVVRVI3UWpWb09kdGciLCJhY3IiOiJhY3I6YXV0b3Rlc3QifQ.ETlOkXliI_cIdW5Vnn8ZcEWm1dGRuMOIO2XD3M_0C-J6IUMVZDmed_owklkqVJUBLHztOXIQxAIZuVxjLMIXgA
header
{
  "kid": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg",
  "alg": "ES256"
}
claims
{
  "at_hash": "zSL9vtv1OB6-_40l8by_mg",
  "sub": "testuser",
  "aud": "2gJT3oQVIK9bnKrfamZ4",
  "acr": "acr:autotest",
  "iss": "https://ciba-mobile.securitypoc.com",
  "exp": 1652253941,
  "iat": 1652250341,
  "nonce": "u3v07z2ocfb",
  "rt_hash": "J--YkFfvLEUER7QjVoOdtg"
}
2022-05-11 06:25:41 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-05-11 06:25:41 SUCCESS
EnsureIdTokenContainsKid
kid was found in the ID token header
kid
JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg
2022-05-11 06:25:41 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNDEsImV4cCI6MTY1MjI1Mzk0MSwibm9uY2UiOiJ1M3YwN3oyb2NmYiIsImlzcyI6Imh0dHBzOi8vY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF0X2hhc2giOiJ6U0w5dnR2MU9CNi1fNDBsOGJ5X21nIiwicnRfaGFzaCI6IkotLVlrRmZ2TEVVRVI3UWpWb09kdGciLCJhY3IiOiJhY3I6YXV0b3Rlc3QifQ.ETlOkXliI_cIdW5Vnn8ZcEWm1dGRuMOIO2XD3M_0C-J6IUMVZDmed_owklkqVJUBLHztOXIQxAIZuVxjLMIXgA
2022-05-11 06:25:41 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNDEsImV4cCI6MTY1MjI1Mzk0MSwibm9uY2UiOiJ1M3YwN3oyb2NmYiIsImlzcyI6Imh0dHBzOi8vY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF0X2hhc2giOiJ6U0w5dnR2MU9CNi1fNDBsOGJ5X21nIiwicnRfaGFzaCI6IkotLVlrRmZ2TEVVRVI3UWpWb09kdGciLCJhY3IiOiJhY3I6YXV0b3Rlc3QifQ.ETlOkXliI_cIdW5Vnn8ZcEWm1dGRuMOIO2XD3M_0C-J6IUMVZDmed_owklkqVJUBLHztOXIQxAIZuVxjLMIXgA
2022-05-11 06:25:41 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
testuser
2022-05-11 06:25:41 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
permitted
[
  "ES256",
  "PS256"
]
alg
ES256
2022-05-11 06:25:41 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-05-11 06:25:41 INFO
FAPIValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-05-11 06:25:41 INFO
FAPICIBAValidateIdTokenAuthRequestIdClaims
Skipped evaluation due to missing required element: id_token claims.urn:openid:params:jwt:claim:auth_req_id
path
claims.urn:openid:params:jwt:claim:auth_req_id
mapped
object
id_token
2022-05-11 06:25:41 SUCCESS
ValidateIdTokenNotIncludeCHashAndSHash
id_token claims correctly does not contain 'c_hash' and 's_hash'
claims
{
  "at_hash": "zSL9vtv1OB6-_40l8by_mg",
  "sub": "testuser",
  "aud": "2gJT3oQVIK9bnKrfamZ4",
  "acr": "acr:autotest",
  "iss": "https://ciba-mobile.securitypoc.com",
  "exp": 1652253941,
  "iat": 1652250341,
  "nonce": "u3v07z2ocfb",
  "rt_hash": "J--YkFfvLEUER7QjVoOdtg"
}
2022-05-11 06:25:41 SUCCESS
ExtractAtHash
Extracted at_hash from ID Token
at_hash
zSL9vtv1OB6-_40l8by_mg
alg
ES256
2022-05-11 06:25:41 INFO
ExtractRtHash
Couldn't find urn:openid:params:jwt:claim:rt_hash claim in the ID token
2022-05-11 06:25:41 INFO
FAPICIBAValidateRtHash
Skipped evaluation due to missing required object: rt_hash
expected
rt_hash
mapped
2022-05-11 06:25:41 SUCCESS
ValidateAtHash
at_hash validated successfully
expected_hash
zSL9vtv1OB6-_40l8by_mg
unhashed_value
8KUV824SvTH328ns6H6FDw4IzdBIi9e7
id_token_hash
zSL9vtv1OB6-_40l8by_mg
Check for refresh token
2022-05-11 06:25:41 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
XPM53tkh1coQdRzEnrtp5rdI6yD11guwuAJ9PHZ7
2022-05-11 06:25:41 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "urn:ietf:params:oauth:grant-type:device_code",
  "refresh_token",
  "urn:openid:params:grant-type:ciba"
]
2022-05-11 06:25:41 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Refresh Token Request
2022-05-11 06:25:41 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
XPM53tkh1coQdRzEnrtp5rdI6yD11guwuAJ9PHZ7
2022-05-11 06:25:41 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid email' to token endpoint request
grant_type
refresh_token
refresh_token
XPM53tkh1coQdRzEnrtp5rdI6yD11guwuAJ9PHZ7
scope
openid email
2022-05-11 06:25:41 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2gJT3oQVIK9bnKrfamZ4
sub
2gJT3oQVIK9bnKrfamZ4
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
H6cxKWPQcmGqqjv8vRO6
iat
1652250341
exp
1652250401
2022-05-11 06:25:41 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQwMSwiaWF0IjoxNjUyMjUwMzQxLCJqdGkiOiJINmN4S1dQUWNtR3FxanY4dlJPNiJ9.RB3NxSaCEPJsIVLHP9d4wcYniDhjr3TZDLR6IQy7p1WNDU2LfEdizyugk_im5nn3iYx6eoYyuxv4inDPko-6hg
2022-05-11 06:25:41
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
XPM53tkh1coQdRzEnrtp5rdI6yD11guwuAJ9PHZ7
scope
openid email
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQwMSwiaWF0IjoxNjUyMjUwMzQxLCJqdGkiOiJINmN4S1dQUWNtR3FxanY4dlJPNiJ9.RB3NxSaCEPJsIVLHP9d4wcYniDhjr3TZDLR6IQy7p1WNDU2LfEdizyugk_im5nn3iYx6eoYyuxv4inDPko-6hg
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:41 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-05-11 06:25:42 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-05-11 06:25:42
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "625"
}
request_body
grant_type=refresh_token&refresh_token=XPM53tkh1coQdRzEnrtp5rdI6yD11guwuAJ9PHZ7&scope=openid+email&client_assertion=eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQwMSwiaWF0IjoxNjUyMjUwMzQxLCJqdGkiOiJINmN4S1dQUWNtR3FxanY4dlJPNiJ9.RB3NxSaCEPJsIVLHP9d4wcYniDhjr3TZDLR6IQy7p1WNDU2LfEdizyugk_im5nn3iYx6eoYyuxv4inDPko-6hg&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP",
  "key": "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9",
  "ca": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP"
}
2022-05-11 06:25:43 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:43 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000FpWRWB7HmjGz1tgNkcoTEJi:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000Vrv8kmgg11e4ZVRhrhmaqEV:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_NT4X10xqUpt0UAJmDHJXQHJjDhMvgBO5xIkcLbDrvtLOzuyt; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"access_token":"EahGZDjtxU1vouuZxHWilb1PSjqFljpl","refresh_token":"kqS9FDskC4BpXdRvgxSP69kDAx2hp6TzTkSbfNYy","scope":"openid email","id_token":"eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJydF9oYXNoIjoiTm9SVGRBZEVtUWN4UHVCOGo4ZUdVQSIsImlhdCI6MTY1MjI1MDM0MywiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJhdF9oYXNoIjoiLXRGRkQ3Uzc1V05SaHBxTFFoRmFNUSIsInN1YiI6InRlc3R1c2VyIiwiZXhwIjoxNjUyMjUzOTQzLCJhdWQiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCJ9.jaRKVbUyzcd4ZevTYRAQ5JFEM7tQvSejGMdHg-lLgC5iFYW99mbRT87w7MnchuxJdutoPUS5cCzzKy2IQswpbQ","token_type":"bearer","expires_in":3599}
2022-05-11 06:25:43 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
EahGZDjtxU1vouuZxHWilb1PSjqFljpl
refresh_token
kqS9FDskC4BpXdRvgxSP69kDAx2hp6TzTkSbfNYy
scope
openid email
id_token
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJydF9oYXNoIjoiTm9SVGRBZEVtUWN4UHVCOGo4ZUdVQSIsImlhdCI6MTY1MjI1MDM0MywiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJhdF9oYXNoIjoiLXRGRkQ3Uzc1V05SaHBxTFFoRmFNUSIsInN1YiI6InRlc3R1c2VyIiwiZXhwIjoxNjUyMjUzOTQzLCJhdWQiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCJ9.jaRKVbUyzcd4ZevTYRAQ5JFEM7tQvSejGMdHg-lLgC5iFYW99mbRT87w7MnchuxJdutoPUS5cCzzKy2IQswpbQ
token_type
bearer
expires_in
3599
2022-05-11 06:25:43 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-05-11 06:25:43 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-05-11 06:25:43 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-store, no-cache=set-cookie
pragma_header
no-cache
2022-05-11 06:25:43 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-05-11 06:25:43 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
EahGZDjtxU1vouuZxHWilb1PSjqFljpl
type
bearer
2022-05-11 06:25:43 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-05-11 06:25:43 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
142.49022499567306
expected
96.0
value
s
2022-05-11 06:25:43 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-05-11 06:25:43 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3599
2022-05-11 06:25:43 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3599
2022-05-11 06:25:43 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
8KUV824SvTH328ns6H6FDw4IzdBIi9e7
second_access_token
EahGZDjtxU1vouuZxHWilb1PSjqFljpl
2022-05-11 06:25:43 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJydF9oYXNoIjoiTm9SVGRBZEVtUWN4UHVCOGo4ZUdVQSIsImlhdCI6MTY1MjI1MDM0MywiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJhdF9oYXNoIjoiLXRGRkQ3Uzc1V05SaHBxTFFoRmFNUSIsInN1YiI6InRlc3R1c2VyIiwiZXhwIjoxNjUyMjUzOTQzLCJhdWQiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCJ9.jaRKVbUyzcd4ZevTYRAQ5JFEM7tQvSejGMdHg-lLgC5iFYW99mbRT87w7MnchuxJdutoPUS5cCzzKy2IQswpbQ
header
{
  "kid": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg",
  "alg": "ES256"
}
claims
{
  "at_hash": "-tFFD7S75WNRhpqLQhFaMQ",
  "sub": "testuser",
  "aud": "2gJT3oQVIK9bnKrfamZ4",
  "iss": "https://ciba-mobile.securitypoc.com",
  "exp": 1652253943,
  "iat": 1652250343,
  "rt_hash": "NoRTdAdEmQcxPuB8j8eGUA"
}
2022-05-11 06:25:43 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
kqS9FDskC4BpXdRvgxSP69kDAx2hp6TzTkSbfNYy
2022-05-11 06:25:43 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
320
required
128
2022-05-11 06:25:43 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
188.122236293331
expected
96.0
value
s
2022-05-11 06:25:43 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://ciba-mobile.securitypoc.com",
  "second": "https://ciba-mobile.securitypoc.com",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "testuser",
  "second": "testuser",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1652250341,
  "second": 1652250343,
  "note": "Values are expected to be different"
}
aud
{
  "first": "2gJT3oQVIK9bnKrfamZ4",
  "second": "2gJT3oQVIK9bnKrfamZ4",
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Resource server endpoint tests
2022-05-11 06:25:43
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2022-05-11 06:25:43 SUCCESS
AddFAPIAuthDateToResourceEndpointRequest
Added x-fapi-auth-date to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Wed, 11 May 2022 06:25:43 GMT"
}
2022-05-11 06:25:43
CreateRandomFAPIInteractionId
Created interaction ID
fapi_interaction_id
a217971f-c3b3-4ca0-aa6f-2af48a866715
