FailedConsole Output

Skipping 5,194 KB.. Full Log
.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-UserInfo Endpoint
#######################################################
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Wed, 04 Jul 2018 23:58:57 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:58:57 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-UserInfo Endpoint Access with Form-Encoded Body Method
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:58:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A504.C5FF.5D12.1B76",
    "client_secret": "73e82683-80be-4ee6-b3b8-03f1c3b99f2f",
    "registration_access_token": "01015f25-1084-4386-ad00-ec0cd1e54b73",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A504.C5FF.5D12.1B76",
    "client_id_issued_at": 1530748737,
    "client_secret_expires_at": 1530835137,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A504.C5FF.5D12.1B76&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ddee0b43-d4b4-47fd-8fae-bed7d725a461&nonce=145ea95e-92f3-4a42-a9b8-9749764ecfe3
19:59:18.308 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:61a14601-2fd9-4489-8f6d-4cb0e866f46e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A504.C5FF.5D12.1B76&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ddee0b43-d4b4-47fd-8fae-bed7d725a461&nonce=145ea95e-92f3-4a42-a9b8-9749764ecfe3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=62311150-e7e1-46fe-859b-b8f1b2dd8525&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBNTA0LkM1RkYuNUQxMi4xQjc2IiwiZXhwIjoxNTMwNzUyMzM4LCJpYXQiOjE1MzA3NDg3MzgsIm5vbmNlIjoiMTQ1ZWE5NWUtOTJmMy00YTQyLWE5YjgtOTc0OTc2NGVjZmUzIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzM4LCJhdF9oYXNoIjoiVmNfTzJRTDNvN3VSZE04Tm92bEFFQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImlFV0FINFk4WkNKNEhwZWZXM1ZKbGNmX1hSbnRSUlpZQk1Ucm10QlZvYTQifQ.Uwx4oDBhxJpygNtJDUbOj3IMbw5XFkHBTrgw88MJDZgfvz0WWuHRcbIcowdOHCN-kAAa8l8Iz2x4dnI67Op8dAy7Owkiuvyq-sAwI9sT8UrBIuzbt2IGT-dShE0CZcUqTn2QDCefeLnXgIt7dLd_lK_hmAFxF017FqzDvcN3vKsI5UOKrekLifNZLvQFA-hrCIi6gh5M5pBBjU0gJn39bV1PIS1fQ8l_5Zg8fGXDLq0rcIJCpc8TbMs3vESro0FVpRSSavaL2IAk2kWp5A7cP5HUT__sc4jvLgCKfmqiK42XygNBwlgRX20RAPAWP9Hx0lP7mf6mIxLV3WpaA4kjYw&session_id=5271985b-0fd2-44b4-bcfc-3cefc2972fb7&state=ddee0b43-d4b4-47fd-8fae-bed7d725a461&token_type=bearer&session_state=61a14601-2fd9-4489-8f6d-4cb0e866f46e&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org

access_token=62311150-e7e1-46fe-859b-b8f1b2dd8525

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 610
Content-Type: application/json;charset=utf-8
Date: Wed, 04 Jul 2018 23:58:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"iEWAH4Y8ZCJ4HpefW3VJlcf_XRntRRZYBMTrmtBVoa4","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Wed, 04 Jul 2018 23:58:59 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:58:59 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-UserInfo Endpoint Access with Header Method
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:58:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4EAC.DE3D.DA02.6DD1",
    "client_secret": "4b255e67-b307-4469-910d-e3e6dffd83cc",
    "registration_access_token": "151d7247-2295-4541-91ea-63f0370d2ab9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4EAC.DE3D.DA02.6DD1",
    "client_id_issued_at": 1530748739,
    "client_secret_expires_at": 1530835139,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EAC.DE3D.DA02.6DD1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c4f2b08f-9369-4df5-b98c-a3505a578cf7&nonce=8f537e0f-ebe2-45c5-a013-610a7a723628
19:59:19.634 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:dfeb33ff-d3f9-4402-803f-fe7ccdd76351
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EAC.DE3D.DA02.6DD1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c4f2b08f-9369-4df5-b98c-a3505a578cf7&nonce=8f537e0f-ebe2-45c5-a013-610a7a723628

