Test Summary

Test Results

Expand All Collapse All
All times are UTC
2020-09-04 12:13:47 INFO
TEST-RUNNER
Test instance uCengaPXahn79tS created
baseUrl
https://www.certification.openid.net/test/a/NC7000-3A-OC
variant
{
  "client_auth_type": "private_key_jwt",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "plain_fapi",
  "fapi_response_mode": "plain_response"
}
alias
NC7000-3A-OC
description
NC7000-3A-OC FAPI Conformance Test
planId
0EXGX3mqQUPdO
config
{
  "alias": "NC7000-3A-OC",
  "description": "NC7000-3A-OC FAPI Conformance Test",
  "server": {
    "discoveryUrl": "https://3a-rplib-test3.cloud-idauth.com/oc/.well-known/openid-configuration",
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "alg": "ES256",
          "crv": "P-256",
          "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
          "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
          "kid": "kid2019040100001"
        }
      ]
    }
  },
  "client": {
    "client_id": "OIDFCERT0003",
    "scope": "openid SCOPE0002 offline_access",
    "fapi_financial_id": "https://3a-rplib-test3.cloud-idauth.com/",
    "client_secret": "confidencial_client_es256_0003",
    "client_secret_jwt_alg": "HS256",
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "alg": "ES256",
          "crv": "P-256",
          "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
          "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
          "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
          "kid": "kid2019040100008"
        }
      ]
    },
    "certificate": "-----BEGIN CERTIFICATE-----\nMIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJ\nBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H\nbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN\nMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4g\nQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/\nHDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFC\nJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQ\nrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKND\nu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEY\nv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisC\nAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQw\nRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0\nL2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2Nz\ncDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBB\nBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2ln\nbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDww\nOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZh\nbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91\nZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV\nHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWB\nhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYB\nSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5\nKE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+u\nll8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCD\nDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNO\nIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgU\nh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxA\nMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyh\nAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kT\nAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/\nYWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0B\nAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3\nEDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjt\nLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904Mony\nRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKo\nBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLw\nyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d\n-----END CERTIFICATE-----\n"
  },
  "resource": {
    "resourceUrl": "https://3a-rplib-test3.cloud-idauth.com/oc/accounts",
    "institution_id": "nc7000-3a-oc"
  },
  "client2": {
    "client_id": "OIDFCERT0004",
    "client_secret": "confidencial_client_es256_0004",
    "scope": "openid SCOPE0002 offline_access",
    "client_secret_jwt_alg": "HS256",
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "alg": "ES256",
          "crv": "P-256",
          "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
          "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
          "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
          "kid": "kid2019040100009"
        }
      ]
    }
  },
  "mtls": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJ\nBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H\nbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN\nMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4g\nQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/\nHDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFC\nJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQ\nrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKND\nu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEY\nv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisC\nAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQw\nRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0\nL2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2Nz\ncDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBB\nBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2ln\nbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDww\nOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZh\nbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91\nZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV\nHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWB\nhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYB\nSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5\nKE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+u\nll8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCD\nDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNO\nIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgU\nh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxA\nMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyh\nAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kT\nAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/\nYWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0B\nAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3\nEDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjt\nLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904Mony\nRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKo\nBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLw\nyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIM\nlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/V\npeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07\n/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blO\nk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mU\nIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMW\neT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4\nFL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5\niRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGg\nakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzm\njRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUW\nIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa\n1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6\nHPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7\na4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP\n/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIR\nmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCi\nbAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS\n7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3\n+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilm\nnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3S\nOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aF\nsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+\nA3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/\nX/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfH\npPylmNcfY4XXW8WwkngGCFg\u003d\n-----END PRIVATE KEY-----\n"
  },
  "mtls2": {
    "cert": "-----BEGIN CERTIFICATE-----\nMIIDTjCCAjYCCQCjUTxEpwknBTANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJK\nUDEOMAwGA1UECAwFVG9reW8xEDAOBgNVBAcMB1RhbWFjaGkxDDAKBgNVBAoMA05F\nQzEMMAoGA1UECwwDTkVDMRwwGgYDVQQDDBN3d3cuM2FzZWN1cmVrZXkuY29tMB4X\nDTE4MDQyNzAyMDAwOFoXDTI4MDQyNDAyMDAwOFowaTELMAkGA1UEBhMCSlAxDjAM\nBgNVBAgMBVRva3lvMRAwDgYDVQQHDAdUYW1hY2hpMQwwCgYDVQQKDANORUMxDDAK\nBgNVBAsMA05FQzEcMBoGA1UEAwwTd3d3LjNhc2VjdXJla2V5LmNvbTCCASIwDQYJ\nKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLD3g7pwzFMzbRh5cCGuR0KBCzD5Xk3\nw/Zj+3hpBq5/xSaQjmOfLF3LLiFD7sZXRPFVFXii4Y2GuFccSQ3MI9sMS/HDDTmO\nLPIWta/U9ZtcwjNyclXrX0IR8Fxuk5E9lRf//JwlMZHAxfESvBe5WMnzGDTVdp5H\nv6sWZAdkgdwQTMFM4vpHhBD6qJsxSG7jBvqVYd8w9pCZ9k1mSfKKgqPfpOA6jv2A\nTiwv9r9ZQNtKl/MbHY9/R59GU+S7WSPtqM5O3bJGGCXFvpZF2CghcYqn9vDhIrNO\nD/xo3ZF0Z+doEl8e0e1IAr2JiGD4JPpz4W67pjUVb9G+NTRtQ71YqccCAwEAATAN\nBgkqhkiG9w0BAQUFAAOCAQEAETj+cEVPthSghrIJamsmddV+GFHYjOfvQw0r8LZY\nkqJZlK1FOeWwBM+kDzpxOErtPiyjvv2eBPGm9LcLZpDbMLg77Lv3HjaWy+yISRQ/\nwGUb9tlJ8AUeEd2uoPUzDQf5VpTBEq/M9E7CB3g2hZvwRYvq6PfsDexCwq9OWogK\n3WpEozIMVyOL3jYpkSJzDqPuN3nFiNc5eMJ7lo+b/K1rUEqwuN21TjwAn1DXfW0d\nD1a/ig004xecHU1wsIMP2ARQ/qOD7P0emE/umlwLQ0kw3HB2ideAJzU4OstiqUH4\n1LKwIIzUu6rz6/S9PMcmVfqv9PfhITQSs8vCqC8uaWLtGg\u003d\u003d\n-----END CERTIFICATE-----\n",
    "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIBAAKCAQEAosPeDunDMUzNtGHlwIa5HQoELMPleTfD9mP7eGkGrn/FJpCO\nY58sXcsuIUPuxldE8VUVeKLhjYa4VxxJDcwj2wxL8cMNOY4s8ha1r9T1m1zCM3Jy\nVetfQhHwXG6TkT2VF//8nCUxkcDF8RK8F7lYyfMYNNV2nke/qxZkB2SB3BBMwUzi\n+keEEPqomzFIbuMG+pVh3zD2kJn2TWZJ8oqCo9+k4DqO/YBOLC/2v1lA20qX8xsd\nj39Hn0ZT5LtZI+2ozk7dskYYJcW+lkXYKCFxiqf28OEis04P/GjdkXRn52gSXx7R\n7UgCvYmIYPgk+nPhbrumNRVv0b41NG1DvVipxwIDAQABAoIBAQCVFUrD5iG/elXA\nLxs+KShNDOueBSCe0xFPEW04cRqJosZ1+FozrYv5rSznk02VpkGjuwcbpDVsaEVY\npLPVS3JcJPs6yinG2g8Y/uwTzb/ZOjE25lELmbd60OuT/kRz+DAj93jtnLO2iRfF\nJB/cqwxEjcFSQ2OOvrE0iCG/E7ROV7m3C5OOjKhSypP++04nWajIqW//uMDaFoFq\nuf7x4aoHc9wRD1IyHGha9hIZA7JiY5KlwyQV/AEoz+C+O9Z8FYpqZT76fnzQvLvb\nk6fYr4q1a0gm/J9HTp4l0bQ9NMKVvt4PGlJmxQhQfIJixARsnKEDtu0uUcgbVXRB\n6pRtmG6BAoGBAM+hvgN+TX8c4fMmDvGpNB0+PvA2ZC6JJd0oLmpZMMdLRl+0A5j3\nnHv2nR04FlB1brD9ucInVHZYlgL5ab3/x27iV+H5spIN6cST7WH+Sjqsi43tKGyx\n9oXosL6RN+4HM7rTWbCxwq0tVunk01IR5FeO8xZss4UDyev6vStBjmzXAoGBAMiu\neG4ALkIGqTw/sTNl7vwmMcyPbjA6h68I9FkTGI0G5YHy7yWlEhdD/rUYSXVCXlh+\n3aftbfJ4CP9nWaM6NMREoysCQ3y/kulgJ0imPEFwnqWQMljQV1zRg9gthdixyBI6\nYZ62MUF6i/XYfUs0KQ9baHuzB4ejMs7U8bGENpyRAoGAHjynt0qFbqV+IjLAqmDB\nviB6efDx1fUTFonreIFUoTFNJlLI01X76/GWH9MzLLRtUkkg7C1eF33/Gp/HzmuZ\nV4SO19HNN4ffK0l/oG2v0aufByQqZunjxMyGMLplMrzJw8NTpG++sgmQRq+UNrd0\nUWv36qQZ4J0UotD5C3uYijECgYEAoAnDMLYkLbNyMwH4Jq0bsSokfKXFkeCbZBMY\nChEYex8M2F0MKlFB5BvtfC4qJsEOzDQgQFMwYzUmt8eLzIgWnI7AMQRVHZ8JYeO0\ncFNhqi5N1mrwO7Oqd/L92eAz5WOh0ieMwi05iqZYB27mPJsUQ5L59+wGDT0wv5FC\nTfbKNoECgYEAoMHJZ1a/Bzq1raDHauJLk3JA+DN+5o7xDGVvda9x3rphQ4U7Vehp\ncg70AVWMyGoVv5N6vJdrAeZzBWP5b6ED+csRyNaLswHycsPzGy8t5Ose1P+ZlzCz\nDmRtynq0cQQvWl4zJAT2Wacgu2IqOrQOl+n67te3QlWrnq9IrSsWJFU\u003d\n-----END RSA PRIVATE KEY-----\n"
  }
}
testName
fapi-rw-id2
2020-09-04 12:13:47 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
2020-09-04 12:13:47
GetDynamicServerConfiguration
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-09-04 12:13:48 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Fri, 04 Sep 2020 12:13:47 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003d3E657E16874F95A58FB646E95F60FBB2; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "1663",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body

{
  "authorization_endpoint":"https://3a-rplib-test3.cloud-idauth.com/oc/AuthorizationEndpoint/",
  "claims_parameter_supported":true,
  "claims_supported":["acr"],
  "code_challenge_methods_supported":["S256"],
  "grant_types_supported":["authorization_code","urn:openid:params:grant-type:ciba"],
  "id_token_signing_alg_values_supported":["ES256"],
  "issuer":"https://3a-rplib-test3.cloud-idauth.com/oc/",
  "jwks_uri":"https://3a-rplib-test3.cloud-idauth.com/oc/jwks.json",
  "request_object_signing_alg_values_supported":["ES256"],
  "request_parameter_supported":true,
  "response_types_supported":["code","id_token","code token","code id_token","token id_token","code token id_token"],
  "scopes_supported":["openid","accounts","payments"],
  "subject_types_supported":["pairwise","public"],
  "token_endpoint":"https://3a-rplib-test3.cloud-idauth.com/oc/TokenEndpoint/",
  "token_endpoint_auth_methods_supported":["client_secret_post","client_secret_basic","client_secret_jwt","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],
