Test Summary

Test Results

Expand All Collapse All
All times are UTC
2022-11-16 07:18:51 INFO
TEST-RUNNER
Test instance VrNHq7cCcZEYRFp created
baseUrl
https://www.certification.openid.net/test/a/NC7000-3A-OC
variant
{
  "client_auth_type": "mtls",
  "fapi_auth_request_method": "by_value",
  "fapi_profile": "plain_fapi",
  "fapi_response_mode": "jarm"
}
alias
NC7000-3A-OC
description
NC7000-3A-OC FAPI Final Conformance Test No2
planId
xNdNcYA4T9Voz
config
{
  "alias": "NC7000-3A-OC",
  "description": "NC7000-3A-OC FAPI Final Conformance Test No2",
  "server": {
    "discoveryUrl": "https://3a-rplib-test3.cloud-idauth.com/sso/.well-known/openid-configuration"
  },
  "client": {
    "client_id": "OIDFCERT0001",
    "scope": "openid SCOPE0002 offline_access",
    "client_secret": "confidencial_client_es256_0003",
    "client_secret_jwt_alg": "HS256",
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "alg": "ES256",
          "crv": "P-256",
          "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
          "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
          "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
          "kid": "kid2019040100008"
        }
      ]
    }
  },
  "resource": {
    "resourceUrl": "https://3a-rplib-test3.cloud-idauth.com/sso/accounts"
  },
  "client2": {
    "client_id": "OIDFCERT0002",
    "scope": "openid SCOPE0002 offline_access",
    "client_secret": "confidencial_client_es256_0004",
    "client_secret_jwt_alg": "HS256",
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "alg": "ES256",
          "crv": "P-256",
          "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
          "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
          "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
          "kid": "kid2019040100009"
        }
      ]
    }
  },
  "mtls": {
    "cert": "MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg\u003d\u003d",
    "key": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg\u003d"
  },
  "mtls2": {
    "cert": "MIIDTjCCAjYCCQCjUTxEpwknBTANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xEDAOBgNVBAcMB1RhbWFjaGkxDDAKBgNVBAoMA05FQzEMMAoGA1UECwwDTkVDMRwwGgYDVQQDDBN3d3cuM2FzZWN1cmVrZXkuY29tMB4XDTE4MDQyNzAyMDAwOFoXDTI4MDQyNDAyMDAwOFowaTELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMRAwDgYDVQQHDAdUYW1hY2hpMQwwCgYDVQQKDANORUMxDDAKBgNVBAsMA05FQzEcMBoGA1UEAwwTd3d3LjNhc2VjdXJla2V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLD3g7pwzFMzbRh5cCGuR0KBCzD5Xk3w/Zj+3hpBq5/xSaQjmOfLF3LLiFD7sZXRPFVFXii4Y2GuFccSQ3MI9sMS/HDDTmOLPIWta/U9ZtcwjNyclXrX0IR8Fxuk5E9lRf//JwlMZHAxfESvBe5WMnzGDTVdp5Hv6sWZAdkgdwQTMFM4vpHhBD6qJsxSG7jBvqVYd8w9pCZ9k1mSfKKgqPfpOA6jv2ATiwv9r9ZQNtKl/MbHY9/R59GU+S7WSPtqM5O3bJGGCXFvpZF2CghcYqn9vDhIrNOD/xo3ZF0Z+doEl8e0e1IAr2JiGD4JPpz4W67pjUVb9G+NTRtQ71YqccCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAETj+cEVPthSghrIJamsmddV+GFHYjOfvQw0r8LZYkqJZlK1FOeWwBM+kDzpxOErtPiyjvv2eBPGm9LcLZpDbMLg77Lv3HjaWy+yISRQ/wGUb9tlJ8AUeEd2uoPUzDQf5VpTBEq/M9E7CB3g2hZvwRYvq6PfsDexCwq9OWogK3WpEozIMVyOL3jYpkSJzDqPuN3nFiNc5eMJ7lo+b/K1rUEqwuN21TjwAn1DXfW0dD1a/ig004xecHU1wsIMP2ARQ/qOD7P0emE/umlwLQ0kw3HB2ideAJzU4OstiqUH41LKwIIzUu6rz6/S9PMcmVfqv9PfhITQSs8vCqC8uaWLtGg\u003d\u003d",
    "key": "MIIEpQIBAAKCAQEAosPeDunDMUzNtGHlwIa5HQoELMPleTfD9mP7eGkGrn/FJpCOY58sXcsuIUPuxldE8VUVeKLhjYa4VxxJDcwj2wxL8cMNOY4s8ha1r9T1m1zCM3JyVetfQhHwXG6TkT2VF//8nCUxkcDF8RK8F7lYyfMYNNV2nke/qxZkB2SB3BBMwUzi+keEEPqomzFIbuMG+pVh3zD2kJn2TWZJ8oqCo9+k4DqO/YBOLC/2v1lA20qX8xsdj39Hn0ZT5LtZI+2ozk7dskYYJcW+lkXYKCFxiqf28OEis04P/GjdkXRn52gSXx7R7UgCvYmIYPgk+nPhbrumNRVv0b41NG1DvVipxwIDAQABAoIBAQCVFUrD5iG/elXALxs+KShNDOueBSCe0xFPEW04cRqJosZ1+FozrYv5rSznk02VpkGjuwcbpDVsaEVYpLPVS3JcJPs6yinG2g8Y/uwTzb/ZOjE25lELmbd60OuT/kRz+DAj93jtnLO2iRfFJB/cqwxEjcFSQ2OOvrE0iCG/E7ROV7m3C5OOjKhSypP++04nWajIqW//uMDaFoFquf7x4aoHc9wRD1IyHGha9hIZA7JiY5KlwyQV/AEoz+C+O9Z8FYpqZT76fnzQvLvbk6fYr4q1a0gm/J9HTp4l0bQ9NMKVvt4PGlJmxQhQfIJixARsnKEDtu0uUcgbVXRB6pRtmG6BAoGBAM+hvgN+TX8c4fMmDvGpNB0+PvA2ZC6JJd0oLmpZMMdLRl+0A5j3nHv2nR04FlB1brD9ucInVHZYlgL5ab3/x27iV+H5spIN6cST7WH+Sjqsi43tKGyx9oXosL6RN+4HM7rTWbCxwq0tVunk01IR5FeO8xZss4UDyev6vStBjmzXAoGBAMiueG4ALkIGqTw/sTNl7vwmMcyPbjA6h68I9FkTGI0G5YHy7yWlEhdD/rUYSXVCXlh+3aftbfJ4CP9nWaM6NMREoysCQ3y/kulgJ0imPEFwnqWQMljQV1zRg9gthdixyBI6YZ62MUF6i/XYfUs0KQ9baHuzB4ejMs7U8bGENpyRAoGAHjynt0qFbqV+IjLAqmDBviB6efDx1fUTFonreIFUoTFNJlLI01X76/GWH9MzLLRtUkkg7C1eF33/Gp/HzmuZV4SO19HNN4ffK0l/oG2v0aufByQqZunjxMyGMLplMrzJw8NTpG++sgmQRq+UNrd0UWv36qQZ4J0UotD5C3uYijECgYEAoAnDMLYkLbNyMwH4Jq0bsSokfKXFkeCbZBMYChEYex8M2F0MKlFB5BvtfC4qJsEOzDQgQFMwYzUmt8eLzIgWnI7AMQRVHZ8JYeO0cFNhqi5N1mrwO7Oqd/L92eAz5WOh0ieMwi05iqZYB27mPJsUQ5L59+wGDT0wv5FCTfbKNoECgYEAoMHJZ1a/Bzq1raDHauJLk3JA+DN+5o7xDGVvda9x3rphQ4U7Vehpcg70AVWMyGoVv5N6vJdrAeZzBWP5b6ED+csRyNaLswHycsPzGy8t5Ose1P+ZlzCzDmRtynq0cQQvWl4zJAT2Wacgu2IqOrQOl+n67te3QlWrnq9IrSsWJFU\u003d"
