Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Started by an SCM change
Building on master in workspace /home/tomcat/.jenkins/jobs/oxAuth/workspace
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url https://github.com/GluuFederation/oxAuth # timeout=10
Fetching upstream changes from https://github.com/GluuFederation/oxAuth
> git --version # timeout=10
> git fetch --tags --progress https://github.com/GluuFederation/oxAuth +refs/heads/*:refs/remotes/origin/*
> git rev-parse refs/remotes/origin/master^{commit} # timeout=10
> git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision ad8eff7172be4eba53acb1a5f57e6f99068be1fa (refs/remotes/origin/master)
> git config core.sparsecheckout # timeout=10
> git checkout -f ad8eff7172be4eba53acb1a5f57e6f99068be1fa
Commit message: "UMA 2 - Fixed regression made while fixing #826"
> git rev-list --no-walk 64450b95f22222c877ffb650d4e7a80f792f060c # timeout=10
[workspace] $ /bin/bash /opt/tomcat/temp/jenkins3919470430078290202.sh
Cloning into 'oxHudsonProfiles'...
[workspace] $ /home/tomcat/.jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven_3.3.9/bin/mvn -DVERSION_NAME=master -DPROFILE_NAME=ce-dev4 -DDEVELOPMENT_BUILD=true -DMAVEN_SKIP_TESTS=false -Dpython.import.site=false -DPYTHON_HOME=/opt/jython -Dcfg=ce-dev4 -Dmaven.test.skip=false -Ddevelopment-build=true clean compile install findbugs:findbugs javadoc:javadoc site
[INFO] Scanning for projects...
[WARNING]
[WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-rp:war:4.0.0-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for org.mortbay.jetty:jetty-maven-plugin is missing. @ org.xdi:oxauth-rp:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/RP/pom.xml, line 74, column 12
[WARNING]
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING]
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING]
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] oxAuth
[INFO] oxAuth Model
[INFO] oxAuth Client
[INFO] oxauth-static
[INFO] oxAuth RP
[INFO] oxAuth RP Demo
[INFO] oxAuth Server
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/target
[INFO]
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/pom.xml to /var/www/html/maven/org/xdi/oxauth/4.0.0-SNAPSHOT/oxauth-4.0.0-SNAPSHOT.pom
[INFO]
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth ---
[INFO]
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth >>>
[INFO]
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth <<<
[INFO]
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth ---
[INFO]
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth ---
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Model 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-model ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Compiling 156 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[144,36] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Nothing to compile - all classes are up to date
[INFO]
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 4 resources
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-model ---
[INFO] Compiling 5 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/test-classes
[INFO]
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-model ---
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running TestSuite
CodeVerifier{codeVerifier='NsyayiBObcYzOs7mo0vuuvqUct8iOlZg-cld5sVNm31eyTvzMf1GTsLEdKQ_e5K3pXVJkEymkXbeVkbA2RIPgHT~NGtH4snQMsYCW1zAU_gikTfEF6bEEx01EKUuvClk', codeChallenge='NsyayiBObcYzOs7mo0vuuvqUct8iOlZg-cld5sVNm31eyTvzMf1GTsLEdKQ_e5K3pXVJkEymkXbeVkbA2RIPgHT~NGtH4snQMsYCW1zAU_gikTfEF6bEEx01EKUuvClk', transformationType=PLAIN}
CodeVerifier{codeVerifier='gr6hqD1l.1vQaVcluI7HH0o2P4ImHtZ6WQkWTA7fhHdK2K9P~EmJwQBZ3Y9wLxUdoMdt1CVLe7Ycrp2~ZtDfrF~~F9qb919SMXj_tMhXYudP9bM.E2E4_GjYgPZLePap', codeChallenge='QpYBW10YL4HAMbve17ArcgOAfXwVMtOi6DnYOYHH3wY', transformationType=S256}
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Hi there from Javascript,
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 3.002 sec - in TestSuite
Results :
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0
[INFO]
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar
[INFO]
[INFO] --- maven-jar-plugin:2.4:test-jar (default) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar
[INFO]
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth-model ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT.jar
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/pom.xml to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT.pom
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT-tests.jar
[INFO]
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth-model ---
[INFO] Fork Value is true
[java] Warnings generated: 53
[INFO] Done FindBugs Analysis....
[INFO]
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth-model >>>
[INFO]
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth-model <<<
[INFO]
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth-model ---
[INFO]
Loading source files for package org.xdi.oxauth.model.uma...
Loading source files for package org.xdi.oxauth.model.uma.wrapper...
Loading source files for package org.xdi.oxauth.model.uma.persistence...
Loading source files for package org.xdi.oxauth.model.jwt...
Loading source files for package org.xdi.oxauth.model.common...
Loading source files for package org.xdi.oxauth.model.jwk...
Loading source files for package org.xdi.oxauth.model.exception...
Loading source files for package org.xdi.oxauth.model.session...
Loading source files for package org.xdi.oxauth.model.fido.u2f...
Loading source files for package org.xdi.oxauth.model.fido.u2f.message...
Loading source files for package org.xdi.oxauth.model.fido.u2f.exception...
Loading source files for package org.xdi.oxauth.model.fido.u2f.protocol...
Loading source files for package org.xdi.oxauth.model.gluu...
Loading source files for package org.xdi.oxauth.model.register...
Loading source files for package org.xdi.oxauth.model.discovery...
Loading source files for package org.xdi.oxauth.model.jwe...
Loading source files for package org.xdi.oxauth.model.userinfo...
Loading source files for package org.xdi.oxauth.model.util...
Loading source files for package org.xdi.oxauth.model.authorize...
Loading source files for package org.xdi.oxauth.model.configuration...
Loading source files for package org.xdi.oxauth.model.error...
Loading source files for package org.xdi.oxauth.model.jws...
Loading source files for package org.xdi.oxauth.model.token...
Loading source files for package org.xdi.oxauth.model.crypto...
Loading source files for package org.xdi.oxauth.model.crypto.signature...
Loading source files for package org.xdi.oxauth.model.crypto.encryption...
Constructing Javadoc information...
Standard Doclet version 1.8.0_121
Building tree for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/constant-values.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/serialized-form.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/class-use/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/class-use/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-use.html...
Building index for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index-all.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/deprecated-list.html...
Building index for all classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-noframe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/help-doc.html...
12 warnings
[WARNING] Javadoc Warnings
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for clientId
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for claimsRedirectUri
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:44: warning: no @return
[WARNING] public JwtHeader setType(JwtType type) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:63: warning: no @return
[WARNING] public JwtHeader setAlgorithm(SignatureAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:77: warning: no @return
[WARNING] public JwtHeader setAlgorithm(KeyEncryptionAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:96: warning: no @return
[WARNING] public JwtHeader setKeyId(String keyId) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/common/ScopeType.java:30: warning: empty tag
[WARNING] *
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:37: warning: no @return
[WARNING] public byte getUserPresence() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:45: warning: no @return
[WARNING] public long getCounter() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:52: warning: no @return
[WARNING] public byte[] getSignature() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:210: warning: no description for @return
[WARNING] * @return
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:212: warning: no @throws for org.codehaus.jettison.json.JSONException
[WARNING] public static Map jsonObjectArrayStringAsMap(String jsonString) throws JSONException {
[WARNING] ^
[INFO]
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth-model ---
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Client 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-client ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Compiling 59 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/classes
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Nothing to compile - all classes are up to date
[INFO]
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 17 resources
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-client ---
[INFO] Compiling 145 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/test-classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[47,35] X509CertImpl is internal proprietary API and may be removed in a future release
[INFO]
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-client ---
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running TestSuite
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Invoked init test suite method
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:15:04 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:04 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: applicationTypeNativeSubjectTypePairwise
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "native",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8E2.F86E.3A82.A916",
"client_secret": "08c27c03-c735-436f-b2b2-7fc5ff5b80a0",
"registration_access_token": "1b9b22b0-50ab-41c1-aa0b-d7f5db0d4512",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8E2.F86E.3A82.A916",
"client_id_issued_at": 1530807304,
"client_secret_expires_at": 1530893704,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "native",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1b9b22b0-50ab-41c1-aa0b-d7f5db0d4512
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8E2.F86E.3A82.A916",
"client_secret": "08c27c03-c735-436f-b2b2-7fc5ff5b80a0",
"registration_access_token": "1b9b22b0-50ab-41c1-aa0b-d7f5db0d4512",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8E2.F86E.3A82.A916",
"client_id_issued_at": 1530807304,
"client_secret_expires_at": 1530893704,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "native",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A8E2.F86E.3A82.A916&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=968b746e-96b4-418a-b6ac-9116cf461c89&nonce=202f8200-6d9e-4f11-87bb-e40ba8564a62
12:15:28.260 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:83a9ebb3-50e3-4cd0-92c4-16c75a0d5420
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A8E2.F86E.3A82.A916&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=968b746e-96b4-418a-b6ac-9116cf461c89&nonce=202f8200-6d9e-4f11-87bb-e40ba8564a62
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=6c91924d-74c8-437d-84f9-827731b9779a&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBOEUyLkY4NkUuM0E4Mi5BOTE2IiwiZXhwIjoxNTMwODEwOTEwLCJpYXQiOjE1MzA4MDczMTAsIm5vbmNlIjoiMjAyZjgyMDAtNmQ5ZS00ZjExLTg3YmItZTQwYmE4NTY0YTYyIiwiYXV0aF90aW1lIjoxNTMwODA3MzEwLCJjX2hhc2giOiJ5MFNZaFpHWEgzbEsxVXhKSlR5VjN3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiZDAzd1N2VVUyaHhqSC10VmRKYTJGV1c4UTgySDRHbmdlR3lWYUplaGhrTSJ9.PNMhCcKaxPmUzCwzO4ojbsD6_KYsGtJbk2zpP-DObaW1QGHvlheBmnENaoyVHGYccJVoBa9aNg_es0xYEvKzLDP_3KhkEAhtKGblkqVUDeJke2xZePeyQiLkDstpyua-_IycFnxDyuCPWF8lB6O_Ujr3DsfpuK4sT_82SwMnu07uuvOvzHhzSS87ZgWgXE0O5M5EyVwE_WKFV5DiAmHl-I0pPzUtgerEeg21BS7iRhDm5uKYV4VJJUW12dPy7JeJM79s5bG4Oiov1nlf45qG2EDjyKzGratNFhTcRxdOryoVowDp6gd-5h41YtaxugHnERKy0Sl30VROjl_xRbl1-A&session_id=13ba62ec-d95c-440e-b8db-24bc377a235f&state=968b746e-96b4-418a-b6ac-9116cf461c89&session_state=83a9ebb3-50e3-4cd0-92c4-16c75a0d5420
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQThFMi5GODZFLjNBODIuQTkxNjowOGMyN2MwMy1jNzM1LTQzNmYtYjJiMi03ZmM1ZmY1YjgwYTA=
