Started by an SCM change Building in workspace /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url https://github.com/GluuFederation/oxAuth # timeout=10 Fetching upstream changes from https://github.com/GluuFederation/oxAuth > git --version # timeout=10 > git fetch --tags --progress https://github.com/GluuFederation/oxAuth +refs/heads/*:refs/remotes/origin/* > git rev-parse refs/remotes/origin/master^{commit} # timeout=10 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10 Checking out Revision c5ecc0150059722b6177cb362f114960a1959ced (refs/remotes/origin/master) > git config core.sparsecheckout # timeout=10 > git checkout -f c5ecc0150059722b6177cb362f114960a1959ced Commit message: "Fix NPE when claim has date type and value is empty" > git rev-list 716b3d37acde5f4bbb6605d504f034990fedbea8 # timeout=10 [workspace] $ /bin/bash /opt/tomcat/temp/jenkins3707502889649963404.sh Cloning into 'oxHudsonProfiles'... [workspace] $ /home/tomcat/.jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven_3.3.9/bin/mvn -DVERSION_NAME=master -DPROFILE_NAME=ce-dev4 -DDEVELOPMENT_BUILD=true -DMAVEN_SKIP_TESTS=false -Dpython.import.site=false -DPYTHON_HOME=/opt/jython -Dcfg=ce-dev4 -Dmaven.test.skip=false -Ddevelopment-build=true clean compile install site [INFO] Scanning for projects... [WARNING] [WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-rp:war:3.2.0-SNAPSHOT [WARNING] 'build.plugins.plugin.version' for org.mortbay.jetty:jetty-maven-plugin is missing. @ org.xdi:oxauth-rp:[unknown-version], /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/RP/pom.xml, line 74, column 12 [WARNING] [WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-server:war:3.2.0-SNAPSHOT [WARNING] 'build.plugins.plugin.version' for org.codehaus.mojo:exec-maven-plugin is missing. @ org.xdi:oxauth-server:[unknown-version], /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Server/pom.xml, line 1075, column 14 [WARNING] [WARNING] It is highly recommended to fix these problems because they threaten the stability of your build. [WARNING] [WARNING] For this reason, future Maven versions might no longer support building such malformed projects. [WARNING] [INFO] ------------------------------------------------------------------------ [INFO] Reactor Build Order: [INFO] [INFO] oxAuth [INFO] oxAuth Model [INFO] oxAuth Client [INFO] oxauth-static [INFO] oxAuth RP [INFO] oxAuth RP Demo [INFO] oxAuth Server [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building oxAuth 3.2.0-SNAPSHOT [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth --- [INFO] Deleting /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/target [INFO] [INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth --- [INFO] Installing /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/pom.xml to /var/www/html/maven/org/xdi/oxauth/3.2.0-SNAPSHOT/oxauth-3.2.0-SNAPSHOT.pom [INFO] [INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth --- [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building oxAuth Model 3.2.0-SNAPSHOT [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-model --- [INFO] Deleting /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/target [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/src/main/resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model --- [INFO] Compiling 153 source files to /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/target/classes [WARNING] /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[20,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[20,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[20,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[143,36] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/src/main/resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model --- [INFO] Nothing to compile - all classes are up to date [INFO] [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-model --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 2 resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-model --- [INFO] Compiling 3 source files to /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/target/test-classes [INFO] [INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-model --- [INFO] Tests are skipped. [INFO] [INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ oxauth-model --- [INFO] Building jar: /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/target/oxauth-model.jar [INFO] [INFO] --- maven-jar-plugin:2.4:test-jar (default) @ oxauth-model --- [INFO] Building jar: /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/target/oxauth-model-tests.jar [INFO] [INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth-model --- [INFO] Installing /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/target/oxauth-model.jar to /var/www/html/maven/org/xdi/oxauth-model/3.2.0-SNAPSHOT/oxauth-model-3.2.0-SNAPSHOT.jar [INFO] Installing /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/pom.xml to /var/www/html/maven/org/xdi/oxauth-model/3.2.0-SNAPSHOT/oxauth-model-3.2.0-SNAPSHOT.pom [INFO] Installing /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Model/target/oxauth-model-tests.jar to /var/www/html/maven/org/xdi/oxauth-model/3.2.0-SNAPSHOT/oxauth-model-3.2.0-SNAPSHOT-tests.jar [INFO] [INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth-model --- [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building oxAuth Client 3.2.0-SNAPSHOT [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-client --- [INFO] Deleting /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/target [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/src/main/resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client --- [INFO] Compiling 59 source files to /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/target/classes [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/src/main/resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client --- [INFO] Nothing to compile - all classes are up to date [INFO] [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-client --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 15 resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-client --- [INFO] Compiling 140 source files to /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/target/test-classes [WARNING] /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/Test_Cache_oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[47,35] X509CertImpl is internal proprietary API and may be removed in a future release [INFO] [INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-client --- ------------------------------------------------------- T E S T S ------------------------------------------------------- Running TestSuite ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging. Invoked init test suite method ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:50:09 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:09 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: applicationTypeNativeSubjectTypePairwise ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "native", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scopes": [ "openid", "profile", "address", "email", "user_name" ] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1387 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:10 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DB8A.7212.5D1D.F46C", "client_secret": "ba57035c-f351-465f-8685-a7e72847a653", "registration_access_token": "9e904b8c-5b85-43d1-a6c6-03cf164a5556", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DB8A.7212.5D1D.F46C", "client_id_issued_at": 1510923010, "client_secret_expires_at": 1511009410, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "native", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "user_name" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 9e904b8c-5b85-43d1-a6c6-03cf164a5556 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1387 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:10 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DB8A.7212.5D1D.F46C", "client_secret": "ba57035c-f351-465f-8685-a7e72847a653", "registration_access_token": "9e904b8c-5b85-43d1-a6c6-03cf164a5556", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DB8A.7212.5D1D.F46C", "client_id_issued_at": 1510923010, "client_secret_expires_at": 1511009410, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "native", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "user_name" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DB8A.7212.5D1D.F46C&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3057b59a-29d5-41ef-aacb-d7cbb50ef1ad&nonce=a4eed35e-97b0-4a69-bba2-9e2d3d2efff5 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:14.433 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:d9b4b5a9-7469-45ca-b647-72a4b7ab3376 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DB8A.7212.5D1D.F46C&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3057b59a-29d5-41ef-aacb-d7cbb50ef1ad&nonce=a4eed35e-97b0-4a69-bba2-9e2d3d2efff5 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=a3eb50ea-93cf-4474-b65a-b197fc4cf4b4&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQjhBLjcyMTIuNUQxRC5GNDZDIiwiZXhwIjoxNTEwOTI2NjIwLCJpYXQiOjE1MTA5MjMwMjAsIm5vbmNlIjoiYTRlZWQzNWUtOTdiMC00YTY5LWJiYTItOWUyZDNkMmVmZmY1IiwiYXV0aF90aW1lIjoxNTEwOTIzMDE4LCJjX2hhc2giOiJKc1I2ejB6cDVNeEw5UkV3Q0l2SERRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.I0mM4PoyheH02pKdGbRbWp61yfGoFf7XU44ro5CkyTYbNQqPZC_L7ybRZHXqcbGXgCpIOl5s1-XZ7klFi0mKnVpDg-5pJ3OlUh2z2g97lfGKWQZdQzRGzj4Aq5tvxNLAtCoaqVsQc6kjQoepCUUoaU2A_wKzx4ocAU112Sv3ZGiBPK0pUY09Tdb5SOKSukRsNiDo5H7t6NSoBoEJUT-j43BiDLcT7Dh4JVNNuoAVz_2PXndHtdyVJY5B6lvFRGYLimg1CjQ3dPu-i9EfjTV46-H-Z294RozQad7EB-i3B2pqIlvkL9eEtyqIK-5rEZofGK7EB75oguepTa-EsB2lqA&session_id=6c2df9f8-6e79-4dd2-aae7-6f92db33765b&state=3057b59a-29d5-41ef-aacb-d7cbb50ef1ad&session_state=d9b4b5a9-7469-45ca-b647-72a4b7ab3376 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREI4QS43MjEyLjVEMUQuRjQ2QzpiYTU3MDM1Yy1mMzUxLTQ2NWYtODY4NS1hN2U3Mjg0N2E2NTM= grant_type=authorization_code&code=a3eb50ea-93cf-4474-b65a-b197fc4cf4b4&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:20 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"af829506-593f-41e6-acff-1c2dc0bc01a9","token_type":"bearer","expires_in":299,"refresh_token":"5557802c-45b0-4b9a-a50d-f5c7fde91dd2","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQjhBLjcyMTIuNUQxRC5GNDZDIiwiZXhwIjoxNTEwOTI2NjIwLCJpYXQiOjE1MTA5MjMwMjAsIm5vbmNlIjoiYTRlZWQzNWUtOTdiMC00YTY5LWJiYTItOWUyZDNkMmVmZmY1IiwiYXV0aF90aW1lIjoxNTEwOTIzMDE4LCJhdF9oYXNoIjoiNHZGUC1UX2VtdzQxZkxrVExjTzZQdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.ZnAufWzvu_MzwV0WZOy1k2xCnioAFz9qz4VSSgLUFH_SQchRjZEk24yLCt7fVGLO6eWmTI21uf07pewuFNw0PxdhoHuR38KsTSptbssMDDdoz623bC-R1kqw3_z2-k51kC7WiL0CfVXWYkITV6o7JB7F7uEJeEwX7vS_mGOcittCwnm9O_01NfBfQKE7-9ClqxM7QW4ZppSR5tGhXFvbnJ3yluTAmORuUmBOC9Z1YOd26b3xpQeDwzMwBvPh6jbS1_TwRkBr_gscUDZPJdxoBK8obUtmblCoWMiqELX0LEp6Ftev1fvbIIwfflsAuEiZzD3cBcaiIckmbGH6PZfmkw"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREI4QS43MjEyLjVEMUQuRjQ2QzpiYTU3MDM1Yy1mMzUxLTQ2NWYtODY4NS1hN2U3Mjg0N2E2NTM= grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=5557802c-45b0-4b9a-a50d-f5c7fde91dd2 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 198 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"6440baab-1fcd-4611-b5a0-216b8ab3ecb6","token_type":"bearer","expires_in":299,"refresh_token":"d9df63b3-6ffe-4522-bffd-d7c10b5e04e7","scope":"address openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 6440baab-1fcd-4611-b5a0-216b8ab3ecb6 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 634 Content-Type: application/json;charset=UTF-8 Date: Fri, 17 Nov 2017 12:50:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"19iHa9uWG6mkKwI9FNmE9k4Y_YQZlUgeH5Zo-uL5mcU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1486994112220,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: applicationTypeNativeSubjectTypePublic ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "native", "client_name": "oxAuth test app", "subject_type": "public", "scopes": [ "openid", "profile", "address", "email", "user_name" ] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1252 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!49BD.A1A4.45E4.2695", "client_secret": "dab47ec8-ddf7-40ee-b76d-fef1b7ca5496", "registration_access_token": "6c0feda9-3308-4a85-82b5-178f866e223f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!49BD.A1A4.45E4.2695", "client_id_issued_at": 1510923021, "client_secret_expires_at": 1511009421, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "native", "client_name": "oxAuth test app", "subject_type": "public", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "user_name" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 6c0feda9-3308-4a85-82b5-178f866e223f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1252 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!49BD.A1A4.45E4.2695", "client_secret": "dab47ec8-ddf7-40ee-b76d-fef1b7ca5496", "registration_access_token": "6c0feda9-3308-4a85-82b5-178f866e223f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!49BD.A1A4.45E4.2695", "client_id_issued_at": 1510923021, "client_secret_expires_at": 1511009421, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "native", "client_name": "oxAuth test app", "subject_type": "public", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "user_name" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2149BD.A1A4.45E4.2695&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3ed54443-5c3b-452d-8dcb-c3d3022008a0&nonce=413b6094-313a-4b06-8800-7196d1f7d0e8 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:22.362 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:878e8b18-0d6a-4f29-b973-cb3e089afa3a ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2149BD.A1A4.45E4.2695&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3ed54443-5c3b-452d-8dcb-c3d3022008a0&nonce=413b6094-313a-4b06-8800-7196d1f7d0e8 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=d498b83f-6499-4307-acf6-b75e1a49f9c7&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0OUJELkExQTQuNDVFNC4yNjk1IiwiZXhwIjoxNTEwOTI2NjI1LCJpYXQiOjE1MTA5MjMwMjUsIm5vbmNlIjoiNDEzYjYwOTQtMzEzYS00YjA2LTg4MDAtNzE5NmQxZjdkMGU4IiwiYXV0aF90aW1lIjoxNTEwOTIzMDI1LCJjX2hhc2giOiJ3dDU3WG9hZktNd0RRNHRENG5ENGtnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDAhQjFGMy5BRUFFLkI3OTgifQ.CgPXYzsBQZbo4_GNnEwCc9Syjw5OGt2Tn2_JSuW-oUg6WfNhQqzCBzwAfgkrUT2KsKM9S_rydoJ8YeLz2iyj8Yzd2MtAco_s2LNUW2GHXCYd7HStYv_CApExr_VteoQ-cMIPdsreVN0ZlIP4y3MX0XW7vi39Wa9lCyVSyYX-nNY3D121GWxelIsnU8nrs4CbOwtIEsa2WZ7tA_x3raBpqjcL4yHRqiQDvAuAzZAcx0zoVS2xomzpK__LSkKXw_1O-xrIh7ob1K7PGh3YQSvPohb_PZ5f_nWKogbqcYGSzraZYz0hQCn7HRg999tVKQ0V_dwLT1Hef0Ur1_92PX4AOA&session_id=849b0401-3622-43e3-a794-93f6d7a28043&state=3ed54443-5c3b-452d-8dcb-c3d3022008a0&session_state=878e8b18-0d6a-4f29-b973-cb3e089afa3a ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNDlCRC5BMUE0LjQ1RTQuMjY5NTpkYWI0N2VjOC1kZGY3LTQwZWUtYjc2ZC1mZWYxYjdjYTU0OTY= grant_type=authorization_code&code=d498b83f-6499-4307-acf6-b75e1a49f9c7&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1074 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"b8eddc7d-ece5-44ba-9496-69d5e9719233","token_type":"bearer","expires_in":299,"refresh_token":"ee3e5cf6-8409-4867-a085-c37b60f47ce5","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0OUJELkExQTQuNDVFNC4yNjk1IiwiZXhwIjoxNTEwOTI2NjI2LCJpYXQiOjE1MTA5MjMwMjYsIm5vbmNlIjoiNDEzYjYwOTQtMzEzYS00YjA2LTg4MDAtNzE5NmQxZjdkMGU4IiwiYXV0aF90aW1lIjoxNTEwOTIzMDI1LCJhdF9oYXNoIjoiNTRpcGppblBSRzRXdXZsejdtM3V1USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkAhMzhENC40MTBDLjFENDMuODkzMiEwMDAxITM3RjIuQjc0NCEwMDAwIUIxRjMuQUVBRS5CNzk4In0.MIbTv-vCegHDhfMa576e2ye8Nu87YlCiGqdMJQd_zC_Mw-voRwWsNbCqA3FAzS5rD6d9oQDj48ZFKUqDX-sx1kX2HyeirnHJj1Oe8w-iWad-OrVPwIfE70kga0mMJBqh-rig853_opq1OtoW3DSOgicn1O2YifUZ_jijyZcn8P6GNIZWIzkrrPZbq7bJKRuieght05AK1-IPBCOQZnI35Nbt6HiW9mwLzL6BNs9lJQITWfwoh8LL_A71-MF5lBM-u6eD4dvkAfRqwfIPG698me6P9Jaw-1XaolobWI29ySlX5rT7iNN_zFZBBVnM-dUmw2pllO9fv1Uav1MSxEckIA"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNDlCRC5BMUE0LjQ1RTQuMjY5NTpkYWI0N2VjOC1kZGY3LTQwZWUtYjc2ZC1mZWYxYjdjYTU0OTY= grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=ee3e5cf6-8409-4867-a085-c37b60f47ce5 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 198 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"5e9ffefe-e966-4a88-96fa-63674b24bab3","token_type":"bearer","expires_in":299,"refresh_token":"2f506dca-4fcb-4b72-9332-09aa006ded4d","scope":"address openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 5e9ffefe-e966-4a88-96fa-63674b24bab3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 647 Content-Type: application/json;charset=UTF-8 Date: Fri, 17 Nov 2017 12:50:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"@!38D4.410C.1D43.8932!0001!37F2.B744!0000!B1F3.AEAE.B798","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1486994112220,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: applicationTypeWeb ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C941.E81B.3C88.0372", "client_secret": "967b01a0-8ff2-4c10-9aca-1f8c17dc97c3", "registration_access_token": "7d053d6e-75ad-46fa-9b74-f18ed4cb9e27", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C941.E81B.3C88.0372", "client_id_issued_at": 1510923026, "client_secret_expires_at": 1511009426, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 7d053d6e-75ad-46fa-9b74-f18ed4cb9e27 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C941.E81B.3C88.0372", "client_secret": "967b01a0-8ff2-4c10-9aca-1f8c17dc97c3", "registration_access_token": "7d053d6e-75ad-46fa-9b74-f18ed4cb9e27", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C941.E81B.3C88.0372", "client_id_issued_at": 1510923026, "client_secret_expires_at": 1511009426, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ####################################################### TEST: applicationTypeWebFail1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": ["http://client.example.com/cb"], "application_type": "web", "client_name": "oxAuth test app" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Cache-Control: no-store Connection: close Content-Length: 101 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:27 GMT Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."} ####################################################### TEST: omittedApplicationType ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1354.A958.4CAE.D78C", "client_secret": "50f43271-0795-47c5-b02b-9eb5b3fa6f10", "registration_access_token": "00bdbd86-cac5-4276-9167-1e84b03a8dd1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1354.A958.4CAE.D78C", "client_id_issued_at": 1510923027, "client_secret_expires_at": 1511009427, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 00bdbd86-cac5-4276-9167-1e84b03a8dd1 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1354.A958.4CAE.D78C", "client_secret": "50f43271-0795-47c5-b02b-9eb5b3fa6f10", "registration_access_token": "00bdbd86-cac5-4276-9167-1e84b03a8dd1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1354.A958.4CAE.D78C", "client_id_issued_at": 1510923027, "client_secret_expires_at": 1511009427, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:50:27 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:27 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: authorizationCodeDynamicScopeFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scopes": [ "openid", "profile", "address", "email", "user_name", "org_name", "work_phone" ] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1426 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D89.AA7B.02C6.89A1", "client_secret": "d78827b1-d9f7-400f-8e29-40d3aee10583", "registration_access_token": "de7d77f1-b559-4bd3-9129-7055cc5624d9", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D89.AA7B.02C6.89A1", "client_id_issued_at": 1510923027, "client_secret_expires_at": 1511009427, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "user_name", "org_name", "work_phone" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213D89.AA7B.02C6.89A1&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fe512056-19e9-4c1d-87da-023db3100543&nonce=3fb5dada-3e1d-4175-8394-6b37eef95a27 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:28.251 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:4a861cf1-571c-4362-b5e4-0941309dd390 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213D89.AA7B.02C6.89A1&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fe512056-19e9-4c1d-87da-023db3100543&nonce=3fb5dada-3e1d-4175-8394-6b37eef95a27 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=b4a9e5bd-12f5-429a-b4f3-b698c9a04d54&scope=address+openid+user_name+profile+work_phone+org_name+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRDg5LkFBN0IuMDJDNi44OUExIiwiZXhwIjoxNTEwOTI2NjMxLCJpYXQiOjE1MTA5MjMwMzEsIm5vbmNlIjoiM2ZiNWRhZGEtM2UxZC00MTc1LTgzOTQtNmIzN2VlZjk1YTI3IiwiYXV0aF90aW1lIjoxNTEwOTIzMDMwLCJjX2hhc2giOiJyZVBYYnZoeHhuNy1nMU1QRnMzU1B3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.TGMWHraJOI5UlO9GVOJJBCKp5N_gyUYVlv7ekqFUZa2BLmt_DpPgP28gBauS3Gi_N1n51aQihoqLsda2H982vVu3YpdEBMKL_LvApTodFj2itMn72A9a_R5q_yUmf48Mbo_k5WClx77nkut_7mOf8bpOA3U-DsZDX1-u03Qx6zv1qwS0hbWJcM-Vdt7ScfEeMKy3dUSKb7so8wwMlUs2RPRMhh-DISH4zsCQjBILBu52JZF_Y4QssbtK3CHZta7qymmXUlgSWfaQP0C-TmfDzKla0DXIlZYfTptqrbN0K5WUcQbYdxPrJ-YEwxdveNPMEU8ByCb-Q3px8ETI7b0oUQ&session_id=e0c62c5e-2006-47f9-b1db-dbf7dd068dfd&state=fe512056-19e9-4c1d-87da-023db3100543&session_state=4a861cf1-571c-4362-b5e4-0941309dd390 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghM0Q4OS5BQTdCLjAyQzYuODlBMTpkNzg4MjdiMS1kOWY3LTQwMGYtOGUyOS00MGQzYWVlMTA1ODM= grant_type=authorization_code&code=b4a9e5bd-12f5-429a-b4f3-b698c9a04d54&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:32 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"65835188-8b32-4f68-9331-2865aedf5098","token_type":"bearer","expires_in":299,"refresh_token":"c587c3e6-4d67-492b-a3a2-77dcb408158b","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRDg5LkFBN0IuMDJDNi44OUExIiwiZXhwIjoxNTEwOTI2NjMyLCJpYXQiOjE1MTA5MjMwMzIsIm5vbmNlIjoiM2ZiNWRhZGEtM2UxZC00MTc1LTgzOTQtNmIzN2VlZjk1YTI3IiwiYXV0aF90aW1lIjoxNTEwOTIzMDMwLCJhdF9oYXNoIjoiY25GWEJDS0wyWkNHZTkwNnluRkVoUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.A2Ofuxs2QWo9oRUuOJc3b2OQi4Zk581rJmsJYcMLaj59fvHSTnvADVk8CgSMn2AcETsI9ZOgEy8o0mnV2URMDxJcD8mSL9LBRnqfFWt5yhShsEqOSUlMoP5cfNaO8Wnt-tmhlm4YN-NtQy7FRqccesJuMESMv3tsXxncXuxqkfDLm7Ch6vACSlVARgVO_ZGIHKLq8znD54He37Q36zn6kB5NlxyEPo1acsJHi4EDRn9W-iFaUxMl99ZwzBkK0Y_84EAzXpB8-XMyHV6PaI_hMvNZctAUQv8tnPDa2YPVVB-gQfXgZVAon1aivlxMrcqhEPh1c2wQcYYq3-QTD1bMwQ"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 65835188-8b32-4f68-9331-2865aedf5098 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 690 Content-Type: application/json;charset=UTF-8 Date: Fri, 17 Nov 2017 12:50:32 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"19iHa9uWG6mkKwI9FNmE9k4Y_YQZlUgeH5Zo-uL5mcU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1486994112220,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org","org_name":"Gluu, Inc.","work_phone":["(512) 516-2413"]} ####################################################### TEST: authorizationCodeFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scopes": [ "openid", "profile", "address", "email", "phone", "user_name" ] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1401 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:32 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0AB.4E0F.CF4B.4743", "client_secret": "06a1d233-4f4f-4307-aae0-ec5c80a3bb4e", "registration_access_token": "24fcd6ae-5586-43bb-9091-332d50930010", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0AB.4E0F.CF4B.4743", "client_id_issued_at": 1510923032, "client_secret_expires_at": 1511009432, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "phone", "user_name" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D0AB.4E0F.CF4B.4743&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1c837d76-495c-4545-90ee-5304868d48b0&nonce=8b25cdaa-9586-49ed-b042-7462aedef8b7 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:32.764 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:332a9008-439a-4433-913f-f8b3d90b20af ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D0AB.4E0F.CF4B.4743&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1c837d76-495c-4545-90ee-5304868d48b0&nonce=8b25cdaa-9586-49ed-b042-7462aedef8b7 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=18af35ad-c665-4de0-a858-b277627f9bbd&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMEFCLjRFMEYuQ0Y0Qi40NzQzIiwiZXhwIjoxNTEwOTI2NjM2LCJpYXQiOjE1MTA5MjMwMzYsIm5vbmNlIjoiOGIyNWNkYWEtOTU4Ni00OWVkLWIwNDItNzQ2MmFlZGVmOGI3IiwiYXV0aF90aW1lIjoxNTEwOTIzMDM1LCJjX2hhc2giOiJPdEw3dEJUOEl2N3hGejJKUU9LZzhBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.X_DREX_JFN_7UtYxKn3271-vBYKBiliZ4j5C4zurg1cHXljjHn0LSvXc5vwCG772cbbTorJzDoJH4pWTVB3-YXtkrCUGPBX42pF-0dg2cm7LEWbPVvpkEy3hYt1E9lxk-N0hIiDgVYQ28MnOhY9HO8Xkkmmy3KOmGJMzLukgAwg0uhd9MfmS34AQqsF_8T0BMcmQI1eekN7Cox94JGSrQrjSzh8j13n2gCd_eaa_28BkKuQ4YsMQMC5ipr6yJTxGM3vy-cIOrP1cPHPA9xlyv11H-ALGRxqsWyHXVvAuowOSJg4mw1BZ-kpELBHwU7cCbh69NBgX7HI2yp0g7RdyIg&session_id=733eb496-b2b4-4684-a0d6-05acb3188525&state=1c837d76-495c-4545-90ee-5304868d48b0&session_state=332a9008-439a-4433-913f-f8b3d90b20af ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDBBQi40RTBGLkNGNEIuNDc0MzowNmExZDIzMy00ZjRmLTQzMDctYWFlMC1lYzVjODBhM2JiNGU= grant_type=authorization_code&code=18af35ad-c665-4de0-a858-b277627f9bbd&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"430cfbfa-ae1f-4831-9d08-ea3ce4aa14f4","token_type":"bearer","expires_in":299,"refresh_token":"098ad309-af74-4d18-8628-8410dfb5cb11","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMEFCLjRFMEYuQ0Y0Qi40NzQzIiwiZXhwIjoxNTEwOTI2NjM2LCJpYXQiOjE1MTA5MjMwMzYsIm5vbmNlIjoiOGIyNWNkYWEtOTU4Ni00OWVkLWIwNDItNzQ2MmFlZGVmOGI3IiwiYXV0aF90aW1lIjoxNTEwOTIzMDM1LCJhdF9oYXNoIjoiX2ZZeEsteFJpS1Y2VjNMTE9GSXpRUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.GraaLGXLcT18WXZGb0UyNaqNqcaFLPP8gb52tVtTRLSTrjnrpcfROAwSLk5QY5shaw4VkrJAM43UIp7kVyW5k4l6CTZFIQ2gcIKJdm9oNR_qwiRPo9OR7_9ZW217b6DQDrO9jHA6I-e8h89R-mYKPeuXlcIezCs3GSVBvz9ZTWnhasJl6U7yiSR0FbnyWnKtbGqJRbxNkJifqLtEsOw6ykj1WItmWRjZtiRa-u6cXFIvXfdXUDwd5K9ZABB-REcDebMYfdnUMX_YkabbbK56cluMgNlCWFVANroCAXeGDQdOVMr8OBptW0Gbms2kwqsA-wdDu-YJNxQRluPRIe4mfQ"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDBBQi40RTBGLkNGNEIuNDc0MzowNmExZDIzMy00ZjRmLTQzMDctYWFlMC1lYzVjODBhM2JiNGU= grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=098ad309-af74-4d18-8628-8410dfb5cb11 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 204 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"94bd61f8-a6ae-4498-a98a-e9e3d294faf3","token_type":"bearer","expires_in":299,"refresh_token":"b162c772-8dfd-4820-b8fb-55ed881a78e4","scope":"address phone openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 94bd61f8-a6ae-4498-a98a-e9e3d294faf3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 695 Content-Type: application/json;charset=UTF-8 Date: Fri, 17 Nov 2017 12:50:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"19iHa9uWG6mkKwI9FNmE9k4Y_YQZlUgeH5Zo-uL5mcU","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1486994112220,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: authorizationCodeFlowLoginHint ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scopes": [ "openid", "profile", "address", "email", "user_name" ] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1384 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!362C.C3C0.0D27.7D3F", "client_secret": "6e6f7eb2-dee5-4a04-8d8c-ca5dc49d91fb", "registration_access_token": "14cf8348-fdef-46a5-887b-0c58b3a85203", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!362C.C3C0.0D27.7D3F", "client_id_issued_at": 1510923036, "client_secret_expires_at": 1511009436, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "user_name" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21362C.C3C0.0D27.7D3F&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6c70d9cd-a549-4664-8d8b-c7ba433bc357&nonce=8e363a81-39fa-4ba5-89b6-136cf0e2214a&login_hint=test_user authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:37.258 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:bdfbca64-e01e-4e55-bb19-9f792f1e1749 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21362C.C3C0.0D27.7D3F&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6c70d9cd-a549-4664-8d8b-c7ba433bc357&nonce=8e363a81-39fa-4ba5-89b6-136cf0e2214a&login_hint=test_user ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=5a52a196-56b9-4d41-80bf-29374c139a9d&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNjJDLkMzQzAuMEQyNy43RDNGIiwiZXhwIjoxNTEwOTI2NjQwLCJpYXQiOjE1MTA5MjMwNDAsIm5vbmNlIjoiOGUzNjNhODEtMzlmYS00YmE1LTg5YjYtMTM2Y2YwZTIyMTRhIiwiYXV0aF90aW1lIjoxNTEwOTIzMDM5LCJjX2hhc2giOiJaZEJENmZYbjIxTEJWbWdOZTY1dTFnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.sXEp8kx1COj5BK2gGuEC7QDcNn56CFyOvAu1qXNeFPXoyl169krQsk5nkQz5KxAkC69HYIfCEQnz-79irptdb2NTt2wsb2LDWk-h0AkYfklbO-l9NTCwMSDCEzrIxe2PbqOcNkewKInzTHdIEAoD4k5BqA4F9k1v2bNQ7nHwfzH-YkjyLqJrQB4ADOZH9oyW6C04zNUwCPUSDxLEbskfI7_oU48KdA_KpkkTZSCrMX6gRQzHSeHhONy-jxGtLHzwSABodQTibttUagJ3l4dG9kgLmMfkI1D7sIfSLPkqYgFIaUdJwXjeYfOe8ifnE_3EBMVBv1JlYjtlVR_RWRFLNg&session_id=17f378ea-eeea-4c0d-913b-f7b01b6312bf&state=6c70d9cd-a549-4664-8d8b-c7ba433bc357&session_state=bdfbca64-e01e-4e55-bb19-9f792f1e1749 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzYyQy5DM0MwLjBEMjcuN0QzRjo2ZTZmN2ViMi1kZWU1LTRhMDQtOGQ4Yy1jYTVkYzQ5ZDkxZmI= grant_type=authorization_code&code=5a52a196-56b9-4d41-80bf-29374c139a9d&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:40 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"1ab60b3f-36ac-4193-8502-c2734c2925f4","token_type":"bearer","expires_in":299,"refresh_token":"8f0ef03b-5451-4335-88cc-d0e8b9eb74c2","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNjJDLkMzQzAuMEQyNy43RDNGIiwiZXhwIjoxNTEwOTI2NjQwLCJpYXQiOjE1MTA5MjMwNDAsIm5vbmNlIjoiOGUzNjNhODEtMzlmYS00YmE1LTg5YjYtMTM2Y2YwZTIyMTRhIiwiYXV0aF90aW1lIjoxNTEwOTIzMDM5LCJhdF9oYXNoIjoiby14QndPejQ4TlctRFhaOUdWUnFmUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.YPQume8OCAtGhehnsNPEWFwFOvBhS-wh-1amL53AJdgj-9HXcCUA2RCjLLpeuU3MtS82d1X_vAGFP4vn-fqI0di2XOlAVhfxYuWs_OFGPxCwDtf7Fbf4UJNEtrzMZ9qMvJyuUMiPhUsROd6RHhLxctDfL8ts_VZla0B6zJKWyUxyFqAF8Ib5EM4znUO9iPvBSaxGpdRGtoifPcPhwXtm_atduykQnnRRaHdjERxvJ8zfdCjjaHmQcZcoY53s7gOP28gOHGwyqIMRJY3XO_qB4mUovcKIG3DGrZDfTVPWrIsOwrKQZZgvJiiAv33yTUl33MYzhZPBRoZc2qk4bZHxtQ"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzYyQy5DM0MwLjBEMjcuN0QzRjo2ZTZmN2ViMi1kZWU1LTRhMDQtOGQ4Yy1jYTVkYzQ5ZDkxZmI= grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=8f0ef03b-5451-4335-88cc-d0e8b9eb74c2 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 198 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"2ab467db-da5b-4e0c-bd40-ba0fb578bc45","token_type":"bearer","expires_in":299,"refresh_token":"48e9f140-195d-4d4e-b457-1d0edf63e4ec","scope":"address openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 2ab467db-da5b-4e0c-bd40-ba0fb578bc45 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 634 Content-Type: application/json;charset=UTF-8 Date: Fri, 17 Nov 2017 12:50:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"19iHa9uWG6mkKwI9FNmE9k4Y_YQZlUgeH5Zo-uL5mcU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1486994112220,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: authorizationCodeFlowWithOptionalNonce ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9BC2.AC8D.6743.6B7D", "client_secret": "2853e6ad-303c-4196-9439-b087d2e43c70", "registration_access_token": "53446779-fd14-4714-b447-7a2c31513fb5", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9BC2.AC8D.6743.6B7D", "client_id_issued_at": 1510923041, "client_secret_expires_at": 1511009441, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219BC2.AC8D.6743.6B7D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=11740ec6-5f11-43aa-9131-1aa812cf8503&nonce=322afb38-5ec9-4e24-9dbe-086ca866ddcf authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:41.757 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:7c8f1c5b-c28e-46e3-bbb9-ee900055e766 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219BC2.AC8D.6743.6B7D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=11740ec6-5f11-43aa-9131-1aa812cf8503&nonce=322afb38-5ec9-4e24-9dbe-086ca866ddcf ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=dbf44c80-4d8e-48d9-ba1a-5eb384c4a178&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QkMyLkFDOEQuNjc0My42QjdEIiwiZXhwIjoxNTEwOTI2NjQ1LCJpYXQiOjE1MTA5MjMwNDUsIm5vbmNlIjoiMzIyYWZiMzgtNWVjOS00ZTI0LTlkYmUtMDg2Y2E4NjZkZGNmIiwiYXV0aF90aW1lIjoxNTEwOTIzMDQ0LCJjX2hhc2giOiJKVWF0bTJPRFNpUGJPbm1QdmhVNlFRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.eWiAHo0-fRr7AENNAoI3ebyplBlb00r7YHo4K01Yv_iS6CfBvXIyEu1R00aTkabhw0bo5L8C_2_4ig73srvVVk0qdINmlc0h63G4jjAt7TiGbHzSYdv7cNHu8G-sOlv3sutp3nenc7a7CYQdNXSQAyZyQgreCNtCQG8rx9X_2hb0KMS-JH6F6WeJvP75JQgcdQ5SiscyzPM_EIDLbKnlkaOoTpFWjbJvV_mIU8Z2zYq6pIWeUo1TEj05X6ET0h7q_Q6U4FUMqOldfd8aDsnW3gGqu4zyJFShk80VGfmKAvz7MresyXKTG6LIuo6eAkQ08pv3QMuszNtl7d3sLTpitQ&session_id=21948b02-822c-48c3-a27c-83ba1873b258&state=11740ec6-5f11-43aa-9131-1aa812cf8503&session_state=7c8f1c5b-c28e-46e3-bbb9-ee900055e766 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOUJDMi5BQzhELjY3NDMuNkI3RDoyODUzZTZhZC0zMDNjLTQxOTYtOTQzOS1iMDg3ZDJlNDNjNzA= grant_type=authorization_code&code=dbf44c80-4d8e-48d9-ba1a-5eb384c4a178&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"6995f9f8-c623-4b6e-b780-41484bfb001b","token_type":"bearer","expires_in":299,"refresh_token":"101f3939-10bc-419a-955c-83eb932bec61","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QkMyLkFDOEQuNjc0My42QjdEIiwiZXhwIjoxNTEwOTI2NjQ1LCJpYXQiOjE1MTA5MjMwNDUsIm5vbmNlIjoiMzIyYWZiMzgtNWVjOS00ZTI0LTlkYmUtMDg2Y2E4NjZkZGNmIiwiYXV0aF90aW1lIjoxNTEwOTIzMDQ0LCJhdF9oYXNoIjoiT0RjRC01Wk9RWFhaLXlic08tZW8zZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.Ac1qRpmw4VRHANx1zcEu6y_dyRGAgDq7spCl4bMPIU2TVqypwVjPBWdkgrGsMBtghAGZCHnpmnbGqjGpzEjY1cCZtZU33sL_BaJWeqHx1rJ4K_0mg0cYQMEWLv7NqX8fgPwIgujx6kQqdkMlS4g6tjWXCVcC2MO76ozoyMPEnh8K4jnAsyeMO37xBmuymmZM-945Av_De6u2eI5ybfBVDJigEM15SGPtywuudFuUBfCU2IhJ__Jjk7X994XFPC2y8_dsntutoKaMoA1--QOw6Tvp41LoltLSniO_9bmBq2PWBSXfDyEqkmSX2MuWvezsAF3Er2FUr9p77fqGVcogJQ"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOUJDMi5BQzhELjY3NDMuNkI3RDoyODUzZTZhZC0zMDNjLTQxOTYtOTQzOS1iMDg3ZDJlNDNjNzA= grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=101f3939-10bc-419a-955c-83eb932bec61 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 188 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"8541e7f1-11dd-4fba-a537-247e662c4d5a","token_type":"bearer","expires_in":299,"refresh_token":"410348a3-1606-4945-8d03-ff9459051d64","scope":"address openid profile email"} ####################################################### TEST: authorizationCodeWithNotAllowedScopeFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scopes": [ "openid", "profile", "address", "email", "user_name" ] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1384 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EFE1.29D7.761F.6D2D", "client_secret": "f1a3dc2d-d77f-4fb1-9523-ef387d290d34", "registration_access_token": "78295cdd-35ee-4889-954a-d967ada44fb7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EFE1.29D7.761F.6D2D", "client_id_issued_at": 1510923045, "client_secret_expires_at": 1511009445, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "user_name" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EFE1.29D7.761F.6D2D&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=495e61c0-02ab-4689-8649-85036154c7bf&nonce=ea028ea2-d1dc-4c2f-8881-60b8a77e0666 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:46.137 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:b2516859-7fe6-483c-a5eb-3c137f064429 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EFE1.29D7.761F.6D2D&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=495e61c0-02ab-4689-8649-85036154c7bf&nonce=ea028ea2-d1dc-4c2f-8881-60b8a77e0666 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=83e64783-78ec-4522-9d62-66c37b94d9d0&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFRkUxLjI5RDcuNzYxRi42RDJEIiwiZXhwIjoxNTEwOTI2NjQ5LCJpYXQiOjE1MTA5MjMwNDksIm5vbmNlIjoiZWEwMjhlYTItZDFkYy00YzJmLTg4ODEtNjBiOGE3N2UwNjY2IiwiYXV0aF90aW1lIjoxNTEwOTIzMDQ4LCJjX2hhc2giOiJ3bkhISy0xR0FHQndJNkdjV2lhdC1nIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.po0hcXA8RoUKMeDLEiaME78SAuAJg0TkXKQVO7zpLSYLc79fTh22Ru9to1lTU3J_oASh14AVB7kw7qeZ6IdjG0cVoG_soy_X3KbpNdBLYbR8_jQ3jYwF_eeDRlu_PAERgstRHbCMCXuCD2KQGfXQ7voiYZUR5-E-aOOtCVFy4wo0ek2h-B2N7ytNeri6uh0r5Mrjcd12R7ySbEqj8pOkQnwpCprdBzEC_h2boxE5MJy7ATcDGgM4NNfywSTQR_e_er5OFMETGxAn2dDndrjSG7uUEwZ8fosT5WfpoAq1hsJabKgzis84aBAmsiwACqlKOLwyxAKhZYUQmVgN1wWZMw&session_id=07316a63-706b-405a-b937-71abf3e2bd7b&state=495e61c0-02ab-4689-8649-85036154c7bf&session_state=b2516859-7fe6-483c-a5eb-3c137f064429 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRUZFMS4yOUQ3Ljc2MUYuNkQyRDpmMWEzZGMyZC1kNzdmLTRmYjEtOTUyMy1lZjM4N2QyOTBkMzQ= grant_type=authorization_code&code=83e64783-78ec-4522-9d62-66c37b94d9d0&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"dd011003-8115-47c0-837f-2a0c0ceeac58","token_type":"bearer","expires_in":299,"refresh_token":"0d11ccd3-c49c-4ba7-a9bd-aa44979595e1","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFRkUxLjI5RDcuNzYxRi42RDJEIiwiZXhwIjoxNTEwOTI2NjQ5LCJpYXQiOjE1MTA5MjMwNDksIm5vbmNlIjoiZWEwMjhlYTItZDFkYy00YzJmLTg4ODEtNjBiOGE3N2UwNjY2IiwiYXV0aF90aW1lIjoxNTEwOTIzMDQ4LCJhdF9oYXNoIjoiU2VtR21EV2NMbVVsMThUWmYxMm1lQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.KkfdVECYDC7GO3d-zwCsfWZtxLLCqnu3RGLLDfmaoqLRCVZ8xeCAuK7CwcflLn6NHs-rEG2XDFWMyX-lUzDsUGJ1ZN7O3CavjZkb3tclMVp9AuFkKAdmssUazSjOQH-_3dzh6w2JU5smWG-HW6TgPr1N9QQqM3tM6v0uSr6cU8Y_4EswMnynj1ZEDsBk8NbWeJEgsSdImKoFXGOg4wCN5ST5cE-sh9dFtC9KC5bO942AaT5Gl-NnRc432Z_t9RYAZAT0pOgzMpezTi8BzW6hP7UdC05_yyvuufzU7mD2N3rGRLL1ykQcD6LSqH3gHuGm2wYsTzoaGzXyony4gWs0ow"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer dd011003-8115-47c0-837f-2a0c0ceeac58 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 634 Content-Type: application/json;charset=UTF-8 Date: Fri, 17 Nov 2017 12:50:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"19iHa9uWG6mkKwI9FNmE9k4Y_YQZlUgeH5Zo-uL5mcU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1486994112220,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: revokeTokens ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A83.7AF9.0215.8E22", "client_secret": "84715f8f-3282-4d8a-a53a-03b9868ff765", "registration_access_token": "acc936d7-2960-4ac8-acbf-7f3050260f07", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A83.7AF9.0215.8E22", "client_id_issued_at": 1510923049, "client_secret_expires_at": 1511009449, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer acc936d7-2960-4ac8-acbf-7f3050260f07 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A83.7AF9.0215.8E22", "client_secret": "84715f8f-3282-4d8a-a53a-03b9868ff765", "registration_access_token": "acc936d7-2960-4ac8-acbf-7f3050260f07", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A83.7AF9.0215.8E22", "client_id_issued_at": 1510923049, "client_secret_expires_at": 1511009449, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213A83.7AF9.0215.8E22&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=43edde8f-2555-43d6-be00-128e51c5d5ef&nonce=01fa1143-8d3a-49a5-82cf-2816f94621e7 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:50.182 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:3280a28b-95d7-4dea-828d-f603692e043b ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213A83.7AF9.0215.8E22&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=43edde8f-2555-43d6-be00-128e51c5d5ef&nonce=01fa1143-8d3a-49a5-82cf-2816f94621e7 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=31d510c9-ba8b-46ee-8baa-d47a6e886be5&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQTgzLjdBRjkuMDIxNS44RTIyIiwiZXhwIjoxNTEwOTI2NjUzLCJpYXQiOjE1MTA5MjMwNTMsIm5vbmNlIjoiMDFmYTExNDMtOGQzYS00OWE1LTgyY2YtMjgxNmY5NDYyMWU3IiwiYXV0aF90aW1lIjoxNTEwOTIzMDUyLCJjX2hhc2giOiJfM0pCbmhwamxoanJrSjZEWnpjQkZBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.T0wfRMXqwJHkZ_p7MMi5pfl_K9WTusVYKb2HzTbqBakPsRdqi-hSYtfbHUrGBDTSg1nqIFeW_64eNPxbQcBsky1xfybS9PvPrIY2KHarG-frVW7Z5kwMOrqwp4lDvqVOG66XJZqcxr2UjcmpxsqO19jNB6WawYrLGwf7iq7dptigh6e9JYMU9w6p8-oxZ-AofSP0JTIAPZfhUqDlIpU5puAUxSNMnGHYqokEHQQyCTOWBEJkW6CiU9pa_ogSAxOR_ugEyayQsQJOoTZU6exJ64G_ErcB-gKNK4UedIY3QMXeK8iTo3_F7jbet0NwrMUwdtAK59RfowuiT5qCwejtHg&session_id=0ae5e32f-d178-4bc1-a889-8912ffaf7a77&state=43edde8f-2555-43d6-be00-128e51c5d5ef&session_state=3280a28b-95d7-4dea-828d-f603692e043b ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghM0E4My43QUY5LjAyMTUuOEUyMjo4NDcxNWY4Zi0zMjgyLTRkOGEtYTUzYS0wM2I5ODY4ZmY3NjU= grant_type=authorization_code&code=31d510c9-ba8b-46ee-8baa-d47a6e886be5&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"787ae7f4-25d9-40ca-8c29-f7d182bede00","token_type":"bearer","expires_in":299,"refresh_token":"8bf2f2b8-b228-447e-9d9f-bb44f5c02065","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQTgzLjdBRjkuMDIxNS44RTIyIiwiZXhwIjoxNTEwOTI2NjUzLCJpYXQiOjE1MTA5MjMwNTMsIm5vbmNlIjoiMDFmYTExNDMtOGQzYS00OWE1LTgyY2YtMjgxNmY5NDYyMWU3IiwiYXV0aF90aW1lIjoxNTEwOTIzMDUyLCJhdF9oYXNoIjoiZlVvMXAzT2o5cWV3SmYtRFg4XzhIQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.CtTuNyg-J-8vA4dYrPcwrPBLkVdS2rE0l4ipq3OxuzdiPg9Q5l8zq8x3bze4z0XVnU7_zl5KgCOkzR-jZy8y8ZCSJnygmAjcHThhQx35IIge_DM18nzhtuA2VqrwDyF28hB8uxrEEVgMR3iiJIr_57MIGqwGOesDesbGnGH1YnbNviDWs1X2mukGvkZt1OWYhDDzi6snV9p_qu2HQ0xH_7Ljx6SjbMVwsiXtXez6YV7wnh4w6m6ek_n2hiLeSu8g507crPRJkM5n2rZzbJmKjWw6lt45fg2Z9qMrtDGzcNcFEquXbyIodUcgEAZAn6lnWrM9qiCTEALPHAzht_9Uhw"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghM0E4My43QUY5LjAyMTUuOEUyMjo4NDcxNWY4Zi0zMjgyLTRkOGEtYTUzYS0wM2I5ODY4ZmY3NjU= grant_type=authorization_code&code=31d510c9-ba8b-46ee-8baa-d47a6e886be5&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Cache-Control: no-store Connection: close Content-Length: 213 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:53 GMT Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghM0E4My43QUY5LjAyMTUuOEUyMjo4NDcxNWY4Zi0zMjgyLTRkOGEtYTUzYS0wM2I5ODY4ZmY3NjU= grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=8bf2f2b8-b228-447e-9d9f-bb44f5c02065 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Cache-Control: no-store Connection: Keep-Alive Content-Length: 213 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 787ae7f4-25d9-40ca-8c29-f7d182bede00 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 203 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:53 GMT Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:50:53 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:53 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A942.2571.773E.123A", "client_secret": "44d3f2f6-24c1-4a18-b772-d11e57a45d08", "registration_access_token": "4cbc4348-5801-446c-ba79-9d160d13ee7b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A942.2571.773E.123A", "client_id_issued_at": 1510923054, "client_secret_expires_at": 1511009454, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A942.2571.773E.123A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=668cb82e-0b46-4f95-97b9-7e42354c5faf&nonce=2df6d9a0-5e6c-4e9a-9853-1e0bdddb2cbf&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Fri, 17 Nov 2017 12:50:54 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=c7dcf4ef-08c2-405c-a56d-0c3d5fd8e314&scope=address+openid+profile+email&session_id=544c64b0-e3e4-47c2-bdf5-ccb12d2912db&state=668cb82e-0b46-4f95-97b9-7e42354c5faf&session_state=6daa3250-319e-46f1-9963-7bbbbfc90299 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1410 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A415.D5FA.1459.E67D", "client_secret": "acf2da3d-8813-4431-b4a5-316b7d80f977", "registration_access_token": "c677c922-6464-4b4e-ace5-f8b712d6924e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A415.D5FA.1459.E67D", "client_id_issued_at": 1510923054, "client_secret_expires_at": 1511009454, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A415.D5FA.1459.E67D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dfde401a-9461-40c9-9bd6-8028054cd8da&nonce=fcb3b451-4649-49a6-9c2a-207a7fef8847&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Fri, 17 Nov 2017 12:50:54 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=2697f6fc-4a2d-4acc-acfa-4d4ca5288fcf&scope=address+openid+profile+email&session_id=bc4a60fb-11e5-4c39-9295-eeca3efe8a15&state=dfde401a-9461-40c9-9bd6-8028054cd8da&token_type=bearer&session_state=4c7b6018-d23b-41b7-af8b-cc2c6c3b0d7a&expires_in=299 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!369C.648B.0A12.F361", "client_secret": "b238fa2c-ef34-4419-8845-a99913807d3f", "registration_access_token": "98bc1bc5-dccb-4932-b7d9-ee7a1515696c", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!369C.648B.0A12.F361", "client_id_issued_at": 1510923054, "client_secret_expires_at": 1511009454, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21369C.648B.0A12.F361&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=945c1701-0c54-4c7b-8546-9f616981b2cd&nonce=ff31ae02-11f1-48a8-b545-08b9d9841106&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Fri, 17 Nov 2017 12:50:54 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNjlDLjY0OEIuMEExMi5GMzYxIiwiZXhwIjoxNTEwOTI2NjU0LCJpYXQiOjE1MTA5MjMwNTQsIm5vbmNlIjoiZmYzMWFlMDItMTFmMS00OGE4LWI1NDUtMDhiOWQ5ODQxMTA2IiwiYXV0aF90aW1lIjoxNTEwOTIzMDU0LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.qJUVmcEe7uJ58awBL_lNPF5M-KV6LLiI3ZNPUxYEtOP49PgEB1HF5MK0ok8N-93LNb0PK8zZWve1_hQSKR7juIwPPPZ_Rn3LdreV0bhBt1ic-IcIK_wIgWWioMd9DPKyqf4PWZw4e3OXn8txnWuQ5o7dR-ILHIWxgAXWbUU7OETXthKFQy86nyaIke4iCy6WGMSqak2kd85oP5YIjMdhscvFXbJn2JnttuPPxxPkCwBhdvd5amRwvHtYHdrL6h83KiIxlXcCXX7clDOIJjE23rWJ55SUdB-qg-kstaMZHQW7HXbhPRGHQZXSoiXQs_ufTmbfHugEfOahR2LDTBwxJw&session_id=5dfefb7e-711e-4093-b516-b14d419cc6c6&state=945c1701-0c54-4c7b-8546-9f616981b2cd&session_state=f423bcc8-5119-4e5f-ac58-d05fc9020077 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!687A.9E8E.4FFC.6E9A", "client_secret": "a7b52da9-a482-4bd7-b78c-4971e258956a", "registration_access_token": "c0987bd0-5558-47cc-a309-45d6072d08ab", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!687A.9E8E.4FFC.6E9A", "client_id_issued_at": 1510923055, "client_secret_expires_at": 1511009455, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21687A.9E8E.4FFC.6E9A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=af46016c-83f7-4f09-8a77-88f260ad9aba&nonce=38985649-ae96-464d-a88b-90d6c848ce82&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Fri, 17 Nov 2017 12:50:55 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=27059a4b-c133-46dd-a1f8-e13669725d09&code=a653fb1c-ca6a-4786-b066-fcef35153b58&scope=address+openid+profile+email&session_id=b7cde6d5-77ac-4f84-85a1-cf6107ac6b10&state=af46016c-83f7-4f09-8a77-88f260ad9aba&token_type=bearer&session_state=24ff163b-0e75-45ff-8acf-a397281e7305&expires_in=299 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:55 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1C7.E1F7.0D4A.4D72", "client_secret": "deb0121c-3433-4613-be48-1305fa4da5d2", "registration_access_token": "dbf0658a-89d4-4542-9946-20f2cf6bf901", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1C7.E1F7.0D4A.4D72", "client_id_issued_at": 1510923055, "client_secret_expires_at": 1511009455, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A1C7.E1F7.0D4A.4D72&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d5d37874-198e-472e-87b4-703cf0ebb5fe&nonce=d9c1f399-ad43-4237-a4e5-f777602d84d3&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Fri, 17 Nov 2017 12:50:55 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=42913e4a-4a2d-4eb8-88e2-2ba860becfee&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMUM3LkUxRjcuMEQ0QS40RDcyIiwiZXhwIjoxNTEwOTI2NjU1LCJpYXQiOjE1MTA5MjMwNTUsIm5vbmNlIjoiZDljMWYzOTktYWQ0My00MjM3LWE0ZTUtZjc3NzYwMmQ4NGQzIiwiYXV0aF90aW1lIjoxNTEwOTIzMDU1LCJjX2hhc2giOiJOck9QWnNQYUlmVTc0b29NS2l2Y3BnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.UcPgTdjCQr3IW3jxkohUiwhrtbcxpFAnsMwr4OA5Rv4aC13_8PW9P7lj0xyiHEWTtr15wjxyoT148tpAYPzYpceKtXXoSDngQXbAMliQ1LcesceTUQCC_7QjIR-kgoeI-DpwL1ehrB5JYlBqzeS5MhKqZp-AMkIQIp93_zJdGhrrS9RRJK4OV4Yb30IovSwevcyd5KpfZGewKBfF6BSuiGEY9uxjcqsUO7v3uKDpzdsvg49qvEnR2OKgTYr2b-IrbCTjgpCezNfTXCs61gyg_fdLDHqzoxlNu887mMq_xczXzE5q9MTt9JsHza1WzacOT-CXxyB1OjGTIL2s-pgqiA&session_id=7e1265bb-6a12-442a-b46b-b4c63011a1df&state=d5d37874-198e-472e-87b4-703cf0ebb5fe&session_state=1ddef84e-5640-4aec-b7f4-c05e5743a52e Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:55 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED2C.0868.78D7.93E9", "client_secret": "da248403-85c0-44ff-9b01-42a250eb5a44", "registration_access_token": "f48fd27e-aba9-4f97-8e95-1191271dc1aa", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED2C.0868.78D7.93E9", "client_id_issued_at": 1510923055, "client_secret_expires_at": 1511009455, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ED2C.0868.78D7.93E9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6b78fcc9-5b4a-4b92-bff8-8066e96388bf&nonce=6329debd-e7d9-4fbb-8d5a-cd7bee761c6c&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Fri, 17 Nov 2017 12:50:55 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=beb3b9c6-fe75-4198-963d-fc4df9a61520&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFRDJDLjA4NjguNzhENy45M0U5IiwiZXhwIjoxNTEwOTI2NjU1LCJpYXQiOjE1MTA5MjMwNTUsIm5vbmNlIjoiNjMyOWRlYmQtZTdkOS00ZmJiLThkNWEtY2Q3YmVlNzYxYzZjIiwiYXV0aF90aW1lIjoxNTEwOTIzMDU1LCJhdF9oYXNoIjoiUXZZWW5HX0RGQUhNNWV3Q1FxcU1kdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.CLQuuhVn5MvQr-V_b5mHLk5LYb4TmAoLb2IZOtUSmWY8yDxzTLtq9KkT3Kw0K5YhfGCgUHcX29W75xM0khVPIiGgatx1qyToOGF7XN0_cqfdtEPZ-4wEIjPMwoUYyO1FOrohImcsii8FcZRo-Mr6TcQImkbChLknMlyiGNCW3EM3L8BCeo6XwGu4xrKSa8iNPgTpgCEey8VTBIzi4OTyAe8r-Jn3joD4lYS66y4KvMMz2Y_mKJNcbK2Z2TFM7duWQh-ZkIL5KLMsXKyJ_ZgU6_BVs8wwS-wuW_jlfblqfHGJhR3Bp66AOrmcN0BPfIRtWF5ixKQ448YCfK7BX9Jhuw&session_id=24235b87-c235-45ff-ba1a-3da0f196e992&state=6b78fcc9-5b4a-4b92-bff8-8066e96388bf&token_type=bearer&session_state=091b20d7-dd83-48bf-bb24-0c3be30c1407&expires_in=299 