  },
  "consent": {}
}
testName
fapi1-advanced-final-ensure-response-mode-query
2022-11-16 07:18:51 SUCCESS
CreateRedirectUri
Created redirect URI
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
2022-11-16 07:18:51
GetDynamicServerConfiguration
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/sso/.well-known/openid-configuration
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-16 07:18:52 RESPONSE
GetDynamicServerConfiguration
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Wed, 16 Nov 2022 07:18:52 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "2762",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body
{"request_parameter_supported":true,"pushed_authorization_request_endpoint":"https://3a-rplib-test3.cloud-idauth.com/sso/PushedAuthorizationRequestEndpoint/","claims_parameter_supported":true,"scopes_supported":["openid","SCOPE0001","SCOPE0002"],"issuer":"https://3a-rplib-test3.cloud-idauth.com/sso/","id_token_encryption_enc_values_supported":["A128CBC-HS256","A256CBC-HS512"],"userinfo_encryption_enc_values_supported":["A128CBC-HS256","A256CBC-HS512"],"authorization_endpoint":"https://3a-rplib-test3.cloud-idauth.com/sso/AuthorizationEndpoint/","request_object_encryption_enc_values_supported":["none","A128CBC-HS256","A256CBC-HS512"],"authorization_encryption_alg_values_supported":["RSA1_5","A128KW","A256KW"],"display_values_supported":["page","popup","touch","wap"],"userinfo_signing_alg_values_supported":["none","HS256","RS256","ES256","ES512"],"claims_supported":["id_token","acr"],"require_pushed_authorization_requests":false,"claim_types_supported":["normal"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","tls_client_auth","self_signed_tls_client_auth"],"tls_client_certificate_bound_access_tokens":true,"response_modes_supported":["query.jwt","fragment.jwt","form_post.jwt","jwt","query","fragment"],"token_endpoint":"https://3a-rplib-test3.cloud-idauth.com/sso/TokenEndpoint/","response_types_supported":["code","id_token token","id_token","code id_token","code id_token token"],"authorization_encryption_enc_values_supported":["A128CBC-HS256","A256CBC-HS512"],"request_uri_parameter_supported":true,"userinfo_encryption_alg_values_supported":["RSA1_5","A128KW","A256KW"],"grant_types_supported":["authorization_code","refresh_token","password","urn:ietf:params:oauth:grant-type:uma-ticket","client_credentials","urn:ietf:params:oauth:grant-type:device_code","urn:openid:params:grant-type:ciba"],"ui_locales_supported":["en-US","en-GB","en-CA","fr-FR","fr-CA"],"userinfo_endpoint":"https://3a-rplib-test3.cloud-idauth.com/sso/UserInfoEndpoint/","token_endpoint_auth_signing_alg_values_supported":["none","HS256","RS256","ES256"],"require_request_uri_registration":true,"id_token_encryption_alg_values_supported":["RSA1_5","A128KW","A256KW"],"jwks_uri":"https://3a-rplib-test3.cloud-idauth.com/sso/JwksEndpoint/","subject_types_supported":["public","pairwise"],"id_token_signing_alg_values_supported":["none","HS256","RS256","ES256","ES512"],"authorization_signing_alg_values_supported":["none","HS256","RS256","ES256","ES512"],"claims_locales_supported":["en-US","en-GB","en-CA","fr-FR","fr-CA"],"request_object_signing_alg_values_supported":["none","HS256","RS256","ES256","ES512"],"request_object_encryption_alg_values_supported":["none","RSA1_5","A128KW","A256KW"]}
2022-11-16 07:18:52 SUCCESS
GetDynamicServerConfiguration
Successfully parsed server configuration
request_parameter_supported
true
pushed_authorization_request_endpoint
https://3a-rplib-test3.cloud-idauth.com/sso/PushedAuthorizationRequestEndpoint/
claims_parameter_supported
true
scopes_supported
[
  "openid",
  "SCOPE0001",
  "SCOPE0002"
]
issuer
https://3a-rplib-test3.cloud-idauth.com/sso/
id_token_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A256CBC-HS512"
]
userinfo_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A256CBC-HS512"
]
authorization_endpoint
https://3a-rplib-test3.cloud-idauth.com/sso/AuthorizationEndpoint/
request_object_encryption_enc_values_supported
[
  "none",
  "A128CBC-HS256",
  "A256CBC-HS512"
]
authorization_encryption_alg_values_supported
[
  "RSA1_5",
  "A128KW",
  "A256KW"
]
display_values_supported
[
  "page",
  "popup",
  "touch",
  "wap"
]
userinfo_signing_alg_values_supported
[
  "none",
  "HS256",
  "RS256",
  "ES256",
  "ES512"
]
claims_supported
[
  "id_token",
  "acr"
]
require_pushed_authorization_requests
false
claim_types_supported
[
  "normal"
]
token_endpoint_auth_methods_supported
[
  "client_secret_basic",
  "client_secret_post",
  "client_secret_jwt",
  "private_key_jwt",
  "tls_client_auth",
  "self_signed_tls_client_auth"
]