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=6ea042b1-d824-4173-8c03-8428e6e567b2&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0RUFDLkRFM0QuREEwMi42REQxIiwiZXhwIjoxNTMwNzUyMzQwLCJpYXQiOjE1MzA3NDg3NDAsIm5vbmNlIjoiOGY1MzdlMGYtZWJlMi00NWM1LWEwMTMtNjEwYTdhNzIzNjI4IiwiYXV0aF90aW1lIjoxNTMwNzQ4NzQwLCJhdF9oYXNoIjoicTBaYjF5aGRBeWlxVUx6eTlyTGU0ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlNqcWR3d3h3YnliYy1uQWJMempTV1p1dU1JVnZMbjlITTRUUEpkSFlUWDgifQ.qm7LYeQhrNjap4UIIT7gNcpJgF9z7-P5BT20X2n80EPm0RNX9kabqKmCQRcHAuQwd5U8NVEbJ7TRt_OnSXsQIJNNTS-JFkRO2fzEjsfo-VqfQxwFDTq5ylzjz4ADx_4VLBDRHzfkWpqJGrsZxYVthV0Fo4bGO32TV0SY1rKbUp0EI-GC1g6SEmnVJmdaanT1Clvu2sGxhp7NbbqWo9YbOdFRZbhDsufPWkgM4fF84qLDLMeOdHimlPW0yVhkPhqBZiZShGjldwh32SUCFpagLfw5u1H0y0EcbTPkvoEe7iq6nN89aJUZcKcFENytVNEDVVX5GLJGuWMeSkTf93kmVw&session_id=fcce1b1e-b57c-4872-ab95-5b99e61c3e8a&state=c4f2b08f-9369-4df5-b98c-a3505a578cf7&token_type=bearer&session_state=dfeb33ff-d3f9-4402-803f-fe7ccdd76351&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 6ea042b1-d824-4173-8c03-8428e6e567b2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 610
Content-Type: application/json;charset=utf-8
Date: Wed, 04 Jul 2018 23:59:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"Sjqdwwxwbybc-nAbLzjSWZuuMIVvLn9HM4TPJdHYTX8","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Wed, 04 Jul 2018 23:59:00 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:00 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-Uses Asymmetric ID Token Signatures ES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "ES256"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C107.88C4.4B78.22D8",
    "client_secret": "3a78d9c5-d2a0-4570-b7c5-4cd23af601ea",
    "registration_access_token": "b58bee9a-878f-460d-8a75-9153efc3faa4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C107.88C4.4B78.22D8",
    "client_id_issued_at": 1530748740,
    "client_secret_expires_at": 1530835140,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "ES256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C107.88C4.4B78.22D8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=68114820-92f4-47e7-b0f4-956123d51e68&nonce=de66f2cb-215b-4de3-8b83-525edba11dde
19:59:20.991 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:eab74158-4234-4cab-b553-ab40819276a6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C107.88C4.4B78.22D8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=68114820-92f4-47e7-b0f4-956123d51e68&nonce=de66f2cb-215b-4de3-8b83-525edba11dde

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI3YzFhNjI4ZC1iMjRjLTRhMDItYmVlNC04ZWViOGIwNDRiY2YiLCJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMTA3Ljg4QzQuNEI3OC4yMkQ4IiwiZXhwIjoxNTMwNzUyMzQxLCJpYXQiOjE1MzA3NDg3NDEsIm5vbmNlIjoiZGU2NmYyY2ItMjE1Yi00ZGUzLThiODMtNTI1ZWRiYTExZGRlIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzQxLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ6TWFleVk1RG53S2htSjFZNmd4dnJPOFlPMmc4bHAxdmZBb2lvbjlQRkxJIn0.MEYCIQC237gKzizvnbFZVkAYbN-LcCazPdKE5xjN37rv815w6wIhAOINtHEnC7B94he0odRYa_AbVfsH3HYUoca1PZ2Wn4RH&session_id=31d794a6-4268-4061-b272-39b62f0f01e4&state=68114820-92f4-47e7-b0f4-956123d51e68&session_state=eab74158-4234-4cab-b553-ab40819276a6