2022-05-11 06:25:43 SUCCESS
AddFAPIInteractionIdToResourceEndpointRequest
Added x-fapi-interaction-id to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Wed, 11 May 2022 06:25:43 GMT",
  "x-fapi-interaction-id": "a217971f-c3b3-4ca0-aa6f-2af48a866715"
}
2022-05-11 06:25:43
CallProtectedResource
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/ivcreds
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer EahGZDjtxU1vouuZxHWilb1PSjqFljpl",
  "x-fapi-auth-date": "Wed, 11 May 2022 06:25:43 GMT",
  "x-fapi-interaction-id": "a217971f-c3b3-4ca0-aa6f-2af48a866715",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP",
  "key": "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9",
  "ca": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP"
}
2022-05-11 06:25:43 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "1293",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Wed, 11 May 2022 06:25:43 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-cache",
  "x-fapi-interaction-id": "a217971f-c3b3-4ca0-aa6f-2af48a866715",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000iC0fFZF9q_GTZ4Kh9bT9rgq:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_OTFE-0TmMIugvgdmvz7TWgaAGKMlCRwduKomV-+sejsWfMda; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"authenticationMechanismTypes":"urn:ibm:security:authentication:asf:mechanism:fapi_certeai","authenticationTypes":"urn:ibm:security:authentication:asf:fapi_cert_auth","AUTHENTICATION_LEVEL":"2","AZN_CRED_AUTHNMECH_INFO":"","AZN_CRED_AUTHZN_ID":"testuser","AZN_CRED_AUTH_EPOCH_TIME":"1652250343","AZN_CRED_AUTH_METHOD":"ext-auth-interface","AZN_CRED_BROWSER_INFO":"Apache-HttpClient/4.5.13 (Java/11.0.14.1)","AZN_CRED_IP_FAMILY":"AF_INET","AZN_CRED_MECH_ID":"IV_LDAP_V3.0","AZN_CRED_NETWORK_ADDRESS_BIN":"0x0ab0e247","AZN_CRED_NETWORK_ADDRESS_STR":"10.176.226.71","AZN_CRED_PRINCIPAL_DOMAIN":"Default","AZN_CRED_PRINCIPAL_NAME":"testuser","AZN_CRED_PRINCIPAL_UUID":"00000001-0000-1000-8002-030405060708","AZN_CRED_QOP_INFO":"x509: TLSV12: 9E","AZN_CRED_REGISTRY_ID":"cn=testuser,cn=ExternalUser","AZN_CRED_USER_INFO":"","AZN_CRED_VERSION":"0x00001004","AZN_CUSTOM_ATTRIBUTES":["scope","AUTHENTICATION_LEVEL","authenticationMechanismTypes","authenticationTypes"],"scope":"openid,email","tagvalue_login_user_name":"testuser","tagvalue_max_concurrent_web_sessions":"unset","tagvalue_session_index":"2f8d2944-d0f3-11ec-af69-9a8169b7a4fd","tagvalue_user_session_id":"bG9jYWxob3N0LW1vYmlsZQA=_YntW5wAAAAIAAAAw51Z7Ykj0AlSjfwAAT1RGRS0wVG1NSXVndmdkbXZ6N1RXZ2FBR0tNbENSd2R1S29tVi0rc2Vqc1dmTWRh:default"}
2022-05-11 06:25:43 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "content-length": "1293",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Wed, 11 May 2022 06:25:43 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-cache",
  "x-fapi-interaction-id": "a217971f-c3b3-4ca0-aa6f-2af48a866715",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000iC0fFZF9q_GTZ4Kh9bT9rgq:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_OTFE-0TmMIugvgdmvz7TWgaAGKMlCRwduKomV-+sejsWfMda; Path\u003d/; Secure; HttpOnly"
  ]
}
body
{"authenticationMechanismTypes":"urn:ibm:security:authentication:asf:mechanism:fapi_certeai","authenticationTypes":"urn:ibm:security:authentication:asf:fapi_cert_auth","AUTHENTICATION_LEVEL":"2","AZN_CRED_AUTHNMECH_INFO":"","AZN_CRED_AUTHZN_ID":"testuser","AZN_CRED_AUTH_EPOCH_TIME":"1652250343","AZN_CRED_AUTH_METHOD":"ext-auth-interface","AZN_CRED_BROWSER_INFO":"Apache-HttpClient/4.5.13 (Java/11.0.14.1)","AZN_CRED_IP_FAMILY":"AF_INET","AZN_CRED_MECH_ID":"IV_LDAP_V3.0","AZN_CRED_NETWORK_ADDRESS_BIN":"0x0ab0e247","AZN_CRED_NETWORK_ADDRESS_STR":"10.176.226.71","AZN_CRED_PRINCIPAL_DOMAIN":"Default","AZN_CRED_PRINCIPAL_NAME":"testuser","AZN_CRED_PRINCIPAL_UUID":"00000001-0000-1000-8002-030405060708","AZN_CRED_QOP_INFO":"x509: TLSV12: 9E","AZN_CRED_REGISTRY_ID":"cn=testuser,cn=ExternalUser","AZN_CRED_USER_INFO":"","AZN_CRED_VERSION":"0x00001004","AZN_CUSTOM_ATTRIBUTES":["scope","AUTHENTICATION_LEVEL","authenticationMechanismTypes","authenticationTypes"],"scope":"openid,email","tagvalue_login_user_name":"testuser","tagvalue_max_concurrent_web_sessions":"unset","tagvalue_session_index":"2f8d2944-d0f3-11ec-af69-9a8169b7a4fd","tagvalue_user_session_id":"bG9jYWxob3N0LW1vYmlsZQA=_YntW5wAAAAIAAAAw51Z7Ykj0AlSjfwAAT1RGRS0wVG1NSXVndmdkbXZ6N1RXZ2FBR0tNbENSd2R1S29tVi0rc2Vqc1dmTWRh:default"}
2022-05-11 06:25:43 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-05-11 06:25:43 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Wed, 11 May 2022 06:25:43 GMT
skew
524
2022-05-11 06:25:43 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
a217971f-c3b3-4ca0-aa6f-2af48a866715
2022-05-11 06:25:43 SUCCESS
EnsureMatchingFAPIInteractionId
Interaction ID matched
fapi_interaction_id
a217971f-c3b3-4ca0-aa6f-2af48a866715
2022-05-11 06:25:43 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is json
content_type
application/json; charset=utf-8
Second client: Call backchannel authentication endpoint
2022-05-11 06:25:43 SUCCESS
CreateEmptyAuthorizationEndpointRequest
Created empty authorization endpoint request
2022-05-11 06:25:43 SUCCESS
AddScopeToAuthorizationEndpointRequest
Added scope of 'openid' to authorization endpoint request
scope
openid
2022-05-11 06:25:43 SUCCESS
AddHintToAuthorizationEndpointRequest
Added hint to authorization endpoint request
login_hint
testuser
2022-05-11 06:25:43 SUCCESS
AddBindingMessageToAuthorizationEndpointRequest
Added binding message to authorization endpoint request
binding_message
1234
2022-05-11 06:25:43 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "scope": "openid",
  "login_hint": "testuser",
  "binding_message": "1234"
}
2022-05-11 06:25:43 SUCCESS
AddIatToRequestObject
Added iat to request object claims
iat
1.652250343E9
2022-05-11 06:25:43 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.652250643E9
2022-05-11 06:25:43 SUCCESS
AddNbfToRequestObject
Added nbf to request object claims
nbf
1.652250343E9
2022-05-11 06:25:43 SUCCESS
AddJtiToRequestObject
Added jti to request object claims
jti
iVTJfc9QsfIOf8f27hLm
2022-05-11 06:25:43 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://ciba-mobile.securitypoc.com
2022-05-11 06:25:43 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
GIi4p8SCIhNO8g98blye
2022-05-11 06:25:43 SUCCESS
SignRequestObject
Signed the request object
claims
{
  "aud": "https://ciba-mobile.securitypoc.com",
  "login_hint": "testuser",
  "nbf": 1652250343,
  "scope": "openid",
  "iss": "GIi4p8SCIhNO8g98blye",
  "binding_message": "1234",
  "exp": 1652250643,
  "iat": 1652250343,
  "jti": "iVTJfc9QsfIOf8f27hLm"
}
header
{
  "kid": "6RHpOyxdsQPzYz6uNmAC9YHuxrAUbGe4RZHuT218NfE",
  "alg": "ES256"
}
request_object
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwibG9naW5faGludCI6InRlc3R1c2VyIiwibmJmIjoxNjUyMjUwMzQzLCJzY29wZSI6Im9wZW5pZCIsImlzcyI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTY1MjI1MDY0MywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiJpVlRKZmM5UXNmSU9mOGYyN2hMbSJ9.TDpTz95giCPUPvcTKa8suHZe_llnOZoF6V6OTcJ7C6bKzYgIWTZDWVGWZGoqow1QaJfJtfJux4lm_GmTtBKlZw
key
{
  "kty": "EC",
  "d": "ALhGSwgtKne65I2OyEaUzUzKe0GUhjViKo2xvIeoiU8X",
  "crv": "P-256",
  "kid": "6RHpOyxdsQPzYz6uNmAC9YHuxrAUbGe4RZHuT218NfE",
  "x": "_9HZpw98HIP6hmCSXfv8u00cIy5UQ_XZ7krXJID-ydI",
  "y": "AGjAW113d8wl_SfZMBXA6i1y9R2OrhlwcpuYYJpQE9s",
  "alg": "ES256"
}
2022-05-11 06:25:43 SUCCESS
CreateBackchannelAuthenticationEndpointRequest
Created backchannel authentication endpoint request
2022-05-11 06:25:43
AddRequestToBackchannelAuthenticationEndpointRequest
request
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwibG9naW5faGludCI6InRlc3R1c2VyIiwibmJmIjoxNjUyMjUwMzQzLCJzY29wZSI6Im9wZW5pZCIsImlzcyI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTY1MjI1MDY0MywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiJpVlRKZmM5UXNmSU9mOGYyN2hMbSJ9.TDpTz95giCPUPvcTKa8suHZe_llnOZoF6V6OTcJ7C6bKzYgIWTZDWVGWZGoqow1QaJfJtfJux4lm_GmTtBKlZw
2022-05-11 06:25:43 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
GIi4p8SCIhNO8g98blye
sub
GIi4p8SCIhNO8g98blye
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
2srYuul2RrMile9qZgkF
iat
1652250343
exp
1652250403
2022-05-11 06:25:43 SUCCESS
SetClientAuthenticationAudTokenEndpointToBackchannelAuthenticationEndpoint
Add token_endpoint as aud value to client_assertion_claims - as per section 7.1 of CIBA, 'the OP MUST accept its Issuer Identifier, Token Endpoint URL, or Backchannel Authentication Endpoint URL as values that identify it as an intended audience'
iss
GIi4p8SCIhNO8g98blye
sub
GIi4p8SCIhNO8g98blye
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
2srYuul2RrMile9qZgkF
iat
1652250343
exp
1652250403
2022-05-11 06:25:43 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwMywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiIyc3JZdXVsMlJyTWlsZTlxWmdrRiJ9.oq2kvXBlWli3fHFjcwk-OvvghqvoCtt-NxOP4H8gVLLmMbBbbNv9n_TUoVkGDtvqTygDjgPfrYMoQ4zen3iwkw
2022-05-11 06:25:43
AddClientAssertionToBackchannelAuthenticationEndpoint
Added client assertion
request
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwibG9naW5faGludCI6InRlc3R1c2VyIiwibmJmIjoxNjUyMjUwMzQzLCJzY29wZSI6Im9wZW5pZCIsImlzcyI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTY1MjI1MDY0MywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiJpVlRKZmM5UXNmSU9mOGYyN2hMbSJ9.TDpTz95giCPUPvcTKa8suHZe_llnOZoF6V6OTcJ7C6bKzYgIWTZDWVGWZGoqow1QaJfJtfJux4lm_GmTtBKlZw
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwMywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiIyc3JZdXVsMlJyTWlsZTlxWmdrRiJ9.oq2kvXBlWli3fHFjcwk-OvvghqvoCtt-NxOP4H8gVLLmMbBbbNv9n_TUoVkGDtvqTygDjgPfrYMoQ4zen3iwkw
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:43
CallBackchannelAuthenticationEndpoint
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/ciba
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "1009"
}
request_body