tls_client_certificate_bound_access_tokens
true
response_modes_supported
[
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt",
  "jwt",
  "query",
  "fragment"
]
token_endpoint
https://3a-rplib-test3.cloud-idauth.com/sso/TokenEndpoint/
response_types_supported
[
  "code",
  "id_token token",
  "id_token",
  "code id_token",
  "code id_token token"
]
authorization_encryption_enc_values_supported
[
  "A128CBC-HS256",
  "A256CBC-HS512"
]
request_uri_parameter_supported
true
userinfo_encryption_alg_values_supported
[
  "RSA1_5",
  "A128KW",
  "A256KW"
]
grant_types_supported
[
  "authorization_code",
  "refresh_token",
  "password",
  "urn:ietf:params:oauth:grant-type:uma-ticket",
  "client_credentials",
  "urn:ietf:params:oauth:grant-type:device_code",
  "urn:openid:params:grant-type:ciba"
]
ui_locales_supported
[
  "en-US",
  "en-GB",
  "en-CA",
  "fr-FR",
  "fr-CA"
]
userinfo_endpoint
https://3a-rplib-test3.cloud-idauth.com/sso/UserInfoEndpoint/
token_endpoint_auth_signing_alg_values_supported
[
  "none",
  "HS256",
  "RS256",
  "ES256"
]
require_request_uri_registration
true
id_token_encryption_alg_values_supported
[
  "RSA1_5",
  "A128KW",
  "A256KW"
]
jwks_uri
https://3a-rplib-test3.cloud-idauth.com/sso/JwksEndpoint/
subject_types_supported
[
  "public",
  "pairwise"
]
id_token_signing_alg_values_supported
[
  "none",
  "HS256",
  "RS256",
  "ES256",
  "ES512"
]
authorization_signing_alg_values_supported
[
  "none",
  "HS256",
  "RS256",
  "ES256",
  "ES512"
]
claims_locales_supported
[
  "en-US",
  "en-GB",
  "en-CA",
  "fr-FR",
  "fr-CA"
]
request_object_signing_alg_values_supported
[
  "none",
  "HS256",
  "RS256",
  "ES256",
  "ES512"
]
request_object_encryption_alg_values_supported
[
  "none",
  "RSA1_5",
  "A128KW",
  "A256KW"
]
2022-11-16 07:18:52 SUCCESS
AddMTLSEndpointAliasesToEnvironment
Added mtls_endpoint_aliases to environment
2022-11-16 07:18:52 SUCCESS
CheckServerConfiguration
Found required server configuration keys
required
[
  "authorization_endpoint",
  "token_endpoint",
  "issuer"
]
2022-11-16 07:18:52
FetchServerKeys
Fetching server key
jwks_uri
https://3a-rplib-test3.cloud-idauth.com/sso/JwksEndpoint/
2022-11-16 07:18:52
FetchServerKeys
HTTP request
request_uri
https://3a-rplib-test3.cloud-idauth.com/sso/JwksEndpoint/
request_method
GET
request_headers
{
  "accept": "text/plain, application/json, application/*+json, */*",
  "content-length": "0"
}
request_body

                                
2022-11-16 07:18:53 RESPONSE
FetchServerKeys
HTTP response
response_status_code
200 OK
response_status_text
200
response_headers
{
  "date": "Wed, 16 Nov 2022 07:18:52 GMT",
  "server": "Apache/2.4.27 (Unix) OpenSSL/1.1.0g-dev",
  "set-cookie": "JSESSIONID\u003dA8B9F73F696F85B5BAFC63BA0669161A; Path\u003d/sso; Secure; HttpOnly",
  "cache-control": "no-store",
  "pragma": "no-cache",
  "content-type": "application/json;charset\u003dUTF-8",
  "content-length": "232",
  "keep-alive": "timeout\u003d5, max\u003d100",
  "connection": "Keep-Alive"
}
response_body

{"keys":
  [
    {
      "kty":"EC",
      "crv":"P-256",
      "x":"ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y":"AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid":"kid2019040100001"
    }
  ]
}
2022-11-16 07:18:53
FetchServerKeys
Found JWK set string
jwk_string

{"keys":
  [
    {
      "kty":"EC",
      "crv":"P-256",
      "x":"ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y":"AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid":"kid2019040100001"
    }
  ]
}
2022-11-16 07:18:53 SUCCESS
FetchServerKeys
Found server JWK set
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid": "kid2019040100001"
    }
  ]
}
2022-11-16 07:18:53 SUCCESS
CheckServerKeysIsValid
Server JWKs is valid
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid": "kid2019040100001"
    }
  ]
}
2022-11-16 07:18:53 SUCCESS
ValidateServerJWKs
Valid server JWKs: keys are valid JSON, contain the required fields and are correctly encoded using unpadded base64url
2022-11-16 07:18:53 SUCCESS
CheckForKeyIdInServerJWKs
All keys contain kids
2022-11-16 07:18:53 SUCCESS
EnsureServerJwksDoesNotContainPrivateOrSymmetricKeys
Jwks does not contain any private or symmetric keys
2022-11-16 07:18:53 SUCCESS
FAPIEnsureMinimumServerKeyLength
Validated minimum key lengths for server_jwks
server_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "kid": "kid2019040100001"
    }
  ]
}
2022-11-16 07:18:53 SUCCESS
GetStaticClientConfiguration
Found a static client object
client_id
OIDFCERT0001
scope
openid SCOPE0002 offline_access
client_secret
confidencial_client_es256_0003
client_secret_jwt_alg
HS256
jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
      "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