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5260.A99C.BD26.7752", "client_secret": "b3378fff-fb5c-44ad-ab43-78f0617843ae", "registration_access_token": "eaae63f0-fa38-451d-8fbc-f422cc3d01e8", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5260.A99C.BD26.7752", "client_id_issued_at": 1510923056, "client_secret_expires_at": 1511009456, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code+token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215260.A99C.BD26.7752&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=59eeca53-e506-495a-86ab-b66f36f280a6&nonce=2765fe0f-60e3-4ed4-89b1-3e18af5b2a47&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Fri, 17 Nov 2017 12:50:56 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=9f1568fc-1c08-447f-99e9-78c2a11ae554&code=c019211b-0b7c-47c6-9afb-8749fc7d5be2&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1MjYwLkE5OUMuQkQyNi43NzUyIiwiZXhwIjoxNTEwOTI2NjU2LCJpYXQiOjE1MTA5MjMwNTYsIm5vbmNlIjoiMjc2NWZlMGYtNjBlMy00ZWQ0LTg5YjEtM2UxOGFmNWIyYTQ3IiwiYXV0aF90aW1lIjoxNTEwOTIzMDU2LCJjX2hhc2giOiJpTnFuTHZpMnhpUGdFR2o5bXo3eG93IiwiYXRfaGFzaCI6ImJxRkp4aXd3eENRTDFSQUVSTkVSWmciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.M7E2lDdmh0k237CJpZFXKsYr-Ff4VEsOPxcDuxmTe06hfyRV4-dn5zb9l2hV9e1_8h0neEulCkMfa5XVaf55wtA4MvyaMpiPWUh7aPH060WVyfgKoIFpNdMr5AyFqBrHOtLRuqxs596LDoycc_cTZgC6rCaNRNVCpcoJFOwt0X6-Rgmg0zeM2L2ysBYecXb43XfjwIUMr4sVUfOB6uSnBy1mwwBpXijHSxsSMJfRT2ZqjmisTP3kbVKO9i_vgJyLGwWxLgwgxCVy4HxnZtGFcSxN8hhSluay4SZcu24hTDzGrAXUcE6fvw44vKHH7FxoYYbZfgsoAtK6dbKvodpH4g&session_id=c690767c-b6d6-4353-963b-0c57c55604b1&state=59eeca53-e506-495a-86ab-b66f36f280a6&token_type=bearer&session_state=973cc874-0ee7-4190-9eee-c7ea11209180&expires_in=299 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:50:56 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:56 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: defaultResponseModeBasicCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!93EF.9A87.1AAD.28E0", "client_secret": "5dc0dc3b-3238-45ef-b9d3-e38ff6db6c66", "registration_access_token": "ab5afcee-c804-4eac-9869-54ec88067776", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!93EF.9A87.1AAD.28E0", "client_id_issued_at": 1510923056, "client_secret_expires_at": 1511009456, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2193EF.9A87.1AAD.28E0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=94cf5805-8241-48f8-92a2-55f9b49f9f98 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:56.937 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:21645d6a-f476-4d29-bcfb-802033df5951 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2193EF.9A87.1AAD.28E0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=94cf5805-8241-48f8-92a2-55f9b49f9f98 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=ae4f89b5-64e2-4cfd-b13a-bf08f192421d&scope=address+openid+profile+email&session_id=00ee9a07-453b-4efc-80eb-10900c9a962f&state=94cf5805-8241-48f8-92a2-55f9b49f9f98&session_state=21645d6a-f476-4d29-bcfb-802033df5951 ####################################################### TEST: defaultResponseModeHybridCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:50:59 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1E48.32AB.8BC4.23A3", "client_secret": "86d94548-5d4e-4afd-8ed1-50d15f9ba951", "registration_access_token": "cb5cda40-94cf-42bd-a175-80fd3599f470", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1E48.32AB.8BC4.23A3", "client_id_issued_at": 1510923059, "client_secret_expires_at": 1511009459, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211E48.32AB.8BC4.23A3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=af4b6bd9-39a5-4c93-b28e-e9f8d740f681&nonce=8c20c29d-d072-4471-99b3-d6ca36ee6c3d authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:50:59.831 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:9cf25385-ee05-426d-95c6-97e69b5261ba ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211E48.32AB.8BC4.23A3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=af4b6bd9-39a5-4c93-b28e-e9f8d740f681&nonce=8c20c29d-d072-4471-99b3-d6ca36ee6c3d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=7e0791f9-cab3-423f-8815-20cdf8d65e5b&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExRTQ4LjMyQUIuOEJDNC4yM0EzIiwiZXhwIjoxNTEwOTI2NjYyLCJpYXQiOjE1MTA5MjMwNjIsIm5vbmNlIjoiOGMyMGMyOWQtZDA3Mi00NDcxLTk5YjMtZDZjYTM2ZWU2YzNkIiwiYXV0aF90aW1lIjoxNTEwOTIzMDYyLCJjX2hhc2giOiJIRzRQeEI3NkVmT2JLQmptRFktSkRnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.aZMGbSBq3RE7w3empUy14ZMSf52HNTDur91UexcnPhp1PTEFLPbwQU1x3OP0Vow7z_PvQGSwJktcW4m8TQK7Ao5IFWSdfE-loGBSUwQQLSpyScwc2xNqmTGQ_7zGMMr0TBFe9v8jZwNIzAWtEIQ5QYP9PGgmB8klRFL08byEco03V1LyYFXTevmrPJWsc_r7StR0JmFQ0OBMfpAWQ0vnS57D8VU8T24kMoHM0fuHlGQbVbLpEEDrpuFjyXGPhH_H39PjNyYgXVKstGi5K7QAv8qi9Zn-oZgJuISR0MIvnIiFmV3tCQCGqAcflF-9rGqi99sg2rZfLTyX_MFYPySS_g&session_id=4e9959fe-22bb-48f0-af8d-a71c126d26f4&state=af4b6bd9-39a5-4c93-b28e-e9f8d740f681&session_state=9cf25385-ee05-426d-95c6-97e69b5261ba ####################################################### TEST: defaultResponseModeHybridCodeIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:03 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!866F.5308.8E85.7BE0", "client_secret": "925f7c30-364f-48bb-96cd-aa72caa268f6", "registration_access_token": "523154e6-3254-43f2-b24c-63e782b80c9f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!866F.5308.8E85.7BE0", "client_id_issued_at": 1510923063, "client_secret_expires_at": 1511009463, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21866F.5308.8E85.7BE0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=01ac0f2d-9e9d-42dc-984f-f4f63c77c451&nonce=bd59fe53-2149-4665-b7b3-d461db72aafe authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:03.516 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:2dde24a9-6853-49d8-864c-19f65e4aeab0 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21866F.5308.8E85.7BE0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=01ac0f2d-9e9d-42dc-984f-f4f63c77c451&nonce=bd59fe53-2149-4665-b7b3-d461db72aafe ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=342ee08b-320b-4938-a157-189fe4571e09&code=e3a04645-e121-40ee-88b9-789a133f7d2a&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4NjZGLjUzMDguOEU4NS43QkUwIiwiZXhwIjoxNTEwOTI2NjY2LCJpYXQiOjE1MTA5MjMwNjYsIm5vbmNlIjoiYmQ1OWZlNTMtMjE0OS00NjY1LWI3YjMtZDQ2MWRiNzJhYWZlIiwiYXV0aF90aW1lIjoxNTEwOTIzMDY2LCJjX2hhc2giOiJ3VWpXa2VIb1ptUEVtOHpLbWx0WUNRIiwiYXRfaGFzaCI6InZFREV3eUIzdktjZWJYOVNWS1FtemciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.UVNsdsDLeON5mf2yRW7f8yNShEVh66jo3Y0IMpURZaxsPBALagChUD3UHxLMmUJgQDLOwN0IhjNsdHL1N8lBAlzBaMb1_-eZ_KTvNco6L5OEwygTnpdUNMCIG2p--0N3L-C74MFtAGHT2ISAFA2Gv1uZ51Xxg0ZWshHC2KA0UEamu8awHtolEhNV-P0xGv8xTTIyK3OwcHZI2Nbd66kmMTUyNhmteD4iaTlpcdYIDOeozZxyMd37jqdMRyECOsSS0i5B0hNb67PfMsyelyCEr2zaAmv-WyeHIzMISvF6JgVqLT4gZ_TxAhtROM9I19vrb1QRRhtbc-ixVAe6U3HMig&session_id=18fdb8ea-ccbf-425b-ad2c-ef16a8cbbb24&state=01ac0f2d-9e9d-42dc-984f-f4f63c77c451&token_type=bearer&session_state=2dde24a9-6853-49d8-864c-19f65e4aeab0&expires_in=299 ####################################################### TEST: defaultResponseModeHybridCodeToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:06 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E6D4.A77A.E37B.0DEA", "client_secret": "00808a18-161c-4663-a10d-a850563f1642", "registration_access_token": "403e8bf7-292e-4f8b-b8c9-2f911f7fd0e7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E6D4.A77A.E37B.0DEA", "client_id_issued_at": 1510923066, "client_secret_expires_at": 1511009466, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E6D4.A77A.E37B.0DEA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ad64906a-4f4c-4ede-94b9-0732f5aaeec1&nonce=694cb93c-7e40-42b0-b9b8-5f37c4917ab0 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:07.205 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:28f7e171-7d6c-4c80-ba9b-7123f7811a31 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E6D4.A77A.E37B.0DEA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ad64906a-4f4c-4ede-94b9-0732f5aaeec1&nonce=694cb93c-7e40-42b0-b9b8-5f37c4917ab0 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=67390694-fbe9-4e40-9bca-5a29199f7e14&code=c7cc6efc-830c-41d3-bbd0-f10758369a5c&scope=address+openid+profile+email&session_id=d3b770a5-79c7-474a-8438-54cdf0d34b72&state=ad64906a-4f4c-4ede-94b9-0732f5aaeec1&token_type=bearer&session_state=28f7e171-7d6c-4c80-ba9b-7123f7811a31&expires_in=299 ####################################################### TEST: defaultResponseModeImplicitIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:09 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1828.BDDA.653A.7261", "client_secret": "f112ffe9-d7bf-4b7d-9d88-456912e674e3", "registration_access_token": "61fc4fd8-3050-4269-924c-cc2cdffe4b37", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1828.BDDA.653A.7261", "client_id_issued_at": 1510923069, "client_secret_expires_at": 1511009469, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211828.BDDA.653A.7261&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ca7e48e0-ba96-4402-bcf9-26b001cd502b&nonce=63fda1db-5902-44bc-9f10-501e18ea55ac authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:10.310 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:d86b6d98-053e-471b-8ad1-09c103e56a9b ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211828.BDDA.653A.7261&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ca7e48e0-ba96-4402-bcf9-26b001cd502b&nonce=63fda1db-5902-44bc-9f10-501e18ea55ac ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExODI4LkJEREEuNjUzQS43MjYxIiwiZXhwIjoxNTEwOTI2NjczLCJpYXQiOjE1MTA5MjMwNzMsIm5vbmNlIjoiNjNmZGExZGItNTkwMi00NGJjLTlmMTAtNTAxZTE4ZWE1NWFjIiwiYXV0aF90aW1lIjoxNTEwOTIzMDcyLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.ikQs05CsPNZRfwp23cmqfP-BW6BqQOso0h2sVsWcBf3EmJBq01oy2h-K0zfQgcf_pW4HOGi-98LZmWVq9NVAAx3K1mIw1iWgk3sJaILVLLvIgP3um7a0dL_4Pn_IqXHNGsEuczQnDGOHNrJ-9ZMF71sa5jInRoXO9wDEX53ZTjGLsPMwzVQWBv1SBQVhkuD6tPCinHPYUBDgeqsYp_HCwgIhrJQBQ13jR6unF0l6nta4digjkYjdTtLWnAf5tKVsG9A-idi6m8UDrofWIHuC-H73ZZYIlg1EE18Rs5709EB_2fznK_XENY2ZOmcE0R0IDtapWfLuFWCN-aNlj8M26Q&session_id=8503fefe-16d6-4ad7-b3b9-eb75c4eb3a61&state=ca7e48e0-ba96-4402-bcf9-26b001cd502b&session_state=d86b6d98-053e-471b-8ad1-09c103e56a9b ####################################################### TEST: defaultResponseModeImplicitIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:13 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D183.DE20.7DD2.E5AD", "client_secret": "0bf4868f-e81f-4680-a9b9-cd3eb92c34ac", "registration_access_token": "a3a3d8e6-c48a-4428-8b60-a06ff6d99db9", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D183.DE20.7DD2.E5AD", "client_id_issued_at": 1510923073, "client_secret_expires_at": 1511009473, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D183.DE20.7DD2.E5AD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8fe5797a-203a-4f81-a41b-db546681a9ed&nonce=7783101c-9d3f-4fbe-b801-e04f552e5a17 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:13.453 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:579d46b5-d2ee-42cb-aa6d-a8c8decbb049 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D183.DE20.7DD2.E5AD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8fe5797a-203a-4f81-a41b-db546681a9ed&nonce=7783101c-9d3f-4fbe-b801-e04f552e5a17 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=01d1593d-4e04-4806-bc7d-242534701d59&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMTgzLkRFMjAuN0REMi5FNUFEIiwiZXhwIjoxNTEwOTI2Njc0LCJpYXQiOjE1MTA5MjMwNzQsIm5vbmNlIjoiNzc4MzEwMWMtOWQzZi00ZmJlLWI4MDEtZTA0ZjU1MmU1YTE3IiwiYXV0aF90aW1lIjoxNTEwOTIzMDc0LCJhdF9oYXNoIjoiZUt6Znp3ZUs1cGxsbksyTlhVTExpdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.cWGvJro0ScfN94DVVW39iP2_5nCzYkelbGZeL8r8xKOf27JkZkJ-5bXUD6SS8wnEiA0GNIZGhQALVcBKTyb9DuqUGOynd45NTYOwz4nNK4s8Yc79vDsZtoT7UEB3EGo6_YYO5eXwbekVfpDCyv82JwnYwT123TOLQZeRxIyC-05kjArTYu8F2SNijGi3hOM6SnlHnI08aHfufATk9qxKfRR_GSlAD4yiuebYD-DKw8VkY9XfHdNlACAnA94u6iihZ_YR2bd3L5XaJIh2Z0SKYMgSj9ZMiba7Qp0GrENM7_xmmpKrV-a0oVXFgzpzETT5xmF2heXdMXMDjLqKBrqJrw&session_id=11c5d965-c0ab-4826-8274-557d6d896749&state=8fe5797a-203a-4f81-a41b-db546681a9ed&token_type=bearer&session_state=579d46b5-d2ee-42cb-aa6d-a8c8decbb049&expires_in=299 ####################################################### TEST: formPostResponseModeBasicCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:15 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EFCB.6AE4.A2FF.531A", "client_secret": "c6e080ec-b956-4bb2-9853-b66f472779c8", "registration_access_token": "74602b71-758c-4553-9155-f50dbfd98812", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EFCB.6AE4.A2FF.531A", "client_id_issued_at": 1510923075, "client_secret_expires_at": 1511009475, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EFCB.6AE4.A2FF.531A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3b73cc43-a46d-4c58-9523-578ca01b82aa&response_mode=form_post authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:15.248 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:9921f288-ce87-4f95-ae81-24508ff203db ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EFCB.6AE4.A2FF.531A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3b73cc43-a46d-4c58-9523-578ca01b82aa&response_mode=form_post ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeHybridCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:16 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA27.DD46.A8F8.6EE0", "client_secret": "e69f55f6-a7ee-441f-9eaa-19fd959ae5a9", "registration_access_token": "2f1e39a6-cc2e-4304-830c-cee418427196", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA27.DD46.A8F8.6EE0", "client_id_issued_at": 1510923076, "client_secret_expires_at": 1511009476, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FA27.DD46.A8F8.6EE0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6b0e636e-cb5c-40a5-b606-6ef427c8d66e&response_mode=form_post&nonce=48fc40ca-9c0b-499e-a32d-649b754e412f authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:16.983 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:feb43f95-f7e7-4db5-b4c0-44d22ab761d2 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FA27.DD46.A8F8.6EE0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6b0e636e-cb5c-40a5-b606-6ef427c8d66e&response_mode=form_post&nonce=48fc40ca-9c0b-499e-a32d-649b754e412f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeHybridCodeIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:18 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC5B.77CB.3207.0D91", "client_secret": "59c5cf2c-5485-44ec-88ed-4d80a08a4f5d", "registration_access_token": "00b755c6-0b62-445a-a4ee-7fe0251ce09d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC5B.77CB.3207.0D91", "client_id_issued_at": 1510923078, "client_secret_expires_at": 1511009478, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CC5B.77CB.3207.0D91&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a88e8c83-16bd-4f31-b6a6-bb844435db1a&response_mode=form_post&nonce=8f084212-6337-47d2-b13b-0c377dd762c7 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:18.738 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:5d9a0e43-522f-4336-9cf5-4ca19ab76be1 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CC5B.77CB.3207.0D91&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a88e8c83-16bd-4f31-b6a6-bb844435db1a&response_mode=form_post&nonce=8f084212-6337-47d2-b13b-0c377dd762c7 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeHybridCodeToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:20 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0C03.C00F.2575.9A10", "client_secret": "d38500df-4f5c-476b-b113-e1dc6edc7872", "registration_access_token": "85cdc101-eb5b-467a-bb95-8f4624f54fe7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0C03.C00F.2575.9A10", "client_id_issued_at": 1510923080, "client_secret_expires_at": 1511009480, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210C03.C00F.2575.9A10&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=99111c22-f773-441a-8607-38c7ee0e69c0&response_mode=form_post&nonce=ec8799d7-6446-484b-a80f-8309d918f238 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:20.356 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:93709eda-95f6-4bcd-9368-7d5a4681a3f9 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210C03.C00F.2575.9A10&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=99111c22-f773-441a-8607-38c7ee0e69c0&response_mode=form_post&nonce=ec8799d7-6446-484b-a80f-8309d918f238 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeImplicitIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8CDC.BB46.E943.8C9C", "client_secret": "226db71e-68f6-41ed-8189-056f01f91e5f", "registration_access_token": "54ba6990-98c5-4472-94fa-12d3da5547dc", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8CDC.BB46.E943.8C9C", "client_id_issued_at": 1510923081, "client_secret_expires_at": 1511009481, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218CDC.BB46.E943.8C9C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=30c75ef9-6dce-4c8c-a77f-19018a3a9130&response_mode=form_post&nonce=35aef368-dd2f-4ece-bd65-c81c5eb1276c authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:22.092 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:f39cf0b1-252c-4cc3-b6de-645d2df4bf20 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218CDC.BB46.E943.8C9C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=30c75ef9-6dce-4c8c-a77f-19018a3a9130&response_mode=form_post&nonce=35aef368-dd2f-4ece-bd65-c81c5eb1276c ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeImplicitIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4EB6.F837.E1CE.9BC1", "client_secret": "ebac7e3d-4da8-43fc-b26d-0732f0d5cfa5", "registration_access_token": "ed60fe56-4f0f-4276-9a77-ee45494457f6", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4EB6.F837.E1CE.9BC1", "client_id_issued_at": 1510923083, "client_secret_expires_at": 1511009483, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EB6.F837.E1CE.9BC1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c4f8d450-6b2e-4bd7-b1bd-513f35fd04a1&response_mode=form_post&nonce=1aa13785-2b0b-4b27-831a-cb5b355f70ec authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:23.759 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:e8610edf-c706-46ed-9ce4-dae909f66e7a ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EB6.F837.E1CE.9BC1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c4f8d450-6b2e-4bd7-b1bd-513f35fd04a1&response_mode=form_post&nonce=1aa13785-2b0b-4b27-831a-cb5b355f70ec ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: fragmentResponseModeBasicCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B771.07B8.099E.4211", "client_secret": "3f7dd4ce-ec71-472d-840a-75af6c6aac68", "registration_access_token": "c7237b25-0a76-4531-aeea-f129c00a2762", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B771.07B8.099E.4211", "client_id_issued_at": 1510923085, "client_secret_expires_at": 1511009485, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B771.07B8.099E.4211&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6dd9b204-11fa-4db4-bea2-ef4f9917a2bf&response_mode=fragment authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:25.502 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:ee03d184-4c3f-46e2-8096-bd344666c9dd ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B771.07B8.099E.4211&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6dd9b204-11fa-4db4-bea2-ef4f9917a2bf&response_mode=fragment ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=04e92152-81c7-40cd-899c-35a5338f63b7&scope=address+openid+profile+email&session_id=86dbd303-b09a-40b1-a033-b6b37e148656&state=6dd9b204-11fa-4db4-bea2-ef4f9917a2bf&session_state=ee03d184-4c3f-46e2-8096-bd344666c9dd ####################################################### TEST: fragmentResponseModeHybridCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1AF2.EF9A.6E9F.0C44", "client_secret": "2cf89f5a-a19c-49a3-868f-64754f998085", "registration_access_token": "921c7990-e107-4c25-9e6e-d06c8a4dd7d7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1AF2.EF9A.6E9F.0C44", "client_id_issued_at": 1510923087, "client_secret_expires_at": 1511009487, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211AF2.EF9A.6E9F.0C44&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8049499a-5b42-43b2-9037-4d5220699f76&response_mode=fragment&nonce=72a822a5-15a3-4075-8ab9-9bc01a4bcd3c authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:27.298 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:dc05c18d-8d39-4a00-8019-c1a0b0a66c59 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211AF2.EF9A.6E9F.0C44&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8049499a-5b42-43b2-9037-4d5220699f76&response_mode=fragment&nonce=72a822a5-15a3-4075-8ab9-9bc01a4bcd3c ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=360da6ed-127c-44c5-b100-0b327cfcd07f&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQUYyLkVGOUEuNkU5Ri4wQzQ0IiwiZXhwIjoxNTEwOTI2Njg4LCJpYXQiOjE1MTA5MjMwODgsIm5vbmNlIjoiNzJhODIyYTUtMTVhMy00MDc1LThhYjktOWJjMDFhNGJjZDNjIiwiYXV0aF90aW1lIjoxNTEwOTIzMDg4LCJjX2hhc2giOiI2OWQxd0puaUFSOG5KZHQ5cnJIWjRnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.g7raEgEuLvCV0wIXNfzVvJoiGwWIvXEjFWbiYPn_qMA1VaR6B4lzO30G8L78JS7F5fZlgYZn_au6S9_r-MSz-UZQhwnp8l6cz_kN5bMZoh47-CE65C325Sf0ITsxvg2A9uWCdNh2DADmfO0Jq1bRyr2flSH1uu83GfrX32XCilqloq9dYNZ1Xjo6Qey6A_HlxyCQdbZ_rokogyTja-FdqisZkbeEQLLZA2vDsy9CEUE8MVAzY5Mjsi79C5AX9ps3JmO1C3EHAJYg1t75aeR93uxAQM-dr3dZ2tpQXfpHy_6UjzElDgUqrj_RzfGthxsXFnRLELsxmR2bVFz7BmiuBQ&session_id=bb595c02-cfb4-47d0-a8fe-5b3f1630f0df&state=8049499a-5b42-43b2-9037-4d5220699f76&session_state=dc05c18d-8d39-4a00-8019-c1a0b0a66c59 ####################################################### TEST: fragmentResponseModeHybridCodeIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:28 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4A80.51C0.6F4C.B83F", "client_secret": "890de6d5-614d-4899-a290-83a96533ac3f", "registration_access_token": "3f39a7a4-600e-4c59-b8d6-88d8cca75064", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4A80.51C0.6F4C.B83F", "client_id_issued_at": 1510923088, "client_secret_expires_at": 1511009488, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214A80.51C0.6F4C.B83F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=63aa0258-b6e5-4e91-b066-0c9ad6848c5b&response_mode=fragment&nonce=a158fc39-6272-4c31-acf2-da91e4c1f3ba authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:29.081 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:cf08cdd5-d878-4c52-9a6c-2031916c154c ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214A80.51C0.6F4C.B83F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=63aa0258-b6e5-4e91-b066-0c9ad6848c5b&response_mode=fragment&nonce=a158fc39-6272-4c31-acf2-da91e4c1f3ba ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=d838c325-a4db-4cd6-8b79-0747f60bed6d&code=a4d80bbc-6ca1-4a6e-b061-3c1e183fd27e&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0QTgwLjUxQzAuNkY0Qy5CODNGIiwiZXhwIjoxNTEwOTI2NjkwLCJpYXQiOjE1MTA5MjMwOTAsIm5vbmNlIjoiYTE1OGZjMzktNjI3Mi00YzMxLWFjZjItZGE5MWU0YzFmM2JhIiwiYXV0aF90aW1lIjoxNTEwOTIzMDkwLCJjX2hhc2giOiJOdGVlS3VWRjdpa18yei03YWFzTHBnIiwiYXRfaGFzaCI6ImZVU0NIY3dDTEVGZkZITWtrSW51bGciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.dAF4Cs30tgF0XwqKF-vVHnSkJQDU6Hg74MhcrGOnmp1jDs3D4wPrUNivAswYFrQjtXoD5vm2M4Rsmi_gLnpNSMbUBxJ9KEAh_GjxC1ad1nAU4eTCplWhczgvAAtLdy1Wy1Smk6kNcf6qr7pWt3ZCiubsjCVacbBSrDQtMIzBIaSkQH6X8Vi4d4EKbMabwloaCUp2Lgqa_jP9aLgGfe1fcPB6e-O8HbzJZ8GbyNF-5xsG_QNpSZcxeo9WcYlYriT7KB1TejraMLuUoW37-RhPCDVKE6KeH2Hlzv4mx2eeDYbIyLOiTPo5SQh3M3tyDOk53svrnyowZp5iiH0GZ812Qg&session_id=4137843c-2b22-40b0-93f3-e46378918204&state=63aa0258-b6e5-4e91-b066-0c9ad6848c5b&token_type=bearer&session_state=cf08cdd5-d878-4c52-9a6c-2031916c154c&expires_in=299 ####################################################### TEST: fragmentResponseModeHybridCodeToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:30 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C254.3001.2A7E.41B2", "client_secret": "14422705-2eed-4163-9f1c-be7613fadd88", "registration_access_token": "11c9ce5e-7146-4e9e-a966-b6742b31f59e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C254.3001.2A7E.41B2", "client_id_issued_at": 1510923090, "client_secret_expires_at": 1511009490, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C254.3001.2A7E.41B2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0670fe2f-53db-4f0d-8ae2-50106c2faa0f&response_mode=fragment&nonce=831a1b1f-ad21-4c49-b5db-99fb42df8f31 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:30.868 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:26a3b79e-9894-47e3-84b7-31a2eff2a9cb ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C254.3001.2A7E.41B2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0670fe2f-53db-4f0d-8ae2-50106c2faa0f&response_mode=fragment&nonce=831a1b1f-ad21-4c49-b5db-99fb42df8f31 