#######################################################
TEST: OC5:FeatureTest-Uses Asymmetric ID Token Signatures ES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "ES384"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!246B.270A.8986.93ED",
    "client_secret": "521c3a6f-fc24-4aa2-ac22-d6793791b5d7",
    "registration_access_token": "d729e65c-d2d0-4759-8235-1e1738f5c87d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!246B.270A.8986.93ED",
    "client_id_issued_at": 1530748741,
    "client_secret_expires_at": 1530835141,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "ES384",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21246B.270A.8986.93ED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8ca25783-7a00-46fd-ade5-34e11d73dae2&nonce=37797dc0-4a03-4361-b1d6-e793a753806d
19:59:22.188 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ee4f0919-8b1d-4517-988b-68e9597e8a64
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21246B.270A.8986.93ED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8ca25783-7a00-46fd-ade5-34e11d73dae2&nonce=37797dc0-4a03-4361-b1d6-e793a753806d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiJlODJjOTVmMi0xYzk5LTQ3YzItYjZhMC05NWQ2ZWQwYTIyMjgiLCJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyNDZCLjI3MEEuODk4Ni45M0VEIiwiZXhwIjoxNTMwNzUyMzQyLCJpYXQiOjE1MzA3NDg3NDIsIm5vbmNlIjoiMzc3OTdkYzAtNGEwMy00MzYxLWIxZDYtZTc5M2E3NTM4MDZkIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzQyLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiItVmcxcS1ieWZFZkdBOEVWRDdJaFFPSlBZaXB2ek1BWnBic2xacUFvbnFzIn0.MGUCMQDjSucGhgxcqffcLjbIkYcAvkeIeZwVnWP8LlQoKQH0wTRFZFmmHtrPUVG-WF_QjccCMD9HPIzS1IZSDyyTedA52Ha5WXHkYBH9zH6I8waeY9s6bRyeJu7RF-awRqEqCWL6og&session_id=d9aee1e1-3c4c-475a-903e-203299fe0722&state=8ca25783-7a00-46fd-ade5-34e11d73dae2&session_state=ee4f0919-8b1d-4517-988b-68e9597e8a64

#######################################################
TEST: OC5:FeatureTest-Uses Asymmetric ID Token Signatures ES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "ES512"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62E5.B626.B7BA.E3D1",
    "client_secret": "da7d573e-c9aa-40f8-91f3-b4c0ed507a18",
    "registration_access_token": "dec9e936-fd50-45a1-95fa-84ca8988e91e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62E5.B626.B7BA.E3D1",
    "client_id_issued_at": 1530748743,
    "client_secret_expires_at": 1530835143,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "ES512",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2162E5.B626.B7BA.E3D1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=992c9ac4-b20b-4197-b1f5-5f09f8072b06&nonce=64b20903-1a89-4058-8bc5-927806435223
19:59:23.377 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1adffeac-7735-4e34-b45d-08fa1793c2b9
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2162E5.B626.B7BA.E3D1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=992c9ac4-b20b-4197-b1f5-5f09f8072b06&nonce=64b20903-1a89-4058-8bc5-927806435223

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiJjZjI3MmY3ZS1lMjZmLTQ4ZGQtYTUwZC0wOWVmY2U0ZDUwMTQiLCJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MkU1LkI2MjYuQjdCQS5FM0QxIiwiZXhwIjoxNTMwNzUyMzQzLCJpYXQiOjE1MzA3NDg3NDMsIm5vbmNlIjoiNjRiMjA5MDMtMWE4OS00MDU4LThiYzUtOTI3ODA2NDM1MjIzIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzQzLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJMQ1F2LXdqYVM4Rkx5RDJ2d2lza1JzaHlJOXE1OTNkQ1Y2alBSeUtIRnBnIn0.MIGHAkFD2cooNa8JyCL0_aKk2w1om0aBBXrNyMj4n5F9fqcoBV256dnwEphAxUev4dzURgX4JCiFO1eSqIr01iIdiie-YgJCAIlcxef5rUKtTW0aFFXeM__QPa601WwrwTONNa4qyHz2w3a_WR5QfoxIbSy4fEu4xJl2dHo5PHqt4CZZjHyydpQy&session_id=91b1c0d3-bb20-41b1-84b2-5c1e3f2b8b0e&state=992c9ac4-b20b-4197-b1f5-5f09f8072b06&session_state=1adffeac-7735-4e34-b45d-08fa1793c2b9

#######################################################
TEST: OC5:FeatureTest-Uses Asymmetric ID Token Signatures RS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "RS256"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!647D.5705.AE5C.D3C6",
    "client_secret": "db592a52-21fc-4005-bb27-26f2994c231a",
    "registration_access_token": "7845c447-677d-4739-9919-57f16385a83b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!647D.5705.AE5C.D3C6",
    "client_id_issued_at": 1530748744,
    "client_secret_expires_at": 1530835144,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21647D.5705.AE5C.D3C6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=15df1a10-89a0-4485-a430-9171dd35776f&nonce=ea665557-4e45-4bcb-bef2-aa2d5a9290dd
19:59:24.501 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ce89217e-3177-4e3f-9000-96ae7f76ce3e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21647D.5705.AE5C.D3C6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=15df1a10-89a0-4485-a430-9171dd35776f&nonce=ea665557-4e45-4bcb-bef2-aa2d5a9290dd