  "token_endpoint_auth_signing_alg_values_supported":["HS256","ES256"],
  "token_endpoint_signing_alg_values_supported":["ES256"],
  "userinfo_endpoint":"https://3a-rplib-test3.cloud-idauth.com/oc/UserInfoEndpoint/",
  "userinfo_signing_alg_values_supported":["ES256"],
  "tls_client_certificate_bound_access_tokens":true,
  "backchannel_token_delivery_modes_supported":["push","poll","ping"],
  "backchannel_authentication_endpoint":"https://3a-rplib-test3.cloud-idauth.com/oc/BackchannelEndpoint/",
  "backchannel_authentication_request_signing_alg_values_supported":["ES256"]
}
2020-09-04 12:13:48
GetDynamicServerConfiguration
Downloaded server configuration
server_config_string

{
  "authorization_endpoint":"https://3a-rplib-test3.cloud-idauth.com/oc/AuthorizationEndpoint/",
  "claims_parameter_supported":true,
  "claims_supported":["acr"],
  "code_challenge_methods_supported":["S256"],
  "grant_types_supported":["authorization_code","urn:openid:params:grant-type:ciba"],
  "id_token_signing_alg_values_supported":["ES256"],
  "issuer":"https://3a-rplib-test3.cloud-idauth.com/oc/",
  "jwks_uri":"https://3a-rplib-test3.cloud-idauth.com/oc/jwks.json",
  "request_object_signing_alg_values_supported":["ES256"],
  "request_parameter_supported":true,
  "response_types_supported":["code","id_token","code token","code id_token","token id_token","code token id_token"],
  "scopes_supported":["openid","accounts","payments"],
  "subject_types_supported":["pairwise","public"],
  "token_endpoint":"https://3a-rplib-test3.cloud-idauth.com/oc/TokenEndpoint/",
  "token_endpoint_auth_methods_supported":["client_secret_post","client_secret_basic","client_secret_jwt","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],
  "token_endpoint_auth_signing_alg_values_supported":["HS256","ES256"],
  "token_endpoint_signing_alg_values_supported":["ES256"],
  "userinfo_endpoint":"https://3a-rplib-test3.cloud-idauth.com/oc/UserInfoEndpoint/",
  "userinfo_signing_alg_values_supported":["ES256"],
  "tls_client_certificate_bound_access_tokens":true,
  "backchannel_token_delivery_modes_supported":["push","poll","ping"],
  "backchannel_authentication_endpoint":"https://3a-rplib-test3.cloud-idauth.com/oc/BackchannelEndpoint/",
  "backchannel_authentication_request_signing_alg_values_supported":["ES256"]
}
2020-09-04 12:13:48 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
authorization_endpoint
https://3a-rplib-test3.cloud-idauth.com/oc/AuthorizationEndpoint/
claims_parameter_supported
true
claims_supported
[
  "acr"
]
code_challenge_methods_supported
[
  "S256"
]
grant_types_supported
[
  "authorization_code",
  "urn:openid:params:grant-type:ciba"
]
id_token_signing_alg_values_supported
[
  "ES256"
]
issuer
https://3a-rplib-test3.cloud-idauth.com/oc/
jwks_uri
https://3a-rplib-test3.cloud-idauth.com/oc/jwks.json
request_object_signing_alg_values_supported
[
  "ES256"
]
request_parameter_supported
true
response_types_supported
[
  "code",
  "id_token",
  "code token",
  "code id_token",
  "token id_token",
  "code token id_token"
]
scopes_supported
[
  "openid",
  "accounts",
  "payments"
]
subject_types_supported
[
  "pairwise",
  "public"
]
token_endpoint
https://3a-rplib-test3.cloud-idauth.com/oc/TokenEndpoint/
token_endpoint_auth_methods_supported
[
  "client_secret_post",
  "client_secret_basic",
  "client_secret_jwt",
  "private_key_jwt",
  "tls_client_auth",
  "self_signed_tls_client_auth"
]
token_endpoint_auth_signing_alg_values_supported
[
  "HS256",
  "ES256"
]
token_endpoint_signing_alg_values_supported
[
  "ES256"
]
userinfo_endpoint
https://3a-rplib-test3.cloud-idauth.com/oc/UserInfoEndpoint/
userinfo_signing_alg_values_supported
[
  "ES256"
]
tls_client_certificate_bound_access_tokens
true
backchannel_token_delivery_modes_supported
[
  "push",
  "poll",
  "ping"
]
backchannel_authentication_endpoint
https://3a-rplib-test3.cloud-idauth.com/oc/BackchannelEndpoint/
backchannel_authentication_request_signing_alg_values_supported
[
  "ES256"
]
2020-09-04 12:13:48 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2020-09-04 12:13:48 SUCCESS
ExtractTLSTestValuesFromServerConfiguration
Extracted TLS information from authorization server configuration
registration_endpoint
authorization_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
token_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
userinfo_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
2020-09-04 12:13:48
FetchServerKeys
Fetching server key
jwks_uri
https://3a-rplib-test3.cloud-idauth.com/oc/jwks.json
2020-09-04 12:13:48
FetchServerKeys
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/jwks.json
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/cbor, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2020-09-04 12:13:49 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Fri, 04 Sep 2020 12:13:48 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "accept-ranges": "bytes",
  "etag": "W/\"250-1554082818000\"",
  "last-modified": "Mon, 01 Apr 2019 01:40:18 GMT",
  "content-type": "application/json",
  "content-length": "250",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"keys":
  [
    {
      "kty":"EC",
      "alg":"ES256",
      "crv":"P-256",
      "x":"ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y":"AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid":"kid2019040100001"
    }
  ]
}
2020-09-04 12:13:49
FetchServerKeys
Found JWK set string
jwk_string
{"keys":
  [
    {
      "kty":"EC",
      "alg":"ES256",
      "crv":"P-256",
      "x":"ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y":"AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid":"kid2019040100001"
    }
  ]
}
2020-09-04 12:13:49 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid": "kid2019040100001"
    }
  ]
}
2020-09-04 12:13:49 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid": "kid2019040100001"
    }
  ]
}
2020-09-04 12:13:49 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2020-09-04 12:13:49 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2020-09-04 12:13:49 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2020-09-04 12:13:49 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid": "kid2019040100001"
    }
  ]
}
2020-09-04 12:13:49 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
OIDFCERT0003
scope
openid SCOPE0002 offline_access
fapi_financial_id
https://3a-rplib-test3.cloud-idauth.com/
client_secret
confidencial_client_es256_0003
client_secret_jwt_alg
HS256
jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
      "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
      "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
      "kid": "kid2019040100008"
    }
  ]
}
certificate
-----BEGIN CERTIFICATE-----
MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4g
Q29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/
HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFC
JAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQ
rYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKND
u7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEY
v0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisC
AwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQw
RwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0
L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2Nz
cDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBB
BgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2ln
bi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDww
OjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZh
bHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91
ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV
HQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWB
hiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYB
SuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5
KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+u
ll8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCD
DwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNO
IlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgU
h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxA
MgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyh
AvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kT
AAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/
YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0B
AQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3
EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjt
LeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904Mony
RQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKo
BUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLw
yDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg==
-----END CERTIFICATE-----
2020-09-04 12:13:49
ValidateMTLSCertificatesHeader
No certificate authority found for MTLS
2020-09-04 12:13:49 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2020-09-04 12:13:49
ExtractMTLSCertificatesFromConfiguration
No certificate authority found for MTLS
2020-09-04 12:13:49 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg==
key
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg=
2020-09-04 12:13:49 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2020-09-04 12:13:49 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
      "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
      "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
      "kid": "kid2019040100008"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "kid": "kid2019040100008",
      "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
      "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
      "alg": "ES256"
    }
  ]
}
2020-09-04 12:13:49 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2020-09-04 12:13:49 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-04 12:13:49 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2020-09-04 12:13:49 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
      "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
      "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
      "kid": "kid2019040100008"
    }
  ]
}
2020-09-04 12:13:49 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify configuration of second client
2020-09-04 12:13:49 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
OIDFCERT0004
client_secret
confidencial_client_es256_0004
scope
openid SCOPE0002 offline_access
client_secret_jwt_alg
HS256
jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
      "kid": "kid2019040100009"
    }
  ]
}
2020-09-04 12:13:49
ValidateMTLSCertificates2Header
No certificate authority found for MTLS
2020-09-04 12:13:49 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2020-09-04 12:13:49
ExtractMTLSCertificates2FromConfiguration
No certificate authority found for MTLS
2020-09-04 12:13:49 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDTjCCAjYCCQCjUTxEpwknBTANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xEDAOBgNVBAcMB1RhbWFjaGkxDDAKBgNVBAoMA05FQzEMMAoGA1UECwwDTkVDMRwwGgYDVQQDDBN3d3cuM2FzZWN1cmVrZXkuY29tMB4XDTE4MDQyNzAyMDAwOFoXDTI4MDQyNDAyMDAwOFowaTELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMRAwDgYDVQQHDAdUYW1hY2hpMQwwCgYDVQQKDANORUMxDDAKBgNVBAsMA05FQzEcMBoGA1UEAwwTd3d3LjNhc2VjdXJla2V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLD3g7pwzFMzbRh5cCGuR0KBCzD5Xk3w/Zj+3hpBq5/xSaQjmOfLF3LLiFD7sZXRPFVFXii4Y2GuFccSQ3MI9sMS/HDDTmOLPIWta/U9ZtcwjNyclXrX0IR8Fxuk5E9lRf//JwlMZHAxfESvBe5WMnzGDTVdp5Hv6sWZAdkgdwQTMFM4vpHhBD6qJsxSG7jBvqVYd8w9pCZ9k1mSfKKgqPfpOA6jv2ATiwv9r9ZQNtKl/MbHY9/R59GU+S7WSPtqM5O3bJGGCXFvpZF2CghcYqn9vDhIrNOD/xo3ZF0Z+doEl8e0e1IAr2JiGD4JPpz4W67pjUVb9G+NTRtQ71YqccCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAETj+cEVPthSghrIJamsmddV+GFHYjOfvQw0r8LZYkqJZlK1FOeWwBM+kDzpxOErtPiyjvv2eBPGm9LcLZpDbMLg77Lv3HjaWy+yISRQ/wGUb9tlJ8AUeEd2uoPUzDQf5VpTBEq/M9E7CB3g2hZvwRYvq6PfsDexCwq9OWogK3WpEozIMVyOL3jYpkSJzDqPuN3nFiNc5eMJ7lo+b/K1rUEqwuN21TjwAn1DXfW0dD1a/ig004xecHU1wsIMP2ARQ/qOD7P0emE/umlwLQ0kw3HB2ideAJzU4OstiqUH41LKwIIzUu6rz6/S9PMcmVfqv9PfhITQSs8vCqC8uaWLtGg==
key