      "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
      "kid": "kid2019040100008"
    }
  ]
}
2022-11-16 07:18:53
ValidateMTLSCertificatesHeader
No certificate authority found for MTLS
2022-11-16 07:18:53 SUCCESS
ValidateMTLSCertificatesHeader
MTLS certificates header is valid
2022-11-16 07:18:53
ExtractMTLSCertificatesFromConfiguration
No certificate authority found for MTLS
2022-11-16 07:18:53 SUCCESS
ExtractMTLSCertificatesFromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIHBTCCBe2gAwIBAgIMPsmQ1/JsLI/5U0YAMA0GCSqGSIb3DQEBCwUAMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTgwODAyMDYzNjM0WhcNMjAxMTA0MDQxMjE4WjBAMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAMMEiouY2xvdWQtaWRhdXRoLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIIDQpNUelHl4gyWYyRto5E/HDIRSO4YPnn2yg4TFUSUMsl+9uNhy79QACB4g2TzIXWk5N0Kj4pkb9Wl7K2BrwFCJAfDCAUK3nRLbiRS1JwnXxDirL97DYz+rEKihq8rDrqOl266440CnTv/PT9mVizQrYH4/aVBWpDCqV/U1tO50LsJCe3qy63mny/9s4DH/2CQyeO9BNbxuU6To7ozRKNDu7wzq/IdPEKndldJ+ieQnweh0gQl7oQznVNnXHFRrmjWg16ysQtH6ZQiJQMhTJEYv0nqts80BU/mHWa5USNqGlnF/Ifua/NF8r24u+kEniycq1L8ozshkxZ5PXObbisCAwEAAaOCA90wggPZMA4GA1UdDwEB/wQEAwIFoDCBlAYIKwYBBQUHAQEEgYcwgYQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzZG9tYWludmFsc2hhMmcycjEuY3J0MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nkb21haW52YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyAQowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIBMAkGA1UdEwQCMAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFpbnZhbHNoYTJnMi5jcmwwLwYDVR0RBCgwJoISKi5jbG91ZC1pZGF1dGguY29tghBjbG91ZC1pZGF1dGguY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0Si3Yq0ZVkRke4XquYS1uuTWg6YwHwYDVR0jBBgwFoAU6k581IAt5RWBhiaMgm3AmKTPlw8wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABZPlaNB0AAAQDAEgwRgIhAMUV+XA5KE3vILTJ/hYwDmMG1zpwTb5f6P0TnAF+LyR3AiEAxD0g3uULAmdFAOhimbXA5b+ull8Z7EiH6LbnAULafM0AdQCHdb/nWXz4jEOZX73zbv9WjUdWNv9KtWDBtOr/XqCDDwAAAWT5WjXzAAAEAwBGMEQCIBd9qPtsfXTxPzl17/l7s6v2vYMNXbarOKiRRTNOIlmjAiAaZhx3vwVi6ZpSRRQPfWEzHzOxKLAfJ1aG7q3WU7hyEQB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABZPlaN4AAAAQDAEcwRQIhAJlfgyxAMgtS6d9ZEjbxHadcopkoTWJWs3rGoUpnimCWAiAwMfj4L0ljYn4Yas8+OPMFrwyhAvyGrG3ywgwMyVI0tAB2AG9Tdqwx8DEZ2JkApFEV/3cVHBHZAsEAKQaNsgiaN9kTAAABZPlaNE0AAAQDAEcwRQIgVaNsW0XzqwTeU+CpnuKD4qaTPv0jKXpJ3UTLlTa/YWACIQC4w/9dAaYCk9ilUIR34ObsMX+TJG+hYjD6/120seNUbTANBgkqhkiG9w0BAQsFAAOCAQEAD6egOG/AQeKSEsVDYMXf3wDztz2c6+Th9X10nbnuQZK8ofOJSAI3EDDUTc9GEDKfwTx16BIm7NbpLrurykkPbhomg2ZFQP7TmVwNDt6adovHVul7yyjtLeaBG/YiREoH8wCf43t90G/5YDREbe5dxIzLGeBuDY59E4aN1One1kAhk904MonyRQ8z+aRv+ZNBWajDaTJ7ef1ZS3t0Kpa/FCLFDXYEJhzTIO3BsEFLx1hDTrGKEZKoBUWBynKtfjdonZoqL7zHzB+WFi9Q0ba+sapNqqAINUT4DjVMjn5L6yGUWXV8IeLwyDOODPHeCVJI0hBfFkjbPePne3X2a2Kodg==
key
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCCA0KTVHpR5eIMlmMkbaORPxwyEUjuGD559soOExVElDLJfvbjYcu/UAAgeINk8yF1pOTdCo+KZG/Vpeytga8BQiQHwwgFCt50S24kUtScJ18Q4qy/ew2M/qxCooavKw66jpduuuONAp07/z0/ZlYs0K2B+P2lQVqQwqlf1NbTudC7CQnt6sut5p8v/bOAx/9gkMnjvQTW8blOk6O6M0SjQ7u8M6vyHTxCp3ZXSfonkJ8HodIEJe6EM51TZ1xxUa5o1oNesrELR+mUIiUDIUyRGL9J6rbPNAVP5h1muVEjahpZxfyH7mvzRfK9uLvpBJ4snKtS/KM7IZMWeT1zm24rAgMBAAECggEAaOdYgKhZSlvC2YU+2dXddQUHKx7nSbYmMyL+Rfz/3CX4FL1tWGtAi01xzMFww7Op+9LhF7m9uFzyH+GR5y4Ml2dWyyyC/A6ZEB0M8iIjixv5iRZdbONNO8cCF4IsSorjh4QmjCIgGVdSp2Z7dPyN6/s1BPpzLzRcbxGiuMBz1sGgakJANcyD4/frMBppbbmPDVpUTQ3LEZ3YRVIfqJQatiCNUlYlOERY4xlnZuCCpHzmjRYuccWH2Q9OSEGgW6JU+ujFx22rfeeYK3r4TayQPJ9wtBVmK3C03ccnPyjx2yUWIczjrp+SI6K16F1pSDhkm4ylbGhCngiyr8AU4dzhgQKBgQDFSDeZmhvW7PNgJAMa1lgfKikp2gb/A/YEXZFHKawjQRUR1+tP0mrxAWYvuPfUu+42kr3izXMbPiS0aNX6HPZeJcsnhWf2D9NPt2vqFWrXNcSm3dy3Is20rxsKWQXp2L8nP3GRbAFvu2aTEhX7a4vnZE7/BWIAiO/t/cXP6HUs/wKBgQCotX80ab64aUmd0SkuHv9YKYBTjP4stgxP/3GRVuFuU+AaqDxRNbnNRYEM/O/OLZeqU0oL1bONpThQhN2Pu8ApUEz2dGyknkIRmRNRHgXw28GOm0ZWu4xYdW+SXVO8yTOAqdh1WvYLTp8xJEzD3vvJ+Rib/jhsSjCibAhgmT0C1QKBgDgrBoF6CgEYN3ag6i1i53YAB/Y9eA51Lz8w8KLlL3heGESbSAjS7NWvQ0vFCvKLixgIkX2YZvRTrhmbW4i5ZD+L3RpkdiPtf4lLvLLJ5EBfs5yawDN3+j8+N6GrlO5uYoYnHwt7R7FrFpo65P1PMmbv/TnIa42hb0ZAIWi/U1U7AoGASilmnpqxbQ1TgB121cBojM/JinDbNrpcFTp8KOChPkd+pxk3UpekcpjQDu6NV/vwxL3SOfuZ73UmmTae0tU8tqyG+HvbWk37SxMYS7s/704a+t5FAFF3c1dEUXnXGpDzo+aFsajnqbbJAegsGppF4tYuPDx3fxrp4CxPTm9uQ3UCgYEAscF3RcCOsOzIGEUbCfh+A3BLbFQso5XdmYWY5QGgxv1wkSe0H1lUDk0NCmEPVUd8YXJH6u5bTWwl4hcv3gD/X/c1PVXELuvRf1hCl+VO51KpFShJnaphVS9pKs8AL+3RioA7GZF2rwQklyTZGEfHpPylmNcfY4XXW8WwkngGCFg=
2022-11-16 07:18:53 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2022-11-16 07:18:53 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
      "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
      "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
      "kid": "kid2019040100008"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "kid": "kid2019040100008",