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=f120579c-bd92-41e5-ab9f-a696c1019614&code=00793d63-d4d4-4b8f-ae7e-7a432393b9ac&scope=address+openid+profile+email&session_id=1a7241dc-25dd-4c79-8f1c-9602da86c4a2&state=0670fe2f-53db-4f0d-8ae2-50106c2faa0f&token_type=bearer&session_state=26a3b79e-9894-47e3-84b7-31a2eff2a9cb&expires_in=299 ####################################################### TEST: fragmentResponseModeImplicitIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABC5.392E.FE07.5E33", "client_secret": "98737cc2-8c00-463c-89cc-951f40bc154e", "registration_access_token": "2d7bd963-9513-48bd-92de-c3315c6af23b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABC5.392E.FE07.5E33", "client_id_issued_at": 1510923098, "client_secret_expires_at": 1511009498, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ABC5.392E.FE07.5E33&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=abae0b57-09c5-41d0-8cbb-53fceb7c23d7&response_mode=fragment&nonce=bdc84a6d-a7a3-44ff-a023-88d42192b03c authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:38.340 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:6e91684f-ec08-4131-854f-7df02f2ea361 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ABC5.392E.FE07.5E33&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=abae0b57-09c5-41d0-8cbb-53fceb7c23d7&response_mode=fragment&nonce=bdc84a6d-a7a3-44ff-a023-88d42192b03c ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQkM1LjM5MkUuRkUwNy41RTMzIiwiZXhwIjoxNTEwOTI2Njk5LCJpYXQiOjE1MTA5MjMwOTksIm5vbmNlIjoiYmRjODRhNmQtYTdhMy00NGZmLWEwMjMtODhkNDIxOTJiMDNjIiwiYXV0aF90aW1lIjoxNTEwOTIzMDk5LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.T7jie8aCgxqdD4NcIXc0Bl20zw-QG6JUvfDSU1kXcmSpRMHpVi3miTZBWcOC-i2MLSzLfVUmACcKiDWmTz4lfsg06GtJU8jIyY3BTv4_TnFZLjbYewwg0-aIj9mE3_X6-RYsE7LYQfmPhMG_uzvP3_Raf_Vc_XjXuViwbiFk3_wAmW-QYi58U657hZsPOVbX69XJic6Cu64_iDUaLK610WkXQFdJUbTF8jUMDSxW2gg9FS6sdLsSCh7RqNfQrlOFrmgEraK4Bg6K7JuoAdvyK7YD9L5bIla0CUyHEba5M79nQcDl3gcI4U4TYz7YOvyn8a30ZuvHZ7wp6Lz9EwoaQg&session_id=5b12d930-ab65-4ccf-9b9b-569a57a5358f&state=abae0b57-09c5-41d0-8cbb-53fceb7c23d7&session_state=6e91684f-ec08-4131-854f-7df02f2ea361 ####################################################### TEST: fragmentResponseModeImplicitIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:39 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E44C.467A.FB2D.057E", "client_secret": "01fbe4bc-5138-499b-93c2-09417e0432a0", "registration_access_token": "953ed777-31d4-4eb5-9824-fc190f9b7d5b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E44C.467A.FB2D.057E", "client_id_issued_at": 1510923099, "client_secret_expires_at": 1511009499, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E44C.467A.FB2D.057E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=df7c9dd0-f16c-4119-b487-0c560a919019&response_mode=fragment&nonce=088324d0-cf8f-4466-a589-cdf1d53c87c7 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:40.158 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:7d42ab66-6c8e-4f05-bdbb-8960fc9a01ac ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E44C.467A.FB2D.057E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=df7c9dd0-f16c-4119-b487-0c560a919019&response_mode=fragment&nonce=088324d0-cf8f-4466-a589-cdf1d53c87c7 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=d4758dc4-0730-49ec-88d3-a62f132d3521&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFNDRDLjQ2N0EuRkIyRC4wNTdFIiwiZXhwIjoxNTEwOTI2NzAxLCJpYXQiOjE1MTA5MjMxMDEsIm5vbmNlIjoiMDg4MzI0ZDAtY2Y4Zi00NDY2LWE1ODktY2RmMWQ1M2M4N2M3IiwiYXV0aF90aW1lIjoxNTEwOTIzMTAxLCJhdF9oYXNoIjoia3R3VWx2YjBaTTNlUzRCY3FQRkpwdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.HdlmeQp0814UX7J1Py98oekKlppzASyTUC_g7PdE6C1HLatHeP5JNB0cxyYyzRbemCaGSV8PSojMgQfu1YqzlXTWDNXRb9TIKd3XOiNGTI9qc3JoJk7gNoDf4TiyTJ_iYA6OYX_x0UJVKkCc-C1F12E2sPl0m3VXq2HsFq1Cjiym4UjIEXateQ24YUXom_VktYxLvp9L4cDHV-xJ4k2lBL5NDv7Fjjiu-c_vfhF46gGjQyHEmEZkYlJ-uL-ZDNRGPnvr1PntN3c8xc9R9C3WuXFfKxoB43Wx_o9KYcw_L_G8P5iujJLy8xyEGKEI9CPlMNiQ3Ldh-m-k1V7YPX9krg&session_id=4beb8b86-48aa-4a90-9af0-783b1b3940f4&state=df7c9dd0-f16c-4119-b487-0c560a919019&token_type=bearer&session_state=7d42ab66-6c8e-4f05-bdbb-8960fc9a01ac&expires_in=299 ####################################################### TEST: queryResponseModeBasicCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BA2A.BB2B.9FD4.65D8", "client_secret": "cb97c843-21c2-4d23-9fd8-bb3f4ceadcd1", "registration_access_token": "74fe9c81-1bdf-4b7b-82ed-ca6e69f72cde", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BA2A.BB2B.9FD4.65D8", "client_id_issued_at": 1510923101, "client_secret_expires_at": 1511009501, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BA2A.BB2B.9FD4.65D8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4f4ea565-31b5-489a-98e2-3ede4792ef37&response_mode=query authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:41.899 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a6770cce-06e2-4b9d-86dc-3f35e45e8cf1 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BA2A.BB2B.9FD4.65D8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4f4ea565-31b5-489a-98e2-3ede4792ef37&response_mode=query ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=80d84293-8cd4-48b2-bee6-dde6c5a6c69b&scope=address+openid+profile+email&session_id=ca3b46c2-ac69-4f85-808f-3f1b811c9381&state=4f4ea565-31b5-489a-98e2-3ede4792ef37&session_state=a6770cce-06e2-4b9d-86dc-3f35e45e8cf1 ####################################################### TEST: queryResponseModeHybridCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:43 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!429A.690F.7CD6.D87F", "client_secret": "d352e2e6-f7da-42ac-9818-63f4074f40e5", "registration_access_token": "1ef19639-899b-4021-b7f7-88da39540ac3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!429A.690F.7CD6.D87F", "client_id_issued_at": 1510923103, "client_secret_expires_at": 1511009503, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21429A.690F.7CD6.D87F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=879d2463-c687-4402-afb1-d57b54e9d8a9&response_mode=query&nonce=a4a1d872-4c30-4e5b-b386-1d59016d644d authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:43.613 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:8aca2777-e507-4ddf-adb9-a3b0aa1d143c ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21429A.690F.7CD6.D87F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=879d2463-c687-4402-afb1-d57b54e9d8a9&response_mode=query&nonce=a4a1d872-4c30-4e5b-b386-1d59016d644d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=befc531e-7328-4c30-ae85-11853980c18a&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MjlBLjY5MEYuN0NENi5EODdGIiwiZXhwIjoxNTEwOTI2NzA1LCJpYXQiOjE1MTA5MjMxMDUsIm5vbmNlIjoiYTRhMWQ4NzItNGMzMC00ZTViLWIzODYtMWQ1OTAxNmQ2NDRkIiwiYXV0aF90aW1lIjoxNTEwOTIzMTA0LCJjX2hhc2giOiJlUXhvQWxkY2NmdnVCQ05nTFloZ2VBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.JlzM52jxfLjbTP1yLOQKJ6KhRsmaoxHZQUzAL3y35ckgEj_Jgxwma3BSgnb6JHuvqUAnJowZ6OQAxI9IMe3AJHp8sAS-JkQLYn-MStrYYo0I9fDlrvb1VDTGIhFC_bCGa4oB1EUddnGzz0d2PUu6KcToZFCIcWQ4fqhtW6YpyzcZ6aJEdqjBWthHY-m6DZEdKlWn3Qrh03NccZz_tvM_SxzfPx9vAIMlvXHus0YQBLqRxoP8CljT5OdYqr01SAV3dy7OaNGFs9VTTcOlwZkX-INm2JdTZsjHSUOhWo5lPADjBnTBp4OL9TJ5DhFweU7uWH_awzfpYGcKVy84PwhqKw&session_id=7db64feb-8add-4de1-bd0c-7336446c439c&state=879d2463-c687-4402-afb1-d57b54e9d8a9&session_state=8aca2777-e507-4ddf-adb9-a3b0aa1d143c ####################################################### TEST: queryResponseModeHybridCodeIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!527D.49B0.F254.E92C", "client_secret": "27b02e08-b6a8-4ba7-a100-7e35a7f39426", "registration_access_token": "875290f2-062d-4d83-8b74-efbd3b8cdc86", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!527D.49B0.F254.E92C", "client_id_issued_at": 1510923105, "client_secret_expires_at": 1511009505, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21527D.49B0.F254.E92C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eb1e2ff1-b232-4fcb-a74d-d74d25d7c1ab&response_mode=query&nonce=f4b7f7e5-baf2-4dfc-b407-40490f1b5189 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:45.366 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:c3980dc9-e1be-4e45-af1e-09ced1581b26 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21527D.49B0.F254.E92C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eb1e2ff1-b232-4fcb-a74d-d74d25d7c1ab&response_mode=query&nonce=f4b7f7e5-baf2-4dfc-b407-40490f1b5189 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=b79f0771-d9f3-4c3e-bdcb-65333da1189a&code=aefac3fd-cce2-4e60-b380-8eef18a440a0&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1MjdELjQ5QjAuRjI1NC5FOTJDIiwiZXhwIjoxNTEwOTI2NzA2LCJpYXQiOjE1MTA5MjMxMDYsIm5vbmNlIjoiZjRiN2Y3ZTUtYmFmMi00ZGZjLWI0MDctNDA0OTBmMWI1MTg5IiwiYXV0aF90aW1lIjoxNTEwOTIzMTA2LCJjX2hhc2giOiJGZHR2MDF4UVE1MldtRHZiMDhXYWtRIiwiYXRfaGFzaCI6ImVldC0tSEVJUmNzMVdZN2tYRTVlemciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.Hbs2NJvFe9j68GcVMoOBtqXShdBxofyYPY0Xn1YqCWvq4eXFBEgpi5hzYAVZXs74bkKzP1h8TFJiHYD6jg8asZudOgGSJI26MHl55hYUUtRm423pi5QqFr4MEQu7wyx34auHh5HU_Pffx37Xq1zKn4jOPliBPj1LE4RTQXVBN5W5hzREXG7Yg6sksVj_7jVaLES4sI4UH_8iExOIlBZrNGTxngaAuSa2zJENy84YSOognKr146VVoKUmisTv1coL7UyibalH0HXrKDwExeRFlCYILmtwAVs8hQ4VYaFddRtqAYVl9BvsmOzdULO0MB6riW5q0OxVY8cfQssKM4uiWA&session_id=020782d0-5389-483f-995e-4bf5109933e6&state=eb1e2ff1-b232-4fcb-a74d-d74d25d7c1ab&token_type=bearer&session_state=c3980dc9-e1be-4e45-af1e-09ced1581b26&expires_in=299 ####################################################### TEST: queryResponseModeHybridCodeToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1576.1F0F.EF4F.EA21", "client_secret": "94a6a968-1a53-491e-936d-08f9fe452439", "registration_access_token": "c27373a3-31e4-499f-ba2c-d320cb842cfe", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1576.1F0F.EF4F.EA21", "client_id_issued_at": 1510923106, "client_secret_expires_at": 1511009506, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211576.1F0F.EF4F.EA21&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c0b53377-afde-49e8-ac61-d7963efe6742&response_mode=query&nonce=e74d798d-9061-40bb-b949-abcefca782c9 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:46.992 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:94dc5ae0-a5eb-4c3d-bd57-fb32aa19adaf ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211576.1F0F.EF4F.EA21&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c0b53377-afde-49e8-ac61-d7963efe6742&response_mode=query&nonce=e74d798d-9061-40bb-b949-abcefca782c9 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=33d37ed6-10a6-484d-915c-285db269b878&code=dd0d53c5-1c85-4f5c-a536-4bf3ab14ad79&scope=address+openid+profile+email&session_id=69af8354-58a2-4f70-9a17-cc062862714f&state=c0b53377-afde-49e8-ac61-d7963efe6742&token_type=bearer&session_state=94dc5ae0-a5eb-4c3d-bd57-fb32aa19adaf&expires_in=299 ####################################################### TEST: queryResponseModeImplicitIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CEC0.ADD6.67CB.3A98", "client_secret": "88ee8029-1236-46a7-8a29-2f5668fc0124", "registration_access_token": "0b7edc03-51f6-4aee-a992-574a67fa478b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CEC0.ADD6.67CB.3A98", "client_id_issued_at": 1510923108, "client_secret_expires_at": 1511009508, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CEC0.ADD6.67CB.3A98&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=02f520d0-1c93-4d19-bf62-0d411757a344&response_mode=query&nonce=59704442-6888-480c-af4e-2f0b8a21d727 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:48.672 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:31f750ea-5790-4a86-bb19-ec8180e058dd ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CEC0.ADD6.67CB.3A98&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=02f520d0-1c93-4d19-bf62-0d411757a344&response_mode=query&nonce=59704442-6888-480c-af4e-2f0b8a21d727 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDRUMwLkFERDYuNjdDQi4zQTk4IiwiZXhwIjoxNTEwOTI2NzA5LCJpYXQiOjE1MTA5MjMxMDksIm5vbmNlIjoiNTk3MDQ0NDItNjg4OC00ODBjLWFmNGUtMmYwYjhhMjFkNzI3IiwiYXV0aF90aW1lIjoxNTEwOTIzMTA5LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.tbVb9Q-mrZZ_GxmuCtK47vhMTEet73yyQSCKlMYnO2hkRwIyGh85Ko772BOChY7Kz9MGxLeQAQ3j_albZ6XIvIiVY6UC9uHcJQCmLhn0cnemcgfI1pLmcSTyq1lIAY9IpPuNmq2XqWDVHhAEIoQSxAw9Xc-6_M1xWEmf0q3tV3OUHXZlJhIc_saT9no0qWidDL5P7P57bmI-C6U9L54lCJfEmH93321AbYepSfimdtMi0Pw57FHvSN21Ojq9jmthiDU47pF8tX0LfttldwCdlZvCoUu6wjkh53UxnLwLcgGnLLSqLkTOzEyTkCx7o1ODGNr_33dC_2ysJCZziqVxhQ&session_id=7058c869-39dd-454c-9663-410d6e6b1e18&state=02f520d0-1c93-4d19-bf62-0d411757a344&session_state=31f750ea-5790-4a86-bb19-ec8180e058dd ####################################################### TEST: queryResponseModeImplicitIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!840C.0924.83BD.3BC8", "client_secret": "bb6ea948-d6a1-4070-b665-fa319587ba34", "registration_access_token": "70308dd6-df13-488e-83aa-4e3d3775c110", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!840C.0924.83BD.3BC8", "client_id_issued_at": 1510923110, "client_secret_expires_at": 1511009510, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21840C.0924.83BD.3BC8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=911cfb8a-29f9-471f-9103-9b4fddca3254&response_mode=query&nonce=448a25d2-b956-44b0-a029-ab837290bb84 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:50.311 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:6578f9a1-87ab-4916-90a5-4bd7c984744e ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21840C.0924.83BD.3BC8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=911cfb8a-29f9-471f-9103-9b4fddca3254&response_mode=query&nonce=448a25d2-b956-44b0-a029-ab837290bb84 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=35b428ac-8934-4cf4-b901-33e1dff7c463&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4NDBDLjA5MjQuODNCRC4zQkM4IiwiZXhwIjoxNTEwOTI2NzExLCJpYXQiOjE1MTA5MjMxMTEsIm5vbmNlIjoiNDQ4YTI1ZDItYjk1Ni00NGIwLWEwMjktYWI4MzcyOTBiYjg0IiwiYXV0aF90aW1lIjoxNTEwOTIzMTExLCJhdF9oYXNoIjoiOEJIWXlXZm1qc3JNSnhINGhQSmw3ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.i4UWF8Oc-H0DU1eOd7MxQtgdMSEmhnROR8i2s6diLKE0WG2EZVtyw0lx_TBYtQJSvpEZO-gU0XDdP0J7Aw99yeDnMYQfSIlQbfm4xJCNzG9Y7L34AxMSzA2QxgydLv6CdbmTO06MqVDQKrjkKn49vG79Lf6baFH6GStFJXZ58Ba27NWAqUUHg1hjdYi1T3luEeWEas5YBSmnkDCneK1WDfNZeNgmeEELyc7iBEvjPNc7F44IZQWNrHu4auIEx_0JGcGcybBVH673NhAEOEWmriY8aLR1Vpv7YTmcKhzvf8kSL03ZNLGHg1608tRHO5kJsNc1OCROjgk0OpIclmNacA&session_id=54f7065c-211e-4cd7-91bf-d76e95ae3723&state=911cfb8a-29f9-471f-9103-9b4fddca3254&token_type=bearer&session_state=6578f9a1-87ab-4916-90a5-4bd7c984744e&expires_in=299 ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:51:51 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:51 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: requestAuthorizationAccessToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AC54.58E6.2351.DA4F", "client_secret": "4ed83d69-fd7f-4685-9c4f-6f51d196254c", "registration_access_token": "f474fef9-64a7-4894-9eb0-c14318fb6d41", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AC54.58E6.2351.DA4F", "client_id_issued_at": 1510923112, "client_secret_expires_at": 1511009512, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer f474fef9-64a7-4894-9eb0-c14318fb6d41 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AC54.58E6.2351.DA4F", "client_secret": "4ed83d69-fd7f-4685-9c4f-6f51d196254c", "registration_access_token": "f474fef9-64a7-4894-9eb0-c14318fb6d41", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AC54.58E6.2351.DA4F", "client_id_issued_at": 1510923112, "client_secret_expires_at": 1511009512, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AC54.58E6.2351.DA4F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47bb222b-eb7a-44a6-ae0a-491c62d912bb&nonce=2e5b0317-e0dd-4dcb-b854-b1d12c76f8b0 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:52.437 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a7939797-3830-4655-9848-ea2c7570cd9b ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AC54.58E6.2351.DA4F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47bb222b-eb7a-44a6-ae0a-491c62d912bb&nonce=2e5b0317-e0dd-4dcb-b854-b1d12c76f8b0 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=60616b63-332d-458c-aaf0-9f0d2730b004&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQzU0LjU4RTYuMjM1MS5EQTRGIiwiZXhwIjoxNTEwOTI2NzEzLCJpYXQiOjE1MTA5MjMxMTMsIm5vbmNlIjoiMmU1YjAzMTctZTBkZC00ZGNiLWI4NTQtYjFkMTJjNzZmOGIwIiwiYXV0aF90aW1lIjoxNTEwOTIzMTEzLCJhdF9oYXNoIjoiakVBSldnTjBFUlZmSU85QUtrczNudyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.Fpp9H2L8fWFnA93JxHswJnFfmm7DTIkIKARqG20-cSox4gQXZQKHuVpqrASZBKrKheXXzun6KxOhIgE05TfDMZRsPPxbZF4iTbP0HJtDiK_APJMkkYuU0nGItrJzxTNPpI5Pkh27Ugz27vBEcn69NZeuq6tYuNWx3P8QOjYwb-_WSUcpOGOo5dkTrCFEjC3U5JgLp1h4GLC4cHYbu7QkZBuL3htV9z3uMOIC2ItBOLhtzm0S5sjx5juBKHq7pxntXKlysK8dkva4NravRxSICKOQjkuRFTTMU8Z05C0yVd8vROZVvwq7W0QMZQkFDaXvgiDHQJjiKvgVdrR8Se5Rfg&session_id=63c9a12d-c47c-43d9-8632-c9b7beb4c54d&state=47bb222b-eb7a-44a6-ae0a-491c62d912bb&token_type=bearer&session_state=a7939797-3830-4655-9848-ea2c7570cd9b&expires_in=299 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AC54.58E6.2351.DA4F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e0c1a423-7cd3-4e23-a5c3-300536181c88&nonce=51c1f088-38dc-484a-b18b-cff96ebd2747&prompt=none&access_token=60616b63-332d-458c-aaf0-9f0d2730b004 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:51:53 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=6a6d512c-17e3-40d5-bcef-a09d9c8d9943&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQzU0LjU4RTYuMjM1MS5EQTRGIiwiZXhwIjoxNTEwOTI2NzE0LCJpYXQiOjE1MTA5MjMxMTQsIm5vbmNlIjoiNTFjMWYwODgtMzhkYy00ODRhLWIxOGItY2ZmOTZlYmQyNzQ3IiwiYXV0aF90aW1lIjoxNTEwOTIzMTEzLCJjX2hhc2giOiJmUnlwYlkwY0dadi1raDZYbEJfZFFnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.mV8ISQRi60DFcJnbQaLcZYh2jtedZ9pefazTZxUCBo1UkaBAAIVdZiv-KsA8ZEVQnP2eDClL0kXUlE7Nz-DS4Yt2npS2Ujz25vpgdhrpOQVQqEYKijgoZ8xSmyjunsRpD1f4uWVxF10T5NPmccyPoJTXeLwbEoeIC2TXhUzaYVF6BdYWtRFIDNJyfS1YR1RkBBNQvsEI1-eswMSHHyQAz5hVo0v2VbIASrxW81HI5T4Am76J18kSO7NY_EmYFL9tf4PaXalufyBEmIB3X6CC9wC96MbJsrfO_bOBwLHj5-Leu1AJhEv7IrXG_kvXBnHmR5n4MT8kxb0iKZyHnAYIWw&session_id=514eaf04-c25d-4f7b-8fdb-45a7a542416c&state=e0c1a423-7cd3-4e23-a5c3-300536181c88&session_state=3c2addc2-0195-42b5-a178-b482a24fdab7 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQUM1NC41OEU2LjIzNTEuREE0Rjo0ZWQ4M2Q2OS1mZDdmLTQ2ODUtOWM0Zi02ZjUxZDE5NjI1NGM= grant_type=authorization_code&code=6a6d512c-17e3-40d5-bcef-a09d9c8d9943&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"a3ea9c48-df19-46b7-baaf-09509d7e66ba","token_type":"bearer","expires_in":299,"refresh_token":"d2c588dc-7046-4137-ab75-df7850f016d4","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQzU0LjU4RTYuMjM1MS5EQTRGIiwiZXhwIjoxNTEwOTI2NzE0LCJpYXQiOjE1MTA5MjMxMTQsIm5vbmNlIjoiNTFjMWYwODgtMzhkYy00ODRhLWIxOGItY2ZmOTZlYmQyNzQ3IiwiYXV0aF90aW1lIjoxNTEwOTIzMTEzLCJhdF9oYXNoIjoiaE1ranlDcTh0SWVHd1ZwWl81ZVRHUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.p9Dtq3znTtJf0j7FKaws0gEqXH7TbMaaIPfyJF9rJ0UWQg3me5Fd3jsEt3dull5UAot0VClG7msCpcJjhiTfCXyW0Gsyu_4KeqWz-lDd3IUmW0GG-Stp0BglWNuvPuVPaZ1w6C8QsFfIirY_XbcydKUVLKGaO0_2XnqW8QHGWaQGLeKm_fbvmq5ax5iJ3vIh7Pz8JFytTAKld9MNYff8KFybJDFZWvGz-eyMjj7EagGwviUtgW7B3Eu7eKtOUgZumCIeMQaAkjkzKUIzaNRUa5iWV6d5z8ssEkGX5d6lbXJj1SlMj2BT1LyRW_1IWtu5smhZk45QB0Ms_4ZKj_5WvQ"} ####################################################### TEST: requestAuthorizationAccessTokenFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!779C.B309.8501.1CED", "client_secret": "e30049f2-a2ec-40bb-9b71-09220f45ccc8", "registration_access_token": "1983e7c0-c11b-4204-8f61-409d2f1cb430", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!779C.B309.8501.1CED", "client_id_issued_at": 1510923114, "client_secret_expires_at": 1511009514, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 1983e7c0-c11b-4204-8f61-409d2f1cb430 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!779C.B309.8501.1CED", "client_secret": "e30049f2-a2ec-40bb-9b71-09220f45ccc8", "registration_access_token": "1983e7c0-c11b-4204-8f61-409d2f1cb430", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!779C.B309.8501.1CED", "client_id_issued_at": 1510923114, "client_secret_expires_at": 1511009514, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21779C.B309.8501.1CED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e1142c98-1141-484a-96b2-5b6efb6aaee5&prompt=none&access_token=INVALID_ACCESS_TOKEN ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:51:54 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=e1142c98-1141-484a-96b2-5b6efb6aaee5&error=invalid_request Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationAccessTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B273.FC3E.213F.49FF", "client_secret": "9fcad5b6-ea07-4314-a5b8-3708c27dd2d2", "registration_access_token": "7606b320-b109-4653-a532-80669f3b93af", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B273.FC3E.213F.49FF", "client_id_issued_at": 1510923114, "client_secret_expires_at": 1511009514, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 7606b320-b109-4653-a532-80669f3b93af ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B273.FC3E.213F.49FF", "client_secret": "9fcad5b6-ea07-4314-a5b8-3708c27dd2d2", "registration_access_token": "7606b320-b109-4653-a532-80669f3b93af", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B273.FC3E.213F.49FF", "client_id_issued_at": 1510923114, "client_secret_expires_at": 1511009514, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B273.FC3E.213F.49FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a5b279b1-615c-4d6b-8b35-1bfe3446dde4&nonce=6dbcf4fa-1101-4b84-9ae2-7269d26c9150 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:54.789 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:04531781-dc09-4b38-9a89-6c61f336fbf0 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B273.FC3E.213F.49FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a5b279b1-615c-4d6b-8b35-1bfe3446dde4&nonce=6dbcf4fa-1101-4b84-9ae2-7269d26c9150 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=79563f8b-b28e-488f-b5cb-2a943a083245&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMjczLkZDM0UuMjEzRi40OUZGIiwiZXhwIjoxNTEwOTI2NzE2LCJpYXQiOjE1MTA5MjMxMTYsIm5vbmNlIjoiNmRiY2Y0ZmEtMTEwMS00Yjg0LTlhZTItNzI2OWQyNmM5MTUwIiwiYXV0aF90aW1lIjoxNTEwOTIzMTE1LCJhdF9oYXNoIjoidTFwcHgzU2dsd0tqRFlRZTFKQXNVUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.NUiuaQ1zOtfw_mImvj0YsKW-v38SJRNFIHLzeKjp_6YDRqOniYARFp_aNN2BzAyXTS58esIxCz6qO3nQVbLZY1Tt2DBbxegOfW18CsbkxLdA6Txb3bjvOX_6N0SKZRN4CHUfq9Tla5JVpSo2cgaqpuwyaqWQSU5xwtOzNZnSHcZBIFH1VlTJajlQhMUyCHguJ27lH16RD6ra9xVxHS2xjELIv5CzzEhCq3xxwcH7CpZ0CKjipUgr50w5lZLy2KdkLQ11aCluplLgSn1LR0WRtkwWiCNfaPR4xtaw-2-M9ACOA4SkVORnBDP2E71NzwKUNK9Wk773JynEK8VWCJl1RQ&session_id=c7887094-5ac7-45d2-90a6-f11514176880&state=a5b279b1-615c-4d6b-8b35-1bfe3446dde4&token_type=bearer&session_state=04531781-dc09-4b38-9a89-6c61f336fbf0&expires_in=299 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B273.FC3E.213F.49FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf6c74ad-bc25-4d5e-a9dd-6e77a32ad488&nonce=d3497476-01df-49dc-8287-2a639bc459b6&prompt=none&access_token=79563f8b-b28e-488f-b5cb-2a943a083245 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:51:56 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=fad26e7d-faa0-4cb3-8492-af6c0aa9fc1c&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMjczLkZDM0UuMjEzRi40OUZGIiwiZXhwIjoxNTEwOTI2NzE2LCJpYXQiOjE1MTA5MjMxMTYsIm5vbmNlIjoiZDM0OTc0NzYtMDFkZi00OWRjLTgyODctMmE2MzliYzQ1OWI2IiwiYXV0aF90aW1lIjoxNTEwOTIzMTE2LCJjX2hhc2giOiJfR0VicE5wd2lGYUtUQ3ZLZ1lKT0pnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.X0BzbQCB5LAQKy5tYsEsoTChQilhwQCMMNxkHG2IFALgatTuWMfCk_4yUeyBwIKEdfxwsn8n9deHPfNKGgNCRdTbutFLACpC9Dy1LvxmV1ReSfoju274KHKdCEboTEomwqoxieH3kHC4f4KSks8Ngf3I7zL3EGBzgU37MR61IW8vO2uhCJHjPfY4-BbwpUO072r9C-GrvITWk3i_4mEmdIUqWbb7xoKP70EjBMje7456uwuDPxribArcH-8kmSrycXE-nywcqHBmkw6uDftVtZxtR3ugJ3H_rWUCHFCiUWj7kx-PUA8ckRRhWgsGJzHJ5Di-JhEDO3gWX2PUe7wqoQ&session_id=7c00e070-10a7-4391-b607-f102981ff1d4&state=bf6c74ad-bc25-4d5e-a9dd-6e77a32ad488&session_state=633ed58c-1433-4213-9244-ddfd9a050f64 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQjI3My5GQzNFLjIxM0YuNDlGRjo5ZmNhZDViNi1lYTA3LTQzMTQtYTViOC0zNzA4YzI3ZGQyZDI= grant_type=authorization_code&code=fad26e7d-faa0-4cb3-8492-af6c0aa9fc1c&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"81fea6c7-ba55-4606-b4e1-add9c7e9a31b","token_type":"bearer","expires_in":299,"refresh_token":"2d3273eb-3ec8-4a93-a3ef-a019bd2e3f91","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMjczLkZDM0UuMjEzRi40OUZGIiwiZXhwIjoxNTEwOTI2NzE2LCJpYXQiOjE1MTA5MjMxMTYsIm5vbmNlIjoiZDM0OTc0NzYtMDFkZi00OWRjLTgyODctMmE2MzliYzQ1OWI2IiwiYXV0aF90aW1lIjoxNTEwOTIzMTE2LCJhdF9oYXNoIjoiY1JROWtPWFA2ZFpFLUdwUTk1eFIxUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.QifEC31pVhjF1Eon3P-JZPzZS_ANqstAjcrhorXEbdcNt1ws9OrCzt3fhDEpVvm3UdUcX-Vo6RibaznfC3kdAmI2u0qNzMihg5nxF3KacXtAICa__u0BP-yNPvTF7k94rXlBLnwScess-XnTtA7UNQJazZmGcPH2aOyZRfITVn79_05YDve6grtFCMACzPuq26RdKm9sWR37P5ujl9uvfvU16Sil8Tjrs-3h2TLzvu3cxj_pxH3VyqAFkMq9VPSSA57wrPek0p-TF-F8SIW-9I9uV96I72X72w90njLrEobIjt6K9gF0GQ9BIhZYSxEHrG5zg_HEIkHeOb5ZaEl8SQ"} ####################################################### TEST: requestAuthorizationCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5C86.9772.FA99.5414", "client_secret": "042dc581-d527-48c9-8baf-d568c847f780", "registration_access_token": "51b009b4-3811-4fad-8b30-8ca2af9b2b68", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5C86.9772.FA99.5414", "client_id_issued_at": 1510923116, "client_secret_expires_at": 1511009516, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 51b009b4-3811-4fad-8b30-8ca2af9b2b68 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5C86.9772.FA99.5414", "client_secret": "042dc581-d527-48c9-8baf-d568c847f780", "registration_access_token": "51b009b4-3811-4fad-8b30-8ca2af9b2b68", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5C86.9772.FA99.5414", "client_id_issued_at": 1510923116, "client_secret_expires_at": 1511009516, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215C86.9772.FA99.5414&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=696f7800-6a0c-4e8b-bde9-42f9af3838c0 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:56.748 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:1e1a0950-6e2d-4e4e-960b-aea403026d99 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215C86.9772.FA99.5414&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=696f7800-6a0c-4e8b-bde9-42f9af3838c0 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b70032c3-1c04-4740-a801-ce1dc4890eb8&scope=address+openid+profile+email&session_id=d6494b85-4a01-4cc3-b961-ced13cf8ef43&state=696f7800-6a0c-4e8b-bde9-42f9af3838c0&session_state=1e1a0950-6e2d-4e4e-960b-aea403026d99 ####################################################### TEST: requestAuthorizationCodeFail1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 175 Content-Type: text/plain Date: Fri, 17 Nov 2017 12:51:58 GMT Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed."} ####################################################### TEST: requestAuthorizationCodeFail2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:58 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!462D.CC63.ADD7.D702", "client_secret": "b10af478-eee8-49f4-ba9b-3ad877d08baf", "registration_access_token": "9ceac4a8-084b-41e9-8a83-704603c40679", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!462D.CC63.ADD7.D702", "client_id_issued_at": 1510923118, "client_secret_expires_at": 1511009518, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 9ceac4a8-084b-41e9-8a83-704603c40679 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:58 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!462D.CC63.ADD7.D702", "client_secret": "b10af478-eee8-49f4-ba9b-3ad877d08baf", "registration_access_token": "9ceac4a8-084b-41e9-8a83-704603c40679", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!462D.CC63.ADD7.D702", "client_id_issued_at": 1510923118, "client_secret_expires_at": 1511009518, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21462D.CC63.ADD7.D702&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2FINVALID_REDIRECT_URI&state=38f0b534-8f94-493f-82e1-751e5fb8550e&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 220 Content-Type: text/plain Date: Fri, 17 Nov 2017 12:51:58 GMT Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"38f0b534-8f94-493f-82e1-751e5fb8550e"} ####################################################### TEST: requestAuthorizationCodeFail3 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code&client_id=%40%211111%210008%21INVALID_VALUE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a6b01aee-63e3-4b22-a52c-fe6227624e65 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 175 Content-Type: text/plain Date: Fri, 17 Nov 2017 12:51:58 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"unauthorized_client","error_description":"The client is not authorized to request an access token using this method.","state":"a6b01aee-63e3-4b22-a52c-fe6227624e65"} ####################################################### TEST: requestAuthorizationCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:58 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!29F3.DD89.5218.48F4", "client_secret": "18c3f766-72d1-4e60-b12a-472df8faddd7", "registration_access_token": "1561da31-3d4f-44da-b287-c12d04401d9a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!29F3.DD89.5218.48F4", "client_id_issued_at": 1510923118, "client_secret_expires_at": 1511009518, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 1561da31-3d4f-44da-b287-c12d04401d9a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:51:58 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!29F3.DD89.5218.48F4", "client_secret": "18c3f766-72d1-4e60-b12a-472df8faddd7", "registration_access_token": "1561da31-3d4f-44da-b287-c12d04401d9a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!29F3.DD89.5218.48F4", "client_id_issued_at": 1510923118, "client_secret_expires_at": 1511009518, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2129F3.DD89.5218.48F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1f63f1f0-57cb-4322-9853-09d816c68839&nonce=03c3eae5-dbf5-43ad-b5dc-088e3d49c4ca authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:51:59.039 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:137c0c73-d8cc-42ad-97bf-4090e21536de ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2129F3.DD89.5218.48F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1f63f1f0-57cb-4322-9853-09d816c68839&nonce=03c3eae5-dbf5-43ad-b5dc-088e3d49c4ca ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=c2b09317-3539-47c2-a528-43fded08c992&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyOUYzLkREODkuNTIxOC40OEY0IiwiZXhwIjoxNTEwOTI2NzIwLCJpYXQiOjE1MTA5MjMxMjAsIm5vbmNlIjoiMDNjM2VhZTUtZGJmNS00M2FkLWI1ZGMtMDg4ZTNkNDljNGNhIiwiYXV0aF90aW1lIjoxNTEwOTIzMTE5LCJjX2hhc2giOiJ2UW5IZE5uTGNKRHRmTjY2dU1HcW5RIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.g5XmAV5IbklAAliykhlwTt7CjTKk5BhjF3BlPqyUrLFvP-salug-I-4UDA19Siw6pwmBABne9ligYHoHWN-JxIIJGzn4ovWPfhhAQC5eMXQ2dzqImlO2wOj9nQaYa0Y5ofycEIF1Sqte3BLlVn8cL4zwxlcU49JsXxz7iwez1GIeaqucT-_XH7vw9D-ddjLIhoAYhF3LewvGLdiERypuKy9T7SvtyuyGMDGYwq79vu_ynroRFpWhLpnnV2fNxWe24vqwFqauNhWu7eIWJgwqzymW9Bqwy35V30BNvbMwH-KyYhfGSTKAGECA0fMcSogkkf4kPULLcjd7C71872BQjg&session_id=44915041-6b1e-4d9d-bcde-a87451af68e4&state=1f63f1f0-57cb-4322-9853-09d816c68839&session_state=137c0c73-d8cc-42ad-97bf-4090e21536de ####################################################### TEST: requestAuthorizationCodeIdTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:00 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4754.D9E6.D86C.00FF", "client_secret": "8964b4bd-a800-438e-8eda-e4f3e4f232d0", "registration_access_token": "44fd1b83-03af-4953-a5f0-bd1d8bac58b0", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4754.D9E6.D86C.00FF", "client_id_issued_at": 1510923120, "client_secret_expires_at": 1511009520, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 44fd1b83-03af-4953-a5f0-bd1d8bac58b0 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:00 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4754.D9E6.D86C.00FF", "client_secret": "8964b4bd-a800-438e-8eda-e4f3e4f232d0", "registration_access_token": "44fd1b83-03af-4953-a5f0-bd1d8bac58b0", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4754.D9E6.D86C.00FF", "client_id_issued_at": 1510923120, "client_secret_expires_at": 1511009520, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214754.D9E6.D86C.00FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6ef8d23b-8556-4e1e-b154-c96a4eeecb63&nonce=0cee33ab-d03a-41dc-8a78-6c7ef04ede75 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:00.933 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:be159fa9-2ed5-4b4b-96c1-18f0df5e31e6 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214754.D9E6.D86C.00FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6ef8d23b-8556-4e1e-b154-c96a4eeecb63&nonce=0cee33ab-d03a-41dc-8a78-6c7ef04ede75 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=1edfcc77-cde5-4993-8d22-dbe93d1ba332&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0NzU0LkQ5RTYuRDg2Qy4wMEZGIiwiZXhwIjoxNTEwOTI2NzIzLCJpYXQiOjE1MTA5MjMxMjMsIm5vbmNlIjoiMGNlZTMzYWItZDAzYS00MWRjLThhNzgtNmM3ZWYwNGVkZTc1IiwiYXV0aF90aW1lIjoxNTEwOTIzMTIzLCJjX2hhc2giOiJnREpGQTFIT3lLUDRpUHZQMjNvWktnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.ea5bW4b5a05zgUYoo__Dp0oqZV7uy1F1PbWQ4RPI6Fis8oYkrs_-F0hDTOL9dX2fSxnxwO2bQITRgKYRrQ-aZPS5O61fsjSJpo6lj3r2QcYpldnugaomM0JR4u7BwoAtDLJ3CBqaXCYEN3TvdtetjAtzvzNI6hYhgKoG1UipC6hiADFqOHxZwcp94d8HO4w6kq4eQ3igWOaFM-YND7Tw_QU4GT-hDcaOeqw7tx-NuWGihLT-8E_XronpqAINlSaUADttAwONJ4e96zZq1tqWieBP-yaDDt6-zUId9resWDTKM5LwHX4mfbTE-MKDYRh2AihF7v7oRMPjWcJ8RNCe1g&session_id=021378e8-562a-405b-8624-206363f38434&state=6ef8d23b-8556-4e1e-b154-c96a4eeecb63&session_state=be159fa9-2ed5-4b4b-96c1-18f0df5e31e6 ####################################################### TEST: requestAuthorizationCodeNoRedirection ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:03 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!27B3.EDAB.1C71.E498", "client_secret": "ea6656f8-2333-4750-a6a9-a7cd2a4d050a", "registration_access_token": "90bfa8a9-cb1f-436b-8b7f-1b7e5bccaf05", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!27B3.EDAB.1C71.E498", "client_id_issued_at": 1510923123, "client_secret_expires_at": 1511009523, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 90bfa8a9-cb1f-436b-8b7f-1b7e5bccaf05 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:04 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!27B3.EDAB.1C71.E498", "client_secret": "ea6656f8-2333-4750-a6a9-a7cd2a4d050a", "registration_access_token": "90bfa8a9-cb1f-436b-8b7f-1b7e5bccaf05", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!27B3.EDAB.1C71.E498", "client_id_issued_at": 1510923123, "client_secret_expires_at": 1511009523, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2127B3.EDAB.1C71.E498&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e49ed895-7a32-4b9c-8dd2-12aebb0e7d43 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:04.193 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:2302e058-b126-4efb-beed-aeb6c35f8a84 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2127B3.EDAB.1C71.E498&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e49ed895-7a32-4b9c-8dd2-12aebb0e7d43 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=5684226b-2e4c-4d69-b1ca-99427bbbfea1&scope=address+openid+profile+email&session_id=4175335d-0856-41dd-afd8-ebb06957ac0e&state=e49ed895-7a32-4b9c-8dd2-12aebb0e7d43&session_state=2302e058-b126-4efb-beed-aeb6c35f8a84 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org X-Gluu-NoRedirect: true response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2127B3.EDAB.1C71.E498&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e49ed895-7a32-4b9c-8dd2-12aebb0e7d43 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- ####################################################### TEST: requestAuthorizationCodeUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:05 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62D2.C876.4C83.5019", "client_secret": "0c075c0b-3d98-49d7-9c54-aba34de19bc8", "registration_access_token": "20500d09-9e50-4b30-87a8-959cf412bdee", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62D2.C876.4C83.5019", "client_id_issued_at": 1510923125, "client_secret_expires_at": 1511009525, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 20500d09-9e50-4b30-87a8-959cf412bdee ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:05 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62D2.C876.4C83.5019", "client_secret": "0c075c0b-3d98-49d7-9c54-aba34de19bc8", "registration_access_token": "20500d09-9e50-4b30-87a8-959cf412bdee", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62D2.C876.4C83.5019", "client_id_issued_at": 1510923125, "client_secret_expires_at": 1511009525, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2162D2.C876.4C83.5019&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a74b63d0-4efe-4c4f-8fd2-4c4011f7d4cb authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:05.903 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:50b3db63-fe7b-4a0e-83ac-185a4c87ff03 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2162D2.C876.4C83.5019&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a74b63d0-4efe-4c4f-8fd2-4c4011f7d4cb ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=2cd68dbb-05a1-4638-8818-8ed5300248cf&scope=address+openid+profile+email&session_id=a9f43d32-90c9-4f3a-b605-a5d81f2da278&state=a74b63d0-4efe-4c4f-8fd2-4c4011f7d4cb&session_state=50b3db63-fe7b-4a0e-83ac-185a4c87ff03 ####################################################### TEST: requestAuthorizationCodeWithoutRedirectUri ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "application_type": "web", "client_name": "oxAuth test app" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1186 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:07 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9BB9.6474.32FD.8AB4", "client_secret": "e9ef2942-f764-4fbf-93fe-7d560e7501c8", "registration_access_token": "90bdb9b5-7ab0-4037-9932-88be0f834d15", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9BB9.6474.32FD.8AB4", "client_id_issued_at": 1510923127, "client_secret_expires_at": 1511009527, "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219BB9.6474.32FD.8AB4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7c4a4de4-aa5d-418c-8601-02c5622b9bc8 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:07.434 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:7a72d53d-de08-4067-bb9e-b2cdc13f9b4c ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219BB9.6474.32FD.8AB4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7c4a4de4-aa5d-418c-8601-02c5622b9bc8 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=6eb703bb-5c0e-4571-9d56-c80b8ba960b5&scope=address+openid+profile+email&session_id=f1dbd00e-468e-4e94-8add-744bae823f14&state=7c4a4de4-aa5d-418c-8601-02c5622b9bc8&session_state=7a72d53d-de08-4067-bb9e-b2cdc13f9b4c ####################################################### TEST: requestAuthorizationCodeWithoutRedirectUriFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:08 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D27.E336.E57D.59E5", "client_secret": "56ace1be-4bfd-42f7-954b-4d8876ad78cd", "registration_access_token": "1a02f13c-0995-4fcd-95cb-035351393aa6", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D27.E336.E57D.59E5", "client_id_issued_at": 1510923128, "client_secret_expires_at": 1511009528, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213D27.E336.E57D.59E5&scope=openid+profile+address+email&state=01ba8456-9740-426b-822e-60005f447d7e&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 220 Content-Type: text/plain Date: Fri, 17 Nov 2017 12:52:08 GMT Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"01ba8456-9740-426b-822e-60005f447d7e"} ####################################################### TEST: requestAuthorizationCodeWithoutRedirectUriUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "application_type": "web", "client_name": "oxAuth test app", "subject_type": "public", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1184 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:08 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A0EF.A8E2.C92D.DEC6", "client_secret": "09d098f9-66b6-4385-85df-7bfe4dd21291", "registration_access_token": "20adbd44-3ac4-406a-a550-75ef9afaec86", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A0EF.A8E2.C92D.DEC6", "client_id_issued_at": 1510923128, "client_secret_expires_at": 1511009528, "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "subject_type": "public", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A0EF.A8E2.C92D.DEC6&scope=openid+profile+address+email&state=8fa32f0e-2394-46ac-991f-8caa65e6538e&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:52:09 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=f25e5dac-63ef-40b2-9930-e331cd4e0aac&scope=address+openid+profile+email&session_id=f64bf706-4d41-4477-b316-744bb5c2d436&state=8fa32f0e-2394-46ac-991f-8caa65e6538e&session_state=204843cd-5e1c-4206-8ed4-8f4a1aa32047 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationDenyAccessThenGrantAccess ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:09 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C42E.E4A4.3EC7.9360", "client_secret": "54d0b765-5583-4b8c-9076-7f6e3f255d0a", "registration_access_token": "1bc3cd78-8030-4b41-8afe-5befafce2cc5", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C42E.E4A4.3EC7.9360", "client_id_issued_at": 1510923129, "client_secret_expires_at": 1511009529, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C42E.E4A4.3EC7.9360&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7fcac365-c1af-43f8-aa35-68b83ecbb35f 07:52:09.398 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndDenyAccess: sessionId:e6c0b83b-035e-441f-890a-b63b700f570d ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C42E.E4A4.3EC7.9360&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7fcac365-c1af-43f8-aa35-68b83ecbb35f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=7fcac365-c1af-43f8-aa35-68b83ecbb35f authorizationRequestAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C42E.E4A4.3EC7.9360&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ca04172e-a9e3-4016-a3d6-c1898bf110ca&session_id=e6c0b83b-035e-441f-890a-b63b700f570d authorizationRequestAndDenyAccess: sessionState:null ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C42E.E4A4.3EC7.9360&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ca04172e-a9e3-4016-a3d6-c1898bf110ca&session_id=e6c0b83b-035e-441f-890a-b63b700f570d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=ca04172e-a9e3-4016-a3d6-c1898bf110ca authorizationRequestAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C42E.E4A4.3EC7.9360&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1b6dda2e-97f5-45bb-b441-2758ad0e7d77&session_id=e6c0b83b-035e-441f-890a-b63b700f570d authorizationRequestAndGrantAccess: sessionState:78ae70cc-e295-4567-8c93-c2477d2ec8a6 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C42E.E4A4.3EC7.9360&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1b6dda2e-97f5-45bb-b441-2758ad0e7d77&session_id=e6c0b83b-035e-441f-890a-b63b700f570d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=d5f04a31-2711-47dd-aebb-7fcab2dd906c&scope=address+openid+profile+email&session_id=e6c0b83b-035e-441f-890a-b63b700f570d&state=1b6dda2e-97f5-45bb-b441-2758ad0e7d77&session_state=78ae70cc-e295-4567-8c93-c2477d2ec8a6 ####################################################### TEST: requestAuthorizationIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:11 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBA0.16FD.F16C.8BF5", "client_secret": "b649312c-5a75-400c-9bcf-32f5f31bde93", "registration_access_token": "d416de6b-6429-4375-b450-f23142bcab65", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBA0.16FD.F16C.8BF5", "client_id_issued_at": 1510923131, "client_secret_expires_at": 1511009531, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer d416de6b-6429-4375-b450-f23142bcab65 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:12 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBA0.16FD.F16C.8BF5", "client_secret": "b649312c-5a75-400c-9bcf-32f5f31bde93", "registration_access_token": "d416de6b-6429-4375-b450-f23142bcab65", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBA0.16FD.F16C.8BF5", "client_id_issued_at": 1510923131, "client_secret_expires_at": 1511009531, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DBA0.16FD.F16C.8BF5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d369dcd1-525e-4243-986b-4680f34e33c5&nonce=ecd1cad8-b133-4678-b8c5-89d94115110d authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:12.204 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:93d1ca21-cf33-47ce-88d5-4daaa7d35cde ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DBA0.16FD.F16C.8BF5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d369dcd1-525e-4243-986b-4680f34e33c5&nonce=ecd1cad8-b133-4678-b8c5-89d94115110d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQkEwLjE2RkQuRjE2Qy44QkY1IiwiZXhwIjoxNTEwOTI2NzMzLCJpYXQiOjE1MTA5MjMxMzMsIm5vbmNlIjoiZWNkMWNhZDgtYjEzMy00Njc4LWI4YzUtODlkOTQxMTUxMTBkIiwiYXV0aF90aW1lIjoxNTEwOTIzMTMzLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.Gl28M8M8IDrIHr5dKcmjWw7Mv0YJmR0JwdAcsyh6sVQKS4GCwvxtcsRlg8joiJMfW1M2J5gAkycAm30iiI1leycYtKXddVtoPMZscMpYTFm82Zg7CnbVA_GHYELZ-7437SYc5H07qB-hceC3cig8dFQGai6LnIjonxY_yoZDnkaRQPGsCvNUODoWC-XJyolKxXY1NQ1BT4k5zX3IswUYik55t-jPnJYhMYWTSpHKDeaTqcCY_jEIPdCgT30g-TCSYsF_Uq_nhQut1WqHV1asuBLvMR64s4RhkvnEXBYjahvx89RGBO4-q93jnLVDWZYrhUaBacg636IwhFsGkClGSQ&session_id=90c234f8-33cc-45f0-807a-364dda568124&state=d369dcd1-525e-4243-986b-4680f34e33c5&session_state=93d1ca21-cf33-47ce-88d5-4daaa7d35cde ####################################################### TEST: requestAuthorizationIdTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:13 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!920D.390C.DBCE.A3AD", "client_secret": "c5791bc2-93e1-47f6-92e9-fbdfc4fde8dd", "registration_access_token": "27191e19-3369-4646-93af-eb96bfdbe9a1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!920D.390C.DBCE.A3AD", "client_id_issued_at": 1510923133, "client_secret_expires_at": 1511009533, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 27191e19-3369-4646-93af-eb96bfdbe9a1 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:13 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!920D.390C.DBCE.A3AD", "client_secret": "c5791bc2-93e1-47f6-92e9-fbdfc4fde8dd", "registration_access_token": "27191e19-3369-4646-93af-eb96bfdbe9a1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!920D.390C.DBCE.A3AD", "client_id_issued_at": 1510923133, "client_secret_expires_at": 1511009533, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21920D.390C.DBCE.A3AD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8d252181-fce3-4a46-ab30-f8947c6c205c&nonce=4e476751-1db1-47bc-a31d-4866fbb96ba9 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:14.078 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:1ccefdfd-f94b-49c7-8f4d-e0d91240dd75 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21920D.390C.DBCE.A3AD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8d252181-fce3-4a46-ab30-f8947c6c205c&nonce=4e476751-1db1-47bc-a31d-4866fbb96ba9 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MjBELjM5MEMuREJDRS5BM0FEIiwiZXhwIjoxNTEwOTI2NzM1LCJpYXQiOjE1MTA5MjMxMzUsIm5vbmNlIjoiNGU0NzY3NTEtMWRiMS00N2JjLWEzMWQtNDg2NmZiYjk2YmE5IiwiYXV0aF90aW1lIjoxNTEwOTIzMTM1LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.ErME8nwfg8fBEB8JdY15LkbDo2faB8BjsDIDOzXCOtKxSaiIFkGAUFmJE1DOTiPies_unQZ5LRpcTY9fm_L9W41PnizuqqSDiJ7l4cMHxYT9QRoDgNLQkTk8lW1Dwy1_YwHu-nj10bvMn__Gs68T-owH7uiFbeS2NozBWUB0s-yYoIPpkd-mchpZqSc_iS9uk8M2jgTksKSpB5b3iiMv5GgG1uLCCPOxWhH0FHoVb8bMUnqEPvrIUv05iNS01OhYzBJYp53cwBvVNJwSM6PtW3Cs8uGY1euwkno5bU3gjIh0gFpD-NQiB8hgJzsL12YqmshiCVZE00pUqLdQVz0jTA&session_id=e6c57b01-62a5-4e4b-a0fb-4e4e53e85616&state=8d252181-fce3-4a46-ab30-f8947c6c205c&session_state=1ccefdfd-f94b-49c7-8f4d-e0d91240dd75 ####################################################### TEST: requestAuthorizationPromptConsent ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:15 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E806.D20E.8ED1.D853", "client_secret": "515defad-2035-4b3b-b579-e37819b21f91", "registration_access_token": "dd19c176-ef5d-426c-8436-d47cbb6c0717", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E806.D20E.8ED1.D853", "client_id_issued_at": 1510923135, "client_secret_expires_at": 1511009535, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer dd19c176-ef5d-426c-8436-d47cbb6c0717 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:16 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E806.D20E.8ED1.D853", "client_secret": "515defad-2035-4b3b-b579-e37819b21f91", "registration_access_token": "dd19c176-ef5d-426c-8436-d47cbb6c0717", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E806.D20E.8ED1.D853", "client_id_issued_at": 1510923135, "client_secret_expires_at": 1511009535, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E806.D20E.8ED1.D853&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5409f049-5a37-40e8-bd63-a606e8f03851&prompt=consent authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:16.241 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:d0ecc604-00f1-412d-b5ad-d6c0c1898ced ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E806.D20E.8ED1.D853&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5409f049-5a37-40e8-bd63-a606e8f03851&prompt=consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b824aea2-414c-41bd-8ba8-aa9a5ddf863b&scope=address+openid+profile+email&session_id=9dc339a4-50be-424f-83ce-9178708f9c01&state=5409f049-5a37-40e8-bd63-a606e8f03851&session_state=d0ecc604-00f1-412d-b5ad-d6c0c1898ced ####################################################### TEST: requestAuthorizationPromptConsentTrustedClient ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:17 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1F85.A2AF.DF5F.07A7", "client_secret": "0afe0dcd-19f5-4a8c-9639-d690b67b498c", "registration_access_token": "414c6c6a-329a-4868-acea-6d85b0869663", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1F85.A2AF.DF5F.07A7", "client_id_issued_at": 1510923137, "client_secret_expires_at": 1511009537, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 414c6c6a-329a-4868-acea-6d85b0869663 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:17 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1F85.A2AF.DF5F.07A7", "client_secret": "0afe0dcd-19f5-4a8c-9639-d690b67b498c", "registration_access_token": "414c6c6a-329a-4868-acea-6d85b0869663", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1F85.A2AF.DF5F.07A7", "client_id_issued_at": 1510923137, "client_secret_expires_at": 1511009537, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211F85.A2AF.DF5F.07A7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9e0637f7-d5da-40c6-a066-d406ae4e83a9&prompt=consent authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:17.982 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:e32ced3f-f816-4e6a-8877-4af6b3e258f5 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211F85.A2AF.DF5F.07A7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9e0637f7-d5da-40c6-a066-d406ae4e83a9&prompt=consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=ceba832f-9612-4ee1-ace0-48a0dc627a47&scope=address+openid+profile+email&session_id=c1a7c7fc-27e9-4ab9-839f-49a414eb47dc&state=9e0637f7-d5da-40c6-a066-d406ae4e83a9&session_state=e32ced3f-f816-4e6a-8877-4af6b3e258f5 ####################################################### TEST: requestAuthorizationPromptLogin ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:19 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3298.4603.2794.DF95", "client_secret": "f1c71176-3f0c-418f-ad00-8d2bbe92e039", "registration_access_token": "427974e9-7062-46a6-b8a5-61f0025e655c", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3298.4603.2794.DF95", "client_id_issued_at": 1510923139, "client_secret_expires_at": 1511009539, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 427974e9-7062-46a6-b8a5-61f0025e655c ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:19 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3298.4603.2794.DF95", "client_secret": "f1c71176-3f0c-418f-ad00-8d2bbe92e039", "registration_access_token": "427974e9-7062-46a6-b8a5-61f0025e655c", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3298.4603.2794.DF95", "client_id_issued_at": 1510923139, "client_secret_expires_at": 1511009539, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213298.4603.2794.DF95&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf381795-4fe6-4645-8b4c-bf9d08b897b3&prompt=login authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:19.789 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:8af4beb5-c972-4322-80c6-47ed77959bc6 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213298.4603.2794.DF95&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf381795-4fe6-4645-8b4c-bf9d08b897b3&prompt=login ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=812b3771-5a85-43cc-8286-9a6f07cb571b&scope=address+openid+profile+email&session_id=d944a992-6f37-47a4-8a8d-4be53cd56b0d&state=bf381795-4fe6-4645-8b4c-bf9d08b897b3&session_state=8af4beb5-c972-4322-80c6-47ed77959bc6 ####################################################### TEST: requestAuthorizationPromptLoginConsent ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3071.BA1F.6FFD.C61E", "client_secret": "0198baba-bbc4-4a9a-b876-8a8bc5b37f35", "registration_access_token": "f78a5b55-991e-4dcd-9f55-95dfdda00d58", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3071.BA1F.6FFD.C61E", "client_id_issued_at": 1510923141, "client_secret_expires_at": 1511009541, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer f78a5b55-991e-4dcd-9f55-95dfdda00d58 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3071.BA1F.6FFD.C61E", "client_secret": "0198baba-bbc4-4a9a-b876-8a8bc5b37f35", "registration_access_token": "f78a5b55-991e-4dcd-9f55-95dfdda00d58", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3071.BA1F.6FFD.C61E", "client_id_issued_at": 1510923141, "client_secret_expires_at": 1511009541, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213071.BA1F.6FFD.C61E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47271616-effe-4c9e-b74d-b054720b82a2&prompt=login+consent authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:21.496 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:7e4ac3e5-ba1b-4966-9846-096872f8eb2c ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213071.BA1F.6FFD.C61E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47271616-effe-4c9e-b74d-b054720b82a2&prompt=login+consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=46466ac1-c88b-40de-a394-0b262bdc83ee&scope=address+openid+profile+email&session_id=4f6f921a-7c79-4e35-b7be-45af156f812e&state=47271616-effe-4c9e-b74d-b054720b82a2&session_state=7e4ac3e5-ba1b-4966-9846-096872f8eb2c ####################################################### TEST: requestAuthorizationPromptLoginConsentTrustedClient ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!71EC.1712.FF71.35C3", "client_secret": "80266fb8-a6d4-4adb-bb8b-6d23b636e059", "registration_access_token": "44f9b75a-060b-4cef-a10d-9ca8dbbbb457", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!71EC.1712.FF71.35C3", "client_id_issued_at": 1510923142, "client_secret_expires_at": 1511009542, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 44f9b75a-060b-4cef-a10d-9ca8dbbbb457 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!71EC.1712.FF71.35C3", "client_secret": "80266fb8-a6d4-4adb-bb8b-6d23b636e059", "registration_access_token": "44f9b75a-060b-4cef-a10d-9ca8dbbbb457", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!71EC.1712.FF71.35C3", "client_id_issued_at": 1510923142, "client_secret_expires_at": 1511009542, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2171EC.1712.FF71.35C3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=863a25ad-233e-4aa0-b7a9-377aecb26c75&prompt=login+consent authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:23.176 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:8fd26705-278d-4f6e-830c-2350683dda95 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2171EC.1712.FF71.35C3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=863a25ad-233e-4aa0-b7a9-377aecb26c75&prompt=login+consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b94d98d2-9781-4e0e-bcfb-d177732bcb77&scope=address+openid+profile+email&session_id=325fa09e-689a-41ed-a2bd-087085432ebe&state=863a25ad-233e-4aa0-b7a9-377aecb26c75&session_state=8fd26705-278d-4f6e-830c-2350683dda95 ####################################################### TEST: requestAuthorizationPromptNoneFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6259.7B9D.0643.037F", "client_secret": "542421d2-9c59-4af6-9f56-c2bdef9d6df2", "registration_access_token": "9ec4769a-6532-4bf3-af5a-bdd034ff630e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6259.7B9D.0643.037F", "client_id_issued_at": 1510923144, "client_secret_expires_at": 1511009544, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 9ec4769a-6532-4bf3-af5a-bdd034ff630e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6259.7B9D.0643.037F", "client_secret": "542421d2-9c59-4af6-9f56-c2bdef9d6df2", "registration_access_token": "9ec4769a-6532-4bf3-af5a-bdd034ff630e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6259.7B9D.0643.037F", "client_id_issued_at": 1510923144, "client_secret_expires_at": 1511009544, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216259.7B9D.0643.037F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=61b66e0b-f885-41c8-b8f5-165f9f921675&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:52:24 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+Authorization+Server+requires+End-User+authentication.+This+error+MAY+be+returned+when+the+prompt+parameter+in+the+Authorization+Request+is+set+to+none+to+request+that+the+Authorization+Server+should+not+display+any+user+interfaces+to+the+End-User%2C+but+the+Authorization+Request+cannot+be+completed+without+displaying+a+user+interface+for+user+authentication.&state=61b66e0b-f885-41c8-b8f5-165f9f921675&error=login_required Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationPromptLoginConsent ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2295.E39F.1169.3E63", "client_secret": "ba7e6210-2415-49da-84fe-ca5b07def35e", "registration_access_token": "543f859a-90a4-4fc7-8e85-36d43f91495e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2295.E39F.1169.3E63", "client_id_issued_at": 1510923144, "client_secret_expires_at": 1511009544, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 543f859a-90a4-4fc7-8e85-36d43f91495e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2295.E39F.1169.3E63", "client_secret": "ba7e6210-2415-49da-84fe-ca5b07def35e", "registration_access_token": "543f859a-90a4-4fc7-8e85-36d43f91495e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2295.E39F.1169.3E63", "client_id_issued_at": 1510923144, "client_secret_expires_at": 1511009544, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212295.E39F.1169.3E63&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=467a55b0-db9b-4222-ae92-198a9ef91b39&prompt=none+login+consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:52:25 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=467a55b0-db9b-4222-ae92-198a9ef91b39&error=invalid_request Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationPromptNoneTrustedClient ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6D7D.C8BC.E7E1.24A5", "client_secret": "80a01036-d11c-4197-9bb5-b7dfbcd26a04", "registration_access_token": "df38a510-919d-4d84-9854-7e437aadbc4a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6D7D.C8BC.E7E1.24A5", "client_id_issued_at": 1510923145, "client_secret_expires_at": 1511009545, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer df38a510-919d-4d84-9854-7e437aadbc4a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6D7D.C8BC.E7E1.24A5", "client_secret": "80a01036-d11c-4197-9bb5-b7dfbcd26a04", "registration_access_token": "df38a510-919d-4d84-9854-7e437aadbc4a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6D7D.C8BC.E7E1.24A5", "client_id_issued_at": 1510923145, "client_secret_expires_at": 1511009545, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216D7D.C8BC.E7E1.24A5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d81f9f36-2211-41e2-a0f8-757d6359d9d1&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:52:25 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=35542dc1-76cc-4985-b032-db07655bdfee&scope=address+openid+profile+email&session_id=256cb85b-c14c-48a4-b600-6cff5a6ea1c5&state=d81f9f36-2211-41e2-a0f8-757d6359d9d1&session_state=85d01dc0-b64e-4257-a3b4-eb67bb4c4781 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1410 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0E34.2691.580A.F7BC", "client_secret": "0017070f-0327-4545-8674-ada32497a19b", "registration_access_token": "6611d6c0-9549-42c4-afab-2086d0547851", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0E34.2691.580A.F7BC", "client_id_issued_at": 1510923145, "client_secret_expires_at": 1511009545, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 6611d6c0-9549-42c4-afab-2086d0547851 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1410 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0E34.2691.580A.F7BC", "client_secret": "0017070f-0327-4545-8674-ada32497a19b", "registration_access_token": "6611d6c0-9549-42c4-afab-2086d0547851", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0E34.2691.580A.F7BC", "client_id_issued_at": 1510923145, "client_secret_expires_at": 1511009545, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210E34.2691.580A.F7BC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=475a4f35-2b76-4068-a61a-e4c6659ae6b6&nonce=c62a7ea3-a562-469e-8ee4-00541207f4f5 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:25.894 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a4fb060d-8c79-4073-b41f-6ab96a7b3f45 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210E34.2691.580A.F7BC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=475a4f35-2b76-4068-a61a-e4c6659ae6b6&nonce=c62a7ea3-a562-469e-8ee4-00541207f4f5 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=cd3ebaca-6ed7-44c5-8497-128ed1a6183e&scope=address+openid+profile+email&session_id=244c35f5-408f-4f9c-afb1-8a859ac1b54a&state=475a4f35-2b76-4068-a61a-e4c6659ae6b6&token_type=bearer&session_state=a4fb060d-8c79-4073-b41f-6ab96a7b3f45&expires_in=299 ####################################################### TEST: requestAuthorizationTokenCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E5E6.3791.B471.EFE9", "client_secret": "c40345c8-7186-4d0f-85e3-a7cc1476823f", "registration_access_token": "fe62eb1c-eae2-4827-9df9-caee684dd870", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E5E6.3791.B471.EFE9", "client_id_issued_at": 1510923147, "client_secret_expires_at": 1511009547, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer fe62eb1c-eae2-4827-9df9-caee684dd870 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E5E6.3791.B471.EFE9", "client_secret": "c40345c8-7186-4d0f-85e3-a7cc1476823f", "registration_access_token": "fe62eb1c-eae2-4827-9df9-caee684dd870", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E5E6.3791.B471.EFE9", "client_id_issued_at": 1510923147, "client_secret_expires_at": 1511009547, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E5E6.3791.B471.EFE9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2cec7bf6-2bf3-4141-a765-5f1d341e7a35&nonce=9a398929-9b71-4585-b5d2-6f6cacec00e0 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:27.597 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:502b2389-778b-4b25-9e73-e26097667ffb ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E5E6.3791.B471.EFE9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2cec7bf6-2bf3-4141-a765-5f1d341e7a35&nonce=9a398929-9b71-4585-b5d2-6f6cacec00e0 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5d64b3fd-657a-4356-b919-eab1cc2e9fad&code=e8edf725-42da-4581-a0c3-02b36a7819ff&scope=address+openid+profile+email&session_id=4ed03cad-fd0b-4bc5-936d-150cda1dccde&state=2cec7bf6-2bf3-4141-a765-5f1d341e7a35&token_type=bearer&session_state=502b2389-778b-4b25-9e73-e26097667ffb&expires_in=299 ####################################################### TEST: requestAuthorizationTokenCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!69BB.6E09.F970.6784", "client_secret": "bc64eca1-25b5-4720-b99a-91fb6b5a6828", "registration_access_token": "580fa389-deee-4277-ad60-3d25e6eddf0a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!69BB.6E09.F970.6784", "client_id_issued_at": 1510923149, "client_secret_expires_at": 1511009549, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 580fa389-deee-4277-ad60-3d25e6eddf0a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!69BB.6E09.F970.6784", "client_secret": "bc64eca1-25b5-4720-b99a-91fb6b5a6828", "registration_access_token": "580fa389-deee-4277-ad60-3d25e6eddf0a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!69BB.6E09.F970.6784", "client_id_issued_at": 1510923149, "client_secret_expires_at": 1511009549, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2169BB.6E09.F970.6784&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f48e4fe6-1c69-4d34-a04f-f5915f971074&nonce=9668e426-405b-4ea5-b776-84e92aa7a644 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:29.280 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:dae1a692-5472-4a11-86e9-b976365b8812 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2169BB.6E09.F970.6784&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f48e4fe6-1c69-4d34-a04f-f5915f971074&nonce=9668e426-405b-4ea5-b776-84e92aa7a644 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=6bb643cf-775b-4695-a5b2-e70c485d7630&code=56966134-89e4-4601-a735-f75808cb141d&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2OUJCLjZFMDkuRjk3MC42Nzg0IiwiZXhwIjoxNTEwOTI2NzUwLCJpYXQiOjE1MTA5MjMxNTAsIm5vbmNlIjoiOTY2OGU0MjYtNDA1Yi00ZWE1LWI3NzYtODRlOTJhYTdhNjQ0IiwiYXV0aF90aW1lIjoxNTEwOTIzMTUwLCJjX2hhc2giOiJQR1dfYVBESkRyYVdGR0MxRUxOei1BIiwiYXRfaGFzaCI6ImE0ZVloU2FzV1FhS3ZiOEwwOGVJT0EiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.GiaAgEdi789S2868NtrWMStCMJ3403kMrbRi-RmporBhrSBCmYDKQCEu6XIvnGbPhRCRs6950MbxNXRiPwEnZx5d2JSd-__BO-Xj8w_1fyW29DLjH2x9S2dQcUckTlKv5f0MutgngPvacVxYY3NW7tYVZJAqdyGearMgM7qe1nyvAt9dgfcfYvz2g7egwi8_FOtcYVDq4GYHIPZVkVdE6W-IsAgqqb-PqVLQdbJzxjQq_gcoQ27TN81wG-gMMdR8FbK09UMNFY0vv54dvdBLLhxXi1cfuaqJp1S4OcTH7t8jZ9iD7QzMliAjCnEhwK9T_UXvEddsVd5hiwMBDNSzJw&session_id=6e8feddc-8840-4b2c-aefc-ed9290d5772c&state=f48e4fe6-1c69-4d34-a04f-f5915f971074&token_type=bearer&session_state=dae1a692-5472-4a11-86e9-b976365b8812&expires_in=299 ####################################################### TEST: requestAuthorizationTokenCodeIdTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:30 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C25.3242.C171.7AD8", "client_secret": "332a961a-6eaa-49f6-bfdd-fa6c147e2b03", "registration_access_token": "3983b960-2c19-49c9-9552-6fb5014faace", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C25.3242.C171.7AD8", "client_id_issued_at": 1510923150, "client_secret_expires_at": 1511009550, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 3983b960-2c19-49c9-9552-6fb5014faace ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:30 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C25.3242.C171.7AD8", "client_secret": "332a961a-6eaa-49f6-bfdd-fa6c147e2b03", "registration_access_token": "3983b960-2c19-49c9-9552-6fb5014faace", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C25.3242.C171.7AD8", "client_id_issued_at": 1510923150, "client_secret_expires_at": 1511009550, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219C25.3242.C171.7AD8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c44aa78-c321-49ff-983f-635e233e5851&nonce=ab2c4c13-c3e5-47cc-97b0-c93b3c097f85 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:31.103 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:eb7aa78d-bcd8-4d6b-acac-88aefe3f340c ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219C25.3242.C171.7AD8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c44aa78-c321-49ff-983f-635e233e5851&nonce=ab2c4c13-c3e5-47cc-97b0-c93b3c097f85 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=4def1119-8374-4622-9af8-3f08c0531a02&code=83377121-a311-42ba-8674-e39e2f08edb0&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QzI1LjMyNDIuQzE3MS43QUQ4IiwiZXhwIjoxNTEwOTI2NzUyLCJpYXQiOjE1MTA5MjMxNTIsIm5vbmNlIjoiYWIyYzRjMTMtYzNlNS00N2NjLTk3YjAtYzkzYjNjMDk3Zjg1IiwiYXV0aF90aW1lIjoxNTEwOTIzMTUxLCJjX2hhc2giOiJWQmxFd1RnSDVhT0VfR0l4UHlmbFpRIiwiYXRfaGFzaCI6IlMxVlNaR05QQjJyd2R6a1dPWDBSR1EiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxOWlIYTl1V0c2bWtLd0k5Rk5tRTlrNFlfWVFabFVnZUg1Wm8tdUw1bWNVIn0.rNyrYMWhoMiyk4GV18tVWXWvVoaf5tiV6WNy8Skp1uc0LxcdGxrChjJ63O1tEtMIy8JrwJGM4xQIXvnVNrxRcsNuNAYOF2uY38uDkw4PWae3vaLLHIV-ielGuW1CEaOxzuNRQFE8KZW5hfGtRlaSizrUcXmjGEml_y6493xKjbE4KEFi4SSwvOwUg9H0DGFvfSUpOhR8kRhhy8Q10h6LdV8ZVuWEIB6MEjNzh9VTr1kAV3rmSXfbetopv5bIOhskN4dwP8Yk1ES8VEPa8radvkbEWYHP4Y26-SIjQ-P6wUjrrGwiU-9quAMJPehMezEi-4k-uAsGewGHW49JJsLtcQ&session_id=ec1c218c-ccc7-4092-973d-9e1e80571903&state=0c44aa78-c321-49ff-983f-635e233e5851&token_type=bearer&session_state=eb7aa78d-bcd8-4d6b-acac-88aefe3f340c&expires_in=299 ####################################################### TEST: requestAuthorizationTokenCodeUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:32 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E785.9FD6.8587.5EB2", "client_secret": "daedbf5b-8826-44e4-b3f3-1f7e26b4828a", "registration_access_token": "c0d63b19-bed5-48d4-a737-16172ddf3209", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E785.9FD6.8587.5EB2", "client_id_issued_at": 1510923152, "client_secret_expires_at": 1511009552, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer c0d63b19-bed5-48d4-a737-16172ddf3209 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1509 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:32 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E785.9FD6.8587.5EB2", "client_secret": "daedbf5b-8826-44e4-b3f3-1f7e26b4828a", "registration_access_token": "c0d63b19-bed5-48d4-a737-16172ddf3209", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E785.9FD6.8587.5EB2", "client_id_issued_at": 1510923152, "client_secret_expires_at": 1511009552, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E785.9FD6.8587.5EB2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47ef32c5-f1c1-4bc6-b7c0-2c849e51bf36&nonce=dc3e5d15-bb1a-4e4c-9359-ad6f4215db8a authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:32.826 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:60458a22-037d-4238-9ce4-d13decfd141a ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E785.9FD6.8587.5EB2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47ef32c5-f1c1-4bc6-b7c0-2c849e51bf36&nonce=dc3e5d15-bb1a-4e4c-9359-ad6f4215db8a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=c228dec0-7f63-4f4d-a988-73417aced55a&code=a5e35972-ff09-4b32-a398-4a1fece71d2e&scope=address+openid+profile+email&session_id=f732ce6c-ee1e-449a-a902-c16ec8a155e0&state=47ef32c5-f1c1-4bc6-b7c0-2c849e51bf36&token_type=bearer&session_state=60458a22-037d-4238-9ce4-d13decfd141a&expires_in=299 ####################################################### TEST: requestAuthorizationTokenFail1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=token&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=66a1f096-f332-4a0e-aa74-f3dd47396383 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 222 Content-Type: text/plain Date: Fri, 17 Nov 2017 12:52:34 GMT Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.","state":"66a1f096-f332-4a0e-aa74-f3dd47396383"} ####################################################### TEST: requestAuthorizationTokenFail2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1410 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3381.5C0E.39D2.B9E8", "client_secret": "3c47aa27-215e-4782-86e3-5f117be1ee2e", "registration_access_token": "a2d41eb3-020c-4dc3-be34-0dcf089d6e1d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3381.5C0E.39D2.B9E8", "client_id_issued_at": 1510923154, "client_secret_expires_at": 1511009554, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer a2d41eb3-020c-4dc3-be34-0dcf089d6e1d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1410 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3381.5C0E.39D2.B9E8", "client_secret": "3c47aa27-215e-4782-86e3-5f117be1ee2e", "registration_access_token": "a2d41eb3-020c-4dc3-be34-0dcf089d6e1d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3381.5C0E.39D2.B9E8", "client_id_issued_at": 1510923154, "client_secret_expires_at": 1511009554, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213381.5C0E.39D2.B9E8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=715cd54e-e682-475d-9842-285c6a3b6d5e&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:52:34 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=715cd54e-e682-475d-9842-285c6a3b6d5e&error=invalid_request Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationTokenIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!323D.D612.9709.2294", "client_secret": "2d4a9308-1c86-4e4e-9d14-35861494d249", "registration_access_token": "0e9ac22b-ff91-4cbe-b24b-8068b2c26bca", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!323D.D612.9709.2294", "client_id_issued_at": 1510923154, "client_secret_expires_at": 1511009554, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 0e9ac22b-ff91-4cbe-b24b-8068b2c26bca ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!323D.D612.9709.2294", "client_secret": "2d4a9308-1c86-4e4e-9d14-35861494d249", "registration_access_token": "0e9ac22b-ff91-4cbe-b24b-8068b2c26bca", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!323D.D612.9709.2294", "client_id_issued_at": 1510923154, "client_secret_expires_at": 1511009554, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21323D.D612.9709.2294&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f42ebee4-0f59-4137-a6ca-b221b9bd78a0&nonce=f4753cdb-f681-4dc0-8f75-6fd316382ba2 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:35.002 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:175be91b-957a-49a3-ad87-38a3a57f68bf ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21323D.D612.9709.2294&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f42ebee4-0f59-4137-a6ca-b221b9bd78a0&nonce=f4753cdb-f681-4dc0-8f75-6fd316382ba2 