MIIEpQIBAAKCAQEAosPeDunDMUzNtGHlwIa5HQoELMPleTfD9mP7eGkGrn/FJpCOY58sXcsuIUPuxldE8VUVeKLhjYa4VxxJDcwj2wxL8cMNOY4s8ha1r9T1m1zCM3JyVetfQhHwXG6TkT2VF//8nCUxkcDF8RK8F7lYyfMYNNV2nke/qxZkB2SB3BBMwUzi+keEEPqomzFIbuMG+pVh3zD2kJn2TWZJ8oqCo9+k4DqO/YBOLC/2v1lA20qX8xsdj39Hn0ZT5LtZI+2ozk7dskYYJcW+lkXYKCFxiqf28OEis04P/GjdkXRn52gSXx7R7UgCvYmIYPgk+nPhbrumNRVv0b41NG1DvVipxwIDAQABAoIBAQCVFUrD5iG/elXALxs+KShNDOueBSCe0xFPEW04cRqJosZ1+FozrYv5rSznk02VpkGjuwcbpDVsaEVYpLPVS3JcJPs6yinG2g8Y/uwTzb/ZOjE25lELmbd60OuT/kRz+DAj93jtnLO2iRfFJB/cqwxEjcFSQ2OOvrE0iCG/E7ROV7m3C5OOjKhSypP++04nWajIqW//uMDaFoFquf7x4aoHc9wRD1IyHGha9hIZA7JiY5KlwyQV/AEoz+C+O9Z8FYpqZT76fnzQvLvbk6fYr4q1a0gm/J9HTp4l0bQ9NMKVvt4PGlJmxQhQfIJixARsnKEDtu0uUcgbVXRB6pRtmG6BAoGBAM+hvgN+TX8c4fMmDvGpNB0+PvA2ZC6JJd0oLmpZMMdLRl+0A5j3nHv2nR04FlB1brD9ucInVHZYlgL5ab3/x27iV+H5spIN6cST7WH+Sjqsi43tKGyx9oXosL6RN+4HM7rTWbCxwq0tVunk01IR5FeO8xZss4UDyev6vStBjmzXAoGBAMiueG4ALkIGqTw/sTNl7vwmMcyPbjA6h68I9FkTGI0G5YHy7yWlEhdD/rUYSXVCXlh+3aftbfJ4CP9nWaM6NMREoysCQ3y/kulgJ0imPEFwnqWQMljQV1zRg9gthdixyBI6YZ62MUF6i/XYfUs0KQ9baHuzB4ejMs7U8bGENpyRAoGAHjynt0qFbqV+IjLAqmDBviB6efDx1fUTFonreIFUoTFNJlLI01X76/GWH9MzLLRtUkkg7C1eF33/Gp/HzmuZV4SO19HNN4ffK0l/oG2v0aufByQqZunjxMyGMLplMrzJw8NTpG++sgmQRq+UNrd0UWv36qQZ4J0UotD5C3uYijECgYEAoAnDMLYkLbNyMwH4Jq0bsSokfKXFkeCbZBMYChEYex8M2F0MKlFB5BvtfC4qJsEOzDQgQFMwYzUmt8eLzIgWnI7AMQRVHZ8JYeO0cFNhqi5N1mrwO7Oqd/L92eAz5WOh0ieMwi05iqZYB27mPJsUQ5L59+wGDT0wv5FCTfbKNoECgYEAoMHJZ1a/Bzq1raDHauJLk3JA+DN+5o7xDGVvda9x3rphQ4U7Vehpcg70AVWMyGoVv5N6vJdrAeZzBWP5b6ED+csRyNaLswHycsPzGy8t5Ose1P+ZlzCzDmRtynq0cQQvWl4zJAT2Wacgu2IqOrQOl+n67te3QlWrnq9IrSsWJFU=
2020-09-04 12:13:49 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2020-09-04 12:13:49 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
      "kid": "kid2019040100009"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "kid": "kid2019040100009",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "alg": "ES256"
    }
  ]
}
2020-09-04 12:13:49 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2020-09-04 12:13:49 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2020-09-04 12:13:49 SUCCESS
FAPICheckKeyAlgInClientJWKs
Found a key with alg PS256 or ES256
2020-09-04 12:13:49 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
      "kid": "kid2019040100009"
    }
  ]
}
2020-09-04 12:13:49 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2020-09-04 12:13:49 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://3a-rplib-test3.cloud-idauth.com/oc/accounts
institution_id
nc7000-3a-oc
2020-09-04 12:13:49 SUCCESS
SetProtectedResourceUrlToSingleResourceEndpoint
Set protected resource URL
protected_resource_url
https://3a-rplib-test3.cloud-idauth.com/oc/accounts
2020-09-04 12:13:49 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
2020-09-04 12:13:49 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
accounts_request_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
2020-09-04 12:13:49
fapi-rw-id2
Setup Done
Make request to authorization endpoint
2020-09-04 12:13:49 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
OIDFCERT0003
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
2020-09-04 12:13:49 SUCCESS
AddAcrClaimToAuthorizationEndpointRequest
Added acr claim to authorization_endpoint_request
authorization_endpoint_request
{
  "client_id": "OIDFCERT0003",
  "redirect_uri": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback",
  "scope": "openid SCOPE0002 offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  }
}
2020-09-04 12:13:49
CreateRandomStateValue
Created state value
requested_state_length
10
state
FT3PnAUeFe
2020-09-04 12:13:49 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
OIDFCERT0003
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
FT3PnAUeFe
2020-09-04 12:13:49
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
OGwtx4kDEl
2020-09-04 12:13:49 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
OIDFCERT0003
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
FT3PnAUeFe
nonce
OGwtx4kDEl
2020-09-04 12:13:49 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCodeIdtoken
Added response_type parameter to request
client_id
OIDFCERT0003
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
FT3PnAUeFe
nonce
OGwtx4kDEl
response_type
code id_token
2020-09-04 12:13:49 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "OIDFCERT0003",
  "redirect_uri": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback",
  "scope": "openid SCOPE0002 offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "state": "FT3PnAUeFe",
  "nonce": "OGwtx4kDEl",
  "response_type": "code id_token"
}
2020-09-04 12:13:49 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.599221929E9
2020-09-04 12:13:49 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://3a-rplib-test3.cloud-idauth.com/oc/
2020-09-04 12:13:49 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
OIDFCERT0003
2020-09-04 12:13:49 SUCCESS
AddClientIdToRequestObject
Added client_id to request object claims
client_id
OIDFCERT0003
2020-09-04 12:13:49 SUCCESS
SignRequestObject
Signed the request object
claims
{"aud":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","scope":"openid SCOPE0002 offline_access","claims":{"id_token":{"acr":{"value":"urn:mace:incommon:iap:silver","essential":true}}},"iss":"OIDFCERT0003","response_type":"code id_token","redirect_uri":"https:\/\/www.certification.openid.net\/test\/a\/NC7000-3A-OC\/callback","state":"FT3PnAUeFe","exp":1599221929,"nonce":"OGwtx4kDEl","client_id":"OIDFCERT0003"}
header
{"kid":"kid2019040100008","alg":"ES256"}
request_object
eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsInNjb3BlIjoib3BlbmlkIFNDT1BFMDAwMiBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJPSURGQ0VSVDAwMDMiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrIiwic3RhdGUiOiJGVDNQbkFVZUZlIiwiZXhwIjoxNTk5MjIxOTI5LCJub25jZSI6Ik9Hd3R4NGtERWwiLCJjbGllbnRfaWQiOiJPSURGQ0VSVDAwMDMifQ.HfkfwYu_yNrOZClZB6depdzyeI04upWxq6zc7JH4_zMTNm74uVeySsL_32DuR4Vl6zbr0W9U9622twoaXkcTOw
key
{"kty":"EC","d":"dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng","crv":"P-256","kid":"kid2019040100008","x":"ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm","y":"AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd","alg":"ES256"}
2020-09-04 12:13:49 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://3a-rplib-test3.cloud-idauth.com/oc/AuthorizationEndpoint/?request=eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsInNjb3BlIjoib3BlbmlkIFNDT1BFMDAwMiBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJPSURGQ0VSVDAwMDMiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrIiwic3RhdGUiOiJGVDNQbkFVZUZlIiwiZXhwIjoxNTk5MjIxOTI5LCJub25jZSI6Ik9Hd3R4NGtERWwiLCJjbGllbnRfaWQiOiJPSURGQ0VSVDAwMDMifQ.HfkfwYu_yNrOZClZB6depdzyeI04upWxq6zc7JH4_zMTNm74uVeySsL_32DuR4Vl6zbr0W9U9622twoaXkcTOw&client_id=OIDFCERT0003&redirect_uri=https://www.certification.openid.net/test/a/NC7000-3A-OC/callback&scope=openid%20SCOPE0002%20offline_access&response_type=code%20id_token
2020-09-04 12:13:49 REDIRECT
fapi-rw-id2
Redirecting to authorization endpoint
redirect_to
https://3a-rplib-test3.cloud-idauth.com/oc/AuthorizationEndpoint/?request=eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsInNjb3BlIjoib3BlbmlkIFNDT1BFMDAwMiBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJPSURGQ0VSVDAwMDMiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrIiwic3RhdGUiOiJGVDNQbkFVZUZlIiwiZXhwIjoxNTk5MjIxOTI5LCJub25jZSI6Ik9Hd3R4NGtERWwiLCJjbGllbnRfaWQiOiJPSURGQ0VSVDAwMDMifQ.HfkfwYu_yNrOZClZB6depdzyeI04upWxq6zc7JH4_zMTNm74uVeySsL_32DuR4Vl6zbr0W9U9622twoaXkcTOw&client_id=OIDFCERT0003&redirect_uri=https://www.certification.openid.net/test/a/NC7000-3A-OC/callback&scope=openid%20SCOPE0002%20offline_access&response_type=code%20id_token
2020-09-04 12:14:13 INCOMING
fapi-rw-id2
Incoming HTTP request to test instance uCengaPXahn79tS
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "referer": "https://3a-rplib-test3.cloud-idauth.com/oc/InternalAuthoriEndpoint/?client_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_client_uri\u0026logo_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_logo_uri\u0026tos_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_tos_uri\u0026client_name\u003dOIDF_CertTest_Client_0003\u0026client_id\u003dOIDFCERT0003\u0026policy_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_policy_uri\u0026loa\u003durn%3Amace%3Aincommon%3Aiap%3Asilver",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "__utma\u003d201319536.1292565018.1574312754.1579157407.1595894834.4; __utmz\u003d201319536.1595894834.4.1.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d693303D47D789DBFDE90865115D8222F",
  "connection": "close",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
callback
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{}
incoming_body
2020-09-04 12:14:13 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/4e0oNOLAi1zWLTKMdo7Z",
  "fullUrl": "https://www.certification.openid.net/test/a/NC7000-3A-OC/implicit/4e0oNOLAi1zWLTKMdo7Z"
}
2020-09-04 12:14:13 OUTGOING
fapi-rw-id2
Response to HTTP request to test instance uCengaPXahn79tS
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/NC7000-3A-OC/implicit/4e0oNOLAi1zWLTKMdo7Z, returnUrl=/log-detail.html?log=uCengaPXahn79tS}]
outgoing_path
callback
2020-09-04 12:14:14 INCOMING
fapi-rw-id2
Incoming HTTP request to test instance uCengaPXahn79tS
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "*/*",
  "x-requested-with": "XMLHttpRequest",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "content-type": "text/plain",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "__utma\u003d201319536.1292565018.1574312754.1579157407.1595894834.4; __utmz\u003d201319536.1595894834.4.1.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d693303D47D789DBFDE90865115D8222F",
  "content-length": "569",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/4e0oNOLAi1zWLTKMdo7Z
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
#code=rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjhsYkd2OGNEc0VzUlVsOGlEQWFqRmciLCJzX2hhc2giOiIyakJMNXRmcWh0OV9FYlhiQllMRy13IiwiYXpwIjoiT0lERkNFUlQwMDAzIiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1MjUzLCJpYXQiOjE1OTkyMjE2NTMsIm5vbmNlIjoiT0d3dHg0a0RFbCJ9.nW4KzLMK4xTNH7RgV7LhGb2oP3qbMl5ALp3Oy2lOLvrpvIVDzvvG1QEpOf80thx7EXw7rDeZU0dnEH1jcctigw&state=FT3PnAUeFe
2020-09-04 12:14:14 OUTGOING
fapi-rw-id2
Response to HTTP request to test instance uCengaPXahn79tS
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [/log-detail.html?log=uCengaPXahn79tS]
outgoing_path
implicit/4e0oNOLAi1zWLTKMdo7Z
2020-09-04 12:14:14
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "code",
    "value": "rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3"
  },
  {
    "name": "id_token",
    "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjhsYkd2OGNEc0VzUlVsOGlEQWFqRmciLCJzX2hhc2giOiIyakJMNXRmcWh0OV9FYlhiQllMRy13IiwiYXpwIjoiT0lERkNFUlQwMDAzIiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1MjUzLCJpYXQiOjE1OTkyMjE2NTMsIm5vbmNlIjoiT0d3dHg0a0RFbCJ9.nW4KzLMK4xTNH7RgV7LhGb2oP3qbMl5ALp3Oy2lOLvrpvIVDzvvG1QEpOf80thx7EXw7rDeZU0dnEH1jcctigw"
  },
  {
    "name": "state",
    "value": "FT3PnAUeFe"
  }
]
2020-09-04 12:14:14 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjhsYkd2OGNEc0VzUlVsOGlEQWFqRmciLCJzX2hhc2giOiIyakJMNXRmcWh0OV9FYlhiQllMRy13IiwiYXpwIjoiT0lERkNFUlQwMDAzIiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1MjUzLCJpYXQiOjE1OTkyMjE2NTMsIm5vbmNlIjoiT0d3dHg0a0RFbCJ9.nW4KzLMK4xTNH7RgV7LhGb2oP3qbMl5ALp3Oy2lOLvrpvIVDzvvG1QEpOf80thx7EXw7rDeZU0dnEH1jcctigw
state
FT3PnAUeFe
2020-09-04 12:14:14 REDIRECT-IN
fapi-rw-id2
Authorization endpoint response captured
url_query
{}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "referer": "https://3a-rplib-test3.cloud-idauth.com/oc/InternalAuthoriEndpoint/?client_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_client_uri\u0026logo_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_logo_uri\u0026tos_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_tos_uri\u0026client_name\u003dOIDF_CertTest_Client_0003\u0026client_id\u003dOIDFCERT0003\u0026policy_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_policy_uri\u0026loa\u003durn%3Amace%3Aincommon%3Aiap%3Asilver",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "__utma\u003d201319536.1292565018.1574312754.1579157407.1595894834.4; __utmz\u003d201319536.1595894834.4.1.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d693303D47D789DBFDE90865115D8222F",
  "connection": "close",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3",
  "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjhsYkd2OGNEc0VzUlVsOGlEQWFqRmciLCJzX2hhc2giOiIyakJMNXRmcWh0OV9FYlhiQllMRy13IiwiYXpwIjoiT0lERkNFUlQwMDAzIiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1MjUzLCJpYXQiOjE1OTkyMjE2NTMsIm5vbmNlIjoiT0d3dHg0a0RFbCJ9.nW4KzLMK4xTNH7RgV7LhGb2oP3qbMl5ALp3Oy2lOLvrpvIVDzvvG1QEpOf80thx7EXw7rDeZU0dnEH1jcctigw",
  "state": "FT3PnAUeFe"
}
post_body
Verify authorization endpoint response
2020-09-04 12:14:14 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2020-09-04 12:14:14 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2020-09-04 12:14:14 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