grant_type=authorization_code&code=6c91924d-74c8-437d-84f9-827731b9779a&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"ba2d6e65-479b-4126-a2d1-0784d87e0b8e","token_type":"bearer","expires_in":299,"refresh_token":"5eb3861e-5484-4660-a7c7-bf7b72ec3791","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBOEUyLkY4NkUuM0E4Mi5BOTE2IiwiZXhwIjoxNTMwODEwOTEwLCJpYXQiOjE1MzA4MDczMTAsIm5vbmNlIjoiMjAyZjgyMDAtNmQ5ZS00ZjExLTg3YmItZTQwYmE4NTY0YTYyIiwiYXV0aF90aW1lIjoxNTMwODA3MzEwLCJhdF9oYXNoIjoiWFlaSndNWWVZN3lRWFpBdG1ERHBtQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImQwM3dTdlVVMmh4akgtdFZkSmEyRldXOFE4Mkg0R25nZUd5VmFKZWhoa00ifQ.s9jmhaPUw9x92UQ7-UOlcf6V_CigA3V7o9mX7aRmb1XuFOnvgyh9KPLX0q2CQmg7aWCKLff7XdbiCwQVaYByAjmICgtQ7RvGc4s3i4KFlFD2Yoxd1RpzQiz-I-Ez201J5Yyg9OkGc0CisyxutxcbLnZ9HnlSBD-hInCRpZw40fhYfIp0W7CJiCDZ8mPr0m6096In3tUVa7QdruR2gjdwDcFlicHEQ6lvb_6eOVg33Q0PGCj8LLLxHUY-5W_5P7ENDSiMMLRSWSJet_WuzbxAYgVIRmce79E44IOmcS29oo-cdUtC1rJdCPJHAEZd7qi8alHp78JCoobiODOyh1BrCw"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQThFMi5GODZFLjNBODIuQTkxNjowOGMyN2MwMy1jNzM1LTQzNmYtYjJiMi03ZmM1ZmY1YjgwYTA=
grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=5eb3861e-5484-4660-a7c7-bf7b72ec3791
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"21c1abb2-806a-4daf-9300-567658718d94","token_type":"bearer","expires_in":299,"refresh_token":"fec54785-f9d3-4b80-9f3b-508c9e762e95","scope":"address openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 21c1abb2-806a-4daf-9300-567658718d94
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:15:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"d03wSvUU2hxjH-tVdJa2FWW8Q82H4GngeGyVaJehhkM","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: applicationTypeNativeSubjectTypePublic
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "native",
"client_name": "oxAuth test app",
"subject_type": "public",
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!044F.A043.6379.0708",
"client_secret": "5fa759c4-b81a-4815-907f-adb4880a5c29",
"registration_access_token": "de84224e-3330-4662-adfb-8119a84fda1b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!044F.A043.6379.0708",
"client_id_issued_at": 1530807311,
"client_secret_expires_at": 1530893711,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "native",
"client_name": "oxAuth test app",
"subject_type": "public",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer de84224e-3330-4662-adfb-8119a84fda1b
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!044F.A043.6379.0708",
"client_secret": "5fa759c4-b81a-4815-907f-adb4880a5c29",
"registration_access_token": "de84224e-3330-4662-adfb-8119a84fda1b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!044F.A043.6379.0708",
"client_id_issued_at": 1530807311,
"client_secret_expires_at": 1530893711,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "native",
"client_name": "oxAuth test app",
"subject_type": "public",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21044F.A043.6379.0708&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=30539d62-b42d-4ac2-8adc-660b09c6552b&nonce=55421416-a95e-4797-8a65-70d64e1170b4
12:15:33.183 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:efcb07e8-a432-4017-b6ff-581502516438
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21044F.A043.6379.0708&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=30539d62-b42d-4ac2-8adc-660b09c6552b&nonce=55421416-a95e-4797-8a65-70d64e1170b4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=6f5b4cd0-b94c-44ba-8758-83bf5eb134f2&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNDRGLkEwNDMuNjM3OS4wNzA4IiwiZXhwIjoxNTMwODEwOTE0LCJpYXQiOjE1MzA4MDczMTQsIm5vbmNlIjoiNTU0MjE0MTYtYTk1ZS00Nzk3LThhNjUtNzBkNjRlMTE3MGI0IiwiYXV0aF90aW1lIjoxNTMwODA3MzE0LCJjX2hhc2giOiJWekRrUUs2akFPc3VLSFVjZC1vU2RRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDAhQjFGMy5BRUFFLkI3OTgifQ.Np3-MxR_EtCOhewenfP5sgJfk_YoZza0ntYiFb6SWXBxaZ8lUOVnei63eaaNVw9v849t8XfXduzv5iMZ3QtvFL9YU32TnvtmOJ27alQukvu9ZxquLzcPjd3py3xEBaiqW2FGCCghB5yW33n6g58MJhg_nj8qtnCd-8_a89qlBTKGHNoYBt7eyMCYYfBYZcKbNYHmJ68wCRHpykELMm7GPsqVBa1kyOtxdZkW0V22c4mbfwmZK-lHOYb-DCqNlVdRITVb0fInZL_UnANCuatLviS0fD7Whyh2IM-fQMNKD-WXlDpFPocykSJ_kCnKvjxwSpsWLigPMND_u8Au_WRzVQ&session_id=7b0f0d1e-41b5-4222-ab27-34563951702a&state=30539d62-b42d-4ac2-8adc-660b09c6552b&session_state=efcb07e8-a432-4017-b6ff-581502516438
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMDQ0Ri5BMDQzLjYzNzkuMDcwODo1ZmE3NTljNC1iODFhLTQ4MTUtOTA3Zi1hZGI0ODgwYTVjMjk=
grant_type=authorization_code&code=6f5b4cd0-b94c-44ba-8758-83bf5eb134f2&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1074
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"cf6939f2-a7c2-4058-b051-b45e9a0fd32e","token_type":"bearer","expires_in":299,"refresh_token":"81f34749-2a01-43f4-a4ab-b6cd27c2c7fc","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNDRGLkEwNDMuNjM3OS4wNzA4IiwiZXhwIjoxNTMwODEwOTE0LCJpYXQiOjE1MzA4MDczMTQsIm5vbmNlIjoiNTU0MjE0MTYtYTk1ZS00Nzk3LThhNjUtNzBkNjRlMTE3MGI0IiwiYXV0aF90aW1lIjoxNTMwODA3MzE0LCJhdF9oYXNoIjoibXNtM183Vld6cnBZeWluMXZyOUtCdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkAhMzhENC40MTBDLjFENDMuODkzMiEwMDAxITM3RjIuQjc0NCEwMDAwIUIxRjMuQUVBRS5CNzk4In0.JiOAqjgS_TMYI6YH3N8pN5RCujQPH5Ouyf8fwx0lbPb8hagweRnIZbZEsB2yVehIq3Yjh-LGXtqhEt2hYYaRhpNCXT_ivxIHBS2C5AdwOpN30KtjM7RcFXKzoB-oehjoXienX8-Lm-i6s_4A-SDEub6oFR4nrdc9IUACxlNI1P_Wz5YeNTC9G2k7wANR3W9OwzFlBB9qeNJUiGcEiy5xJ8asG957loag56Fa3JXUJtKp0ErrfeViVV791UvqK8mM937ppmp8JM1uwFKZ_j1bk_dJpTpVNJiP-MGTguWlWlRTn34-EbJx_3OiiQedNqfKTBtPwKJgHJAtmCaVk60rXg"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMDQ0Ri5BMDQzLjYzNzkuMDcwODo1ZmE3NTljNC1iODFhLTQ4MTUtOTA3Zi1hZGI0ODgwYTVjMjk=
grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=81f34749-2a01-43f4-a4ab-b6cd27c2c7fc
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"3dbb8351-7fd0-4b7e-b0de-8178ef4e0ff0","token_type":"bearer","expires_in":299,"refresh_token":"b394ca19-9a47-4e28-b0c9-79b985923e62","scope":"address openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 3dbb8351-7fd0-4b7e-b0de-8178ef4e0ff0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 647
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:15:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"@!38D4.410C.1D43.8932!0001!37F2.B744!0000!B1F3.AEAE.B798","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: applicationTypeWeb
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!671B.3D76.8B08.3238",
"client_secret": "b4a98a23-4053-44f3-949a-e11bb0a17883",
"registration_access_token": "62de97e6-6485-488b-896f-f72c5a06850e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!671B.3D76.8B08.3238",
"client_id_issued_at": 1530807314,
"client_secret_expires_at": 1530893714,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 62de97e6-6485-488b-896f-f72c5a06850e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!671B.3D76.8B08.3238",
"client_secret": "b4a98a23-4053-44f3-949a-e11bb0a17883",
"registration_access_token": "62de97e6-6485-488b-896f-f72c5a06850e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!671B.3D76.8B08.3238",
"client_id_issued_at": 1530807314,
"client_secret_expires_at": 1530893714,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
#######################################################
TEST: applicationTypeWebFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": ["http://client.example.com/cb"],
"application_type": "web",
"client_name": "oxAuth test app"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 101
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:14 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."}
#######################################################
TEST: omittedApplicationType
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FCBA.0C65.B256.2DDD",
"client_secret": "319b8ba7-06fe-46e9-a60f-ce65f4e7ebfd",
"registration_access_token": "9c3f5d65-67b9-4b8b-9fc8-fbfb780cde52",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FCBA.0C65.B256.2DDD",
"client_id_issued_at": 1530807315,
"client_secret_expires_at": 1530893715,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9c3f5d65-67b9-4b8b-9fc8-fbfb780cde52
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FCBA.0C65.B256.2DDD",
"client_secret": "319b8ba7-06fe-46e9-a60f-ce65f4e7ebfd",
"registration_access_token": "9c3f5d65-67b9-4b8b-9fc8-fbfb780cde52",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FCBA.0C65.B256.2DDD",
"client_id_issued_at": 1530807315,
"client_secret_expires_at": 1530893715,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:15:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: authorizationCodeDynamicScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email user_name org_name work_phone"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1361
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!352D.9D23.110B.1A07",
"client_secret": "e806b329-fb24-4f86-8c71-85ee072e64e9",
"registration_access_token": "bc04e57b-597e-475a-9a39-fd3ca8713763",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!352D.9D23.110B.1A07",
"client_id_issued_at": 1530807315,
"client_secret_expires_at": 1530893715,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name org_name work_phone",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21352D.9D23.110B.1A07&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2dacf1de-1d84-4200-ae0a-6863a05f3808&nonce=7154811b-0189-44d8-8ef1-11c9c28d8fac
12:15:36.777 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9195f18e-0623-4bb6-b5a2-6aed6eac81da
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21352D.9D23.110B.1A07&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2dacf1de-1d84-4200-ae0a-6863a05f3808&nonce=7154811b-0189-44d8-8ef1-11c9c28d8fac
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=aa046c58-9173-42aa-8b7a-6c8c455939f2&scope=address+openid+user_name+profile+work_phone+org_name+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNTJELjlEMjMuMTEwQi4xQTA3IiwiZXhwIjoxNTMwODEwOTE3LCJpYXQiOjE1MzA4MDczMTcsIm5vbmNlIjoiNzE1NDgxMWItMDE4OS00NGQ4LThlZjEtMTFjOWMyOGQ4ZmFjIiwiYXV0aF90aW1lIjoxNTMwODA3MzE3LCJjX2hhc2giOiJfTHVaYzY0UXA4LW1GU191WG8wVW93Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVjlZN0RNVm0ySWdaSVhkd015U29zR0hMVFZ4cVBvZ1pVN1puTjZremFiTSJ9.Qw5e6ou3GOtZOw2G1hleez9SIA595WYRyW5XCg5b0B1w2tO_hRBAetpsPqW5BMGFisbNjqXXvtlqMd7PcWTu7QwiV6if0Cdr1UsWuyniVm9k_l2CNJyVbT8eOZWFLlb3CtYhWCMaydcl7NaN1pVmRI4Kq194zd7TxNE4OqfdoOuO2Mk5q8iXYWmw9ejD4xqyaPll1F9qSz8G72qAvD7Lbtojr3oZhMxr11h-JJ1yfR9_zh_vk5NfSWh6AjuphQYqMQKVNjIo3Ow6t0OwKgd4il-uxyIiYqgudi-r2HYDCV-ihIrpU6UIoTStywk2j3F0wC8b5Oq7zGlM-2VvEwpnPA&session_id=97017d1e-c5ae-4291-bb2f-4f241e5a9930&state=2dacf1de-1d84-4200-ae0a-6863a05f3808&session_state=9195f18e-0623-4bb6-b5a2-6aed6eac81da
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMzUyRC45RDIzLjExMEIuMUEwNzplODA2YjMyOS1mYjI0LTRmODYtOGM3MS04NWVlMDcyZTY0ZTk=
grant_type=authorization_code&code=aa046c58-9173-42aa-8b7a-6c8c455939f2&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"3af7e937-0379-408c-9340-f5d8fa479ae1","token_type":"bearer","expires_in":299,"refresh_token":"59b8ea1e-c4be-4dde-b388-3637aa0d3ccd","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNTJELjlEMjMuMTEwQi4xQTA3IiwiZXhwIjoxNTMwODEwOTE3LCJpYXQiOjE1MzA4MDczMTcsIm5vbmNlIjoiNzE1NDgxMWItMDE4OS00NGQ4LThlZjEtMTFjOWMyOGQ4ZmFjIiwiYXV0aF90aW1lIjoxNTMwODA3MzE3LCJhdF9oYXNoIjoiaEVHUmR2TFNwNENKS0g3WVlLbEp5USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlY5WTdETVZtMklnWklYZHdNeVNvc0dITFRWeHFQb2daVTdabk42a3phYk0ifQ.pixXxCkAmOcmYMHde8-77sam1yJCgH22WNxzlUbhL7_kdwpClgZIaww7ngYPs1bNmRaNmY1wkeQjgHL_1c6_TmSHd8oTrdnvtbMzEKTdLJ5Pmv8ZjnaFV9OSTskoGnEVjlU2dY2mUd7dDcDbGSzbil3W9HaHstT5gzlwZ3Ef6EdxYARTMMg_dGMNitV_D-T6DHhaORph3QyuDX9RgkmZCLn6etNO6UxjavPHhAA16DyikTPm8zgEcPT8lKnuIQGiGXt7uG2Dsft_XYCFR2jj_J_tY9zyK3Wh8AODX5uY4TgsoECo6YHBISvo3Ov9FAg2b2CNl5wVOXLkcNkfeQX7GA"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 3af7e937-0379-408c-9340-f5d8fa479ae1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 690
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:15:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"V9Y7DMVm2IgZIXdwMySosGHLTVxqPogZU7ZnN6kzabM","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org","org_name":"Gluu, Inc.","work_phone":["(512) 516-2413"]}
#######################################################
TEST: authorizationCodeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email phone user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1347
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DC34.1D28.106D.3EC8",
"client_secret": "68af60c7-25f0-4389-843b-9494fae29392",
"registration_access_token": "dd7c630a-96bb-4397-876b-f9804e5dd0a4",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DC34.1D28.106D.3EC8",
