FailedConsole Output

Started by user Yuriy Zabrovarnyy
Started by user Yuriy Zabrovarnyy
Building on master in workspace /home/tomcat/.jenkins/jobs/oxAuth/workspace
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/GluuFederation/oxAuth # timeout=10
Fetching upstream changes from https://github.com/GluuFederation/oxAuth
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/GluuFederation/oxAuth +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/version_3.1.4^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/version_3.1.4^{commit} # timeout=10
Checking out Revision 821f7db11e1f07f7d5ad504b0bae230d5122fd86 (refs/remotes/origin/version_3.1.4)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 821f7db11e1f07f7d5ad504b0bae230d5122fd86
Commit message: "Merge remote-tracking branch 'origin/version_3.1.4' into version_3.1.4"
 > git rev-list --no-walk 821f7db11e1f07f7d5ad504b0bae230d5122fd86 # timeout=10
[workspace] $ /bin/bash /opt/tomcat/temp/jenkins1042996606028500279.sh
Cloning into 'oxHudsonProfiles'...
[workspace] $ /home/tomcat/.jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven_3.3.9/bin/mvn -DVERSION_NAME=version_3.1.4 -DPROFILE_NAME=ce-dev4 -DDEVELOPMENT_BUILD=false -DMAVEN_SKIP_TESTS=false -Dpython.import.site=false -DPYTHON_HOME=/opt/jython -Dcfg=ce-dev4 -Dmaven.test.skip=false -Ddevelopment-build=false clean compile install findbugs:findbugs javadoc:javadoc site
[INFO] Scanning for projects...
[WARNING] 
[WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-rp:war:3.1.4-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for org.mortbay.jetty:jetty-maven-plugin is missing. @ org.xdi:oxauth-rp:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/RP/pom.xml, line 74, column 12
[WARNING] 
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING] 
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING] 
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO] 
[INFO] oxAuth
[INFO] oxAuth Model
[INFO] oxAuth Client
[INFO] oxauth-static
[INFO] oxAuth RP
[INFO] oxAuth RP Demo
[INFO] oxAuth Server
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth 3.1.4-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/target
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/pom.xml to /var/www/html/maven/org/xdi/oxauth/3.1.4-SNAPSHOT/oxauth-3.1.4-SNAPSHOT.pom
[INFO] 
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth ---
[INFO] 
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth >>>
[INFO] 
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth <<<
[INFO] 
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth ---
[INFO] 
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth ---
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Model 3.1.4-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-model ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Compiling 158 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[144,36] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 4 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-model ---
[INFO] Compiling 5 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/test-classes
[INFO] 
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-model ---

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running TestSuite
CodeVerifier{codeVerifier='1N_Vo_282_Vl.q4PY.dcBWr0.4WZwX9e87jxubeQnmUFL_LzY3vT40hsuxrtwhJS_0KDVHj2U3tIccKO1UO5O_Mk-e-G4KA5uQJzNGtS9DYnmiohqHKz7g3aysu83NF2', codeChallenge='1N_Vo_282_Vl.q4PY.dcBWr0.4WZwX9e87jxubeQnmUFL_LzY3vT40hsuxrtwhJS_0KDVHj2U3tIccKO1UO5O_Mk-e-G4KA5uQJzNGtS9DYnmiohqHKz7g3aysu83NF2', transformationType=PLAIN}
CodeVerifier{codeVerifier='ADfFO3QkqsSY0LHv.x5NvPwZhRQxAT-1QATR_8gl~0ISVjIYMA~jcO9Lf8H9abnrpJoxsZGls61W60B5e_d6xJa4LmlxNS_EWe9R18lfug~g6BK_Ibz4UtHwwkMXt~Kx', codeChallenge='MwiwK5AxT5Gokpi1knmIflCk5oI6jlAws_lp0xyhByY', transformationType=S256}
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
Hi there from Javascript, 
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.483 sec - in TestSuite

Results :

Tests run: 7, Failures: 0, Errors: 0, Skipped: 0

[INFO] 
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar
[INFO] 
[INFO] --- maven-jar-plugin:2.4:test-jar (default) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth-model ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar to /var/www/html/maven/org/xdi/oxauth-model/3.1.4-SNAPSHOT/oxauth-model-3.1.4-SNAPSHOT.jar
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/pom.xml to /var/www/html/maven/org/xdi/oxauth-model/3.1.4-SNAPSHOT/oxauth-model-3.1.4-SNAPSHOT.pom
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar to /var/www/html/maven/org/xdi/oxauth-model/3.1.4-SNAPSHOT/oxauth-model-3.1.4-SNAPSHOT-tests.jar
[INFO] 
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth-model ---
[INFO] Fork Value is true
     [java] Warnings generated: 53
[INFO] Done FindBugs Analysis....
[INFO] 
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth-model >>>
[INFO] 
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth-model <<<
[INFO] 
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth-model ---
[INFO] 
Loading source files for package org.xdi.oxauth.model.uma...
Loading source files for package org.xdi.oxauth.model.uma.wrapper...
Loading source files for package org.xdi.oxauth.model.uma.persistence...
Loading source files for package org.xdi.oxauth.model.jwt...
Loading source files for package org.xdi.oxauth.model.common...
Loading source files for package org.xdi.oxauth.model.jwk...
Loading source files for package org.xdi.oxauth.model.exception...
Loading source files for package org.xdi.oxauth.model.session...
Loading source files for package org.xdi.oxauth.model.fido.u2f...
Loading source files for package org.xdi.oxauth.model.fido.u2f.message...
Loading source files for package org.xdi.oxauth.model.fido.u2f.exception...
Loading source files for package org.xdi.oxauth.model.fido.u2f.protocol...
Loading source files for package org.xdi.oxauth.model.gluu...
Loading source files for package org.xdi.oxauth.model.register...
Loading source files for package org.xdi.oxauth.model.discovery...
Loading source files for package org.xdi.oxauth.model.jwe...
Loading source files for package org.xdi.oxauth.model.userinfo...
Loading source files for package org.xdi.oxauth.model.util...
Loading source files for package org.xdi.oxauth.model.authorize...
Loading source files for package org.xdi.oxauth.model.configuration...
Loading source files for package org.xdi.oxauth.model.error...
Loading source files for package org.xdi.oxauth.model.jws...
Loading source files for package org.xdi.oxauth.model.token...
Loading source files for package org.xdi.oxauth.model.crypto...
Loading source files for package org.xdi.oxauth.model.crypto.signature...
Loading source files for package org.xdi.oxauth.model.crypto.binding...
Loading source files for package org.xdi.oxauth.model.crypto.encryption...
Constructing Javadoc information...
Standard Doclet version 1.8.0_121
Building tree for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/binding/TokenBindingExtensionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/binding/TokenBindingType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/binding/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/binding/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/binding/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/constant-values.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/serialized-form.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/class-use/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/class-use/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/binding/class-use/TokenBindingExtensionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/binding/class-use/TokenBindingType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/binding/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-use.html...
Building index for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index-all.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/deprecated-list.html...
Building index for all classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-noframe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/help-doc.html...
12 warnings
[WARNING] Javadoc Warnings
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for clientId
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for claimsRedirectUri
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:44: warning: no @return
[WARNING] public JwtHeader setType(JwtType type) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:63: warning: no @return
[WARNING] public JwtHeader setAlgorithm(SignatureAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:77: warning: no @return
[WARNING] public JwtHeader setAlgorithm(KeyEncryptionAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:96: warning: no @return
[WARNING] public JwtHeader setKeyId(String keyId) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/common/ScopeType.java:30: warning: empty <p> tag
[WARNING] * <p>
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:37: warning: no @return
[WARNING] public byte getUserPresence() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:45: warning: no @return
[WARNING] public long getCounter() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:52: warning: no @return
[WARNING] public byte[] getSignature() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:210: warning: no description for @return
[WARNING] * @return
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:212: warning: no @throws for org.codehaus.jettison.json.JSONException
[WARNING] public static Map<String, String> jsonObjectArrayStringAsMap(String jsonString) throws JSONException {
[WARNING] ^
[INFO] 
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth-model ---
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Client 3.1.4-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-client ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Compiling 59 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/classes
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 17 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-client ---
[INFO] Compiling 145 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/test-classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[47,35] X509CertImpl is internal proprietary API and may be removed in a future release
[INFO] 
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-client ---

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running TestSuite
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Invoked init test suite method 

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:54:35 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:35 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: applicationTypeNativeSubjectTypePairwise
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E755.4978.431F.79A3",
    "client_secret": "5da3f27b-64a4-46b0-b865-ea47d9bf8f3f",
    "registration_access_token": "1c343f97-202c-4642-bdb0-74613c3a8bff",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E755.4978.431F.79A3",
    "client_id_issued_at": 1530806075,
    "client_secret_expires_at": 1530892475,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1c343f97-202c-4642-bdb0-74613c3a8bff

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E755.4978.431F.79A3",
    "client_secret": "5da3f27b-64a4-46b0-b865-ea47d9bf8f3f",
    "registration_access_token": "1c343f97-202c-4642-bdb0-74613c3a8bff",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E755.4978.431F.79A3",
    "client_id_issued_at": 1530806075,
    "client_secret_expires_at": 1530892475,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E755.4978.431F.79A3&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e1a57185-53bc-4d03-9c52-d8581f419bfc&nonce=ed71b45e-0ce0-480c-9d1c-39e1b9faf2fd
11:55:00.904 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ae218379-6c67-4dcf-9836-f94ab3002bf7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E755.4978.431F.79A3&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e1a57185-53bc-4d03-9c52-d8581f419bfc&nonce=ed71b45e-0ce0-480c-9d1c-39e1b9faf2fd

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=002fc03a-eab7-4ed5-9b08-73a8ca941017&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFNzU1LjQ5NzguNDMxRi43OUEzIiwiZXhwIjoxNTMwODA5Njg0LCJpYXQiOjE1MzA4MDYwODQsIm5vbmNlIjoiZWQ3MWI0NWUtMGNlMC00ODBjLTlkMWMtMzllMWI5ZmFmMmZkIiwiYXV0aF90aW1lIjoxNTMwODA2MDgzLCJjX2hhc2giOiI0cHJSaHVIZE55QWk2R2stYmJmVnRnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiWlpxMjJpdUZDa3c4d1ZIRnNsY3F0SkEzaGpHckdmNVhNQlpRYnlWZjJyVSJ9.OOTRQ766mgjtVGjZ2MoYx22Zhg8i8uD9zWY7Uk7VuXXUMBx7uZu0eWXbbRt8vIfZ8aaE2TQzjpYn3Nda__oAOAjZVtbXsRPnF5jS5BoBkSsv7NYtTjDpp6ksPRXl3cw-4Sb8O9rWdjJ5j-zzS0Li4ObO682MdoNmePEUY_b8F9If-MonbGZAoi_LMeJWvnk1-hA5gNkObyJrVBLJEv54DICp7zMNAMj5nwoKMf03bf1bBwSjZ-jlfADx16S5n0GxJq37zJ10X1MRtxR8oVMvpf6iFLPnO0g51Aum8LIAlVqtQG81pdYPMqV03bdGMblkntyHHg0s6wMkjDi6wCz1Hg&session_id=ad294447-17ad-4e49-8fcd-4edc18245ce3&state=e1a57185-53bc-4d03-9c52-d8581f419bfc&session_state=ae218379-6c67-4dcf-9836-f94ab3002bf7

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTc1NS40OTc4LjQzMUYuNzlBMzo1ZGEzZjI3Yi02NGE0LTQ2YjAtYjg2NS1lYTQ3ZDliZjhmM2Y=

grant_type=authorization_code&code=002fc03a-eab7-4ed5-9b08-73a8ca941017&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"d4e12358-dec4-4634-a6b4-48289890eebc","token_type":"bearer","expires_in":299,"refresh_token":"5f0d59fe-1746-4d11-874a-f0f66dd07634","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFNzU1LjQ5NzguNDMxRi43OUEzIiwiZXhwIjoxNTMwODA5Njg0LCJpYXQiOjE1MzA4MDYwODQsIm5vbmNlIjoiZWQ3MWI0NWUtMGNlMC00ODBjLTlkMWMtMzllMWI5ZmFmMmZkIiwiYXV0aF90aW1lIjoxNTMwODA2MDgzLCJhdF9oYXNoIjoiRFQ5d1ZLVlljTk5FRm11VEFrVGR0dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlpacTIyaXVGQ2t3OHdWSEZzbGNxdEpBM2hqR3JHZjVYTUJaUWJ5VmYyclUifQ.H1ZMJIxQQj_ssc2ZW7VO_mIBsyJS9j-JYS5BdZWh0LKF-YwJts0FE7oks_dcmnL52wjzO0iMsJplaXKa4Rp6F_3SsQHFwrLcfo96Tuo8Wog5VbKdd3otTMZioP2vCAKePP5tXUMNev4NO9HQN1z8liZYv39wNDG3EEY1mlMQc6hQz6HqbHGT_6vEnVi6h3DDM_KLxG-ERMnQEmRnAA2gWAGLUs35YsBwRHHxNo4cirafOLiahRa3Jv64kTFH_awGG4KozFKAoNwHnazwPDXExZpo4q3IQ7vF2YcuxQ4aUB6ofZ_wKTIVB4zyJekSXDP02KWwOfQfktSk22nLY46sIQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTc1NS40OTc4LjQzMUYuNzlBMzo1ZGEzZjI3Yi02NGE0LTQ2YjAtYjg2NS1lYTQ3ZDliZjhmM2Y=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=5f0d59fe-1746-4d11-874a-f0f66dd07634

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"5715e503-3104-4784-9ebf-9b4fb6877aec","token_type":"bearer","expires_in":299,"refresh_token":"a300fad9-4365-49fb-b0d6-4c39cab0c80f","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 5715e503-3104-4784-9ebf-9b4fb6877aec

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 15:54:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"ZZq22iuFCkw8wVHFslcqtJA3hjGrGf5XMBZQbyVf2rU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: applicationTypeNativeSubjectTypePublic
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CB44.E0F0.C579.4DCE",
    "client_secret": "323467b3-e7dc-48c9-86d4-2f2143dc8039",
    "registration_access_token": "2c5083b0-a7a8-4cd4-ae29-2e8b9325baf3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CB44.E0F0.C579.4DCE",
    "client_id_issued_at": 1530806085,
    "client_secret_expires_at": 1530892485,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 2c5083b0-a7a8-4cd4-ae29-2e8b9325baf3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CB44.E0F0.C579.4DCE",
    "client_secret": "323467b3-e7dc-48c9-86d4-2f2143dc8039",
    "registration_access_token": "2c5083b0-a7a8-4cd4-ae29-2e8b9325baf3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CB44.E0F0.C579.4DCE",
    "client_id_issued_at": 1530806085,
    "client_secret_expires_at": 1530892485,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CB44.E0F0.C579.4DCE&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1881ea86-d787-4ebf-9ae6-ae6697907587&nonce=96e7aca9-7fba-40bf-bda7-621e528fd5c8
11:55:07.308 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ee64925a-d67e-4849-ad58-a94b8432cd2a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CB44.E0F0.C579.4DCE&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1881ea86-d787-4ebf-9ae6-ae6697907587&nonce=96e7aca9-7fba-40bf-bda7-621e528fd5c8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=db857561-fae3-4d1c-8305-0b0047e8b1fc&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDQjQ0LkUwRjAuQzU3OS40RENFIiwiZXhwIjoxNTMwODA5Njg4LCJpYXQiOjE1MzA4MDYwODgsIm5vbmNlIjoiOTZlN2FjYTktN2ZiYS00MGJmLWJkYTctNjIxZTUyOGZkNWM4IiwiYXV0aF90aW1lIjoxNTMwODA2MDg3LCJjX2hhc2giOiJWZ3pNaTg0TFJxdUFUNTFHOVdzSS1BIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDAhQjFGMy5BRUFFLkI3OTgifQ.j9D_YrARIdjuNCKlB3dn8-Z-HvkNYYSWMowXBSwNP_4Ek6q5EoJXGDvawbIQjvK6fLf2SgJXdPOlXltVKyr5nKYBfvTZBFsayr7hrtip1r9jI-DZeDxDXkysPe5jM3NCcRY9xAQ6YkgOFpuOH2LkRF-wPdFbiQdNtLQqq5tBnR86W7tid1WSgCxiifX_NGooAC9H-mmCmlS8-QuS9MsO4j_CFLTtRsubB0lyDABeqBe5xsijn2A_I1K4kwXqoUX6_yeuS4ag-cntFW-hYVybwN1kb-7KdwM7nzR2D4SVHQ9D7EHFzu5-dvER2EZFNHd-KJfi8uhQcxocRbCztLcBcQ&session_id=149e3631-98ae-4148-b779-8c37798cbe1c&state=1881ea86-d787-4ebf-9ae6-ae6697907587&session_state=ee64925a-d67e-4849-ad58-a94b8432cd2a

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQ0I0NC5FMEYwLkM1NzkuNERDRTozMjM0NjdiMy1lN2RjLTQ4YzktODZkNC0yZjIxNDNkYzgwMzk=

grant_type=authorization_code&code=db857561-fae3-4d1c-8305-0b0047e8b1fc&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1074
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"3ef8bfc3-1f89-4a7c-9ffb-cf0a3ec4d41b","token_type":"bearer","expires_in":299,"refresh_token":"661706d5-9be8-4d8e-be63-cf9c35e64e81","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDQjQ0LkUwRjAuQzU3OS40RENFIiwiZXhwIjoxNTMwODA5Njg4LCJpYXQiOjE1MzA4MDYwODgsIm5vbmNlIjoiOTZlN2FjYTktN2ZiYS00MGJmLWJkYTctNjIxZTUyOGZkNWM4IiwiYXV0aF90aW1lIjoxNTMwODA2MDg3LCJhdF9oYXNoIjoiOS1kLTBWUTZPT0FPQkZDdzBUeF96USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkAhMzhENC40MTBDLjFENDMuODkzMiEwMDAxITM3RjIuQjc0NCEwMDAwIUIxRjMuQUVBRS5CNzk4In0.km5xtCA_hRBd57qFYI-NFPy6KkqsLhAkkkJCo_ZXVVG726rbi_fLwqQikWtxIGgbeNIh2xvWZcIeRMQjcm_jWZzCDSLu4gCDZWaSQbMnoJgvukQhNMs6_XQ3_2AXD5wqlgFt-1VRA7rtrW-Qx7NRRFzgRJekSfT7smh4KUD5-T8QyAzHoftPh2pxgSs_yRr1CXUhNS38H9Go45Sbg2NtaOkhXJmPVHZgkmh0iVQpK0EGxvXFIjUpJIeCLpDKjAT4DInoR4TDt0fsJL3mEvcCBwghSugoL2DnCO7Bra3UTzwfecltxfrZEGFalA9M-Ivc7rSaYk2xdXAT0L_kv-R9xA"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQ0I0NC5FMEYwLkM1NzkuNERDRTozMjM0NjdiMy1lN2RjLTQ4YzktODZkNC0yZjIxNDNkYzgwMzk=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=661706d5-9be8-4d8e-be63-cf9c35e64e81

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"26a05b97-f9c8-4ca8-adf0-a2707cc57657","token_type":"bearer","expires_in":299,"refresh_token":"ec79534e-0f92-428f-b33c-2273c17b3da0","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 26a05b97-f9c8-4ca8-adf0-a2707cc57657

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 647
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 15:54:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"@!38D4.410C.1D43.8932!0001!37F2.B744!0000!B1F3.AEAE.B798","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: applicationTypeWeb
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!797F.28BD.29C2.2573",
    "client_secret": "70d388b0-d545-43bd-b534-394aaaf1fd3a",
    "registration_access_token": "5df015d7-95f3-4097-9db1-655f22f4b0cf",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!797F.28BD.29C2.2573",
    "client_id_issued_at": 1530806088,
    "client_secret_expires_at": 1530892488,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 5df015d7-95f3-4097-9db1-655f22f4b0cf

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!797F.28BD.29C2.2573",
    "client_secret": "70d388b0-d545-43bd-b534-394aaaf1fd3a",
    "registration_access_token": "5df015d7-95f3-4097-9db1-655f22f4b0cf",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!797F.28BD.29C2.2573",
    "client_id_issued_at": 1530806088,
    "client_secret_expires_at": 1530892488,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: applicationTypeWebFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["http://client.example.com/cb"],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 101
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:48 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."}

#######################################################
TEST: omittedApplicationType
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1651.7876.658D.25B6",
    "client_secret": "9e824c5a-0fdc-4bbc-b9d8-f2365654b45b",
    "registration_access_token": "49047ac6-7e23-4924-b30f-ff8775182034",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1651.7876.658D.25B6",
    "client_id_issued_at": 1530806089,
    "client_secret_expires_at": 1530892489,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 49047ac6-7e23-4924-b30f-ff8775182034

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:49 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1651.7876.658D.25B6",
    "client_secret": "9e824c5a-0fdc-4bbc-b9d8-f2365654b45b",
    "registration_access_token": "49047ac6-7e23-4924-b30f-ff8775182034",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1651.7876.658D.25B6",
    "client_id_issued_at": 1530806089,
    "client_secret_expires_at": 1530892489,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:54:49 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:49 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: authorizationCodeDynamicScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name org_name work_phone"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1361
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:49 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D056.6CEC.0ADA.A242",
    "client_secret": "2cc7b8c9-56d8-4783-b0a7-45a65085c346",
    "registration_access_token": "cd816dec-46e9-413c-b837-4ac554f080e7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D056.6CEC.0ADA.A242",
    "client_id_issued_at": 1530806089,
    "client_secret_expires_at": 1530892489,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name org_name work_phone",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D056.6CEC.0ADA.A242&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4b0bb353-3daf-4fd8-adfe-dc7f776ad155&nonce=b097d6cf-8e1c-4f52-9f69-115ae7917e92
11:55:10.752 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a20abbdf-0184-442b-b0e2-d74bf1efc342
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D056.6CEC.0ADA.A242&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4b0bb353-3daf-4fd8-adfe-dc7f776ad155&nonce=b097d6cf-8e1c-4f52-9f69-115ae7917e92

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=09b48223-fe94-4145-86fa-528f57d0d844&scope=address+openid+user_name+profile+work_phone+org_name+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMDU2LjZDRUMuMEFEQS5BMjQyIiwiZXhwIjoxNTMwODA5NjkxLCJpYXQiOjE1MzA4MDYwOTEsIm5vbmNlIjoiYjA5N2Q2Y2YtOGUxYy00ZjUyLTlmNjktMTE1YWU3OTE3ZTkyIiwiYXV0aF90aW1lIjoxNTMwODA2MDkxLCJjX2hhc2giOiI1QlNqa0RIeVkwdVIzbnZLQ0NaLVVBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoicWY1UFVNNHBGdWxIQW55Tm1rNlMtWVM1ZE9DSURJS084dVlWblBvNjc5byJ9.sVXw0CZwusDBg9Gyka-wbTPLERquDlyMqtBGe7LIc7CWcbYVz2cnmLhStiu6Nd4U4CsDXK2can-T7LKuXG8FGrGc6vqsA-ul9Yoy9_KLS0b4ybL0gOwHqfzsd8L40qW4X-XCT_h6zvJchTwMWcR_H3dRt8hcYx4aw9mtmkIH6k2QPpKh7ifeqE9ByrH6d5oJp0dGQ6Y9ljN-MyI01sbrFVo1sz3Uq3FRoIjgbvvlHN9ugjzyL9-Wnlh53wHhxxmNJGhKtZHKKTe0HUweFX3Ir4iECWLnOaKyD-yQ4uyLWQVtJZF2VZZvhxGR8-lotdzqnHe8iHsX916dR7PxLUQ9LA&session_id=af1813bc-6751-4222-9735-96cfd29ee249&state=4b0bb353-3daf-4fd8-adfe-dc7f776ad155&session_state=a20abbdf-0184-442b-b0e2-d74bf1efc342

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRDA1Ni42Q0VDLjBBREEuQTI0MjoyY2M3YjhjOS01NmQ4LTQ3ODMtYjBhNy00NWE2NTA4NWMzNDY=

grant_type=authorization_code&code=09b48223-fe94-4145-86fa-528f57d0d844&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"08d9984a-5a5a-4f5f-8e9e-6b82fd5f2cea","token_type":"bearer","expires_in":299,"refresh_token":"d9bed6cb-d871-490a-8346-9008c8155166","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMDU2LjZDRUMuMEFEQS5BMjQyIiwiZXhwIjoxNTMwODA5NjkxLCJpYXQiOjE1MzA4MDYwOTEsIm5vbmNlIjoiYjA5N2Q2Y2YtOGUxYy00ZjUyLTlmNjktMTE1YWU3OTE3ZTkyIiwiYXV0aF90aW1lIjoxNTMwODA2MDkxLCJhdF9oYXNoIjoiWk54T0Y4YUt4MHNhdWtBdnZ6bGVMUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InFmNVBVTTRwRnVsSEFueU5tazZTLVlTNWRPQ0lESUtPOHVZVm5QbzY3OW8ifQ.Q7f-8OVYvbnPLsn4pZhB8MyL8PHnUjc6Z56Q3gj_G9XlxMk8zozTLByg9ODnV_kojforANt9sdNhBOl87WhdhJYjzI5jdlKISKzYmAmfcpeN9a9MJUGcWu2OQheHTmgvhu3Sdnw2F1nn0DtopYaeUfXLhS5jWXFlrNSZpJ1P8ED1FPGQPizuDv_N_DAHilu2pvTDlaZHKd7wZ4HNlHrnq1wHl4B2YOrthfXe5B-WYKi_oiNOl_QC5JSnTgL0ocZCMtHE_Ia1hO5OO6J7G5Hq0pz2itgxoWN5KvxfiuWeeIFFcMMgLGT0yxPXdXWD_NWoQfAoorM3hAqpN0T-LMKS2w"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 08d9984a-5a5a-4f5f-8e9e-6b82fd5f2cea

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 690
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 15:54:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"qf5PUM4pFulHAnyNmk6S-YS5dOCIDIKO8uYVnPo679o","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org","org_name":"Gluu, Inc.","work_phone":["(512) 516-2413"]}