request=eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvY2liYS1tb2JpbGUuc2VjdXJpdHlwb2MuY29tIiwibG9naW5faGludCI6InRlc3R1c2VyIiwibmJmIjoxNjUyMjUwMzQzLCJzY29wZSI6Im9wZW5pZCIsImlzcyI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYmluZGluZ19tZXNzYWdlIjoiMTIzNCIsImV4cCI6MTY1MjI1MDY0MywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiJpVlRKZmM5UXNmSU9mOGYyN2hMbSJ9.TDpTz95giCPUPvcTKa8suHZe_llnOZoF6V6OTcJ7C6bKzYgIWTZDWVGWZGoqow1QaJfJtfJux4lm_GmTtBKlZw&client_assertion=eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwMywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiIyc3JZdXVsMlJyTWlsZTlxWmdrRiJ9.oq2kvXBlWli3fHFjcwk-OvvghqvoCtt-NxOP4H8gVLLmMbBbbNv9n_TUoVkGDtvqTygDjgPfrYMoQ4zen3iwkw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKhELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLamqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+558fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hOdebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPusO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6FDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDPlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBLmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+pUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeMtWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81OOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJGPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIGMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7xPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxyhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcihWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZsGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZhO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2sfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q65HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoKIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4QPDq1ObkZdDBcEscAK6gQPlI\u003d",
  "ca": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d"
}
2022-05-11 06:25:43 RESPONSE
CallBackchannelAuthenticationEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json",
  "date": "Wed, 11 May 2022 06:25:43 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "server": "IBM Security Verify Access",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-cache",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": "PD-S-SESSION-ID\u003d1_2_1_DL7Gk7jknjnzsndfYFw2tiAwhffVWnGZxWmT2qPx9L6iDK4R; Path\u003d/; Secure; HttpOnly"
}
response_body
{"auth_req_id":"4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI","expires_in":299,"interval":5}	
2022-05-11 06:25:43
CallBackchannelAuthenticationEndpoint
Backchannel Authentication endpoint response
backchannel_authentication_endpoint_response
{"auth_req_id":"4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI","expires_in":299,"interval":5}	
2022-05-11 06:25:43 SUCCESS
CallBackchannelAuthenticationEndpoint
Parsed backchannel authentication endpoint response
auth_req_id
4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
expires_in
299
interval
5
2022-05-11 06:25:43 SUCCESS
CheckBackchannelAuthenticationEndpointHttpStatus200
Backchannel authentication endpoint http status code was 200
2022-05-11 06:25:43 SUCCESS
CheckBackchannelAuthenticationEndpointContentType
Backchannel authentication endpoint Content-Type: header is application/json
2022-05-11 06:25:43 SUCCESS
CheckIfBackchannelAuthenticationEndpointResponseError
No error from Backchannel authentication endpoint
2022-05-11 06:25:43 SUCCESS
ValidateAuthenticationRequestId
auth_req_id passed all validation checks
2022-05-11 06:25:43 SUCCESS
EnsureMinimumAuthenticationRequestIdLength
auth_req_id is of sufficient length
actual
400
required
128
2022-05-11 06:25:43 SUCCESS
EnsureMinimumAuthenticationRequestIdEntropy
Calculated shannon entropy seems sufficient
actual
239.07339400997242
expected
96.0
value
s
2022-05-11 06:25:43 SUCCESS
EnsureRecommendedAuthenticationRequestIdEntropy
Calculated entropy
actual
239.07339400997242
value
4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
recommended
160.0
2022-05-11 06:25:43 SUCCESS
ValidateAuthenticationRequestIdExpiresIn
expires_in passed all validation checks
expires_in
299
2022-05-11 06:25:43 SUCCESS
ValidateAuthenticationRequestIdInterval
interval passed all validation checks
interval
5
Second client: Call token endpoint expecting pending
2022-05-11 06:25:43 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
Created token endpoint request
grant_type
urn:openid:params:grant-type:ciba
2022-05-11 06:25:43
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
2022-05-11 06:25:43 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
GIi4p8SCIhNO8g98blye
sub
GIi4p8SCIhNO8g98blye
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
ENSoPI2bVon6xaMUQv6W
iat
1652250343
exp
1652250403
2022-05-11 06:25:43 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwMywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiJFTlNvUEkyYlZvbjZ4YU1VUXY2VyJ9.qj3QNXqYFbs987YxxZ89_YPuZRNffEwtqcz9i_lv7gEE2ROQiYAxH2IxRsh5vxMw9q6cba-KvjZd8GqYy_2FJQ
2022-05-11 06:25:43
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwMywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiJFTlNvUEkyYlZvbjZ4YU1VUXY2VyJ9.qj3QNXqYFbs987YxxZ89_YPuZRNffEwtqcz9i_lv7gEE2ROQiYAxH2IxRsh5vxMw9q6cba-KvjZd8GqYy_2FJQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:43
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "642"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI&client_assertion=eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwMywiaWF0IjoxNjUyMjUwMzQzLCJqdGkiOiJFTlNvUEkyYlZvbjZ4YU1VUXY2VyJ9.qj3QNXqYFbs987YxxZ89_YPuZRNffEwtqcz9i_lv7gEE2ROQiYAxH2IxRsh5vxMw9q6cba-KvjZd8GqYy_2FJQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKhELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLamqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+558fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hOdebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPusO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6FDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDPlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBLmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+pUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeMtWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81OOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJGPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIGMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7xPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxyhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcihWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZsGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZhO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2sfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q65HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoKIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4QPDq1ObkZdDBcEscAK6gQPlI\u003d",
  "ca": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d"
}
2022-05-11 06:25:44 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "content-language": "en-US",
  "content-length": "100",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:44 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000CpS1TfgDCHhIsrzu1WmTSjk:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000PhAO1G4APckjE-42ufeuXeS:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_0ZCorm3yH0x9QyQaSObtFz5MS6wLs07Te7NQ1tekzLoSJfFY; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"error_description":"FBTOAU256E Pending. The auth_req_id is not yet verified.","error":"slow_down"}
2022-05-11 06:25:44 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
error
slow_down
2022-05-11 06:25:44 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Second client: Verify token endpoint response is pending or slow_down
2022-05-11 06:25:44 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-05-11 06:25:44 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
slow_down
2022-05-11 06:25:44 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
2022-05-11 06:25:44 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
2022-05-11 06:25:44 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2022-05-11 06:25:44 SUCCESS
EnsureErrorTokenEndpointSlowdownOrAuthorizationPending
error met 'slow_down' or 'authorization_pending'
error
slow_down
Second client: Call token endpoint expecting pending (second time)
2022-05-11 06:25:49 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
Created token endpoint request
grant_type
urn:openid:params:grant-type:ciba
2022-05-11 06:25:49
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
2022-05-11 06:25:49 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
GIi4p8SCIhNO8g98blye
sub
GIi4p8SCIhNO8g98blye
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
m8u5hLbheW2pNJZ5OHmi
iat
1652250349
exp
1652250409
2022-05-11 06:25:49 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwOSwiaWF0IjoxNjUyMjUwMzQ5LCJqdGkiOiJtOHU1aExiaGVXMnBOSlo1T0htaSJ9.U8rKRdtvuBQZgOoISlqibFv5xUIu2U2Qe6CHruZmzU9YO9Lw-IRwoyo5zCiuUmPkbgkAfL0wpRWg59Kvta6z_w
2022-05-11 06:25:49
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwOSwiaWF0IjoxNjUyMjUwMzQ5LCJqdGkiOiJtOHU1aExiaGVXMnBOSlo1T0htaSJ9.U8rKRdtvuBQZgOoISlqibFv5xUIu2U2Qe6CHruZmzU9YO9Lw-IRwoyo5zCiuUmPkbgkAfL0wpRWg59Kvta6z_w
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:49