"client_id_issued_at": 1530807317,
"client_secret_expires_at": 1530893717,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email phone user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DC34.1D28.106D.3EC8&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2a391df5-c38f-4992-85ae-a907e6b53b8f&nonce=f1f8ad04-c876-4186-ac83-d09ce42f3f1c
12:15:38.927 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:976b7c9b-2646-4093-b001-e3d82d2fbbb6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DC34.1D28.106D.3EC8&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2a391df5-c38f-4992-85ae-a907e6b53b8f&nonce=f1f8ad04-c876-4186-ac83-d09ce42f3f1c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=bc6e89d6-09a9-46ad-a060-66aead77f162&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQzM0LjFEMjguMTA2RC4zRUM4IiwiZXhwIjoxNTMwODEwOTE5LCJpYXQiOjE1MzA4MDczMTksIm5vbmNlIjoiZjFmOGFkMDQtYzg3Ni00MTg2LWFjODMtZDA5Y2U0MmYzZjFjIiwiYXV0aF90aW1lIjoxNTMwODA3MzE5LCJjX2hhc2giOiJfNzFJeDM5a0tqUE8xcnFUYmJJMFlRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoidVFRbzgtZTJwT1NUUmxkZ0tkcUFtQ3lIajhDcUxJbUR5Q0dBUHpIQUp6TSJ9.MxjsnAH45lB2z-XXUhjEAOrM1uhIEveVtbf0LsmhH2rP7WphSX80lcbnHpgvudiosknor03NyQQGG79ZjXeVhaO3uV_EVgnEc3v-oUdmr7JhbJrBgNu2B3igtvr4gZ60OKxb9Owde3I4tOk4s1LBQm9hDF2z6HoL9lQ1EKNSgCS39zJKZmpzke49zHrP_ROGUyevgotKvidCbwFDuYumzPkg3Yfpok-GbnPz_W0ecVVP76o8aaQ5DUMjtYCnhdCHCKDHlYRuTZH_XyFkv8AV9OGm0_GSLIT_pXBAUF11-fYUi2k-EYFRyK5flzn4j8hNLNOEngJpWjp4rOhzIILuKg&session_id=77d3eeab-a7a3-41ed-8b71-adb578966b98&state=2a391df5-c38f-4992-85ae-a907e6b53b8f&session_state=976b7c9b-2646-4093-b001-e3d82d2fbbb6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxREMzNC4xRDI4LjEwNkQuM0VDODo2OGFmNjBjNy0yNWYwLTQzODktODQzYi05NDk0ZmFlMjkzOTI=
grant_type=authorization_code&code=bc6e89d6-09a9-46ad-a060-66aead77f162&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"a0a62489-6641-409d-bce2-e92976346f6e","token_type":"bearer","expires_in":299,"refresh_token":"e5c35c78-0cac-43f0-a7dc-6725c9cdd464","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQzM0LjFEMjguMTA2RC4zRUM4IiwiZXhwIjoxNTMwODEwOTE5LCJpYXQiOjE1MzA4MDczMTksIm5vbmNlIjoiZjFmOGFkMDQtYzg3Ni00MTg2LWFjODMtZDA5Y2U0MmYzZjFjIiwiYXV0aF90aW1lIjoxNTMwODA3MzE5LCJhdF9oYXNoIjoibkZZZWdNZ0VacVNJNThRWHFyZTM4USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InVRUW84LWUycE9TVFJsZGdLZHFBbUN5SGo4Q3FMSW1EeUNHQVB6SEFKek0ifQ.P6kKWIX5YdJiHMFyFtvZKwRG70YZbID8Oh1rsvJL43miGtc1VWNvHWLfGrSGVD5EdYoTaEgrTIwFLEwxpUkNhoIGe_Kfd5gAkAE6mXTo2colxyi-eRIg2H16qjIjImBsQC7WMgfgBAwQN_tFVH8GuNdypp9yqUpAcJTB9-4Zh6zncpq8R7A8jKnl90fmBgm0UEiBrT-icHuI-JmSHHTobnFWYpy5Od8qxOnHaGRqE9g65s9g54qgMy7XC94u1jF_8F20ax9bNO8SBl7lcOljFKyNku6bzwcyfmhGWK9e1mYTFqnCbJ9bsAwQnLsZPaxKcZE2LkOKbof_I8-M7EGldA"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxREMzNC4xRDI4LjEwNkQuM0VDODo2OGFmNjBjNy0yNWYwLTQzODktODQzYi05NDk0ZmFlMjkzOTI=
grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=e5c35c78-0cac-43f0-a7dc-6725c9cdd464
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 204
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"8487ede6-b7d0-491f-ad59-ef05a277969a","token_type":"bearer","expires_in":299,"refresh_token":"5d0cd054-4e4c-488c-98a4-8b3738d14a74","scope":"address phone openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8487ede6-b7d0-491f-ad59-ef05a277969a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 695
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:15:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"uQQo8-e2pOSTRldgKdqAmCyHj8CqLImDyCGAPzHAJzM","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: authorizationCodeFlowLoginHint
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0FB.C3C4.7EEB.D79E",
"client_secret": "0ea2d539-2c2d-48de-848b-2c4446abb958",
"registration_access_token": "0622f92e-cdcc-4ed7-bb3d-51872530ced3",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0FB.C3C4.7EEB.D79E",
"client_id_issued_at": 1530807319,
"client_secret_expires_at": 1530893719,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E0FB.C3C4.7EEB.D79E&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=34d50bae-9d3b-43a4-8e8d-3a56021f24ef&nonce=76969707-dde3-49d6-93c4-d81711a194bd&login_hint=test_user
12:15:41.022 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d076bf31-606f-4d97-8990-b6c1c34ef9a5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E0FB.C3C4.7EEB.D79E&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=34d50bae-9d3b-43a4-8e8d-3a56021f24ef&nonce=76969707-dde3-49d6-93c4-d81711a194bd&login_hint=test_user
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=a6219415-47a5-4265-b760-41ccfd41da0b&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMEZCLkMzQzQuN0VFQi5ENzlFIiwiZXhwIjoxNTMwODEwOTIxLCJpYXQiOjE1MzA4MDczMjEsIm5vbmNlIjoiNzY5Njk3MDctZGRlMy00OWQ2LTkzYzQtZDgxNzExYTE5NGJkIiwiYXV0aF90aW1lIjoxNTMwODA3MzIwLCJjX2hhc2giOiJrY3diY2NQRmU1X0k5a25MUGw1czBRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiRml1TnNsT1R4V2ZHcjJ4c0hpOVJnUWUyeXI5TlltbHc2OWpWR3pRRVMzNCJ9.G54ZKXvsqY6LGowLL-k7VdQec5YcVrUHLW-JSeJ2XaDaj-FiSHYzxRvJDBbGfuvyMZN8a3R2bjDpVxEa_7y2EVedBsmb8NxXM0VC61RQXTN6ZHehTHwSbXVNXnefDGJGx2TtV5CnQmiYsq9MF1MBzgx-fnU5WU1Lid-R0nAmLnjaWZHIowSGjx55Wt93VD3eTJE3f66riYWnboboCSqCUKwxTMEZrHXhF1f3Mn_SCIRLUtRSr0WLrw51_DiZnlgU50u0MI3b3MPb6L2Gjavzb--JoNYVwjw0nt48TEncAizP2RFDAtOigP2dtEqdHe_l80V6I9E9zPxzRKQeMZxWxg&session_id=4ba9e62a-8f71-4db7-87c2-2ce9a23438fd&state=34d50bae-9d3b-43a4-8e8d-3a56021f24ef&session_state=d076bf31-606f-4d97-8990-b6c1c34ef9a5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTBGQi5DM0M0LjdFRUIuRDc5RTowZWEyZDUzOS0yYzJkLTQ4ZGUtODQ4Yi0yYzQ0NDZhYmI5NTg=
grant_type=authorization_code&code=a6219415-47a5-4265-b760-41ccfd41da0b&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"310b96ec-c05e-4a07-bf0a-e1cfabfd77ba","token_type":"bearer","expires_in":299,"refresh_token":"411e33e9-6bc9-43f6-a9a8-79541a12cad1","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMEZCLkMzQzQuN0VFQi5ENzlFIiwiZXhwIjoxNTMwODEwOTIxLCJpYXQiOjE1MzA4MDczMjEsIm5vbmNlIjoiNzY5Njk3MDctZGRlMy00OWQ2LTkzYzQtZDgxNzExYTE5NGJkIiwiYXV0aF90aW1lIjoxNTMwODA3MzIwLCJhdF9oYXNoIjoicThqeThkNGRJazNkSzZ1MVk1RXVHdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkZpdU5zbE9UeFdmR3IyeHNIaTlSZ1FlMnlyOU5ZbWx3NjlqVkd6UUVTMzQifQ.jwoB8MK9Gf1eOCz9akLftqKYKIJ4G8pltdel3n_oqZny0EG0anAjgzysW86HfFTMGT_Ov0jZyeQKCKvh-w0XQJJPzU2p4PCBIYRD1gKbWA7Xy8tVYiXs-kZFdcsyRN2j--VvMWlK1vk3PWBqgvSeMC3OklbY9wmJkjWY6nfaZwh_VuKO-v_kcXsPGxdOynCK9qwBk3Z-lZ2qx1BnJIN_Fj9vKGhD98xdnpckaSitmZkWr5-aQbYF2232rZiscOvNQNug0C7eSv403Ez1eOFNwWElTQt0yi39efDMGoGNfmOxp_eiZAvKYDaWlOqcvDSlt-nfW65hx68WebfnmHkL7g"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTBGQi5DM0M0LjdFRUIuRDc5RTowZWEyZDUzOS0yYzJkLTQ4ZGUtODQ4Yi0yYzQ0NDZhYmI5NTg=
grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=411e33e9-6bc9-43f6-a9a8-79541a12cad1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"fbd4bdb8-b9d6-48ba-8d5a-9bcffcef3fbb","token_type":"bearer","expires_in":299,"refresh_token":"9eec7ffd-cf72-4fd9-9f40-acc5ed678ff1","scope":"address openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer fbd4bdb8-b9d6-48ba-8d5a-9bcffcef3fbb
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:15:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"FiuNslOTxWfGr2xsHi9RgQe2yr9NYmlw69jVGzQES34","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: authorizationCodeFlowNegativeTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1309
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6DA6.4AD6.6FC6.3419",
"client_secret": "b6b2b2d9-2624-4083-a452-4ad258ef8b59",
"registration_access_token": "832c0469-3299-422d-a3ee-2a5c35372048",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6DA6.4AD6.6FC6.3419",
"client_id_issued_at": 1530807321,
"client_secret_expires_at": 1530893721,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216DA6.4AD6.6FC6.3419&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=02760079-b216-4947-8c68-aa1ecf1b6525&nonce=a80de414-4d41-4017-b300-849b7f03ece1
12:15:42.929 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:564df635-ab58-4c5f-a27d-09c09b70d94a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216DA6.4AD6.6FC6.3419&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=02760079-b216-4947-8c68-aa1ecf1b6525&nonce=a80de414-4d41-4017-b300-849b7f03ece1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=8db8a58c-6ab0-4ef9-9c5b-2aed43e313c6&scope=openid&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2REE2LjRBRDYuNkZDNi4zNDE5IiwiZXhwIjoxNTMwODEwOTIzLCJpYXQiOjE1MzA4MDczMjMsIm5vbmNlIjoiYTgwZGU0MTQtNGQ0MS00MDE3LWIzMDAtODQ5YjdmMDNlY2UxIiwiYXV0aF90aW1lIjoxNTMwODA3MzIzLCJjX2hhc2giOiJGNThrYkZUSU9VbmpWSGZncVJyWFpnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoib3daUHc3SzhZckhBRkJyWXEydm5uWHBfU28tU3FnblJYb0R3dG5MVElMdyJ9.b2iGnYADbIaCkeFhlJIwMIAW5umIxhPxY3ZZdSb44fwguidS-5SZd2JeCwKHEEuRPpJbvbA8NTojX1M4jwyQjP-ljs9tqa22d-_jWHJPfFHgk5SQNisCDidyRRA8qju8U3HrWaKWsGrNqsWzZ0PUnwIcx5TYTTOBIZ9OnOHTkhPw0iE14sB93tB2vBToMKvwJnl62Xmffnjac0K-4nsjRkfNNpm6KJyos5nuatyiprHpZcBL4se0ISoiedOud1eeL9LR0uTUfiip85VhIpYX0XTWtudnLKvEkZIF1lBnSCOxmzDDWX6YUqj4Icwb7Osw5CtPiB0rOJt2owGlMH1Zdw&session_id=a421b8c0-24eb-4f2a-9a0b-6356434a803f&state=02760079-b216-4947-8c68-aa1ecf1b6525&session_state=564df635-ab58-4c5f-a27d-09c09b70d94a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNkRBNi40QUQ2LjZGQzYuMzQxOTpiNmIyYjJkOS0yNjI0LTQwODMtYTQ1Mi00YWQyNThlZjhiNTk=
grant_type=authorization_code&code=8db8a58c-6ab0-4ef9-9c5b-2aed43e313c6&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"5a891120-6f94-4ede-afbb-55585c943898","token_type":"bearer","expires_in":299,"refresh_token":"87ce72ba-d5e2-4818-8d6e-5c6f851512c3","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2REE2LjRBRDYuNkZDNi4zNDE5IiwiZXhwIjoxNTMwODEwOTIzLCJpYXQiOjE1MzA4MDczMjMsIm5vbmNlIjoiYTgwZGU0MTQtNGQ0MS00MDE3LWIzMDAtODQ5YjdmMDNlY2UxIiwiYXV0aF90aW1lIjoxNTMwODA3MzIzLCJhdF9oYXNoIjoiekd3NkFzQUhoZVZjMTB2VzkzUDJKZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im93WlB3N0s4WXJIQUZCcllxMnZublhwX1NvLVNxZ25SWG9Ed3RuTFRJTHcifQ.AI1oM6Rx2mmIWWz_ArCmJpUJQW8PjNOsunSJIx7OTiakC3H5kNouxS4_R_SAThmCCrG461oghLjOYUnYfAs11abUBfwaZx_CR0xKWlxfc-HhD2YM4HYTMKZVozTtxEwRgkk9KgCMgaf9KrSsjyDzZQwd_MRDQOGJq4G8ZVfOFqzEOXAKEYpiL4SDfhdB8wkMzUroY1m2Owek_ls6SRE8xHnhiAqbJxSvk2E3Jgbb0GeNqTrEOJExwjw3bmSGRwNeUCMWt-fKGceffvi24q8ZqVp3f3a28_6dwUilv2gHtrGzinZsT3aF2WDb7n_9JYVXzRIVRWt3Y-Dy26BNzhaecw"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNkRBNi40QUQ2LjZGQzYuMzQxOTpiNmIyYjJkOS0yNjI0LTQwODMtYTQ1Mi00YWQyNThlZjhiNTk=
grant_type=refresh_token&scope=openid&refresh_token=87ce72ba-d5e2-4818-8d6e-5c6f851512c3
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 166
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"b01fe0e7-9a62-420d-84df-5a23996fd8a0","token_type":"bearer","expires_in":299,"refresh_token":"7dfe5385-5403-4b49-a83c-24bee1e1396e","scope":"openid"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b01fe0e7-9a62-420d-84df-5a23996fd8a0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 53
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:15:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"sub":"owZPw7K8YrHAFBrYq2vnnXp_So-SqgnRXoDwtnLTILw"}
#######################################################
TEST: authorizationCodeFlowWithOptionalNonce
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABC9.8136.D5C7.A820",
"client_secret": "3dd1e05e-4aac-4373-b478-4815f023757c",
"registration_access_token": "e07592f8-b736-4224-b203-8782b194da7e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABC9.8136.D5C7.A820",
"client_id_issued_at": 1530807323,
"client_secret_expires_at": 1530893723,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ABC9.8136.D5C7.A820&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5425cbc7-e512-444d-92f2-8f1d22f82c59&nonce=df1bff0c-3949-411f-84cf-3785da22f78b
12:15:45.114 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4a00629c-1953-4c9d-b478-a821c53ef966
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ABC9.8136.D5C7.A820&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5425cbc7-e512-444d-92f2-8f1d22f82c59&nonce=df1bff0c-3949-411f-84cf-3785da22f78b
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=2aacdb83-b53b-43c1-ba8a-4839cdb8e1c1&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQkM5LjgxMzYuRDVDNy5BODIwIiwiZXhwIjoxNTMwODEwOTI1LCJpYXQiOjE1MzA4MDczMjUsIm5vbmNlIjoiZGYxYmZmMGMtMzk0OS00MTFmLTg0Y2YtMzc4NWRhMjJmNzhiIiwiYXV0aF90aW1lIjoxNTMwODA3MzI1LCJjX2hhc2giOiIzQTNMVWhLMnFJRGtWMnMweU5DbEpRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiSWEtcTF3OE1PRFFCSFZfc0JmdGNlbWEydXdZcmJvaXlfRkx5N0tFaGQ4NCJ9.pX7HY4WDTUh82B3tdp_Jdtta_K127stcRBLaZwVCd6b-9TnIA8p2dnAVJuSPn9C0G-MShQr_Xwf25T0mcxikatU5yDYLf50tTs97bUucOf_ZXYRr5Dg5b_ocL84J6QthwLwXWhHU2EuHSYb7or1EDdaSiaszziAZUO2acybX1F6y_yNzdxEiqudtMFvLC29H7hwWXp7-g1SUOI_I5lDdH5XR-CJaJ4Z8k5DhoV7MtcVw0udjBNEi3VZTgaTh5mkzAE-1I3gdakBDsAtu352xIA0uiUD4d3au4v743p5vbkNgYPvCLdB4Wi4-HdT4DA8CDnmJi6otdFIKpTMWr7-eVA&session_id=60aadd03-11bd-4b6f-9907-863e9d34f1b0&state=5425cbc7-e512-444d-92f2-8f1d22f82c59&session_state=4a00629c-1953-4c9d-b478-a821c53ef966