#######################################################
TEST: authorizationCodeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email phone user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1347
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2389.A996.CA24.672F",
    "client_secret": "ca3d4c5c-f4f2-46f0-8891-e626a15ce1ad",
    "registration_access_token": "7ca75773-65f1-4921-9e40-aef8447aa274",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2389.A996.CA24.672F",
    "client_id_issued_at": 1530806091,
    "client_secret_expires_at": 1530892491,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email phone user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212389.A996.CA24.672F&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a9c7a47d-0493-4fb9-94ca-79a63e0d6d96&nonce=edc0c749-ba14-4a55-a9cb-8f2844cc032a
11:55:13.076 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9d748a24-2c1a-4025-abd4-2085ace9d4db
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212389.A996.CA24.672F&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a9c7a47d-0493-4fb9-94ca-79a63e0d6d96&nonce=edc0c749-ba14-4a55-a9cb-8f2844cc032a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=a5704b59-592a-4aef-b245-f3c2ed37d666&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMzg5LkE5OTYuQ0EyNC42NzJGIiwiZXhwIjoxNTMwODA5NjkzLCJpYXQiOjE1MzA4MDYwOTMsIm5vbmNlIjoiZWRjMGM3NDktYmExNC00YTU1LWE5Y2ItOGYyODQ0Y2MwMzJhIiwiYXV0aF90aW1lIjoxNTMwODA2MDkzLCJjX2hhc2giOiJ0VDRIV00xUnRFU0ZQTVUxcG5vWXFBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiSWJSZ29PcHBXNTRrRDJrakd3TGxicWl2eUR2emNVWnoyZlMzTC1wZ19MMCJ9.fJU6VVADou-I4r8nQ2Jke17LoGL8s2JQLjn4jaPm3GaTmGY4FBGzKnw0MflgyA8GTnKu4GSTVREAuv7142wO5li52T1f303K67PJEuOiEfCnUlM9VNTnVuGhWGzYyJtb7uVkPulhMZcwdW4UbLu-ht21t_s7lCgIieKsdwpsBsy3IEVwtv5gq_3OSuNiJ50MNd92m0qQDxkcJlYj7hnKZs0EgsdKSDSYc9LNAqj-12j31tUT0oW7b2Z9Iu7z4YKHy6TNiD45ampmhJrUVkdwULOXH55eRn5oe5SwhcBhXH17D3QQirI6NrbLeF_vQIjggQqixGnYCnWNnf3jFTMkOQ&session_id=a007eca4-9a4c-49fc-802c-f4d0b48f1aea&state=a9c7a47d-0493-4fb9-94ca-79a63e0d6d96&session_state=9d748a24-2c1a-4025-abd4-2085ace9d4db

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMjM4OS5BOTk2LkNBMjQuNjcyRjpjYTNkNGM1Yy1mNGYyLTQ2ZjAtODg5MS1lNjI2YTE1Y2UxYWQ=

grant_type=authorization_code&code=a5704b59-592a-4aef-b245-f3c2ed37d666&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"affe43c3-d6d8-436b-9d2d-49baff6d02ec","token_type":"bearer","expires_in":299,"refresh_token":"dd36ae9f-428c-4122-ad9d-a7ae4245dc1a","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMzg5LkE5OTYuQ0EyNC42NzJGIiwiZXhwIjoxNTMwODA5NjkzLCJpYXQiOjE1MzA4MDYwOTMsIm5vbmNlIjoiZWRjMGM3NDktYmExNC00YTU1LWE5Y2ItOGYyODQ0Y2MwMzJhIiwiYXV0aF90aW1lIjoxNTMwODA2MDkzLCJhdF9oYXNoIjoiN292SS1QdmpYTklWZ2pEZVVoWmJxUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkliUmdvT3BwVzU0a0Qya2pHd0xsYnFpdnlEdnpjVVp6MmZTM0wtcGdfTDAifQ.mmG9D_Zu385JQVhoTctjjyDRs2BIafmCDN7_-GU_nGYthge6s77VDZg0jcsqlrzgXxSnEaj4LRHaMCn8_i28Z4-fxHpCs5pdHZDKtesa4oMFR-nLRjE3RjoeZQM2vwj81OyNT6xFGrs1yz0d2J9ApAmvaXG4Mbdmyep0g5ZK3CA5T3AOGi557LdiVILnkZSDN7JcyaKDWs-aOF-_YbZFkROERAakxFOZul2QC3Q3-pleokjgWPnYM1EtiDZEsaQx-xRurBJKYrHVwRz8h6YfTLb1Sr2dJ6gaP9ZdpWisGZb5m8tjYOx7sbPR3x657oE5Xv1fGMQoRELApWQ488yhiQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMjM4OS5BOTk2LkNBMjQuNjcyRjpjYTNkNGM1Yy1mNGYyLTQ2ZjAtODg5MS1lNjI2YTE1Y2UxYWQ=

grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=dd36ae9f-428c-4122-ad9d-a7ae4245dc1a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 204
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"2247bdb9-6798-4a01-958e-87cabbf518e8","token_type":"bearer","expires_in":299,"refresh_token":"f547b7e2-cd3b-4d28-8cef-6104413e7389","scope":"address phone openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 2247bdb9-6798-4a01-958e-87cabbf518e8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 695
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 15:54:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"IbRgoOppW54kD2kjGwLlbqivyDvzcUZz2fS3L-pg_L0","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: authorizationCodeFlowLoginHint
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1B21.EA45.B16E.ABD1",
    "client_secret": "b92a2340-4bcf-4927-87b9-c175214b7abb",
    "registration_access_token": "f94cb33c-75bb-4433-8bb3-e5fafe9a1a59",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1B21.EA45.B16E.ABD1",
    "client_id_issued_at": 1530806093,
    "client_secret_expires_at": 1530892493,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211B21.EA45.B16E.ABD1&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=089de754-21f4-4261-acfa-41c19994d2a5&nonce=84083ef8-eff2-4ce6-96ad-ad4d3dcfdb33&login_hint=test_user
11:55:15.249 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3e2b0afc-77bb-44b7-ae93-1cff6142bdab
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211B21.EA45.B16E.ABD1&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=089de754-21f4-4261-acfa-41c19994d2a5&nonce=84083ef8-eff2-4ce6-96ad-ad4d3dcfdb33&login_hint=test_user

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=f845cd34-81eb-435c-9cc1-ae86eca97cd0&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQjIxLkVBNDUuQjE2RS5BQkQxIiwiZXhwIjoxNTMwODA5Njk1LCJpYXQiOjE1MzA4MDYwOTUsIm5vbmNlIjoiODQwODNlZjgtZWZmMi00Y2U2LTk2YWQtYWQ0ZDNkY2ZkYjMzIiwiYXV0aF90aW1lIjoxNTMwODA2MDk0LCJjX2hhc2giOiJRb1pNV0d6Y1Vzd2hESFNRLWpWX3dRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiclZVQXVuT201MG9rTEJXREdCX0xTazRDTEE1cDltY1BDUkJGa3A1VUZ0dyJ9.Ay4m6jEnxry11vlGqUFsEZKlGA_rGOyF8PiLV2zxMVyz8RNotL3Ty3-_wQJatL_pbJpiyJyaekRLjz9xyNasKgHPEnG12nNd57C2f7UXqgZ0B98XE1wEvNFfY3Q8AGYo74YvA2q1mzIhiFIudHZbK8iBEaU1zISjgdS1vCJJiIgglzsIi1i-0px9klnYJf-11kjpcHGJ_MdwREoDI2dANTaKhrpHGQ5Tq6uWwR5wSCRbz18HMbpL-NdQS9ItnE2ratl1SS3RXh1HBgY8Rvo_W3VBzn56hHps5Q3sB0-qBp0F67vyKXx3Px_cdGYGcHUD9T9rbhzn-2Cg2V8nyPgAtA&session_id=01526a46-d429-42a7-a891-ecadd44b0374&state=089de754-21f4-4261-acfa-41c19994d2a5&session_state=3e2b0afc-77bb-44b7-ae93-1cff6142bdab

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMUIyMS5FQTQ1LkIxNkUuQUJEMTpiOTJhMjM0MC00YmNmLTQ5MjctODdiOS1jMTc1MjE0YjdhYmI=

grant_type=authorization_code&code=f845cd34-81eb-435c-9cc1-ae86eca97cd0&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b21ee15d-e8d8-40f1-9480-912c2a9c0e07","token_type":"bearer","expires_in":299,"refresh_token":"57649867-04e9-4a69-a773-b720be218151","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQjIxLkVBNDUuQjE2RS5BQkQxIiwiZXhwIjoxNTMwODA5Njk1LCJpYXQiOjE1MzA4MDYwOTUsIm5vbmNlIjoiODQwODNlZjgtZWZmMi00Y2U2LTk2YWQtYWQ0ZDNkY2ZkYjMzIiwiYXV0aF90aW1lIjoxNTMwODA2MDk0LCJhdF9oYXNoIjoiTS1CTjZyRUFENVdvajI2a2lNVHMxQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InJWVUF1bk9tNTBva0xCV0RHQl9MU2s0Q0xBNXA5bWNQQ1JCRmtwNVVGdHcifQ.h4YZOLKI04uUFCHHoFK_FGZfDe4rD3irAELZhcUi0cYASdFXdHMYSTNKj6_7b4WlivUFwo-m082CJ5r-nKFU1V209T2-PtApTN6Vgq-_14M4qTjaD6kiv-6KCh0i-wo8tOam-7RwOk1fLfs-u0ctodQcnIx56ST0d8MMojqFuJXx3lxGoamAlMuyY0r7ckQiQOPc0yMrBUcvKL-CX4ps4wpf65gvHpVNb6yyRX5QQwueaF2hUF2SftOBDXCTL3e0pkfUO7fqKhCZiY0pwUQT_99aTxmpjiP3hXhETeFFoIi_KOeOyw4RK7Zhvs38TK-4fOMrgOjec6i2bHT-ToWkSA"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMUIyMS5FQTQ1LkIxNkUuQUJEMTpiOTJhMjM0MC00YmNmLTQ5MjctODdiOS1jMTc1MjE0YjdhYmI=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=57649867-04e9-4a69-a773-b720be218151

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"9089929f-a18b-4849-9841-5d2e08213864","token_type":"bearer","expires_in":299,"refresh_token":"5afed628-9795-4dc1-b9e2-2924a44a583a","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9089929f-a18b-4849-9841-5d2e08213864

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 15:54:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"rVUAunOm50okLBWDGB_LSk4CLA5p9mcPCRBFkp5UFtw","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: authorizationCodeFlowNegativeTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1309
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FB17.A9F0.AB20.69F5",
    "client_secret": "9a8f38f0-5e48-46cb-bf36-54ad2499cf1b",
    "registration_access_token": "b2effa0c-c95d-4fd3-b10d-07985d729a6a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FB17.A9F0.AB20.69F5",
    "client_id_issued_at": 1530806095,
    "client_secret_expires_at": 1530892495,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FB17.A9F0.AB20.69F5&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=828a008a-479c-4642-b452-991af2e43df7&nonce=e06f6af5-d2cc-4cc8-8162-2bd0535af65a
11:55:17.026 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:518373f8-2bae-429f-82a7-1ec83e710ef2
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FB17.A9F0.AB20.69F5&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=828a008a-479c-4642-b452-991af2e43df7&nonce=e06f6af5-d2cc-4cc8-8162-2bd0535af65a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=3ee3ab3b-e2bb-4d69-b5b1-aae95b99ad5a&scope=openid&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQjE3LkE5RjAuQUIyMC42OUY1IiwiZXhwIjoxNTMwODA5Njk3LCJpYXQiOjE1MzA4MDYwOTcsIm5vbmNlIjoiZTA2ZjZhZjUtZDJjYy00Y2M4LTgxNjItMmJkMDUzNWFmNjVhIiwiYXV0aF90aW1lIjoxNTMwODA2MDk3LCJjX2hhc2giOiJFRGEyMVVGMVhfb3EtcjVLYThjS2hRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiOS1uTm8tbUNiVlRaN2gtVThkNl9aNmQ4azAzamJ3UUFoUGJBQWYwTXBzUSJ9.jkQSyrCPh1bV7ub4iWH355hvj4BOi_DPCaVoz07__rQTMr1ePZ8rXXnG6jwTuagLVWAxpNRbgxR_S-IqDhNxyF-E9lPYJblHkuWaJ6um0Xp3Nr2hyMW3Ak9Bc1DeeCFY1_yAVJWUiRIcqdOf7mh1XRoGzv1MF5UN_oUWJKMTKZBp26YDM3vbj2myT6J9UTkYcI8WHUg6oBjhHkpRz42Qkw07UZEWZRPkwzmdTrY_saLDLvEHaUSySzdH5g-x1QY472K-AdkL03IMnbTQjSH4e_KXuBZAvd0jcTMuOQ_eHG8rKeV6QVfQyue1yhcCP76C4Z-z3YCDktG-1QnYHKdI7w&session_id=cefbe623-2d19-4826-8b2b-3186ec8da94e&state=828a008a-479c-4642-b452-991af2e43df7&session_state=518373f8-2bae-429f-82a7-1ec83e710ef2

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRkIxNy5BOUYwLkFCMjAuNjlGNTo5YThmMzhmMC01ZTQ4LTQ2Y2ItYmYzNi01NGFkMjQ5OWNmMWI=

grant_type=authorization_code&code=3ee3ab3b-e2bb-4d69-b5b1-aae95b99ad5a&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"e2b27f90-4b2b-481d-8c4b-accb37e2273d","token_type":"bearer","expires_in":299,"refresh_token":"ef5c26d8-8fe9-4b43-9bc4-73cf5da41feb","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQjE3LkE5RjAuQUIyMC42OUY1IiwiZXhwIjoxNTMwODA5Njk3LCJpYXQiOjE1MzA4MDYwOTcsIm5vbmNlIjoiZTA2ZjZhZjUtZDJjYy00Y2M4LTgxNjItMmJkMDUzNWFmNjVhIiwiYXV0aF90aW1lIjoxNTMwODA2MDk3LCJhdF9oYXNoIjoiQzlUVDRDVWV3aEh6S2NYQ0lOSG9YZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ijktbk5vLW1DYlZUWjdoLVU4ZDZfWjZkOGswM2pid1FBaFBiQUFmME1wc1EifQ.ESjRCVKSxMVnrX2oqYEg_GJjtOmSeYSwfmDeNTIT6j6qqC-1NxYsrHAgky-JNl6fhhBpNTm5AWHwpd8O427VnrLoMOTGLRHpbA3CY5kXCeDGs2-EwiJdbiE8qaApRpFugEkwB8AK89wCG5HnMNrjY3nI-wiDPE58wS1HPFx-OxbhkfuANn-vhsQrERj62uq6ZW6XdTN5P5fFCyTLV5mnDqpryb19xdyn79zr3XXyzgdYr3cZ3eSADTIoGVY3IGmf2MHkVUv4e7DRVOpJGux0w2OwkYDaEaAlUj-oeJweGIvHfefPUjCvd2PB6A1LammiCIkvQt0DIuKEH_8vYnfS4g"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRkIxNy5BOUYwLkFCMjAuNjlGNTo5YThmMzhmMC01ZTQ4LTQ2Y2ItYmYzNi01NGFkMjQ5OWNmMWI=

grant_type=refresh_token&scope=openid&refresh_token=ef5c26d8-8fe9-4b43-9bc4-73cf5da41feb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 166
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"50a37ae0-b1b4-40ec-bc47-7eb4357fe38b","token_type":"bearer","expires_in":299,"refresh_token":"93f61f1c-1102-4de1-8f5f-76154cacd951","scope":"openid"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 50a37ae0-b1b4-40ec-bc47-7eb4357fe38b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 53
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 15:54:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"sub":"9-nNo-mCbVTZ7h-U8d6_Z6d8k03jbwQAhPbAAf0MpsQ"}

#######################################################
TEST: authorizationCodeFlowWithOptionalNonce
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B66E.7B59.893B.B7FA",
    "client_secret": "0f0d2c49-8f8a-42bc-abc8-e6b1cb7b703c",
    "registration_access_token": "1dedd346-253c-4c8f-b407-6a9fe40de59f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B66E.7B59.893B.B7FA",
    "client_id_issued_at": 1530806097,
    "client_secret_expires_at": 1530892497,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B66E.7B59.893B.B7FA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=45f5722b-cb92-4e3b-bf66-58f161b6228b&nonce=8de1e711-7bf1-4463-ae83-44f047d058ea
11:55:19.101 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3d9b483a-0f61-493e-86d4-2c6b43b49c3d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B66E.7B59.893B.B7FA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=45f5722b-cb92-4e3b-bf66-58f161b6228b&nonce=8de1e711-7bf1-4463-ae83-44f047d058ea

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=b8faa61d-f7d0-4248-ad5e-a0c7e01b54c8&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCNjZFLjdCNTkuODkzQi5CN0ZBIiwiZXhwIjoxNTMwODA5Njk5LCJpYXQiOjE1MzA4MDYwOTksIm5vbmNlIjoiOGRlMWU3MTEtN2JmMS00NDYzLWFlODMtNDRmMDQ3ZDA1OGVhIiwiYXV0aF90aW1lIjoxNTMwODA2MDk5LCJjX2hhc2giOiJCVkRFQUFsbklPMFBXZU5PdWliN2RBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiNkp2bGExYVJHbXRyTHppakFYUHhaM0I2UGpzU1lucGQ3WC1aUGEzdXhLMCJ9.aeJdOn2Xu6CutnjMZ-9EnFWPsvPWdVZaKcIxZfraABfdy5OJ_q1GlH6l24qkDTUn6OsnJVrWVG12AVg0CC7oP3XNMLfI7UZ92V5Zd7ShnmbLA9-04_aHuS9NvB4mcMFI4bvs-avwloCSaVmUzT4cYIq-cmpNwqVrdk3N5E-pJcj9_NBXsbHgKRlSQuZUGGbWNcLijaK2AjvwCKHG5t7-MPzLB2QGy6uIQPn3tLbDJX4xtd9s8l724BxsJXjQW28iRsDfZHV9iSEeszAk3hRB9DX0ejw4M8mMqj02WVyJGmoDHA59RZLsamhAY560ZDHv4QcYGbzt0xJ3OI4EyXzElw&session_id=db515dac-0d52-4b05-904e-645bf1950f5a&state=45f5722b-cb92-4e3b-bf66-58f161b6228b&session_state=3d9b483a-0f61-493e-86d4-2c6b43b49c3d

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQjY2RS43QjU5Ljg5M0IuQjdGQTowZjBkMmM0OS04ZjhhLTQyYmMtYWJjOC1lNmIxY2I3YjcwM2M=

grant_type=authorization_code&code=b8faa61d-f7d0-4248-ad5e-a0c7e01b54c8&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"9d1e85fc-56ae-46bd-b0f2-70b500f9f493","token_type":"bearer","expires_in":299,"refresh_token":"c9dbbdb2-c106-4ac2-ac53-ebcc9f0dad8f","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCNjZFLjdCNTkuODkzQi5CN0ZBIiwiZXhwIjoxNTMwODA5Njk5LCJpYXQiOjE1MzA4MDYwOTksIm5vbmNlIjoiOGRlMWU3MTEtN2JmMS00NDYzLWFlODMtNDRmMDQ3ZDA1OGVhIiwiYXV0aF90aW1lIjoxNTMwODA2MDk5LCJhdF9oYXNoIjoiYXNBX2ZhQkJQcThxdnh5U0hxcFJHdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjZKdmxhMWFSR210ckx6aWpBWFB4WjNCNlBqc1NZbnBkN1gtWlBhM3V4SzAifQ.iSL4H6eCaBkIEUSz6Wl9ML6smWBJ-Zr6V89524yRtH4OIFQNBY9kdQollpN8oyh07X2fVq7iJHQTg2BWsU0um6gGp-NDyJOibNZ8ZSVM987SBsrzrg3Q7kU4iS1if3v1_5SkOTX6e8UmtYqjx3VCBeLV2IRQNq8wjp2-jLHEb3-IlMm2uRDo3kjCVH6LD1nkKv0ascgrGfXWvhpQCkLTYTuEhyceaumKZ-kKaO_cAuIOb7v1XEuASJdDsQUC04op5uvv8ItSp-mCu5RHrY7q2YqeczQ4-x2ehx109pO9vCk8-Wthpi5LtETJxVtJiIFCv3h5bc0hF602T8-MsD6RUA"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQjY2RS43QjU5Ljg5M0IuQjdGQTowZjBkMmM0OS04ZjhhLTQyYmMtYWJjOC1lNmIxY2I3YjcwM2M=

grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=c9dbbdb2-c106-4ac2-ac53-ebcc9f0dad8f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 188
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"91c90feb-99f0-4144-abb8-84bd09cf88fe","token_type":"bearer","expires_in":299,"refresh_token":"a0365e98-4c1c-4fb2-9992-aad74140693d","scope":"address openid profile email"}

#######################################################
TEST: authorizationCodeWithNotAllowedScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:54:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D073.813E.3F8B.0B95",
    "client_secret": "a864e32d-e561-4cd1-81a3-f41fa49cc8b3",
    "registration_access_token": "0ecbcec9-8ce4-44a4-91cc-f49bcd36070a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D073.813E.3F8B.0B95",
    "client_id_issued_at": 1530806099,
    "client_secret_expires_at": 1530892499,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D073.813E.3F8B.0B95&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=69eb90a6-24bb-471d-bc3c-99d782154434&nonce=18df7234-e7bf-4dd5-ad52-ed731522124c
11:55:21.194 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8ef092ef-cf5a-4326-94d2-3d0fa9a1ceb8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D073.813E.3F8B.0B95&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=69eb90a6-24bb-471d-bc3c-99d782154434&nonce=18df7234-e7bf-4dd5-ad52-ed731522124c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=6c7e4d8f-72f2-41b7-b169-f5c6b51106c1&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMDczLjgxM0UuM0Y4Qi4wQjk1IiwiZXhwIjoxNTMwODA5NzAxLCJpYXQiOjE1MzA4MDYxMDEsIm5vbmNlIjoiMThkZjcyMzQtZTdiZi00ZGQ1LWFkNTItZWQ3MzE1MjIxMjRjIiwiYXV0aF90aW1lIjoxNTMwODA2MTAxLCJjX2hhc2giOiJjOHZPUnNmd2VxaXd1aDlmSElEcUJnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiUGNuNmZycUlwektDVmx2WWJEQ0stczR2MHF6YWNfeGk4WXBOMmdORVoxQSJ9.rQhHWpl8UtQWaplcobAFQYdvsiHUesFv8acUp_AIdk5EAVA1GM3RvL4A2D4SuBTjRdV73LBTwK306FV2y65HXLhkQjmwZ1CP_4ET0-PN8YmMLNCf3lZt_i0kDHziRKGxu0lXOBKy_6o5ADngv-hBpoTociW73BDrpT-k2GCQg8zCKmCDJhn54nqTDDFmINsW-OFppRu-uVlaaJO-Qya24-D0R_dkO_o9XTnmNSUPb7xQpq2W_ZWkSWfuvjJ5KYXNFraHhgThk0fYecHGLSb2ctgPSYJ6VAbk_S073f-JJo_GbD864KJlSfRDLaZv7VdeVUiErt8Vsv3RlEi90lqGhg&session_id=9521c0e4-5383-4027-b220-472c8c8a5761&state=69eb90a6-24bb-471d-bc3c-99d782154434&session_state=8ef092ef-cf5a-4326-94d2-3d0fa9a1ceb8

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRDA3My44MTNFLjNGOEIuMEI5NTphODY0ZTMyZC1lNTYxLTRjZDEtODFhMy1mNDFmYTQ5Y2M4YjM=

grant_type=authorization_code&code=6c7e4d8f-72f2-41b7-b169-f5c6b51106c1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"d1767293-944f-4dd2-8ccb-a3a1121ed5f1","token_type":"bearer","expires_in":299,"refresh_token":"9042d496-8618-4c09-ab07-1c947495d554","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMDczLjgxM0UuM0Y4Qi4wQjk1IiwiZXhwIjoxNTMwODA5NzAxLCJpYXQiOjE1MzA4MDYxMDEsIm5vbmNlIjoiMThkZjcyMzQtZTdiZi00ZGQ1LWFkNTItZWQ3MzE1MjIxMjRjIiwiYXV0aF90aW1lIjoxNTMwODA2MTAxLCJhdF9oYXNoIjoiSjlBMXBtTFpqTDd2RElMWE9KZ2JLdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlBjbjZmcnFJcHpLQ1ZsdlliRENLLXM0djBxemFjX3hpOFlwTjJnTkVaMUEifQ.WP7MpKYd6oIqdpAYMWtijLEMTTDgqf2t0qEXYStJm8TWLht2plFYnyEY9D1LqMrThMq9x0-1BmNk-Yufh_Jn9k35uaGD_tmfZzlld7GwqFjatNREtr5BuOqCMjQ2wVVurpe3acUXFKgyj3PkWhI4aZbYH-DWuIuVq95gEEzwfoymC4sq81pcP0Rye8C8WrmBkdiDTCJ2rvnylRj-QjMq2DKA9ELfyMPkI6L4LkgDausSX7TSaK8F24-Dp6_UCxmIJLZRvbBkodWARs6QGor6X80FR-4G2X3wahpGkaO_JH0pNmHKUHWIjRLbEA9llQ8oj8bIGfc3DiSY_ljT6McXIw"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d1767293-944f-4dd2-8ccb-a3a1121ed5f1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 15:55:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"Pcn6frqIpzKCVlvYbDCK-s4v0qzac_xi8YpN2gNEZ1A","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: revokeTokens
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!30C0.B6DD.A784.67A3",
    "client_secret": "08f72ef7-fdb5-44c2-b1f7-ad185b27a109",
    "registration_access_token": "111a78b2-63d1-46f4-8652-13a4801cc8f4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!30C0.B6DD.A784.67A3",
    "client_id_issued_at": 1530806101,
    "client_secret_expires_at": 1530892501,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 111a78b2-63d1-46f4-8652-13a4801cc8f4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!30C0.B6DD.A784.67A3",
    "client_secret": "08f72ef7-fdb5-44c2-b1f7-ad185b27a109",
    "registration_access_token": "111a78b2-63d1-46f4-8652-13a4801cc8f4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!30C0.B6DD.A784.67A3",
    "client_id_issued_at": 1530806101,
    "client_secret_expires_at": 1530892501,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2130C0.B6DD.A784.67A3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=177d5d1f-6e73-4b2a-9fd9-ff15027a0f5a&nonce=e2fb4578-921b-42e4-baef-e545a0dfe771
11:55:23.170 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a0c4fef6-501f-4e66-8909-a6facf76cab3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2130C0.B6DD.A784.67A3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=177d5d1f-6e73-4b2a-9fd9-ff15027a0f5a&nonce=e2fb4578-921b-42e4-baef-e545a0dfe771

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=25815cfb-94e2-4c1d-b1bb-b301ce6cac25&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzMEMwLkI2REQuQTc4NC42N0EzIiwiZXhwIjoxNTMwODA5NzAzLCJpYXQiOjE1MzA4MDYxMDMsIm5vbmNlIjoiZTJmYjQ1NzgtOTIxYi00MmU0LWJhZWYtZTU0NWEwZGZlNzcxIiwiYXV0aF90aW1lIjoxNTMwODA2MTAzLCJjX2hhc2giOiJRVHNVQWVPSEpXWGFoVkpTWUNUbFZRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMndVekc1YzNvaUlhdldiamRGVURXUGVPbWx2VEZQTEpCWXowcnRVSGtCdyJ9.sPVsm0wK41uVM1u2a7VQM-FUyJ7r4-XjRZXWv7qqzrRpl4XnYgDBVtFFQyxfdFSKPwUPj3J3TJCKaZC7q1pyn2z-DxwXDoPY2tIzHXnjBVWbgFifbE_I2Iv6bOT5-YntLUVBMQ9I41m1jFNLbxAsbWf9L-SZXYzlVglAMXr9D2unSdY-IiVuFg2rA1fLAueHi7lL4zT6AsKEh7wgQI0OwcJ11oQhfHAZXxTJpRJ61VP99iwkwHgKM6ONQLzV53pdcUU5ElsI62x4Uopwtpvyc2qxxUE_fBrXlkpjKFHh0V1NLF7I4TfUOXNcLF3ddHEvHFmfIMwW1kYuKyJUteo0DA&session_id=7bb56563-ce59-42eb-a2fd-ba301d64d1ba&state=177d5d1f-6e73-4b2a-9fd9-ff15027a0f5a&session_state=a0c4fef6-501f-4e66-8909-a6facf76cab3