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2NDdELjU3MDUuQUU1Qy5EM0M2IiwiZXhwIjoxNTMwNzUyMzQ1LCJpYXQiOjE1MzA3NDg3NDUsIm5vbmNlIjoiZWE2NjU1NTctNGU0NS00YmNiLWJlZjItYWEyZDVhOTI5MGRkIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzQ1LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJlTjNzOG8xSkdycWtNNlI3ODkzcmNLUzg1ZzItWGxFdGV6TTl4bDNzbUw0In0.UbV9I2eMJPtY756iUFFyCaHb11_kRShyEyepXM5SX82Girj-TZ4Cv2A6TPwuOu87Kvu05F2hWy6Oa2T6dyQ1oia6OylTMQ0t4QuQUFFJNbSJPRkQ1aFwOg08dnndX8-Hoo1fIM914Tj6PyTtIM70M_lRAxWtOBHEjsc5c7aDz0xYFvbU498c00xa1A1Dl8yUSa7j-HBicmFPZ5HKBHQytHMpZEkpTrcSMZFLNEat-vNn_hvaHAzNFaYvSer9Wy75YBohi-LrqZ1rGa6xsOXvfBF-BGkWLZkNSf8y-RxViTrTPVdlLVwuYxYozldLAQhCZxqZopjH1m9ierogKRgkPA&session_id=122e4f80-36b3-4a2b-8f04-edc04ad4d995&state=15df1a10-89a0-4485-a430-9171dd35776f&session_state=ce89217e-3177-4e3f-9000-96ae7f76ce3e

#######################################################
TEST: OC5:FeatureTest-Uses Asymmetric ID Token Signatures RS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "RS384"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D3C3.89E3.C5E9.95F1",
    "client_secret": "4da39274-4251-4afd-9c17-24392cfaf627",
    "registration_access_token": "dad43d98-1d12-4830-af7e-823207c7630f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D3C3.89E3.C5E9.95F1",
    "client_id_issued_at": 1530748745,
    "client_secret_expires_at": 1530835145,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS384",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D3C3.89E3.C5E9.95F1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c5e235d9-7730-4b09-ac7c-8e0e4b8437d2&nonce=15e3c501-19fc-41ea-9f2b-ca16fb874a82
19:59:25.712 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:eddf24e7-06fe-443b-a2c2-80fb38a7ce45
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D3C3.89E3.C5E9.95F1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c5e235d9-7730-4b09-ac7c-8e0e4b8437d2&nonce=15e3c501-19fc-41ea-9f2b-ca16fb874a82

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiJiNGM2NmNhMi02ZDg3LTRjMjItYTk1Yy04ODlkMjM2MjBmNTQiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEM0MzLjg5RTMuQzVFOS45NUYxIiwiZXhwIjoxNTMwNzUyMzQ2LCJpYXQiOjE1MzA3NDg3NDYsIm5vbmNlIjoiMTVlM2M1MDEtMTlmYy00MWVhLTlmMmItY2ExNmZiODc0YTgyIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzQ2LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJkdGw5a0otWnZYMngyRnliYnl0by0yY3RCWFN3ZF9RX2IxbElrZ1ZrRGVnIn0.POL-qEX3uT0tpMAeyj2BkemYffFZYXEmDJkTXKX0rbT29tWPUMtMuBbVkA9Ec9l8Ao7OGIn775tfCjcqOSngaTxFG1VdaQBUG1zSVbT4BiXhShRl-t8RS6KidbuzeMs7AOWNT4f7OGHhTcytWtSYFkO5zN7pHPy_3Tmkw-Te6CxMoZdkk9TuiSgevgeDP-L0th41Vtv-Rob1hsp0LeACVsvRahtXbq8md335vF5p--SrNs-C7oSToX_LCEzsMp5qWfX6qqkkf6Gq4kSM8rmXfneRvHVN78zB0vanzWJm1EeraZn79MwROLGbr2NNVnOUKz2k6d0P-TcbP5UqB-uIhQ&session_id=c0d63470-52b9-42ac-8a99-a3694ac76e55&state=c5e235d9-7730-4b09-ac7c-8e0e4b8437d2&session_state=eddf24e7-06fe-443b-a2c2-80fb38a7ce45

#######################################################
TEST: OC5:FeatureTest-Uses Asymmetric ID Token Signatures RS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "RS512"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!324F.6CCE.E5F6.23DF",
    "client_secret": "335e101d-a650-41aa-b6c6-ab4762193145",
    "registration_access_token": "e91724b0-1398-4798-b589-537ed59895c0",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!324F.6CCE.E5F6.23DF",
    "client_id_issued_at": 1530748746,
    "client_secret_expires_at": 1530835146,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS512",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21324F.6CCE.E5F6.23DF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a00caf29-0d79-4e1d-b5c1-59115f63bca5&nonce=d6f3c8b5-39ea-4b11-8a90-d619d692b050
19:59:26.923 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e66a87cd-0486-4153-a3f4-7f0a483e9139
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21324F.6CCE.E5F6.23DF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a00caf29-0d79-4e1d-b5c1-59115f63bca5&nonce=d6f3c8b5-39ea-4b11-8a90-d619d692b050