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQUJDOS44MTM2LkQ1QzcuQTgyMDozZGQxZTA1ZS00YWFjLTQzNzMtYjQ3OC00ODE1ZjAyMzc1N2M=
grant_type=authorization_code&code=2aacdb83-b53b-43c1-ba8a-4839cdb8e1c1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"57277b0a-58cc-4545-8f2b-40847111dc60","token_type":"bearer","expires_in":299,"refresh_token":"e46c9377-93d4-427d-ab30-30913c6d2457","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQkM5LjgxMzYuRDVDNy5BODIwIiwiZXhwIjoxNTMwODEwOTI1LCJpYXQiOjE1MzA4MDczMjUsIm5vbmNlIjoiZGYxYmZmMGMtMzk0OS00MTFmLTg0Y2YtMzc4NWRhMjJmNzhiIiwiYXV0aF90aW1lIjoxNTMwODA3MzI1LCJhdF9oYXNoIjoiYUdGT01IRWFoLWhGZlpOQ2ZGclZfZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IklhLXExdzhNT0RRQkhWX3NCZnRjZW1hMnV3WXJib2l5X0ZMeTdLRWhkODQifQ.d1joHtcxjo2P4XSmk3P91E2I6bMnNpky8VNsZKYG0rAH5ny1kHMFZU_jEWJLPOSNyzkt2f3tAJNC5jPl5iinZwRCmrSTqA879g-bqu6xfYDkAQAG1QsobeWz1YaUKPR4Ajd3eyKGxVyQsyRSioNjS5A_5iIp_QzNNI_Dasr6_Q0Uf30k1dxKly4hwM1JyXGRCq8gOpA_cZk2Z4PA_dlaTQ5la2g2dQQhqddtxx7Yg-pJN1jtd-o3qoBOT1kdBvWzJdOoVh01pjV1VIaZOjsVhzTmH5u76-Jq3D-95eo6QqXGQeU4NnHuQbU9FqascIWSRChHHnsgi1zLHAmMj6-InA"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQUJDOS44MTM2LkQ1QzcuQTgyMDozZGQxZTA1ZS00YWFjLTQzNzMtYjQ3OC00ODE1ZjAyMzc1N2M=
grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=e46c9377-93d4-427d-ab30-30913c6d2457
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 188
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"934ff59c-746b-4d91-bd2b-9ad8f87d74a9","token_type":"bearer","expires_in":299,"refresh_token":"6d22a54f-be10-478b-8ac0-07c2a713eb2e","scope":"address openid profile email"}
#######################################################
TEST: authorizationCodeWithNotAllowedScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E56.1FD6.A2B0.2149",
"client_secret": "e1c9f883-8701-447c-8025-51b4855d9da5",
"registration_access_token": "938d007e-214d-4c94-958d-97b8e73eeeb2",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E56.1FD6.A2B0.2149",
"client_id_issued_at": 1530807325,
"client_secret_expires_at": 1530893725,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214E56.1FD6.A2B0.2149&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b7f9ffb0-f77e-4075-a5df-7950030e0d46&nonce=cc341e60-193e-455e-865a-83244bc53e38
12:15:46.997 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c3bbecfd-a61f-4984-81d8-a8a4ce9b1ec7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214E56.1FD6.A2B0.2149&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b7f9ffb0-f77e-4075-a5df-7950030e0d46&nonce=cc341e60-193e-455e-865a-83244bc53e38
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=adc933e5-989d-4d24-936d-40adaf57db23&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0RTU2LjFGRDYuQTJCMC4yMTQ5IiwiZXhwIjoxNTMwODEwOTI3LCJpYXQiOjE1MzA4MDczMjcsIm5vbmNlIjoiY2MzNDFlNjAtMTkzZS00NTVlLTg2NWEtODMyNDRiYzUzZTM4IiwiYXV0aF90aW1lIjoxNTMwODA3MzI2LCJjX2hhc2giOiI4eHdzVFMybF9wQUN2Y2Y2NE01MU5BIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiamxxUHc2M3ZtSlR6VE5UUUZwakprLVVoVFg5VFNZYjRLdFdQOTFPdDJuVSJ9.r8QkV8kT4EeoMjyiXyuBPbiRLCXb4iCL3C6tesaEMPItqp2dFWr-nQ4bcGwti9OYkXSAIm18BSlmh5ijTO75RUp3A_yUl-x09EViFDEHEuFzzYL58P-QdLuCh03yU3gA0dPbM4u3u3nV5quqVNy5M7Vb3-tozW2W4NKmC4wlSTdeGKf2UYsdwN7IfRwzaFXbjLxW-eZQFNVxd0Uk-vQ8XaL60hj7RFM5sJ_DToFtOvt-LC_ijShzTvVSZFHC9xNi7VblBAlmtODyUmVWsyVjaoLp4Mvcn2hsKjOxixgVIyQM76CHG0-RFWE_xWpaTi0BOZ3vI5mKksf10Agb3uz3RA&session_id=aec98186-cc3d-4788-81a6-566f03c78210&state=b7f9ffb0-f77e-4075-a5df-7950030e0d46&session_state=c3bbecfd-a61f-4984-81d8-a8a4ce9b1ec7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNEU1Ni4xRkQ2LkEyQjAuMjE0OTplMWM5Zjg4My04NzAxLTQ0N2MtODAyNS01MWI0ODU1ZDlkYTU=
grant_type=authorization_code&code=adc933e5-989d-4d24-936d-40adaf57db23&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"82ab350b-ed18-4fe8-8377-fbce2a3eb8d7","token_type":"bearer","expires_in":299,"refresh_token":"6a6e5a41-3bc7-4c81-be8b-37d14ebda535","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0RTU2LjFGRDYuQTJCMC4yMTQ5IiwiZXhwIjoxNTMwODEwOTI3LCJpYXQiOjE1MzA4MDczMjcsIm5vbmNlIjoiY2MzNDFlNjAtMTkzZS00NTVlLTg2NWEtODMyNDRiYzUzZTM4IiwiYXV0aF90aW1lIjoxNTMwODA3MzI2LCJhdF9oYXNoIjoidWtOck1yR094cENRdUdzNHFZWVpVQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImpscVB3NjN2bUpUelROVFFGcGpKay1VaFRYOVRTWWI0S3RXUDkxT3QyblUifQ.HAlmvnCHotqZiAJy9pyMMXRodvk08eDZ_-nJaNZcF5-hkaL5t23op8Hek5C5xQnKn0owUn4RCQCcm03Ew6CjDYjQM8II8lPGPFfXyU3Ngi0HzQdl6qwrls2D5zxxmJeG1_sbtw9-5ouF19lBUUp8_ZlM6V2-jP2YdJBqFZ-r4thg2YgScmxi_R7H1XljJFm3QcM0U9bZyL7EPVmuSo2x6P1VbXZknTWDG2iztOZqoYG-P58ufvqMs44Q0oxvENpCNsaj_NYm1gqfWW2IOcDMJfffs33cYu67p5aD1VSCLUNtR5fhpS302339fI1clAWgKKkfHngfGTzkKp25YWt2yg"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 82ab350b-ed18-4fe8-8377-fbce2a3eb8d7
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:15:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"jlqPw63vmJTzTNTQFpjJk-UhTX9TSYb4KtWP91Ot2nU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: revokeTokens
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0A2.4A59.0339.F5FA",
"client_secret": "a73664fa-7a48-4a55-a2c0-9f2f4d1d1233",
"registration_access_token": "f5c3ef33-a061-4d38-bfb5-cdd49208e4c5",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0A2.4A59.0339.F5FA",
"client_id_issued_at": 1530807327,
"client_secret_expires_at": 1530893727,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f5c3ef33-a061-4d38-bfb5-cdd49208e4c5
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0A2.4A59.0339.F5FA",
"client_secret": "a73664fa-7a48-4a55-a2c0-9f2f4d1d1233",
"registration_access_token": "f5c3ef33-a061-4d38-bfb5-cdd49208e4c5",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0A2.4A59.0339.F5FA",
"client_id_issued_at": 1530807327,
"client_secret_expires_at": 1530893727,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E0A2.4A59.0339.F5FA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ee09c730-7e61-4b1d-91e0-1e92753e9cf7&nonce=95a12f83-9eac-4ef4-ae22-1b582f304b06
12:15:48.755 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:126359a1-bcd9-4a5f-9e16-45cabf523aa6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E0A2.4A59.0339.F5FA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ee09c730-7e61-4b1d-91e0-1e92753e9cf7&nonce=95a12f83-9eac-4ef4-ae22-1b582f304b06
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=5a6e1853-be11-476d-9b41-a5ec03c5fbde&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMEEyLjRBNTkuMDMzOS5GNUZBIiwiZXhwIjoxNTMwODEwOTI4LCJpYXQiOjE1MzA4MDczMjgsIm5vbmNlIjoiOTVhMTJmODMtOWVhYy00ZWY0LWFlMjItMWI1ODJmMzA0YjA2IiwiYXV0aF90aW1lIjoxNTMwODA3MzI4LCJjX2hhc2giOiIxa05qVm90V1dBci1xRkMyRGhIMmNnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiX0VYTjY5U1pYa2VnMFU5dWw3b3U3WkZoak5lZEh0UlRYd3BjZjJ0d3BVSSJ9.cuKvbiWoFEQA9-fuFxg_rbr1Z913RWPXcEEDzdSMv5YNi_OobGO1TBfjCQ3shnFXy-IR_1V0IWN6JN3x-JITFHVdPf8EXRZnZRA0cuMehqwNDPR2EIoSpRHzjYISnO-zywz5pmYIIFxt-NdHHlXoZEsQqDU1GN3QfFeR-6yYW1wPYILGlYHVReuXP8Rgh7wEMSwaMbfpyVE0w9c6DylmmbgQ-lZtJyD5e4_PwC4rfhA7rRQUyWNbje5OFDQikcAkJnIbmAiEAkH3MOibf4FzCCJQRKDKLW4TKO_EO4PE_X9Hq8eQSEJRmNbu4PufvAgNBoKkfL5gAjd5E6TVjpuyWQ&session_id=19a3433c-ae12-46f0-bfec-248e5ef869ad&state=ee09c730-7e61-4b1d-91e0-1e92753e9cf7&session_state=126359a1-bcd9-4a5f-9e16-45cabf523aa6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTBBMi40QTU5LjAzMzkuRjVGQTphNzM2NjRmYS03YTQ4LTRhNTUtYTJjMC05ZjJmNGQxZDEyMzM=
grant_type=authorization_code&code=5a6e1853-be11-476d-9b41-a5ec03c5fbde&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"76ef6fdd-45a3-457b-817a-98ec58b13d17","token_type":"bearer","expires_in":299,"refresh_token":"749fa926-86ec-4305-b540-fcd9cfa50104","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMEEyLjRBNTkuMDMzOS5GNUZBIiwiZXhwIjoxNTMwODEwOTI5LCJpYXQiOjE1MzA4MDczMjksIm5vbmNlIjoiOTVhMTJmODMtOWVhYy00ZWY0LWFlMjItMWI1ODJmMzA0YjA2IiwiYXV0aF90aW1lIjoxNTMwODA3MzI4LCJhdF9oYXNoIjoiaGZKcXVMVDZkN05PM1FEdDl6alRkUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Il9FWE42OVNaWGtlZzBVOXVsN291N1pGaGpOZWRIdFJUWHdwY2YydHdwVUkifQ.KYqN_nfXyRqko8_eceKnX3_TizIcSo3LI8FDEwI-NLhH2R22h3-YgFRXUUbKNNNqiG9ooYw8QguHldq1WQQZlEoaO9ULkoHpm3hfPGqVqhIbu1hEU__JCAd2T0ztZOJl4jLbFVZQkQfPnI3UMibOe86IZ59euYxOG4YIuV740DjMJ6_eGwV5pqVYrftNq5e0wpsCJ3RrBHhiUTNOiGNQ7Usz-HzN_qIgy06PjH9Mn70a7fXYYWgEMi6n1mzVi-S-_TEgo_hZFQI59iV4t_4nI5eRh39lysB1nweB6IChjQpAqf1K3K7K9CTnAS_0GSMa9doxsF86gM4wHWXiDlnXcA"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTBBMi40QTU5LjAzMzkuRjVGQTphNzM2NjRmYS03YTQ4LTRhNTUtYTJjMC05ZjJmNGQxZDEyMzM=
grant_type=authorization_code&code=5a6e1853-be11-476d-9b41-a5ec03c5fbde&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 213
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:29 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTBBMi40QTU5LjAzMzkuRjVGQTphNzM2NjRmYS03YTQ4LTRhNTUtYTJjMC05ZjJmNGQxZDEyMzM=
grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=749fa926-86ec-4305-b540-fcd9cfa50104
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 213
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 76ef6fdd-45a3-457b-817a-98ec58b13d17
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 203
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:29 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8EF8.B07C.F653.A418",
"client_secret": "0133af11-62c5-4175-af01-939e785e95a6",
"registration_access_token": "6103a9b9-3647-426c-a4e6-baa94c881272",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8EF8.B07C.F653.A418",
"client_id_issued_at": 1530807329,
"client_secret_expires_at": 1530893729,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218EF8.B07C.F653.A418&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f16560ac-1615-40e2-b05a-2d3915f0556d&nonce=4ffe8c92-77a7-4eb6-a76e-3c51b51a3e82&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=8c7f8900-4abe-4c5d-82d7-44850f2e6f50&scope=address+openid+profile+email&session_id=94870db3-4ed8-4e1c-b282-3de8d6620e1f&state=f16560ac-1615-40e2-b05a-2d3915f0556d&session_state=121af418-0f55-459b-b139-065309148e2f
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EF51.C2AB.D9AD.D8E2",
"client_secret": "7d2676a2-a647-4e44-839a-cd10088784e9",
"registration_access_token": "09f2e025-db66-4ec1-9c2e-02ec2d0fec14",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EF51.C2AB.D9AD.D8E2",
"client_id_issued_at": 1530807329,
"client_secret_expires_at": 1530893729,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EF51.C2AB.D9AD.D8E2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3c29f0b9-3172-4bf1-8898-10673621bdd7&nonce=a66a4625-5c53-4430-94eb-3ccdd5df47fe&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=0d7522df-d337-46a3-83ee-80a77454e43c&scope=address+openid+profile+email&session_id=3eb72074-432c-4edd-8b4e-275b5ba692fb&state=3c29f0b9-3172-4bf1-8898-10673621bdd7&token_type=bearer&session_state=4a2e5d14-bf91-4c28-a6be-784ef683780c&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6C8D.9DB7.AE1E.2A7F",
"client_secret": "21813f71-bd92-442c-9a94-7c333eec5397",
"registration_access_token": "6532f1fe-3c3a-4c5a-9f3a-54b9d050d870",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6C8D.9DB7.AE1E.2A7F",
"client_id_issued_at": 1530807330,
"client_secret_expires_at": 1530893730,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216C8D.9DB7.AE1E.2A7F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6211f943-31c2-4a6d-a7a0-b92c8668c0cc&nonce=409990be-866e-4f7f-bc93-5a91a15313f3&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 16:15:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2QzhELjlEQjcuQUUxRS4yQTdGIiwiZXhwIjoxNTMwODEwOTMwLCJpYXQiOjE1MzA4MDczMzAsIm5vbmNlIjoiNDA5OTkwYmUtODY2ZS00ZjdmLWJjOTMtNWE5MWExNTMxM2YzIiwiYXV0aF90aW1lIjoxNTMwODA3MzMwLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJhOHlweWIwRndnc2tndndRT3dpeXI5OENnTXdvREZUcFFxeGhqSGMtRk9RIn0.BXmRlMR3Var-OQWrCIotClOoeRuNBzCF65LXgCl-_S7aVUwXIs4C9xL20JVFPaGeuacn8yX-h5-nHxOU8fdeUQHSbPuTpshUA1OQJyQ64deelUxvgVDIhpbytFtD0xOiiPP5mbyXogpDwLtcK6lCa1-JUF8uBicf4EJ02KCj4TwzcC5oT6QKgWGUKXHkFJWlar_0TmcMr73C-SEPl-A1v08DCPQ1gQa32XwJKJ6wTZCDd2iGcgNzfpmZiRSIMBZEP_cKY47TacAALy576wWJTjUmkR1ZMB9dfE1ODTSGKilcSDTEyqI--AMv2v_5oJS1EjjMnmhTE1ty0WbAzK0l4g&session_id=ebe4adb1-e219-4bd8-a26b-cf9f127d224e&state=6211f943-31c2-4a6d-a7a0-b92c8668c0cc&session_state=72e1c63f-a743-4847-b29d-178c464a515b
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!25D2.CF1C.1CFB.A74C",
"client_secret": "bb957451-e216-46c2-9670-99a1f6c656b3",
"registration_access_token": "7a86601d-460f-427c-bb1a-7cfe2c9735a7",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!25D2.CF1C.1CFB.A74C",