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMzBDMC5CNkRELkE3ODQuNjdBMzowOGY3MmVmNy1mZGI1LTQ0YzItYjFmNy1hZDE4NWIyN2ExMDk=

grant_type=authorization_code&code=25815cfb-94e2-4c1d-b1bb-b301ce6cac25&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"50dce049-89e9-40c9-8ba1-19b07050be03","token_type":"bearer","expires_in":299,"refresh_token":"066f4fb1-a5f9-4131-8968-6a3b0cd26805","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzMEMwLkI2REQuQTc4NC42N0EzIiwiZXhwIjoxNTMwODA5NzAzLCJpYXQiOjE1MzA4MDYxMDMsIm5vbmNlIjoiZTJmYjQ1NzgtOTIxYi00MmU0LWJhZWYtZTU0NWEwZGZlNzcxIiwiYXV0aF90aW1lIjoxNTMwODA2MTAzLCJhdF9oYXNoIjoiektjOGNzQ3hLSS1BcWRQSDRYdktzdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjJ3VXpHNWMzb2lJYXZXYmpkRlVEV1BlT21sdlRGUExKQll6MHJ0VUhrQncifQ.reBOC3L4mbrg6bWI-l8RoFpHDXYVO4VuFi9Y4FMYoYCv90KsYVTodJ0zBriLteHdTXUcozxBH068VX_5wcG4W7WJ1alBCNOF2yWRggnyfGh_1-mJjsQk3pAROyG5-Bg--YzUuy3ltASL5dUfCIy7aE1rlAlYhfHuk42B9ZohGOsykP5IpvtSu_AswNCJPxjfWkNyLxXbVP-4LjO77CLuABjWWJlMIdSLdVbM9ukfmrPFz20EaovylTLLduX1YaKIwobTiaps29c2BhQKNQSyKnDJsYzHauYDyNEDj-KJMCk1bG7615iA9wjqTvj5zfmHxFmI3OD-hG-M6Ly-ydXGRQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMzBDMC5CNkRELkE3ODQuNjdBMzowOGY3MmVmNy1mZGI1LTQ0YzItYjFmNy1hZDE4NWIyN2ExMDk=

grant_type=authorization_code&code=25815cfb-94e2-4c1d-b1bb-b301ce6cac25&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 213
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:03 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMzBDMC5CNkRELkE3ODQuNjdBMzowOGY3MmVmNy1mZGI1LTQ0YzItYjFmNy1hZDE4NWIyN2ExMDk=

grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=066f4fb1-a5f9-4131-8968-6a3b0cd26805

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 213
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 50dce049-89e9-40c9-8ba1-19b07050be03

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 203
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:03 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:55:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D191.FB2C.9005.6B41",
    "client_secret": "09578da8-00d5-456a-be41-af125496bc94",
    "registration_access_token": "f9dbc89f-6d6d-4a7c-b3e7-043aae6fcb2e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D191.FB2C.9005.6B41",
    "client_id_issued_at": 1530806103,
    "client_secret_expires_at": 1530892503,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D191.FB2C.9005.6B41&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2ef0da0a-9d5c-4fe3-8300-992284b239ba&nonce=8fedaa84-e626-4173-a335-69f7c24080dd&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 15:55:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=97d96b28-5825-4709-8d8f-d398968b49a3&scope=address+openid+profile+email&session_id=fbddc2c4-194f-48ec-8a69-45bd6d1c8170&state=2ef0da0a-9d5c-4fe3-8300-992284b239ba&session_state=60525da6-9d7d-4a29-9415-d18ae35a485c
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EEB2.07AB.8A7B.9450",
    "client_secret": "cd45ad9e-cc45-4a28-817d-66a5fce948b5",
    "registration_access_token": "41d1b9d2-7af7-4edd-84ea-8f62ddd09902",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EEB2.07AB.8A7B.9450",
    "client_id_issued_at": 1530806104,
    "client_secret_expires_at": 1530892504,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EEB2.07AB.8A7B.9450&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9f9c8ecb-b94a-46ca-bdce-53051bf3a68d&nonce=ec183bb0-4a99-4a6b-addb-65ebb12baaf3&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 15:55:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=54eacc6d-5bbd-4e60-88c9-581c4c88f7a1&scope=address+openid+profile+email&session_id=3332ce2c-cb9c-473f-a0f2-50cbe82a65d8&state=9f9c8ecb-b94a-46ca-bdce-53051bf3a68d&token_type=bearer&session_state=14f53ee1-268c-4ecf-804a-de25a582b77f&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!46D5.A7C5.1811.9CF3",
    "client_secret": "7df04c5a-48fe-495d-be6b-9ea6fc025ff6",
    "registration_access_token": "0ce432e4-c572-4bc0-9ca4-add2addab6a9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!46D5.A7C5.1811.9CF3",
    "client_id_issued_at": 1530806104,
    "client_secret_expires_at": 1530892504,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2146D5.A7C5.1811.9CF3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ad04c0e0-f3bc-4cdc-98ce-badce3370f8c&nonce=35269ea8-ffcf-4d09-ba44-560ad7027808&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 15:55:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0NkQ1LkE3QzUuMTgxMS45Q0YzIiwiZXhwIjoxNTMwODA5NzA0LCJpYXQiOjE1MzA4MDYxMDQsIm5vbmNlIjoiMzUyNjllYTgtZmZjZi00ZDA5LWJhNDQtNTYwYWQ3MDI3ODA4IiwiYXV0aF90aW1lIjoxNTMwODA2MTA0LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJHLUwwaExuUXItdmRQUnU0OUhJS3U4dTVkUHhIcjdYZDBFRmJMa0NITWI4In0.FaJVrbRN-clHnyl8Zf-DcaGmtqjdICsK9KvV2RB6_SSYJ6Qjnpf_pOrQOch-PFW6EuuvQuVXMqSCqAF60u4uC-J_Cj-vBHVVQnPS_3HQtw0s1LnrmHa_8Tu1MiIm7aZiFHOk0UB49AvGNI2ouvEIEiQrZWbZPUiyYNYlGKxu9sY5-m7p08irzSREbuorot6-5dHzklWIrx4pRM5Zk15bl7pSdyu3LKXtlizNOvIP6cGgRMaHu_M2IwaQay4iwcNuJeHxjvhj8OXlWEp4b8X8ruEA39wFxGOTj4LwweeosamdQ4SjOFJVnL2I1nALShqRsjX9gAtPgzv7QYci_f2Qeg&session_id=ccea0893-0ce1-416f-8681-4954797b6f91&state=ad04c0e0-f3bc-4cdc-98ce-badce3370f8c&session_state=ada9c9ce-444d-4ad6-8a64-cc9c8a87360b
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!601C.6DEF.9CD5.B09B",
    "client_secret": "4ead3ccd-3c3d-45d2-831f-fe8bb79c4d89",
    "registration_access_token": "9a27e3cd-69cb-4a19-b797-8268101ea2b3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!601C.6DEF.9CD5.B09B",
    "client_id_issued_at": 1530806104,
    "client_secret_expires_at": 1530892504,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21601C.6DEF.9CD5.B09B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3d6a6e47-385a-43f1-b181-b8a5d6b28e06&nonce=c0b8581f-e5e1-4d01-be32-4d569ad8de2d&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 15:55:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=e1af4bc9-c6d7-4344-9e8b-3d6de1893f93&code=c0d07ea4-f2a1-4efd-8429-429a6fd41a7f&scope=address+openid+profile+email&session_id=1229420a-15b5-48ce-985c-fa37968b4b66&state=3d6a6e47-385a-43f1-b181-b8a5d6b28e06&token_type=bearer&session_state=94a75bd0-dd34-442e-a544-fdb44b7af714&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5D2E.A5CE.C7C0.A895",
    "client_secret": "0e2cf352-976a-4ba9-8915-1a567ee6967c",
    "registration_access_token": "91242e3b-961d-46e5-b0d5-d5908523fdd6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5D2E.A5CE.C7C0.A895",
    "client_id_issued_at": 1530806104,
    "client_secret_expires_at": 1530892504,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215D2E.A5CE.C7C0.A895&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95d14c2b-832e-4685-bfdd-dbef10a63007&nonce=850b7ed1-0021-441d-8366-fe660fce1f0a&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 15:55:05 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=6ee8bc3c-3bea-4800-a227-2a9cd962e38d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1RDJFLkE1Q0UuQzdDMC5BODk1IiwiZXhwIjoxNTMwODA5NzA1LCJpYXQiOjE1MzA4MDYxMDUsIm5vbmNlIjoiODUwYjdlZDEtMDAyMS00NDFkLTgzNjYtZmU2NjBmY2UxZjBhIiwiYXV0aF90aW1lIjoxNTMwODA2MTA1LCJjX2hhc2giOiJMRFZPTE9SSk9Ua0RVTHlOaEFkeER3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiZ3J0RVRJblgyWVhMNU0tVGgzbHV5MWhCTkltb3RhRHdJem11YkpIaU9ROCJ9.dzZnLApWWG7aIzCYYB-g6hM7emwJrTKf8Fc-JEMq2lvlz2rND5EPWqJKjzc3O80DU39QCjrvLjQZwJ_fJXx1yK6hupmnmMdexxb0GsvCWBrv_8sRoSnOls1apDrWuedjGZN5BdnlvJn7P7_Ies56oCX6Kahy86n14ZyefCKG754SARgL43eolkfJUD3Wa7_D-a2cSK9hIPjuLz5kLGBwbF21JsXEl5rv8ftTPqOOu81o7tmJpnH7RVcdkGb9RLpNqqh71_VUzbhk7dpK7gcXf_0vbtvqnVcL7Gs9_jmjNSkVIMA2qEouMpw8N4zJT7-_4V2-ezD6EAGdTv7tWL83uQ&session_id=c8d369a6-3032-4739-b00f-32e874fbdaf9&state=95d14c2b-832e-4685-bfdd-dbef10a63007&session_state=ed44db24-0db6-4dde-96af-d593ff4f6a1c
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D5B9.21BF.357A.C849",
    "client_secret": "7cb4a997-30a2-4aa3-9e85-d696b219749e",
    "registration_access_token": "d7f46cab-ed9f-4219-8d82-ae6b1335c842",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D5B9.21BF.357A.C849",
    "client_id_issued_at": 1530806105,
    "client_secret_expires_at": 1530892505,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D5B9.21BF.357A.C849&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f29c1267-8a2a-4b35-b746-e8eecb6984cd&nonce=01787fe9-fffa-45e9-b6c8-1c022125db1a&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 15:55:05 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=ed451f2d-07e8-42a0-b0e9-7f68952e943a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFENUI5LjIxQkYuMzU3QS5DODQ5IiwiZXhwIjoxNTMwODA5NzA1LCJpYXQiOjE1MzA4MDYxMDUsIm5vbmNlIjoiMDE3ODdmZTktZmZmYS00NWU5LWI2YzgtMWMwMjIxMjVkYjFhIiwiYXV0aF90aW1lIjoxNTMwODA2MTA1LCJhdF9oYXNoIjoiQkcxUWhtN09CRmw2S19Vb20wQ25pUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjRlelp2MWU0MWpvb1hGUWU1NkdhaXBlRUR0U1N2MHhwYVN4Y2RFZTMtSEkifQ.PIPuWYN1CFbYE7vjdhZSbQ658TsMSmd1SZvyzBFI6RxKM3x7MPIB4VHDkSOdX39kdiGqozOdgSMUwFf5ngiBT_jNMBg1W4KuTWs4B8ScPI1jZfKGn4gL0f9vbkYOzGxeTOX2o9DWDohUWPZ51C61WEWiZXTaO0MTi6G6mowl3fd4hh4SZ-YlKpHIs1ctOP5HQkp6Is19OJFd_3IFhXESbq6ZF7-fEQ8bh9AtVAOYeZQycjUGk4jZlJAb1AscLxplEWonXaOdupUQU93y1bPkAM1-xoQbBMHXUXNcmRZ3NiiqfUC48SOE-qbuQrgXCdF4o0DdFrkJhZk8-IQ38WIy3A&session_id=7f52a441-54ac-49cc-964c-24390ae24031&state=f29c1267-8a2a-4b35-b746-e8eecb6984cd&token_type=bearer&session_state=d5e7f47f-762d-4ed8-8c16-73fcd2b27c27&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AB15.8C92.8881.E542",
    "client_secret": "58177acd-803e-4f5b-91a0-1f85a2d78c78",
    "registration_access_token": "fea92ae1-22b5-4787-9419-0bc6779ee608",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AB15.8C92.8881.E542",
    "client_id_issued_at": 1530806105,
    "client_secret_expires_at": 1530892505,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AB15.8C92.8881.E542&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f6d3b4b6-18be-4f71-bd77-a556237b57bc&nonce=f4e7f65b-6eb3-432f-9833-6c58e66f624d&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 15:55:05 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=1982181d-6ceb-4604-84e7-4c73aa193042&code=18af42ac-5d07-4355-8a18-7c3ab440c22f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQjE1LjhDOTIuODg4MS5FNTQyIiwiZXhwIjoxNTMwODA5NzA1LCJpYXQiOjE1MzA4MDYxMDUsIm5vbmNlIjoiZjRlN2Y2NWItNmViMy00MzJmLTk4MzMtNmM1OGU2NmY2MjRkIiwiYXV0aF90aW1lIjoxNTMwODA2MTA1LCJjX2hhc2giOiJkTDBIajFGX2djdHgtVnVsb080S3NnIiwiYXRfaGFzaCI6InVqNEFlay04X1Z6YTdEWnJhaUdvV3ciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJDSDBqUlhCa3JNQ1dyMTk4UWpoc0kzd3hZSjlrUDZjMm8tV0cyMERBcTJvIn0.JwIro0p77RgZiHN_PpQmaS6tlVbHZaoIzVxED65AYu08Adh3xHg75LIgw1lQHwc40Hp-9KC_Ub0tlK1fE5wIpu7jcsenJV69kHqcm4CNs9a_Weq0L_0p-pFZa3Pf3luK_pXXpRNVfY0NxLDoGngWZZZ_6nUK4Cj0l56-akqFlMOk0DDcYC5EjmURDgnyvFq9Lc443dFP5yHAtRgKJeURQ5zJ7lT7lOmPBhLj3t1SYvg_wKUnerjHI4zqpYAjnPPXUbKIsMcUUymFqFvNss7CRQLVilOeleOqmPyGyNi6MuDwbdziZNdqOozyKSD1S3RCM_xcwysHywYZamsJp-M6cQ&session_id=7c34a4e4-f136-4ddf-a379-30d7701e8200&state=f6d3b4b6-18be-4f71-bd77-a556237b57bc&token_type=bearer&session_state=9db85410-56e4-4465-bfd9-691a7542951c&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:55:05 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:05 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: defaultResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B762.4811.60CD.D39B",
    "client_secret": "ee09c295-9b19-4dd7-afaf-160d9f44ed1f",
    "registration_access_token": "11d2f5f4-ef20-4889-bc7b-23ee65303a00",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B762.4811.60CD.D39B",
    "client_id_issued_at": 1530806105,
    "client_secret_expires_at": 1530892505,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B762.4811.60CD.D39B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9e8574ca-afc0-4228-bcd2-4649a41d354b
11:55:27.290 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:677e3655-24ad-4657-8029-a78d3561b5c0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B762.4811.60CD.D39B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9e8574ca-afc0-4228-bcd2-4649a41d354b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=5efbaf0d-798b-4c4f-946d-2c785e87c947&scope=address+openid+profile+email&session_id=5bc4c06f-75e2-4f74-bfaa-9f34c2bbeac5&state=9e8574ca-afc0-4228-bcd2-4649a41d354b&session_state=677e3655-24ad-4657-8029-a78d3561b5c0

#######################################################
TEST: defaultResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!83BD.F7EF.471F.466C",
    "client_secret": "51fc5759-af73-425e-a247-fccdb8872704",
    "registration_access_token": "d713a652-35e0-40f6-b7aa-325dae7be0d7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!83BD.F7EF.471F.466C",
    "client_id_issued_at": 1530806107,
    "client_secret_expires_at": 1530892507,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2183BD.F7EF.471F.466C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ce5da077-2bfc-421c-aa6a-7eaf3855f8e1&nonce=89766d00-fd7b-42ed-8393-4e788dc41c38
11:55:28.757 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cfa580ef-770f-40d5-bb32-eccf02f21813
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2183BD.F7EF.471F.466C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ce5da077-2bfc-421c-aa6a-7eaf3855f8e1&nonce=89766d00-fd7b-42ed-8393-4e788dc41c38

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=eebe2fa2-1c18-472d-93db-e11e4349b18e&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4M0JELkY3RUYuNDcxRi40NjZDIiwiZXhwIjoxNTMwODA5NzA4LCJpYXQiOjE1MzA4MDYxMDgsIm5vbmNlIjoiODk3NjZkMDAtZmQ3Yi00MmVkLTgzOTMtNGU3ODhkYzQxYzM4IiwiYXV0aF90aW1lIjoxNTMwODA2MTA4LCJjX2hhc2giOiI0d1lUTHh3cEJUQkR0alBQaU9qbkdnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiUmRqanpmOWxlak9MQnBkd2tJUnFkMF81ZTBQMXRTdEJuR21aTjI5Z3JmYyJ9.UZ0XyZAycTlojSQEmgkv0pflx46sGZN8U5lJGb1i0Wn2qjXjP-u4Anc5V_bHV7PFl2iHRpfcC0wi8oIp2VTmlPb9lmLJI1JLbCarxcvOyGnOMahAE9caaD5LmsyPjleqTxBJP7WFj7EL_8dlPsPAg9s_Y3dJ9oKAA311E80dCYakFtVFvwxRBzzHzCr8pEy3ciopnWs6clM6oTqtIlVTrCNzTv6e5W6H8-vhAGmkYBVmVOPmRDR6sC9GC4jqM9wAT7eg3ydfNB_IN0uPPNbgmWCbpGik76kjwSMF0RYKKOYDSqi_vs68RGZpQzsHQA_KFjZAq3cn81N9orz2fhDIaQ&session_id=e59e951b-2720-4101-a4d0-1708e5544be6&state=ce5da077-2bfc-421c-aa6a-7eaf3855f8e1&session_state=cfa580ef-770f-40d5-bb32-eccf02f21813

#######################################################
TEST: defaultResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!540C.E228.566E.D99A",
    "client_secret": "23fe0456-172a-4814-927d-afdbe2ab0dc1",
    "registration_access_token": "4e14290e-49fe-4c6d-8472-296d3c0b5c19",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!540C.E228.566E.D99A",
    "client_id_issued_at": 1530806108,
    "client_secret_expires_at": 1530892508,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21540C.E228.566E.D99A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4c0917ab-6c74-44de-bb1c-45b6e09b5685&nonce=9740fc74-8f38-4358-b073-12cb79b13686
11:55:30.261 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:93b33160-7f22-4a46-99ed-ed0fcb7dcafb
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21540C.E228.566E.D99A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4c0917ab-6c74-44de-bb1c-45b6e09b5685&nonce=9740fc74-8f38-4358-b073-12cb79b13686

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=8059dc25-632a-4b4f-8230-dfb681f5f104&code=23a01a48-5f23-412c-92d1-718e6bf45bee&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NDBDLkUyMjguNTY2RS5EOTlBIiwiZXhwIjoxNTMwODA5NzEwLCJpYXQiOjE1MzA4MDYxMTAsIm5vbmNlIjoiOTc0MGZjNzQtOGYzOC00MzU4LWIwNzMtMTJjYjc5YjEzNjg2IiwiYXV0aF90aW1lIjoxNTMwODA2MTEwLCJjX2hhc2giOiJCa3A5dTJzUHJlYngtWVB3c0sxczd3IiwiYXRfaGFzaCI6IjJ2cW9nTXdrd2FJdUhZRmFLa3B1U2ciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJQWURZdldrYmFMTEpXMjltdmFmTXdKRlV1QWFncUJ3dTBRMTVLVm5EZ1Z3In0.gQ-Pmyu7FiG2NccZ_mOrzLVJGpSV3nZ1JPqjJ1rVGx9oxiCutEspAeR20iAaCZ9K4WV8QwtgMRKLAnAIyHpMR6JEeq-FIqFQQDQCTBa_V-I4G_GjzGa3whOYN-lsli8KLm4NpUBndJUDCP3izrummfYm7MPCTj2AqhdWThyOt9gzIsKx5yXNiOcIl7uy51RpO7rKvPH4JuvZiTlUgVtkAFxZCpWaHDKcgCE1MRVGgxtws6uLVUrRzvoGwGG-kNbKyUenUBXgDJcxY4cN0rsDIZxciC1VUyY6xb9K_CPAE1jCj2BXI_233yh1Eg9mAmaqMgU3QiN6zWwILycZpN-oEw&session_id=1fcb50ec-1789-4e9d-b33a-c480941acd15&state=4c0917ab-6c74-44de-bb1c-45b6e09b5685&token_type=bearer&session_state=93b33160-7f22-4a46-99ed-ed0fcb7dcafb&expires_in=299

#######################################################
TEST: defaultResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!860B.773F.05D1.32C9",
    "client_secret": "a24b7465-2ae9-416d-818f-7923d2101e1f",
    "registration_access_token": "aff9db24-e3eb-489f-ba76-7ca3b113ae85",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!860B.773F.05D1.32C9",
    "client_id_issued_at": 1530806110,
    "client_secret_expires_at": 1530892510,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21860B.773F.05D1.32C9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8b12e21b-8e66-47ce-8086-dc6124c26468&nonce=dec5f176-b5a5-46aa-a8e1-4ee5d1925a02
11:55:31.807 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:15cbbd45-84a8-41a0-838a-9d39c0ada685
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21860B.773F.05D1.32C9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8b12e21b-8e66-47ce-8086-dc6124c26468&nonce=dec5f176-b5a5-46aa-a8e1-4ee5d1925a02

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=95638a14-dcf9-48fe-8597-aed459b1f6e5&code=a3147daa-1825-4632-8e85-d937a77aea7e&scope=address+openid+profile+email&session_id=de6dfd22-2ef1-4bd9-8426-fc4338e4320c&state=8b12e21b-8e66-47ce-8086-dc6124c26468&token_type=bearer&session_state=15cbbd45-84a8-41a0-838a-9d39c0ada685&expires_in=299

#######################################################
TEST: defaultResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!56CA.6B74.7A1C.F20E",
    "client_secret": "b2afcebc-80d3-4711-8ac0-2914f4dce8c7",
    "registration_access_token": "5bc6f7da-b415-45ee-8381-b21e43db844b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!56CA.6B74.7A1C.F20E",
    "client_id_issued_at": 1530806112,
    "client_secret_expires_at": 1530892512,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2156CA.6B74.7A1C.F20E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f7a189eb-ae4e-4559-9775-2e6a485940b7&nonce=0641968d-b4fa-4e0c-8363-7cf56aa1bbe7
11:55:33.328 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3d412adb-cdc4-4608-8705-29239ccb017a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2156CA.6B74.7A1C.F20E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f7a189eb-ae4e-4559-9775-2e6a485940b7&nonce=0641968d-b4fa-4e0c-8363-7cf56aa1bbe7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NkNBLjZCNzQuN0ExQy5GMjBFIiwiZXhwIjoxNTMwODA5NzEzLCJpYXQiOjE1MzA4MDYxMTMsIm5vbmNlIjoiMDY0MTk2OGQtYjRmYS00ZTBjLTgzNjMtN2NmNTZhYTFiYmU3IiwiYXV0aF90aW1lIjoxNTMwODA2MTEzLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJtT1dONWN1UEdGTzJHZk9ucExnZ1dVVTA3bm9PLW12NE5Eb1RfOW1BOFZjIn0.V5YGKbpeZ5aA4vqc1Mt5XNnu7675i6pOwc5QveCmpMPBy9j_cdoWdrs4yPvWaojANRiKhGxBSBTB6UKabOnj381ecONQGeIVrT6G5J-z_mwgU_29GzwwYhoNdgs0pveG028N3ldPXC0yzjg2L-tw3ZK2LokdRxDLWlKHxJ9HbYm8em4g7Pw5ETpSSpUlvF4wPrQIWoY_hDW97xw5TO8t4YssuKen_Lr2EtMCCBPIXaKeI4ZiPrTu3VTRRnfr7FRo6q_3fjFghsiILePwZCnNzUnrUW-0ONyTsPRwypY0pgJGOSPYnYPYuOjpRIHGO9RaNQKpXCcAyQutS0AWDhcwlg&session_id=3dd42094-1954-4eb2-b386-2544815713b6&state=f7a189eb-ae4e-4559-9775-2e6a485940b7&session_state=3d412adb-cdc4-4608-8705-29239ccb017a

#######################################################
TEST: defaultResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0C94.0615.F36D.73E1",
    "client_secret": "d30f244b-c16e-4f50-82d4-a2582b455944",
    "registration_access_token": "619fb726-cfb3-4415-878d-e7459312b273",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0C94.0615.F36D.73E1",
    "client_id_issued_at": 1530806113,
    "client_secret_expires_at": 1530892513,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210C94.0615.F36D.73E1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ed759083-d32d-4080-ac7e-2e369746bc3e&nonce=01fff130-adf9-4626-9be1-72421bee3756
11:55:34.925 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f1216ce6-1b6e-4598-97f3-303ff463bd80
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210C94.0615.F36D.73E1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ed759083-d32d-4080-ac7e-2e369746bc3e&nonce=01fff130-adf9-4626-9be1-72421bee3756

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=f6893e41-0497-402a-b859-e447e2cde1c5&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwQzk0LjA2MTUuRjM2RC43M0UxIiwiZXhwIjoxNTMwODA5NzE0LCJpYXQiOjE1MzA4MDYxMTQsIm5vbmNlIjoiMDFmZmYxMzAtYWRmOS00NjI2LTliZTEtNzI0MjFiZWUzNzU2IiwiYXV0aF90aW1lIjoxNTMwODA2MTE0LCJhdF9oYXNoIjoid3lFdXM3aVZRNHVpTkltd2JaYXdnQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImxJeGtZOGNidTNFTDNBelRQdHh5eEYxeDZTOFlZLUg4dElKaDV3MG9RdG8ifQ.CmDBXFq9YsGAgWTt2nSxvXnAEP0837Kn0UXaSEFhO-Kn2y3QEGyiu-27Rs0itYp3HuKtLABYiHsQBGasxa2ODkwT8wnHBtz5HYkPeXJYoNDsXrGpx_bHd9JXBbqbA9gHYtwZJyhoyXpLpzDE5zISENLAHHKWPsVeaKOWUBT4HHSN94dINvhOdDbKQREPjZ2lC80PFdAImLJsuhnqx9qw1IUe0cPQB5TVnltO7o3HZIOOgvmgsqcQKRvUufwduXiAW6KqLbxosk1C05CIp0EUUVaMPXSNloVmJ55Ibnz3utZlzp-EbBHBMELqcOKjmNBg0ErdFHr5Pqxey7ssUgoybw&session_id=5bfae8d6-4420-4cc6-aec2-4787baf92fa7&state=ed759083-d32d-4080-ac7e-2e369746bc3e&token_type=bearer&session_state=f1216ce6-1b6e-4598-97f3-303ff463bd80&expires_in=299