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=f18fc397-3538-485f-b69d-a86c7c49c225&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzMjNELkQ2MTIuOTcwOS4yMjk0IiwiZXhwIjoxNTEwOTI2NzU2LCJpYXQiOjE1MTA5MjMxNTYsIm5vbmNlIjoiZjQ3NTNjZGItZjY4MS00ZGMwLThmNzUtNmZkMzE2MzgyYmEyIiwiYXV0aF90aW1lIjoxNTEwOTIzMTU1LCJhdF9oYXNoIjoiNmdlUmdlSnFQLVl5aW1Mdk1Ea281USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.HM3lzPMlwy_VYc_qyl5TSO980WASi_rFEitR9grYn4sMYBuDJ46_dzP9pMQ7sulERJAHLtw6jFLph7hZNlqFcy-HVDSu6ZwMQ1HADjbfFBkRI8fv9I14C56Uo4DGe9M8A3PWtReucGXS7GW3U1trLOAecDP9gv-TYY2RLiM781mLI3eRvbX7V72ZCWD4YjHNa7GRp65WOk0wpkV_3bzUQSeblNSU0rNR54GJhRlCJCFAJkskr32lHxuO5nDLUg8ipPDmfz8Sh2wrFm-nrU7a9WypTgVm2EWmvDgveSQU97jdyFK1YdbAEVArkr4zW42mU9V1RbotcB7fne-QCQ8lVw&session_id=c39c1b16-8cb7-4bad-92a4-cc68b181ec74&state=f42ebee4-0f59-4137-a6ca-b221b9bd78a0&token_type=bearer&session_state=175be91b-957a-49a3-ad87-38a3a57f68bf&expires_in=299 ####################################################### TEST: requestAuthorizationTokenIdTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0360.3016.45A5.72CE", "client_secret": "7e92104c-1830-4ae1-b795-1d0254b2bf45", "registration_access_token": "854448ab-95cc-4ecc-b9af-a637ffbce82d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0360.3016.45A5.72CE", "client_id_issued_at": 1510923156, "client_secret_expires_at": 1511009556, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 854448ab-95cc-4ecc-b9af-a637ffbce82d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0360.3016.45A5.72CE", "client_secret": "7e92104c-1830-4ae1-b795-1d0254b2bf45", "registration_access_token": "854448ab-95cc-4ecc-b9af-a637ffbce82d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0360.3016.45A5.72CE", "client_id_issued_at": 1510923156, "client_secret_expires_at": 1511009556, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210360.3016.45A5.72CE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=82a10ec1-490d-4334-b887-0674a277bcae&nonce=930b3252-256e-48ac-ba89-ab0cb1204df7 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:36.840 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:7dce6f22-14db-4645-89b2-48c2b237bcb8 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210360.3016.45A5.72CE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=82a10ec1-490d-4334-b887-0674a277bcae&nonce=930b3252-256e-48ac-ba89-ab0cb1204df7 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=33fd4a94-c83e-4706-9886-45fb325e1cd7&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwMzYwLjMwMTYuNDVBNS43MkNFIiwiZXhwIjoxNTEwOTI2NzU4LCJpYXQiOjE1MTA5MjMxNTgsIm5vbmNlIjoiOTMwYjMyNTItMjU2ZS00OGFjLWJhODktYWIwY2IxMjA0ZGY3IiwiYXV0aF90aW1lIjoxNTEwOTIzMTU3LCJhdF9oYXNoIjoiUmowaXRGbVU3cnllc2t3WGxSR1lVQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.PkcA-vp8bs5wGTQR7uUCTtBgalBbuELvKP5xk0n68ykF_7Wz1U0rkrH0nyKgk1kovU5yT9tHschh8TpulwBls3NfJJxmzxKINPHaX9ROmjv5o7XttTk8IZybp9oMAem4xI4aXpKMv5S454R7Rlj4QDTHa5qJnDPcUqIL-zvQhdCd5w42Kn7jjtFEL7BgHUZAmeE2ALr5HhPQsqVAd0UA0JCjEp7b1GmDgRP064zpqb95ROILEMHcMfZQxHkyMmdwEge9ndgvuC1g5wcfaByZoqeFFtSmdFU92mYb4rG-PPlw3pfKV2HleCX7rOmRfkTh5yVhEAnZLYTPmWHXu0UQWQ&session_id=a1548480-2233-4164-b828-b6e21ba2b6b4&state=82a10ec1-490d-4334-b887-0674a277bcae&token_type=bearer&session_state=7dce6f22-14db-4645-89b2-48c2b237bcb8&expires_in=299 ####################################################### TEST: requestAuthorizationTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1410 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2D13.629E.13C8.E053", "client_secret": "42f01e3f-96f9-4675-8f81-cb3182d01f75", "registration_access_token": "43edf3ba-8386-467e-8264-4dbbe0a75084", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2D13.629E.13C8.E053", "client_id_issued_at": 1510923158, "client_secret_expires_at": 1511009558, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 43edf3ba-8386-467e-8264-4dbbe0a75084 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1410 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2D13.629E.13C8.E053", "client_secret": "42f01e3f-96f9-4675-8f81-cb3182d01f75", "registration_access_token": "43edf3ba-8386-467e-8264-4dbbe0a75084", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2D13.629E.13C8.E053", "client_id_issued_at": 1510923158, "client_secret_expires_at": 1511009558, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212D13.629E.13C8.E053&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0a62ddb4-7c95-407d-8662-03899fe9a8ca&nonce=4ccf70fb-3a5f-44a8-ac7a-82f2080efdd4 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:38.633 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:bfd5648b-813b-4b33-8bfc-9fe64828b3ba ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212D13.629E.13C8.E053&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0a62ddb4-7c95-407d-8662-03899fe9a8ca&nonce=4ccf70fb-3a5f-44a8-ac7a-82f2080efdd4 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=6f72ab52-4298-4b7e-aae9-68e65a93617e&scope=address+openid+profile+email&session_id=cd7444ec-8051-415c-91bd-8a2ec8af1586&state=0a62ddb4-7c95-407d-8662-03899fe9a8ca&token_type=bearer&session_state=bfd5648b-813b-4b33-8bfc-9fe64828b3ba&expires_in=299 ####################################################### TEST: requestAuthorizationWithoutScope ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:40 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5E0A.D8F9.B266.1B2D", "client_secret": "1f36fcca-021b-4f0c-9975-c735ac08d606", "registration_access_token": "fd11a9da-4bfa-4955-ba62-66eecd618368", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5E0A.D8F9.B266.1B2D", "client_id_issued_at": 1510923160, "client_secret_expires_at": 1511009560, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer fd11a9da-4bfa-4955-ba62-66eecd618368 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1529 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:40 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5E0A.D8F9.B266.1B2D", "client_secret": "1f36fcca-021b-4f0c-9975-c735ac08d606", "registration_access_token": "fd11a9da-4bfa-4955-ba62-66eecd618368", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5E0A.D8F9.B266.1B2D", "client_id_issued_at": 1510923160, "client_secret_expires_at": 1511009560, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215E0A.D8F9.B266.1B2D&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8ece9893-1db3-44ff-a555-0d199c5101c4&nonce=9dae471b-190b-4861-b3ff-d79c9e4c0401 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:40.336 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:239c2f37-2eb8-4346-8ea9-ec08c2bc80ad ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215E0A.D8F9.B266.1B2D&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8ece9893-1db3-44ff-a555-0d199c5101c4&nonce=9dae471b-190b-4861-b3ff-d79c9e4c0401 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=43bed874-9bc0-4f55-a486-6400b9c21661&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1RTBBLkQ4RjkuQjI2Ni4xQjJEIiwiZXhwIjoxNTEwOTI2NzYxLCJpYXQiOjE1MTA5MjMxNjEsIm5vbmNlIjoiOWRhZTQ3MWItMTkwYi00ODYxLWIzZmYtZDc5YzllNGMwNDAxIiwiYXV0aF90aW1lIjoxNTEwOTIzMTYxLCJjX2hhc2giOiJTYlpfSHlWY3VDbDdocG9BdVdJSnRRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.TutZoGeMOxlu31-Jq0zO1a96H9hVlf4J6c9sBOQe80oBYw5DCmqh_rdf35onufoJW1tyqCdjTanRTbBgxn07qp5OCjs-y5Eb9EjcJvoAOuFPbnZqYosfrVTkk0yvFwnWjL8grrgi2izAYP3YoNYaYXc0s7Ss6ah5MuDOe9bDWsKtmaydT6eavkFC-4NvXHI9jQgQPYyT4K2A6H1nlLsqug26NNluCFvZdWUS-zgiLVLOia-CzqrUtcVsbuuovd1b1CppQYWu9lGHa8gzwz0J2pHbbw00GRP4ojGJ3CCbfaR-jV2Rq0KHGLi-ySUn6JTgx2tk-_BfDutsap7H0Mh-FA&session_id=18742d58-6aef-436f-a75d-19e152373934&state=8ece9893-1db3-44ff-a555-0d199c5101c4&session_state=239c2f37-2eb8-4346-8ea9-ec08c2bc80ad ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:41 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:41 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: requestSessionIdAuthorizationCode1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0217.F96E.0025.5A62", "client_secret": "b2b46b4d-cbff-4bc8-a9a0-b22f5efb71b0", "registration_access_token": "91a6beff-03d0-4e9f-8da9-5f2ab3aef434", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0217.F96E.0025.5A62", "client_id_issued_at": 1510923161, "client_secret_expires_at": 1511009561, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 91a6beff-03d0-4e9f-8da9-5f2ab3aef434 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:42 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0217.F96E.0025.5A62", "client_secret": "b2b46b4d-cbff-4bc8-a9a0-b22f5efb71b0", "registration_access_token": "91a6beff-03d0-4e9f-8da9-5f2ab3aef434", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0217.F96E.0025.5A62", "client_id_issued_at": 1510923161, "client_secret_expires_at": 1511009561, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210217.F96E.0025.5A62&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a11bee30-4474-44c9-8007-ffda25bb2524 07:52:42.242 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] waitForResourceOwnerAndGrantLoginForm: sessionState:995eeb0f-a6db-441b-850c-b32b7b6fd7f7 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210217.F96E.0025.5A62&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a11bee30-4474-44c9-8007-ffda25bb2524 authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210217.F96E.0025.5A62&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e2e14d26-56be-49b3-ac38-693c6fa5b113 07:52:42.436 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:9c79db1e-cdf4-49bf-ad32-982240207a8e ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210217.F96E.0025.5A62&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e2e14d26-56be-49b3-ac38-693c6fa5b113 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=33888f62-bd83-4bbc-a138-d2094ec06b0a&scope=address+openid+profile+email&session_id=2ce6ee37-b914-4e84-9d4b-933d636c6ab9&state=e2e14d26-56be-49b3-ac38-693c6fa5b113&session_state=9c79db1e-cdf4-49bf-ad32-982240207a8e ####################################################### TEST: requestSessionIdAuthorizationCode2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:43 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7714.D801.E423.F326", "client_secret": "db79fd5a-29e1-437c-b123-8b79b51d5f6d", "registration_access_token": "b44218f8-bc87-4adf-8203-7ee85ac8e2d7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7714.D801.E423.F326", "client_id_issued_at": 1510923163, "client_secret_expires_at": 1511009563, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer b44218f8-bc87-4adf-8203-7ee85ac8e2d7 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:44 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7714.D801.E423.F326", "client_secret": "db79fd5a-29e1-437c-b123-8b79b51d5f6d", "registration_access_token": "b44218f8-bc87-4adf-8203-7ee85ac8e2d7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7714.D801.E423.F326", "client_id_issued_at": 1510923163, "client_secret_expires_at": 1511009563, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217714.D801.E423.F326&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0fe05767-2ad7-4dcd-b5cb-f5c1cbf21adc 07:52:44.141 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] waitForResourceOwnerAndGrantLoginForm: sessionState:4821d986-feb4-4004-a189-ef449d5608da ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217714.D801.E423.F326&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0fe05767-2ad7-4dcd-b5cb-f5c1cbf21adc authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217714.D801.E423.F326&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c6efab1-4842-4f09-896d-be33198b8010 07:52:44.440 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:04b12df9-7311-4f42-bd1f-a6e3df7997c7 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217714.D801.E423.F326&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c6efab1-4842-4f09-896d-be33198b8010 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=46f87305-ee74-49e9-82be-07b7ec3a6365&scope=address+openid+profile+email&session_id=1102f259-bf29-421a-af20-74d871008827&state=0c6efab1-4842-4f09-896d-be33198b8010&session_state=04b12df9-7311-4f42-bd1f-a6e3df7997c7 ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:45 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:45 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: requestClientRegistrationWithCustomAttributes ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token", "id_token" ], "grant_types": ["password"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true", "myCustomAttr1": "f1b2f67f-0c33-49ec-b02c-c204b3722aae" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1549 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DDB0.EBF6.D39B.0470", "client_secret": "51d9e593-093d-4179-a204-f065e32875de", "registration_access_token": "30d48bbd-6bf7-4a59-8189-c6512703b671", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DDB0.EBF6.D39B.0470", "client_id_issued_at": 1510923166, "client_secret_expires_at": 1511009566, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "code", "token" ], "grant_types": [ "implicit", "refresh_token", "authorization_code", "password" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ####################################################### TEST: requestAccessTokenCustomClientAuth1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DDB0.EBF6.D39B.0470&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=223576fe-3b48-4221-a757-0b1a33c21bdf&nonce=ea05dbdd-6c89-41d1-83f3-0d7107421f64&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Fri, 17 Nov 2017 12:52:46 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=ed0a3766-fd60-4581-bd89-17a346c7ce0b&scope=address+openid+profile+email&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEREIwLkVCRjYuRDM5Qi4wNDcwIiwiZXhwIjoxNTEwOTI2NzY2LCJpYXQiOjE1MTA5MjMxNjYsIm5vbmNlIjoiZWEwNWRiZGQtNmM4OS00MWQxLTgzZjMtMGQ3MTA3NDIxZjY0IiwiYXV0aF90aW1lIjoxNTEwOTIzMTY2LCJjX2hhc2giOiI0N3ZvY1N5X2JBaVlHZUxnTzlrT0NBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMTlpSGE5dVdHNm1rS3dJOUZObUU5azRZX1lRWmxVZ2VINVpvLXVMNW1jVSJ9.Z0sTocPkbZjMHNI_awFQ-M8PIuVYvzzuEGfdtCCvh0Umh1cDdIokQxCgG-e5P49_yy-j-zufNzgaQBfY3pn7saY4LwyOhsivGDuS_HFE4DlAQTUx-kj0S_EgToUVa80Bod30EXb95zCrKM2Vg6le_6yaM78USnRI7WyF61y5Hu89j50AJviv95Hggt50D_yFnjhL6TD0rVKhxtwjPwS-lPZSAnXQ6IZWoTJyDqYrzjfowYX3-wW5iD0a3d4ZkddXrUiTZtf3YZIJq1Oc3Ta5rNNAaDQ0JRSoxfcFkOPxWEtVVtYkmH1C5AAVNFhfwj0utLNF8oeBY-cPHFt77KvnUw&session_id=dc5644e4-ac0d-40cc-842a-d078e9d2995d&state=223576fe-3b48-4221-a757-0b1a33c21bdf&session_state=4640c365-cba8-45e9-94ad-1429403044ab Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=authorization_code&code=ed0a3766-fd60-4581-bd89-17a346c7ce0b&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&myCustomAttr1=f1b2f67f-0c33-49ec-b02c-c204b3722aae ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"1ffdd1ed-8108-4a9c-a920-9cab16889f3d","token_type":"bearer","expires_in":299,"refresh_token":"486e0fa7-db35-4360-97fd-a51bbaa10350","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEREIwLkVCRjYuRDM5Qi4wNDcwIiwiZXhwIjoxNTEwOTI2NzY2LCJpYXQiOjE1MTA5MjMxNjYsIm5vbmNlIjoiZWEwNWRiZGQtNmM4OS00MWQxLTgzZjMtMGQ3MTA3NDIxZjY0IiwiYXV0aF90aW1lIjoxNTEwOTIzMTY2LCJhdF9oYXNoIjoiZzEySDZmTV9od1FzSTk1QkNWYkFmUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.KGZ1XBAq1mGrD6v4FHo63w5JK__yyOvs5EAiIuoxgeXDpOV9a5s71W6uRLMcEwU8mteIWQ_wx6p25hzwBe-_ajJZOuNbv5-DQMxDw__x5yUpXyJSQMjGXJu4Gp8Kkl2cMVGpagsV8jCNxWK4es6FIhb9FWBVjlNmjazCZ1oIf46gU_P4vB3_UUAcbtNKZuOlfntfZ8n-6RAiJ-N1u5qgcreM3J0OLPCNW03jQ-dHGdhC9eDmW_5AqF2RF9Ys9ZDm9v2-hCGA9DJwoBCL9afh7O_k2HvEqEi-aD4DNI9d777JroUvC6EP4YhLlT5DMT5NW_iBZc0nVQOggRJtTv0Pvg"} ####################################################### TEST: requestAccessTokenCustomClientAuth2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=password&scope=openid&username=test_user&password=test_user_password&myCustomAttr1=f1b2f67f-0c33-49ec-b02c-c204b3722aae ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 934 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"ed32ac0b-478d-4a37-90ec-da598ee036bb","token_type":"bearer","expires_in":299,"refresh_token":"7c2abafd-d2b1-4869-97f0-c2b08c29595b","scope":"openid","id_token":"eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEREIwLkVCRjYuRDM5Qi4wNDcwIiwiZXhwIjoxNTEwOTI2NzY2LCJpYXQiOjE1MTA5MjMxNjYsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.HNPWrFahFJtC1-TcfRLkIBtxfJyvZxxXgNqZ6UIQAUTsSrgngXQXEVIBneRVFp1lsJz_NEy5VZPj2Ivjo-RP1zDum662m9dZ4F5yt0AwlDnQsjCnd9MhXfCJwP1g3LqPDJdvhhN_steP6cL8Fa5kcH1Yptt5d5DYjg7BkVhZSXDUDx25p22R8AlsJkLicAhbYxMX36NX5K46Q7eaUH-DNvXFoSTMr-78CRLRMO4FH8hKsjzb0FMKMQoQ65ZSv0qP-e_TutpIxn9pmg1tUMokUN42RKAA3Qi3HgUEdeBztrEcl6Q5Z5cKI96fBKckkWludvLKVLFhOONykUvwJCYrRQ"} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:46 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:46 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: clientSecretBasicAuthenticationMethod ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_basic", "scopes": [ "openid", "profile", "address", "email", "clientinfo" ] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1269 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7C28.542F.E1FA.9310", "client_secret": "19b7761b-2f7d-46e6-89e1-f5b541025cf1", "registration_access_token": "f51d68d7-d6ab-4476-b6ab-9346f96529bf", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7C28.542F.E1FA.9310", "client_id_issued_at": 1510923166, "client_secret_expires_at": 1511009566, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "openid", "profile", "address", "email", "clientinfo" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghN0MyOC41NDJGLkUxRkEuOTMxMDoxOWI3NzYxYi0yZjdkLTQ2ZTYtODllMS1mNWI1NDEwMjVjZjE= grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"ddd50532-6d3e-47ec-8ff0-11a988d0f041","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 412 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7C28.542F.E1FA.9310","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["openid","profile","address","email","clientinfo"]} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer ddd50532-6d3e-47ec-8ff0-11a988d0f041 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 403 Connection: Keep-Alive Content-Length: 126 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token."} ####################################################### TEST: clientSecretBasicAuthenticationMethodFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_basic", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1227 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!673B.65B6.8E22.7909", "client_secret": "e5d60151-d9ef-4f13-89be-1dc1ca34aef1", "registration_access_token": "de005781-244b-49b1-8625-4582a9af8f26", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!673B.65B6.8E22.7909", "client_id_issued_at": 1510923167, "client_secret_expires_at": 1511009567, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjczQi42NUI2LjhFMjIuNzkwOTpJTlZBTElEX0NMSUVOVF9TRUNSRVQ= grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1180 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9BD6.9CB4.56AD.08D6", "client_secret": "1d3bab4c-ffe8-48e3-bf39-a350941a41bf", "registration_access_token": "44330b32-6a07-476e-a1a7-8c1a2eb712af", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9BD6.9CB4.56AD.08D6", "client_id_issued_at": 1510923167, "client_secret_expires_at": 1511009567, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QkQ2LjlDQjQuNTZBRC4wOEQ2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOUJENi45Q0I0LjU2QUQuMDhENiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjZiMDc2ODYtZWRkNy00NWQ2LWJmY2UtZGE1MGY2NGY5MmJlIiwiZXhwIjoxNTEwOTIzNDY3LCJpYXQiOjE1MTA5MjMxNjd9.FVfMfDUogQJwU-Y59aoj7xI1nG3g_OhI1KAH7ZRgXlY ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"19d19f30-03a6-4e83-9415-14e42e878234","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9BD6.9CB4.56AD.08D6","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS256Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1225 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A8C.4E7E.155D.70DE", "client_secret": "2203d263-6f88-49b3-9a97-696e57fbab5b", "registration_access_token": "294f2be8-1917-4dcc-a96c-1eaf001f5e8a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A8C.4E7E.155D.70DE", "client_id_issued_at": 1510923167, "client_secret_expires_at": 1511009567, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QThDLjRFN0UuMTU1RC43MERFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghN0E4Qy40RTdFLjE1NUQuNzBERSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZGY4ZjM3M2YtZmQwNy00ZTZhLTg3N2ItYzI3ODIwNzdlMjgzIiwiZXhwIjoxNTEwOTIzNDY3LCJpYXQiOjE1MTA5MjMxNjd9.HieFoK76aWpgIfxBQp9zLr-JDtHwH2H0X3bbvMYM8Rc ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1180 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C8C.F164.FEBB.ABA3", "client_secret": "9fc8cd4b-809f-435e-bd6b-e44b2a99b132", "registration_access_token": "b66fc3de-d4b3-4208-af3b-bfeb128b860b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C8C.F164.FEBB.ABA3", "client_id_issued_at": 1510923167, "client_secret_expires_at": 1511009567, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QzhDLkYxNjQuRkVCQi5BQkEzIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOUM4Qy5GMTY0LkZFQkIuQUJBMyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiODM2ODVhZDgtODZlMC00Y2Y3LTkyNDItZGFmNDVlNTM2NzczIiwiZXhwIjoxNTEwOTIzNDY3LCJpYXQiOjE1MTA5MjMxNjd9.P_BNsPquTLADw7t4QCEV9unJ20FzVkDKDX8rCFw7rCDebDtV6iaL7Ovf_Y2lUQG7 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"bd8b1cdd-b5f2-4e3f-8888-a15dbe762ebf","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C8C.F164.FEBB.ABA3","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS384Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1225 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F67B.55AF.E9CD.47B6", "client_secret": "3021c698-e6f3-4347-8ece-19915495130b", "registration_access_token": "8b4febc6-dd72-48c9-b1a9-9a264cc8411a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F67B.55AF.E9CD.47B6", "client_id_issued_at": 1510923168, "client_secret_expires_at": 1511009568, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNjdCLjU1QUYuRTlDRC40N0I2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjY3Qi41NUFGLkU5Q0QuNDdCNiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZTRiMzJmMjItNmM1YS00M2ZjLTg0ZmQtYTYwYzcxMzg4ZGEzIiwiZXhwIjoxNTEwOTIzNDY4LCJpYXQiOjE1MTA5MjMxNjh9.z3J682umrLE6tUkEhqvHxLXZxlqd23xcohkrMlgi-9UaYQpYDzgR1Xze7IFK716R ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1180 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6FF4.593D.3B10.9690", "client_secret": "337fc42c-8af4-404e-bf9a-6453ab6d8997", "registration_access_token": "8e938011-e25a-4c55-9ef6-495d0740b878", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6FF4.593D.3B10.9690", "client_id_issued_at": 1510923168, "client_secret_expires_at": 1511009568, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2RkY0LjU5M0QuM0IxMC45NjkwIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNkZGNC41OTNELjNCMTAuOTY5MCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjUyNDI0N2UtNjRhYy00ZjliLWExNGYtNWRkNWVlMGE1YzY4IiwiZXhwIjoxNTEwOTIzNDY4LCJpYXQiOjE1MTA5MjMxNjh9.4iadCewyiD6hlNKCbFPoizLSWhOD7C9_7tp73cJ0pGHxTpO157KkseSa9Bv-gphYV96l4MYJoK6xAIqNJxsPmg ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"d3f823d0-b248-4e60-a0d4-ddb0b6806c9e","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6FF4.593D.3B10.9690","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS512Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1225 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A19C.0D6E.007C.08C6", "client_secret": "86ce345c-d7e8-4e82-8c2d-81ce0f12faff", "registration_access_token": "2d7a04ef-7d90-4955-814a-dd4c7022124a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A19C.0D6E.007C.08C6", "client_id_issued_at": 1510923168, "client_secret_expires_at": 1511009568, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMTlDLjBENkUuMDA3Qy4wOEM2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTE5Qy4wRDZFLjAwN0MuMDhDNiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiM2U5NmY2NGItN2Y3ZS00ODlmLTllYTItY2RiOWVlZDM4ZTk0IiwiZXhwIjoxNTEwOTIzNDY4LCJpYXQiOjE1MTA5MjMxNjh9.jaoHGb_CpBQ_0svjkyE_ALbnqdH-rj0i4BEbqr-2ZYnsZkUrm_cSWDxb6gPwlLvrRBsOe8bmYbwXTCIaijE4uw ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretPostAuthenticationMethod ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_post", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1181 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D5CA.4A5E.B1A8.D35E", "client_secret": "50c532d7-5ae9-4783-8cbd-e3cc3ee4469c", "registration_access_token": "8659d8f5-2456-4703-b442-8db5d294ba71", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D5CA.4A5E.B1A8.D35E", "client_id_issued_at": 1510923168, "client_secret_expires_at": 1511009568, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_post", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D5CA.4A5E.B1A8.D35E&client_secret=50c532d7-5ae9-4783-8cbd-e3cc3ee4469c ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"3be4a4c1-cecf-45c0-8973-86460e45a14e","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D5CA.4A5E.B1A8.D35E","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: clientSecretPostAuthenticationMethodFail1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_post", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1226 