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "642"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI&client_assertion=eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQwOSwiaWF0IjoxNjUyMjUwMzQ5LCJqdGkiOiJtOHU1aExiaGVXMnBOSlo1T0htaSJ9.U8rKRdtvuBQZgOoISlqibFv5xUIu2U2Qe6CHruZmzU9YO9Lw-IRwoyo5zCiuUmPkbgkAfL0wpRWg59Kvta6z_w&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKhELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLamqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+558fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hOdebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPusO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6FDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDPlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBLmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+pUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeMtWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81OOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJGPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIGMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7xPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxyhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcihWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZsGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZhO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2sfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q65HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoKIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4QPDq1ObkZdDBcEscAK6gQPlI\u003d",
  "ca": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d"
}
2022-05-11 06:25:49 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "content-language": "en-US",
  "content-length": "112",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:49 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000MKCR7WeL2GwtXuExMZrYK21:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000Cn5FBfAgbWk_fWCOSdfi6rG:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_2X4oOpzvHiWdDwe1232jhlcLBzI1I0Sxdz8sZVbTn2-vudR7; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"error_description":"FBTOAU256E Pending. The auth_req_id is not yet verified.","error":"authorization_pending"}
2022-05-11 06:25:49 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
error
authorization_pending
2022-05-11 06:25:49 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Second client: Verify token endpoint response is pending or slow_down
2022-05-11 06:25:49 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-05-11 06:25:49 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
authorization_pending
2022-05-11 06:25:49 SUCCESS
CheckErrorDescriptionFromTokenEndpointResponseErrorContainsCRLFTAB
token_endpoint_response 'error_description' field does not include CR/LF/TAB
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
2022-05-11 06:25:49 SUCCESS
ValidateErrorDescriptionFromTokenEndpointResponseError
token_endpoint_response error returned valid 'error_description' field
error_description
FBTOAU256E Pending. The auth_req_id is not yet verified.
2022-05-11 06:25:49 SUCCESS
ValidateErrorUriFromTokenEndpointResponseError
token_endpoint_response did not include optional 'error_uri' field
2022-05-11 06:25:49 SUCCESS
EnsureErrorTokenEndpointSlowdownOrAuthorizationPending
error met 'slow_down' or 'authorization_pending'
error
authorization_pending
2022-05-11 06:25:49
CallAutomatedCibaApprovalEndpoint
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/automated_ciba_approval_url?action=allow&token=4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
request_method
POST
request_headers
{
  "accept": "application/json",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKhELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLamqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+558fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hOdebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPusO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6FDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDPlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBLmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+pUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeMtWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81OOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJGPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIGMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7xPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxyhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcihWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZsGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZhO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2sfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q65HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoKIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4QPDq1ObkZdDBcEscAK6gQPlI\u003d",
  "ca": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d"
}
2022-05-11 06:25:49 RESPONSE
CallAutomatedCibaApprovalEndpoint
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json",
  "date": "Wed, 11 May 2022 06:25:49 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "server": "IBM Security Verify Access",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-cache",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000ay8zZw__QsD-v9I-31WpK4s:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d00000wAQ80PaXdlmQK8Nu6EX_q-:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_u4FyumQLUvoQ9QtTis6tA49kMv+QVTsMEv6a6Gu9Qxvm3rru; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"status":"ok"}	
2022-05-11 06:25:49 SUCCESS
CallAutomatedCibaApprovalEndpoint
Successfully called automated_ciba_approval_url endpoint
response
{"status":"ok"}	
Second client: Polling token endpoint waiting for user to authenticate
2022-05-11 06:25:54 SUCCESS
CreateTokenEndpointRequestForCIBAGrant
Created token endpoint request
grant_type
urn:openid:params:grant-type:ciba
2022-05-11 06:25:54
AddAuthReqIdToTokenEndpointRequest
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
2022-05-11 06:25:54 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
GIi4p8SCIhNO8g98blye
sub
GIi4p8SCIhNO8g98blye
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
yPvrdmLhyoroWIypA0Kc
iat
1652250354
exp
1652250414
2022-05-11 06:25:54 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQxNCwiaWF0IjoxNjUyMjUwMzU0LCJqdGkiOiJ5UHZyZG1MaHlvcm9XSXlwQTBLYyJ9.TSONFPO9DgO50ApWi6sjeoHIQ6mZQfhGLKKzsWVfI-D4T3Ic5UipDvHd1ZX_ly2tvZZAkHNTIKRX1fg_ZgA_WQ
2022-05-11 06:25:54
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
urn:openid:params:grant-type:ciba
auth_req_id
4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQxNCwiaWF0IjoxNjUyMjUwMzU0LCJqdGkiOiJ5UHZyZG1MaHlvcm9XSXlwQTBLYyJ9.TSONFPO9DgO50ApWi6sjeoHIQ6mZQfhGLKKzsWVfI-D4T3Ic5UipDvHd1ZX_ly2tvZZAkHNTIKRX1fg_ZgA_WQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:54
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "642"
}
request_body
grant_type=urn%3Aopenid%3Aparams%3Agrant-type%3Aciba&auth_req_id=4ukf0yfJAo1M4XpunQtcmReZ4fzRaEEPoJCRCAyFF5RITegRnI&client_assertion=eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQxNCwiaWF0IjoxNjUyMjUwMzU0LCJqdGkiOiJ5UHZyZG1MaHlvcm9XSXlwQTBLYyJ9.TSONFPO9DgO50ApWi6sjeoHIQ6mZQfhGLKKzsWVfI-D4T3Ic5UipDvHd1ZX_ly2tvZZAkHNTIKRX1fg_ZgA_WQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKhELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLamqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+558fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hOdebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPusO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6FDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDPlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBLmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+pUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeMtWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81OOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJGPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIGMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7xPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxyhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcihWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZsGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZhO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2sfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q65HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoKIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4QPDq1ObkZdDBcEscAK6gQPlI\u003d",
  "ca": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d"
}
2022-05-11 06:25:55 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:55 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000AXjiigUMLd9bfEQjl_WEM2G:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000pF_UxT7kesjV7y-iaRqXdsI:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_l3lPlHuKL2BObzMN1kWP0BgnjeCj+bnANL4yBhxs0LJGpKq+; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"access_token":"jC0y35RlqOv44m6HvlXjDQqzGwVPRTEE","refresh_token":"DoergjsopitHGievkXemWIHCN0sQ3ck40EjGRel7","scope":"openid","id_token":"eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNTUsImV4cCI6MTY1MjI1Mzk1NSwibm9uY2UiOiJsYW40NXhzbHNmIiwiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJzdWIiOiJ0ZXN0dXNlciIsImF1ZCI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYXRfaGFzaCI6IkE5LUpLWHhNYlZzZU1WaDJ5RVF3eVEiLCJydF9oYXNoIjoidmo1U0d0N0Ffb2MxTzgxOHFjaHV3USIsImFjciI6ImFjcjphdXRvdGVzdCJ9.lAPWSefj_1d1_IJ3TCSlf3pJYQOjBJcB3IrvFhE-gBQlelzsoapo_08YitcguJKsCl5zTpz-0b-25i4gKK5Izg","token_type":"bearer","expires_in":3599}
2022-05-11 06:25:55 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
jC0y35RlqOv44m6HvlXjDQqzGwVPRTEE
refresh_token
DoergjsopitHGievkXemWIHCN0sQ3ck40EjGRel7
scope
openid
id_token
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNTUsImV4cCI6MTY1MjI1Mzk1NSwibm9uY2UiOiJsYW40NXhzbHNmIiwiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJzdWIiOiJ0ZXN0dXNlciIsImF1ZCI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYXRfaGFzaCI6IkE5LUpLWHhNYlZzZU1WaDJ5RVF3eVEiLCJydF9oYXNoIjoidmo1U0d0N0Ffb2MxTzgxOHFjaHV3USIsImFjciI6ImFjcjphdXRvdGVzdCJ9.lAPWSefj_1d1_IJ3TCSlf3pJYQOjBJcB3IrvFhE-gBQlelzsoapo_08YitcguJKsCl5zTpz-0b-25i4gKK5Izg
token_type
bearer
expires_in
3599
2022-05-11 06:25:55 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
Second client: Verify token endpoint response
2022-05-11 06:25:55 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-05-11 06:25:55 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-store, no-cache=set-cookie
pragma_header
no-cache
2022-05-11 06:25:55 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-05-11 06:25:55 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