#######################################################
TEST: formPostResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CA8F.CB3D.33B9.BE30",
    "client_secret": "528745c9-a458-4192-9d92-483cd8d1defd",
    "registration_access_token": "47ed74b6-6be3-465c-8751-2c5e7e86c023",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CA8F.CB3D.33B9.BE30",
    "client_id_issued_at": 1530806115,
    "client_secret_expires_at": 1530892515,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA8F.CB3D.33B9.BE30&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ce7533af-9fd5-4527-a38b-e35e57a4bb7a&response_mode=form_post
11:55:36.309 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6cf46790-50ba-49ea-b32f-4fb9cc31ce05
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA8F.CB3D.33B9.BE30&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ce7533af-9fd5-4527-a38b-e35e57a4bb7a&response_mode=form_post

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!50F9.E899.4ED9.7A3F",
    "client_secret": "1f077b43-cb95-4c8a-9518-2ed1996b30b5",
    "registration_access_token": "552cfdcf-d0e7-4585-a622-587206bf0b07",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!50F9.E899.4ED9.7A3F",
    "client_id_issued_at": 1530806116,
    "client_secret_expires_at": 1530892516,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2150F9.E899.4ED9.7A3F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ea97a93d-c3a7-4a72-b821-5ef3042013b4&response_mode=form_post&nonce=7956a36e-f2ac-4dd4-8542-a6f9ab6bac14
11:55:37.703 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:0901b7cb-4ca0-4568-9fa6-3f288a2953c7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2150F9.E899.4ED9.7A3F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ea97a93d-c3a7-4a72-b821-5ef3042013b4&response_mode=form_post&nonce=7956a36e-f2ac-4dd4-8542-a6f9ab6bac14

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4667.5FF1.BE0F.187D",
    "client_secret": "1739e836-a53b-4c28-829b-7b5eec1a05f8",
    "registration_access_token": "0fb7df62-254b-4cac-8c46-8e469663133c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4667.5FF1.BE0F.187D",
    "client_id_issued_at": 1530806117,
    "client_secret_expires_at": 1530892517,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214667.5FF1.BE0F.187D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ea3d7942-5002-49bb-bc20-93bfe4ae84f4&response_mode=form_post&nonce=33230cd3-78bb-4109-9e5c-b0b6ae55949c
11:55:39.208 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2c5c55ea-7696-43d0-8d72-0c837df36d47
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214667.5FF1.BE0F.187D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ea3d7942-5002-49bb-bc20-93bfe4ae84f4&response_mode=form_post&nonce=33230cd3-78bb-4109-9e5c-b0b6ae55949c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!034B.CA87.300F.BF5F",
    "client_secret": "314f0734-8f20-4b01-a039-5fa9be29fc29",
    "registration_access_token": "aafe1720-a731-46b5-ae89-e6c4499c22d3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!034B.CA87.300F.BF5F",
    "client_id_issued_at": 1530806119,
    "client_secret_expires_at": 1530892519,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21034B.CA87.300F.BF5F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1da4f0a9-ea49-4c1a-a280-f9d144b6e4e0&response_mode=form_post&nonce=07f48972-ea2e-4252-a9f6-3730bc8a3e15
11:55:40.617 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2847767d-0db5-4e62-96c6-1586d514b337
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21034B.CA87.300F.BF5F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1da4f0a9-ea49-4c1a-a280-f9d144b6e4e0&response_mode=form_post&nonce=07f48972-ea2e-4252-a9f6-3730bc8a3e15

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A6AE.B75C.737C.B0B6",
    "client_secret": "7d2d761f-83ce-4768-aeef-edaf5b022034",
    "registration_access_token": "9f859f55-9079-4a45-8022-70514a4f87ab",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A6AE.B75C.737C.B0B6",
    "client_id_issued_at": 1530806121,
    "client_secret_expires_at": 1530892521,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A6AE.B75C.737C.B0B6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3653c14c-d771-46aa-b8fe-52ea205e3c90&response_mode=form_post&nonce=292c738b-df30-4097-9b96-7cb627d84b88
11:55:42.346 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:54a6577d-e6b3-4dc3-8c3a-629b0d404849
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A6AE.B75C.737C.B0B6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3653c14c-d771-46aa-b8fe-52ea205e3c90&response_mode=form_post&nonce=292c738b-df30-4097-9b96-7cb627d84b88

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9F3A.7B52.AA42.332A",
    "client_secret": "42f655df-6b8f-42ae-8fad-e9509d377287",
    "registration_access_token": "7f30dfbc-9e52-4022-acf3-83fa00405eb9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9F3A.7B52.AA42.332A",
    "client_id_issued_at": 1530806122,
    "client_secret_expires_at": 1530892522,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219F3A.7B52.AA42.332A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=51c5a076-b3d6-4f98-b2fb-2652de978306&response_mode=form_post&nonce=f52f6466-a9a8-4e1a-bb44-401aec6468e9
11:55:43.827 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:68077b2e-a76d-4bde-b162-1e0e50585681
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219F3A.7B52.AA42.332A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=51c5a076-b3d6-4f98-b2fb-2652de978306&response_mode=form_post&nonce=f52f6466-a9a8-4e1a-bb44-401aec6468e9

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: fragmentResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EE40.69EE.BAB9.ED3E",
    "client_secret": "becce3d5-0950-43dc-80db-f68ece663918",
    "registration_access_token": "89026cb2-2c45-4cfa-964c-c618ffe2f0f9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EE40.69EE.BAB9.ED3E",
    "client_id_issued_at": 1530806124,
    "client_secret_expires_at": 1530892524,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EE40.69EE.BAB9.ED3E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b5e4929a-e64e-4504-89f6-80536c8801df&response_mode=fragment
11:55:45.374 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:bd4c231e-7e4a-4b2a-b172-31f6e15905fa
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EE40.69EE.BAB9.ED3E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b5e4929a-e64e-4504-89f6-80536c8801df&response_mode=fragment

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=ab98b807-72aa-4e65-9a87-e7209634affc&scope=address+openid+profile+email&session_id=970874b2-5682-4339-8df5-5ab007bd9b56&state=b5e4929a-e64e-4504-89f6-80536c8801df&session_state=bd4c231e-7e4a-4b2a-b172-31f6e15905fa

#######################################################
TEST: fragmentResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3547.865C.E401.C073",
    "client_secret": "060d2980-2b02-4193-8054-f74f96f8f247",
    "registration_access_token": "2507ec91-687b-4733-9b80-00c0c265abe5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3547.865C.E401.C073",
    "client_id_issued_at": 1530806125,
    "client_secret_expires_at": 1530892525,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213547.865C.E401.C073&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c58be1d-c1e2-470c-95ec-4eb859803679&response_mode=fragment&nonce=04e1432d-cd39-413c-8862-bfa09d74cfc8
11:55:46.704 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1b025706-1a3a-49d8-aea1-23596847410d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213547.865C.E401.C073&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c58be1d-c1e2-470c-95ec-4eb859803679&response_mode=fragment&nonce=04e1432d-cd39-413c-8862-bfa09d74cfc8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=a871a4fe-7474-4c4b-b0b7-80338823dc3b&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNTQ3Ljg2NUMuRTQwMS5DMDczIiwiZXhwIjoxNTMwODA5NzI2LCJpYXQiOjE1MzA4MDYxMjYsIm5vbmNlIjoiMDRlMTQzMmQtY2QzOS00MTNjLTg4NjItYmZhMDlkNzRjZmM4IiwiYXV0aF90aW1lIjoxNTMwODA2MTI2LCJjX2hhc2giOiJiTjJZY0hMbjVmOGhValBXWTZTaFpRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiNm9PZnRSZFB2blVKUFJYS1RsM25CTWI0bEJneUZ3SnBSX09sa0ZiRTVzdyJ9.TtSzHCvCDNZMPTQAjQBXA6tO68Le9xbpvHXkj9ZF2dsKLgqGFaIiKA9a65u7UE4eowogmPAgwnD_BNwRU9Fh3N0Hj0pfvgVXG63Hn4l_q7nOAjRmTWViko7kvg-8_PYrd9DbaHaZcpL5A1WGbOQsPkt-Frt8C8TueJjrqFLjiY8w4A5xxqYFclnFxpLM2DrEBQyaGQJ1vRLovQT8UMJ5qYpeGDCZA8NpFEC7wp9RJ2nyp2ttmhWq9N7UWoBZMhdlYtRGupOalpF0QJoGXSZ2UhFmkh86TTXddPpL2Yt3RVq_8xc1qz6ZryUvo7uHlUhBkNPwoXsomRN3zHVzKz6FsA&session_id=30219c1d-6656-49e4-a620-da3ca4e55161&state=0c58be1d-c1e2-470c-95ec-4eb859803679&session_state=1b025706-1a3a-49d8-aea1-23596847410d

#######################################################
TEST: fragmentResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AE49.6CED.80AE.99B8",
    "client_secret": "45c5bb97-e6da-4a06-ab53-363d7be977ee",
    "registration_access_token": "68fafe92-9bb2-4314-8967-a016bb1d5e40",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AE49.6CED.80AE.99B8",
    "client_id_issued_at": 1530806126,
    "client_secret_expires_at": 1530892526,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE49.6CED.80AE.99B8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5515580b-6298-4725-b2b9-f64019b3264e&response_mode=fragment&nonce=8191b1ad-95de-4743-8471-82adbad84e96
11:55:48.048 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e6634370-8ba2-499d-9fec-63bcde5d1d81
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE49.6CED.80AE.99B8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5515580b-6298-4725-b2b9-f64019b3264e&response_mode=fragment&nonce=8191b1ad-95de-4743-8471-82adbad84e96

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=53e74c30-2bae-4d15-9385-8703ecd5b9fa&code=a66520ad-b37f-44ae-b428-f47d55072c7a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBRTQ5LjZDRUQuODBBRS45OUI4IiwiZXhwIjoxNTMwODA5NzI4LCJpYXQiOjE1MzA4MDYxMjgsIm5vbmNlIjoiODE5MWIxYWQtOTVkZS00NzQzLTg0NzEtODJhZGJhZDg0ZTk2IiwiYXV0aF90aW1lIjoxNTMwODA2MTI4LCJjX2hhc2giOiIybXcxeE1Wa0xveWZJc2xUeEpfYUxnIiwiYXRfaGFzaCI6ImRMbF8zb3AyU1lOUFUzU3JvSkR0UHciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJIWEY4RDJJbnloN1R0OUpqWU5SajAxcm5Pc3RzbG5KaXRGbklFY2wwcENBIn0.PnwGyupgSRINlvlrzqtlAneCyszk7y-WMETaglVhzk2_RAs0FFUqz1GCIUFJwTKouk65EctF7yt1vMTGkLVr2bhavFwfbAk4UqxeW9ri7xV8CbtWsiv27OYsYW6Wn9Sxs3B13P7H8l_hbSlpDg7uuT1Nrr61v8f5B0gZlEQ5GDuuAAAj6gtCGx7PzYW7z7UE_oXe7D6hQ1NvVnmg7SOJYYw9w_DSYtylTcdsop6argd-LJnbCQ7Cpx-P5h2wPJfYmIPZA8img52zxAZ2RyBl5zNow0E57B1IrsBrvbROQe0nsT7nBbVgZ9GlI9ZPfdLPw9NKBpebrwAZ_pgUi0NMog&session_id=b6a308dc-d571-4063-8f91-ad92329961ea&state=5515580b-6298-4725-b2b9-f64019b3264e&token_type=bearer&session_state=e6634370-8ba2-499d-9fec-63bcde5d1d81&expires_in=299

#######################################################
TEST: fragmentResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6970.4B47.71F4.FCFA",
    "client_secret": "1589b0ba-bd6c-405f-9fca-38c6f5fbb6e6",
    "registration_access_token": "efa17cee-7754-4710-af8a-2940cd947fbe",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6970.4B47.71F4.FCFA",
    "client_id_issued_at": 1530806128,
    "client_secret_expires_at": 1530892528,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216970.4B47.71F4.FCFA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9c558b53-f358-4439-9e9e-628dd1ecfb10&response_mode=fragment&nonce=0bc528db-085d-4dc5-a20b-cad9e982f939
11:55:49.596 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6fe499bf-ca5f-4d77-aa03-18362558abe5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216970.4B47.71F4.FCFA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9c558b53-f358-4439-9e9e-628dd1ecfb10&response_mode=fragment&nonce=0bc528db-085d-4dc5-a20b-cad9e982f939

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=b9fdccb1-7a26-49d2-bb42-cb13d29d564d&code=e7ab3c9c-6ba6-4a3a-987b-5f516585cdb2&scope=address+openid+profile+email&session_id=2dc7eaea-3028-43d0-8c5c-7f4e7d7a928b&state=9c558b53-f358-4439-9e9e-628dd1ecfb10&token_type=bearer&session_state=6fe499bf-ca5f-4d77-aa03-18362558abe5&expires_in=299

#######################################################
TEST: fragmentResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F124.AFF2.24ED.EACE",
    "client_secret": "9240b701-e2d7-4f36-b53e-506a0bcbc762",
    "registration_access_token": "68e80fdc-150c-49c3-9977-43816f87e1d7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F124.AFF2.24ED.EACE",
    "client_id_issued_at": 1530806129,
    "client_secret_expires_at": 1530892529,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F124.AFF2.24ED.EACE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bcb4428a-9256-4320-ba0c-85fce915daee&response_mode=fragment&nonce=494d3bbf-c50e-495b-8fff-abf196cf7678
11:55:50.923 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f6be7a21-838e-4429-87d7-a8135cf50990
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F124.AFF2.24ED.EACE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bcb4428a-9256-4320-ba0c-85fce915daee&response_mode=fragment&nonce=494d3bbf-c50e-495b-8fff-abf196cf7678

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMTI0LkFGRjIuMjRFRC5FQUNFIiwiZXhwIjoxNTMwODA5NzMwLCJpYXQiOjE1MzA4MDYxMzAsIm5vbmNlIjoiNDk0ZDNiYmYtYzUwZS00OTViLThmZmYtYWJmMTk2Y2Y3Njc4IiwiYXV0aF90aW1lIjoxNTMwODA2MTMwLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJRWGhRcDBMMktNSVVnZi00akgzRlZDNTdFOGl2M3AzRUVuTl9nMDBSYzhVIn0.VWwmhQezSbA4djEjPzyssm-v-lwdA30Q1QsBAm5eFBhwqmhFr4XItKgqU35yPXy20hQT3P62jbNJ2mu27DTlWOptZcK_G1vBf9qumce7vuXRPsPW_yYj1A_6FtLrnADmYOuuBzXDxuSqKrCEsba9OcQ3Ma6WKwEoF76ojQ4wcw3Wxoh14Ty4gP7xugWevuDkK-XTSj17Kj4hmvh6oE-ak1oHhKQe2DqFh0oDonHr4uuoPZU5YhOAZ9gNox6nXtPTpD0qzma1HHZkaMLMaSdEU3vxmv0uiw8URUZNIfAn93rY8agmoufZ2QcWxc63E6gqVwFxMTXQKZkKolnPR9HLJg&session_id=b2832ea3-0f0c-4e92-8b05-60a8703c59af&state=bcb4428a-9256-4320-ba0c-85fce915daee&session_state=f6be7a21-838e-4429-87d7-a8135cf50990

#######################################################
TEST: fragmentResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0870.4F9B.54FB.83CA",
    "client_secret": "e63d953f-2c72-41d7-8bb8-90c4f0318e22",
    "registration_access_token": "d81f2956-a19a-4fbd-8d83-321f473ff635",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0870.4F9B.54FB.83CA",
    "client_id_issued_at": 1530806131,
    "client_secret_expires_at": 1530892531,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210870.4F9B.54FB.83CA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d9747a69-cff7-4bf4-b925-25fac74797e8&response_mode=fragment&nonce=e6c5c099-7d4f-4f53-b842-7387413195ec
11:55:52.282 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5db607a3-54d7-42cf-8f5b-b8e814912d68
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210870.4F9B.54FB.83CA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d9747a69-cff7-4bf4-b925-25fac74797e8&response_mode=fragment&nonce=e6c5c099-7d4f-4f53-b842-7387413195ec

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=07a5fb9d-8153-4def-8968-3419712afed6&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwODcwLjRGOUIuNTRGQi44M0NBIiwiZXhwIjoxNTMwODA5NzMyLCJpYXQiOjE1MzA4MDYxMzIsIm5vbmNlIjoiZTZjNWMwOTktN2Q0Zi00ZjUzLWI4NDItNzM4NzQxMzE5NWVjIiwiYXV0aF90aW1lIjoxNTMwODA2MTMyLCJhdF9oYXNoIjoicV9ZSXg2cTgxOXdTZXFtMGxCdVFuQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IndGTnA0bGMxY1hFM3pVbThxZVRIMEN4cXNjSi02dWk2d1pZSS1XZUhWUkEifQ.Y-BhWG-bRQ550TH4vQGcmfK-TnqVAfYHBI7xREfTG0ni7pHvFZyRoBUVQjj1JltHlxp-CMk-43Ech7abYKOwfgLzWoKka08V9MPO5LBL1NMyrtDqlw-YADdUW6BobJQ9st8mq42C86CvU7-YXw7sDH_YHg3SNZwVcE3pUTssXE0T-gCnfx3XEgx8Tc7zdJfU5yRK5hEhB_HpQRzHNLdgNssPC_cbgsMdnhp_25LMiBOxFYAiQI3Q1KEA8sYi6rfWaIy72KAfiRCIi2PGhiV21KnZUqmCcNOjzdL5DjcoWtgyzKfVEhb3sMtuMvBBbtt01T4Yt8nJDfHatIhQxV3NpQ&session_id=84f1c0bf-d7fe-4bad-99fa-2c2578e2289a&state=d9747a69-cff7-4bf4-b925-25fac74797e8&token_type=bearer&session_state=5db607a3-54d7-42cf-8f5b-b8e814912d68&expires_in=299

#######################################################
TEST: queryResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61A8.3C9D.B626.AA7E",
    "client_secret": "eef0144f-fc53-43bf-aab2-948678c431fc",
    "registration_access_token": "b6885730-181a-47e1-823d-2d565aeed651",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61A8.3C9D.B626.AA7E",
    "client_id_issued_at": 1530806132,
    "client_secret_expires_at": 1530892532,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161A8.3C9D.B626.AA7E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=60620457-a4b7-4824-8cd3-7df67e77808f&response_mode=query
11:55:53.653 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4585f986-cf78-4364-b8cf-76beb4e0de2b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161A8.3C9D.B626.AA7E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=60620457-a4b7-4824-8cd3-7df67e77808f&response_mode=query

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=1d8f47f5-eb87-4df1-9f99-6f3fe1be2f25&scope=address+openid+profile+email&session_id=544f6f04-22a0-406c-8f37-4efca8823fc4&state=60620457-a4b7-4824-8cd3-7df67e77808f&session_state=4585f986-cf78-4364-b8cf-76beb4e0de2b

#######################################################
TEST: queryResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9D2A.D289.E6BF.DE92",
    "client_secret": "ced3e686-cf51-40af-b8aa-ec25302a911e",
    "registration_access_token": "88e334ce-14cb-4971-9b35-595552a87d9c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9D2A.D289.E6BF.DE92",
    "client_id_issued_at": 1530806133,
    "client_secret_expires_at": 1530892533,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219D2A.D289.E6BF.DE92&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f53344b3-9da3-40cf-8845-1f764915ec7a&response_mode=query&nonce=aa84dc87-44b7-4e64-9f43-6941b2eeb0cb
11:55:55.185 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:abcf25f5-dc7c-4023-aae2-66b45b743d01
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219D2A.D289.E6BF.DE92&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f53344b3-9da3-40cf-8845-1f764915ec7a&response_mode=query&nonce=aa84dc87-44b7-4e64-9f43-6941b2eeb0cb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=05c8bd4e-f7e2-4c68-9dbf-ee3b805ec4a0&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RDJBLkQyODkuRTZCRi5ERTkyIiwiZXhwIjoxNTMwODA5NzM1LCJpYXQiOjE1MzA4MDYxMzUsIm5vbmNlIjoiYWE4NGRjODctNDRiNy00ZTY0LTlmNDMtNjk0MWIyZWViMGNiIiwiYXV0aF90aW1lIjoxNTMwODA2MTM1LCJjX2hhc2giOiJnY2IxYlJEMmwxTjFpMWduVnlGSGx3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiOC1yak5sU2NXSVc2V1RnaUR3Y0JRcGdiYXVGSUl0aDYwVWhnNFZVSHJGayJ9.i7uy8KhO5BGQs-R3dfpEF1_VKlo-Cvh8mGJizv-3GPT3r0VkrTAa9LFy-ez_HBY-LDKw-o6ICmJVw9YyxvwT4ofEjCGU1bIbDHnh1A_0lLiceOOe55zGqZSIMjYNFBnv-WqmtKqN016lADohv0IuA2drPLPLZo86VemqObEUl4VY7xVL72Npy-9MMKcrb8NQHwi1UVhWhouisRIWwG-kQfBMl1i_A75jLl96CaHJJg6qfPr87JqGuxI0ilHiqORw8tOQt87_xSb1rzhT5XQMmZKv-6qLVwP_9v9KWMLYWEqJveSOQ5eSrLtMg6gzqdlokaJZ9UU3Qind0fj1RMuAgA&session_id=793d3519-8471-4e2e-ba62-4d6459f42733&state=f53344b3-9da3-40cf-8845-1f764915ec7a&session_state=abcf25f5-dc7c-4023-aae2-66b45b743d01

#######################################################
TEST: queryResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DAFC.9B64.034B.E28C",
    "client_secret": "305bb3dd-7957-4f08-a6cc-5ab2f9cb1389",
    "registration_access_token": "32650464-1dd6-4fdb-aed0-8689efbf7565",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DAFC.9B64.034B.E28C",
    "client_id_issued_at": 1530806135,
    "client_secret_expires_at": 1530892535,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DAFC.9B64.034B.E28C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7c751943-55dd-4f5b-8656-b1bd82b3da3c&response_mode=query&nonce=978bfd33-4409-450e-88a4-15db084ac8de
11:55:56.707 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:24c7205b-3911-4180-99b5-2aa809e11ff2
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DAFC.9B64.034B.E28C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7c751943-55dd-4f5b-8656-b1bd82b3da3c&response_mode=query&nonce=978bfd33-4409-450e-88a4-15db084ac8de

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=ef808145-e82b-4b7a-b57d-e75aa92fe98c&code=3c83231d-c30c-45d5-bc70-56e507cb5d6c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQUZDLjlCNjQuMDM0Qi5FMjhDIiwiZXhwIjoxNTMwODA5NzM2LCJpYXQiOjE1MzA4MDYxMzYsIm5vbmNlIjoiOTc4YmZkMzMtNDQwOS00NTBlLTg4YTQtMTVkYjA4NGFjOGRlIiwiYXV0aF90aW1lIjoxNTMwODA2MTM2LCJjX2hhc2giOiJJMGxWZXU0T2dKN0FYbnUzNXUzZjVBIiwiYXRfaGFzaCI6IktTbUV4bW9KUVlRdEhja1Ywaks0UEEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJmWkswNHRLalpyc0RrNmdIYTU3UExwU0ZPZVZuVk9ocDR4eW80VGc2Rk1jIn0.oKZWuR91itoXudUihdl3yQVCJdAnvvrFLuS1wsQw691q-jEIzn1FjGO7CXnftlhBMbmSQg7jlSpLpfDjv1yjItA_JfpfCG9wyCVnvyLHQ3Y2XrPcAaOxnPVs97XAXIWwkZujX6wyQOgCypopQ1haL_E9SkO4BySj9DcWdOTI82qKqW0kAgyn1XYG2KNQb7eRgBDwYsiADLpAu7JJtWkXortNbUgetoXQ4GnuiwLI0qcd7jWlrmG2VHbJfJ0qf9eRK1WVa7CedWZZo7UUdF9DKR0Eb9o1w9FAOXTK-5rdBUUPQ58J-A9muOUDYTSj6pcWa8FxpKhUmbv2IU0VBMt55g&session_id=c29bdf01-9e8a-4152-845d-3c0d115e421b&state=7c751943-55dd-4f5b-8656-b1bd82b3da3c&token_type=bearer&session_state=24c7205b-3911-4180-99b5-2aa809e11ff2&expires_in=299

#######################################################
TEST: queryResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1086.DA0F.EE34.4A59",
    "client_secret": "2d598e19-6f16-49bb-8858-78c7eca7bc3c",
    "registration_access_token": "0c868bce-943f-4758-8ac6-87adf61691c7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1086.DA0F.EE34.4A59",
    "client_id_issued_at": 1530806136,
    "client_secret_expires_at": 1530892536,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211086.DA0F.EE34.4A59&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=54676f70-cf09-40ac-a065-d6125c12e0c6&response_mode=query&nonce=ff116310-b854-4b24-902c-d5e34b0b7c31
11:55:58.015 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7a3ee641-4284-4b14-a8c4-958375596081
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211086.DA0F.EE34.4A59&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=54676f70-cf09-40ac-a065-d6125c12e0c6&response_mode=query&nonce=ff116310-b854-4b24-902c-d5e34b0b7c31

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=d31e8d04-8521-4681-a54c-c8f7c75a7e4a&code=ed8585e0-62a7-4bcc-a1c4-afd5aa231ed5&scope=address+openid+profile+email&session_id=e8652d43-a802-4d2b-a270-1368d0a3d391&state=54676f70-cf09-40ac-a065-d6125c12e0c6&token_type=bearer&session_state=7a3ee641-4284-4b14-a8c4-958375596081&expires_in=299

#######################################################
TEST: queryResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E115.8C1C.7A6F.8AEA",
    "client_secret": "a44cbed9-0655-48ff-a724-f9a666be1acf",
    "registration_access_token": "06aab756-2a8c-4111-9c87-a8be020f49f2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E115.8C1C.7A6F.8AEA",
    "client_id_issued_at": 1530806138,
    "client_secret_expires_at": 1530892538,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E115.8C1C.7A6F.8AEA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=41f40ef9-7f4d-46ee-9ff2-834b3b2b10b7&response_mode=query&nonce=14d9b150-52b1-4074-8882-5b24099e6056
11:55:59.276 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2d1a7440-b9cd-4728-9298-69b81cbb4ee3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E115.8C1C.7A6F.8AEA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=41f40ef9-7f4d-46ee-9ff2-834b3b2b10b7&response_mode=query&nonce=14d9b150-52b1-4074-8882-5b24099e6056