2020-09-04 12:14:14 SUCCESS
RejectStateInUrlQueryForHybridFlow
state is correctly not present in URL query returned from authorization endpoint (as in the hybrid flow it must be returned in the URL fragment/hash only)
2020-09-04 12:14:14 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2020-09-04 12:14:14 SUCCESS
ValidateSuccessfulHybridResponseFromAuthorizationEndpoint
authorization endpoint response does not include unexpected parameters
code
rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjhsYkd2OGNEc0VzUlVsOGlEQWFqRmciLCJzX2hhc2giOiIyakJMNXRmcWh0OV9FYlhiQllMRy13IiwiYXpwIjoiT0lERkNFUlQwMDAzIiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1MjUzLCJpYXQiOjE1OTkyMjE2NTMsIm5vbmNlIjoiT0d3dHg0a0RFbCJ9.nW4KzLMK4xTNH7RgV7LhGb2oP3qbMl5ALp3Oy2lOLvrpvIVDzvvG1QEpOf80thx7EXw7rDeZU0dnEH1jcctigw
state
FT3PnAUeFe
2020-09-04 12:14:14 SUCCESS
CheckMatchingStateParameter
State parameter correctly returned
state
FT3PnAUeFe
2020-09-04 12:14:14 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3
2020-09-04 12:14:14 SUCCESS
EnsureMinimumAuthorizationCodeLength
Authorization code is of sufficient length
actual
256
required
128
2020-09-04 12:14:14 SUCCESS
EnsureMinimumAuthorizationCodeEntropy
Calculated shannon entropy seems sufficient
actual
140.49022499567306
expected
96.0
2020-09-04 12:14:14 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjhsYkd2OGNEc0VzUlVsOGlEQWFqRmciLCJzX2hhc2giOiIyakJMNXRmcWh0OV9FYlhiQllMRy13IiwiYXpwIjoiT0lERkNFUlQwMDAzIiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1MjUzLCJpYXQiOjE1OTkyMjE2NTMsIm5vbmNlIjoiT0d3dHg0a0RFbCJ9.nW4KzLMK4xTNH7RgV7LhGb2oP3qbMl5ALp3Oy2lOLvrpvIVDzvvG1QEpOf80thx7EXw7rDeZU0dnEH1jcctigw
header
{
  "typ": "JWT",
  "alg": "ES256"
}
claims
{
  "sub": "1",
  "aud": "OIDFCERT0003",
  "acr": "urn:mace:incommon:iap:silver",
  "c_hash": "8lbGv8cDsEsRUl8iDAajFg",
  "s_hash": "2jBL5tfqht9_EbXbBYLG-w",
  "azp": "OIDFCERT0003",
  "amr": "AUTH_OP",
  "iss": "https://3a-rplib-test3.cloud-idauth.com/oc/",
  "exp": 1599225253,
  "iat": 1599221653,
  "nonce": "OGwtx4kDEl"
}
2020-09-04 12:14:14 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-09-04 12:14:14 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
OGwtx4kDEl
2020-09-04 12:14:14 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:mace:incommon:iap:silver
requested
[
  "urn:mace:incommon:iap:silver"
]
2020-09-04 12:14:14 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjhsYkd2OGNEc0VzUlVsOGlEQWFqRmciLCJzX2hhc2giOiIyakJMNXRmcWh0OV9FYlhiQllMRy13IiwiYXpwIjoiT0lERkNFUlQwMDAzIiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1MjUzLCJpYXQiOjE1OTkyMjE2NTMsIm5vbmNlIjoiT0d3dHg0a0RFbCJ9.nW4KzLMK4xTNH7RgV7LhGb2oP3qbMl5ALp3Oy2lOLvrpvIVDzvvG1QEpOf80thx7EXw7rDeZU0dnEH1jcctigw
2020-09-04 12:14:14 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjhsYkd2OGNEc0VzUlVsOGlEQWFqRmciLCJzX2hhc2giOiIyakJMNXRmcWh0OV9FYlhiQllMRy13IiwiYXpwIjoiT0lERkNFUlQwMDAzIiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1MjUzLCJpYXQiOjE1OTkyMjE2NTMsIm5vbmNlIjoiT0d3dHg0a0RFbCJ9.nW4KzLMK4xTNH7RgV7LhGb2oP3qbMl5ALp3Oy2lOLvrpvIVDzvvG1QEpOf80thx7EXw7rDeZU0dnEH1jcctigw
2020-09-04 12:14:14 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
1
2020-09-04 12:14:14 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
ES256
2020-09-04 12:14:14 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2020-09-04 12:14:14 SUCCESS
ExtractSHash
Extracted s_hash from ID Token
s_hash
2jBL5tfqht9_EbXbBYLG-w
alg
ES256
2020-09-04 12:14:14 SUCCESS
ValidateSHash
s_hash validated successfully
expected_hash
2jBL5tfqht9_EbXbBYLG-w
unhashed_value
FT3PnAUeFe
id_token_hash
2jBL5tfqht9_EbXbBYLG-w
2020-09-04 12:14:14 SUCCESS
ExtractCHash
Extracted c_hash from ID Token
c_hash
8lbGv8cDsEsRUl8iDAajFg
alg
ES256
2020-09-04 12:14:14 SUCCESS
ValidateCHash
c_hash validated successfully
expected_hash
8lbGv8cDsEsRUl8iDAajFg
unhashed_value
rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3
id_token_hash
8lbGv8cDsEsRUl8iDAajFg
2020-09-04 12:14:14 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
grant_type
authorization_code
code
rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
2020-09-04 12:14:14 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
OIDFCERT0003
sub
OIDFCERT0003
aud
https://3a-rplib-test3.cloud-idauth.com/oc/TokenEndpoint/
jti
L8tMADnpkFOaBBFYxrqo
iat
1599221654
exp
1599221714
2020-09-04 12:14:14 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJPSURGQ0VSVDAwMDMiLCJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcL1Rva2VuRW5kcG9pbnRcLyIsImlzcyI6Ik9JREZDRVJUMDAwMyIsImV4cCI6MTU5OTIyMTcxNCwiaWF0IjoxNTk5MjIxNjU0LCJqdGkiOiJMOHRNQURucGtGT2FCQkZZeHJxbyJ9.SytPL6tpNV5v0iaUgEqztziPQph-D7e0Z5KsX4ZtEiQ8amHDSgHNmGvJ-QeXUolw-sBu6wryuYXIMKfcsBaFng
2020-09-04 12:14:14
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
client_assertion
eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJPSURGQ0VSVDAwMDMiLCJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcL1Rva2VuRW5kcG9pbnRcLyIsImlzcyI6Ik9JREZDRVJUMDAwMyIsImV4cCI6MTU5OTIyMTcxNCwiaWF0IjoxNTk5MjIxNjU0LCJqdGkiOiJMOHRNQURucGtGT2FCQkZZeHJxbyJ9.SytPL6tpNV5v0iaUgEqztziPQph-D7e0Z5KsX4ZtEiQ8amHDSgHNmGvJ-QeXUolw-sBu6wryuYXIMKfcsBaFng
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2020-09-04 12:14:14
CallTokenEndpoint
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/TokenEndpoint/
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "643"
}
request_body
grant_type=authorization_code&code=rHW1K3WH6Eng8em0V5p4ndmqDN3gHIe3&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2FNC7000-3A-OC%2Fcallback&client_assertion=eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJPSURGQ0VSVDAwMDMiLCJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcL1Rva2VuRW5kcG9pbnRcLyIsImlzcyI6Ik9JREZDRVJUMDAwMyIsImV4cCI6MTU5OTIyMTcxNCwiaWF0IjoxNTk5MjIxNjU0LCJqdGkiOiJMOHRNQURucGtGT2FCQkZZeHJxbyJ9.SytPL6tpNV5v0iaUgEqztziPQph-D7e0Z5KsX4ZtEiQ8amHDSgHNmGvJ-QeXUolw-sBu6wryuYXIMKfcsBaFng&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg\u003d"
}
2020-09-04 12:14:15 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Fri, 04 Sep 2020 12:14:15 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003dAC339BCD6C6EB176583722BB2CAB8051; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "588",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"access_token":"5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb","refresh_token":"NuvOGVR1yfGUfbPlZtPb1fQPvKwgtrYt","scope":"SCOPE0002","id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwMyIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI1NSwiaWF0IjoxNTk5MjIxNjU1LCJub25jZSI6Ik9Hd3R4NGtERWwifQ.IvLzC_nENkGw9IJLjE_4wDIAnt9EeHTzznH5Fulb1eFZmp1xhHHz-5Hulw6H2vqVhYqn6s1uquOtDy-jN-RL7w","token_type":"Bearer","expires_in":60}
2020-09-04 12:14:15
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"access_token":"5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb","refresh_token":"NuvOGVR1yfGUfbPlZtPb1fQPvKwgtrYt","scope":"SCOPE0002","id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwMyIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI1NSwiaWF0IjoxNTk5MjIxNjU1LCJub25jZSI6Ik9Hd3R4NGtERWwifQ.IvLzC_nENkGw9IJLjE_4wDIAnt9EeHTzznH5Fulb1eFZmp1xhHHz-5Hulw6H2vqVhYqn6s1uquOtDy-jN-RL7w","token_type":"Bearer","expires_in":60}
2020-09-04 12:14:15 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb
refresh_token
NuvOGVR1yfGUfbPlZtPb1fQPvKwgtrYt
scope
SCOPE0002
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwMyIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI1NSwiaWF0IjoxNTk5MjIxNjU1LCJub25jZSI6Ik9Hd3R4NGtERWwifQ.IvLzC_nENkGw9IJLjE_4wDIAnt9EeHTzznH5Fulb1eFZmp1xhHHz-5Hulw6H2vqVhYqn6s1uquOtDy-jN-RL7w
token_type
Bearer
expires_in
60
2020-09-04 12:14:15 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2020-09-04 12:14:15 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb
2020-09-04 12:14:15 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb
type
Bearer
2020-09-04 12:14:15 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
60
2020-09-04 12:14:15 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
60
2020-09-04 12:14:15 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
NuvOGVR1yfGUfbPlZtPb1fQPvKwgtrYt
2020-09-04 12:14:15 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
256
required
128
2020-09-04 12:14:15 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
137.73533749350958
expected
96.0
2020-09-04 12:14:15 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
256
required
128
2020-09-04 12:14:15 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
142.49022499567306
expected
96.0
2020-09-04 12:14:15 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwMyIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI1NSwiaWF0IjoxNTk5MjIxNjU1LCJub25jZSI6Ik9Hd3R4NGtERWwifQ.IvLzC_nENkGw9IJLjE_4wDIAnt9EeHTzznH5Fulb1eFZmp1xhHHz-5Hulw6H2vqVhYqn6s1uquOtDy-jN-RL7w
header
{
  "typ": "JWT",
  "alg": "ES256"
}
claims
{
  "sub": "1",
  "aud": "OIDFCERT0003",
  "acr": "urn:mace:incommon:iap:silver",
  "azp": "OIDFCERT0003",
  "amr": "AUTH_OP",
  "iss": "https://3a-rplib-test3.cloud-idauth.com/oc/",
  "exp": 1599225255,
  "iat": 1599221655,
  "nonce": "OGwtx4kDEl"
}
2020-09-04 12:14:15 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-09-04 12:14:15 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
OGwtx4kDEl
2020-09-04 12:14:15 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:mace:incommon:iap:silver
requested
[
  "urn:mace:incommon:iap:silver"
]
2020-09-04 12:14:15 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwMyIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI1NSwiaWF0IjoxNTk5MjIxNjU1LCJub25jZSI6Ik9Hd3R4NGtERWwifQ.IvLzC_nENkGw9IJLjE_4wDIAnt9EeHTzznH5Fulb1eFZmp1xhHHz-5Hulw6H2vqVhYqn6s1uquOtDy-jN-RL7w
2020-09-04 12:14:15 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDAzIiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwMyIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI1NSwiaWF0IjoxNTk5MjIxNjU1LCJub25jZSI6Ik9Hd3R4NGtERWwifQ.IvLzC_nENkGw9IJLjE_4wDIAnt9EeHTzznH5Fulb1eFZmp1xhHHz-5Hulw6H2vqVhYqn6s1uquOtDy-jN-RL7w
2020-09-04 12:14:15 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
1
2020-09-04 12:14:15 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
ES256
2020-09-04 12:14:15 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2020-09-04 12:14:15 INFO
ExtractCHash
Couldn't find c_hash in ID token
2020-09-04 12:14:15 INFO
ExtractSHash
Couldn't find s_hash in ID token
2020-09-04 12:14:15 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2020-09-04 12:14:15 INFO
ValidateCHash
Skipped evaluation due to missing required object: c_hash
expected
c_hash
mapped
2020-09-04 12:14:15 INFO
ValidateSHash
Skipped evaluation due to missing required object: s_hash
expected
s_hash
mapped
2020-09-04 12:14:15 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Verify at_hash in the authorization endpoint id_token
2020-09-04 12:14:15 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2020-09-04 12:14:15 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Accounts request endpoint TLS test
2020-09-04 12:14:15 SUCCESS
EnsureTLS12WithFAPICiphers
Server agreed to TLS 1.2
port
443
host
3a-rplib-test3.cloud-idauth.com
2020-09-04 12:14:16 SUCCESS
DisallowTLS10
Server refused TLS 1.0 handshake
port
443
host
3a-rplib-test3.cloud-idauth.com
2020-09-04 12:14:16 SUCCESS
DisallowTLS11
Server refused TLS 1.1 handshake
port
443
host
3a-rplib-test3.cloud-idauth.com
2020-09-04 12:14:16
DisallowInsecureCipher
Trying to connect with a non-permitted cipher (this is not exhaustive: check the server configuration manually to verify conformance)
port
443
host
3a-rplib-test3.cloud-idauth.com
2020-09-04 12:14:16 SUCCESS
DisallowInsecureCipher
The TLS handshake was rejected when trying to connect with disallowed ciphers.
port
443
host
3a-rplib-test3.cloud-idauth.com
Accounts resource endpoint TLS test
2020-09-04 12:14:17 SUCCESS
EnsureTLS12WithFAPICiphers
Server agreed to TLS 1.2
port
443
host
3a-rplib-test3.cloud-idauth.com
2020-09-04 12:14:17 SUCCESS
DisallowTLS10
Server refused TLS 1.0 handshake
port
443
host
3a-rplib-test3.cloud-idauth.com
2020-09-04 12:14:17 SUCCESS
DisallowTLS11
Server refused TLS 1.1 handshake
port
443
host
3a-rplib-test3.cloud-idauth.com
2020-09-04 12:14:18
DisallowInsecureCipher
Trying to connect with a non-permitted cipher (this is not exhaustive: check the server configuration manually to verify conformance)
port
443
host
3a-rplib-test3.cloud-idauth.com
2020-09-04 12:14:18 SUCCESS
DisallowInsecureCipher
The TLS handshake was rejected when trying to connect with disallowed ciphers.