      "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
      "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
      "alg": "ES256"
    }
  ]
}
2022-11-16 07:18:53 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2022-11-16 07:18:53 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-16 07:18:53 SUCCESS
FAPICheckKeyAlgInClientJWKs
Keys in client JWKS all have permitted 'alg'
permitted
[
  "PS256",
  "ES256"
]
2022-11-16 07:18:53 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
      "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
      "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
      "kid": "kid2019040100008"
    }
  ]
}
2022-11-16 07:18:53 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
Verify configuration of second client
2022-11-16 07:18:53 SUCCESS
GetStaticClient2Configuration
Found a static second client object
client_id
OIDFCERT0002
scope
openid SCOPE0002 offline_access
client_secret
confidencial_client_es256_0004
client_secret_jwt_alg
HS256
jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
      "kid": "kid2019040100009"
    }
  ]
}
2022-11-16 07:18:53
ValidateMTLSCertificates2Header
No certificate authority found for MTLS
2022-11-16 07:18:53 SUCCESS
ValidateMTLSCertificates2Header
MTLS certificates header is valid
2022-11-16 07:18:53
ExtractMTLSCertificates2FromConfiguration
No certificate authority found for MTLS
2022-11-16 07:18:53 SUCCESS
ExtractMTLSCertificates2FromConfiguration
Mutual TLS authentication credentials loaded
cert
MIIDTjCCAjYCCQCjUTxEpwknBTANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xEDAOBgNVBAcMB1RhbWFjaGkxDDAKBgNVBAoMA05FQzEMMAoGA1UECwwDTkVDMRwwGgYDVQQDDBN3d3cuM2FzZWN1cmVrZXkuY29tMB4XDTE4MDQyNzAyMDAwOFoXDTI4MDQyNDAyMDAwOFowaTELMAkGA1UEBhMCSlAxDjAMBgNVBAgMBVRva3lvMRAwDgYDVQQHDAdUYW1hY2hpMQwwCgYDVQQKDANORUMxDDAKBgNVBAsMA05FQzEcMBoGA1UEAwwTd3d3LjNhc2VjdXJla2V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLD3g7pwzFMzbRh5cCGuR0KBCzD5Xk3w/Zj+3hpBq5/xSaQjmOfLF3LLiFD7sZXRPFVFXii4Y2GuFccSQ3MI9sMS/HDDTmOLPIWta/U9ZtcwjNyclXrX0IR8Fxuk5E9lRf//JwlMZHAxfESvBe5WMnzGDTVdp5Hv6sWZAdkgdwQTMFM4vpHhBD6qJsxSG7jBvqVYd8w9pCZ9k1mSfKKgqPfpOA6jv2ATiwv9r9ZQNtKl/MbHY9/R59GU+S7WSPtqM5O3bJGGCXFvpZF2CghcYqn9vDhIrNOD/xo3ZF0Z+doEl8e0e1IAr2JiGD4JPpz4W67pjUVb9G+NTRtQ71YqccCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAETj+cEVPthSghrIJamsmddV+GFHYjOfvQw0r8LZYkqJZlK1FOeWwBM+kDzpxOErtPiyjvv2eBPGm9LcLZpDbMLg77Lv3HjaWy+yISRQ/wGUb9tlJ8AUeEd2uoPUzDQf5VpTBEq/M9E7CB3g2hZvwRYvq6PfsDexCwq9OWogK3WpEozIMVyOL3jYpkSJzDqPuN3nFiNc5eMJ7lo+b/K1rUEqwuN21TjwAn1DXfW0dD1a/ig004xecHU1wsIMP2ARQ/qOD7P0emE/umlwLQ0kw3HB2ideAJzU4OstiqUH41LKwIIzUu6rz6/S9PMcmVfqv9PfhITQSs8vCqC8uaWLtGg==
key
MIIEpQIBAAKCAQEAosPeDunDMUzNtGHlwIa5HQoELMPleTfD9mP7eGkGrn/FJpCOY58sXcsuIUPuxldE8VUVeKLhjYa4VxxJDcwj2wxL8cMNOY4s8ha1r9T1m1zCM3JyVetfQhHwXG6TkT2VF//8nCUxkcDF8RK8F7lYyfMYNNV2nke/qxZkB2SB3BBMwUzi+keEEPqomzFIbuMG+pVh3zD2kJn2TWZJ8oqCo9+k4DqO/YBOLC/2v1lA20qX8xsdj39Hn0ZT5LtZI+2ozk7dskYYJcW+lkXYKCFxiqf28OEis04P/GjdkXRn52gSXx7R7UgCvYmIYPgk+nPhbrumNRVv0b41NG1DvVipxwIDAQABAoIBAQCVFUrD5iG/elXALxs+KShNDOueBSCe0xFPEW04cRqJosZ1+FozrYv5rSznk02VpkGjuwcbpDVsaEVYpLPVS3JcJPs6yinG2g8Y/uwTzb/ZOjE25lELmbd60OuT/kRz+DAj93jtnLO2iRfFJB/cqwxEjcFSQ2OOvrE0iCG/E7ROV7m3C5OOjKhSypP++04nWajIqW//uMDaFoFquf7x4aoHc9wRD1IyHGha9hIZA7JiY5KlwyQV/AEoz+C+O9Z8FYpqZT76fnzQvLvbk6fYr4q1a0gm/J9HTp4l0bQ9NMKVvt4PGlJmxQhQfIJixARsnKEDtu0uUcgbVXRB6pRtmG6BAoGBAM+hvgN+TX8c4fMmDvGpNB0+PvA2ZC6JJd0oLmpZMMdLRl+0A5j3nHv2nR04FlB1brD9ucInVHZYlgL5ab3/x27iV+H5spIN6cST7WH+Sjqsi43tKGyx9oXosL6RN+4HM7rTWbCxwq0tVunk01IR5FeO8xZss4UDyev6vStBjmzXAoGBAMiueG4ALkIGqTw/sTNl7vwmMcyPbjA6h68I9FkTGI0G5YHy7yWlEhdD/rUYSXVCXlh+3aftbfJ4CP9nWaM6NMREoysCQ3y/kulgJ0imPEFwnqWQMljQV1zRg9gthdixyBI6YZ62MUF6i/XYfUs0KQ9baHuzB4ejMs7U8bGENpyRAoGAHjynt0qFbqV+IjLAqmDBviB6efDx1fUTFonreIFUoTFNJlLI01X76/GWH9MzLLRtUkkg7C1eF33/Gp/HzmuZV4SO19HNN4ffK0l/oG2v0aufByQqZunjxMyGMLplMrzJw8NTpG++sgmQRq+UNrd0UWv36qQZ4J0UotD5C3uYijECgYEAoAnDMLYkLbNyMwH4Jq0bsSokfKXFkeCbZBMYChEYex8M2F0MKlFB5BvtfC4qJsEOzDQgQFMwYzUmt8eLzIgWnI7AMQRVHZ8JYeO0cFNhqi5N1mrwO7Oqd/L92eAz5WOh0ieMwi05iqZYB27mPJsUQ5L59+wGDT0wv5FCTfbKNoECgYEAoMHJZ1a/Bzq1raDHauJLk3JA+DN+5o7xDGVvda9x3rphQ4U7Vehpcg70AVWMyGoVv5N6vJdrAeZzBWP5b6ED+csRyNaLswHycsPzGy8t5Ose1P+ZlzCzDmRtynq0cQQvWl4zJAT2Wacgu2IqOrQOl+n67te3QlWrnq9IrSsWJFU=
2022-11-16 07:18:53 SUCCESS
ValidateClientJWKsPrivatePart
Valid client JWKs: keys are valid JSON, contain the required fields, the private/public exponents match and are correctly encoded using unpadded base64url
2022-11-16 07:18:53 SUCCESS
ExtractJWKsFromStaticClientConfiguration
Extracted client JWK
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
      "kid": "kid2019040100009"
    }
  ]
}
public_client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "kid": "kid2019040100009",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "alg": "ES256"