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMTE1LjhDMUMuN0E2Ri44QUVBIiwiZXhwIjoxNTMwODA5NzM5LCJpYXQiOjE1MzA4MDYxMzksIm5vbmNlIjoiMTRkOWIxNTAtNTJiMS00MDc0LTg4ODItNWIyNDA5OWU2MDU2IiwiYXV0aF90aW1lIjoxNTMwODA2MTM4LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJwbXQ1OEhFalNwMHdvQWUwcFBjd2ZUejF3aXdnbTdqQjJHS3l3Y1JfRWlvIn0.HCCi6pPd6pbmhZDydN1BT3OXmuEhxBq1V4PiqPTot4jUKCSpqQOiaxxeoPtH88tWlMJLdWZ80nxnfmNkeVu3jmyqKdKGgs-BTrOv8rr_zwBq_nVuxPqoTm8CufDy-C6SpzyF3_8ifPknHwlkXWU8iE1-VQCHRlrcDuJSYl2_tx3727TnFbR8T8qVAuo3txyDR3f_Yw0OEypLFn9SX3F_IFt_UnZs8Zx9JFzWIZKb2RYQrbDIIYF3RsnrLI7-ADs22nG1tq2E64yg4uYqPtdlVsicwX0JaF00pxeirNK1FtNRL1OG7imnPHJ0m_ybY0Fj_YrGHaScSM5nA6Ani2V38Q&session_id=0e490fed-f7ab-48fc-b5ce-64f79c470984&state=41f40ef9-7f4d-46ee-9ff2-834b3b2b10b7&session_state=2d1a7440-b9cd-4728-9298-69b81cbb4ee3

#######################################################
TEST: queryResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!972B.2420.17AD.AF18",
    "client_secret": "36df253f-bf5a-46ef-a95c-3ec9fed73c93",
    "registration_access_token": "c2d9aca1-7b6b-4ee8-a769-a8c591e57f8b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!972B.2420.17AD.AF18",
    "client_id_issued_at": 1530806139,
    "client_secret_expires_at": 1530892539,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21972B.2420.17AD.AF18&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=428e5d78-22a8-4209-9edc-f2c0516c2794&response_mode=query&nonce=ec7bdd67-3325-4a9a-b1c7-f086cd09ef19
11:56:00.700 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:37eef12e-d2f4-4f5e-8fa1-7fc8d0550a7d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21972B.2420.17AD.AF18&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=428e5d78-22a8-4209-9edc-f2c0516c2794&response_mode=query&nonce=ec7bdd67-3325-4a9a-b1c7-f086cd09ef19

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=8129bdbe-2fc7-48bb-84a7-78dff6e7a48a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5NzJCLjI0MjAuMTdBRC5BRjE4IiwiZXhwIjoxNTMwODA5NzQxLCJpYXQiOjE1MzA4MDYxNDEsIm5vbmNlIjoiZWM3YmRkNjctMzMyNS00YTlhLWIxYzctZjA4NmNkMDllZjE5IiwiYXV0aF90aW1lIjoxNTMwODA2MTQxLCJhdF9oYXNoIjoicDJfLWZmcEJWVUtZQU02NUVIWW84dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjZqQ0FnemdrY2RLVWJnQUJhaDAzeFRiMHBxbFg5bmRMWnl0V3l4dUg0dkkifQ.sZhL7JoBXtCvH27Tl-g9c6-x4yrn4l_B9uv0KDFeaSiLmwY66_AehPoHABt3ElFj956WjEfQzSJ1Ah0OniqJ1REcK4a45ITG6eo5dOWlFOE6niizD8bCazeTHx0O387Kr4HbVekncFwz8jJgq0e2dq2zAQwG-pvc9DXiwsr2cnB_UDerHvDdV63Lv_WUYPLFq92kWB1YY8cMwbxDVCVUhxWev0B-J_j5feclV1IXww_rYvzxhxZKINYdxyAIJJqlXQwsrgBd0WCP5B3lnxIup8QK9U3EVNMJxPYtVcvcRIshpSDBMiSJ18LfFiKswEQE_w4YZJTpjELBa_RUes6CkA&session_id=3c171203-a5ac-4db2-93f8-2ff83891e8c0&state=428e5d78-22a8-4209-9edc-f2c0516c2794&token_type=bearer&session_state=37eef12e-d2f4-4f5e-8fa1-7fc8d0550a7d&expires_in=299

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:55:41 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:41 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestAuthorizationAccessToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D3D6.0E7A.FF81.CDF9",
    "client_secret": "84af57ee-a966-4641-b3f5-94e78a0d3528",
    "registration_access_token": "cd47dbe9-34bd-4071-885d-a9fd3cff6f48",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D3D6.0E7A.FF81.CDF9",
    "client_id_issued_at": 1530806141,
    "client_secret_expires_at": 1530892541,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer cd47dbe9-34bd-4071-885d-a9fd3cff6f48

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D3D6.0E7A.FF81.CDF9",
    "client_secret": "84af57ee-a966-4641-b3f5-94e78a0d3528",
    "registration_access_token": "cd47dbe9-34bd-4071-885d-a9fd3cff6f48",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D3D6.0E7A.FF81.CDF9",
    "client_id_issued_at": 1530806141,
    "client_secret_expires_at": 1530892541,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D3D6.0E7A.FF81.CDF9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8cde1dc8-f689-4710-9e03-99b9a5e11fd5&nonce=71d5fa88-0262-4542-b9f7-10c9321dd0e9
11:56:02.832 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:dd9396b9-fb8d-404a-b97b-efb6d3203a49
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D3D6.0E7A.FF81.CDF9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8cde1dc8-f689-4710-9e03-99b9a5e11fd5&nonce=71d5fa88-0262-4542-b9f7-10c9321dd0e9

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=0468ba3e-f7d9-4296-810b-72a96b98941f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEM0Q2LjBFN0EuRkY4MS5DREY5IiwiZXhwIjoxNTMwODA5NzQyLCJpYXQiOjE1MzA4MDYxNDIsIm5vbmNlIjoiNzFkNWZhODgtMDI2Mi00NTQyLWI5ZjctMTBjOTMyMWRkMGU5IiwiYXV0aF90aW1lIjoxNTMwODA2MTQyLCJhdF9oYXNoIjoiaTQ3S2lmeWhrY0hXRzhyaEYwMGM5dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkdQXzQ1dy1HVHBMbVVoeUxrZVI4QWZpOFBmLXZMZHI3dVZLa0JXXzVPRE0ifQ.mQKOqNIEIu_ZESL5E1MJsO3JciwJ8G1v90gWFCaZOLkWX2xJm-F_5xxYyEHJWUfHpOH_J0AZ_v9CsrvFFVzM3cUbLz95ox83_oCDvDQoSQtOBnyq9zIl94M8DXYdYD4ENdrqNzpYlfmpTqtOENiBqKis5csA49XoA2WeSsgjZ8Lh-rPssVGFoRGp_Hc1eAgpsDhFucu7RkfDLyeO1EHmuj4cXvKZLc9hFrTo7lp_v7OaKpAjV2x_OaQZBRjZalomR3HdlvPdZq4mdGUgvE2r2I5hSvyfqVVmvxaGPLu53J1vTvUOE77rDjrKI3WD0ITiHkedxLRQveVfjiJYfe1wXw&session_id=c6a241ca-6677-4403-a760-7d21ebcf56d4&state=8cde1dc8-f689-4710-9e03-99b9a5e11fd5&token_type=bearer&session_state=dd9396b9-fb8d-404a-b97b-efb6d3203a49&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D3D6.0E7A.FF81.CDF9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3406c3e6-276c-41df-9af0-31c6d07fa41f&nonce=d9b0b962-2e01-47e6-ad1e-a19f48d02d12&prompt=none&access_token=0468ba3e-f7d9-4296-810b-72a96b98941f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:55:43 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=45c3fd69-2ee9-4342-a651-0cb5ab3ca70a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEM0Q2LjBFN0EuRkY4MS5DREY5IiwiZXhwIjoxNTMwODA5NzQzLCJpYXQiOjE1MzA4MDYxNDMsIm5vbmNlIjoiZDliMGI5NjItMmUwMS00N2U2LWFkMWUtYTE5ZjQ4ZDAyZDEyIiwiYXV0aF90aW1lIjoxNTMwODA2MTQzLCJjX2hhc2giOiJFcnZHQTQ2MFR1MFEyaG9QYzZRQzl3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiR1BfNDV3LUdUcExtVWh5TGtlUjhBZmk4UGYtdkxkcjd1VktrQldfNU9ETSJ9.KN09oz32dYB7zrSdPYeWOCXcaLomh17woR2_rDFpXNkvP-zV7G9-0pwxjr7O7_gMkPRlfjrZFeGyawzy6XqZaTUTMRmtreoKGfhqKXvZ4ZtOrqyeWoCKAbUWNZBs_vHfoDA1Gs-Z5YLPVPuj45xiDTw3oUXkEGox41-dJxYTfIB-e4tz9gY5VtKwhgzgNG56pRN4gnv6MK1Oc-0mEf-mepcCtZCw98QkNcwnaLSMeuPHk4MRv_Ftou46ksU4J32G6PovPKLcnRRFfKchhyfNA09k4eVmVHV2wq9ht2ltR6wHcvPB5q2Ia-DrqlYlMvksNR_GTbqedfYaCgBBSw58SQ&session_id=db62caf3-2b1e-4517-b937-3964d81223b9&state=3406c3e6-276c-41df-9af0-31c6d07fa41f&session_state=7d81eaae-098f-4441-9438-5c741d025292
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRDNENi4wRTdBLkZGODEuQ0RGOTo4NGFmNTdlZS1hOTY2LTQ2NDEtYjNmNS05NGU3OGEwZDM1Mjg=

grant_type=authorization_code&code=45c3fd69-2ee9-4342-a651-0cb5ab3ca70a&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"29555788-dc49-4f25-aa5c-9a6db598f9c9","token_type":"bearer","expires_in":299,"refresh_token":"456e93a2-9688-4a6c-b359-8d04c5013ec7","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEM0Q2LjBFN0EuRkY4MS5DREY5IiwiZXhwIjoxNTMwODA5NzQzLCJpYXQiOjE1MzA4MDYxNDMsIm5vbmNlIjoiZDliMGI5NjItMmUwMS00N2U2LWFkMWUtYTE5ZjQ4ZDAyZDEyIiwiYXV0aF90aW1lIjoxNTMwODA2MTQzLCJhdF9oYXNoIjoiTWNYQndidldmZEZ2VEJZYXdvaW41USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkdQXzQ1dy1HVHBMbVVoeUxrZVI4QWZpOFBmLXZMZHI3dVZLa0JXXzVPRE0ifQ.HUJyfv6PPNmdFgPY_FhzLbQDr6J0QJomxdtryWbJihi-vPKqgYWKiZChCUxBVRRjtZMXXzV0u0Stu_2o4yISAN--w1IrAWfBAwWxKId9xmtYnRGfRaSnhy7uNB_mZaPoFbOv462RZgO2QMuK6QOB310wS0lJhFKavBATuebYtLHcbrbsjqVEr8sg7ViQGMzpjGmlcgZPSESRdAyziEJGRQh95b2veimgvi5sJOrw-fFPjfB4QiEq_4Ln4NhV_vfsXlqkDHWKBkv1fZOwNc7rN-Fb_pubKtl-XeuVQuVZ0CPvJoOmj6F6YCgAscLVHdh7cIXhD3jZLUonT9z1KTmgrQ"}

#######################################################
TEST: requestAuthorizationAccessTokenFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1DFA.AB62.7E20.2621",
    "client_secret": "a4e732a8-4d88-47c0-ba68-f8dcd4a41b19",
    "registration_access_token": "d46287cd-a37a-46a7-8be7-f3a2235cd0d8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1DFA.AB62.7E20.2621",
    "client_id_issued_at": 1530806143,
    "client_secret_expires_at": 1530892543,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d46287cd-a37a-46a7-8be7-f3a2235cd0d8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1DFA.AB62.7E20.2621",
    "client_secret": "a4e732a8-4d88-47c0-ba68-f8dcd4a41b19",
    "registration_access_token": "d46287cd-a37a-46a7-8be7-f3a2235cd0d8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1DFA.AB62.7E20.2621",
    "client_id_issued_at": 1530806143,
    "client_secret_expires_at": 1530892543,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211DFA.AB62.7E20.2621&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f01b0f77-cfed-46a4-b171-832b748b4401&prompt=none&access_token=INVALID_ACCESS_TOKEN

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:55:43 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=f01b0f77-cfed-46a4-b171-832b748b4401&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationAccessTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11F2.EC2B.A6E7.CFCB",
    "client_secret": "55f8d24c-84db-4ca8-a17a-0739781a8177",
    "registration_access_token": "7e93b1c9-bdd6-4800-a18d-d28ed87d5f25",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11F2.EC2B.A6E7.CFCB",
    "client_id_issued_at": 1530806143,
    "client_secret_expires_at": 1530892543,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7e93b1c9-bdd6-4800-a18d-d28ed87d5f25

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11F2.EC2B.A6E7.CFCB",
    "client_secret": "55f8d24c-84db-4ca8-a17a-0739781a8177",
    "registration_access_token": "7e93b1c9-bdd6-4800-a18d-d28ed87d5f25",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11F2.EC2B.A6E7.CFCB",
    "client_id_issued_at": 1530806143,
    "client_secret_expires_at": 1530892543,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2111F2.EC2B.A6E7.CFCB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c4253735-3b68-4f46-bb88-6fe26de3a394&nonce=c5e6ea90-50af-41ff-ab1c-b8d66de7a5ac
11:56:04.919 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:927c45f5-bb72-40c4-b499-ea27627df0b8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2111F2.EC2B.A6E7.CFCB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c4253735-3b68-4f46-bb88-6fe26de3a394&nonce=c5e6ea90-50af-41ff-ab1c-b8d66de7a5ac

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=f2320317-884f-45b3-a7cd-e105394d30d3&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMUYyLkVDMkIuQTZFNy5DRkNCIiwiZXhwIjoxNTMwODA5NzQ0LCJpYXQiOjE1MzA4MDYxNDQsIm5vbmNlIjoiYzVlNmVhOTAtNTBhZi00MWZmLWFiMWMtYjhkNjZkZTdhNWFjIiwiYXV0aF90aW1lIjoxNTMwODA2MTQ0LCJhdF9oYXNoIjoiWjVCVGNiU3RIOWJqR0EybUZoUVZTQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImpKcmxBR1NZeVZxaWlKR0kxZHk2RGx0UGNJUFB1Y1FtcGVpYTc3UFhlRFkifQ.TeIhsD_qv7qkNdAMH3GcDyoe7uQ4An87s2w4wEqcMDcBPLIEywNd4dUGCEbIZWMwqUmOI8dA5796coLDUVM_q5x_k1i6AnH6x9VlyGMCMioZLiKkRidHNyYUs9qkz9AQ3qCxVnEVn-qaakcO4_6ZcmxtKYeRbMmoOwJmm7OWZejgqYro27OcH6B21JMmGIc40bvpHthUt8okXc_4by-5j9eRIII-Ylfw3OwWK5ynr08aI5MM0iyPgyBzjF1hs3FnQMzXqVwyHU2bkM87dpm-M3OuQXutgDOpQePl15ZXjkTEjMr0dk4j_tjeER8g3tEXIiOE71snI1QAob9JCduZ6A&session_id=a4a88089-f439-4065-b427-94b98791bd8d&state=c4253735-3b68-4f46-bb88-6fe26de3a394&token_type=bearer&session_state=927c45f5-bb72-40c4-b499-ea27627df0b8&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2111F2.EC2B.A6E7.CFCB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8be4e8b5-1e1f-46e1-9e01-e9cc69c796fc&nonce=ef054bf2-36be-4314-8bc2-f1529fb93a47&prompt=none&access_token=f2320317-884f-45b3-a7cd-e105394d30d3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:55:44 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=b54e12ac-9c01-495e-9111-de61b75c38b9&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMUYyLkVDMkIuQTZFNy5DRkNCIiwiZXhwIjoxNTMwODA5NzQ0LCJpYXQiOjE1MzA4MDYxNDQsIm5vbmNlIjoiZWYwNTRiZjItMzZiZS00MzE0LThiYzItZjE1MjlmYjkzYTQ3IiwiYXV0aF90aW1lIjoxNTMwODA2MTQ0LCJjX2hhc2giOiJYOHRNT2t1eHhkOTlXbkYtM0RYSGFBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiakpybEFHU1l5VnFpaUpHSTFkeTZEbHRQY0lQUHVjUW1wZWlhNzdQWGVEWSJ9.Z1ojSlVsmi3O_vLZ1giB9mOutxEd063iFVEhhH4ePUsM8OzFwvQoZb5fsREPmTbCDp97R038B04VmTRp73WMvNfXL8WYbWGYabyMlccpO6aMUG6p9IE4s6gEqkyPUAgleOAlAz3OKFNuwMUiDWLAy84ww58lR9Z7arU-O-9WLuuTY8KzWmdehkJ-JcGvjUReXy2qfE6qB61o-qIOmGvIMPxKG1aIsYjLpEwa_457-ZBa5YBj5zeBEUA_GOC-_U1Oa0yEjsGVxRefmfg75fpHpfLaSc91OvVrDkfkJayqZF11XZ-UIe7fSZJ61GjAYDBRjXflDSPrB0R3rm5H5VVnNw&session_id=f7e2d1f5-b62b-490f-9d1d-376bca2c6772&state=8be4e8b5-1e1f-46e1-9e01-e9cc69c796fc&session_state=6f6104d0-ff36-4cd5-828d-dc01da22605f
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMTFGMi5FQzJCLkE2RTcuQ0ZDQjo1NWY4ZDI0Yy04NGRiLTRjYTgtYTE3YS0wNzM5NzgxYTgxNzc=

grant_type=authorization_code&code=b54e12ac-9c01-495e-9111-de61b75c38b9&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"fbf71e94-e7a6-4639-b455-238f549a8966","token_type":"bearer","expires_in":299,"refresh_token":"a2a5878b-a5b8-476f-9098-c61836185999","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMUYyLkVDMkIuQTZFNy5DRkNCIiwiZXhwIjoxNTMwODA5NzQ1LCJpYXQiOjE1MzA4MDYxNDUsIm5vbmNlIjoiZWYwNTRiZjItMzZiZS00MzE0LThiYzItZjE1MjlmYjkzYTQ3IiwiYXV0aF90aW1lIjoxNTMwODA2MTQ0LCJhdF9oYXNoIjoic01TVndwU2xVdEtJaTJCbEFvSnpvdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImpKcmxBR1NZeVZxaWlKR0kxZHk2RGx0UGNJUFB1Y1FtcGVpYTc3UFhlRFkifQ.d0BcKYP-3iJc00sNO19yjgnMyV3_V47fiRiinO7KG6iDC5EjBH1i03gy9NuF0bkZnI9fQIOvezVy0v5ERq4XGWxsmh7_2GJ8UP7XNXV9mitVhOjnEqPItpphnetl4u8_Irw_QOEmrTEVie8C4M9EdVgoIUF10cOOHSDLflHzVasYI5Glr87nqgKm8XS-rSBHnvqCDeZgeYHjbS8NP1TK20VajmCW8F236n0jzOLoH0-ZU2GAuh-vAk6VQDkv1SkrP0YAAIZRImYxOkncSR_aKqcF9I-2Z62_corpsLRwzAMPuAzoIIHtbBuoOa9HqE6P2Su1kmjknYGpnqxyos8_8w"}

#######################################################
TEST: requestAuthorizationCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1844.63F7.6B97.7CB4",
    "client_secret": "e395c9cc-9bc2-4401-986b-22e4a105815b",
    "registration_access_token": "03ba6f36-5928-432f-8adb-805a20b4f969",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1844.63F7.6B97.7CB4",
    "client_id_issued_at": 1530806145,
    "client_secret_expires_at": 1530892545,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 03ba6f36-5928-432f-8adb-805a20b4f969

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1844.63F7.6B97.7CB4",
    "client_secret": "e395c9cc-9bc2-4401-986b-22e4a105815b",
    "registration_access_token": "03ba6f36-5928-432f-8adb-805a20b4f969",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1844.63F7.6B97.7CB4",
    "client_id_issued_at": 1530806145,
    "client_secret_expires_at": 1530892545,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211844.63F7.6B97.7CB4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=06f99f51-e303-4276-9dd9-52d00a27d856
11:56:06.473 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:63aff1b5-9f6d-44a4-ad75-d09b1923968e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211844.63F7.6B97.7CB4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=06f99f51-e303-4276-9dd9-52d00a27d856

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=142f5cdc-c62b-42c8-8afe-b2a0a813315d&scope=address+openid+profile+email&session_id=0701fb51-c4b0-4530-ba7d-4916dd793da6&state=06f99f51-e303-4276-9dd9-52d00a27d856&session_state=63aff1b5-9f6d-44a4-ad75-d09b1923968e

#######################################################
TEST: requestAuthorizationCodeFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 175
Content-Type: text/plain
Date: Thu, 05 Jul 2018 15:55:46 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed."}

#######################################################
TEST: requestAuthorizationCodeFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:46 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C52.B3CB.0794.082E",
    "client_secret": "a040c5ba-c51a-48aa-a9e0-fe67c5f86756",
    "registration_access_token": "5ae43ed6-fd58-4396-9433-db0ff93b99c0",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C52.B3CB.0794.082E",
    "client_id_issued_at": 1530806146,
    "client_secret_expires_at": 1530892546,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 5ae43ed6-fd58-4396-9433-db0ff93b99c0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:46 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C52.B3CB.0794.082E",
    "client_secret": "a040c5ba-c51a-48aa-a9e0-fe67c5f86756",
    "registration_access_token": "5ae43ed6-fd58-4396-9433-db0ff93b99c0",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C52.B3CB.0794.082E",
    "client_id_issued_at": 1530806146,
    "client_secret_expires_at": 1530892546,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C52.B3CB.0794.082E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2FINVALID_REDIRECT_URI&state=9c25a46f-1688-4399-8460-471771975b39&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Thu, 05 Jul 2018 15:55:46 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"9c25a46f-1688-4399-8460-471771975b39"}

#######################################################
TEST: requestAuthorizationCodeFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code&client_id=%40%211111%210008%21INVALID_VALUE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=474fdffe-4694-4144-9ed6-a075f2283e36

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 175
Content-Type: text/plain
Date: Thu, 05 Jul 2018 15:55:46 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"unauthorized_client","error_description":"The client is not authorized to request an access token using this method.","state":"474fdffe-4694-4144-9ed6-a075f2283e36"}

#######################################################
TEST: requestAuthorizationCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:46 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ADAB.5BD3.BC4C.1BF3",
    "client_secret": "c5ccc27d-92f9-426d-95d4-fa6574dca34a",
    "registration_access_token": "ee1658c1-5170-4b2e-8804-ed4e8bb8944f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ADAB.5BD3.BC4C.1BF3",
    "client_id_issued_at": 1530806146,
    "client_secret_expires_at": 1530892546,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ee1658c1-5170-4b2e-8804-ed4e8bb8944f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ADAB.5BD3.BC4C.1BF3",
    "client_secret": "c5ccc27d-92f9-426d-95d4-fa6574dca34a",
    "registration_access_token": "ee1658c1-5170-4b2e-8804-ed4e8bb8944f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ADAB.5BD3.BC4C.1BF3",
    "client_id_issued_at": 1530806146,
    "client_secret_expires_at": 1530892546,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ADAB.5BD3.BC4C.1BF3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d68d6d75-953d-45e9-bb90-025de8b55cdb&nonce=9652933c-3d9b-469c-82dc-eebae91a2017
11:56:08.265 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3ca8d664-7679-481e-a7e3-df9b37bcc8a3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ADAB.5BD3.BC4C.1BF3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d68d6d75-953d-45e9-bb90-025de8b55cdb&nonce=9652933c-3d9b-469c-82dc-eebae91a2017

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=919175e5-193e-47c8-8655-5f931f80c407&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBREFCLjVCRDMuQkM0Qy4xQkYzIiwiZXhwIjoxNTMwODA5NzQ4LCJpYXQiOjE1MzA4MDYxNDgsIm5vbmNlIjoiOTY1MjkzM2MtM2Q5Yi00NjljLTgyZGMtZWViYWU5MWEyMDE3IiwiYXV0aF90aW1lIjoxNTMwODA2MTQ4LCJjX2hhc2giOiJod1U5cThkb3RxaXdtU1ExT0lyS3ZRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiR0JXaFcwNkozaE9ULVFaRUlkY1lTWWJldUhOV0pYM09LcjJVMmxaS3kzWSJ9.jmwt1ozV-WG6873UYaWvBhMGr4FQddV-5xe6CnAebSTOLtHtnE0Fe_EuD3-tOAUe_7DeUQD9n1LS38nB28k2yyrxu9eG9JVWEzkOzlAX2Su-GJ9orygday0cEAv_9eTafSGFU8DUMoNLHfRbIwAhlKbQy5gIQULciI6SgpG2BZBKJB13B6Lbx3WqrfNjVpp9GExrfZePXhBTG9TCQnWtnQ358Bs-XENOzK_S4ssj7Y6_YBqv2ICUyAzZBRTtyoWIiyC5GiuZzErkjTPDVUKUTpZKZ0xDZYEWoeRcKJTJXZHEB8CMA77gzIVfOtcLqbIwIFQYuHTyMFw0A3t6c6ca2Q&session_id=c850a88b-5506-4371-a2aa-88cc2c44d8de&state=d68d6d75-953d-45e9-bb90-025de8b55cdb&session_state=3ca8d664-7679-481e-a7e3-df9b37bcc8a3

#######################################################
TEST: requestAuthorizationCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D72D.D5F6.A19A.02FF",
    "client_secret": "0dcbb439-1e30-4b4f-a0bd-b3a7e5cbddd9",
    "registration_access_token": "a2b906a3-18a8-4144-976b-0066ae01ee81",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D72D.D5F6.A19A.02FF",
    "client_id_issued_at": 1530806148,
    "client_secret_expires_at": 1530892548,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a2b906a3-18a8-4144-976b-0066ae01ee81

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D72D.D5F6.A19A.02FF",
    "client_secret": "0dcbb439-1e30-4b4f-a0bd-b3a7e5cbddd9",
    "registration_access_token": "a2b906a3-18a8-4144-976b-0066ae01ee81",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D72D.D5F6.A19A.02FF",
    "client_id_issued_at": 1530806148,
    "client_secret_expires_at": 1530892548,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D72D.D5F6.A19A.02FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=da8696d0-9a12-4aed-920e-009f2123ce1a&nonce=89e2d039-605b-4d71-a57b-358b7f70ba62
11:56:09.761 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d29c4c08-a214-4a36-9ca3-18acf5f3f5a4
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D72D.D5F6.A19A.02FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=da8696d0-9a12-4aed-920e-009f2123ce1a&nonce=89e2d039-605b-4d71-a57b-358b7f70ba62