port
443
host
3a-rplib-test3.cloud-idauth.com
Resource server endpoint tests
2020-09-04 12:14:18
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2020-09-04 12:14:18 SUCCESS
AddFAPIAuthDateToResourceEndpointRequest
Added x-fapi-auth-date to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Fri, 04 Sep 2020 12:14:18 GMT"
}
2020-09-04 12:14:18
AddIpV4FapiCustomerIpAddressToResourceEndpointRequest
Added x-fapi-customer-ip-address containing IPv4 address to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Fri, 04 Sep 2020 12:14:18 GMT",
  "x-fapi-customer-ip-address": "198.51.100.119"
}
2020-09-04 12:14:18
CreateRandomFAPIInteractionId
Created interaction ID
fapi_interaction_id
fd5696f2-f080-4ddc-a6cf-96695f2fac0b
2020-09-04 12:14:18
AddFAPIInteractionIdToResourceEndpointRequest
Condition ran but did not log anything
2020-09-04 12:14:18
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/accounts
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "x-fapi-auth-date": "Fri, 04 Sep 2020 12:14:18 GMT",
  "x-fapi-customer-ip-address": "198.51.100.119",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "authorization": "Bearer 5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg\u003d"
}
2020-09-04 12:14:19 RESPONSE
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Fri, 04 Sep 2020 12:14:18 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003d1558892C3855C3509A2A8228417F1897; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "133",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"iss":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","sub":"1","aud":"OIDFCERT0003","country":"japan","postal_code":"105-0001"}
2020-09-04 12:14:19 SUCCESS
CallProtectedResourceWithBearerTokenAndCustomHeaders
Got a response from the resource endpoint
headers
{
  "date": "Fri, 04 Sep 2020 12:14:18 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003d1558892C3855C3509A2A8228417F1897; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "133",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
status_code
{
  "code": 200
}
body
{"iss":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","sub":"1","aud":"OIDFCERT0003","country":"japan","postal_code":"105-0001"}
2020-09-04 12:14:19 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Fri, 04 Sep 2020 12:14:18 GMT
skew
1241
2020-09-04 12:14:19 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
fd5696f2-f080-4ddc-a6cf-96695f2fac0b
2020-09-04 12:14:19 SUCCESS
EnsureMatchingFAPIInteractionId
Interaction ID matched
fapi_interaction_id
fd5696f2-f080-4ddc-a6cf-96695f2fac0b
2020-09-04 12:14:19 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is JSON
content_type
application/json;charset=UTF-8
2020-09-04 12:14:19
DisallowAccessTokenInQuery
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/accounts?access_token=5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg\u003d"
}
2020-09-04 12:14:19 RESPONSE
DisallowAccessTokenInQuery
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
400
response_headers
{
  "date": "Fri, 04 Sep 2020 12:14:19 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003d425350ACC512C846B59A2B972503F24F; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "126",
  "connection": "close"
}
response_body
{"error_description":"HTTPメソッド確認リクエスト不正エラー","error":"invalid_request","error_uri":"error_uri"}
2020-09-04 12:14:19 SUCCESS
DisallowAccessTokenInQuery
Resource server refused request
code
400
status
400
2020-09-04 12:14:19
AddIpV6FapiCustomerIpAddressToResourceEndpointRequest
Added x-fapi-customer-ip-address containing IPv5 address to resource endpoint request headers
resource_endpoint_request_headers
{
  "x-fapi-auth-date": "Fri, 04 Sep 2020 12:14:18 GMT",
  "x-fapi-customer-ip-address": "2001:DB8::1893:25c8:1946",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b"
}
2020-09-04 12:14:19 SUCCESS
SetPlainJsonAcceptHeaderForResourceEndpointRequest
Set Accept header
Accept
application/json
2020-09-04 12:14:19
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/accounts
request_method
GET
request_headers
{
  "accept": "application/json",
  "x-fapi-auth-date": "Fri, 04 Sep 2020 12:14:18 GMT",
  "x-fapi-customer-ip-address": "2001:DB8::1893:25c8:1946",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "authorization": "Bearer 5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg\u003d"
}
2020-09-04 12:14:20 RESPONSE
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Fri, 04 Sep 2020 12:14:20 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003d69739E8D8DD0F8D0F8CBC5FC343C612B; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "133",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"iss":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","sub":"1","aud":"OIDFCERT0003","country":"japan","postal_code":"105-0001"}
2020-09-04 12:14:20 SUCCESS
CallProtectedResourceWithBearerTokenAndCustomHeaders
Got a response from the resource endpoint
headers
{
  "date": "Fri, 04 Sep 2020 12:14:20 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003d69739E8D8DD0F8D0F8CBC5FC343C612B; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "133",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
status_code
{
  "code": 200
}
body
{"iss":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","sub":"1","aud":"OIDFCERT0003","country":"japan","postal_code":"105-0001"}
2020-09-04 12:14:20 SUCCESS
SetPermissiveAcceptHeaderForResourceEndpointRequest
Set Accept header
Accept
application/json, application/*+json, */*
2020-09-04 12:14:20
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/accounts
request_method
GET
request_headers
{
  "accept": "application/json, application/*+json, */*",
  "x-fapi-auth-date": "Fri, 04 Sep 2020 12:14:18 GMT",
  "x-fapi-customer-ip-address": "2001:DB8::1893:25c8:1946",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "authorization": "Bearer 5CoV1wWAl7jO1W7AcADoKcRrq4cgQzmb",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg\u003d"
}
2020-09-04 12:14:21 RESPONSE
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Fri, 04 Sep 2020 12:14:21 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003d878D84B28E2F9DFF4E5A2B1DE7C2AE10; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "133",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"iss":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","sub":"1","aud":"OIDFCERT0003","country":"japan","postal_code":"105-0001"}
2020-09-04 12:14:21 SUCCESS
CallProtectedResourceWithBearerTokenAndCustomHeaders
Got a response from the resource endpoint
headers
{
  "date": "Fri, 04 Sep 2020 12:14:21 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003d878D84B28E2F9DFF4E5A2B1DE7C2AE10; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "x-fapi-interaction-id": "fd5696f2-f080-4ddc-a6cf-96695f2fac0b",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "133",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
status_code
{
  "code": 200
}
body
{"iss":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","sub":"1","aud":"OIDFCERT0003","country":"japan","postal_code":"105-0001"}
2020-09-04 12:14:21 SUCCESS
ClearAcceptHeaderForResourceEndpointRequest
Cleared custom Accept header
Second client: Setup
2020-09-04 12:14:21 SUCCESS
AddRedirectUriQuerySuffix
Created redirect URI query suffix to test that query sections in the registered redirect url are handled correctly. The redirect url, including this suffix, must be registered for the client as per http://openid.net/certification/fapi_op_testing/
redirect_uri_suffix
?dummy1=lorem&dummy2=ipsum
2020-09-04 12:14:21
CreateRedirectUri
Appending suffix to redirect URI
suffix
?dummy1=lorem&dummy2=ipsum
2020-09-04 12:14:21 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1=lorem&dummy2=ipsum
Second client: Make request to authorization endpoint
2020-09-04 12:14:21 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
OIDFCERT0004
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1=lorem&dummy2=ipsum
scope
openid SCOPE0002 offline_access
2020-09-04 12:14:21 SUCCESS
AddAcrClaimToAuthorizationEndpointRequest
Added acr claim to authorization_endpoint_request
authorization_endpoint_request
{
  "client_id": "OIDFCERT0004",
  "redirect_uri": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1\u003dlorem\u0026dummy2\u003dipsum",
  "scope": "openid SCOPE0002 offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  }
}
2020-09-04 12:14:21
CreateRandomStateValue
Created state value
requested_state_length
10
state
sdC35YcAbG
2020-09-04 12:14:21 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
OIDFCERT0004
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1=lorem&dummy2=ipsum
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
sdC35YcAbG
2020-09-04 12:14:21
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
IfS4HJgr8w
2020-09-04 12:14:21 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
OIDFCERT0004
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1=lorem&dummy2=ipsum
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
sdC35YcAbG
nonce
IfS4HJgr8w
2020-09-04 12:14:21 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCodeIdtoken
Added response_type parameter to request
client_id
OIDFCERT0004
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1=lorem&dummy2=ipsum
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
sdC35YcAbG
nonce
IfS4HJgr8w
response_type
code id_token
2020-09-04 12:14:21 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "OIDFCERT0004",
  "redirect_uri": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1\u003dlorem\u0026dummy2\u003dipsum",
  "scope": "openid SCOPE0002 offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "state": "sdC35YcAbG",
  "nonce": "IfS4HJgr8w",
  "response_type": "code id_token"
}
2020-09-04 12:14:21 SUCCESS
AddIatToRequestObject
Added iat to request object claims
iat
1.599221661E9
2020-09-04 12:14:21 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.599221961E9
2020-09-04 12:14:21 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://3a-rplib-test3.cloud-idauth.com/oc/
2020-09-04 12:14:21 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
OIDFCERT0004
2020-09-04 12:14:21 SUCCESS
AddClientIdToRequestObject
Added client_id to request object claims
client_id
OIDFCERT0004
2020-09-04 12:14:21 SUCCESS
SignRequestObject
Signed the request object
claims