    }
  ]
}
2022-11-16 07:18:53 SUCCESS
CheckForKeyIdInClientJWKs
All keys contain kids
2022-11-16 07:18:53 SUCCESS
CheckDistinctKeyIdValueInClientJWKs
Distinct 'kid' value in all keys of client_jwks
see
https://bitbucket.org/openid/connect/issues/1127
2022-11-16 07:18:53 SUCCESS
FAPICheckKeyAlgInClientJWKs
Keys in client JWKS all have permitted 'alg'
permitted
[
  "PS256",
  "ES256"
]
2022-11-16 07:18:53 SUCCESS
FAPIEnsureMinimumClientKeyLength
Validated minimum key lengths for client_jwks
client_jwks
{
  "keys": [
    {
      "kty": "EC",
      "alg": "ES256",
      "crv": "P-256",
      "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
      "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
      "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
      "kid": "kid2019040100009"
    }
  ]
}
2022-11-16 07:18:53 SUCCESS
ValidateMTLSCertificatesAsX509
Mutual TLS authentication cert validated as X.509
2022-11-16 07:18:53 SUCCESS
ValidateClientPrivateKeysAreDifferent
Client signing JWKs have different thumbprints
jwk1
{
  "kty": "EC",
  "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
  "crv": "P-256",
  "kid": "kid2019040100008",
  "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
  "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
  "alg": "ES256"
}
jwk2
{
  "kty": "EC",
  "d": "HpYL8OKVwC01B02FpXQi23lTrE8oT3V7-eOdSgX9v8c",
  "crv": "P-256",
  "kid": "kid2019040100009",
  "x": "ANonMLNTYTO8jPBnw4EHqKF2DRFkmAAnA5Hiv1_0pYg1",
  "y": "AKLfnzY4VFB_ZyjgBW8GxhLtA6ZPVgMHq7S_Z70Uabi9",
  "alg": "ES256"
}
2022-11-16 07:18:53 SUCCESS
GetResourceEndpointConfiguration
Found a resource endpoint object
resourceUrl
https://3a-rplib-test3.cloud-idauth.com/sso/accounts
2022-11-16 07:18:53 SUCCESS
SetProtectedResourceUrlToSingleResourceEndpoint
Set protected resource URL
protected_resource_url
https://3a-rplib-test3.cloud-idauth.com/sso/accounts
2022-11-16 07:18:53 SUCCESS
ExtractTLSTestValuesFromResourceConfiguration
Extracted TLS information from resource endpoint
resource_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
2022-11-16 07:18:53 SUCCESS
ExtractTLSTestValuesFromOBResourceConfiguration
Extracted TLS information from resource endpoint
accounts_resource_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
accounts_request_endpoint
{
  "testHost": "3a-rplib-test3.cloud-idauth.com",
  "testPort": 443
}
2022-11-16 07:18:53
fapi1-advanced-final-ensure-response-mode-query
Setup Done
Make request to authorization endpoint
2022-11-16 07:18:53 SUCCESS
CreateAuthorizationEndpointRequestFromClientInformation
Created authorization endpoint request
client_id
OIDFCERT0001
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
2022-11-16 07:18:53 SUCCESS
AddAcrClaimToAuthorizationEndpointRequest
Added acr claim to authorization_endpoint_request
authorization_endpoint_request
{
  "client_id": "OIDFCERT0001",
  "redirect_uri": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback",
  "scope": "openid SCOPE0002 offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  }
}
2022-11-16 07:18:53
CreateRandomStateValue
Created state value
requested_state_length
10
state
yA5k2SLVBX
2022-11-16 07:18:53 SUCCESS
AddStateToAuthorizationEndpointRequest
Added state parameter to request
client_id
OIDFCERT0001
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
yA5k2SLVBX
2022-11-16 07:18:53
CreateRandomNonceValue
Created nonce value
requested_nonce_length
10
nonce
r8QrSU0BJI
2022-11-16 07:18:53 SUCCESS
AddNonceToAuthorizationEndpointRequest
Added nonce parameter to request
client_id
OIDFCERT0001
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
yA5k2SLVBX
nonce
r8QrSU0BJI
2022-11-16 07:18:53 SUCCESS
SetAuthorizationEndpointRequestResponseTypeToCode
Added response_type parameter to request
client_id
OIDFCERT0001
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
yA5k2SLVBX
nonce
r8QrSU0BJI
response_type
code
2022-11-16 07:18:53 SUCCESS
SetAuthorizationEndpointRequestResponseModeToJWT
Added response_mode parameter to request
client_id
OIDFCERT0001
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
yA5k2SLVBX
nonce
r8QrSU0BJI
response_type
code
response_mode
jwt
2022-11-16 07:18:53 SUCCESS
SetAuthorizationEndpointRequestResponseModeToQuery
Added response_mode parameter to request
client_id
OIDFCERT0001
redirect_uri
https://www.certification.openid.net/test/a/NC7000-3A-OC/callback
scope
openid SCOPE0002 offline_access
claims
{
  "id_token": {
    "acr": {
      "value": "urn:mace:incommon:iap:silver",
      "essential": true
    }
  }
}
state
yA5k2SLVBX
nonce
r8QrSU0BJI
response_type
code
response_mode
query
2022-11-16 07:18:53 SUCCESS
ConvertAuthorizationEndpointRequestToRequestObject