"client_id_issued_at": 1530807330,
"client_secret_expires_at": 1530893730,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2125D2.CF1C.1CFB.A74C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a0d5f275-8c80-4921-9aed-793893c5a972&nonce=0221870c-c7c3-4bf7-9983-7299a5795fd2&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 16:15:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=aa8d1015-988f-4f42-bf06-1457644987b2&code=fb28058b-7b80-441d-a5f8-7be4ae290c77&scope=address+openid+profile+email&session_id=150e32c8-0866-4241-9d66-a7f2e83bdf39&state=a0d5f275-8c80-4921-9aed-793893c5a972&token_type=bearer&session_state=1ea6bef4-c4a3-494a-b744-6fd5ed26a7aa&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8FDF.A7C4.C292.2DBA",
"client_secret": "4fbdd539-5c3e-4b36-8f45-3cbeae9306cb",
"registration_access_token": "e51569fd-493c-4efb-b844-a71e0465af1a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8FDF.A7C4.C292.2DBA",
"client_id_issued_at": 1530807330,
"client_secret_expires_at": 1530893730,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218FDF.A7C4.C292.2DBA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=08bc8382-665e-4e01-a1ca-960b5fdb698c&nonce=ac4a54ff-04bb-4f25-96d0-1bb2d2d6a3d3&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 16:15:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=83aeea4c-7a38-4831-b881-cf51a3bee31d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4RkRGLkE3QzQuQzI5Mi4yREJBIiwiZXhwIjoxNTMwODEwOTMwLCJpYXQiOjE1MzA4MDczMzAsIm5vbmNlIjoiYWM0YTU0ZmYtMDRiYi00ZjI1LTk2ZDAtMWJiMmQyZDZhM2QzIiwiYXV0aF90aW1lIjoxNTMwODA3MzMwLCJjX2hhc2giOiJGZU1wYUFmcGd4SFN5RjhWLTViLVJnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiRWRwOVhQY1VWcnRrTk5MSDVPMm1PYk5NREV4Tzc1WTluMlVlQU9EU2J4VSJ9.YJ6NrqrvvM10iLAzL4OLyJVe5bTRYTUvYfjQa3_VcJ6VEED9udaChYMSe9c6FcFiwsP3rrftg6W0Jclln0o8s4SQXN66KGBNqiDfozy_Cc2m6ZvYPKD_lJTHeWEYCqEyzNJLY0mWjQztWs0EkB5ZrKZKDwW98FDHiKSdtABKX9fz0-6tab8mAEuPGmf2hfH6GxdX2nA1sI36-6dbQ990_0J-s6UAWlRV4oL9WGFgymknb6HJzCOSfdNjIxusQ3WMPfqu4Djs4neV2V0KM6U0EtYj1iG8_bq7xMlki_Wz9xCZvs7JJFZq4PKguyHdt5aekn-HbCxn8RCh7I6UoPVoeA&session_id=81ca26dc-c95f-4c59-9902-47c503263c27&state=08bc8382-665e-4e01-a1ca-960b5fdb698c&session_state=d663f15c-331f-40fa-af53-35ffb450a3ae
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8AA4.DF24.8CA2.0390",
"client_secret": "ed2c6362-1ac3-4d1c-a484-b274f612da2a",
"registration_access_token": "72279254-b7d0-4da8-84ae-519c8e21ce9e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8AA4.DF24.8CA2.0390",
"client_id_issued_at": 1530807330,
"client_secret_expires_at": 1530893730,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218AA4.DF24.8CA2.0390&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f7b92f73-4462-470b-8438-2f9f5a3dfe49&nonce=f0d58cb2-7a92-4bdc-81d4-ae9503757064&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 16:15:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=a5e5e426-7b1d-4750-8591-1165d04cedc0&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4QUE0LkRGMjQuOENBMi4wMzkwIiwiZXhwIjoxNTMwODEwOTMwLCJpYXQiOjE1MzA4MDczMzAsIm5vbmNlIjoiZjBkNThjYjItN2E5Mi00YmRjLTgxZDQtYWU5NTAzNzU3MDY0IiwiYXV0aF90aW1lIjoxNTMwODA3MzMwLCJhdF9oYXNoIjoiOUlta1l2UjRYOGdReEwwbEpFSWtDdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Imc5Y0syWExialFNcXcwbWI1OW91SE5MWjNlUmlfa1I4NUxPcnVMZnV6UkUifQ.AqTQE7WEjxQtFc-3wJVeyHo8iju-j355x6LF0Ex5I2uylUuff4i8RsfX7BAebzowM-fc5S8pq2S-lnqIy8loXhsunMuL1jISbBTnF8cK14Sjmo1PyJN60FLIGW1NJ1d5CuVRdh--nJfJYsCi2GLbSY5TpriQqXoJ81fUyFRbVM4nnCsQ4FASe4xq43g-1GGqGP9NtfUpKmnC6lLvs_LAcDYVyrfJOI4MDvc5m8cGkfkVaPNeSI7mjnXM-xZViVKDhNR1mnEQT1BC-1adsBIxb_FgXJ6ujxCRq9aP7bLQ4nbJeKn3BwgbVi8vKqVFBEpe6znxny2nepnDQvz0KqQKnQ&session_id=71dc5a69-6ebe-4ef7-a798-3f0eb9ce1fe6&state=f7b92f73-4462-470b-8438-2f9f5a3dfe49&token_type=bearer&session_state=7fee1f0e-1560-42d1-adc6-2d0fe30a0480&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9865.A7B9.870A.E668",
"client_secret": "afd9a02a-f8e6-43b9-a2ef-f895886f643b",
"registration_access_token": "e7c1c2d1-affe-483a-87a7-67fd34ad91a2",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9865.A7B9.870A.E668",
"client_id_issued_at": 1530807331,
"client_secret_expires_at": 1530893731,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code+token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219865.A7B9.870A.E668&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=edc69f39-2cbe-47fd-8976-a5ce48aba3da&nonce=6e0f29a5-0eb1-40d0-8eeb-3b948986d742&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 16:15:31 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=87f98a07-3a6c-4104-9502-844121269356&code=e1f4d330-8f07-4492-a2e5-1ab84b33c938&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5ODY1LkE3QjkuODcwQS5FNjY4IiwiZXhwIjoxNTMwODEwOTMxLCJpYXQiOjE1MzA4MDczMzEsIm5vbmNlIjoiNmUwZjI5YTUtMGViMS00MGQwLThlZWItM2I5NDg5ODZkNzQyIiwiYXV0aF90aW1lIjoxNTMwODA3MzMxLCJjX2hhc2giOiJLV1NGN1lUQnVTUXBtTzN5OXVEcEJ3IiwiYXRfaGFzaCI6IlpueC02NzdPM1NZWE02SXYyZWxmVmciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJXdV9DRTFiVGtDQ19TTjA1ejBuaU16NnBySWdkX0lfNDRRd2lLdG5SZFd3In0.VW_j8akAcVIkT3iJ-mVrOVablROy9qiyI1U-wMh42XEGhZSFsNiWFHi5J4LwHboKxCtNq4GDtfLUE74j0Z-n4_G3R0VIQc4cNShjr8LxmhPDmxrU1dYq-pbsEeKJsgrdGPyEnOajvQEceAASfNlyHfr-JyCxLyGeyZnTvR4gWzwcHK-jW56JzfbCt39CAXM4UCCZW05lwOxWuuz7w9oqnkqGN3V8rL5KJDGQBdL2DEFDordXJ6-ANMWkQP1voI2dhzCqG5vusKU4koEd2qwZBK7mJkXuEELSM3CytWyhxUFfT_Rnaf_tiOqRbWZYubTjpX2RGjocgRpmpRxu5t3_jg&session_id=3e2d8db8-5e68-4055-bb0b-f093c181f889&state=edc69f39-2cbe-47fd-8976-a5ce48aba3da&token_type=bearer&session_state=446fd02e-213e-42ae-bd98-6182ec499193&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:15:31 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:31 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: defaultResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8462.5DEF.DA02.BF61",
"client_secret": "fdc49a6a-6c78-4057-850a-853bd0a63605",
"registration_access_token": "22ecdb50-8614-485f-a151-3408d59cb3d8",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8462.5DEF.DA02.BF61",
"client_id_issued_at": 1530807331,
"client_secret_expires_at": 1530893731,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218462.5DEF.DA02.BF61&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=de379cb1-d5bb-45be-a5aa-482af76a7c57
12:15:52.685 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:44293124-bdf1-44e3-b43e-27e7e187e0e3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218462.5DEF.DA02.BF61&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=de379cb1-d5bb-45be-a5aa-482af76a7c57
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=5f1c76cb-1127-4a17-a5bb-3b2ae9029084&scope=address+openid+profile+email&session_id=3c5a3907-16e1-406e-8adb-980c47cd1287&state=de379cb1-d5bb-45be-a5aa-482af76a7c57&session_state=44293124-bdf1-44e3-b43e-27e7e187e0e3
#######################################################
TEST: defaultResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4D04.F75F.E092.95D0",
"client_secret": "2fd09908-5d1a-4edd-bad2-6197f569ba07",
"registration_access_token": "34094e4c-ef57-42cf-9795-a1db2cc095a0",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4D04.F75F.E092.95D0",
"client_id_issued_at": 1530807332,
"client_secret_expires_at": 1530893732,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214D04.F75F.E092.95D0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a4a6fb7a-05f6-43d0-a8f8-7c6e5b3fb3ab&nonce=d840e7b1-8da2-4674-8b52-7b89e32cfdc2
12:15:54.266 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:18ff74f7-1246-46cb-becb-5777a7c38ef0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214D04.F75F.E092.95D0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a4a6fb7a-05f6-43d0-a8f8-7c6e5b3fb3ab&nonce=d840e7b1-8da2-4674-8b52-7b89e32cfdc2
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=4c8ab020-a6bf-4507-b5d4-888e37599adc&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0RDA0LkY3NUYuRTA5Mi45NUQwIiwiZXhwIjoxNTMwODEwOTM0LCJpYXQiOjE1MzA4MDczMzQsIm5vbmNlIjoiZDg0MGU3YjEtOGRhMi00Njc0LThiNTItN2I4OWUzMmNmZGMyIiwiYXV0aF90aW1lIjoxNTMwODA3MzM0LCJjX2hhc2giOiJTOWw2aGUycjI0bXVTVUtVdExPLVpnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiYTRWYU15R3VyT0dYRlp3REV3WFY0RHJCRl96dXV3ZnBsSHRXc3I3TDlFcyJ9.DyJLo0h-G66UBIqdnpY54VEH60Gv8Mr9VIz4EqCBxJvw7l5KQx1HlvkTWCDgfqPEzrtXRkYgvO0uBmuSD7k64kGdo37NwZp4rDImdO20cADicrc_tMC_UvQg_6vlPQVLEtVqIh0bJ-kdXEKshQX561FlMVDSlleMayHAEhaHR0uNKKzOzXkPP3pwHghkJGAH002Crfjs1e5tXni5PhTF14Mz2mkQL-ketCJM6zuM7XWJxbyvlPrYN1Vj00Im1SanxX4R3hhzWAX3yWArfvIOnbKd0X7gOMA7rBZARH9_nCl7gSLjlyppqoXG8jQC9Fb-Ym3oMWPe-5mVF0GQ5TDfKg&session_id=b40828f0-d0cc-41b3-9a6e-19c602ec4082&state=a4a6fb7a-05f6-43d0-a8f8-7c6e5b3fb3ab&session_state=18ff74f7-1246-46cb-becb-5777a7c38ef0
#######################################################
TEST: defaultResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E14D.80FF.A03C.0CE3",
"client_secret": "5a1fc7f9-bc98-4935-bb2c-00a749e75510",
"registration_access_token": "1996d0b0-ff3d-442d-bdff-699b801089ce",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E14D.80FF.A03C.0CE3",
"client_id_issued_at": 1530807334,
"client_secret_expires_at": 1530893734,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E14D.80FF.A03C.0CE3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b1ff9901-a974-4a5b-8a7a-ead244eab0cd&nonce=15b990a5-1ed0-4ae1-9071-7c78120794da
12:15:55.793 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:03d79572-a2d2-4d31-a92a-85512b8b4b1f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E14D.80FF.A03C.0CE3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b1ff9901-a974-4a5b-8a7a-ead244eab0cd&nonce=15b990a5-1ed0-4ae1-9071-7c78120794da
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=79da1510-cf3c-44cb-82c6-4051256739f9&code=2bea28c0-615f-4542-bfaa-c31aea76d1a2&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMTRELjgwRkYuQTAzQy4wQ0UzIiwiZXhwIjoxNTMwODEwOTM1LCJpYXQiOjE1MzA4MDczMzUsIm5vbmNlIjoiMTViOTkwYTUtMWVkMC00YWUxLTkwNzEtN2M3ODEyMDc5NGRhIiwiYXV0aF90aW1lIjoxNTMwODA3MzM1LCJjX2hhc2giOiJrb0Yzd3Rzb05sTThKd0tQbFBOUXF3IiwiYXRfaGFzaCI6ImpONGd1d1JTTHNJaWtQRXpyYjB0TXciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI4ekJpWmlTNlZlcFRZNXpmWWhyMUItd1BKVFZuTVBjbUlYZEU3MHJwV1NzIn0.iCflKes4r1f5Q3zT-GEXCxj4Xaf-wh3ahvfR3ir6XOQGFHWqvyLiNm_CttPaor-1HS1cvstijcuxm2zwfbvgwogy88CVi_Tmml1XI3uxldkZdjU0YJ5Y6W2N2ZRqqBX_uHiJ1INS6R-629u5HNmMRfZc-u21EwEMgABN9abtTBR1v_z4dhbM-BVUcuYWm29BlOhei94TnpiURH290QVLoqr4KY3leqb67AHDRMWZuYhqC6RbdDOb3t1cVeUMd9_4oO-RPn8_k_LZXybg_PSawuRh9zsjSJtagX1IAdJ4lcDQ1_CZyPoNZo35-9JrMpDUX0NH5tZouId6f1fSOQRYDg&session_id=71936455-a6c6-40d7-bad8-135cb509b935&state=b1ff9901-a974-4a5b-8a7a-ead244eab0cd&token_type=bearer&session_state=03d79572-a2d2-4d31-a92a-85512b8b4b1f&expires_in=299
#######################################################
TEST: defaultResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BDE9.1B34.A406.3C7C",
"client_secret": "8599422c-4543-445d-85ef-bcc4138f4c37",
"registration_access_token": "02dd9dc3-d5dd-4c13-a4ca-ad4bf4f3eefc",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BDE9.1B34.A406.3C7C",
"client_id_issued_at": 1530807336,
"client_secret_expires_at": 1530893736,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BDE9.1B34.A406.3C7C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=15a742f7-0fca-4175-b8cd-2256fb490390&nonce=f691badc-ed46-41cb-80ca-bac91fb59df0
12:15:57.300 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5e2f8421-9962-4338-957b-e16baf8f79f0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BDE9.1B34.A406.3C7C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=15a742f7-0fca-4175-b8cd-2256fb490390&nonce=f691badc-ed46-41cb-80ca-bac91fb59df0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=06266f25-4fe2-42fb-b282-09de212eb22c&code=5c586ae1-0930-4621-86bb-e61b9b11a2ed&scope=address+openid+profile+email&session_id=4fa44880-f317-490a-83db-58e662b0b262&state=15a742f7-0fca-4175-b8cd-2256fb490390&token_type=bearer&session_state=5e2f8421-9962-4338-957b-e16baf8f79f0&expires_in=299
#######################################################
TEST: defaultResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!71CF.C099.0A3D.200E",
"client_secret": "24cbdf1d-c5fa-4c89-9694-5c4aed7585be",
"registration_access_token": "91f975df-8bee-4c5c-a164-31fbf5cc970b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!71CF.C099.0A3D.200E",
"client_id_issued_at": 1530807337,
"client_secret_expires_at": 1530893737,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2171CF.C099.0A3D.200E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf6af9ff-1ee2-4e42-971a-95904c6bd44d&nonce=01d8c8c6-73fc-4690-90aa-94d5659a74c4