{"aud":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","scope":"openid SCOPE0002 offline_access","claims":{"id_token":{"acr":{"value":"urn:mace:incommon:iap:silver","essential":true}}},"iss":"OIDFCERT0004","response_type":"code id_token","redirect_uri":"https:\/\/www.certification.openid.net\/test\/a\/NC7000-3A-OC\/callback?dummy1=lorem&dummy2=ipsum","state":"sdC35YcAbG","exp":1599221961,"nonce":"IfS4HJgr8w","iat":1599221661,"client_id":"OIDFCERT0004"}
header
{"kid":"kid2019040100009","alg":"ES256"}
request_object
eyJraWQiOiJraWQyMDE5MDQwMTAwMDA5IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsInNjb3BlIjoib3BlbmlkIFNDT1BFMDAwMiBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJPSURGQ0VSVDAwMDQiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrP2R1bW15MT1sb3JlbSZkdW1teTI9aXBzdW0iLCJzdGF0ZSI6InNkQzM1WWNBYkciLCJleHAiOjE1OTkyMjE5NjEsIm5vbmNlIjoiSWZTNEhKZ3I4dyIsImlhdCI6MTU5OTIyMTY2MSwiY2xpZW50X2lkIjoiT0lERkNFUlQwMDA0In0.FoJwLp9zPl5NVbSLyp2GsApSZE_HbE6ubU0RJ-b-iIloTV5VVKXImoNgdt_ovTZ9d8LAw6CaQ_TGtwMCo3lMpg
key
{"kty":"EC","d":"HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c","crv":"P-256","kid":"kid2019040100009","x":"ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1","y":"AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9","alg":"ES256"}
2020-09-04 12:14:21 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://3a-rplib-test3.cloud-idauth.com/oc/AuthorizationEndpoint/?request=eyJraWQiOiJraWQyMDE5MDQwMTAwMDA5IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsInNjb3BlIjoib3BlbmlkIFNDT1BFMDAwMiBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJPSURGQ0VSVDAwMDQiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrP2R1bW15MT1sb3JlbSZkdW1teTI9aXBzdW0iLCJzdGF0ZSI6InNkQzM1WWNBYkciLCJleHAiOjE1OTkyMjE5NjEsIm5vbmNlIjoiSWZTNEhKZ3I4dyIsImlhdCI6MTU5OTIyMTY2MSwiY2xpZW50X2lkIjoiT0lERkNFUlQwMDA0In0.FoJwLp9zPl5NVbSLyp2GsApSZE_HbE6ubU0RJ-b-iIloTV5VVKXImoNgdt_ovTZ9d8LAw6CaQ_TGtwMCo3lMpg&client_id=OIDFCERT0004&redirect_uri=https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1%3Dlorem%26dummy2%3Dipsum&scope=openid%20SCOPE0002%20offline_access&response_type=code%20id_token
2020-09-04 12:14:21 REDIRECT
fapi-rw-id2
Redirecting to authorization endpoint
redirect_to
https://3a-rplib-test3.cloud-idauth.com/oc/AuthorizationEndpoint/?request=eyJraWQiOiJraWQyMDE5MDQwMTAwMDA5IiwiYWxnIjoiRVMyNTYifQ.eyJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsInNjb3BlIjoib3BlbmlkIFNDT1BFMDAwMiBvZmZsaW5lX2FjY2VzcyIsImNsYWltcyI6eyJpZF90b2tlbiI6eyJhY3IiOnsidmFsdWUiOiJ1cm46bWFjZTppbmNvbW1vbjppYXA6c2lsdmVyIiwiZXNzZW50aWFsIjp0cnVlfX19LCJpc3MiOiJPSURGQ0VSVDAwMDQiLCJyZXNwb25zZV90eXBlIjoiY29kZSBpZF90b2tlbiIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrP2R1bW15MT1sb3JlbSZkdW1teTI9aXBzdW0iLCJzdGF0ZSI6InNkQzM1WWNBYkciLCJleHAiOjE1OTkyMjE5NjEsIm5vbmNlIjoiSWZTNEhKZ3I4dyIsImlhdCI6MTU5OTIyMTY2MSwiY2xpZW50X2lkIjoiT0lERkNFUlQwMDA0In0.FoJwLp9zPl5NVbSLyp2GsApSZE_HbE6ubU0RJ-b-iIloTV5VVKXImoNgdt_ovTZ9d8LAw6CaQ_TGtwMCo3lMpg&client_id=OIDFCERT0004&redirect_uri=https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1%3Dlorem%26dummy2%3Dipsum&scope=openid%20SCOPE0002%20offline_access&response_type=code%20id_token
2020-09-04 12:14:35 INCOMING
fapi-rw-id2
Incoming HTTP request to test instance uCengaPXahn79tS
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "referer": "https://3a-rplib-test3.cloud-idauth.com/oc/InternalAuthoriEndpoint/?client_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_client_uri\u0026logo_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_logo_uri\u0026tos_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_tos_uri\u0026client_name\u003dOIDF_CertTest_Client_0004\u0026client_id\u003dOIDFCERT0004\u0026policy_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_policy_uri\u0026loa\u003durn%3Amace%3Aincommon%3Aiap%3Asilver",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "__utma\u003d201319536.1292565018.1574312754.1579157407.1595894834.4; __utmz\u003d201319536.1595894834.4.1.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d693303D47D789DBFDE90865115D8222F",
  "connection": "close",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
incoming_path
callback
incoming_body_form_params
incoming_method
GET
incoming_body_json
incoming_query_string_params
{
  "dummy1": "lorem",
  "dummy2": "ipsum"
}
incoming_body
2020-09-04 12:14:35 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/kYH3yA0byOGvuBzy54rh",
  "fullUrl": "https://www.certification.openid.net/test/a/NC7000-3A-OC/implicit/kYH3yA0byOGvuBzy54rh"
}
2020-09-04 12:14:35 OUTGOING
fapi-rw-id2
Response to HTTP request to test instance uCengaPXahn79tS
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/NC7000-3A-OC/implicit/kYH3yA0byOGvuBzy54rh, returnUrl=/log-detail.html?log=uCengaPXahn79tS}]
outgoing_path
callback
2020-09-04 12:14:35 INCOMING
fapi-rw-id2
Incoming HTTP request to test instance uCengaPXahn79tS
incoming_headers
{
  "host": "www.certification.openid.net",
  "accept": "*/*",
  "x-requested-with": "XMLHttpRequest",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "content-type": "text/plain",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1\u003dlorem\u0026dummy2\u003dipsum",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "__utma\u003d201319536.1292565018.1574312754.1579157407.1595894834.4; __utmz\u003d201319536.1595894834.4.1.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d693303D47D789DBFDE90865115D8222F",
  "content-length": "569",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net",
  "connection": "close"
}
incoming_path
implicit/kYH3yA0byOGvuBzy54rh
incoming_body_form_params
incoming_method
POST
incoming_body_json
incoming_query_string_params
{}
incoming_body
#code=8scBRJ20WOVPldDznEOI5BXBdwPMPVkN&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjZKZ1JmdUlrZWxwbDY1eGI4NHhiWkEiLCJzX2hhc2giOiJDaGJDUHhGdTBlTGxyNlVMcGc1eGJRIiwiYXpwIjoiT0lERkNFUlQwMDA0IiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1Mjc1LCJpYXQiOjE1OTkyMjE2NzUsIm5vbmNlIjoiSWZTNEhKZ3I4dyJ9.UA5X51WT4xaxBUa4KdElTmp_62gTcFdcLm6W5soojdFl6U8cffCVkpzA42qPsRFD4fW_PwU9cavOujKSixumiQ&state=sdC35YcAbG
2020-09-04 12:14:35 OUTGOING
fapi-rw-id2
Response to HTTP request to test instance uCengaPXahn79tS
outgoing
org.springframework.web.servlet.view.RedirectView: [RedirectView]; URL [/log-detail.html?log=uCengaPXahn79tS]
outgoing_path
implicit/kYH3yA0byOGvuBzy54rh
2020-09-04 12:14:35
ExtractImplicitHashToCallbackResponse
Extracted response from URL fragment
parameters
[
  {
    "name": "code",
    "value": "8scBRJ20WOVPldDznEOI5BXBdwPMPVkN"
  },
  {
    "name": "id_token",
    "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjZKZ1JmdUlrZWxwbDY1eGI4NHhiWkEiLCJzX2hhc2giOiJDaGJDUHhGdTBlTGxyNlVMcGc1eGJRIiwiYXpwIjoiT0lERkNFUlQwMDA0IiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1Mjc1LCJpYXQiOjE1OTkyMjE2NzUsIm5vbmNlIjoiSWZTNEhKZ3I4dyJ9.UA5X51WT4xaxBUa4KdElTmp_62gTcFdcLm6W5soojdFl6U8cffCVkpzA42qPsRFD4fW_PwU9cavOujKSixumiQ"
  },
  {
    "name": "state",
    "value": "sdC35YcAbG"
  }
]
2020-09-04 12:14:35 SUCCESS
ExtractImplicitHashToCallbackResponse
Extracted the hash values
code
8scBRJ20WOVPldDznEOI5BXBdwPMPVkN
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjZKZ1JmdUlrZWxwbDY1eGI4NHhiWkEiLCJzX2hhc2giOiJDaGJDUHhGdTBlTGxyNlVMcGc1eGJRIiwiYXpwIjoiT0lERkNFUlQwMDA0IiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1Mjc1LCJpYXQiOjE1OTkyMjE2NzUsIm5vbmNlIjoiSWZTNEhKZ3I4dyJ9.UA5X51WT4xaxBUa4KdElTmp_62gTcFdcLm6W5soojdFl6U8cffCVkpzA42qPsRFD4fW_PwU9cavOujKSixumiQ
state
sdC35YcAbG
2020-09-04 12:14:35 REDIRECT-IN
fapi-rw-id2
Authorization endpoint response captured
url_query
{
  "dummy1": "lorem",
  "dummy2": "ipsum"
}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "referer": "https://3a-rplib-test3.cloud-idauth.com/oc/InternalAuthoriEndpoint/?client_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_client_uri\u0026logo_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_logo_uri\u0026tos_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_tos_uri\u0026client_name\u003dOIDF_CertTest_Client_0004\u0026client_id\u003dOIDFCERT0004\u0026policy_uri\u003dhttp%3A%2F%2Flocalhost%2Ftest_policy_uri\u0026loa\u003durn%3Amace%3Aincommon%3Aiap%3Asilver",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "__utma\u003d201319536.1292565018.1574312754.1579157407.1595894834.4; __utmz\u003d201319536.1595894834.4.1.utmcsr\u003dgoogle|utmccn\u003d(organic)|utmcmd\u003dorganic|utmctr\u003d(not%20provided); JSESSIONID\u003d693303D47D789DBFDE90865115D8222F",
  "connection": "close",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{
  "code": "8scBRJ20WOVPldDznEOI5BXBdwPMPVkN",
  "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjZKZ1JmdUlrZWxwbDY1eGI4NHhiWkEiLCJzX2hhc2giOiJDaGJDUHhGdTBlTGxyNlVMcGc1eGJRIiwiYXpwIjoiT0lERkNFUlQwMDA0IiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1Mjc1LCJpYXQiOjE1OTkyMjE2NzUsIm5vbmNlIjoiSWZTNEhKZ3I4dyJ9.UA5X51WT4xaxBUa4KdElTmp_62gTcFdcLm6W5soojdFl6U8cffCVkpzA42qPsRFD4fW_PwU9cavOujKSixumiQ",
  "state": "sdC35YcAbG"
}
post_body
Second client: Verify authorization endpoint response
2020-09-04 12:14:35 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2020-09-04 12:14:35 SUCCESS
RejectErrorInUrlQuery
'error' is not present in URL query returned from authorization endpoint
2020-09-04 12:14:35 SUCCESS
CheckMatchingCallbackParameters
Callback parameters successfully verified
dummy1
lorem
dummy2
ipsum
2020-09-04 12:14:35 SUCCESS
RejectStateInUrlQueryForHybridFlow
state is correctly not present in URL query returned from authorization endpoint (as in the hybrid flow it must be returned in the URL fragment/hash only)
2020-09-04 12:14:35 SUCCESS
CheckIfAuthorizationEndpointError
No error from authorization endpoint
2020-09-04 12:14:35 SUCCESS
ValidateSuccessfulHybridResponseFromAuthorizationEndpoint
authorization endpoint response does not include unexpected parameters
code
8scBRJ20WOVPldDznEOI5BXBdwPMPVkN
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjZKZ1JmdUlrZWxwbDY1eGI4NHhiWkEiLCJzX2hhc2giOiJDaGJDUHhGdTBlTGxyNlVMcGc1eGJRIiwiYXpwIjoiT0lERkNFUlQwMDA0IiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1Mjc1LCJpYXQiOjE1OTkyMjE2NzUsIm5vbmNlIjoiSWZTNEhKZ3I4dyJ9.UA5X51WT4xaxBUa4KdElTmp_62gTcFdcLm6W5soojdFl6U8cffCVkpzA42qPsRFD4fW_PwU9cavOujKSixumiQ
state
sdC35YcAbG
2020-09-04 12:14:35 SUCCESS
CheckMatchingStateParameter
State parameter correctly returned
state
sdC35YcAbG
2020-09-04 12:14:35 SUCCESS
ExtractAuthorizationCodeFromAuthorizationResponse
Found authorization code
code
8scBRJ20WOVPldDznEOI5BXBdwPMPVkN
2020-09-04 12:14:35 SUCCESS
EnsureMinimumAuthorizationCodeLength