Created request object claims
request_object_claims
{
  "client_id": "OIDFCERT0001",
  "redirect_uri": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback",
  "scope": "openid SCOPE0002 offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "state": "yA5k2SLVBX",
  "nonce": "r8QrSU0BJI",
  "response_type": "code",
  "response_mode": "query"
}
2022-11-16 07:18:53 SUCCESS
AddNbfToRequestObject
Added nbf to request object claims
nbf
1.668583133E9
2022-11-16 07:18:53 SUCCESS
AddExpToRequestObject
Added exp to request object claims
exp
1.668583433E9
2022-11-16 07:18:53 SUCCESS
AddAudToRequestObject
Added aud to request object claims
aud
https://3a-rplib-test3.cloud-idauth.com/sso/
2022-11-16 07:18:53 SUCCESS
AddIssToRequestObject
Added iss to request object claims
iss
OIDFCERT0001
2022-11-16 07:18:53 SUCCESS
AddClientIdToRequestObject
Added client_id to request object claims
client_id
OIDFCERT0001
2022-11-16 07:18:53 SUCCESS
SignRequestObject
Signed the request object
claims
{
  "aud": "https://3a-rplib-test3.cloud-idauth.com/sso/",
  "nbf": 1668583133,
  "scope": "openid SCOPE0002 offline_access",
  "claims": {
    "id_token": {
      "acr": {
        "value": "urn:mace:incommon:iap:silver",
        "essential": true
      }
    }
  },
  "iss": "OIDFCERT0001",
  "response_type": "code",
  "redirect_uri": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback",
  "state": "yA5k2SLVBX",
  "exp": 1668583433,
  "nonce": "r8QrSU0BJI",
  "client_id": "OIDFCERT0001",
  "response_mode": "query"
}
header
{
  "kid": "kid2019040100008",
  "alg": "ES256"
}
request_object
eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJpc3MiOiJPSURGQ0VSVDAwMDEiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsIm5vbmNlIjoicjhRclNVMEJKSSIsImNsaWVudF9pZCI6Ik9JREZDRVJUMDAwMSIsInJlc3BvbnNlX21vZGUiOiJxdWVyeSIsImF1ZCI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9zc29cLyIsIm5iZiI6MTY2ODU4MzEzMywic2NvcGUiOiJvcGVuaWQgU0NPUEUwMDAyIG9mZmxpbmVfYWNjZXNzIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrIiwic3RhdGUiOiJ5QTVrMlNMVkJYIiwiZXhwIjoxNjY4NTgzNDMzfQ.oQhdiwOOH3gKGvmFyWuCD-B9ida0qEvAaywEI3pRm0-SA-arlgkG12CG8E-fgxZGKV-Dtv4XZGm2RcltxtOq4A
key
{
  "kty": "EC",
  "d": "dmvti8HQQId6Z3S8xjGvjvWawEfQhVP3OkUfloQP1Ng",
  "crv": "P-256",
  "kid": "kid2019040100008",
  "x": "ANEu_EHg_NrZKPNXVbnw89IQC0hzPkAEuV4osYzM8tKm",
  "y": "AKe9Ioa4y1ly1aOAmJafI89dHzapU4WYHHReIFXjPJxd",
  "alg": "ES256"
}
2022-11-16 07:18:53 SUCCESS
BuildRequestObjectByValueRedirectToAuthorizationEndpoint
Sending to authorization endpoint
redirect_to_authorization_endpoint
https://3a-rplib-test3.cloud-idauth.com/sso/AuthorizationEndpoint/?request=eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJpc3MiOiJPSURGQ0VSVDAwMDEiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsIm5vbmNlIjoicjhRclNVMEJKSSIsImNsaWVudF9pZCI6Ik9JREZDRVJUMDAwMSIsInJlc3BvbnNlX21vZGUiOiJxdWVyeSIsImF1ZCI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9zc29cLyIsIm5iZiI6MTY2ODU4MzEzMywic2NvcGUiOiJvcGVuaWQgU0NPUEUwMDAyIG9mZmxpbmVfYWNjZXNzIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrIiwic3RhdGUiOiJ5QTVrMlNMVkJYIiwiZXhwIjoxNjY4NTgzNDMzfQ.oQhdiwOOH3gKGvmFyWuCD-B9ida0qEvAaywEI3pRm0-SA-arlgkG12CG8E-fgxZGKV-Dtv4XZGm2RcltxtOq4A&client_id=OIDFCERT0001&redirect_uri=https://www.certification.openid.net/test/a/NC7000-3A-OC/callback&scope=openid%20SCOPE0002%20offline_access&response_type=code
2022-11-16 07:18:53 REDIRECT
fapi1-advanced-final-ensure-response-mode-query
Redirecting to authorization endpoint
redirect_to
https://3a-rplib-test3.cloud-idauth.com/sso/AuthorizationEndpoint/?request=eyJraWQiOiJraWQyMDE5MDQwMTAwMDA4IiwiYWxnIjoiRVMyNTYifQ.eyJpc3MiOiJPSURGQ0VSVDAwMDEiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsIm5vbmNlIjoicjhRclNVMEJKSSIsImNsaWVudF9pZCI6Ik9JREZDRVJUMDAwMSIsInJlc3BvbnNlX21vZGUiOiJxdWVyeSIsImF1ZCI6Imh0dHBzOlwvXC8zYS1ycGxpYi10ZXN0My5jbG91ZC1pZGF1dGguY29tXC9zc29cLyIsIm5iZiI6MTY2ODU4MzEzMywic2NvcGUiOiJvcGVuaWQgU0NPUEUwMDAyIG9mZmxpbmVfYWNjZXNzIiwiY2xhaW1zIjp7ImlkX3Rva2VuIjp7ImFjciI6eyJ2YWx1ZSI6InVybjptYWNlOmluY29tbW9uOmlhcDpzaWx2ZXIiLCJlc3NlbnRpYWwiOnRydWV9fX0sInJlZGlyZWN0X3VyaSI6Imh0dHBzOlwvXC93d3cuY2VydGlmaWNhdGlvbi5vcGVuaWQubmV0XC90ZXN0XC9hXC9OQzcwMDAtM0EtT0NcL2NhbGxiYWNrIiwic3RhdGUiOiJ5QTVrMlNMVkJYIiwiZXhwIjoxNjY4NTgzNDMzfQ.oQhdiwOOH3gKGvmFyWuCD-B9ida0qEvAaywEI3pRm0-SA-arlgkG12CG8E-fgxZGKV-Dtv4XZGm2RcltxtOq4A&client_id=OIDFCERT0001&redirect_uri=https://www.certification.openid.net/test/a/NC7000-3A-OC/callback&scope=openid%20SCOPE0002%20offline_access&response_type=code
2022-11-16 07:18:53 REVIEW
ExpectResponseModeQueryErrorPage
If the server does not return an error back to the client, It must show an error page that the response_mode=query is not allowed by FAPI - upload a screenshot of the error page.