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI5Njg5MjgzZC03NzgxLTQ1MDgtOGZmNS00ZGU2OGQ1Y2U0MjMiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzMjRGLjZDQ0UuRTVGNi4yM0RGIiwiZXhwIjoxNTMwNzUyMzQ3LCJpYXQiOjE1MzA3NDg3NDcsIm5vbmNlIjoiZDZmM2M4YjUtMzllYS00YjExLThhOTAtZDYxOWQ2OTJiMDUwIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzQ3LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJTTDJubVljWHpXeGVaWlY2VnQwVUJSZWd5YmhQN3c3Vl9lczltMEpDamVRIn0.LWRJge-Qdl-RlMNAp9__sdzrHYgqsLiRUpfgbX7TN3-frrvw1gKCiLAKGdOIuDB66vVNofw3MlJFqrtk0useIv9imzUnvehkIzGjFQj9NqcN1w8OUWfupDtN4wiefHURUcY7p1AHW0uUzXplwTP69hMzWLh66BI62ndrxNAPkXYpbQoFEWJzZdyXIYrL0KYVgwp3g9QucKnhwB8UY5v45fT9WNt3Ha9sqpGk9kDxdhwezA7lwDZhByQhWT9WPzLeoyiOpyjmMh89P8BHXXgkTlb_RRgifumqSCWLGoM-craZn4TwYfpkzfvW-HZ1ZEwo3-mnFpPqtpyPtBqY2JnbZQ&session_id=a7170d17-d52b-4756-92a0-5d04a02f80bb&state=a00caf29-0d79-4e1d-b5c1-59115f63bca5&session_state=e66a87cd-0486-4153-a3f4-7f0a483e9139

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Wed, 04 Jul 2018 23:59:07 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:07 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-Uses Discovery
#######################################################
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Wed, 04 Jul 2018 23:59:07 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:07 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-Uses Dynamic Registration
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "contacts": [
        "javier@gluu.org",
        "javier.rojas.blum@gmail.com"
    ],
    "client_name": "oxAuth test app",
    "logo_uri": "http://www.gluu.org/wp-content/themes/gluursn/images/logo.png",
    "policy_uri": "http://www.gluu.org/policy",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "public",
    "request_object_signing_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1695
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4056.E359.8829.0CFB",
    "client_secret": "84cd4c96-a628-465a-94c0-a4e53cc523bf",
    "registration_access_token": "ae6e650d-0446-437f-aafe-24864f5d751d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4056.E359.8829.0CFB",
    "client_id_issued_at": 1530748748,
    "client_secret_expires_at": 1530835148,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "contacts": [
        "javier.rojas.blum@gmail.com",
        "javier@gluu.org"
    ],
    "client_name": "oxAuth test app",
    "logo_uri": "http://www.gluu.org/wp-content/themes/gluursn/images/logo.png",
    "policy_uri": "http://www.gluu.org/policy",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "request_object_signing_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Wed, 04 Jul 2018 23:59:08 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:08 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-Uses Symmetric ID Token Signatures HS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "HS256"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4F22.5445.6A27.1B93",
    "client_secret": "8b88bdce-6ab7-41c2-bc27-e1621b5abfa5",
    "registration_access_token": "70588860-a6c3-4bfe-9471-6b564707118f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4F22.5445.6A27.1B93",
    "client_id_issued_at": 1530748748,
    "client_secret_expires_at": 1530835148,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "HS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214F22.5445.6A27.1B93&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8e062f3e-909a-401e-b1fa-5477b2a49811&nonce=051579be-d547-496a-ab16-ad484e9446ab
19:59:28.568 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e14448d1-9723-4bf4-8fd8-7c77861d7688
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214F22.5445.6A27.1B93&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8e062f3e-909a-401e-b1fa-5477b2a49811&nonce=051579be-d547-496a-ab16-ad484e9446ab