Authorization code is of sufficient length
actual
256
required
128
2020-09-04 12:14:35 SUCCESS
EnsureMinimumAuthorizationCodeEntropy
Calculated shannon entropy seems sufficient
actual
144.49022499567306
expected
96.0
2020-09-04 12:14:35 SUCCESS
ExtractIdTokenFromAuthorizationResponse
Found and parsed the id_token from authorization_endpoint_response
value
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjZKZ1JmdUlrZWxwbDY1eGI4NHhiWkEiLCJzX2hhc2giOiJDaGJDUHhGdTBlTGxyNlVMcGc1eGJRIiwiYXpwIjoiT0lERkNFUlQwMDA0IiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1Mjc1LCJpYXQiOjE1OTkyMjE2NzUsIm5vbmNlIjoiSWZTNEhKZ3I4dyJ9.UA5X51WT4xaxBUa4KdElTmp_62gTcFdcLm6W5soojdFl6U8cffCVkpzA42qPsRFD4fW_PwU9cavOujKSixumiQ
header
{
  "typ": "JWT",
  "alg": "ES256"
}
claims
{
  "sub": "1",
  "aud": "OIDFCERT0004",
  "acr": "urn:mace:incommon:iap:silver",
  "c_hash": "6JgRfuIkelpl65xb84xbZA",
  "s_hash": "ChbCPxFu0eLlr6ULpg5xbQ",
  "azp": "OIDFCERT0004",
  "amr": "AUTH_OP",
  "iss": "https://3a-rplib-test3.cloud-idauth.com/oc/",
  "exp": 1599225275,
  "iat": 1599221675,
  "nonce": "IfS4HJgr8w"
}
2020-09-04 12:14:35 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-09-04 12:14:35 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
IfS4HJgr8w
2020-09-04 12:14:35 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:mace:incommon:iap:silver
requested
[
  "urn:mace:incommon:iap:silver"
]
2020-09-04 12:14:35 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjZKZ1JmdUlrZWxwbDY1eGI4NHhiWkEiLCJzX2hhc2giOiJDaGJDUHhGdTBlTGxyNlVMcGc1eGJRIiwiYXpwIjoiT0lERkNFUlQwMDA0IiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1Mjc1LCJpYXQiOjE1OTkyMjE2NzUsIm5vbmNlIjoiSWZTNEhKZ3I4dyJ9.UA5X51WT4xaxBUa4KdElTmp_62gTcFdcLm6W5soojdFl6U8cffCVkpzA42qPsRFD4fW_PwU9cavOujKSixumiQ
2020-09-04 12:14:35 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImNfaGFzaCI6IjZKZ1JmdUlrZWxwbDY1eGI4NHhiWkEiLCJzX2hhc2giOiJDaGJDUHhGdTBlTGxyNlVMcGc1eGJRIiwiYXpwIjoiT0lERkNFUlQwMDA0IiwiYW1yIjoiQVVUSF9PUCIsImlzcyI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9vY1wvIiwiZXhwIjoxNTk5MjI1Mjc1LCJpYXQiOjE1OTkyMjE2NzUsIm5vbmNlIjoiSWZTNEhKZ3I4dyJ9.UA5X51WT4xaxBUa4KdElTmp_62gTcFdcLm6W5soojdFl6U8cffCVkpzA42qPsRFD4fW_PwU9cavOujKSixumiQ
2020-09-04 12:14:35 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
1
2020-09-04 12:14:35 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
ES256
2020-09-04 12:14:35 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2020-09-04 12:14:35 SUCCESS
ExtractSHash
Extracted s_hash from ID Token
s_hash
ChbCPxFu0eLlr6ULpg5xbQ
alg
ES256
2020-09-04 12:14:35 SUCCESS
ValidateSHash
s_hash validated successfully
expected_hash
ChbCPxFu0eLlr6ULpg5xbQ
unhashed_value
sdC35YcAbG
id_token_hash
ChbCPxFu0eLlr6ULpg5xbQ
2020-09-04 12:14:35 SUCCESS
ExtractCHash
Extracted c_hash from ID Token
c_hash
6JgRfuIkelpl65xb84xbZA
alg
ES256
2020-09-04 12:14:35 SUCCESS
ValidateCHash
c_hash validated successfully
expected_hash
6JgRfuIkelpl65xb84xbZA
unhashed_value
8scBRJ20WOVPldDznEOI5BXBdwPMPVkN
id_token_hash
6JgRfuIkelpl65xb84xbZA
2020-09-04 12:14:35 SUCCESS
CreateTokenEndpointRequestForAuthorizationCodeGrant
grant_type
authorization_code
code
8scBRJ20WOVPldDznEOI5BXBdwPMPVkN
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1=lorem&dummy2=ipsum
2020-09-04 12:14:35 SUCCESS
CreateClientAuthenticationAssertionClaims
Created client assertion claims
iss
OIDFCERT0004
sub
OIDFCERT0004
aud
https://3a-rplib-test3.cloud-idauth.com/oc/TokenEndpoint/
jti
itHdl3W11cGgMoAJ16ZB
iat
1599221675
exp
1599221735
2020-09-04 12:14:35 SUCCESS
SignClientAuthenticationAssertion
Signed the client assertion
client_assertion
eyJraWQiOiJraWQyMDE5MDQwMTAwMDA5IiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJPSURGQ0VSVDAwMDQiLCJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcL1Rva2VuRW5kcG9pbnRcLyIsImlzcyI6Ik9JREZDRVJUMDAwNCIsImV4cCI6MTU5OTIyMTczNSwiaWF0IjoxNTk5MjIxNjc1LCJqdGkiOiJpdEhkbDNXMTFjR2dNb0FKMTZaQiJ9.DUd1DKxmH6qLddNvtqh1hwyFifRkUHZ5LPQ0YTm8MbD3QeGtOi271_Zun9EwkF6CBx4opMYBPEuZkYa3k2N8wQ
2020-09-04 12:14:35
AddClientAssertionToTokenEndpointRequest
Added client assertion
grant_type
authorization_code
code
8scBRJ20WOVPldDznEOI5BXBdwPMPVkN
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?dummy1=lorem&dummy2=ipsum
client_assertion
eyJraWQiOiJraWQyMDE5MDQwMTAwMDA5IiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJPSURGQ0VSVDAwMDQiLCJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcL1Rva2VuRW5kcG9pbnRcLyIsImlzcyI6Ik9JREZDRVJUMDAwNCIsImV4cCI6MTU5OTIyMTczNSwiaWF0IjoxNTk5MjIxNjc1LCJqdGkiOiJpdEhkbDNXMTFjR2dNb0FKMTZaQiJ9.DUd1DKxmH6qLddNvtqh1hwyFifRkUHZ5LPQ0YTm8MbD3QeGtOi271_Zun9EwkF6CBx4opMYBPEuZkYa3k2N8wQ
client_assertion_type
urn:ietf:params:oauth:client-assertion-type:jwt-bearer
2020-09-04 12:14:35
CallTokenEndpoint
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/TokenEndpoint/
request_method
POST
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "accept-charset": "utf-8",
  "content-type": "application/x-www-form-urlencoded;charset\u003dUTF-8",
  "content-length": "677"
}
request_body
grant_type=authorization_code&code=8scBRJ20WOVPldDznEOI5BXBdwPMPVkN&redirect_uri=https%3A%2F%2Fwww.certification.openid.net%2Ftest%2Fa%2FNC7000-3A-OC%2Fcallback%3Fdummy1%3Dlorem%26dummy2%3Dipsum&client_assertion=eyJraWQiOiJraWQyMDE5MDQwMTAwMDA5IiwiYWxnIjoiRVMyNTYifQ.eyJzdWIiOiJPSURGQ0VSVDAwMDQiLCJhdWQiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcL1Rva2VuRW5kcG9pbnRcLyIsImlzcyI6Ik9JREZDRVJUMDAwNCIsImV4cCI6MTU5OTIyMTczNSwiaWF0IjoxNTk5MjIxNjc1LCJqdGkiOiJpdEhkbDNXMTFjR2dNb0FKMTZaQiJ9.DUd1DKxmH6qLddNvtqh1hwyFifRkUHZ5LPQ0YTm8MbD3QeGtOi271_Zun9EwkF6CBx4opMYBPEuZkYa3k2N8wQ&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer
request_mutual_tls
{
  "cert": "MIIDTjCCAjYCCQCjUTxEpwknBTANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xEDAOBgNVBAcMB1RhbWFjaGkxDDAKBgNVBAoMA05FQzEMMAoGA1UECwwDTkVDMRwwGgYDVQQDDBN3d3cuM2FzZWN1cmVrZXkuY29tMB4XDTE4MDQyNzAyMDAwOFoXDTI4MDQyNDAyMDAwOFowaTELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMRAwDgYDVQQHDAdUYW1hY2hpMQwwCgYDVQQKDANORUMxDDAKBgNVBAsMA05FQzEcMBoGA1UEAwwTd3d3LjNhc2VjdXJla2V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLD3g7pwzFMzbRh5cCGuR0KBCzD5Xk3w/Zj+3hpBq5/xSaQjmOfLF3LLiFD7sZXRPFVFXii4Y2GuFccSQ3MI9sMS/HDDTmOLPIWta/U9ZtcwjNyclXrX0IR8Fxuk5E9lRf//JwlMZHAxfESvBe5WMnzGDTVdp5Hv6sWZAdkgdwQTMFM4vpHhBD6qJsxSG7jBvqVYd8w9pCZ9k1mSfKKgqPfpOA6jv2ATiwv9r9ZQNtKl/MbHY9/R59GU+S7WSPtqM5O3bJGGCXFvpZF2CghcYqn9vDhIrNOD/xo3ZF0Z+doEl8e0e1IAr2JiGD4JPpz4W67pjUVb9G+NTRtQ71YqccCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAETj+cEVPthSghrIJamsmddV+GFHYjOfvQw0r8LZYkqJZlK1FOeWwBM+kDzpxOErtPiyjvv2eBPGm9LcLZpDbMLg77Lv3HjaWy+yISRQ/wGUb9tlJ8AUeEd2uoPUzDQf5VpTBEq/M9E7CB3g2hZvwRYvq6PfsDexCwq9OWogK3WpEozIMVyOL3jYpkSJzDqPuN3nFiNc5eMJ7lo+b/K1rUEqwuN21TjwAn1DXfW0dD1a/ig004xecHU1wsIMP2ARQ/qOD7P0emE/umlwLQ0kw3HB2ideAJzU4OstiqUH41LKwIIzUu6rz6/S9PMcmVfqv9PfhITQSs8vCqC8uaWLtGg\u003d\u003d",
  "key": "MIIEpQIBAAKCAQEAosPeDunDMUzNtGHlwIa5HQoELMPleTfD9mP7eGkGrn/FJpCOY58sXcsuIUPuxldE8VUVeKLhjYa4VxxJDcwj2wxL8cMNOY4s8ha1r9T1m1zCM3JyVetfQhHwXG6TkT2VF//8nCUxkcDF8RK8F7lYyfMYNNV2nke/qxZkB2SB3BBMwUzi+keEEPqomzFIbuMG+pVh3zD2kJn2TWZJ8oqCo9+k4DqO/YBOLC/2v1lA20qX8xsdj39Hn0ZT5LtZI+2ozk7dskYYJcW+lkXYKCFxiqf28OEis04P/GjdkXRn52gSXx7R7UgCvYmIYPgk+nPhbrumNRVv0b41NG1DvVipxwIDAQABAoIBAQCVFUrD5iG/elXALxs+KShNDOueBSCe0xFPEW04cRqJosZ1+FozrYv5rSznk02VpkGjuwcbpDVsaEVYpLPVS3JcJPs6yinG2g8Y/uwTzb/ZOjE25lELmbd60OuT/kRz+DAj93jtnLO2iRfFJB/cqwxEjcFSQ2OOvrE0iCG/E7ROV7m3C5OOjKhSypP++04nWajIqW//uMDaFoFquf7x4aoHc9wRD1IyHGha9hIZA7JiY5KlwyQV/AEoz+C+O9Z8FYpqZT76fnzQvLvbk6fYr4q1a0gm/J9HTp4l0bQ9NMKVvt4PGlJmxQhQfIJixARsnKEDtu0uUcgbVXRB6pRtmG6BAoGBAM+hvgN+TX8c4fMmDvGpNB0+PvA2ZC6JJd0oLmpZMMdLRl+0A5j3nHv2nR04FlB1brD9ucInVHZYlgL5ab3/x27iV+H5spIN6cST7WH+Sjqsi43tKGyx9oXosL6RN+4HM7rTWbCxwq0tVunk01IR5FeO8xZss4UDyev6vStBjmzXAoGBAMiueG4ALkIGqTw/sTNl7vwmMcyPbjA6h68I9FkTGI0G5YHy7yWlEhdD/rUYSXVCXlh+3aftbfJ4CP9nWaM6NMREoysCQ3y/kulgJ0imPEFwnqWQMljQV1zRg9gthdixyBI6YZ62MUF6i/XYfUs0KQ9baHuzB4ejMs7U8bGENpyRAoGAHjynt0qFbqV+IjLAqmDBviB6efDx1fUTFonreIFUoTFNJlLI01X76/GWH9MzLLRtUkkg7C1eF33/Gp/HzmuZV4SO19HNN4ffK0l/oG2v0aufByQqZunjxMyGMLplMrzJw8NTpG++sgmQRq+UNrd0UWv36qQZ4J0UotD5C3uYijECgYEAoAnDMLYkLbNyMwH4Jq0bsSokfKXFkeCbZBMYChEYex8M2F0MKlFB5BvtfC4qJsEOzDQgQFMwYzUmt8eLzIgWnI7AMQRVHZ8JYeO0cFNhqi5N1mrwO7Oqd/L92eAz5WOh0ieMwi05iqZYB27mPJsUQ5L59+wGDT0wv5FCTfbKNoECgYEAoMHJZ1a/Bzq1raDHauJLk3JA+DN+5o7xDGVvda9x3rphQ4U7Vehpcg70AVWMyGoVv5N6vJdrAeZzBWP5b6ED+csRyNaLswHycsPzGy8t5Ose1P+ZlzCzDmRtynq0cQQvWl4zJAT2Wacgu2IqOrQOl+n67te3QlWrnq9IrSsWJFU\u003d"
}
2020-09-04 12:14:36 RESPONSE
CallTokenEndpoint
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Fri, 04 Sep 2020 12:14:36 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003dB70F48FA7B84B0D819C3B8823D2EA5EA; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "588",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"access_token":"16ickWVBXGo4ypcQeCwvMOSu3c5eHBKL","refresh_token":"4YLyVWVmIYJxHG9aUcx14Eek5d8wUYYV","scope":"SCOPE0002","id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwNCIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI3NiwiaWF0IjoxNTk5MjIxNjc2LCJub25jZSI6IklmUzRISmdyOHcifQ.VBPRbSFNVPix8T0HryFsL766JrhcxVEOiMj_jQf0_labYnMmjpjNlTOoGuD8oz3Z1FhP0nXdssn_ATowkSohJA","token_type":"Bearer","expires_in":60}
2020-09-04 12:14:36
CallTokenEndpoint
Token endpoint response
token_endpoint_response
{"access_token":"16ickWVBXGo4ypcQeCwvMOSu3c5eHBKL","refresh_token":"4YLyVWVmIYJxHG9aUcx14Eek5d8wUYYV","scope":"SCOPE0002","id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwNCIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI3NiwiaWF0IjoxNTk5MjIxNjc2LCJub25jZSI6IklmUzRISmdyOHcifQ.VBPRbSFNVPix8T0HryFsL766JrhcxVEOiMj_jQf0_labYnMmjpjNlTOoGuD8oz3Z1FhP0nXdssn_ATowkSohJA","token_type":"Bearer","expires_in":60}
2020-09-04 12:14:36 SUCCESS
CallTokenEndpoint
Parsed token endpoint response
access_token
16ickWVBXGo4ypcQeCwvMOSu3c5eHBKL
refresh_token
4YLyVWVmIYJxHG9aUcx14Eek5d8wUYYV
scope
SCOPE0002
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwNCIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI3NiwiaWF0IjoxNTk5MjIxNjc2LCJub25jZSI6IklmUzRISmdyOHcifQ.VBPRbSFNVPix8T0HryFsL766JrhcxVEOiMj_jQf0_labYnMmjpjNlTOoGuD8oz3Z1FhP0nXdssn_ATowkSohJA
token_type
Bearer
expires_in
60
2020-09-04 12:14:36 SUCCESS
CheckIfTokenEndpointResponseError
No error from token endpoint
2020-09-04 12:14:36 SUCCESS
CheckForAccessTokenValue
Found an access token
access_token
16ickWVBXGo4ypcQeCwvMOSu3c5eHBKL