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=83d663e5-eb00-4158-9b56-9a6676388b03&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFENzJELkQ1RjYuQTE5QS4wMkZGIiwiZXhwIjoxNTMwODA5NzQ5LCJpYXQiOjE1MzA4MDYxNDksIm5vbmNlIjoiODllMmQwMzktNjA1Yi00ZDcxLWE1N2ItMzU4YjdmNzBiYTYyIiwiYXV0aF90aW1lIjoxNTMwODA2MTQ5LCJjX2hhc2giOiJ1MzN4c3pDNU8wUkpxcFZyQ3pEVXJnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiRExWYkFDYWpvUVo5N051SFJ2LXZlLXRQWnJENUZQOVlqNlg4Y3VHMUxEZyJ9.OngcHlIKKCHKB31EYOi71_4YoKSi_NdI3prFvdsTHA7AuxhdN89Xf0rxwT3iAqvt6etcupdG5NvBfHhYdhePMnPytuehdlaLGk-DUbDbZ2wd_5d3abbVaq3fRLxEoK_ppkxRYgv7gK6eEG65SOz5f4Ji8jW3cU_MgxC5HAkLgRrBhv2ML4PLef56PMoSjLa-fnINh8UsBdUrqUnVuHs8BPi36v-SVoIPFvclUQYb1xcoRtt5PmvdQIlGrXEvqVqbu-Am7DOOFOR6fHm22vuSoe6RTsk-8HCG2jJ37HBFCJnlRAHdcDo6JoLEiKedpmtA5BfZkpXmOo0nG64YQVnP3A&session_id=dbc9e253-7111-4514-bf45-447a3b910804&state=da8696d0-9a12-4aed-920e-009f2123ce1a&session_state=d29c4c08-a214-4a36-9ca3-18acf5f3f5a4

#######################################################
TEST: requestAuthorizationCodeNoRedirection
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:49 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5F0A.F4DA.D53D.BC1C",
    "client_secret": "e48018b8-98a0-48a1-8f03-83368bee2e64",
    "registration_access_token": "8820e3bb-fe43-4519-9cc3-9efa133c3e59",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5F0A.F4DA.D53D.BC1C",
    "client_id_issued_at": 1530806149,
    "client_secret_expires_at": 1530892549,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8820e3bb-fe43-4519-9cc3-9efa133c3e59

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:49 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5F0A.F4DA.D53D.BC1C",
    "client_secret": "e48018b8-98a0-48a1-8f03-83368bee2e64",
    "registration_access_token": "8820e3bb-fe43-4519-9cc3-9efa133c3e59",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5F0A.F4DA.D53D.BC1C",
    "client_id_issued_at": 1530806149,
    "client_secret_expires_at": 1530892549,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215F0A.F4DA.D53D.BC1C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=81765094-3ba8-4a26-9494-8e6920d3ca1b
11:56:11.219 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4add35ff-c969-47b4-9392-814a9893baa5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215F0A.F4DA.D53D.BC1C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=81765094-3ba8-4a26-9494-8e6920d3ca1b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=ad792628-dfe7-4486-88e4-cfb88daf30b4&scope=address+openid+profile+email&session_id=f1c86065-5b30-4cf8-a1bd-ca684ef5f425&state=81765094-3ba8-4a26-9494-8e6920d3ca1b&session_state=4add35ff-c969-47b4-9392-814a9893baa5

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
X-Gluu-NoRedirect: true

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215F0A.F4DA.D53D.BC1C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=81765094-3ba8-4a26-9494-8e6920d3ca1b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------


#######################################################
TEST: requestAuthorizationCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!44E4.17B6.1531.9BC0",
    "client_secret": "1c010c35-bc4a-43fd-9158-1ac08b649c9b",
    "registration_access_token": "1a74ff46-1c1a-459b-b326-7b2d210949a9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!44E4.17B6.1531.9BC0",
    "client_id_issued_at": 1530806151,
    "client_secret_expires_at": 1530892551,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1a74ff46-1c1a-459b-b326-7b2d210949a9

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!44E4.17B6.1531.9BC0",
    "client_secret": "1c010c35-bc4a-43fd-9158-1ac08b649c9b",
    "registration_access_token": "1a74ff46-1c1a-459b-b326-7b2d210949a9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!44E4.17B6.1531.9BC0",
    "client_id_issued_at": 1530806151,
    "client_secret_expires_at": 1530892551,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2144E4.17B6.1531.9BC0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d13fb42c-0677-4f0d-9649-6ad89f6395e4
11:56:12.505 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6ca8f02b-091b-4fed-a554-2b593b88b0c0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2144E4.17B6.1531.9BC0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d13fb42c-0677-4f0d-9649-6ad89f6395e4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7fd0c95a-b528-4df3-a195-b17633cba13e&scope=address+openid+profile+email&session_id=982c8406-a507-4bfa-b801-a6217893e950&state=d13fb42c-0677-4f0d-9649-6ad89f6395e4&session_state=6ca8f02b-091b-4fed-a554-2b593b88b0c0

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUri
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1082
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CD9C.10BD.CE74.5007",
    "client_secret": "d06a13a0-bb3f-4cf2-b4e1-916b1bf6cdac",
    "registration_access_token": "2ae57469-bc49-4bcb-898f-d6c69e2332c1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CD9C.10BD.CE74.5007",
    "client_id_issued_at": 1530806152,
    "client_secret_expires_at": 1530892552,
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CD9C.10BD.CE74.5007&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=94293a52-4cd0-4362-92e5-dcb4d52a34f7
11:56:13.796 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ea2ff1ac-101b-47f1-8eb7-9f9add47af38
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CD9C.10BD.CE74.5007&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=94293a52-4cd0-4362-92e5-dcb4d52a34f7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=d480577f-2975-43ad-9dcc-c2508241b1eb&scope=address+openid+profile+email&session_id=fc781e50-56d8-4151-a238-8bba8af5f6b6&state=94293a52-4cd0-4362-92e5-dcb4d52a34f7&session_state=ea2ff1ac-101b-47f1-8eb7-9f9add47af38

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1B0.ADAA.EB8A.6873",
    "client_secret": "1147c329-0226-4223-be01-f8f7d6de3500",
    "registration_access_token": "be9eb03d-f0aa-4c3c-853a-81cdc812cf6e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1B0.ADAA.EB8A.6873",
    "client_id_issued_at": 1530806153,
    "client_secret_expires_at": 1530892553,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A1B0.ADAA.EB8A.6873&scope=openid+profile+address+email&state=9be98d2f-ccf5-45d7-ad78-9c273596709f&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Thu, 05 Jul 2018 15:55:53 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"9be98d2f-ccf5-45d7-ad78-9c273596709f"}

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1080
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5764.CFB7.FFA1.1BCD",
    "client_secret": "0dac8800-878d-4730-85d0-c32a5357457e",
    "registration_access_token": "2bdae25f-d260-42ad-bc30-8bd09a69f376",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5764.CFB7.FFA1.1BCD",
    "client_id_issued_at": 1530806154,
    "client_secret_expires_at": 1530892554,
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215764.CFB7.FFA1.1BCD&scope=openid+profile+address+email&state=9ec4becb-f986-472b-8bc5-218c18a6e06c&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:55:54 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=0b92873c-4b6e-4a56-afe4-acf3db159b4c&scope=address+openid+profile+email&session_id=af6631c9-c833-4fe7-a4ca-35d1028960b2&state=9ec4becb-f986-472b-8bc5-218c18a6e06c&session_state=0f015a4b-3346-4fa6-a0f3-ea6b71c012a2
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationDenyAccessThenGrantAccess
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DB46.73F1.A026.8070",
    "client_secret": "d42d228e-5230-4867-a56a-4f47834d596c",
    "registration_access_token": "9d4c0cea-bf47-415d-a295-22da82c0a9bc",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DB46.73F1.A026.8070",
    "client_id_issued_at": 1530806154,
    "client_secret_expires_at": 1530892554,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DB46.73F1.A026.8070&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2aad7565-3ae1-42da-a857-2871a3d25393
11:56:15.532 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndDenyAccess: sessionId:2abb0e76-b31b-467f-a7cd-c6e6623319eb
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DB46.73F1.A026.8070&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2aad7565-3ae1-42da-a857-2871a3d25393

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=2aad7565-3ae1-42da-a857-2871a3d25393

authorizationRequestAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DB46.73F1.A026.8070&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e71c6df8-3e4a-4e81-9a21-2b4e5259fdde&session_id=2abb0e76-b31b-467f-a7cd-c6e6623319eb
authorizationRequestAndDenyAccess: sessionState:null
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DB46.73F1.A026.8070&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e71c6df8-3e4a-4e81-9a21-2b4e5259fdde&session_id=2abb0e76-b31b-467f-a7cd-c6e6623319eb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=e71c6df8-3e4a-4e81-9a21-2b4e5259fdde

authorizationRequestAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DB46.73F1.A026.8070&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=96f0f3e1-a4b3-4587-b20a-dcdbdb5b21a2&session_id=2abb0e76-b31b-467f-a7cd-c6e6623319eb
authorizationRequestAndGrantAccess: sessionState:c1b7c7df-bf46-4a6e-85bc-eb0f7c851f4e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DB46.73F1.A026.8070&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=96f0f3e1-a4b3-4587-b20a-dcdbdb5b21a2&session_id=2abb0e76-b31b-467f-a7cd-c6e6623319eb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=9bd6e191-ba7f-4223-8ec2-56712e5bfb63&scope=address+openid+profile+email&session_id=2abb0e76-b31b-467f-a7cd-c6e6623319eb&state=96f0f3e1-a4b3-4587-b20a-dcdbdb5b21a2&session_state=c1b7c7df-bf46-4a6e-85bc-eb0f7c851f4e

#######################################################
TEST: requestAuthorizationIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2629.AC68.1BD6.613D",
    "client_secret": "dac6dde3-3c9f-40c6-a2b6-3669b404a80d",
    "registration_access_token": "af915616-a325-4350-81fe-cd072dfa0657",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2629.AC68.1BD6.613D",
    "client_id_issued_at": 1530806156,
    "client_secret_expires_at": 1530892556,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer af915616-a325-4350-81fe-cd072dfa0657

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2629.AC68.1BD6.613D",
    "client_secret": "dac6dde3-3c9f-40c6-a2b6-3669b404a80d",
    "registration_access_token": "af915616-a325-4350-81fe-cd072dfa0657",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2629.AC68.1BD6.613D",
    "client_id_issued_at": 1530806156,
    "client_secret_expires_at": 1530892556,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212629.AC68.1BD6.613D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=097a5f32-dd6a-4bfb-9e5c-87211c54dfb1&nonce=712529ad-2e95-46c7-82a2-260ef39257a4
11:56:17.898 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:132023fb-821e-4c69-b2ad-6eda60a2cfad
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212629.AC68.1BD6.613D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=097a5f32-dd6a-4bfb-9e5c-87211c54dfb1&nonce=712529ad-2e95-46c7-82a2-260ef39257a4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyNjI5LkFDNjguMUJENi42MTNEIiwiZXhwIjoxNTMwODA5NzU3LCJpYXQiOjE1MzA4MDYxNTcsIm5vbmNlIjoiNzEyNTI5YWQtMmU5NS00NmM3LTgyYTItMjYwZWYzOTI1N2E0IiwiYXV0aF90aW1lIjoxNTMwODA2MTU3LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI2SzFkQ0t0X3c0SXJ2YXJoTTVmaHpUV1RUWjI2N09nMmNmOWl1THpLZ2NzIn0.A6mWml1iD6hHxHL68mmzLN2qqY6aRJskxz0htIi0cDwLjWQ7cXgD3JCy_oWS1KRbjpYgu6Ux2NFWlEY960Z8obrlD32A1kmy3igVx3iQfNNM93diR-iQF9up2O9Vl9XUvC0ZViyaFKwbXI_MLRAV71y3itUtV2-ijvkC8-UpM5RsfEYq4_rjbn8ASAC0SuLZuA8-Virl5YRUKdiORHNzM16NtSI6Gvr_Gc8HxSVd6Rig6kdFLrSW-9mhRvBRWYoKyKovAxf9fiqe-kyryLJeyrlBiH6OmFqsfDgtXgKnFZrMvXqVS1ojDoG1YYG9tLWxAh7lEW9spW7vTlHyCsis-Q&session_id=4cc8ec44-9496-493f-a8ac-98b956d033d4&state=097a5f32-dd6a-4bfb-9e5c-87211c54dfb1&session_state=132023fb-821e-4c69-b2ad-6eda60a2cfad

#######################################################
TEST: requestAuthorizationIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E49.ABD5.76E4.D7FB",
    "client_secret": "1025f437-1be4-4a67-b83b-03c244450dbd",
    "registration_access_token": "1cd689e4-8dee-4c2f-9288-6e1691bbc989",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E49.ABD5.76E4.D7FB",
    "client_id_issued_at": 1530806157,
    "client_secret_expires_at": 1530892557,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1cd689e4-8dee-4c2f-9288-6e1691bbc989

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E49.ABD5.76E4.D7FB",
    "client_secret": "1025f437-1be4-4a67-b83b-03c244450dbd",
    "registration_access_token": "1cd689e4-8dee-4c2f-9288-6e1691bbc989",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E49.ABD5.76E4.D7FB",
    "client_id_issued_at": 1530806157,
    "client_secret_expires_at": 1530892557,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214E49.ABD5.76E4.D7FB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=86112359-639d-448a-9b04-698512cd79b9&nonce=c8f0f800-4b8f-496c-a6b1-acdd48fead28
11:56:19.251 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c19a9410-5d35-4d2e-b0fa-d16635b396dc
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214E49.ABD5.76E4.D7FB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=86112359-639d-448a-9b04-698512cd79b9&nonce=c8f0f800-4b8f-496c-a6b1-acdd48fead28

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0RTQ5LkFCRDUuNzZFNC5EN0ZCIiwiZXhwIjoxNTMwODA5NzU5LCJpYXQiOjE1MzA4MDYxNTksIm5vbmNlIjoiYzhmMGY4MDAtNGI4Zi00OTZjLWE2YjEtYWNkZDQ4ZmVhZDI4IiwiYXV0aF90aW1lIjoxNTMwODA2MTU4LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJqanVYSks5Nm5YWUF4cUNrSWdmWm9nS21Pd0V6TFNiLTQ0cFdvdXE0ei1rIn0.Zh-sAzd0wGmZtNc5MNOOmcvd_rfXhf4ov4gtqsSjEqozOuLp_fB1YCCjTcfafCu4UgM8Slh1GI2kN87-T0-HUmPm5mC8R6qq3cdDDHrM8ewrkqeJRICplWyzi2cIq3P4MDGg_xmVpnsanrqH28Tp73pabKk7K-YVzNL7sSmfqf44o4k_vVTJDVGXeSCZ_alr2QT_QIAnG2dzGtVuQ6E-EJ_wwWuOXJD3d0Hv_ZG1ZSLxGZIVVINla5F29d84525bLKi3WkazQUoTOH9tnAgpm23xTUOZurstM3r1Vzd09wWVscRKiZQBUfAreg02puBtDmuxvMfCP87PKFsIjtNGXA&session_id=72f53c5f-cd28-4a50-8412-e72f573cda1d&state=86112359-639d-448a-9b04-698512cd79b9&session_state=c19a9410-5d35-4d2e-b0fa-d16635b396dc

#######################################################
TEST: requestAuthorizationPromptConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AD15.8876.E83E.E229",
    "client_secret": "132cac87-a401-4032-be03-b142eeed70ad",
    "registration_access_token": "10e92e02-8abc-46af-8e38-2d42f020f74e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AD15.8876.E83E.E229",
    "client_id_issued_at": 1530806159,
    "client_secret_expires_at": 1530892559,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 10e92e02-8abc-46af-8e38-2d42f020f74e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:55:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AD15.8876.E83E.E229",
    "client_secret": "132cac87-a401-4032-be03-b142eeed70ad",
    "registration_access_token": "10e92e02-8abc-46af-8e38-2d42f020f74e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AD15.8876.E83E.E229",
    "client_id_issued_at": 1530806159,
    "client_secret_expires_at": 1530892559,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AD15.8876.E83E.E229&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=254cf77c-ab93-4713-80e2-ca515b02d49b&prompt=consent
11:56:20.593 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6756dca4-5e0d-4acf-bca4-171798a185ac
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AD15.8876.E83E.E229&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=254cf77c-ab93-4713-80e2-ca515b02d49b&prompt=consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=43eb209a-4f13-487c-8750-6ae3a2ccb59f&scope=address+openid+profile+email&session_id=b127d893-c9a0-400e-b19f-af63acfe8fdc&state=254cf77c-ab93-4713-80e2-ca515b02d49b&session_state=6756dca4-5e0d-4acf-bca4-171798a185ac

#######################################################
TEST: requestAuthorizationPromptConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D435.D291.56AD.7EA7",
    "client_secret": "31cb6874-a11a-49b6-9aef-fb6bf0e1081f",
    "registration_access_token": "f57b0f35-886c-4d1a-bc3d-14d80d24a554",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D435.D291.56AD.7EA7",
    "client_id_issued_at": 1530806160,
    "client_secret_expires_at": 1530892560,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f57b0f35-886c-4d1a-bc3d-14d80d24a554

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D435.D291.56AD.7EA7",
    "client_secret": "31cb6874-a11a-49b6-9aef-fb6bf0e1081f",
    "registration_access_token": "f57b0f35-886c-4d1a-bc3d-14d80d24a554",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D435.D291.56AD.7EA7",
    "client_id_issued_at": 1530806160,
    "client_secret_expires_at": 1530892560,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D435.D291.56AD.7EA7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=56a84968-7d88-479a-afc2-22a322546bd2&prompt=consent
11:56:21.943 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e15723cf-9667-4e31-8abb-deff264df92d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D435.D291.56AD.7EA7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=56a84968-7d88-479a-afc2-22a322546bd2&prompt=consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=635ebaa5-99e3-468f-a5f1-6af4a2c7da10&scope=address+openid+profile+email&session_id=d674e534-b9e8-483a-bd35-34c1d04ddb4f&state=56a84968-7d88-479a-afc2-22a322546bd2&session_state=e15723cf-9667-4e31-8abb-deff264df92d

#######################################################
TEST: requestAuthorizationPromptLogin
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07DD.4BD3.C78F.C27B",
    "client_secret": "4b44f053-ca10-4669-b6ea-55b77534571b",
    "registration_access_token": "1fbf3214-62aa-4ceb-9a72-1c7b258dfab2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07DD.4BD3.C78F.C27B",
    "client_id_issued_at": 1530806161,
    "client_secret_expires_at": 1530892561,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1fbf3214-62aa-4ceb-9a72-1c7b258dfab2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07DD.4BD3.C78F.C27B",
    "client_secret": "4b44f053-ca10-4669-b6ea-55b77534571b",
    "registration_access_token": "1fbf3214-62aa-4ceb-9a72-1c7b258dfab2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07DD.4BD3.C78F.C27B",
    "client_id_issued_at": 1530806161,
    "client_secret_expires_at": 1530892561,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2107DD.4BD3.C78F.C27B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=74f781c7-e8b8-4921-ae06-f3cf825c6c19&prompt=login
11:56:23.284 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cab74e76-9743-4d09-8b9e-34a4303ef0e8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2107DD.4BD3.C78F.C27B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=74f781c7-e8b8-4921-ae06-f3cf825c6c19&prompt=login

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=00558a5b-570e-4d70-9cfd-2df8c8aa6d71&scope=address+openid+profile+email&session_id=edd090f5-4dc6-4442-9d60-1567080f7f0a&state=74f781c7-e8b8-4921-ae06-f3cf825c6c19&session_state=cab74e76-9743-4d09-8b9e-34a4303ef0e8

#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2AC7.7E23.307E.1868",
    "client_secret": "2ad37025-4e55-46fa-a205-0b9371fc1616",
    "registration_access_token": "f70a804b-c9f7-498a-8562-c1d8947296e3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2AC7.7E23.307E.1868",
    "client_id_issued_at": 1530806163,
    "client_secret_expires_at": 1530892563,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f70a804b-c9f7-498a-8562-c1d8947296e3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2AC7.7E23.307E.1868",
    "client_secret": "2ad37025-4e55-46fa-a205-0b9371fc1616",
    "registration_access_token": "f70a804b-c9f7-498a-8562-c1d8947296e3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2AC7.7E23.307E.1868",
    "client_id_issued_at": 1530806163,
    "client_secret_expires_at": 1530892563,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212AC7.7E23.307E.1868&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3101a00c-eb26-4252-aa5b-e7d3922773b8&prompt=login+consent
11:56:24.612 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:229f1c02-a3f1-43a6-bc84-b263cc00e63f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212AC7.7E23.307E.1868&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3101a00c-eb26-4252-aa5b-e7d3922773b8&prompt=login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=649a3b3c-d458-4d32-af50-d215d2332f1d&scope=address+openid+profile+email&session_id=25e344e1-605c-4ad5-996c-be357b93f9b1&state=3101a00c-eb26-4252-aa5b-e7d3922773b8&session_state=229f1c02-a3f1-43a6-bc84-b263cc00e63f

#######################################################
TEST: requestAuthorizationPromptLoginConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!30BA.9273.8C82.F519",
    "client_secret": "bf2a8ebb-9fa9-4511-964f-72ca0a0828d4",
    "registration_access_token": "b5161228-d6fc-45bf-8a50-dd30807d50f7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!30BA.9273.8C82.F519",
    "client_id_issued_at": 1530806164,
    "client_secret_expires_at": 1530892564,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b5161228-d6fc-45bf-8a50-dd30807d50f7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!30BA.9273.8C82.F519",
    "client_secret": "bf2a8ebb-9fa9-4511-964f-72ca0a0828d4",
    "registration_access_token": "b5161228-d6fc-45bf-8a50-dd30807d50f7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!30BA.9273.8C82.F519",
    "client_id_issued_at": 1530806164,
    "client_secret_expires_at": 1530892564,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2130BA.9273.8C82.F519&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f74bef2a-94eb-463d-aaae-7d8fda88d96b&prompt=login+consent
11:56:25.885 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:17bfc8d4-68d5-42db-a2de-1aa61fb7a043
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2130BA.9273.8C82.F519&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f74bef2a-94eb-463d-aaae-7d8fda88d96b&prompt=login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=f457ef49-319c-4c48-8ad6-270b2c3ff2e6&scope=address+openid+profile+email&session_id=eade02ac-4e4b-44b7-99a2-2295908c2c5c&state=f74bef2a-94eb-463d-aaae-7d8fda88d96b&session_state=17bfc8d4-68d5-42db-a2de-1aa61fb7a043

#######################################################
TEST: requestAuthorizationPromptNoneFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF9C.3B18.6592.AEBF",
    "client_secret": "a20d53c2-abe9-4746-be5f-48d63f39cc65",
    "registration_access_token": "75d75e37-8b13-4683-81fe-735f5db1cc1a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF9C.3B18.6592.AEBF",
    "client_id_issued_at": 1530806166,
    "client_secret_expires_at": 1530892566,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 75d75e37-8b13-4683-81fe-735f5db1cc1a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF9C.3B18.6592.AEBF",
    "client_secret": "a20d53c2-abe9-4746-be5f-48d63f39cc65",
    "registration_access_token": "75d75e37-8b13-4683-81fe-735f5db1cc1a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF9C.3B18.6592.AEBF",
    "client_id_issued_at": 1530806166,
    "client_secret_expires_at": 1530892566,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CF9C.3B18.6592.AEBF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f9301461-80ab-488b-bd21-97fc8bfe8ec2&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+Authorization+Server+requires+End-User+authentication.+This+error+MAY+be+returned+when+the+prompt+parameter+in+the+Authorization+Request+is+set+to+none+to+request+that+the+Authorization+Server+should+not+display+any+user+interfaces+to+the+End-User%2C+but+the+Authorization+Request+cannot+be+completed+without+displaying+a+user+interface+for+user+authentication.&state=f9301461-80ab-488b-bd21-97fc8bfe8ec2&error=login_required
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2365.386F.BE27.4A30",
    "client_secret": "63cfa352-268c-4350-9d48-12a74bd13d6c",
    "registration_access_token": "43d0afc5-d2b8-4c74-9a13-f9605bcac710",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2365.386F.BE27.4A30",
    "client_id_issued_at": 1530806166,
    "client_secret_expires_at": 1530892566,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 43d0afc5-d2b8-4c74-9a13-f9605bcac710

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2365.386F.BE27.4A30",
    "client_secret": "63cfa352-268c-4350-9d48-12a74bd13d6c",
    "registration_access_token": "43d0afc5-d2b8-4c74-9a13-f9605bcac710",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2365.386F.BE27.4A30",
    "client_id_issued_at": 1530806166,
    "client_secret_expires_at": 1530892566,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212365.386F.BE27.4A30&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=802c835d-f2e1-4e1a-917c-fb453ee22da1&prompt=none+login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=802c835d-f2e1-4e1a-917c-fb453ee22da1&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationPromptNoneTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5715.A1F9.EE93.9AEB",
    "client_secret": "c5e810df-3dae-4dff-8e73-68e3f48b3283",
    "registration_access_token": "78dd22e4-ef6d-40bb-9059-15beea382c15",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5715.A1F9.EE93.9AEB",
    "client_id_issued_at": 1530806166,
    "client_secret_expires_at": 1530892566,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 78dd22e4-ef6d-40bb-9059-15beea382c15

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5715.A1F9.EE93.9AEB",
    "client_secret": "c5e810df-3dae-4dff-8e73-68e3f48b3283",
    "registration_access_token": "78dd22e4-ef6d-40bb-9059-15beea382c15",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5715.A1F9.EE93.9AEB",
    "client_id_issued_at": 1530806166,
    "client_secret_expires_at": 1530892566,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215715.A1F9.EE93.9AEB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9639da6e-43a8-4a89-a387-ea848b3706f2&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=74d6e385-40bb-4d9e-bc29-8c82cfc529d0&scope=address+openid+profile+email&session_id=087296d5-2466-4d96-8679-b88b0c9580a6&state=9639da6e-43a8-4a89-a387-ea848b3706f2&session_state=031dd9d3-57ba-477f-9594-b7302f1d925f
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!85AA.CC0C.31A2.1F67",
    "client_secret": "acaabd54-1bfb-435e-a324-387c34536cfc",
    "registration_access_token": "f41a3d11-feea-4d38-bc88-deb0e4307888",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!85AA.CC0C.31A2.1F67",
    "client_id_issued_at": 1530806166,
    "client_secret_expires_at": 1530892566,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f41a3d11-feea-4d38-bc88-deb0e4307888