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0RjIyLjU0NDUuNkEyNy4xQjkzIiwiZXhwIjoxNTMwNzUyMzQ5LCJpYXQiOjE1MzA3NDg3NDksIm5vbmNlIjoiMDUxNTc5YmUtZDU0Ny00OTZhLWFiMTYtYWQ0ODRlOTQ0NmFiIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzQ5LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJGcHE3VTNMYy00akRMelE3Y2hDb05pTXRWejlhWncteEdKajZYRTFVa3k0In0.-SS7y-8gEAH1x3qt8OeJPnOS-1jSiAC9_xDQWJNf4Uo&session_id=b5199560-e280-4909-996c-149640f4f325&state=8e062f3e-909a-401e-b1fa-5477b2a49811&session_state=e14448d1-9723-4bf4-8fd8-7c77861d7688

#######################################################
TEST: OC5:FeatureTest-Uses Symmetric ID Token Signatures HS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "HS384"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!718B.832F.627E.CB56",
    "client_secret": "3d8099f3-a74d-4f9c-a8af-9ed41eb696aa",
    "registration_access_token": "2c0088dd-6256-42fa-8053-d41b3f3d0069",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!718B.832F.627E.CB56",
    "client_id_issued_at": 1530748749,
    "client_secret_expires_at": 1530835149,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "HS384",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21718B.832F.627E.CB56&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9da01809-92ef-4238-807a-2328f623acbe&nonce=bca34da2-5e50-49db-a4d1-fde1a91f35ae
19:59:29.601 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2c8db63e-7932-436d-a4a5-ab03b14233ac
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21718B.832F.627E.CB56&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9da01809-92ef-4238-807a-2328f623acbe&nonce=bca34da2-5e50-49db-a4d1-fde1a91f35ae

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MThCLjgzMkYuNjI3RS5DQjU2IiwiZXhwIjoxNTMwNzUyMzUwLCJpYXQiOjE1MzA3NDg3NTAsIm5vbmNlIjoiYmNhMzRkYTItNWU1MC00OWRiLWE0ZDEtZmRlMWE5MWYzNWFlIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzUwLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ5VXdROEtiVnJDWVdSUmlWc1gyMFp6bElVWkpLTExEcHhCT2tZTjFzWW1BIn0.WrAAz7Ar5d7iVBmAAE7CpfCK91wMx6KFIZlaChAG7PJglDCcxF8M2NYm9PTp8ZEZ&session_id=f40a5ca8-12a1-41d0-a7c5-9beb578ea564&state=9da01809-92ef-4238-807a-2328f623acbe&session_state=2c8db63e-7932-436d-a4a5-ab03b14233ac

#######################################################
TEST: OC5:FeatureTest-Uses Symmetric ID Token Signatures HS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "id_token_signed_response_alg": "HS512"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A401.D518.AA16.B542",
    "client_secret": "3071d606-5744-4b77-90c9-338a76e75390",
    "registration_access_token": "8a1c9036-d2b8-43d6-bb80-7bd67254f21a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A401.D518.AA16.B542",
    "client_id_issued_at": 1530748750,
    "client_secret_expires_at": 1530835150,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "HS512",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A401.D518.AA16.B542&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c37a56c5-97d7-45df-afa1-5f5bf1fc5be9&nonce=6f8ef19c-cd60-4149-92c9-c278d9fc31bd
19:59:30.671 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3a405a5f-ec22-43db-a428-56b36a5f8643
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A401.D518.AA16.B542&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c37a56c5-97d7-45df-afa1-5f5bf1fc5be9&nonce=6f8ef19c-cd60-4149-92c9-c278d9fc31bd

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBNDAxLkQ1MTguQUExNi5CNTQyIiwiZXhwIjoxNTMwNzUyMzUxLCJpYXQiOjE1MzA3NDg3NTEsIm5vbmNlIjoiNmY4ZWYxOWMtY2Q2MC00MTQ5LTkyYzktYzI3OGQ5ZmMzMWJkIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzUxLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJzdUFlOEZOYnNQbHJwdURHYUx2YUNrSGdSSDZ2c0NRMVVEQzBoT3JvVk9JIn0.yPmZZm0cRlRELW8md07nB9NYCNrdyvUCaN2hR7AiN3DhCQG3_AnhZPC7rmrYxiwpke-GA502gUMMa8PgThpjmQ&session_id=4d29df7b-4bea-44a4-b737-0bf364bcb689&state=c37a56c5-97d7-45df-afa1-5f5bf1fc5be9&session_state=3a405a5f-ec22-43db-a428-56b36a5f8643