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D31E.373D.0999.11AA", "client_secret": "11ba59f0-2cd0-40fe-b166-5e03be517cde", "registration_access_token": "ca9d3ed4-8c73-43e4-bb80-5874195d9650", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D31E.373D.0999.11AA", "client_id_issued_at": 1510923169, "client_secret_expires_at": 1511009569, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_post", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D31E.373D.0999.11AA&client_secret=INVALID_CLIENT_SECRET ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretPostAuthenticationMethodFail2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_post", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1226 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BD29.605E.07BD.2CC3", "client_secret": "8e67989e-28cc-45d7-b02f-29a6f015b406", "registration_access_token": "44881bf0-f628-4922-add7-88d9dc89ab6b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BD29.605E.07BD.2CC3", "client_id_issued_at": 1510923169, "client_secret_expires_at": 1511009569, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_post", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BD29.605E.07BD.2CC3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretPostAuthenticationMethodFail3 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_post", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1226 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5222.69C4.86CC.DB2E", "client_secret": "535aafed-df23-4e0f-8a3f-784c4e57b0bc", "registration_access_token": "3b4000da-d325-43b5-930e-808f290ed62f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5222.69C4.86CC.DB2E", "client_id_issued_at": 1510923169, "client_secret_expires_at": 1511009569, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_post", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: defaultAuthenticationMethod ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1182 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!33F4.BB4E.273D.3F66", "client_secret": "daebf8f2-cd76-4855-9076-cbe5ba337b5d", "registration_access_token": "1c2f6be6-bf24-40c3-82fd-1c41758615c7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!33F4.BB4E.273D.3F66", "client_id_issued_at": 1510923169, "client_secret_expires_at": 1511009569, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzNGNC5CQjRFLjI3M0QuM0Y2NjpkYWViZjhmMi1jZDc2LTQ4NTUtOTA3Ni1jYmU1YmEzMzdiNWQ= grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"2a7b38b7-3921-460c-92ae-8854420a9ccb","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!33F4.BB4E.273D.3F66","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: defaultAuthenticationMethodFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1227 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!697D.E244.BF80.8022", "client_secret": "d4a5eac0-c7b2-46e1-819a-ff7574d8521f", "registration_access_token": "eedd705f-bc6b-49bb-9379-c9f5640222b2", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!697D.E244.BF80.8022", "client_id_issued_at": 1510923169, "client_secret_expires_at": 1511009569, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjk3RC5FMjQ0LkJGODAuODAyMjpJTlZBTElEX0NMSUVOVF9TRUNSRVQ= grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:49 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodES256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1261 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D1E.FA9D.E620.F459", "client_secret": "1cb69663-cb92-4997-8b03-d1df43792b08", "registration_access_token": "5b95fc4e-92bf-49f7-9238-71dbb62f1800", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D1E.FA9D.E620.F459", "client_id_issued_at": 1510923170, "client_secret_expires_at": 1511009570, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6Ijk3ZGVmYWUxLWU4NzItNDFlZi1iOGI1LTIxYmI0OTBlMTk4ZSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRDFFLkZBOUQuRTYyMC5GNDU5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghM0QxRS5GQTlELkU2MjAuRjQ1OSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiODk4ZDVkMjYtZGE2MC00YjcwLWIyZTAtMDA2MGYxMTU0NDc5IiwiZXhwIjoxNTEwOTIzNDcwLCJpYXQiOjE1MTA5MjMxNzB9.MEUCIAHzkPzTp9CdAvxvceqQbYh6V32h--LScqdf2oA5xCLtAiEA9E-H3UMOCYf6HEHy92UzapumxNNVWL7WdZ7eoa8HFdE ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"8769d755-cfc0-4790-bdbb-99b48309cecd","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D1E.FA9D.E620.F459","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodES256Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BCA2.E09D.8655.A6E3", "client_secret": "db020fe5-8a37-4448-9a0d-5cf89a97ac6e", "registration_access_token": "279f063d-e777-4434-839a-a7a47edf18bc", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BCA2.E09D.8655.A6E3", "client_id_issued_at": 1510923170, "client_secret_expires_at": 1511009570, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } 07:52:50.653 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1312) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 07:52:50.765 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:715) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1314) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCQ0EyLkUwOUQuODY1NS5BNkUzIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQkNBMi5FMDlELjg2NTUuQTZFMyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNGVlZGU2NTgtODQ3NC00MWMwLThjZDYtYzg1ODdhNjEyZTI0IiwiZXhwIjoxNTEwOTIzNDcwLCJpYXQiOjE1MTA5MjMxNzB9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:50 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodES384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1261 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0F5.CEA2.0E6B.0EE7", "client_secret": "0876fffc-3d47-48e6-be73-71e8183b91d6", "registration_access_token": "6c7a758a-371b-435b-a0dc-24b799bb49b0", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0F5.CEA2.0E6B.0EE7", "client_id_issued_at": 1510923170, "client_secret_expires_at": 1511009570, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IjY5ZGZlODk4LTkzZjItNDFjMS04ZTk0LTYzNjEzOGZkYWEyMSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMEY1LkNFQTIuMEU2Qi4wRUU3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDBGNS5DRUEyLjBFNkIuMEVFNyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzEyNGI3OTQtYzIxMi00Yjk0LTgzODYtYzI4MDA5MTAwMzA4IiwiZXhwIjoxNTEwOTIzNDcxLCJpYXQiOjE1MTA5MjMxNzF9.MGYCMQD7nzwPXqQiwHiLmiKxF_ZhhroFzCAtPqNh75j7nynXxax9bbkl8HHbgJLzgNhSJNkCMQCV3k81vtBA9wrWFJo6PvWityYp5Hwewbj_peEeIM1yV4ifducYW0bG07WNdAamwOI ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"37fc2f23-c583-4630-8f83-68f346f5127d","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0F5.CEA2.0E6B.0EE7","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodES384Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAD2.E398.599C.44E9", "client_secret": "62e0a9a4-f297-4bde-aa46-915a2783e403", "registration_access_token": "ea749bff-f6ef-44d5-8a66-4e0127c9cc70", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAD2.E398.599C.44E9", "client_id_issued_at": 1510923171, "client_secret_expires_at": 1511009571, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } 07:52:51.298 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1437) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 07:52:51.425 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:715) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1439) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQUQyLkUzOTguNTk5Qy40NEU5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRkFEMi5FMzk4LjU5OUMuNDRFOSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMDdhM2Y1N2YtNjM1OC00MjE2LWExMzQtODNiNDE4MWZhMzI1IiwiZXhwIjoxNTEwOTIzNDcxLCJpYXQiOjE1MTA5MjMxNzF9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:51 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodES512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1261 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9A38.8994.449E.29E1", "client_secret": "c9c1441e-d6f0-45da-b50a-c4b3cde920df", "registration_access_token": "33c5c7ef-7413-4ed3-b757-693f370f87b5", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9A38.8994.449E.29E1", "client_id_issued_at": 1510923171, "client_secret_expires_at": 1511009571, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjFkY2UyMTAyLTY5OGItNGFkYi1hOTc5LWY3ODgyNjI3NDI5YSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QTM4Ljg5OTQuNDQ5RS4yOUUxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOUEzOC44OTk0LjQ0OUUuMjlFMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiY2U0ZWRkY2QtYmUyNy00MmE0LTkwOTMtYWRhNGIxZjY1OWU5IiwiZXhwIjoxNTEwOTIzNDcxLCJpYXQiOjE1MTA5MjMxNzF9.MIGIAkIB3R4DT6ftxD4ukiw5ENh2KcUTgiGv1iasrzfhcAOJWSLf7kPYYmxRHZpn3DGMR7iX45A8KALEKZMdu4aVUmHpPI4CQgHJeYfA6Bw9QG_hKEnqYJ1I52bTOhLDF9o5LMC6XHieREe6DcMEVPI0wXX2mocO4DwRNXSQC1V2V8TdrjW2S09kiA ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"849fbb8f-05aa-4e18-8559-9b7fe94d7555","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9A38.8994.449E.29E1","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodES512Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DCDB.57AF.F60D.6A5A", "client_secret": "a23b39ae-def9-4bfa-8111-449e2c6763ea", "registration_access_token": "47b1b8a2-5f10-4587-9a22-014d3f328c54", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DCDB.57AF.F60D.6A5A", "client_id_issued_at": 1510923171, "client_secret_expires_at": 1511009571, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } 07:52:51.942 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1562) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 07:52:52.050 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:715) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1564) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQ0RCLjU3QUYuRjYwRC42QTVBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRENEQi41N0FGLkY2MEQuNkE1QSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzQ2Y2Q4MjItMmZlNi00MzgyLTkxYmYtN2I1ZDA4MWQxZDIxIiwiZXhwIjoxNTEwOTIzNDcyLCJpYXQiOjE1MTA5MjMxNzJ9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:51 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1261 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!39AE.2415.0C09.5DD4", "client_secret": "65739c48-1a1b-4bfd-b407-ad5a0a4b3de9", "registration_access_token": "07033331-35a9-4d3d-8e4d-d9241d159fc7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!39AE.2415.0C09.5DD4", "client_id_issued_at": 1510923172, "client_secret_expires_at": 1511009572, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjVmNDk0OGVlLTJhMzYtNDY3OC05Y2U3LTk3YmY0YTJhYzlmZiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzOUFFLjI0MTUuMEMwOS41REQ0Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzlBRS4yNDE1LjBDMDkuNURENCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZmYyMGNjOTAtOTRjYS00Njc2LWExNGYtZmUyODkwNzc3YzE3IiwiZXhwIjoxNTEwOTIzNDcyLCJpYXQiOjE1MTA5MjMxNzJ9.kZaXx9h-mxFCUqvUmA3Bjf6-QEywUbzMXb752jprUKcqxMCoyvg7FtndOFMCauISm20IZ6goT17DAXZxbCssCIEdkjPfr--BdlLafq2YQMYdlrgsdn0SyAe404z29lj1hytfeJ9Ri743v1XfpRqY1D3SaheM4Igv2RucHLbAjgByLBtPFHzYcK2kEttjUZbo010mQ8g7r4n0w_lS5KnuwEzZWE8yk43thZWtrS6AlnInBZOSe5eQzr8FS1GQTNpOO_96UdFzkKzZ_6JJ_S2kSyHKykb4kq9zr5h7m4HHBE3Xke1wYaKHaIGpb2MuQJaIY9DzglRMnxjkrtJl7Ed8iA ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"5f46cf1c-3973-4d26-bf55-66158260930b","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!39AE.2415.0C09.5DD4","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS256Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B0DE.EA6D.AC5B.9831", "client_secret": "97acc39a-9b48-49bb-807a-a684fde0bce4", "registration_access_token": "778f50af-d176-4f4f-b020-bb2856524922", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B0DE.EA6D.AC5B.9831", "client_id_issued_at": 1510923172, "client_secret_expires_at": 1511009572, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } 07:52:52.603 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:937) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 07:52:52.709 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:715) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:939) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMERFLkVBNkQuQUM1Qi45ODMxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQjBERS5FQTZELkFDNUIuOTgzMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzBkMmE2ZWEtNDk4Ni00OGRjLTk3NTItOGVjZjRkY2M4ZjQ2IiwiZXhwIjoxNTEwOTIzNDcyLCJpYXQiOjE1MTA5MjMxNzJ9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:52 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1261 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0DC0.144A.393B.4C88", "client_secret": "98d6d678-b69b-4c9f-bd2b-ed8bf5e4e4f7", "registration_access_token": "e2605df5-f84e-45ad-be42-7d2007260501", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0DC0.144A.393B.4C88", "client_id_issued_at": 1510923172, "client_secret_expires_at": 1511009572, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IjliZmJhNTMxLWZiZDUtNDRkOC1iOWFmLWRlN2Y3MDI1ZmIzZiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwREMwLjE0NEEuMzkzQi40Qzg4Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMERDMC4xNDRBLjM5M0IuNEM4OCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiM2E3NmUyZjgtMjlhNy00ODNjLTg4NGYtZjcyMjJlNTg1ZTg3IiwiZXhwIjoxNTEwOTIzNDcyLCJpYXQiOjE1MTA5MjMxNzJ9.RXptMyQ_ChYQk3efWksqGhun_mm6L7l7I6OS9cVx8p-fgc3RYnCd789fuZD6-8rPZSimH5i16c1xR7AU_uSEAEV3LSm6R5jiVK_QHELiCszVgOMi3yHjq85DH7nYpq24qfNu8wGo6iZOV3wpCgfO-JvZEEBWCdkavPfueFhBdfu8IPQnGIw9YNv6zq9BGz2hJGGReDSOvlB-I0CfoT5PgCupbWNmHg8e3kU6zNdsBrdFL7mcUhlhvOQdJ3qYfNKZHvXWu4S_j8f9MCA3axHgdyxh90nQ4t85lJMuznb-0n2mj0dipspxxWEGcRiB5SGGbtKbx5zo4RMrTI6lW_eo7w ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"c9ea02b6-60d8-4b4a-b794-b0050e172d7d","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0DC0.144A.393B.4C88","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS384Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61B5.3158.4B43.1812", "client_secret": "cd9b621f-cd05-499a-8e71-2cefe442d050", "registration_access_token": "c7bf2148-9a58-47dd-a34b-051baf9c1ea7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61B5.3158.4B43.1812", "client_id_issued_at": 1510923173, "client_secret_expires_at": 1511009573, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } 07:52:53.209 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1062) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 07:52:53.334 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:715) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1064) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MUI1LjMxNTguNEI0My4xODEyIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjFCNS4zMTU4LjRCNDMuMTgxMiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMDkyNjQ2MWYtNTg2MS00ZGVmLWI3ZDItMmE4MjY5MGIyNjdjIiwiZXhwIjoxNTEwOTIzNDczLCJpYXQiOjE1MTA5MjMxNzN9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1261 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6DC0.336B.AF5A.A83E", "client_secret": "d4771f64-f457-46b9-9414-0a2d972f2a65", "registration_access_token": "ff465a87-2b28-4499-bd05-82ea393bd5c7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6DC0.336B.AF5A.A83E", "client_id_issued_at": 1510923173, "client_secret_expires_at": 1511009573, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6ImZiN2ZmMjgyLWQ3ZjktNDM4Yi05NGI4LTczNjIxOTk3YmMzOCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2REMwLjMzNkIuQUY1QS5BODNFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNkRDMC4zMzZCLkFGNUEuQTgzRSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZmExYjBlNTctYjQ1Mi00ZjE3LTk0M2EtMjZiNTk5NjY4ZjE4IiwiZXhwIjoxNTEwOTIzNDczLCJpYXQiOjE1MTA5MjMxNzN9.FNxO049P7vi8zmcFTFHSWQFWPqD83aNkEhQjg2Ga4D_uORguDwxpz3CMYpsrmE0VOnZzkToySSKwplVESmmiETfVIY1HV3GaLmZtf_UDoOcEtMp_4Gqui_WOxmGEF-gMxvkXDbc3LIAhTUb-V5QPGmMGNMeMb1Ldxp8mPH_oC_PQ_5ZOjy2Rs1c9I0bUV6vcDHA1I7Hn5ScsiNruiZmXkVRbBGsfhLnbKIXD-R1lEqd03Ei4J0xPt0IkGdOQ2Sa6o7HI4nP_hNotlEizVlrlj7Lf2M6DlCxopKpoKkzf8xN7AbzEAP4U23nUaKrB53XK3DmqSseTpaTnjZWJP0IAgw ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"4986289f-9bc9-42d1-ada7-5d4f281ca2c5","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6DC0.336B.AF5A.A83E","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS512Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scopes": ["clientinfo"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9F81.C6A7.B19E.C211", "client_secret": "fad387af-d396-4b69-8797-0b9122ca2be2", "registration_access_token": "b28cd3b8-0e09-4055-a6a0-f2ea8d14899d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9F81.C6A7.B19E.C211", "client_id_issued_at": 1510923173, "client_secret_expires_at": 1511009573, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": ["clientinfo"] } 07:52:53.811 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1187) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 07:52:53.917 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:715) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1189) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?] at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?] at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6IlJTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RjgxLkM2QTcuQjE5RS5DMjExIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOUY4MS5DNkE3LkIxOUUuQzIxMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjM0Zjk3NGUtNWUwOC00YjJjLTg5YmItYzI4MGNiYzAwMWQ3IiwiZXhwIjoxNTEwOTIzNDczLCJpYXQiOjE1MTA5MjMxNzN9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:53 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:54 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: requestClientInfoImplicitFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1444 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABCC.F536.71A9.3AF5", "client_secret": "bff3c9c8-96bc-449f-9185-103b2f07298d", "registration_access_token": "d7df0b75-392d-403d-ae11-779ebf181a03", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABCC.F536.71A9.3AF5", "client_id_issued_at": 1510923174, "client_secret_expires_at": 1511009574, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ABCC.F536.71A9.3AF5&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=46132948-8a89-432e-8091-dd9b4caf0ba7&nonce=0c93a094-d444-4b46-a759-a3accecdf7d3 authenticateResourceOwnerAndGrantAccess: Cleaning cookies 07:52:54.527 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:757e2981-dd90-4ebd-9d3b-928e732941af ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ABCC.F536.71A9.3AF5&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=46132948-8a89-432e-8091-dd9b4caf0ba7&nonce=0c93a094-d444-4b46-a759-a3accecdf7d3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5b782e1f-6697-4391-9a7e-8f13bb28ab87&scope=clientinfo&id_token=eyJraWQiOiIyZDBhZWY4Zi05MmEzLTQwNzgtOWQzMy1jZmU0Zjg5MDkxN2UiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQkNDLkY1MzYuNzFBOS4zQUY1IiwiZXhwIjoxNTEwOTI2Nzc2LCJpYXQiOjE1MTA5MjMxNzYsIm5vbmNlIjoiMGM5M2EwOTQtZDQ0NC00YjQ2LWE3NTktYTNhY2NlY2RmN2QzIiwiYXV0aF90aW1lIjoxNTEwOTIzMTc1LCJhdF9oYXNoIjoiVE1KeFZ0bl9nNGp3S0FHYjRORXNvUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjE5aUhhOXVXRzZta0t3STlGTm1FOWs0WV9ZUVpsVWdlSDVaby11TDVtY1UifQ.A3DgNe2v8GPrwo6qu8BUs_EtJJgMoMTgyhQnxeDy6fnj7ISOzHVNjmnWhNgopqyuw0NAIjGgelTCLbePrR3D6Z60DN31kPOrPobE98DmltDSbK3fkEaTMvSpUjfMM4MuDbj5Xm6ItJJsTaqeTk7s3c0VoxYxp4XK9Cxpfz3_-_bl9NU9IQrgjDsTFwhzTOJ49Cn_l1LrNWV4OPFUbCh3XrNby2fOma3uLQOqCe1JzQK6UzXYaZMTS54oHXqOKgKraOhnGrzWnkF__QeJDcUvAhIuN4B1KlR4nFOR-SRhWPZ4mpKQVrfxAShVVqBimlV7a1ySXlvTQgaQVHb-mEFbJw&session_id=cf5c455c-6232-4773-b4c8-7dd4b6bbe7b2&state=46132948-8a89-432e-8091-dd9b4caf0ba7&token_type=bearer&session_state=757e2981-dd90-4ebd-9d3b-928e732941af&expires_in=299 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 493 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABCC.F536.71A9.3AF5","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["permission","uma_protection","clientinfo","email","user_name","org_name","address","openid","work_phone","phone","profile","test"]} ####################################################### TEST: requestClientInfoInvalidRequest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 260 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:56 GMT Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed."} ####################################################### TEST: requestClientInfoInvalidToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 203 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:56 GMT Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."} ####################################################### TEST: requestClientInfoPasswordFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["password"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1403 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B1A8.9EBC.EF1B.BA19", "client_secret": "caac6f79-e652-4200-a867-e2bbb51220b6", "registration_access_token": "ecacdb2b-faaa-4d9d-afe2-41b61f6f3133", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B1A8.9EBC.EF1B.BA19", "client_id_issued_at": 1510923176, "client_secret_expires_at": 1511009576, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["password"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQjFBOC45RUJDLkVGMUIuQkExOTpjYWFjNmY3OS1lNjUyLTQyMDAtYTg2Ny1lMmJiYjUxMjIwYjY= grant_type=password&scope=clientinfo&username=test_user&password=test_user_password ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 170 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"69b33aef-af67-4830-a44a-b2265dabb5dd","token_type":"bearer","expires_in":299,"refresh_token":"e75d78a7-4d28-4013-959a-aa0bc900b2a0","scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 493 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B1A8.9EBC.EF1B.BA19","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["permission","uma_protection","clientinfo","email","user_name","org_name","address","openid","work_phone","phone","profile","test"]} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:56 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:56 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: testEncode1 ####################################################### ####################################################### TEST: testEncode2 ####################################################### ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:56 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:56 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: requestClientAssociate ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1458 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:57 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8C66.FE76.F6B0.F249", "client_secret": "2d03331f-d9d3-4690-8a4d-0582b388efa7", "registration_access_token": "439007b1-5c5f-4e5f-bd62-76b9fd7fbbf9", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8C66.FE76.F6B0.F249", "client_id_issued_at": 1510923177, "client_secret_expires_at": 1511009577, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scopes": [ "permission", "uma_protection", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "test" ] } ####################################################### TEST: requestClientAssociateInBlackList ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": ["https://www.attacker.com"], "application_type": "web", "client_name": "oxAuth test app" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Cache-Control: no-store Connection: close Content-Length: 101 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:57 GMT Pragma: no-cache Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."} ####################################################### TEST: testUrlPatterList ####################################################### ####################################################### TEST: requestClientUpdate ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 282 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:57 GMT Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client_metadata","error_description":"The value of one of the Client Metadata fields is invalid and the server has rejected this request. Note that an Authorization Server MAY choose to substitute a valid value for any requested parameter of a Client's Metadata."} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:57 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:57 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Fri, 17 Nov 2017 12:52:57 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } ####################################################### TEST: OpenID Connect Configuration ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6218 Content-Type: application/json Date: Fri, 17 Nov 2017 12:52:57 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.3.15.v20161220) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "org_name", "address", "openid", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "id_token", "code", "id_token token", "code token", "id_token code", "token", "id_token code token" ], "grant_types_supported": [ "implicit", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "authorization_code", "password" ], "acr_values_supported": [ "super_gluu", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256",