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!85AA.CC0C.31A2.1F67",
    "client_secret": "acaabd54-1bfb-435e-a324-387c34536cfc",
    "registration_access_token": "f41a3d11-feea-4d38-bc88-deb0e4307888",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!85AA.CC0C.31A2.1F67",
    "client_id_issued_at": 1530806166,
    "client_secret_expires_at": 1530892566,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2185AA.CC0C.31A2.1F67&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=033159e4-06a9-40cb-b59d-a254925d9b34&nonce=a3010eca-9f96-4205-bfc4-ad704dca9d7a
11:56:28.252 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e9713344-3a0f-4563-a47a-8e552cff4609
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2185AA.CC0C.31A2.1F67&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=033159e4-06a9-40cb-b59d-a254925d9b34&nonce=a3010eca-9f96-4205-bfc4-ad704dca9d7a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=85d4f045-7f1a-40d3-ade8-b16a52b344b1&scope=address+openid+profile+email&session_id=692c7fab-73e6-4132-8e36-fd0cd7b828d0&state=033159e4-06a9-40cb-b59d-a254925d9b34&token_type=bearer&session_state=e9713344-3a0f-4563-a47a-8e552cff4609&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A0D6.63A0.AE4C.18E3",
    "client_secret": "0cdc75b9-1db8-4aa3-8e1c-3642c5900b34",
    "registration_access_token": "76c89310-ff79-41be-8cf1-b376cf9d737d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A0D6.63A0.AE4C.18E3",
    "client_id_issued_at": 1530806168,
    "client_secret_expires_at": 1530892568,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 76c89310-ff79-41be-8cf1-b376cf9d737d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A0D6.63A0.AE4C.18E3",
    "client_secret": "0cdc75b9-1db8-4aa3-8e1c-3642c5900b34",
    "registration_access_token": "76c89310-ff79-41be-8cf1-b376cf9d737d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A0D6.63A0.AE4C.18E3",
    "client_id_issued_at": 1530806168,
    "client_secret_expires_at": 1530892568,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A0D6.63A0.AE4C.18E3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=954b66cb-666d-45c0-a271-d89a9ee6e8db&nonce=c1cc14b0-7cbb-4bae-b07c-932e87af2d85
11:56:29.605 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:0cb9bfb4-e615-4be4-b589-f426579735e6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A0D6.63A0.AE4C.18E3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=954b66cb-666d-45c0-a271-d89a9ee6e8db&nonce=c1cc14b0-7cbb-4bae-b07c-932e87af2d85

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=26aa4af5-1206-4e8b-9bfa-03d0046e81f5&code=a60d20a7-5121-4f9e-b855-2bc624efcab7&scope=address+openid+profile+email&session_id=20d05570-22d4-4300-b047-c1fc8b33f389&state=954b66cb-666d-45c0-a271-d89a9ee6e8db&token_type=bearer&session_state=0cb9bfb4-e615-4be4-b589-f426579735e6&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C02.2850.A3A9.9093",
    "client_secret": "6be44452-eefe-4022-a8fc-ffde709218a3",
    "registration_access_token": "dadfd835-3ad8-4994-974d-b30080598e57",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C02.2850.A3A9.9093",
    "client_id_issued_at": 1530806169,
    "client_secret_expires_at": 1530892569,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer dadfd835-3ad8-4994-974d-b30080598e57

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C02.2850.A3A9.9093",
    "client_secret": "6be44452-eefe-4022-a8fc-ffde709218a3",
    "registration_access_token": "dadfd835-3ad8-4994-974d-b30080598e57",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C02.2850.A3A9.9093",
    "client_id_issued_at": 1530806169,
    "client_secret_expires_at": 1530892569,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C02.2850.A3A9.9093&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f0c36631-2ee3-4acf-ac8f-d65c902a55c2&nonce=defb4193-222e-42ab-8161-a97290777c9d
11:56:30.902 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:525f7fcf-8748-4ee2-86b5-468bf077b093
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C02.2850.A3A9.9093&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f0c36631-2ee3-4acf-ac8f-d65c902a55c2&nonce=defb4193-222e-42ab-8161-a97290777c9d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=a4e75977-401b-46ba-bc1a-ee16432e3b71&code=6d1eb162-5885-4ba7-b374-cbdbcb99bdab&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzAyLjI4NTAuQTNBOS45MDkzIiwiZXhwIjoxNTMwODA5NzcwLCJpYXQiOjE1MzA4MDYxNzAsIm5vbmNlIjoiZGVmYjQxOTMtMjIyZS00MmFiLTgxNjEtYTk3MjkwNzc3YzlkIiwiYXV0aF90aW1lIjoxNTMwODA2MTcwLCJjX2hhc2giOiJIazVOdE50cUpEb3ByeEwxMkhpcWxnIiwiYXRfaGFzaCI6Ildqd1UzUmY5REFKQkNqcDZuenI4QmciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ3bk1PTUtheS04MVBCZS13Vzh6R1ZDX0o3Vm83SU9wM3hGRWpsbWVwQ0MwIn0.N7zuDPnwnHboql7QIKILwZ2Aqf5di4zciG2YC_c24jumBVuCg9sYnAogxyKGAR9oLjpFj-3Dz3oRuMJYX33qPPT771C_R8mIoKFGDo-SsGmm72BgiP9SwNuUP4E6l4UJJ76eZ99zaGY8ZyartkWYieL8XI37KgXiUDoCrWYtDKNFBtLuZB5KGbd1_dedOZECAYxMIvHkbHZ3d52EpyRTz6dDMRb5iHTGXIeIg0aAjQY-5LbeQ_RchyHLddLsCK1oRro0rtxfT129WUtDf2qu7dCAzVzDvzNlWEDu9-PlrqXVICtLFPg0xc69MEEyNQ80Wdj_j1Hfp4hUWl_VwVfiAA&session_id=14606630-5194-48c6-85d3-8a7a2ed269c7&state=f0c36631-2ee3-4acf-ac8f-d65c902a55c2&token_type=bearer&session_state=525f7fcf-8748-4ee2-86b5-468bf077b093&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5621.E74A.C379.D420",
    "client_secret": "c43e2f8b-2382-44eb-8927-cc1ec3a27bb0",
    "registration_access_token": "e9a8b238-8afe-4aac-8503-72e86daa2763",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5621.E74A.C379.D420",
    "client_id_issued_at": 1530806170,
    "client_secret_expires_at": 1530892570,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e9a8b238-8afe-4aac-8503-72e86daa2763

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5621.E74A.C379.D420",
    "client_secret": "c43e2f8b-2382-44eb-8927-cc1ec3a27bb0",
    "registration_access_token": "e9a8b238-8afe-4aac-8503-72e86daa2763",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5621.E74A.C379.D420",
    "client_id_issued_at": 1530806170,
    "client_secret_expires_at": 1530892570,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215621.E74A.C379.D420&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ef9abb81-9a70-4be3-aae1-feda7015d1ec&nonce=eb5ed5a7-7e5f-4f51-bb13-beaf74f75977
11:56:32.310 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a9a5c7e8-cee0-4569-8190-152428134b52
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215621.E74A.C379.D420&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ef9abb81-9a70-4be3-aae1-feda7015d1ec&nonce=eb5ed5a7-7e5f-4f51-bb13-beaf74f75977

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=11616d54-9abe-45eb-87ae-51a614ff7f19&code=455c0410-2e98-4f8c-8620-7717a6ee9fb9&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NjIxLkU3NEEuQzM3OS5ENDIwIiwiZXhwIjoxNTMwODA5NzcyLCJpYXQiOjE1MzA4MDYxNzIsIm5vbmNlIjoiZWI1ZWQ1YTctN2U1Zi00ZjUxLWJiMTMtYmVhZjc0Zjc1OTc3IiwiYXV0aF90aW1lIjoxNTMwODA2MTcyLCJjX2hhc2giOiI0amFTVzc1dUpBOEpJU0c2Yko3YnBRIiwiYXRfaGFzaCI6InlvVWtTaUs0WENhZnZsMFJ3WFlBc3ciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxRHF0LXBvX0pRN3ZfYW1CVVVFRjdNXzZ1Um95RFoySnZ1RDRWY2NmRlFBIn0.cDFu325NzVsNvw0YyZz-n81UAX4jiqQ4ROV-AXdwqzh8Rj_YuZl08UXz2XBwDgcU1o2MxGi8EAZuJC-SFcPdDKbgFXqvXlbvN2llppS-FgzT03bLtkHUIAFaVr7b_VVXdcp3xIZYCkIqkmAhB-cwbj2Rugbc52mVu81DxtYUAw3CQNZU3Rs2TgY_760H86vaXXP5fip8JHSzdRwdFrMWjJUMlEh05KUqmRr00dgOYjN08JtNgN2kh0PH-E3KLOc3Qo4TUvC9SpQ6IGh9edzwvp_kJxzO90mU5ouuDSkW6jDpjGKA80_V5DI-24p-jPDbIdvRjNBFqXArvfkW1VwJVw&session_id=35e0299c-44ea-4257-8903-9ce78b0b93f0&state=ef9abb81-9a70-4be3-aae1-feda7015d1ec&token_type=bearer&session_state=a9a5c7e8-cee0-4569-8190-152428134b52&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BAC7.C475.70FC.6B58",
    "client_secret": "04ec862e-6396-4a32-8b55-305e5fdd7fc7",
    "registration_access_token": "07bdd408-43ec-4851-94be-c07716705cbb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BAC7.C475.70FC.6B58",
    "client_id_issued_at": 1530806172,
    "client_secret_expires_at": 1530892572,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 07bdd408-43ec-4851-94be-c07716705cbb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BAC7.C475.70FC.6B58",
    "client_secret": "04ec862e-6396-4a32-8b55-305e5fdd7fc7",
    "registration_access_token": "07bdd408-43ec-4851-94be-c07716705cbb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BAC7.C475.70FC.6B58",
    "client_id_issued_at": 1530806172,
    "client_secret_expires_at": 1530892572,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BAC7.C475.70FC.6B58&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8d9d9ebf-dfe2-4eb7-9747-70790b8d5f2f&nonce=01cc3b29-97c4-45be-8907-d4aba2802315
11:56:33.759 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f4def635-4b02-4956-b1ed-8c486c689e9a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BAC7.C475.70FC.6B58&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8d9d9ebf-dfe2-4eb7-9747-70790b8d5f2f&nonce=01cc3b29-97c4-45be-8907-d4aba2802315

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=aeeda0e0-94c7-43f3-9119-c2589a12d962&code=ca96236f-fedf-47ef-bcd0-81b3c70715d4&scope=address+openid+profile+email&session_id=4814f768-44e8-4f93-b4b8-42e2a260878c&state=8d9d9ebf-dfe2-4eb7-9747-70790b8d5f2f&token_type=bearer&session_state=f4def635-4b02-4956-b1ed-8c486c689e9a&expires_in=299

#######################################################
TEST: requestAuthorizationTokenFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=91c6fb93-aade-49f6-bd66-e5ee1646912f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 222
Content-Type: text/plain
Date: Thu, 05 Jul 2018 15:56:13 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.","state":"91c6fb93-aade-49f6-bd66-e5ee1646912f"}

#######################################################
TEST: requestAuthorizationTokenFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1401.DE55.5500.12D4",
    "client_secret": "9b008bc6-46d1-4cae-bc02-4af038038dab",
    "registration_access_token": "7afa86b9-b1f5-4f29-a9d6-f8a7ece5ced3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1401.DE55.5500.12D4",
    "client_id_issued_at": 1530806173,
    "client_secret_expires_at": 1530892573,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7afa86b9-b1f5-4f29-a9d6-f8a7ece5ced3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1401.DE55.5500.12D4",
    "client_secret": "9b008bc6-46d1-4cae-bc02-4af038038dab",
    "registration_access_token": "7afa86b9-b1f5-4f29-a9d6-f8a7ece5ced3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1401.DE55.5500.12D4",
    "client_id_issued_at": 1530806173,
    "client_secret_expires_at": 1530892573,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211401.DE55.5500.12D4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=586ab1d1-84ce-46f0-a9e3-872692a73f24&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:56:14 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=586ab1d1-84ce-46f0-a9e3-872692a73f24&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationTokenIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B5EB.2511.7B84.0B29",
    "client_secret": "e4ac8d1d-8fb2-49a1-8f06-b31cb4f18954",
    "registration_access_token": "0836bcc9-f09c-458e-a453-b53d31b6b625",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B5EB.2511.7B84.0B29",
    "client_id_issued_at": 1530806174,
    "client_secret_expires_at": 1530892574,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 0836bcc9-f09c-458e-a453-b53d31b6b625

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B5EB.2511.7B84.0B29",
    "client_secret": "e4ac8d1d-8fb2-49a1-8f06-b31cb4f18954",
    "registration_access_token": "0836bcc9-f09c-458e-a453-b53d31b6b625",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B5EB.2511.7B84.0B29",
    "client_id_issued_at": 1530806174,
    "client_secret_expires_at": 1530892574,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B5EB.2511.7B84.0B29&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c2c6ae3a-444b-4c40-843a-aee0057d688e&nonce=bd3f65fb-0ab0-4b9e-96af-602995563baa
11:56:35.548 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3fd68084-4e5d-455c-8d8d-563d9d46c2b9
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B5EB.2511.7B84.0B29&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c2c6ae3a-444b-4c40-843a-aee0057d688e&nonce=bd3f65fb-0ab0-4b9e-96af-602995563baa

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=08d3aad4-b876-4d74-b1fb-457d5a02500b&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCNUVCLjI1MTEuN0I4NC4wQjI5IiwiZXhwIjoxNTMwODA5Nzc1LCJpYXQiOjE1MzA4MDYxNzUsIm5vbmNlIjoiYmQzZjY1ZmItMGFiMC00YjllLTk2YWYtNjAyOTk1NTYzYmFhIiwiYXV0aF90aW1lIjoxNTMwODA2MTc1LCJhdF9oYXNoIjoiSDFoMWVTVnh4WDczRGJhV0d0WXpfZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik5Yd1gzdGY1MkNqMUh0Nk9VTFNUY1V5TU5WcHZpVU1JMU13NjVKcmNjX2sifQ.R-i9i1KlzsL5Oa36uqgeoMPx0K4UtgG1il4EIPM1vV_V20IqFiLNva5ayHccivUrpwfiskXpKPEmXESlE4g69dPwXPU18ISl-xMtgezsf3VyKmTFPoPzZm-E2zVqq_Zg7IHqoPPZ4dPwR4DBY9QFqisnqqhj8zLdHomH8jyrg0-L0CXehLf-WETDH62bWRUSRGLuRI5C8LqSmDtarH_HeA94GvDFIUf2aSjlCDi_jHHa2-V9h8n_QfaamaFpkpoAsYpnaJsBFj1gLJZj-pMMo9GLvl26Ob3a8xioKe6yggahfMjY752rGqE9QPQSKQLVN8_RhKDi5NHtmZyvKUiuNw&session_id=2e606eac-59c4-4c93-925f-c5064215c7ee&state=c2c6ae3a-444b-4c40-843a-aee0057d688e&token_type=bearer&session_state=3fd68084-4e5d-455c-8d8d-563d9d46c2b9&expires_in=299

#######################################################
TEST: requestAuthorizationTokenIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD73.A759.01AB.248E",
    "client_secret": "8a8d41ab-c324-473c-a241-4c3ea38005f6",
    "registration_access_token": "049d368d-801e-46e4-96cc-7285086bb438",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD73.A759.01AB.248E",
    "client_id_issued_at": 1530806175,
    "client_secret_expires_at": 1530892575,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 049d368d-801e-46e4-96cc-7285086bb438

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD73.A759.01AB.248E",
    "client_secret": "8a8d41ab-c324-473c-a241-4c3ea38005f6",
    "registration_access_token": "049d368d-801e-46e4-96cc-7285086bb438",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD73.A759.01AB.248E",
    "client_id_issued_at": 1530806175,
    "client_secret_expires_at": 1530892575,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DD73.A759.01AB.248E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b88137bf-4657-453c-82f1-d75bda878c9d&nonce=58b6e605-c610-48c1-957d-171104de474d
11:56:37.010 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:277c7f6c-e0e3-4532-ad8f-e76edb923690
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DD73.A759.01AB.248E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b88137bf-4657-453c-82f1-d75bda878c9d&nonce=58b6e605-c610-48c1-957d-171104de474d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=2c8533cf-5dd1-444d-b0d1-90865e2bf96b&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFERDczLkE3NTkuMDFBQi4yNDhFIiwiZXhwIjoxNTMwODA5Nzc2LCJpYXQiOjE1MzA4MDYxNzYsIm5vbmNlIjoiNThiNmU2MDUtYzYxMC00OGMxLTk1N2QtMTcxMTA0ZGU0NzRkIiwiYXV0aF90aW1lIjoxNTMwODA2MTc2LCJhdF9oYXNoIjoiVTNjbUVuX3dGUkdlNHE4N2JSTmxsUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik81OV9Qamk0YTd0WHRZOG1kT05KSEV6aDgySHlXRzZ0UmhYTjYwR3Ztcm8ifQ.kQXoZMA6dqqJ3yIT2ID-Ad5Yzwkxv-BwoQnsh85qT2S5xKzxovJK3CMTDL98o3AO6jWev5nqL86614NTNqSQX0RT3LNbYYuOd66W_S9D_KToeg55ZLJlcKAB9ytMeLnHKy-Bv94eOQ-aQBcTv1ho3_64yuBMFZpbh6Rj4nLdAlAez7hPNPp7Eyq9zjWC3kEb-ZEsNxVN1Eob24Klhf5hkj6X9T1PzPzIMq1tHGav6Yu7qs-w8ntAGqD0fAcSF1yEoKzIkoZ9NzUhMgpgNJpEPv3NuqA7z_ItHdUamlVQKpgrQ1G7S-1a_SSvSgp24MdPORQebXrFGOXW6AesqEZLnQ&session_id=1c5da14c-2a66-43c0-b8b9-57d46cff2591&state=b88137bf-4657-453c-82f1-d75bda878c9d&token_type=bearer&session_state=277c7f6c-e0e3-4532-ad8f-e76edb923690&expires_in=299

#######################################################
TEST: requestAuthorizationTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2CA.5ADA.D585.CD69",
    "client_secret": "d08f8823-c439-4088-a93c-8964593e46b7",
    "registration_access_token": "8fc18fd0-3b94-452f-b9c7-24376e575674",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2CA.5ADA.D585.CD69",
    "client_id_issued_at": 1530806177,
    "client_secret_expires_at": 1530892577,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8fc18fd0-3b94-452f-b9c7-24376e575674

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2CA.5ADA.D585.CD69",
    "client_secret": "d08f8823-c439-4088-a93c-8964593e46b7",
    "registration_access_token": "8fc18fd0-3b94-452f-b9c7-24376e575674",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2CA.5ADA.D585.CD69",
    "client_id_issued_at": 1530806177,
    "client_secret_expires_at": 1530892577,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B2CA.5ADA.D585.CD69&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ba0c2c88-8520-49b4-86a2-bff5935ad6e3&nonce=08830b9f-7338-4b75-b41d-6563527b2641
11:56:38.455 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:378c8081-65f3-4b2f-bec9-271e8dd0a6a8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B2CA.5ADA.D585.CD69&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ba0c2c88-8520-49b4-86a2-bff5935ad6e3&nonce=08830b9f-7338-4b75-b41d-6563527b2641

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=462c588f-2a3c-49e9-bbde-2b6159c805a0&scope=address+openid+profile+email&session_id=b8969145-66f8-454c-ab9f-02b4fae21338&state=ba0c2c88-8520-49b4-86a2-bff5935ad6e3&token_type=bearer&session_state=378c8081-65f3-4b2f-bec9-271e8dd0a6a8&expires_in=299

#######################################################
TEST: requestAuthorizationWithoutScope
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!903B.5B13.01BC.A9C1",
    "client_secret": "aa92b4d7-0ff6-436e-931c-cadef4137c33",
    "registration_access_token": "97257add-8748-43af-a72a-eea142489896",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!903B.5B13.01BC.A9C1",
    "client_id_issued_at": 1530806178,
    "client_secret_expires_at": 1530892578,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 97257add-8748-43af-a72a-eea142489896

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!903B.5B13.01BC.A9C1",
    "client_secret": "aa92b4d7-0ff6-436e-931c-cadef4137c33",
    "registration_access_token": "97257add-8748-43af-a72a-eea142489896",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!903B.5B13.01BC.A9C1",
    "client_id_issued_at": 1530806178,
    "client_secret_expires_at": 1530892578,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21903B.5B13.01BC.A9C1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f4891c84-0d97-403d-8aeb-2df820ecc4d5&nonce=6779a3cf-e47f-4529-99bb-4e32eac3a9a3
11:56:40.049 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:41951f9e-e882-4e92-9134-d16bc80b319b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21903B.5B13.01BC.A9C1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f4891c84-0d97-403d-8aeb-2df820ecc4d5&nonce=6779a3cf-e47f-4529-99bb-4e32eac3a9a3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=2a0ef0c6-147c-4937-9f58-d5ef5616a431&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MDNCLjVCMTMuMDFCQy5BOUMxIiwiZXhwIjoxNTMwODA5NzgwLCJpYXQiOjE1MzA4MDYxODAsIm5vbmNlIjoiNjc3OWEzY2YtZTQ3Zi00NTI5LTk5YmItNGUzMmVhYzNhOWEzIiwiYXV0aF90aW1lIjoxNTMwODA2MTc5LCJjX2hhc2giOiJhRmlsMkNiaGlQVVNHU3l1R2RfX2VBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiRjcxcHVuRjBHaWthTFgxb3BzOEVTY2xkS0lJSjNEalppTmFmUnVMaGdSbyJ9.QzSFPSrgDTf-QmkFhYSv8eZcCHmmWTuA9rl-mSbmsdBVrZm30F2rFn3_2nfBfkl3ULiST9TYFQbtC4QHIkTfV8M754cwU4pkzF0v1GKhbB_NYO24x7A47ysZkK4FlAqMVrqbYKsvOrWW-BH_qLq7k6Hd8WW1R_uznuPl4vOOUC5gtgcPhgqcUkY1TsUf_QZF6twtwbTYbdjbIUH0wYWZVyHrIxJ8L6-ZWqFC6CXz31q8HOONnubjMTQIvgdT5j13DrcdVg6QvHOJJ_SxXB1UtzOnYjRD5W107YU6_piX6zLB7k0WBTvJCKJg0Xi-a-fc-OOHBbRzsfNLAokXJd8Gqw&session_id=626320e4-e822-4efe-a8de-053f6f7fc448&state=f4891c84-0d97-403d-8aeb-2df820ecc4d5&session_state=41951f9e-e882-4e92-9134-d16bc80b319b

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:20 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:20 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestSessionIdAuthorizationCode1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E3EC.AE2D.2F97.49AC",
    "client_secret": "01faa331-3b73-4c2c-998b-d5d71c9d7dff",
    "registration_access_token": "2eb9738c-6da2-4f0d-8e8d-7ac00d7e4be0",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E3EC.AE2D.2F97.49AC",
    "client_id_issued_at": 1530806180,
    "client_secret_expires_at": 1530892580,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 2eb9738c-6da2-4f0d-8e8d-7ac00d7e4be0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E3EC.AE2D.2F97.49AC",
    "client_secret": "01faa331-3b73-4c2c-998b-d5d71c9d7dff",
    "registration_access_token": "2eb9738c-6da2-4f0d-8e8d-7ac00d7e4be0",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E3EC.AE2D.2F97.49AC",
    "client_id_issued_at": 1530806180,
    "client_secret_expires_at": 1530892580,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E3EC.AE2D.2F97.49AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fb3541e0-2943-4b48-9786-15724329ab85
11:56:41.562 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:23e98cac-bf24-49c9-8ec7-1c3a0e8d03bf
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E3EC.AE2D.2F97.49AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fb3541e0-2943-4b48-9786-15724329ab85

authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E3EC.AE2D.2F97.49AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=03d2b3d8-65c6-4366-a443-b27d2adea542
11:56:41.760 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4b84f53b-5030-400a-b317-1f647745e4ed
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E3EC.AE2D.2F97.49AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=03d2b3d8-65c6-4366-a443-b27d2adea542

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7762338f-76b0-483c-81d4-2fbbd5268a2d&scope=address+openid+profile+email&session_id=74432e55-6fc6-42dd-aab4-32ea47d36950&state=03d2b3d8-65c6-4366-a443-b27d2adea542&session_state=4b84f53b-5030-400a-b317-1f647745e4ed

#######################################################
TEST: requestSessionIdAuthorizationCode2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BC65.FCA3.24C0.1B15",
    "client_secret": "428705a0-3f57-4128-807c-b68ca1ad461f",
    "registration_access_token": "df3fc6f1-8d7d-4fa1-b9ef-cdb9379e8ddf",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BC65.FCA3.24C0.1B15",
    "client_id_issued_at": 1530806181,
    "client_secret_expires_at": 1530892581,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer df3fc6f1-8d7d-4fa1-b9ef-cdb9379e8ddf

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BC65.FCA3.24C0.1B15",
    "client_secret": "428705a0-3f57-4128-807c-b68ca1ad461f",
    "registration_access_token": "df3fc6f1-8d7d-4fa1-b9ef-cdb9379e8ddf",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BC65.FCA3.24C0.1B15",
    "client_id_issued_at": 1530806181,
    "client_secret_expires_at": 1530892581,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BC65.FCA3.24C0.1B15&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eb9a137f-8be5-48ea-bd2a-d0b571223aef
11:56:43.102 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:21555d07-b416-4135-8be3-7cb4b4553f76
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BC65.FCA3.24C0.1B15&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eb9a137f-8be5-48ea-bd2a-d0b571223aef

authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BC65.FCA3.24C0.1B15&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fd2757a1-0146-4e2d-b982-c2678e101d26
11:56:43.303 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:27cd5bb5-1fb9-4ef1-a6ec-e5cdd2f0d094
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BC65.FCA3.24C0.1B15&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fd2757a1-0146-4e2d-b982-c2678e101d26

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=29d76ed4-e7f4-4f72-bb22-531ceee3ab6a&scope=address+openid+profile+email&session_id=8652aaaa-ed83-4762-8be2-2fcad92f041c&state=fd2757a1-0146-4e2d-b982-c2678e101d26&session_state=27cd5bb5-1fb9-4ef1-a6ec-e5cdd2f0d094

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:23 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:23 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestClientRegistrationWithCustomAttributes
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "grant_types": ["password"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true",
    "myCustomAttr1": "22c24edd-9a69-48b9-b0c4-5624104f6567"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1445
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B74A.5490.7F8B.5812",
    "client_secret": "40740ed0-a652-4eda-8754-ec9ae2874361",
    "registration_access_token": "3f192982-ea96-4895-8e07-186cf3346a4f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B74A.5490.7F8B.5812",
    "client_id_issued_at": 1530806183,
    "client_secret_expires_at": 1530892583,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: requestAccessTokenCustomClientAuth1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B74A.5490.7F8B.5812&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=65a194a3-a905-468a-a093-c6382d564885&nonce=c8294c64-cfce-4536-92b9-2d675e58f433&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 15:56:23 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=cc9aa8e0-0254-4316-8d73-bdead692e98a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCNzRBLjU0OTAuN0Y4Qi41ODEyIiwiZXhwIjoxNTMwODA5NzgzLCJpYXQiOjE1MzA4MDYxODMsIm5vbmNlIjoiYzgyOTRjNjQtY2ZjZS00NTM2LTkyYjktMmQ2NzVlNThmNDMzIiwiYXV0aF90aW1lIjoxNTMwODA2MTgzLCJjX2hhc2giOiJQVEswcnRnTXZseGJYSWhUUGV0WkV3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiOG1pM2d5ZVg1d0xfeTUxSXhnUllLN213OWdZTmE2RHAyVmRWZ0tWcmRqVSJ9.TojLIcR6hf1-KR6P65ziE-3YGGEc9NYQAJBfhYBlrphJP4glZtkdshMX1U7ZxKkATSveU6Fub6GHtO05io7d1dhXJFsFZhf-kZW9Xkm8hW1dLUwaZ94xHDvhxWPeZVRHWfCSaJx2bLuNKTJI9eX4AA5lFsu8j8mQGQsOJumQjmMW_Ck7Gonwa6AqWiC37Ak4ZxVabShKRJDZg39Sb6yNV2vdoRtRR1IXiHv85_JdNsnv8YOlcLe54OBlMmPWdj3MYgEpWAxSM1lELnCXAnL82Wt-sXdOt9-fOFKT5SaZVCEu0HCeLfZ1AI5RWSXspF4ccChKMUBRwVEs74KDcyOgXA&session_id=a96c4022-9458-4eee-b19f-fa9db1125336&state=65a194a3-a905-468a-a093-c6382d564885&session_state=3a973b9f-84ef-4acb-a4c3-22d8a127b981
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=authorization_code&code=cc9aa8e0-0254-4316-8d73-bdead692e98a&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&myCustomAttr1=22c24edd-9a69-48b9-b0c4-5624104f6567