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Wed, 04 Jul 2018 23:59:11 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:11 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-Verifies Correct at hash when Implicit Flow Used
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!235C.7894.599B.1588",
    "client_secret": "784274f5-cb6f-49a8-9233-99e1816ffea9",
    "registration_access_token": "3dc51ec6-d2c6-4c52-9993-93028a041665",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!235C.7894.599B.1588",
    "client_id_issued_at": 1530748751,
    "client_secret_expires_at": 1530835151,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21235C.7894.599B.1588&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bc19e7c9-0a2d-4f9f-a321-e646aac92f91&nonce=d57f0bac-e866-4fd1-8e5f-496374b47a89
19:59:31.844 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:79d3035d-db7a-44fb-a93c-1ed9dc6e0a03
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21235C.7894.599B.1588&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bc19e7c9-0a2d-4f9f-a321-e646aac92f91&nonce=d57f0bac-e866-4fd1-8e5f-496374b47a89

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=becc9ec9-7d22-4de1-b411-7d20f3e1be76&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMzVDLjc4OTQuNTk5Qi4xNTg4IiwiZXhwIjoxNTMwNzUyMzUyLCJpYXQiOjE1MzA3NDg3NTIsIm5vbmNlIjoiZDU3ZjBiYWMtZTg2Ni00ZmQxLThlNWYtNDk2Mzc0YjQ3YTg5IiwiYXV0aF90aW1lIjoxNTMwNzQ4NzUyLCJhdF9oYXNoIjoiSmRFcjdzQTNoUGQwMF9qQ1piRWZFQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im5WcUlIdVBvS251U2JBNXdWLUVDb3BXSGhMQll6cEFxTEREMVUzRm96NVkifQ.oVhTXn-7Sw_6ts1jer36123YRIVmUFqbxn_5NZnKtmHOccuLmf0VQoGl6jQlAm5Rb7cxODQsGIcha5rtBphsKJcb0JNSfE5HJk5FfRw3iMvyHZzp4Gc-lahVML4NSJEKGbTmeNvGQo6xDsh33TiCLzaSXGmkIwwoJXqbeTSH9BS10V2tSJTrYJQRsOha2wE0-aq7MIJiTxT30dnKEHMzvIMsf_c_WvCeeHM2tVSQfCmsgK1xvMAYH4zHAEagDwig3_UO969Wmkbovk72v5EwEHs_fDZ68SRW4dbeY_Kx3GXAcmvNgRxNlMqr37IMnlMcECSQyguMXePAP6IitHy6FA&session_id=ed6cacd4-9546-495c-b23f-fa362c2f1a21&state=bc19e7c9-0a2d-4f9f-a321-e646aac92f91&token_type=bearer&session_state=79d3035d-db7a-44fb-a93c-1ed9dc6e0a03&expires_in=299

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Wed, 04 Jul 2018 23:59:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "id_token",
        "code",
        "id_token code token",
        "id_token code",
        "code token",
        "id_token token",
        "token"
    ],
    "grant_types_supported": [
        "implicit",
        "refresh_token",
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "authorization_code",
        "password"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: OC5:FeatureTest-Verifies Correct c hash when Code Flow Used
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Wed, 04 Jul 2018 23:59:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3539.2FB1.7B6A.2B6E",
    "client_secret": "6a856f23-54df-4b3c-a433-54f7ebba4ead",
    "registration_access_token": "5912964f-4c51-4598-8327-0ae17937ef10",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3539.2FB1.7B6A.2B6E",
    "client_id_issued_at": 1530748752,
    "client_secret_expires_at": 1530835152,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213539.2FB1.7B6A.2B6E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c0bdea4d-325d-41cf-ada0-cd51d609ce19&nonce=8319d545-b79f-4d76-8096-bd312c8e2dba
19:59:33.227 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f226c11c-9d77-40d1-988d-9c641795363b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213539.2FB1.7B6A.2B6E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c0bdea4d-325d-41cf-ada0-cd51d609ce19&nonce=8319d545-b79f-4d76-8096-bd312c8e2dba

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=47f3459a-3f6d-4034-bf7e-6f98e3e42e8a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNTM5LjJGQjEuN0I2QS4yQjZFIiwiZXhwIjoxNTMwNzUyMzUzLCJpYXQiOjE1MzA3NDg3NTMsIm5vbmNlIjoiODMxOWQ1NDUtYjc5Zi00ZDc2LTgwOTYtYmQzMTJjOGUyZGJhIiwiYXV0aF90aW1lIjoxNTMwNzQ4NzUzLCJjX2hhc2giOiJrUDhKVDA1M1RFSThsclRCU2d0VWxRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoic1FySjVNam92N2M4RlJzSWZYRzJ0Y0twX3ktbTNYOFVKenBFbmpIY2hSayJ9.IrxkzfdIVHwS2Zhl15iA92hiQLp6QyH7ZgWygZ_wUgYgRTsqTG3HBqov16MvtCI03eMVQaKGqnK87aus631cEh6KBgIqof2l4YUcAh2a-7wufZiydkmtwXKWVf0vrAuKq_rn_MCHuD__NTTMF7N6t0N32C-OIgD1cvyBqXIGLglw7mabMB3dLrRECFjhwGp_GCwKEi6tBD-iiT-qmE2wrvqufU9dS2H9a97U1rlUlV8_a5sx-GZwzwhTZkk9xJFHlx4AknYTlL0BKDxIuVYJeln1oYWdqzgCdyKmqUW7ofS4GzOJ1Ndi7NrpgDvb8qUBIxm7KPrQD_K2j43YY5zbvQ&session_id=16a0d61c-fc77-46e5-8c53-d3d2108a0810&state=c0bdea4d-325d-41cf-ada0-cd51d609ce19&session_state=f226c11c-9d77-40d1-988d-9c641795363b