12:15:58.772 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4ecc6349-570c-4139-badf-fca3bce0bda6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2171CF.C099.0A3D.200E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf6af9ff-1ee2-4e42-971a-95904c6bd44d&nonce=01d8c8c6-73fc-4690-90aa-94d5659a74c4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MUNGLkMwOTkuMEEzRC4yMDBFIiwiZXhwIjoxNTMwODEwOTM4LCJpYXQiOjE1MzA4MDczMzgsIm5vbmNlIjoiMDFkOGM4YzYtNzNmYy00NjkwLTkwYWEtOTRkNTY1OWE3NGM0IiwiYXV0aF90aW1lIjoxNTMwODA3MzM4LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIzMG5tZ0picXNJN25PLVlwbmpOZklCNXlFbHZjTklJZmlyN0I0Z0ZkOGxZIn0.K8D_JVQRYBHuengJrYX5losQYZBebSOl_iaBIiYnP99kR-OqojcEjeznnpZO0jccBFkhiouOl-_lxfa2Fckts15X2JV0bJ1usWLdQltbRuJcRV7NbS9W99Beg8fZDq7QqVIAbfTFpHVG3eu4qmrSB-euiWk0AzTfUFKC4Ae0vEi2Z2Ujb7xTX9aV8CM_CfVfWn4h64nt5kCZn0KtCTq6dCtzThNb7f8un8yu5IeZRIvfOxIakSNi1CJDP2BjaM56tP1i0nwYoXHJzKIz5JT_cZRFoyXnOBIHIfm0uVQtYZEdGyZsXIZVSYWGKkQYypf1XGZzXwbiHgWsmKeByebrzQ&session_id=b5c0475b-bb5a-4057-b9f6-9a4cd6d2152c&state=bf6af9ff-1ee2-4e42-971a-95904c6bd44d&session_state=4ecc6349-570c-4139-badf-fca3bce0bda6
#######################################################
TEST: defaultResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BE1.BDDE.8316.BD5D",
"client_secret": "136d7e4a-f92c-4076-b000-591ce8f10b4c",
"registration_access_token": "315efb29-5768-45d8-8c87-c8214df817be",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BE1.BDDE.8316.BD5D",
"client_id_issued_at": 1530807338,
"client_secret_expires_at": 1530893738,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211BE1.BDDE.8316.BD5D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95c085ea-017f-4307-99f6-884ea806c55e&nonce=0411e588-503c-4528-95ca-b3b8f5d09adb
12:16:00.203 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:47e4584a-1c51-4d66-b650-244cec451d2c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211BE1.BDDE.8316.BD5D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95c085ea-017f-4307-99f6-884ea806c55e&nonce=0411e588-503c-4528-95ca-b3b8f5d09adb
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=c1818577-8dbe-4fb2-a50c-d88026f03797&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQkUxLkJEREUuODMxNi5CRDVEIiwiZXhwIjoxNTMwODEwOTQwLCJpYXQiOjE1MzA4MDczNDAsIm5vbmNlIjoiMDQxMWU1ODgtNTAzYy00NTI4LTk1Y2EtYjNiOGY1ZDA5YWRiIiwiYXV0aF90aW1lIjoxNTMwODA3MzQwLCJhdF9oYXNoIjoiWXBHRWMyNG1GX3VaejZBdVpJRVktUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImV2WmxudU53cEE1T3M5eTM0YkNTLVpuVHpSMTFlTHhnV3JVY0dqbDg1VkEifQ.Th34rIFTF1iS_pWX1TjtbtWdifmLNHqd7rkbYisKDF-30qnLQKVzZqfyi3sKBlGmnzi32g-9Irw5hT4GABtjB9arrPvySuo7JQTzi7GYL0E18v8f7UKeKCtiJEqx2ESHoxKOrkbP-G_BUHaQUzdTeAkXftWIKWm0ClUPEUHWz_guuP7xh5FUvE3ES6IRbO8qLLBSgYxiVdw4LiosiA_TT-B-5sKUYRIBrBdWU35SWlgIlxLFbU-kVwBQ_1jtSvAgW52M_kaN6hG_7waflZTjpvB3QvIojOxZGOoRjRAysp1YbnRukI3bn8MV0EAWC5NLLaajCkvFiLTUUAn6kIPV3w&session_id=9300b90e-66ff-49d0-860e-f0fbaa8b7861&state=95c085ea-017f-4307-99f6-884ea806c55e&token_type=bearer&session_state=47e4584a-1c51-4d66-b650-244cec451d2c&expires_in=299
#######################################################
TEST: formPostResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5870.DE36.5D9E.5113",
"client_secret": "30a28c1c-531b-4392-a642-3c1d15858015",
"registration_access_token": "80f65326-788e-4e81-8bee-5b4572e8da33",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5870.DE36.5D9E.5113",
"client_id_issued_at": 1530807340,
"client_secret_expires_at": 1530893740,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215870.DE36.5D9E.5113&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9128d8b3-5953-4ccf-9733-730ee378fc27&response_mode=form_post
12:16:02.187 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a3705d00-91fb-4c46-b8f4-8bee78507dfb
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215870.DE36.5D9E.5113&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9128d8b3-5953-4ccf-9733-730ee378fc27&response_mode=form_post
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0EDA.3DF2.27BD.BC5F",
"client_secret": "d7dc02c1-5a5a-44c6-a028-2cd68be2857c",
"registration_access_token": "fd558b83-3dbb-47c2-9320-e71e17f82338",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0EDA.3DF2.27BD.BC5F",
"client_id_issued_at": 1530807343,
"client_secret_expires_at": 1530893743,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210EDA.3DF2.27BD.BC5F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9c9b222c-82d1-4cfe-8e7e-8f5db7a1fefe&response_mode=form_post&nonce=77265ba7-1126-460e-a877-3251489a6f76
12:16:04.279 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c008e148-5421-4537-b402-bfc4deebe6fd
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210EDA.3DF2.27BD.BC5F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9c9b222c-82d1-4cfe-8e7e-8f5db7a1fefe&response_mode=form_post&nonce=77265ba7-1126-460e-a877-3251489a6f76
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!408D.256F.EAD7.8EA4",
"client_secret": "bc1caace-206c-48c6-ae56-379e66971704",
"registration_access_token": "740078ae-11e0-486e-9ee6-53d2cbf61bae",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!408D.256F.EAD7.8EA4",
"client_id_issued_at": 1530807344,
"client_secret_expires_at": 1530893744,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21408D.256F.EAD7.8EA4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3aa6f0bf-1588-4d60-9ae0-c997ec05e43d&response_mode=form_post&nonce=bf938a45-86ca-4126-aecd-deaf0ccfd42a
12:16:05.725 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4cef1d93-5180-49d8-8ccb-f2be8bd7a186
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21408D.256F.EAD7.8EA4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3aa6f0bf-1588-4d60-9ae0-c997ec05e43d&response_mode=form_post&nonce=bf938a45-86ca-4126-aecd-deaf0ccfd42a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C6B0.5CE7.B6A2.D4AA",
"client_secret": "79091112-70a2-421e-ac64-601aeff78061",
"registration_access_token": "6f3a99db-b22f-4922-8341-448182e7a989",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C6B0.5CE7.B6A2.D4AA",
"client_id_issued_at": 1530807345,
"client_secret_expires_at": 1530893745,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C6B0.5CE7.B6A2.D4AA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cd85ea4b-d546-4a4a-8854-d43261a42717&response_mode=form_post&nonce=40c4b59e-f123-448f-9d26-e1257aa64c34
12:16:07.154 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:98b004c0-0755-477f-90bc-64fa80236104
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C6B0.5CE7.B6A2.D4AA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cd85ea4b-d546-4a4a-8854-d43261a42717&response_mode=form_post&nonce=40c4b59e-f123-448f-9d26-e1257aa64c34
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CAE6.AB04.8499.D570",
"client_secret": "20c4776b-ba92-4a91-af68-428ad57d4244",
"registration_access_token": "1c39521f-136d-4876-81d4-2b1943750f15",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CAE6.AB04.8499.D570",
"client_id_issued_at": 1530807347,
"client_secret_expires_at": 1530893747,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CAE6.AB04.8499.D570&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cea3046b-cfde-48b3-a2db-5b6a9e833f17&response_mode=form_post&nonce=ccbc7eb9-5b4e-4d0c-a7d0-70943849e64d
12:16:08.711 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:90e000b8-b776-4e5a-bd31-3d8f00342120
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CAE6.AB04.8499.D570&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cea3046b-cfde-48b3-a2db-5b6a9e833f17&response_mode=form_post&nonce=ccbc7eb9-5b4e-4d0c-a7d0-70943849e64d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!98B2.6B5E.5056.2184",
"client_secret": "c3dadee0-ca49-4298-9c91-2c10207fea42",
"registration_access_token": "a523fbe9-f6a7-4089-a454-c649fabb0ceb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!98B2.6B5E.5056.2184",
"client_id_issued_at": 1530807348,
"client_secret_expires_at": 1530893748,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2198B2.6B5E.5056.2184&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c9b9bf5-9516-462a-9d4d-f531b3aa5eb8&response_mode=form_post&nonce=2ff5f22a-2aa0-483e-9625-6c8c52d77db0
12:16:10.060 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:151ea7a8-684b-4cb0-83fa-0ee574a89b0a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2198B2.6B5E.5056.2184&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c9b9bf5-9516-462a-9d4d-f531b3aa5eb8&response_mode=form_post&nonce=2ff5f22a-2aa0-483e-9625-6c8c52d77db0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: fragmentResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B465.2261.FD78.0F89",
"client_secret": "3eabb01b-5205-4358-95e4-16514613fdbe",
"registration_access_token": "91fc809f-f3e0-463e-b1d6-771d6ac569f7",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B465.2261.FD78.0F89",
"client_id_issued_at": 1530807350,
"client_secret_expires_at": 1530893750,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B465.2261.FD78.0F89&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=24e78909-09a4-4d5b-97bb-b2d66be9bf00&response_mode=fragment
12:16:11.485 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a994d293-bc30-4ae2-ad8d-26faf87a6689
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B465.2261.FD78.0F89&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=24e78909-09a4-4d5b-97bb-b2d66be9bf00&response_mode=fragment
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=1b42b71f-9c1c-452e-9e97-60e34d41ac6a&scope=address+openid+profile+email&session_id=e01c7d06-97e4-46bc-86ea-0f3858549a25&state=24e78909-09a4-4d5b-97bb-b2d66be9bf00&session_state=a994d293-bc30-4ae2-ad8d-26faf87a6689
#######################################################
TEST: fragmentResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A30A.D5ED.13AF.7D2D",
"client_secret": "4fbb2601-d398-476f-9b65-36f1f033b2e6",
"registration_access_token": "e8c1ac86-5f9b-4487-8a9d-2d12e58ae45e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A30A.D5ED.13AF.7D2D",
"client_id_issued_at": 1530807351,
"client_secret_expires_at": 1530893751,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A30A.D5ED.13AF.7D2D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=81fee3a8-7cf7-47a0-8e75-28f008d80c97&response_mode=fragment&nonce=3278f26e-8770-46f8-9cb7-d25bd1e201ac
12:16:12.958 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a1196184-e30a-409c-ba11-fdac0bca4f77
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A30A.D5ED.13AF.7D2D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=81fee3a8-7cf7-47a0-8e75-28f008d80c97&response_mode=fragment&nonce=3278f26e-8770-46f8-9cb7-d25bd1e201ac
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=2f4ce1b6-c7ea-43d1-9ac9-f3f577c7c4c6&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMzBBLkQ1RUQuMTNBRi43RDJEIiwiZXhwIjoxNTMwODEwOTUyLCJpYXQiOjE1MzA4MDczNTIsIm5vbmNlIjoiMzI3OGYyNmUtODc3MC00NmY4LTljYjctZDI1YmQxZTIwMWFjIiwiYXV0aF90aW1lIjoxNTMwODA3MzUyLCJjX2hhc2giOiJXTVlxa2JjbEE4T1Yxb3BmbGpmMkN3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiWnlpOUtQQmlvdjI1Mm80WFFURHFxUHl1WFZFLUFlMWVyVjRpS2VLdUVlbyJ9.Anf40VqvocMEtBw73n--v0k11U-2U2xljFC8m-DHkXDB8oH1lOeLcJ7dlflg5sm27AwNmPePytcMvA7BJ0qf5lh9dah_V_GerlHnYh_hW21oHqMgpT01Mw9VwXy7ZwgLXcSbZ-9WpbV1hBWiJYjF-x9RbzD2xFPfVAljMRBLaYYzkRj8fDc0zXm6JGnu83nlDEaZhCH-RIbVzRancdmOqEe0FOEOM5-ArBSLGk0pg1s9N50hmVx80xEa6yvdzbHFYuNQeppejL4WeQfxVZRhfi6MLI7J7dkuwmpyWruKzZOVKE45LywlZA2VIbX6XRN2oYonjHZLjBDoZ8N8NTYElg&session_id=11b1eb8a-a799-4ae7-9973-3dc0ea2178c9&state=81fee3a8-7cf7-47a0-8e75-28f008d80c97&session_state=a1196184-e30a-409c-ba11-fdac0bca4f77
#######################################################
TEST: fragmentResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!245E.1EDA.7C69.31AA",
"client_secret": "a371d703-ca6c-466c-b3a1-f6838eceed8c",
"registration_access_token": "d98569e8-f758-45af-af6f-2679f933e8db",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!245E.1EDA.7C69.31AA",
"client_id_issued_at": 1530807353,
"client_secret_expires_at": 1530893753,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21245E.1EDA.7C69.31AA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5513b955-b6ac-4693-869e-dcb98dc0bda6&response_mode=fragment&nonce=9873b73d-142e-4ec4-b910-4e6f1e79f257
12:16:14.361 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:13e11f70-a70d-486a-b4ff-f60273d9706d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21245E.1EDA.7C69.31AA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5513b955-b6ac-4693-869e-dcb98dc0bda6&response_mode=fragment&nonce=9873b73d-142e-4ec4-b910-4e6f1e79f257