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"93231bdc-b5f9-4f19-9410-ec61a128c30f","token_type":"bearer","expires_in":299,"refresh_token":"44267f14-2775-47e2-aa0e-8d997276a211","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCNzRBLjU0OTAuN0Y4Qi41ODEyIiwiZXhwIjoxNTMwODA5NzgzLCJpYXQiOjE1MzA4MDYxODMsIm5vbmNlIjoiYzgyOTRjNjQtY2ZjZS00NTM2LTkyYjktMmQ2NzVlNThmNDMzIiwiYXV0aF90aW1lIjoxNTMwODA2MTgzLCJhdF9oYXNoIjoiMlk1ZzhTanZiVnZEUDU1bGFoaW5YZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjhtaTNneWVYNXdMX3k1MUl4Z1JZSzdtdzlnWU5hNkRwMlZkVmdLVnJkalUifQ.AwWERVhgq1RC-uvj62hEr8_rJs24-FQ1C-qm_J4TIEL0aWa3PFgH6GzyIfCWYLAJiI7TMcRLx_B5b5fh09MdbF1TJY14a67W8gIsIcsdu0Eqgh36QHc3fRL47HaY8MMciznNDyrWettPjqUostMjROS_UJel_T8rkjq5Q7WVFiraOGivmi-KCSUV9yBQYRuJJcoc5JxkRuXqxnvRSIvkysY8M5cZoeCwTymnXTDvLH-Yz6U2ed4KvR168gNbSsaPynr4AR7Bz26MSI332-9vc1-uvXwF5nsYX-ZjlCckogBAwKr8wbVpUUpRx84bLW0SjPCcqwIgMMuNWyyAJlzTFA"}

#######################################################
TEST: requestAccessTokenCustomClientAuth2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=password&scope=openid&username=test_user&password=test_user_password&myCustomAttr1=22c24edd-9a69-48b9-b0c4-5624104f6567

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 934
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"dea622a0-35e2-4495-afc4-0719cf6314d9","token_type":"bearer","expires_in":299,"refresh_token":"84cd4fd8-b01f-4eeb-918a-b93e0c16660f","scope":"openid","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCNzRBLjU0OTAuN0Y4Qi41ODEyIiwiZXhwIjoxNTMwODA5NzgzLCJpYXQiOjE1MzA4MDYxODMsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjhtaTNneWVYNXdMX3k1MUl4Z1JZSzdtdzlnWU5hNkRwMlZkVmdLVnJkalUifQ.SaR7NvATisitUSEWdxA8UZm_ttJJsCt8gRGeojdySBz5ebS6IfARdXRKGdLC9P_UrUFxEMSex6CHY8PxZjyt17A6OfUCCfX-J6y-2EBVICL2qzpzFmJdX7efrdRGH_Tyld4WKMz6FFk_Q0qdTd9rNi9idJ505rLqmAQG3KyFtqwr1qU8R6CWTEF-lWv3Cw1voYhFun1UqiFVObddJTYNJ4LzA9nkd5_ooriXBUQ75FJFS1DCc0ry8t8gkzQFCFMye-NMIcNuDyLI32wcdB8cWdZ_tHvSkXWMz2UMON1kAHgVOjgDiOkwrcELlsrGHddPpxH63hOXaC4_te8cOIJU9A"}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:23 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: clientSecretBasicAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "openid profile address email clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1226
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AA3C.1CEC.5D90.D392",
    "client_secret": "68267628-0b6e-4623-a617-d29ea0c7c48b",
    "registration_access_token": "1e215399-ec7a-4763-a1f0-fd38419f0afc",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AA3C.1CEC.5D90.D392",
    "client_id_issued_at": 1530806184,
    "client_secret_expires_at": 1530892584,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQUEzQy4xQ0VDLjVEOTAuRDM5Mjo2ODI2NzYyOC0wYjZlLTQ2MjMtYTYxNy1kMjllYTBjN2M0OGI=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b215941b-2776-43e9-8bf3-aecddd838a8c","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 412
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AA3C.1CEC.5D90.D392","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["openid","profile","address","email","clientinfo"]}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b215941b-2776-43e9-8bf3-aecddd838a8c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 403
Connection: Keep-Alive
Content-Length: 126
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token."}

#######################################################
TEST: clientSecretBasicAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8A9F.DEBC.6FE3.096A",
    "client_secret": "6e4cecfa-1816-49bc-8b3a-872e99101013",
    "registration_access_token": "79072e38-731b-4fb3-b31e-5ecae9b53e2e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8A9F.DEBC.6FE3.096A",
    "client_id_issued_at": 1530806184,
    "client_secret_expires_at": 1530892584,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxOEE5Ri5ERUJDLjZGRTMuMDk2QTpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6334.FE8D.D88C.DE46",
    "client_secret": "07ea5ae7-50d9-44bf-a41c-7c9589dee989",
    "registration_access_token": "d72e3107-29cb-43f1-b710-5979db73a2a6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6334.FE8D.D88C.DE46",
    "client_id_issued_at": 1530806184,
    "client_secret_expires_at": 1530892584,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MzM0LkZFOEQuRDg4Qy5ERTQ2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjMzNC5GRThELkQ4OEMuREU0NiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOTlhODkyY2QtNWMzOC00NzZkLTliZTQtZTkyODVmOTQ5MjlmIiwiZXhwIjoxNTMwODA2NTA1LCJpYXQiOjE1MzA4MDYyMDV9.yhgCDCSkyR4Lke14reHztt-BZwiS-_SgIby3n7iSzN8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"f61ed748-5df0-4683-b5cd-6b9e52e036d6","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6334.FE8D.D88C.DE46","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!78B4.51FF.9E33.4851",
    "client_secret": "6c8557b2-71a4-4ce7-9709-0177458561fc",
    "registration_access_token": "3ca25d0a-4217-42f1-a21e-1719f0b019d1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!78B4.51FF.9E33.4851",
    "client_id_issued_at": 1530806184,
    "client_secret_expires_at": 1530892584,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3OEI0LjUxRkYuOUUzMy40ODUxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzhCNC41MUZGLjlFMzMuNDg1MSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNDI2Yzc0YTctMTdmZS00MWU5LWI3NjktMGIxNDEzNjZjMWZlIiwiZXhwIjoxNTMwODA2NTA2LCJpYXQiOjE1MzA4MDYyMDZ9.JkRMI_9n_ML9oebiWgdWvkLbk7Bl4RFxP2DfsiYGVvk

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3787.D75D.D366.7EEA",
    "client_secret": "1f76607a-41ae-4c5b-967f-634ee7203a03",
    "registration_access_token": "ab33125d-6775-4afc-9b42-bf82c30b5cef",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3787.D75D.D366.7EEA",
    "client_id_issued_at": 1530806185,
    "client_secret_expires_at": 1530892585,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNzg3LkQ3NUQuRDM2Ni43RUVBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzc4Ny5ENzVELkQzNjYuN0VFQSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMDVhNmJkZTAtMmY2Mi00Yjk1LWJiY2EtMTZmOWZhYWNhZGU3IiwiZXhwIjoxNTMwODA2NTA2LCJpYXQiOjE1MzA4MDYyMDZ9.3pw87JCE1ISzMn91X4ExgJ_hwb77MiUa7pspXkpAz6f5ImQQz3Cw346tgKHt9-bb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"2b7a0dbd-d6f6-449c-afa6-082d2d50eb40","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3787.D75D.D366.7EEA","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D5B4.3352.FF87.2314",
    "client_secret": "c5943483-8124-401c-bccc-6c72099c4d5a",
    "registration_access_token": "073c6d01-4521-4c10-948b-666ab3835e36",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D5B4.3352.FF87.2314",
    "client_id_issued_at": 1530806185,
    "client_secret_expires_at": 1530892585,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFENUI0LjMzNTIuRkY4Ny4yMzE0Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDVCNC4zMzUyLkZGODcuMjMxNCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNjhhNDM4YzEtNTE0Yi00MzZkLTkxZjMtNWYyM2Q5ZTA2YzY1IiwiZXhwIjoxNTMwODA2NTA2LCJpYXQiOjE1MzA4MDYyMDZ9.OM090aYP-lg7VN0XdhKXZUQFDfaazHfaINcSZ4vi6dnJBMbw-u-ySljud1jYs2Ls

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!75F4.CC47.AAC7.3F2F",
    "client_secret": "d29f3942-4b59-419b-b594-f0ee478c1783",
    "registration_access_token": "46294773-ac7b-44c7-8b51-4425a82c6cb8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!75F4.CC47.AAC7.3F2F",
    "client_id_issued_at": 1530806185,
    "client_secret_expires_at": 1530892585,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3NUY0LkNDNDcuQUFDNy4zRjJGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzVGNC5DQzQ3LkFBQzcuM0YyRiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNmFmZDZjNGEtMzAwNy00NjM1LWE2ZWMtNGVmZWI4ZjIwMjg2IiwiZXhwIjoxNTMwODA2NTA2LCJpYXQiOjE1MzA4MDYyMDZ9.JTceKMlifft0SYJ4a8k39D155HV4uS0vhPOt-VtZptOVDCYBsZH4J0Btq3Ol_XlVcgl-v-uojPZxVOyowQdJcw

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"77e9c339-5350-4ab0-96d7-dc0cc9526fd8","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!75F4.CC47.AAC7.3F2F","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8F17.1402.14B2.102E",
    "client_secret": "a120b578-2c42-45e1-a153-d7df9c4ab0f1",
    "registration_access_token": "2b3600a2-080c-4338-b5cf-d9ccc64ab711",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8F17.1402.14B2.102E",
    "client_id_issued_at": 1530806185,
    "client_secret_expires_at": 1530892585,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4RjE3LjE0MDIuMTRCMi4xMDJFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOEYxNy4xNDAyLjE0QjIuMTAyRSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjkyZjk1NmQtMWEyYi00ZjI3LWJlMWYtNjY5OTBiZTQ3YmYzIiwiZXhwIjoxNTMwODA2NTA2LCJpYXQiOjE1MzA4MDYyMDZ9.JsTEAxhxf2OKPPKh96zenv2wqHvqCBxGuCYeR5D32VOi3URQbUHkShZ_5UIb6zqY0DnTSmgHKLH3fuWeSacWBA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1196
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!57A3.99EB.25B4.D135",
    "client_secret": "6a02dd33-5cb0-4dc7-badd-f10d4a503048",
    "registration_access_token": "751cc6ec-9cbd-48a6-b5bf-6869a797cb0e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!57A3.99EB.25B4.D135",
    "client_id_issued_at": 1530806185,
    "client_secret_expires_at": 1530892585,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2157A3.99EB.25B4.D135&client_secret=6a02dd33-5cb0-4dc7-badd-f10d4a503048

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"eb595bfc-338b-4298-9000-5bce4783f393","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!57A3.99EB.25B4.D135","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EC73.7DF3.1DF0.8025",
    "client_secret": "c5d6fc43-0bb7-4426-987c-05646d1cd2f4",
    "registration_access_token": "5575686a-9966-4c96-870f-fc7f33cef6bb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EC73.7DF3.1DF0.8025",
    "client_id_issued_at": 1530806186,
    "client_secret_expires_at": 1530892586,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EC73.7DF3.1DF0.8025&client_secret=INVALID_CLIENT_SECRET

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7517.841C.8330.8603",
    "client_secret": "c03f90c5-8bc2-40c8-931d-4504a405d8a3",
    "registration_access_token": "e2c2e995-61ff-4b5e-aa2a-fb65dd969b94",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7517.841C.8330.8603",
    "client_id_issued_at": 1530806186,
    "client_secret_expires_at": 1530892586,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217517.841C.8330.8603

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2123.D866.DF9E.C3E0",
    "client_secret": "a35b1326-a70c-49da-9deb-2bc77a8ff071",
    "registration_access_token": "1fd96bbc-e6e6-43e4-b3b6-c026b544aebf",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2123.D866.DF9E.C3E0",
    "client_id_issued_at": 1530806186,
    "client_secret_expires_at": 1530892586,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: defaultAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1197
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!285E.0153.10A6.4198",
    "client_secret": "157c45b0-b1e6-44b9-bacb-7307807e8f00",
    "registration_access_token": "80b5ae0b-54df-4d92-b9c2-6f594926e447",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!285E.0153.10A6.4198",
    "client_id_issued_at": 1530806186,
    "client_secret_expires_at": 1530892586,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMjg1RS4wMTUzLjEwQTYuNDE5ODoxNTdjNDViMC1iMWU2LTQ0YjktYmFjYi03MzA3ODA3ZThmMDA=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"684b2acf-5136-494e-8e0b-8ad20b3f2ae8","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!285E.0153.10A6.4198","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: defaultAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6147.7C0E.ED2B.1CF8",
    "client_secret": "ea2e7ec8-9610-4c15-a267-2c98407862d9",
    "registration_access_token": "a4165274-4ed7-45de-bd2b-849ffa519cac",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6147.7C0E.ED2B.1CF8",
    "client_id_issued_at": 1530806186,
    "client_secret_expires_at": 1530892586,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNjE0Ny43QzBFLkVEMkIuMUNGODpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC96.FE13.3DFA.2FE1",
    "client_secret": "1bf7b6d8-fe42-478a-89dd-7001f4472c8c",
    "registration_access_token": "99156407-d270-4ccc-90c0-ad296b98c5f2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC96.FE13.3DFA.2FE1",
    "client_id_issued_at": 1530806187,
    "client_secret_expires_at": 1530892587,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQzk2LkZFMTMuM0RGQS4yRkUxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRkM5Ni5GRTEzLjNERkEuMkZFMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZDZjN2RhOTgtOTY0Ni00YTI2LTk5YTEtMGQwNzljODFhYTQ2IiwiZXhwIjoxNTMwODA2NTA4LCJpYXQiOjE1MzA4MDYyMDh9.MEYCIQCx1a8_hPRqea37vNEw3FnemNJhfQftY9fhsOvCYMmPZQIhALxJCZowEVuPWEixO_YReK-pOSqVbah4IrG8707ouCtQ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"4ca5d639-078c-4686-89b7-e85751062a14","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC96.FE13.3DFA.2FE1","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C8ED.2C3A.A053.B5DE",
    "client_secret": "8759eb2c-e898-48e9-93e4-580abb42e48a",
    "registration_access_token": "3b57f559-4f69-491f-af16-9d2c79dc5bb5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C8ED.2C3A.A053.B5DE",
    "client_id_issued_at": 1530806187,
    "client_secret_expires_at": 1530892587,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

11:56:48.864 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1312) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
11:56:48.987 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1314) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDOEVELjJDM0EuQTA1My5CNURFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQzhFRC4yQzNBLkEwNTMuQjVERSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZDJiNGRkNTgtMDc4MC00YjkyLTg2NGItZTYxMTIxNTBkYTk4IiwiZXhwIjoxNTMwODA2NTA4LCJpYXQiOjE1MzA4MDYyMDh9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:27 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F261.1838.A18C.6687",
    "client_secret": "3447ec02-9c13-4f01-b841-c724bbeee233",
    "registration_access_token": "2bcb3a53-ec35-4815-9388-1014f4e4f5ec",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F261.1838.A18C.6687",
    "client_id_issued_at": 1530806187,
    "client_secret_expires_at": 1530892587,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMjYxLjE4MzguQTE4Qy42Njg3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjI2MS4xODM4LkExOEMuNjY4NyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMzQxNWFlZTctYmE3Yi00ZDcxLWI1MzQtZjA0NTZiNTg0MmE2IiwiZXhwIjoxNTMwODA2NTA5LCJpYXQiOjE1MzA4MDYyMDl9.MGYCMQC2EE-55A6oSz0CobtzaG1PpeBa7f-E3TefoPe5Wie8Hh44RKDLF5IfrGoTQwthYkkCMQCcMiifiAZn2pf2Bvo8MK0udsMfr0juPn28BMs1msMsbQgs3nb6tTV2NslOS-MisAk

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"551e7455-92c0-4425-89a1-45a73cfd7390","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F261.1838.A18C.6687","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62DC.C517.AFB6.FF98",
    "client_secret": "62e01605-22fb-4546-8b7e-ede60b63aaf1",
    "registration_access_token": "af335159-9703-4f9d-be24-c8c2d7804e2f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62DC.C517.AFB6.FF98",
    "client_id_issued_at": 1530806188,
    "client_secret_expires_at": 1530892588,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

11:56:49.508 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1437) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
11:56:49.620 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1439) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MkRDLkM1MTcuQUZCNi5GRjk4Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjJEQy5DNTE3LkFGQjYuRkY5OCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMTExYTBiYjItNmM5Ni00NzQ2LWFiYjAtYzU0YzEwODYyNTAxIiwiZXhwIjoxNTMwODA2NTA5LCJpYXQiOjE1MzA4MDYyMDl9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:28 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A563.09A6.C5DF.BB6B",
    "client_secret": "66bbd160-bab7-43b2-b16e-8206dbf70bd4",
    "registration_access_token": "d865b59c-72cc-4433-9c12-cbcaf583e2eb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A563.09A6.C5DF.BB6B",
    "client_id_issued_at": 1530806188,
    "client_secret_expires_at": 1530892588,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBNTYzLjA5QTYuQzVERi5CQjZCIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTU2My4wOUE2LkM1REYuQkI2QiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzI1NWJkNGUtZDU5Yy00Yjg4LWJiNzctNzdjZTBkNjBhOWEzIiwiZXhwIjoxNTMwODA2NTA5LCJpYXQiOjE1MzA4MDYyMDl9.MIGIAkIBbRDyCaTuJ8sNTvDxc4CIFlvKteKjCc-KldroQW4h5WpYfy22ypwWqqUwrYmLkr1mHn7J_nDBUWodFHY0Twlp57YCQgEGKtkxv4QAl1gicVffCn0pYuuwDSTb8ohNWPvYMFFVft-EzdZMCXk1LkymjK1lkngaG06IdsKxanTp9uBKsKHZgw

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"d1f3a4c8-08d2-4e09-9422-44d5f45e0193","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A563.09A6.C5DF.BB6B","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A4EA.AFF6.2FED.5805",
    "client_secret": "1ecf399c-ec6b-42a4-8916-dbe7ad2b0abb",
    "registration_access_token": "1a353b68-2a2a-4276-ad3c-594011314bd7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A4EA.AFF6.2FED.5805",
    "client_id_issued_at": 1530806189,
    "client_secret_expires_at": 1530892589,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

11:56:50.133 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1562) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
11:56:50.238 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1564) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBNEVBLkFGRjYuMkZFRC41ODA1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTRFQS5BRkY2LjJGRUQuNTgwNSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYzFiNDhlMTUtMDc0Zi00OTgyLWIyNmQtMzZmMzY5MmRhZTRmIiwiZXhwIjoxNTMwODA2NTEwLCJpYXQiOjE1MzA4MDYyMTB9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:29 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0FAB.A226.563B.8AB8",
    "client_secret": "336751aa-31ac-404b-bb5c-b56b3c0f0a39",
    "registration_access_token": "a2300e2a-b1db-4574-abf4-623db40a8e10",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0FAB.A226.563B.8AB8",
    "client_id_issued_at": 1530806189,
    "client_secret_expires_at": 1530892589,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwRkFCLkEyMjYuNTYzQi44QUI4Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMEZBQi5BMjI2LjU2M0IuOEFCOCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMjQ4YzAwNDEtNzQ2Mi00MjNlLWE5ZWYtOTZmMDI1M2FmNzYwIiwiZXhwIjoxNTMwODA2NTEwLCJpYXQiOjE1MzA4MDYyMTB9.QhYTxcA0qYfTUrI37jLA-QIzP4gpZce5fFLn1r82dV3bjlQRiqrUAYWC0V79essy-saknvE3U7tMmWADx1GlqVidL9Tl6-Z_QskERcIXCDIUvbONLUchSV6UacsUBUwu9EwGApoRG2ZSeR9M3o3pDiY1df853GBMgB51Z19mSMJj-HasIAtTEpxK9S3t8EYDk8SL6Y-NqPODK_csNGxRw048p8alXnbGXsFeefeKjRJAPhlHJR6G-nmXY4GVr7kMFclqMrAoUKMTrsfT6pEj4mNkWztopQRzutZP7IEbG0NMRVI6lA-TLm50rNz3H7F5SccNSLERoDFdI_Z5Nik58g

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"50d83a5d-75da-4476-81e3-fcccc9929905","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0FAB.A226.563B.8AB8","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA94.0C67.C927.1A7E",
    "client_secret": "c12e3fe3-efb5-4ab3-81ee-61795a3f5be0",
    "registration_access_token": "dde5ab52-b20f-4322-b865-8ee870d74b09",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA94.0C67.C927.1A7E",
    "client_id_issued_at": 1530806189,
    "client_secret_expires_at": 1530892589,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

11:56:50.697 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:937) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
11:56:50.807 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:939) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQTk0LjBDNjcuQzkyNy4xQTdFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRkE5NC4wQzY3LkM5MjcuMUE3RSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNDU2MTZkNmMtODg4YS00NmI5LWJiODUtM2IyOTExOTNkOGE4IiwiZXhwIjoxNTMwODA2NTEwLCJpYXQiOjE1MzA4MDYyMTB9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:29 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8AE9.ABF6.ECFE.3B3A",
    "client_secret": "fdc2e9a9-4a53-47d7-8c8d-f22305a2af5a",
    "registration_access_token": "20f4baa3-65db-44b9-b907-d88a2edb97c9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8AE9.ABF6.ECFE.3B3A",
    "client_id_issued_at": 1530806189,
    "client_secret_expires_at": 1530892589,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4QUU5LkFCRjYuRUNGRS4zQjNBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOEFFOS5BQkY2LkVDRkUuM0IzQSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYjY4ZDE4MzEtMWNlNS00OGQ4LThmYmItY2FkYTUyNDJlZWNiIiwiZXhwIjoxNTMwODA2NTExLCJpYXQiOjE1MzA4MDYyMTF9.ZoZHRGyhvu2v6ZOWLuhOWwkWJKsGAfR4USVwj7nMqJ8B97cD5a0zMocpjFsAxlvq8NxZPZa4Yf6b1Y9nshZgZB5wFw9YoT8WTfoqdUUgCT1rVauU4UvpgFwVIaBglkjzNkelbNe_POi5UeyWFxEOg42VExa_ZeYU8sHRV4ClPRz7iMO43KUqB6EZEUyTr7MQLq5ZPNWD4ybHCiG5Pm1na6QDgx0UjSMaAbwsjK-KeUDGVIKw3nmHe4gzUYrpbfYGRwQpkhbZaK0K8RbdGr9CRblvDgUM78u1FP95kNVb83aGdnmXmIAHUIDlCgtvaAOLXNwHtQb_d2CyYCzzOGbD4A

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"e35d3917-4baa-4dd9-82f2-fbad6a631efb","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8AE9.ABF6.ECFE.3B3A","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A898.97E8.5A34.2ED2",
    "client_secret": "cb705a82-0553-469a-a6b0-0ed57b60e930",
    "registration_access_token": "a588a5b5-dc51-47ce-a73c-9b1fb56f08f6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A898.97E8.5A34.2ED2",
    "client_id_issued_at": 1530806190,
    "client_secret_expires_at": 1530892590,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

11:56:51.256 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1062) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
11:56:51.367 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1064) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBODk4Ljk3RTguNUEzNC4yRUQyIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTg5OC45N0U4LjVBMzQuMkVEMiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOWFmYjk2Y2EtYWU4OS00MWJiLWE1MzYtOGE4NGRjNDBkM2Y0IiwiZXhwIjoxNTMwODA2NTExLCJpYXQiOjE1MzA4MDYyMTF9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:30 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BB3B.717E.E255.26D5",
    "client_secret": "af82c091-1871-40f2-8f89-cd6b2928c91d",
    "registration_access_token": "e44c9b14-8e88-4b96-9f76-c5fe3fbbd8de",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BB3B.717E.E255.26D5",
    "client_id_issued_at": 1530806190,
    "client_secret_expires_at": 1530892590,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCQjNCLjcxN0UuRTI1NS4yNkQ1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQkIzQi43MTdFLkUyNTUuMjZENSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiODU5OWVmZGEtOWM1Mi00NGQ1LWJhYzUtNTkwODdlMjViYjM4IiwiZXhwIjoxNTMwODA2NTExLCJpYXQiOjE1MzA4MDYyMTF9.Ccy_XC20GALirtD_Y5VP273P46-QOh2bV9-CnLP6DOKydFsPL4BlsHA4iz2RuyPBAUJeFTyXxwZN_EflmgHSbSCYwXYdH-u_5n-cuJwSoa7vIdyPxr_HDQ-m5-eonYwNQ7FOsIQdJOF0pZQmH-AoCNOclJLnKHbHvo9ZTotgP4BSZ3yohkFWdbNWfqrRyWv4vMB5DdEbN3mBHarjCW7rUn1GR8r_0zw5j8YMCoUPqubSWMVqPkIERBrHQGkZcTGEG-yZyUaeVaLWGWJYZY0oTG9IGof9chpih_tWU9cY0hPm7eh6yXNvaEFCLbECu7CUrPaY4HGthxo78l3pQZMNog

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"d0e004e5-38ee-4e95-bbcc-571ac841a9a9","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BB3B.717E.E255.26D5","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 15:56:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!60D8.D3E3.24CE.EBA9",
    "client_secret": "bcd41964-db78-49f8-9c56-98e3d8ccaa52",
    "registration_access_token": "8ae6192a-8ecb-4988-ada1-c2bd3e84a7c8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!60D8.D3E3.24CE.EBA9",
    "client_id_issued_at": 1530806190,
    "client_secret_expires_at": 1530892590,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

11:56:51.833 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1187) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
11:56:51.988 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1189) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6IlJTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MEQ4LkQzRTMuMjRDRS5FQkE5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjBEOC5EM0UzLjI0Q0UuRUJBOSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiY2FiMjIxMTYtYTI2Yi00MzU3LWFiOTQtYzc0ZTcwOTRhNTk5IiwiZXhwIjoxNTMwODA2NTExLCJpYXQiOjE1MzA4MDYyMTF9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 15:56:30 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

##############################################