jC0y35RlqOv44m6HvlXjDQqzGwVPRTEE
2022-05-11 06:25:55 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
jC0y35RlqOv44m6HvlXjDQqzGwVPRTEE
type
bearer
2022-05-11 06:25:55 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3599
2022-05-11 06:25:55 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3599
2022-05-11 06:25:55 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
DoergjsopitHGievkXemWIHCN0sQ3ck40EjGRel7
2022-05-11 06:25:55 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
320
required
128
2022-05-11 06:25:55 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
188.87712379549453
expected
96.0
value
s
2022-05-11 06:25:55 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
256
required
128
2022-05-11 06:25:55 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
146.0
expected
96.0
value
s
2022-05-11 06:25:55 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNTUsImV4cCI6MTY1MjI1Mzk1NSwibm9uY2UiOiJsYW40NXhzbHNmIiwiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJzdWIiOiJ0ZXN0dXNlciIsImF1ZCI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYXRfaGFzaCI6IkE5LUpLWHhNYlZzZU1WaDJ5RVF3eVEiLCJydF9oYXNoIjoidmo1U0d0N0Ffb2MxTzgxOHFjaHV3USIsImFjciI6ImFjcjphdXRvdGVzdCJ9.lAPWSefj_1d1_IJ3TCSlf3pJYQOjBJcB3IrvFhE-gBQlelzsoapo_08YitcguJKsCl5zTpz-0b-25i4gKK5Izg
header
{
  "kid": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg",
  "alg": "ES256"
}
claims
{
  "at_hash": "A9-JKXxMbVseMVh2yEQwyQ",
  "sub": "testuser",
  "aud": "GIi4p8SCIhNO8g98blye",
  "acr": "acr:autotest",
  "iss": "https://ciba-mobile.securitypoc.com",
  "exp": 1652253955,
  "iat": 1652250355,
  "nonce": "lan45xslsf",
  "rt_hash": "vj5SGt7A_oc1O818qchuwQ"
}
2022-05-11 06:25:55 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2022-05-11 06:25:55 SUCCESS
EnsureIdTokenContainsKid
kid was found in the ID token header
kid
JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg
2022-05-11 06:25:55 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNTUsImV4cCI6MTY1MjI1Mzk1NSwibm9uY2UiOiJsYW40NXhzbHNmIiwiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJzdWIiOiJ0ZXN0dXNlciIsImF1ZCI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYXRfaGFzaCI6IkE5LUpLWHhNYlZzZU1WaDJ5RVF3eVEiLCJydF9oYXNoIjoidmo1U0d0N0Ffb2MxTzgxOHFjaHV3USIsImFjciI6ImFjcjphdXRvdGVzdCJ9.lAPWSefj_1d1_IJ3TCSlf3pJYQOjBJcB3IrvFhE-gBQlelzsoapo_08YitcguJKsCl5zTpz-0b-25i4gKK5Izg
2022-05-11 06:25:55 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJpYXQiOjE2NTIyNTAzNTUsImV4cCI6MTY1MjI1Mzk1NSwibm9uY2UiOiJsYW40NXhzbHNmIiwiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJzdWIiOiJ0ZXN0dXNlciIsImF1ZCI6IkdJaTRwOFNDSWhOTzhnOThibHllIiwiYXRfaGFzaCI6IkE5LUpLWHhNYlZzZU1WaDJ5RVF3eVEiLCJydF9oYXNoIjoidmo1U0d0N0Ffb2MxTzgxOHFjaHV3USIsImFjciI6ImFjcjphdXRvdGVzdCJ9.lAPWSefj_1d1_IJ3TCSlf3pJYQOjBJcB3IrvFhE-gBQlelzsoapo_08YitcguJKsCl5zTpz-0b-25i4gKK5Izg
2022-05-11 06:25:55 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
testuser
2022-05-11 06:25:55 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
permitted
[
  "ES256",
  "PS256"
]
alg
ES256
2022-05-11 06:25:55 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-05-11 06:25:55 INFO
FAPIValidateEncryptedIdTokenHasKid
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2022-05-11 06:25:55 INFO
FAPICIBAValidateIdTokenAuthRequestIdClaims
Skipped evaluation due to missing required element: id_token claims.urn:openid:params:jwt:claim:auth_req_id
path
claims.urn:openid:params:jwt:claim:auth_req_id
mapped
object
id_token
2022-05-11 06:25:55 SUCCESS
ValidateIdTokenNotIncludeCHashAndSHash
id_token claims correctly does not contain 'c_hash' and 's_hash'
claims
{
  "at_hash": "A9-JKXxMbVseMVh2yEQwyQ",
  "sub": "testuser",
  "aud": "GIi4p8SCIhNO8g98blye",
  "acr": "acr:autotest",
  "iss": "https://ciba-mobile.securitypoc.com",
  "exp": 1652253955,
  "iat": 1652250355,
  "nonce": "lan45xslsf",
  "rt_hash": "vj5SGt7A_oc1O818qchuwQ"
}
2022-05-11 06:25:55 SUCCESS
ExtractAtHash
Extracted at_hash from ID Token
at_hash
A9-JKXxMbVseMVh2yEQwyQ
alg
ES256
2022-05-11 06:25:55 INFO
ExtractRtHash
Couldn't find urn:openid:params:jwt:claim:rt_hash claim in the ID token
2022-05-11 06:25:55 INFO
FAPICIBAValidateRtHash
Skipped evaluation due to missing required object: rt_hash
expected
rt_hash
mapped
2022-05-11 06:25:55 SUCCESS
ValidateAtHash
at_hash validated successfully
expected_hash
A9-JKXxMbVseMVh2yEQwyQ
unhashed_value
jC0y35RlqOv44m6HvlXjDQqzGwVPRTEE
id_token_hash
A9-JKXxMbVseMVh2yEQwyQ
Second client: Check for refresh token
2022-05-11 06:25:55 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
DoergjsopitHGievkXemWIHCN0sQ3ck40EjGRel7
2022-05-11 06:25:55 SUCCESS
EnsureServerConfigurationSupportsRefreshToken
The server configuration indicates support for refresh tokens
supported_grant_types
[
  "urn:ietf:params:oauth:grant-type:device_code",
  "refresh_token",
  "urn:openid:params:grant-type:ciba"
]
2022-05-11 06:25:55 SUCCESS
EnsureRefreshTokenContainsAllowedCharactersOnly
Refresh token does not contain any illegal characters
Second client: Refresh Token Request
2022-05-11 06:25:55 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
DoergjsopitHGievkXemWIHCN0sQ3ck40EjGRel7
2022-05-11 06:25:55 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
GIi4p8SCIhNO8g98blye
sub
GIi4p8SCIhNO8g98blye
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
cQ6EyVuiGIGsqJvYJmWo
iat
1652250355
exp
1652250415
2022-05-11 06:25:55 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQxNSwiaWF0IjoxNjUyMjUwMzU1LCJqdGkiOiJjUTZFeVZ1aUdJR3NxSnZZSm1XbyJ9.lVgikKAl53QaQ4uV7Lab_x7tqS4ryBAPnc-31yhyjcxLVcPwcrxOx1EY47fHrUlk1RSyg5JKoGLt_tTpIMnHCw
2022-05-11 06:25:55
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
DoergjsopitHGievkXemWIHCN0sQ3ck40EjGRel7
client_assertion
eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQxNSwiaWF0IjoxNjUyMjUwMzU1LCJqdGkiOiJjUTZFeVZ1aUdJR3NxSnZZSm1XbyJ9.lVgikKAl53QaQ4uV7Lab_x7tqS4ryBAPnc-31yhyjcxLVcPwcrxOx1EY47fHrUlk1RSyg5JKoGLt_tTpIMnHCw
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:55 SUCCESS
WaitForOneSecond
Pausing for 1 seconds
2022-05-11 06:25:56 SUCCESS
WaitForOneSecond
Woke up after 1 seconds sleep
2022-05-11 06:25:56
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "606"
}
request_body
grant_type=refresh_token&refresh_token=DoergjsopitHGievkXemWIHCN0sQ3ck40EjGRel7&client_assertion=eyJraWQiOiI2UkhwT3l4ZHNRUHpZejZ1Tm1BQzlZSHV4ckFVYkdlNFJaSHVUMjE4TmZFIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSIsImV4cCI6MTY1MjI1MDQxNSwiaWF0IjoxNjUyMjUwMzU1LCJqdGkiOiJjUTZFeVZ1aUdJR3NxSnZZSm1XbyJ9.lVgikKAl53QaQ4uV7Lab_x7tqS4ryBAPnc-31yhyjcxLVcPwcrxOx1EY47fHrUlk1RSyg5JKoGLt_tTpIMnHCw&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKhELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLamqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+558fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hOdebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPusO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6FDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDPlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBLmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+pUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeMtWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81OOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJGPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIGMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7xPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxyhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcihWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZsGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZhO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2sfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q65HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoKIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4QPDq1ObkZdDBcEscAK6gQPlI\u003d",
  "ca": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d"
}
2022-05-11 06:25:56 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-language": "en-US",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:56 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "transfer-encoding": "chunked",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000EWOnfUJcSQS0_lxfI3Gc5Mx:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000C1tAn5BF5tBgj_ILw_vLN8v:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_zGk8Ph4tUrrCtXKSh+ID+GT4U99m64EMZQyW-uYBOaCSwHog; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"access_token":"ysJriTE8GdasxHzLuePBoDhDL5Uwx4id","refresh_token":"OTCqSTcGjcNfaz3ZEHvhD9sQPutebKLHmhreAlb1","scope":"openid","id_token":"eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJydF9oYXNoIjoiOUtEc3ZVTnVYTTN1UG45ZnVGLXAzZyIsImlhdCI6MTY1MjI1MDM1NiwiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJhdF9oYXNoIjoiUFRMSUhOdHo3VDZyQjJiNkRESW5uUSIsInN1YiI6InRlc3R1c2VyIiwiZXhwIjoxNjUyMjUzOTU2LCJhdWQiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSJ9.492TU1VRUKMEBMjY2AIU6elhTQpJ9ATiXTmN53pUp3mnm2ECT9wUBWT1d_Qd4_hUvIcYpbIGAytm1_SHJvAX7Q","token_type":"bearer","expires_in":3599}
2022-05-11 06:25:56 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
access_token
ysJriTE8GdasxHzLuePBoDhDL5Uwx4id
refresh_token
OTCqSTcGjcNfaz3ZEHvhD9sQPutebKLHmhreAlb1
scope
openid
id_token
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJydF9oYXNoIjoiOUtEc3ZVTnVYTTN1UG45ZnVGLXAzZyIsImlhdCI6MTY1MjI1MDM1NiwiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJhdF9oYXNoIjoiUFRMSUhOdHo3VDZyQjJiNkRESW5uUSIsInN1YiI6InRlc3R1c2VyIiwiZXhwIjoxNjUyMjUzOTU2LCJhdWQiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSJ9.492TU1VRUKMEBMjY2AIU6elhTQpJ9ATiXTmN53pUp3mnm2ECT9wUBWT1d_Qd4_hUvIcYpbIGAytm1_SHJvAX7Q
token_type
bearer
expires_in
3599
2022-05-11 06:25:56 SUCCESS
CheckTokenEndpointHttpStatus200
Token endpoint http status code was 200
2022-05-11 06:25:56 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-05-11 06:25:56 SUCCESS
CheckTokenEndpointCacheHeaders
'pragma' and 'cache-control' headers in token endpoint response contain expected values.