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=58df0048-b16b-448e-a9ff-3c8d19f6c586&code=3ef42c82-350d-46a3-8f5c-04f932eef83c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyNDVFLjFFREEuN0M2OS4zMUFBIiwiZXhwIjoxNTMwODEwOTU0LCJpYXQiOjE1MzA4MDczNTQsIm5vbmNlIjoiOTg3M2I3M2QtMTQyZS00ZWM0LWI5MTAtNGU2ZjFlNzlmMjU3IiwiYXV0aF90aW1lIjoxNTMwODA3MzU0LCJjX2hhc2giOiI1R01OLU1WYXBqcWNEcFcxNkV4UlVRIiwiYXRfaGFzaCI6InhzTk1PZk15Vm55YVJWZVdySEpINlEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJzbk9rRmpkdHI5SWNWekF6MUJEM0Q1QVI3UEk3ZVFSLTlxdFA3eThxVXB3In0.NAqmmY27Xcf5eJp3XAcab6rCQ1XoxcbhOm-Np3PX9QahJcCqbGzs6-p4ppGc9z5PRGjDSUTqTxqkEY2yGw4cSaRFN-nvKwLdCOb_ITtc6Ht7pgnnKVrvmUxK93xzoCt7BhPVwWwJG0rZoux49_8cvtXZpLvSRee2qbFeDqclAxr7-1CAAMJxlUXmxKiYICPRPmQSsQ_7Cd7M5wdeRHw0yIVNVvfLGla8SqxsGtgQgBngzB_RWOcKGYhWXwbpr4hlXS9kLUFTnUGcmNyRpSiPtOJ--L-fQqFmh6WSTGoU3pXWuayVER0A3EDaSW3cUMDwVSSV5mJrMUduc2vU6MUOBQ&session_id=bbc195a1-d7a7-411c-8ac5-1b4d1de4b9ba&state=5513b955-b6ac-4693-869e-dcb98dc0bda6&token_type=bearer&session_state=13e11f70-a70d-486a-b4ff-f60273d9706d&expires_in=299
#######################################################
TEST: fragmentResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C285.E803.BB83.4CFB",
"client_secret": "3a6d2aaf-6f77-4ff9-96bd-72678a2feb51",
"registration_access_token": "e71395e0-5e07-4b25-be00-063f0e75a44f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C285.E803.BB83.4CFB",
"client_id_issued_at": 1530807354,
"client_secret_expires_at": 1530893754,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C285.E803.BB83.4CFB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=48e8b4b8-6348-41fe-ac2e-41779772ddab&response_mode=fragment&nonce=3b0210e5-ff25-49e1-afb1-13db8539dd8b
12:16:15.766 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8f5b202c-1fd7-4035-b651-5587fe608f29
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C285.E803.BB83.4CFB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=48e8b4b8-6348-41fe-ac2e-41779772ddab&response_mode=fragment&nonce=3b0210e5-ff25-49e1-afb1-13db8539dd8b
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=8d604d4e-6781-408d-b0b9-f2e337dbb0a3&code=88696eaa-febd-4e1e-95b3-f90366ee45c5&scope=address+openid+profile+email&session_id=2bc87fc5-28f0-4591-a5c7-bb37f8394625&state=48e8b4b8-6348-41fe-ac2e-41779772ddab&token_type=bearer&session_state=8f5b202c-1fd7-4035-b651-5587fe608f29&expires_in=299
#######################################################
TEST: fragmentResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D7FC.839F.D918.B89F",
"client_secret": "989572ea-56cf-4137-8ec7-df8983ffae7e",
"registration_access_token": "5b39c84c-427d-4053-836d-684bcc1e5853",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D7FC.839F.D918.B89F",
"client_id_issued_at": 1530807355,
"client_secret_expires_at": 1530893755,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D7FC.839F.D918.B89F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3703b3a1-dd0e-44f2-9351-853f99d83c17&response_mode=fragment&nonce=e2d8033a-cd6e-4f02-983c-bdc50a86bb48
12:16:17.186 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:aa79c15f-90b1-4dcd-9f4b-9e24c2151390
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D7FC.839F.D918.B89F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3703b3a1-dd0e-44f2-9351-853f99d83c17&response_mode=fragment&nonce=e2d8033a-cd6e-4f02-983c-bdc50a86bb48
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEN0ZDLjgzOUYuRDkxOC5CODlGIiwiZXhwIjoxNTMwODEwOTU3LCJpYXQiOjE1MzA4MDczNTcsIm5vbmNlIjoiZTJkODAzM2EtY2Q2ZS00ZjAyLTk4M2MtYmRjNTBhODZiYjQ4IiwiYXV0aF90aW1lIjoxNTMwODA3MzU3LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJxazMwLXJnaldyVmJaSXZSTHNNTnpiazVIMHpTU052YUdHeDZ2Qy1VZ24wIn0.kHdp5sieME4A4u-HJ8JBiVg-HJOZVibx22fj6LrKITlDYsHv_TtYv1k44ZVD6OAfss0DBvufhqmu5z__9rSrbhsAT70KjKj-wl-g8igVAxe40kDMBiEJATSMCqpTZDi_zv15qKpbA2HmANAHHvEPmqFfiJg8jKZzvgOs3cws2tNvScdX6oJsBZ6mQhNpcnsUelK4ADktr0tJTivTX2OLu2cn5PI6e3Ic1PoSSf945JXu2PprBKqzDpmf1OmfbHosBjp-Ll_FqOEBwJsibYQ1HbP_Jitz0q5xH9yOPqpdRtAIYgTczRbe3Iw14lvPNVoCsln7ZjxG_4BoEPzdHb8hzg&session_id=bb1b5bf9-7729-4e5c-8e8c-0fcd16362922&state=3703b3a1-dd0e-44f2-9351-853f99d83c17&session_state=aa79c15f-90b1-4dcd-9f4b-9e24c2151390
#######################################################
TEST: fragmentResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9E30.421B.F1AD.5405",
"client_secret": "3c811956-f3f6-4a2d-b5e6-388f56ae58d7",
"registration_access_token": "6f92231e-297c-4ef3-8de7-24086072afa0",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9E30.421B.F1AD.5405",
"client_id_issued_at": 1530807357,
"client_secret_expires_at": 1530893757,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219E30.421B.F1AD.5405&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c584a30c-e1b4-4d89-9277-b3ce2d858469&response_mode=fragment&nonce=e6437cea-7b3b-4d49-acff-e7954db985ef
12:16:18.670 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:537ce712-0c57-45cd-8e9c-c557b62f1cf6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219E30.421B.F1AD.5405&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c584a30c-e1b4-4d89-9277-b3ce2d858469&response_mode=fragment&nonce=e6437cea-7b3b-4d49-acff-e7954db985ef
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=451b6425-0081-499a-946d-fd5a3c3dd123&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RTMwLjQyMUIuRjFBRC41NDA1IiwiZXhwIjoxNTMwODEwOTU4LCJpYXQiOjE1MzA4MDczNTgsIm5vbmNlIjoiZTY0MzdjZWEtN2IzYi00ZDQ5LWFjZmYtZTc5NTRkYjk4NWVmIiwiYXV0aF90aW1lIjoxNTMwODA3MzU4LCJhdF9oYXNoIjoiZXRWZnpBaVN5eHJtZERzZmNQTDFDZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlFHbzdiN2ppbUVBZUx6VldsSDlkbkNUcGtzZXlYV29xYnRFREhFU25YaHMifQ.M0hvH_G5a1qjTmR8KnFHxsN5RA4CILykqE8jSj2gz4fbZKhFUmRg1H4d3C9IPfWqNdsvZ2VhRilia5GrMoCwkLP4yQUi2QjGHfnpiRXrCeUBpBrfpLHY90W7FWL9VsmJGvkQ76mWqUAUV2bQPrpDarQsI4WtBf59AVRTKucK1F2FYGUFHfDbz7-lujSPTdMZIhtlrasYZXzcoMJdZwj0DGLHbIFGRVhT5028bUfTE6H_ktrS0e7pcTTowH5-S1Xt1c4MGT_CGPrXOqA8Va3PMDTxFW3-OWbL_2SKa8Q3l7ImWVOtUv1O71SWG0Rz0hoDlHo7QxyUNx2PhwKjxWtdoA&session_id=000a687d-add5-4af5-8229-a64268b748eb&state=c584a30c-e1b4-4d89-9277-b3ce2d858469&token_type=bearer&session_state=537ce712-0c57-45cd-8e9c-c557b62f1cf6&expires_in=299
#######################################################
TEST: queryResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:15:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0995.4A94.0BD0.8E3E",
"client_secret": "47df23c3-9b6a-406d-bd98-0012d01ddff8",
"registration_access_token": "e3e42a9a-bad5-4c86-a00e-3b83bfef049d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0995.4A94.0BD0.8E3E",
"client_id_issued_at": 1530807358,
"client_secret_expires_at": 1530893758,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210995.4A94.0BD0.8E3E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=222f4623-0769-4c06-b9cc-3b49d24cfcb3&response_mode=query
12:16:20.078 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:588f9a4c-4b3a-4ccd-8c34-fe3668452049
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210995.4A94.0BD0.8E3E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=222f4623-0769-4c06-b9cc-3b49d24cfcb3&response_mode=query
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=5fcd9236-d75b-4c92-b81e-87fc0f93a008&scope=address+openid+profile+email&session_id=6ad28d7d-55bd-419a-94b0-86e15b21aef1&state=222f4623-0769-4c06-b9cc-3b49d24cfcb3&session_state=588f9a4c-4b3a-4ccd-8c34-fe3668452049
#######################################################
TEST: queryResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11A8.1484.7A2F.D42B",
"client_secret": "bd2febed-5724-40aa-bea3-87b1dac551a0",
"registration_access_token": "b788ffa6-0e7f-4dc5-af4b-0c233c839f54",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11A8.1484.7A2F.D42B",
"client_id_issued_at": 1530807360,
"client_secret_expires_at": 1530893760,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2111A8.1484.7A2F.D42B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3ef65377-a45a-44fc-8f70-20e4fee88611&response_mode=query&nonce=07a832e6-1bf4-4f0e-90bd-839bf64753a9
12:16:21.471 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d8b6aac0-15a6-4510-8e76-c1e7bc0954b9
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2111A8.1484.7A2F.D42B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3ef65377-a45a-44fc-8f70-20e4fee88611&response_mode=query&nonce=07a832e6-1bf4-4f0e-90bd-839bf64753a9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=0abbfc6e-28c2-40a3-9128-69201083f598&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMUE4LjE0ODQuN0EyRi5ENDJCIiwiZXhwIjoxNTMwODEwOTYxLCJpYXQiOjE1MzA4MDczNjEsIm5vbmNlIjoiMDdhODMyZTYtMWJmNC00ZjBlLTkwYmQtODM5YmY2NDc1M2E5IiwiYXV0aF90aW1lIjoxNTMwODA3MzYxLCJjX2hhc2giOiJHUUUxZm9nbHJYY2hOSzRyTThPbkdnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiaG1WOW05YmpGZW5pRW9WTENYczJhajFoYlREOXlXWjRRZU9wcjJaQ2l2TSJ9.ZZz58wNjMR5ZioeqtFVa0pwtoESxbnZdN2IiRl29brP_ctw_VsX6muLNTmvvbmIs9HGDDjcpup6FgVvKno2CjZyJduLREL9nNMIxpzU13k6FT4vRkcXemiH2RTRe6yZkRIm0fr_5WvucXrgRnCLJkMiEkiZP52a75HL3k0vFDf9FXkWiaVjY4T4jAIN3K8-Ds8cKg291myavRxqEneeaZo1z9m7oe_iBvWvn2FMxenN35YojKi6dpkyuA0jHiyoFv47K0QT2uZCsCDo2QVNBJVz4k2MXNVEzH7Fw_FHm4gA9MkpoCJe87v7gg1LhthkkPf09T0H0q8ASv0hccmTGdg&session_id=41728cfe-b62e-4df7-84c2-520a7cbf485b&state=3ef65377-a45a-44fc-8f70-20e4fee88611&session_state=d8b6aac0-15a6-4510-8e76-c1e7bc0954b9
#######################################################
TEST: queryResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3706.94DB.025C.70F6",
"client_secret": "5364ef37-6b1e-49f7-b8d1-8808b372682d",
"registration_access_token": "05ae66f8-cc90-4379-9e0e-5014e877226f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3706.94DB.025C.70F6",
"client_id_issued_at": 1530807361,
"client_secret_expires_at": 1530893761,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213706.94DB.025C.70F6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=77c4aee7-fb47-46c3-84bc-1208f294fb1d&response_mode=query&nonce=e88f8c2d-3dad-445d-a99a-adfcdee018b4
12:16:22.823 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d724b8dd-d476-4112-99b6-aa1d2092da66
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213706.94DB.025C.70F6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=77c4aee7-fb47-46c3-84bc-1208f294fb1d&response_mode=query&nonce=e88f8c2d-3dad-445d-a99a-adfcdee018b4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=578f522f-1fef-4d5d-b1d9-b7a323c33247&code=7a38b5d3-4eeb-4702-8c0e-22e16b82f006&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNzA2Ljk0REIuMDI1Qy43MEY2IiwiZXhwIjoxNTMwODEwOTYyLCJpYXQiOjE1MzA4MDczNjIsIm5vbmNlIjoiZTg4ZjhjMmQtM2RhZC00NDVkLWE5OWEtYWRmY2RlZTAxOGI0IiwiYXV0aF90aW1lIjoxNTMwODA3MzYyLCJjX2hhc2giOiJFdWlPOUV5anFkTGxpU0M4dTJmV2tRIiwiYXRfaGFzaCI6InRYaDR1RGpFT252a2F0elhjZ1NpSGciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJSOE1IU1lxOHpULUhuTWNlYUMxTnpwMUZwemhVV1dHY0xmenVyT0dhY2xnIn0.Xa4t81kD7YxkMmxX0LmH1lJ3yRp1kAGkwAjAJ4OOHIaFAHCceNXqBhgOFn-x3KIOccbnsDzC-CbujMUMSmQ08wqjg_qIQY9BAeXbFjgaf-d0BIo2rEXYe5qU7_2DKwXQK-_l32dSsXciDPmAMSNwQ2YcprONLYMsk-EnhI4aj9BCIwdUgZkZUcrplj8FdVcQnCNdSLwLawneXb-fu7FChQ6aWUiVM2fN0voUyQIIdJ1uUNj-0JFqdQnpm-QqfjW166_BQ_0PoRNaA55ic7OslfdFbML9x5Pwo0VzDTyxRTQQ7u44nX-9dpfy37Pg3wBsXmGJOuZf3PFUANNhdgkjRg&session_id=48d7e86f-e12b-48b4-bafe-570a9fc9d157&state=77c4aee7-fb47-46c3-84bc-1208f294fb1d&token_type=bearer&session_state=d724b8dd-d476-4112-99b6-aa1d2092da66&expires_in=299
#######################################################
TEST: queryResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4CEE.9B21.B1F0.3D5B",
"client_secret": "6ee1084c-1e87-4b88-aa13-2a5d255c7823",
"registration_access_token": "1d25fee6-5d3f-422c-955d-5158febd5179",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4CEE.9B21.B1F0.3D5B",
"client_id_issued_at": 1530807362,
"client_secret_expires_at": 1530893762,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214CEE.9B21.B1F0.3D5B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6caa3f55-6da2-44bc-b101-82618fedba1b&response_mode=query&nonce=a71ba739-0be5-4b7a-9f3b-acd8a2b21889
12:16:24.191 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:915cc6a8-7c41-4468-8680-4a3a74c325cc
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214CEE.9B21.B1F0.3D5B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6caa3f55-6da2-44bc-b101-82618fedba1b&response_mode=query&nonce=a71ba739-0be5-4b7a-9f3b-acd8a2b21889
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=21b65df9-7e9e-48d6-9434-dda5d69e143c&code=1307bd81-2cc7-4c60-88e5-59c85e378724&scope=address+openid+profile+email&session_id=896e0c70-a5ff-4be9-bade-340bb4f49518&state=6caa3f55-6da2-44bc-b101-82618fedba1b&token_type=bearer&session_state=915cc6a8-7c41-4468-8680-4a3a74c325cc&expires_in=299
#######################################################
TEST: queryResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!23C1.A1DC.49B2.3368",
"client_secret": "1b758023-ecef-4f92-bd4d-6c2594459dae",