image_no_longer_required
true
2022-11-16 07:19:02 INCOMING
fapi1-advanced-final-ensure-response-mode-query
Incoming HTTP request to /test/a/NC7000-3A-OC/callback
incoming_headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://www.certification.openid.net/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "JSESSIONID\u003dC1311EBCD3E1333B1BCF322786F79A1C",
  "connection": "close"
}
incoming_path
/test/a/NC7000-3A-OC/callback
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "error_description": "リクエストパラメータ解析JWTレスポンスタイプ不正エラー",
  "state": "yA5k2SLVBX",
  "error": "invalid_request",
  "error_uri": "error_uri"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
2022-11-16 07:19:02 SUCCESS
CreateRandomImplicitSubmitUrl
Created random implicit submission URL
implicit_submit
{
  "path": "implicit/1ZwKT6uDOviaKMZXFPRr",
  "fullUrl": "https://www.certification.openid.net/test/a/NC7000-3A-OC/implicit/1ZwKT6uDOviaKMZXFPRr"
}
2022-11-16 07:19:02 OUTGOING
fapi1-advanced-final-ensure-response-mode-query
Response to HTTP request to test instance VrNHq7cCcZEYRFp
outgoing
ModelAndView [view="implicitCallback"; model={implicitSubmitUrl=https://www.certification.openid.net/test/a/NC7000-3A-OC/implicit/1ZwKT6uDOviaKMZXFPRr, returnUrl=/log-detail.html?log=VrNHq7cCcZEYRFp}]
outgoing_path
callback
2022-11-16 07:19:03 INCOMING
fapi1-advanced-final-ensure-response-mode-query
Incoming HTTP request to /test/a/NC7000-3A-OC/implicit/1ZwKT6uDOviaKMZXFPRr
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "accept": "*/*",
  "content-type": "text/plain",
  "x-requested-with": "XMLHttpRequest",
  "sec-ch-ua-mobile": "?0",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "sec-ch-ua-platform": "\"Windows\"",
  "origin": "https://www.certification.openid.net",
  "sec-fetch-site": "same-origin",
  "sec-fetch-mode": "cors",
  "sec-fetch-dest": "empty",
  "referer": "https://www.certification.openid.net/test/a/NC7000-3A-OC/callback?error_description\u003d%E3%83%AA%E3%82%AF%E3%82%A8%E3%82%B9%E3%83%88%E3%83%91%E3%83%A9%E3%83%A1%E3%83%BC%E3%82%BF%E8%A7%A3%E6%9E%90JWT%E3%83%AC%E3%82%B9%E3%83%9D%E3%83%B3%E3%82%B9%E3%82%BF%E3%82%A4%E3%83%97%E4%B8%8D%E6%AD%A3%E3%82%A8%E3%83%A9%E3%83%BC\u0026state\u003dyA5k2SLVBX\u0026error\u003dinvalid_request\u0026error_uri\u003derror_uri",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "JSESSIONID\u003dC1311EBCD3E1333B1BCF322786F79A1C",
  "connection": "close",
  "content-length": "0"
}
incoming_path
/test/a/NC7000-3A-OC/implicit/1ZwKT6uDOviaKMZXFPRr
incoming_body_form_params
incoming_method
POST
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_tls_cipher
ECDHE-RSA-AES256-GCM-SHA384
incoming_body_json
2022-11-16 07:19:03 OUTGOING
fapi1-advanced-final-ensure-response-mode-query
Response to HTTP request to test instance VrNHq7cCcZEYRFp
outgoing_status_code
204
outgoing_headers
{}
outgoing_body

                                
outgoing_path
implicit/1ZwKT6uDOviaKMZXFPRr
2022-11-16 07:19:03 SUCCESS
ExtractImplicitHashToCallbackResponse
implicit_hash is empty
2022-11-16 07:19:03 REDIRECT-IN
fapi1-advanced-final-ensure-response-mode-query
Authorization endpoint response captured
url_query
{
  "error_description": "リクエストパラメータ解析JWTレスポンスタイプ不正エラー",
  "state": "yA5k2SLVBX",
  "error": "invalid_request",
  "error_uri": "error_uri"
}
headers
{
  "host": "www.certification.openid.net",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.9",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"107\", \"Chromium\";v\u003d\"107\", \"Not\u003dA?Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "referer": "https://www.certification.openid.net/",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "ja,en-US;q\u003d0.9,en;q\u003d0.8",
  "cookie": "JSESSIONID\u003dC1311EBCD3E1333B1BCF322786F79A1C",
  "connection": "close",
  "x-ssl-cipher": "ECDHE-RSA-AES256-GCM-SHA384",
  "x-ssl-protocol": "TLSv1.2",
  "x-forwarded-proto": "https",
  "x-forwarded-port": "443",
  "x-forwarded-host": "www.certification.openid.net",
  "x-forwarded-server": "www.certification.openid.net"
}
http_method
GET
url_fragment
{}
post_body
2022-11-16 07:19:03 SUCCESS
RejectAuthCodeInUrlQuery
Authorization code is not present in URL query returned from authorization endpoint
2022-11-16 07:19:03 SUCCESS
CheckAuthorizationResponseWhenResponseModeQuery
Server has chosen to return 'error' in URL query
error
invalid_request
2022-11-16 07:19:03 SUCCESS
CheckStateInAuthorizationResponse
State in response correctly returned
state
yA5k2SLVBX
2022-11-16 07:19:03 SUCCESS
EnsureErrorFromAuthorizationEndpointResponse
Authorization endpoint returned an error
error_description
リクエストパラメータ解析JWTレスポンスタイプ不正エラー
state
yA5k2SLVBX
error
invalid_request
error_uri
error_uri
2022-11-16 07:19:03 SUCCESS
CheckForUnexpectedParametersInErrorResponseFromAuthorizationEndpoint
error response includes only expected parameters
error_description
リクエストパラメータ解析JWTレスポンスタイプ不正エラー
state
yA5k2SLVBX
error
invalid_request
error_uri
error_uri
2022-11-16 07:19:03 SUCCESS
EnsureInvalidRequestError
Authorization endpoint returned expected 'error' of 'invalid_request'
error
invalid_request
2022-11-16 07:19:03 FINISHED
fapi1-advanced-final-ensure-response-mode-query
Test has run to completion
testmodule_result
PASSED
2022-11-16 07:19:25
TEST-RUNNER
Alias has now been claimed by another test
alias
NC7000-3A-OC
new_test_id
45gK0GrSdWKKgw9
Test Results