cache_control_header
no-store, no-cache=set-cookie
pragma_header
no-cache
2022-05-11 06:25:56 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2022-05-11 06:25:56 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
ysJriTE8GdasxHzLuePBoDhDL5Uwx4id
type
bearer
2022-05-11 06:25:56 SUCCESS
CheckTokenTypeIsBearer
Token type is bearer
2022-05-11 06:25:56 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
148.0
expected
96.0
value
s
2022-05-11 06:25:56 SUCCESS
EnsureAccessTokenContainsAllowedCharactersOnly
Access token does not contain any illegal characters
2022-05-11 06:25:56 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
3599
2022-05-11 06:25:56 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
3599
2022-05-11 06:25:56 SUCCESS
EnsureAccessTokenValuesAreDifferent
Access token values are not the same
first_access_token
jC0y35RlqOv44m6HvlXjDQqzGwVPRTEE
second_access_token
ysJriTE8GdasxHzLuePBoDhDL5Uwx4id
2022-05-11 06:25:56 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJraWQiOiJKQnAtRHVoazd6U1g1dW1GeU1CZm9nWG81ekRYcFRpaXZnREpzb21iUVhnIiwiYWxnIjoiRVMyNTYifQ.eyJydF9oYXNoIjoiOUtEc3ZVTnVYTTN1UG45ZnVGLXAzZyIsImlhdCI6MTY1MjI1MDM1NiwiaXNzIjoiaHR0cHM6Ly9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb20iLCJhdF9oYXNoIjoiUFRMSUhOdHo3VDZyQjJiNkRESW5uUSIsInN1YiI6InRlc3R1c2VyIiwiZXhwIjoxNjUyMjUzOTU2LCJhdWQiOiJHSWk0cDhTQ0loTk84Zzk4Ymx5ZSJ9.492TU1VRUKMEBMjY2AIU6elhTQpJ9ATiXTmN53pUp3mnm2ECT9wUBWT1d_Qd4_hUvIcYpbIGAytm1_SHJvAX7Q
header
{
  "kid": "JBp-Duhk7zSX5umFyMBfogXo5zDXpTiivgDJsombQXg",
  "alg": "ES256"
}
claims
{
  "at_hash": "PTLIHNtz7T6rB2b6DDInnQ",
  "sub": "testuser",
  "aud": "GIi4p8SCIhNO8g98blye",
  "iss": "https://ciba-mobile.securitypoc.com",
  "exp": 1652253956,
  "iat": 1652250356,
  "rt_hash": "9KDsvUNuXM3uPn9fuF-p3g"
}
2022-05-11 06:25:56 SUCCESS
ExtractRefreshTokenFromTokenResponse
Extracted refresh token from response
refresh_token
OTCqSTcGjcNfaz3ZEHvhD9sQPutebKLHmhreAlb1
2022-05-11 06:25:56 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
320
required
128
2022-05-11 06:25:56 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
200.87712379549455
expected
96.0
value
s
2022-05-11 06:25:56 SUCCESS
CompareIdTokenClaims
Validated id token claims successfully
iss
{
  "first": "https://ciba-mobile.securitypoc.com",
  "second": "https://ciba-mobile.securitypoc.com",
  "note": "Values are expected to be equal"
}
sub
{
  "first": "testuser",
  "second": "testuser",
  "note": "Values are expected to be equal"
}
iat
{
  "first": 1652250355,
  "second": 1652250356,
  "note": "Values are expected to be different"
}
aud
{
  "first": "GIi4p8SCIhNO8g98blye",
  "second": "GIi4p8SCIhNO8g98blye",
  "note": "Values are expected to be equal"
}
azp
Id tokens do not contain azp claims
Second client: Resource server endpoint tests
2022-05-11 06:25:56
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2022-05-11 06:25:56
CallProtectedResource
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/ivcreds
request_method
GET
request_headers
{
  "accept": "application/json",
  "authorization": "Bearer ysJriTE8GdasxHzLuePBoDhDL5Uwx4id",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDsHRLZwy0WWTKhELpasM5guLCC9GXMJGA0wIGAOb4Tr8t0PVioBHuGJ0Se4hQzGMkgI7BCXxq4nGbF3eYgNwG1boGwL0CLYLovk1Yh64uxmZmO1dO0oiDC0isIFQUlFUXtwkDmD026OLamqkxlr5sbqKqHRRHBUfA3ovryxToqnbiGgHVK29i6poH5LMRYG7zLYJFUnjmLJy+558fCtNNMGa1/J6u0Ns1ENfvTlDUkXiwzmCugVi3ULLDaI5pRH4e0PiFfWNPP81hOdebLTlAM+Yo8/CUWtEZuF6q/er3D3iXJS9fwN+zgqq0KBGCW8rO/LuqaN2HSbwPusO9Anh4BAgMBAAECggEAaH2ZWQuaCXjiAguQHRB/1KgHXXzhDA3REadb6C4lozq6FDAN6xVIwR7hrFqqy84dO/7vQwApqCd3B/vimsEdHXjRJfJTYxskameOx6YhBTDPlzmj3h2d1/oAlywOQdH/R3AfHnEJWe89TdaxxpKHVx82kHSNnfswDr8uxX9o9XBLmyZc1DirkZmTUx8x4C00uihJ0LlzfRXdEdmldIonOgEMfpcxbg7ujvuuhP6BejP+pUlXWj7c6poEl7ziAOivGnZwB6WojXzyVR/i7nelriyhs0Ww1uXkBMullwG9hWeMtWBbkvdnI5N+pxumU4qN/0NZuZ2vzzin0ObTH453HQKBgQD3rX3hGpkPsRDRd81OOJMwQdht5qYSDJKd+0HongXlqejMFBoOuSmd3VtJHqH2rhiFz+2irR0cAkb0/WLb/8cMWwJRNByqFeZjMRfZG1FhP0PSUaGv73+a5T8W8aohs7CSoYOceJjQqEXrjeJGPdkIEU8cP4uYW0K7+xKvfcKR2wKBgQD0DBujUjQwFiKOFYGhJmHWBmBJRPeUIyIGMpI2QstnuQOoNzeFpkkoLque+SZVuQzuXAo+6mT0U23tfO9nTCQB1Jlqagxh6ED7xPdhkG+2rSL8JDzg4uYELL4ckUdVIXpJVGsF53bpooLVx+qWkGsHt24ytHYOJYxyhIvl8AS8UwKBgQCgXOuREUijOVEbXwdGKylZ6Hg6iElkjFFuCp3dAFvvHLkHUcihWdART55oVHYnowdrtHo3hwC+/tZ0j48vxIdbf52beDNLCQz3knTPdHmXjn/aMFKQ+G/VmbLkpyox0gd0mTD+4bKH/zvuTRqBwk/AgnyHXLmEtyoZTnIFwFZ3WwKBgCZsGZXXBVxkv7/65tPGRTT7AAHJF+l8toifQaHFVlzYJhk/yEAEdBQddOuscjqgzcZhO0O4h3hoAjCXsOFkfW7EV/sHAzgO5tw8oG393Xi3PYDQ+7y0PF5/5NZ+kOp4QNZ2sfrV/ETATzT1KpvV1OP8Hx9ghg2oH7qP366t4TD9AoGAY8QktewczSXlkU47F1Q65HASJxmLd5+1p6Bbf2f9c8b9rbbc7F1xLTdScr92DyduQ7k5XzK7nX5OTRzQmYoKIUO8n1j+HGdOBvSTWFHa2nZKVvJuuNOI5hSXKVspCT74lr8TP5a86ah7brwNKP4QPDq1ObkZdDBcEscAK6gQPlI\u003d",
  "ca": "MIIC8jCCAdqgAwIBAgIIeP71dlXQRxYwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMB4XDTIyMDMyMjA1NDkzOFoXDTQ5MDgwNzA1NDkzOFowFzEVMBMGA1UEAwwMY2xpZW50Ml9tdGxzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B0S2cMtFlkyoRC6WrDOYLiwgvRlzCRgNMCBgDm+E6/LdD1YqAR7hidEnuIUMxjJICOwQl8auJxmxd3mIDcBtW6BsC9Ai2C6L5NWIeuLsZmZjtXTtKIgwtIrCBUFJRVF7cJA5g9Nuji2pqpMZa+bG6iqh0URwVHwN6L68sU6Kp24hoB1StvYuqaB+SzEWBu8y2CRVJ45iycvuefHwrTTTBmtfyertDbNRDX705Q1JF4sM5groFYt1Cyw2iOaUR+HtD4hX1jTz/NYTnXmy05QDPmKPPwlFrRGbheqv3q9w94lyUvX8Dfs4KqtCgRglvKzvy7qmjdh0m8D7rDvQJ4eAQIDAQABo0IwQDAdBgNVHQ4EFgQUZIRo2rdgKyxdIGfpji2ELp2gOaowHwYDVR0jBBgwFoAUZIRo2rdgKyxdIGfpji2ELp2gOaowDQYJKoZIhvcNAQELBQADggEBAJAeOnJSmPYFq4YhPiBvg8hPLMZrsAIGGe7egPJZovk+d/1winrMzRNNsN4PuRcGq+/uF8HbszdjH9zqEFlK0FZfsT1cMFdz78BItd7v+o+EbzNceIfdGEDifyS2LCLh7kkJDKwl4SWpoulxQVvmZGw6Kvj1XVk3ecPEoJzkDTh2etWDEEFTAtRVy3GO0tIb/TBOwacMQfDT7sSAknc3JV28GCdYzBZCH9ePPp/SSsDj5PYWfuFlKzSKgFhbrgMpSghtPY52LA+2n9ocYcEIq7bVRvsJzxms54MjBEoHDGtSpXDNDQ+1Rt0WFkgAk2FS671KQ1j42P7RM8pnrhUbjHo\u003d"
}
2022-05-11 06:25:56 RESPONSE
CallProtectedResource