Tests run: 680, Failures: 1, Errors: 0, Skipped: 1, Time elapsed: 726.171 sec <<< FAILURE! - in TestSuite
successfulRptRequest(org.xdi.oxauth.ws.rs.uma.AccessProtectedResourceFlowHttpTest)  Time elapsed: 0.017 sec  <<< FAILURE!
org.jboss.resteasy.client.ClientResponseFailure: RESTEASY003150: Error status 400 Bad Request returned
	at org.jboss.resteasy.client.core.BaseClientResponse.createResponseFailure(BaseClientResponse.java:581)
	at org.jboss.resteasy.client.core.BaseClientResponse.createResponseFailure(BaseClientResponse.java:572)
	at org.jboss.resteasy.client.core.BaseClientResponse.checkFailureStatus(BaseClientResponse.java:566)
	at org.jboss.resteasy.client.core.extractors.BodyEntityExtractor.extractEntity(BodyEntityExtractor.java:39)
	at org.jboss.resteasy.client.core.ClientInvoker.invoke(ClientInvoker.java:128)
	at org.jboss.resteasy.client.core.ClientProxy.invoke(ClientProxy.java:89)
	at com.sun.proxy.$Proxy62.requestRpt(Unknown Source)
	at org.xdi.oxauth.ws.rs.uma.AccessProtectedResourceFlowHttpTest.successfulRptRequest(AccessProtectedResourceFlowHttpTest.java:161)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108)
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661)
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869)
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193)
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126)
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109)
	at org.testng.TestRunner.privateRun(TestRunner.java:744)
	at org.testng.TestRunner.run(TestRunner.java:602)
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380)
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375)
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340)
	at org.testng.SuiteRunner.run(SuiteRunner.java:289)
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52)
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86)
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301)
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226)
	at org.testng.TestNG.runSuites(TestNG.java:1144)
	at org.testng.TestNG.run(TestNG.java:1115)
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281)
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75)
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121)
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290)
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242)
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121)


Results :

Failed tests: 
  AccessProtectedResourceFlowHttpTest.successfulRptRequest:161 » ClientResponseFailure

Tests run: 680, Failures: 1, Errors: 0, Skipped: 1

[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO] 
[INFO] oxAuth ............................................. SUCCESS [  3.271 s]
[INFO] oxAuth Model ....................................... SUCCESS [ 39.291 s]
[INFO] oxAuth Client ...................................... FAILURE [12:19 min]
[INFO] oxauth-static ...................................... SKIPPED
[INFO] oxAuth RP .......................................... SKIPPED
[INFO] oxAuth RP Demo ..................................... SKIPPED
[INFO] oxAuth Server ...................................... SKIPPED
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 13:03 min
[INFO] Finished at: 2018-07-04T19:59:35-04:00
[INFO] Final Memory: 69M/448M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:2.19.1:test (default-test) on project oxauth-client: There are test failures.
[ERROR] 
[ERROR] Please refer to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/surefire-reports for the individual test results.
[ERROR] -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
[ERROR] 
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR]   mvn <goals> -rf :oxauth-client
Build step 'Invoke top-level Maven targets' marked build as failure
[FINDBUGS] Skipping publisher since build result is FAILURE
Publishing Javadoc
TestNG Reports Processing: START
Looking for TestNG results report in workspace using pattern: **/testng-results.xml
Saving reports...
Processing '/home/tomcat/.jenkins/jobs/oxAuth/builds/3299/testng/testng-results-1.xml'
Processing '/home/tomcat/.jenkins/jobs/oxAuth/builds/3299/testng/testng-results.xml'
0.145560% of tests failed, which exceeded threshold of 0%. Marking build as UNSTABLE
TestNG Reports Processing: FINISH
Not sending mail to unregistered user javier.rojas.blum@gmail.com
Sending e-mails to: support@gluu.org
Finished: FAILURE