2020-09-04 12:14:36 SUCCESS
ExtractAccessTokenFromTokenResponse
Extracted the access token
value
16ickWVBXGo4ypcQeCwvMOSu3c5eHBKL
type
Bearer
2020-09-04 12:14:36 SUCCESS
ExtractExpiresInFromTokenEndpointResponse
Extracted 'expires_in'
expires_in
60
2020-09-04 12:14:36 SUCCESS
ValidateExpiresIn
expires_in passed all validation checks
expires_in
60
2020-09-04 12:14:36 SUCCESS
CheckForRefreshTokenValue
Found a refresh token
refresh_token
4YLyVWVmIYJxHG9aUcx14Eek5d8wUYYV
2020-09-04 12:14:36 SUCCESS
EnsureMinimumRefreshTokenLength
Refresh token is of sufficient length
actual
256
required
128
2020-09-04 12:14:36 SUCCESS
EnsureMinimumRefreshTokenEntropy
Calculated shannon entropy seems sufficient
actual
141.24511249783654
expected
96.0
2020-09-04 12:14:36 SUCCESS
EnsureMinimumAccessTokenLength
Access token is of sufficient length
actual
256
required
128
2020-09-04 12:14:36 SUCCESS
EnsureMinimumAccessTokenEntropy
Calculated shannon entropy seems sufficient
actual
151.24511249783654
expected
96.0
2020-09-04 12:14:36 SUCCESS
ExtractIdTokenFromTokenResponse
Found and parsed the id_token from token_endpoint_response
value
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwNCIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI3NiwiaWF0IjoxNTk5MjIxNjc2LCJub25jZSI6IklmUzRISmdyOHcifQ.VBPRbSFNVPix8T0HryFsL766JrhcxVEOiMj_jQf0_labYnMmjpjNlTOoGuD8oz3Z1FhP0nXdssn_ATowkSohJA
header
{
  "typ": "JWT",
  "alg": "ES256"
}
claims
{
  "sub": "1",
  "aud": "OIDFCERT0004",
  "acr": "urn:mace:incommon:iap:silver",
  "azp": "OIDFCERT0004",
  "amr": "AUTH_OP",
  "iss": "https://3a-rplib-test3.cloud-idauth.com/oc/",
  "exp": 1599225276,
  "iat": 1599221676,
  "nonce": "IfS4HJgr8w"
}
2020-09-04 12:14:36 SUCCESS
ValidateIdToken
ID token iss, aud, exp, iat, auth_time, acr & nbf claims passed validation checks
2020-09-04 12:14:36 SUCCESS
ValidateIdTokenNonce
Nonce values match
nonce
IfS4HJgr8w
2020-09-04 12:14:36 SUCCESS
ValidateIdTokenACRClaimAgainstRequest
acr value in id_token is (one of) the requested values
actual
urn:mace:incommon:iap:silver
requested
[
  "urn:mace:incommon:iap:silver"
]
2020-09-04 12:14:36 SUCCESS
ValidateIdTokenSignature
id_token signature validated
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwNCIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI3NiwiaWF0IjoxNTk5MjIxNjc2LCJub25jZSI6IklmUzRISmdyOHcifQ.VBPRbSFNVPix8T0HryFsL766JrhcxVEOiMj_jQf0_labYnMmjpjNlTOoGuD8oz3Z1FhP0nXdssn_ATowkSohJA
2020-09-04 12:14:36 SUCCESS
ValidateIdTokenSignatureUsingKid
id_token signature validated
id_token
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiIxIiwiYXVkIjoiT0lERkNFUlQwMDA0IiwiYWNyIjoidXJuOm1hY2U6aW5jb21tb246aWFwOnNpbHZlciIsImF6cCI6Ik9JREZDRVJUMDAwNCIsImFtciI6IkFVVEhfT1AiLCJpc3MiOiJodHRwczpcL1wvM2EtcnBsaWItdGVzdDMuY2xvdWQtaWRhdXRoLmNvbVwvb2NcLyIsImV4cCI6MTU5OTIyNTI3NiwiaWF0IjoxNTk5MjIxNjc2LCJub25jZSI6IklmUzRISmdyOHcifQ.VBPRbSFNVPix8T0HryFsL766JrhcxVEOiMj_jQf0_labYnMmjpjNlTOoGuD8oz3Z1FhP0nXdssn_ATowkSohJA
2020-09-04 12:14:36 SUCCESS
CheckForSubjectInIdToken
Found 'sub' in id_token
sub
1
2020-09-04 12:14:36 SUCCESS
FAPIValidateIdTokenSigningAlg
id_token was signed with a permitted algorithm
alg
ES256
2020-09-04 12:14:36 INFO
FAPIValidateIdTokenEncryptionAlg
Skipped evaluation due to missing required element: id_token jwe_header
path
jwe_header
mapped
object
id_token
2020-09-04 12:14:36 INFO
ExtractCHash
Couldn't find c_hash in ID token
2020-09-04 12:14:36 INFO
ExtractSHash
Couldn't find s_hash in ID token
2020-09-04 12:14:36 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2020-09-04 12:14:36 INFO
ValidateCHash
Skipped evaluation due to missing required object: c_hash
expected
c_hash
mapped
2020-09-04 12:14:36 INFO
ValidateSHash
Skipped evaluation due to missing required object: s_hash
expected
s_hash
mapped
2020-09-04 12:14:36 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Second client: Verify at_hash in the authorization endpoint id_token
2020-09-04 12:14:36 INFO
ExtractAtHash
Couldn't find at_hash in ID token
2020-09-04 12:14:36 INFO
ValidateAtHash
Skipped evaluation due to missing required object: at_hash
expected
at_hash
mapped
Second client: Resource server endpoint tests
2020-09-04 12:14:36
CreateEmptyResourceEndpointRequestHeaders
Created empty headers
resource_endpoint_request_headers
{}
2020-09-04 12:14:36
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/accounts
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer 16ickWVBXGo4ypcQeCwvMOSu3c5eHBKL",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIDTjCCAjYCCQCjUTxEpwknBTANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xEDAOBgNVBAcMB1RhbWFjaGkxDDAKBgNVBAoMA05FQzEMMAoGA1UECwwDTkVDMRwwGgYDVQQDDBN3d3cuM2FzZWN1cmVrZXkuY29tMB4XDTE4MDQyNzAyMDAwOFoXDTI4MDQyNDAyMDAwOFowaTELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMRAwDgYDVQQHDAdUYW1hY2hpMQwwCgYDVQQKDANORUMxDDAKBgNVBAsMA05FQzEcMBoGA1UEAwwTd3d3LjNhc2VjdXJla2V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLD3g7pwzFMzbRh5cCGuR0KBCzD5Xk3w/Zj+3hpBq5/xSaQjmOfLF3LLiFD7sZXRPFVFXii4Y2GuFccSQ3MI9sMS/HDDTmOLPIWta/U9ZtcwjNyclXrX0IR8Fxuk5E9lRf//JwlMZHAxfESvBe5WMnzGDTVdp5Hv6sWZAdkgdwQTMFM4vpHhBD6qJsxSG7jBvqVYd8w9pCZ9k1mSfKKgqPfpOA6jv2ATiwv9r9ZQNtKl/MbHY9/R59GU+S7WSPtqM5O3bJGGCXFvpZF2CghcYqn9vDhIrNOD/xo3ZF0Z+doEl8e0e1IAr2JiGD4JPpz4W67pjUVb9G+NTRtQ71YqccCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAETj+cEVPthSghrIJamsmddV+GFHYjOfvQw0r8LZYkqJZlK1FOeWwBM+kDzpxOErtPiyjvv2eBPGm9LcLZpDbMLg77Lv3HjaWy+yISRQ/wGUb9tlJ8AUeEd2uoPUzDQf5VpTBEq/M9E7CB3g2hZvwRYvq6PfsDexCwq9OWogK3WpEozIMVyOL3jYpkSJzDqPuN3nFiNc5eMJ7lo+b/K1rUEqwuN21TjwAn1DXfW0dD1a/ig004xecHU1wsIMP2ARQ/qOD7P0emE/umlwLQ0kw3HB2ideAJzU4OstiqUH41LKwIIzUu6rz6/S9PMcmVfqv9PfhITQSs8vCqC8uaWLtGg\u003d\u003d",
  "key": "MIIEpQIBAAKCAQEAosPeDunDMUzNtGHlwIa5HQoELMPleTfD9mP7eGkGrn/FJpCOY58sXcsuIUPuxldE8VUVeKLhjYa4VxxJDcwj2wxL8cMNOY4s8ha1r9T1m1zCM3JyVetfQhHwXG6TkT2VF//8nCUxkcDF8RK8F7lYyfMYNNV2nke/qxZkB2SB3BBMwUzi+keEEPqomzFIbuMG+pVh3zD2kJn2TWZJ8oqCo9+k4DqO/YBOLC/2v1lA20qX8xsdj39Hn0ZT5LtZI+2ozk7dskYYJcW+lkXYKCFxiqf28OEis04P/GjdkXRn52gSXx7R7UgCvYmIYPgk+nPhbrumNRVv0b41NG1DvVipxwIDAQABAoIBAQCVFUrD5iG/elXALxs+KShNDOueBSCe0xFPEW04cRqJosZ1+FozrYv5rSznk02VpkGjuwcbpDVsaEVYpLPVS3JcJPs6yinG2g8Y/uwTzb/ZOjE25lELmbd60OuT/kRz+DAj93jtnLO2iRfFJB/cqwxEjcFSQ2OOvrE0iCG/E7ROV7m3C5OOjKhSypP++04nWajIqW//uMDaFoFquf7x4aoHc9wRD1IyHGha9hIZA7JiY5KlwyQV/AEoz+C+O9Z8FYpqZT76fnzQvLvbk6fYr4q1a0gm/J9HTp4l0bQ9NMKVvt4PGlJmxQhQfIJixARsnKEDtu0uUcgbVXRB6pRtmG6BAoGBAM+hvgN+TX8c4fMmDvGpNB0+PvA2ZC6JJd0oLmpZMMdLRl+0A5j3nHv2nR04FlB1brD9ucInVHZYlgL5ab3/x27iV+H5spIN6cST7WH+Sjqsi43tKGyx9oXosL6RN+4HM7rTWbCxwq0tVunk01IR5FeO8xZss4UDyev6vStBjmzXAoGBAMiueG4ALkIGqTw/sTNl7vwmMcyPbjA6h68I9FkTGI0G5YHy7yWlEhdD/rUYSXVCXlh+3aftbfJ4CP9nWaM6NMREoysCQ3y/kulgJ0imPEFwnqWQMljQV1zRg9gthdixyBI6YZ62MUF6i/XYfUs0KQ9baHuzB4ejMs7U8bGENpyRAoGAHjynt0qFbqV+IjLAqmDBviB6efDx1fUTFonreIFUoTFNJlLI01X76/GWH9MzLLRtUkkg7C1eF33/Gp/HzmuZV4SO19HNN4ffK0l/oG2v0aufByQqZunjxMyGMLplMrzJw8NTpG++sgmQRq+UNrd0UWv36qQZ4J0UotD5C3uYijECgYEAoAnDMLYkLbNyMwH4Jq0bsSokfKXFkeCbZBMYChEYex8M2F0MKlFB5BvtfC4qJsEOzDQgQFMwYzUmt8eLzIgWnI7AMQRVHZ8JYeO0cFNhqi5N1mrwO7Oqd/L92eAz5WOh0ieMwi05iqZYB27mPJsUQ5L59+wGDT0wv5FCTfbKNoECgYEAoMHJZ1a/Bzq1raDHauJLk3JA+DN+5o7xDGVvda9x3rphQ4U7Vehpcg70AVWMyGoVv5N6vJdrAeZzBWP5b6ED+csRyNaLswHycsPzGy8t5Ose1P+ZlzCzDmRtynq0cQQvWl4zJAT2Wacgu2IqOrQOl+n67te3QlWrnq9IrSsWJFU\u003d"
}
2020-09-04 12:14:37 RESPONSE
CallProtectedResourceWithBearerTokenAndCustomHeaders
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Fri, 04 Sep 2020 12:14:37 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003dC6C07C576D5C1DF116CA98D5DFC6F9DC; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "x-fapi-interaction-id": "a5e6ffc1-2b04-4d0c-a9a8-1f0bc9c1f598",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "133",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"iss":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","sub":"1","aud":"OIDFCERT0004","country":"japan","postal_code":"105-0001"}
2020-09-04 12:14:37 SUCCESS
CallProtectedResourceWithBearerTokenAndCustomHeaders
Got a response from the resource endpoint
headers
{
  "date": "Fri, 04 Sep 2020 12:14:37 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003dC6C07C576D5C1DF116CA98D5DFC6F9DC; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "x-fapi-interaction-id": "a5e6ffc1-2b04-4d0c-a9a8-1f0bc9c1f598",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "133",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
status_code
{
  "code": 200
}
body
{"iss":"https:\/\/3a-rplib-test3.cloud-idauth.com\/oc\/","sub":"1","aud":"OIDFCERT0004","country":"japan","postal_code":"105-0001"}
2020-09-04 12:14:37 SUCCESS
CheckForDateHeaderInResourceResponse
Date header present and validated
date
Fri, 04 Sep 2020 12:14:37 GMT
skew
365
2020-09-04 12:14:37 SUCCESS
CheckForFAPIInteractionIdInResourceResponse
Found x-fapi-interaction-id
interaction_id
a5e6ffc1-2b04-4d0c-a9a8-1f0bc9c1f598
2020-09-04 12:14:37 SUCCESS
EnsureResourceResponseReturnedJsonContentType
Response content type is JSON
content_type
application/json;charset=UTF-8
Try Client1's MTLS client certificate with Client2's access token
2020-09-04 12:14:37
CallProtectedResourceWithBearerTokenExpectingError
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/oc/accounts
request_method
GET
request_headers
{
  "accept": "application/json;charset\u003dUTF-8",
  "authorization": "Bearer 16ickWVBXGo4ypcQeCwvMOSu3c5eHBKL",
  "accept-charset": "utf-8",
  "content-length": "0"
}
request_body

                                
request_mutual_tls
{
  "cert": "MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d",
  "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg\u003d"
}
2020-09-04 12:14:38 RESPONSE
CallProtectedResourceWithBearerTokenExpectingError
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
400
response_headers
{
  "date": "Fri, 04 Sep 2020 12:14:37 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003dF39BE1E3C868517FC6FB3B646A366033; Path\u003d/oc; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "122",
  "connection": "close"
}
response_body
{"error_description":"アクセストークン検証システムエラー","error":"server_error","error_uri":"error_uri"}
2020-09-04 12:14:38 SUCCESS
CallProtectedResourceWithBearerTokenExpectingError
Resource endpoint returned error
code
400
body
{"error_description":"アクセストークン検証システムエラー","error":"server_error","error_uri":"error_uri"}
status
400
2020-09-04 12:14:38 FINISHED
fapi-rw-id2
Test has run to completion
testmodule_result
PASSED
Test Results