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "content-length": "1287",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Wed, 11 May 2022 06:25:56 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-cache",
  "x-fapi-interaction-id": "98b48552-22ec-4a8a-a15e-b948b8789936",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000VdJKz9xZuGDqKYQWRdz-bUT:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_9u7cM-N5kvIh4rH9PmKf1qiep3uN5LFMXctV8Lu7LYDSteVx; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"authenticationMechanismTypes":"urn:ibm:security:authentication:asf:mechanism:fapi_certeai","authenticationTypes":"urn:ibm:security:authentication:asf:fapi_cert_auth","AUTHENTICATION_LEVEL":"2","AZN_CRED_AUTHNMECH_INFO":"","AZN_CRED_AUTHZN_ID":"testuser","AZN_CRED_AUTH_EPOCH_TIME":"1652250356","AZN_CRED_AUTH_METHOD":"ext-auth-interface","AZN_CRED_BROWSER_INFO":"Apache-HttpClient/4.5.13 (Java/11.0.14.1)","AZN_CRED_IP_FAMILY":"AF_INET","AZN_CRED_MECH_ID":"IV_LDAP_V3.0","AZN_CRED_NETWORK_ADDRESS_BIN":"0x0ab0e247","AZN_CRED_NETWORK_ADDRESS_STR":"10.176.226.71","AZN_CRED_PRINCIPAL_DOMAIN":"Default","AZN_CRED_PRINCIPAL_NAME":"testuser","AZN_CRED_PRINCIPAL_UUID":"00000001-0000-1000-8002-030405060708","AZN_CRED_QOP_INFO":"x509: TLSV12: 9E","AZN_CRED_REGISTRY_ID":"cn=testuser,cn=ExternalUser","AZN_CRED_USER_INFO":"","AZN_CRED_VERSION":"0x00001004","AZN_CUSTOM_ATTRIBUTES":["scope","AUTHENTICATION_LEVEL","authenticationMechanismTypes","authenticationTypes"],"scope":"openid","tagvalue_login_user_name":"testuser","tagvalue_max_concurrent_web_sessions":"unset","tagvalue_session_index":"377c92a2-d0f3-11ec-af69-9a8169b7a4fd","tagvalue_user_session_id":"bG9jYWxob3N0LW1vYmlsZQA=_YntW9AAAAAIAAAAw9FZ7YpiEHDyjfwAAOXU3Y00tTjVrdkloNHJIOVBtS2YxcWllcDN1TjVMRk1YY3RWOEx1N0xZRFN0ZVZ4:default"}
2022-05-11 06:25:56 SUCCESS
CallProtectedResource
Got a response from the resource endpoint
status
200
endpoint_name
resource
headers
{
  "content-length": "1287",
  "content-type": "application/json; charset\u003dutf-8",
  "date": "Wed, 11 May 2022 06:25:56 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "cache-control": "no-cache",
  "x-fapi-interaction-id": "98b48552-22ec-4a8a-a15e-b948b8789936",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000VdJKz9xZuGDqKYQWRdz-bUT:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_9u7cM-N5kvIh4rH9PmKf1qiep3uN5LFMXctV8Lu7LYDSteVx; Path\u003d/; Secure; HttpOnly"
  ]
}
body
{"authenticationMechanismTypes":"urn:ibm:security:authentication:asf:mechanism:fapi_certeai","authenticationTypes":"urn:ibm:security:authentication:asf:fapi_cert_auth","AUTHENTICATION_LEVEL":"2","AZN_CRED_AUTHNMECH_INFO":"","AZN_CRED_AUTHZN_ID":"testuser","AZN_CRED_AUTH_EPOCH_TIME":"1652250356","AZN_CRED_AUTH_METHOD":"ext-auth-interface","AZN_CRED_BROWSER_INFO":"Apache-HttpClient/4.5.13 (Java/11.0.14.1)","AZN_CRED_IP_FAMILY":"AF_INET","AZN_CRED_MECH_ID":"IV_LDAP_V3.0","AZN_CRED_NETWORK_ADDRESS_BIN":"0x0ab0e247","AZN_CRED_NETWORK_ADDRESS_STR":"10.176.226.71","AZN_CRED_PRINCIPAL_DOMAIN":"Default","AZN_CRED_PRINCIPAL_NAME":"testuser","AZN_CRED_PRINCIPAL_UUID":"00000001-0000-1000-8002-030405060708","AZN_CRED_QOP_INFO":"x509: TLSV12: 9E","AZN_CRED_REGISTRY_ID":"cn=testuser,cn=ExternalUser","AZN_CRED_USER_INFO":"","AZN_CRED_VERSION":"0x00001004","AZN_CUSTOM_ATTRIBUTES":["scope","AUTHENTICATION_LEVEL","authenticationMechanismTypes","authenticationTypes"],"scope":"openid","tagvalue_login_user_name":"testuser","tagvalue_max_concurrent_web_sessions":"unset","tagvalue_session_index":"377c92a2-d0f3-11ec-af69-9a8169b7a4fd","tagvalue_user_session_id":"bG9jYWxob3N0LW1vYmlsZQA=_YntW9AAAAAIAAAAw9FZ7YpiEHDyjfwAAOXU3Y00tTjVrdkloNHJIOVBtS2YxcWllcDN1TjVMRk1YY3RWOEx1N0xZRFN0ZVZ4:default"}
2022-05-11 06:25:56 SUCCESS
EnsureHttpStatusCodeIs200
resource endpoint returned the expected http status
expected_status
200
http_status
200
2022-05-11 06:25:56 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Wed, 11 May 2022 06:25:56 GMT
skew
837
2022-05-11 06:25:56 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
98b48552-22ec-4a8a-a15e-b948b8789936
2022-05-11 06:25:56 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is json
content_type
application/json; charset=utf-8
Attempting to use refresh_token issued to client 2 with client 1
2022-05-11 06:25:56 SUCCESS
CreateRefreshTokenRequest
Created token endpoint request parameters
grant_type
refresh_token
refresh_token
OTCqSTcGjcNfaz3ZEHvhD9sQPutebKLHmhreAlb1
2022-05-11 06:25:56 SUCCESS
AddScopeToTokenEndpointRequest
Added scope of 'openid email' to token endpoint request
grant_type
refresh_token
refresh_token
OTCqSTcGjcNfaz3ZEHvhD9sQPutebKLHmhreAlb1
scope
openid email
2022-05-11 06:25:56 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
2gJT3oQVIK9bnKrfamZ4
sub
2gJT3oQVIK9bnKrfamZ4
aud
https://ciba-mobile.securitypoc.com/oauth2/token
jti
wQNzWH0FTdRNB87sKY0B
iat
1652250356
exp
1652250416
2022-05-11 06:25:56 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQxNiwiaWF0IjoxNjUyMjUwMzU2LCJqdGkiOiJ3UU56V0gwRlRkUk5CODdzS1kwQiJ9.b7xYYi1O3oC9s_e3y6jcZtE3oZlvw_sAL_J2TGw02FXh-3HNXWbK--uDvkTWQX7x2nZlcCOhNeqTJkWMReNFKQ
2022-05-11 06:25:56
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
refresh_token
refresh_token
OTCqSTcGjcNfaz3ZEHvhD9sQPutebKLHmhreAlb1
scope
openid email
client_assertion
eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQxNiwiaWF0IjoxNjUyMjUwMzU2LCJqdGkiOiJ3UU56V0gwRlRkUk5CODdzS1kwQiJ9.b7xYYi1O3oC9s_e3y6jcZtE3oZlvw_sAL_J2TGw02FXh-3HNXWbK--uDvkTWQX7x2nZlcCOhNeqTJkWMReNFKQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2022-05-11 06:25:56
CallTokenEndpointAndReturnFullResponse
HTTP request
request_uri
https://ciba-mobile.securitypoc.com/oauth2/token
request_method
POST
request_headers
{
  "accept": "application/json",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "625"
}
request_body
grant_type=refresh_token&refresh_token=OTCqSTcGjcNfaz3ZEHvhD9sQPutebKLHmhreAlb1&scope=openid+email&client_assertion=eyJraWQiOiJPUjV4SExEalRid3hBdFBBbTNYdGJDSC1ybkItWUtlY0x5enVkWnJkVW0wIiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImF1ZCI6Imh0dHBzOlwvXC9jaWJhLW1vYmlsZS5zZWN1cml0eXBvYy5jb21cL29hdXRoMlwvdG9rZW4iLCJpc3MiOiIyZ0pUM29RVklLOWJuS3JmYW1aNCIsImV4cCI6MTY1MjI1MDQxNiwiaWF0IjoxNjUyMjUwMzU2LCJqdGkiOiJ3UU56V0gwRlRkUk5CODdzS1kwQiJ9.b7xYYi1O3oC9s_e3y6jcZtE3oZlvw_sAL_J2TGw02FXh-3HNXWbK--uDvkTWQX7x2nZlcCOhNeqTJkWMReNFKQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP",
  "key": "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4HEg//T2P3/bZtREpdjoLTemy9T1AuunpFrPgv4E/vqIK1u9pw0179EHTgdhBBl0sDaptF/AD711oTPn5NWjiXkU0zJIRM29n1MqILfvoTbgGnWI91103R2oMg6m2TXq1GOASGKmezcuIsM0GNckKUs2FLETXWV+KD1fyywZgvqeHatW83oS9oa/nxv4q86kgAK7X0Y8QS/Look3J+CR+L75fILhKEIc8fbtLkQmWViI4+fdgKPtLJ2Gva4BMgKbGIuCcYOqXfTtd2oA1pP6N9odIZFXD4gx+T+ioAb10XQB00KGjAXS/VZ9d6fn7ayvsu1rStRZlZ33yCds1lp89AgMBAAECggEAFzp2QSCFvlu+7LvEBQumChwT4qC/UCXk8iQLoMz4lR7LmfuBLEJYSc3I6lMFAjs30SGOQYJWJWDzU3/2v+Llrz2+lIlE2oe3RA3cWa8Xi7kWgTslFHFSEPHhJuALrvT6iNOxHYdgCymixsWrsF9j1Hoa9PTfYJ4liCkkav0DenwMgkBJhHqheUviTwzE3YL7AuV5KnnR0GVN6fAFJtPGBFzQ1KotAmpJEuwGxJmOwkwbW0EefaZKFV9coFUG2ICDyOO/gD4nLZd4jXwXSBYDGsK0B16KoawHL8CfnJJxW19na8Z50JqRfXP3nBLs57lpOgEWY6N66jOnH/kMQu2KPwKBgQDpHqFWhOZMuatEVMhBshAh3gGGWNgVnmidLro1ATm7Wk4+HRA00NkQLbWp5/yyEieGVgVGL7nem40RT/vT5h7zcCeBOjYvJ9HGnWCOUHkAKxXnIXHAJGtotl07ZX+5h4l8EIpumv6sAnyRqpSjV/hlkG0WXpadEIUTEBxypLbJawKBgQDKLj8T+jarGWxBCTd9eT/mP+RQLIaxhhoQaaxutI9DGbsagXjgleSNW88fAgL8I8oe4uUIqSw6toY0dJ/L7sTENmab5ZNZ9rthhsqytsyBJBw3YNeeFYcdhqhIMou9P0RYUDb6sg03DPXgS40pWoKc5B8SIppkqNkmbJSPGPQb9wKBgQCJY2PyeaDA1yv4uX7MOQUI8K41X2b6VsGQ4Vkco/xCTpaORNKoTe2fe1D1MaPbzpc8tLWnB7mjWElrSpg/6f+TuSWPI5+LawxW4almNkcZskrWTP+dHdmvfMq1lrwPu7FrTNRJG0+8UDraHo47Nj1Oni+sX1KkfnfvJC+f4TNYwQKBgCbtJIPqJuBmcqtK5P4pfB4OqxyslfpUAWyri+F8riCTMaz2xJkpAuochRJJRt3Y3i94K/Sw7a0YO1qaIbIX9JZ6iuL1Hpuxn341f41NGK68jxoycREkv/D1Xi0YXkM/jR8bwpod8eFpg2V95l3R6VffrAPH2cYLpFN7kFbEzSsdAoGBAN9OGIDQT8ZHdBvbTxPKt+HC7OXTCo79Km7WqLSuOgYj7mInVKX5BXG5CLd4gYirXTE8uTvMFyvSoCs3W5yY49Bx3FYwAOkOqz63Yp9PaDfm0cvKTIzRAvART/X3zC+A+Iws6xBL53OK4kP7HRVjMRiRD1Juu/Pv7B0QCn98y+W9",
  "ca": "MIIC8DCCAdigAwIBAgIIY/J5P0bcFNgwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UEAwwLY2xpZW50X210bHMwHhcNMjIwMzIyMDMwMTI2WhcNNDkwODA3MDMwMTI2WjAWMRQwEgYDVQQDDAtjbGllbnRfbXRsczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgcSD/9PY/f9tm1ESl2OgtN6bL1PUC66ekWs+C/gT++ogrW72nDTXv0QdOB2EEGXSwNqm0X8APvXWhM+fk1aOJeRTTMkhEzb2fUyogt++hNuAadYj3XXTdHagyDqbZNerUY4BIYqZ7Ny4iwzQY1yQpSzYUsRNdZX4oPV/LLBmC+p4dq1bzehL2hr+fG/irzqSAArtfRjxBL8uiiTcn4JH4vvl8guEoQhzx9u0uRCZZWIjj592Ao+0snYa9rgEyApsYi4Jxg6pd9O13agDWk/o32h0hkVcPiDH5P6KgBvXRdAHTQoaMBdL9Vn13p+ftrK+y7WtK1FmVnffIJ2zWWnz0CAwEAAaNCMEAwHQYDVR0OBBYEFLL93QNqyKczBHQxuUnPoP3tCFq/MB8GA1UdIwQYMBaAFLL93QNqyKczBHQxuUnPoP3tCFq/MA0GCSqGSIb3DQEBCwUAA4IBAQBzXeRjAd0Hj9Lw6YWLexR/6U4iASsXZzEPoTo2BzczFYuDmhE7tfj/2JpX8aN++xZM0tznwgSjOT0JsP7Mt7dthlFszpQOnIZdpLDYgZqirQ2PdI+LYJ7X9SXGYoSP6NnZWwfp7cPfujx0hszKjkFsdoePWAZpXN4aLs0bS4lLhCYWFgigJoFZlFtezWZUKo7nk018GvbMJw8MuV6uGADk3k7ivULIZgmp23uf1CjeJ2rpffYFEGquAJCpmUHaerl7vLhfGTHkniFBbXCbMBg4LAlexzBtSgKyztuk0SLIVNzklZUy2qpi4H4Xc6VtN/6p4qUO1BCEI8izoWuauXOP"
}
2022-05-11 06:25:57 RESPONSE
CallTokenEndpointAndReturnFullResponse
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "content-language": "en-US",
  "content-length": "169",
  "content-type": "application/json;charset\u003dUTF-8",
  "date": "Wed, 11 May 2022 06:25:56 GMT",
  "p3p": "CP\u003d\"NON CUR OTPi OUR NOR UNI\"",
  "x-frame-options": "SAMEORIGIN",
  "cache-control": "no-store, no-cache\u003dset-cookie",
  "expires": "Thu, 01 Dec 1994 16:00:00 GMT",
  "strict-transport-security": "max-age\u003d31536000; includeSubDomains",
  "pragma": "no-cache",
  "set-cookie": [
    "AMWEBJCT!%2Fmga!AMWEBJCT!%2Fmga!JSESSIONID\u003d0000N7dWwkNd9AS0s6kb1ASC7zY:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "AMWEBJCT!%2Fmga!JSESSIONID\u003d0000l7_bNiLuGCqXJa0pnzaPi8i:038bc442-4db9-43c7-97cf-7a4b1d1bc7d8; Path\u003d/; Secure; HttpOnly",
    "PD-S-SESSION-ID\u003d1_2_1_Gepju4R8p0F0l9GyUxIgvoUTNnyJpcHUxKpywPhaeH1tOSD9; Path\u003d/; Secure; HttpOnly"
  ]
}
response_body
{"error_description":"FBTOAU214E The [authorization_grant] received of type [refresh_token] does not belong to the client attempting to use it.","error":"invalid_grant"}
2022-05-11 06:25:57 SUCCESS
CallTokenEndpointAndReturnFullResponse
Parsed token endpoint response
error_description
FBTOAU214E The [authorization_grant] received of type [refresh_token] does not belong to the client attempting to use it.
error
invalid_grant
2022-05-11 06:25:57 SUCCESS
ValidateErrorFromTokenEndpointResponseError
Token endpoint response error returned valid 'error' field
error
invalid_grant
2022-05-11 06:25:57 SUCCESS
CheckTokenEndpointHttpStatus400
Token endpoint http status code was 400
2022-05-11 06:25:57 SUCCESS
CheckTokenEndpointReturnedJsonContentType
token_endpoint_response_headers Content-Type: header is application/json
2022-05-11 06:25:57 SUCCESS
CheckErrorFromTokenEndpointResponseErrorInvalidGrant
Token Endpoint response error returned expected 'error' of 'invalid_grant'
expected
[
  "invalid_grant"
]
2022-05-11 06:25:57 FINISHED
fapi-ciba-id1-refresh-token
Test has run to completion
testmodule_result
PASSED
Unregister dynamically registered client
2022-05-11 06:25:57
UnregisterDynamicallyRegisteredClient
Couldn't find registration_access_token.
Unregister dynamically registered client2
2022-05-11 06:25:57
UnregisterDynamicallyRegisteredClient
Couldn't find registration_access_token.
2022-05-11 06:26:00
TEST-RUNNER
Alias has now been claimed by another test
alias
fwiwidk
new_test_id
WmutIcSLKQBPKfO
Test Results