"registration_access_token": "bc9fed06-817d-4796-822c-cb49381348b9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!23C1.A1DC.49B2.3368",
"client_id_issued_at": 1530807364,
"client_secret_expires_at": 1530893764,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2123C1.A1DC.49B2.3368&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=aec03d0a-8630-46d2-9159-13962e9eecf8&response_mode=query&nonce=e3eadda3-c0e6-4d2c-a3d0-c202e7f255e3
12:16:25.688 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:270ad72b-e7d5-468d-aa05-4b1b0576f013
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2123C1.A1DC.49B2.3368&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=aec03d0a-8630-46d2-9159-13962e9eecf8&response_mode=query&nonce=e3eadda3-c0e6-4d2c-a3d0-c202e7f255e3
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyM0MxLkExREMuNDlCMi4zMzY4IiwiZXhwIjoxNTMwODEwOTY1LCJpYXQiOjE1MzA4MDczNjUsIm5vbmNlIjoiZTNlYWRkYTMtYzBlNi00ZDJjLWEzZDAtYzIwMmU3ZjI1NWUzIiwiYXV0aF90aW1lIjoxNTMwODA3MzY1LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJFaUctUzdLc2xaT1o4cWVldzUwRUphcXVYejgwQXZfeFFNd0x2bUgyR3lRIn0.R2LwXzsF0YgLG-cQBDKMEt1vkYF7LWieUzzhHD70SR6GGGd_li8zrPs2eZ4D_ir7Wrj01cd9GxCZH2BWVP_t7JsHMQcBiX_M1QzWzhF0m6ZW8eZj2xiZDMGmT-80JxnCGWPS7GXnm20IWL6-pix6JrUWeH6ET-Ti_dnqjzogLXMZt4dRvnGmVrgjkC88l43Gago9dNZ9DRIn9YFbUSjZYEof45ynAwijRAiCdlMIkG5XfhAFePUZWHVL27m4hGbUrkej4wA8QyN4O-mh1YpoJy4EjupaUPRoZ7Z_ixPhRwdpT8mcrNpHrUvy8i7xsOqW_X2m8PF_ua72K2OIxluN-w&session_id=13cfac4a-9a26-4015-a89c-8a199796a2ed&state=aec03d0a-8630-46d2-9159-13962e9eecf8&session_state=270ad72b-e7d5-468d-aa05-4b1b0576f013
#######################################################
TEST: queryResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4ACD.D895.79B1.10E8",
"client_secret": "484c1a5f-c21f-4a4b-b9f8-f490ae36c9d4",
"registration_access_token": "8e332ee8-a60b-4d23-a7a5-0b5fc0441015",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4ACD.D895.79B1.10E8",
"client_id_issued_at": 1530807365,
"client_secret_expires_at": 1530893765,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214ACD.D895.79B1.10E8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=de819115-1532-4ade-92f9-da0e95f8df29&response_mode=query&nonce=f301aa98-8a12-4cd5-b44f-e06b59b4676a
12:16:27.107 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:02f2a1c7-ae4a-48ec-bf22-00482b87809c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214ACD.D895.79B1.10E8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=de819115-1532-4ade-92f9-da0e95f8df29&response_mode=query&nonce=f301aa98-8a12-4cd5-b44f-e06b59b4676a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=a93ecfe4-b567-4951-818d-41aee93ad2ea&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0QUNELkQ4OTUuNzlCMS4xMEU4IiwiZXhwIjoxNTMwODEwOTY3LCJpYXQiOjE1MzA4MDczNjcsIm5vbmNlIjoiZjMwMWFhOTgtOGExMi00Y2Q1LWI0NGYtZTA2YjU5YjQ2NzZhIiwiYXV0aF90aW1lIjoxNTMwODA3MzY2LCJhdF9oYXNoIjoicHlPSHkwRW5yaGNoUmJXR1pONUQ2USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjhvcXp4MVNicXlNYWk2M2JKX3N1UHNPVllraWllM1lWZzE1b1VsNGdaR00ifQ.FLELpeYZ3tuCqjUSBq0nsq4r4RkCCo-LDQrZOxSmeE3ltW8xjUfQ1C3hhLbzVAqo_QZ_P4zTm4spgq-syyP68MkMi4ouDq15dKSOrNbKOjhyHm2rE5W3iXiLZWan06NZrGGs3NvjPj9eKoNU7nmEVPht-Cr91tvBfG_042yeSoXn4VawC9UHcdBIBgSmEMwiSsPozF_s3RmRlF_RdAWnwCBewZGfzR5hqttTn9dRrLoH82H9Tz4e3xXY3t-O0U-N9cO5iaCQX5-871iuwtBG0MnWmxzrOs416sCdAfJbi6ORiET-sQi1FkIOZqPW7ltjHpjF0SaLmII8eiJcOvKPsw&session_id=e0f1ede5-cf2e-4613-9383-fcf56961db1a&state=de819115-1532-4ade-92f9-da0e95f8df29&token_type=bearer&session_state=02f2a1c7-ae4a-48ec-bf22-00482b87809c&expires_in=299
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:07 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:07 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestAuthorizationAccessToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!40A7.E80A.850B.F9FE",
"client_secret": "3909c7a1-0318-4348-b690-2800e69785bd",
"registration_access_token": "5a82640a-37ac-4ef4-9ccc-5cdd108fdfe8",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!40A7.E80A.850B.F9FE",
"client_id_issued_at": 1530807367,
"client_secret_expires_at": 1530893767,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 5a82640a-37ac-4ef4-9ccc-5cdd108fdfe8
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!40A7.E80A.850B.F9FE",
"client_secret": "3909c7a1-0318-4348-b690-2800e69785bd",
"registration_access_token": "5a82640a-37ac-4ef4-9ccc-5cdd108fdfe8",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!40A7.E80A.850B.F9FE",
"client_id_issued_at": 1530807367,
"client_secret_expires_at": 1530893767,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2140A7.E80A.850B.F9FE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=06229962-e2c1-4055-82e8-7721b1fb701f&nonce=f5267ba8-ac65-4f90-8f54-864658debab7
12:16:28.785 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a5bc1c45-87b5-4a15-aaaa-4cfdcf2177e2
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2140A7.E80A.850B.F9FE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=06229962-e2c1-4055-82e8-7721b1fb701f&nonce=f5267ba8-ac65-4f90-8f54-864658debab7
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=3afd753f-b74c-494f-9036-75e6e6120dad&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MEE3LkU4MEEuODUwQi5GOUZFIiwiZXhwIjoxNTMwODEwOTY4LCJpYXQiOjE1MzA4MDczNjgsIm5vbmNlIjoiZjUyNjdiYTgtYWM2NS00ZjkwLThmNTQtODY0NjU4ZGViYWI3IiwiYXV0aF90aW1lIjoxNTMwODA3MzY4LCJhdF9oYXNoIjoiaHkwc2R1eVNZa29FM25pU242MlhTdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImNFMVlwREk0b3BZd2Z6dkdmY3JzSGt4TnVLNlJqWl9Mb3czMnFPREpCdFUifQ.UBzFvoy1xiJM4U3Tw10GSR4M7JTl-1wqTcGlS1rqDOgrV4SagtdXwQpBgNGruB_VGKrVxJjCHTY_0cUnAigZMlm6HH2Ma4hplLhjPtMAkocrTQu41_nNXFy9gYA0SA0f7pMboGU9hqpKVKTsFFxSfchYFxJmMVhF35QghHfyIP9-1eG-Ce1p9gPr0ofmwuHFmciWP-C0eX3xOwzvF902Ja9PtlnvoNeAr7OZVdEgAUUBEEVLMjDY-EZFj7GgvU9FPNSQfz2NF1vGd-iszAA_zSxw3u9Pkty022DaXHs-f5Lf2Riqjoi-vufwHkWhS0bCezE4kTdpCUeSp4nOqHKHCg&session_id=b44f63d6-fcdf-466d-ac82-aa86c7bd3e77&state=06229962-e2c1-4055-82e8-7721b1fb701f&token_type=bearer&session_state=a5bc1c45-87b5-4a15-aaaa-4cfdcf2177e2&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2140A7.E80A.850B.F9FE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=126fc807-e7a2-4e29-8e26-ab4c6cadffa5&nonce=1e958591-ae56-4f7c-8ff0-89f5e6602d1f&prompt=none&access_token=3afd753f-b74c-494f-9036-75e6e6120dad
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:08 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=34498c69-2733-476f-88a0-48b7d6be5f21&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MEE3LkU4MEEuODUwQi5GOUZFIiwiZXhwIjoxNTMwODEwOTY5LCJpYXQiOjE1MzA4MDczNjksIm5vbmNlIjoiMWU5NTg1OTEtYWU1Ni00ZjdjLThmZjAtODlmNWU2NjAyZDFmIiwiYXV0aF90aW1lIjoxNTMwODA3MzY5LCJjX2hhc2giOiI4MW5sQXdyNTlzVFpyNzlac2N0Rm9RIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiY0UxWXBESTRvcFl3Znp2R2ZjcnNIa3hOdUs2UmpaX0xvdzMycU9ESkJ0VSJ9.OQXKqfaL-UVtkzOZuCOhN4wd8IMtjOQ1rXyDxKbEequUNItFagQxKh2NRq_YSLfCQWpu9ajTW02un8NP7EVNg0FTCSwv24SiJl-3AEWqUkwJgWaqySb1SYiccfkoSJBE_bELMXc52Nwl9bczLf_fyVxwQlscxIqQLSjA_UhUn1bQrqMpcYTdJlAYX1_4ICOPfLXCemN3RYqMS41YaXxZAFYvCTnpH0Ea1d0ieopBj9WWz-Agtsq5kwAJlDakhRspJ2wJU81Ph-aJGlyTcV47XB_GmIutbPtPqo9PegR66f3xLTclZMMmJk-4nMkj6bROIUMDbJX8QsGVvcamDJYSlw&session_id=f412ccdc-0a14-4974-9c05-cb7f15b27113&state=126fc807-e7a2-4e29-8e26-ab4c6cadffa5&session_state=c5a52c0b-12fe-4cc1-8ad3-a4b6650494fb
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNDBBNy5FODBBLjg1MEIuRjlGRTozOTA5YzdhMS0wMzE4LTQzNDgtYjY5MC0yODAwZTY5Nzg1YmQ=
grant_type=authorization_code&code=34498c69-2733-476f-88a0-48b7d6be5f21&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"3f06dd43-4929-4fbd-bab0-eae5782f010c","token_type":"bearer","expires_in":299,"refresh_token":"2cf9075a-070c-4cae-8fa5-f347c6067eef","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MEE3LkU4MEEuODUwQi5GOUZFIiwiZXhwIjoxNTMwODEwOTY5LCJpYXQiOjE1MzA4MDczNjksIm5vbmNlIjoiMWU5NTg1OTEtYWU1Ni00ZjdjLThmZjAtODlmNWU2NjAyZDFmIiwiYXV0aF90aW1lIjoxNTMwODA3MzY5LCJhdF9oYXNoIjoiQTRMc19DUF9WSVhJT29BUWMtSVc2ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImNFMVlwREk0b3BZd2Z6dkdmY3JzSGt4TnVLNlJqWl9Mb3czMnFPREpCdFUifQ.bpYDxvZqO3lyxNK34eBBErMrRCyj5hMx-8N5ewzAZ3s_WFSYx67f-EjL6DnqwA9KTWgmLrbJrg4uWxSytwNJeBDZJ4z1_qlxm_fTpdpHpmzA5A8hZP8QFV4nrm5aIZCy5RtXDM6ztttpaA0HR2DH6ayQTwb637ExXgGgASg-1E9ytZy-RuChZYjU5z2KuB8r7WqIFv49A9T35qakoCOjNGsgQOw7rtMZsicx8SwAqTlUWiH7JJf-7dPUvPXh9sBc6pwPC-iNxruTURYXfJ9L19klbBMmjozelvwF9W6fpDk7Z6L7Wao7WQXh95RgRmPAWI-siCmBBnFXbAnNtEdrWw"}
#######################################################
TEST: requestAuthorizationAccessTokenFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7470.BFDD.67AC.D346",
"client_secret": "255ff330-2da7-48a8-9257-977964201b11",
"registration_access_token": "74e4eaeb-5320-4149-93e8-8f4bcaeb5a98",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7470.BFDD.67AC.D346",
"client_id_issued_at": 1530807369,
"client_secret_expires_at": 1530893769,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 74e4eaeb-5320-4149-93e8-8f4bcaeb5a98
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7470.BFDD.67AC.D346",
"client_secret": "255ff330-2da7-48a8-9257-977964201b11",
"registration_access_token": "74e4eaeb-5320-4149-93e8-8f4bcaeb5a98",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7470.BFDD.67AC.D346",
"client_id_issued_at": 1530807369,
"client_secret_expires_at": 1530893769,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217470.BFDD.67AC.D346&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c41aaac9-1251-4cbd-897e-79c66851f0d8&prompt=none&access_token=INVALID_ACCESS_TOKEN
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:09 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=c41aaac9-1251-4cbd-897e-79c66851f0d8&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationAccessTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9F1A.3B3D.B59D.B6C6",
"client_secret": "ab59f23f-4415-41e2-a23c-610be9369fdf",
"registration_access_token": "c9cd79a8-346b-48c2-bfd1-feefa0acecfd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9F1A.3B3D.B59D.B6C6",
"client_id_issued_at": 1530807369,
"client_secret_expires_at": 1530893769,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c9cd79a8-346b-48c2-bfd1-feefa0acecfd
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9F1A.3B3D.B59D.B6C6",
"client_secret": "ab59f23f-4415-41e2-a23c-610be9369fdf",
"registration_access_token": "c9cd79a8-346b-48c2-bfd1-feefa0acecfd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9F1A.3B3D.B59D.B6C6",
"client_id_issued_at": 1530807369,
"client_secret_expires_at": 1530893769,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219F1A.3B3D.B59D.B6C6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4c5b41e9-74d4-4bdd-b6cb-f75db6b6720a&nonce=df3e49a3-88ba-4e65-b9c0-b1aa3303832d
12:16:30.818 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8cc0c8a3-7deb-430d-b55b-5bec7c56831c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219F1A.3B3D.B59D.B6C6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4c5b41e9-74d4-4bdd-b6cb-f75db6b6720a&nonce=df3e49a3-88ba-4e65-b9c0-b1aa3303832d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=7e51f21d-d245-4acd-a88a-dfb3064f9838&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RjFBLjNCM0QuQjU5RC5CNkM2IiwiZXhwIjoxNTMwODEwOTcwLCJpYXQiOjE1MzA4MDczNzAsIm5vbmNlIjoiZGYzZTQ5YTMtODhiYS00ZTY1LWI5YzAtYjFhYTMzMDM4MzJkIiwiYXV0aF90aW1lIjoxNTMwODA3MzcwLCJhdF9oYXNoIjoiUTE2N245UWJ6dVk0aEMtOEttTEdydyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImlsR2pvbWxTSmhiT3VYN2wtVjFpY1JxQ3Z5bDY5WmZsTUhRWGhadlBfaGsifQ.TQE_IKF8B-a0BuaI8Oz8-4xseebg9XoI3JbOrUueuYHByYkeCZ3T23ixWSAA3HlBgZ81Z-7HR8F6Epgk3BJ_UPdjAevgbnQUiX0ZXsYqn_Qmo2YQNJgfvCj_1fSig8BknWJr4uAeVLFt7AnDp5jExwkAIg60tdAyFgWlaUXd2Rb3FZ8sT4c7J1ttw5odRDhIYrAGJ2zz8y0q3-G3Jc97DQlCzmIEnA75rYmph23lr7tvMHShu6XqBLzXnQAfXutka0-qpueHqPNpnTXvo1ZleOgknShudHPuYkxl3FdG0u074tjfssOA7ceWkOstQuQHNEedu8xVps0xJ19D3qgmvg&session_id=d030b254-e993-4105-ae0d-180f510a8d86&state=4c5b41e9-74d4-4bdd-b6cb-f75db6b6720a&token_type=bearer&session_state=8cc0c8a3-7deb-430d-b55b-5bec7c56831c&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219F1A.3B3D.B59D.B6C6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=506b3a63-42de-42bf-a923-360c0f93bd14&nonce=94fb83f5-de92-495c-8905-c2dc05b25451&prompt=none&access_token=7e51f21d-d245-4acd-a88a-dfb3064f9838
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:10 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=2891b228-6e0e-4561-89df-e6da1a7bc76d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RjFBLjNCM0QuQjU5RC5CNkM2IiwiZXhwIjoxNTMwODEwOTcwLCJpYXQiOjE1MzA4MDczNzAsIm5vbmNlIjoiOTRmYjgzZjUtZGU5Mi00OTVjLTg5MDUtYzJkYzA1YjI1NDUxIiwiYXV0aF90aW1lIjoxNTMwODA3MzcwLCJjX2hhc2giOiJfU29SVUk5ZWozM1lsaUR3UjZEbWd3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiaWxHam9tbFNKaGJPdVg3bC1WMWljUnFDdnlsNjlaZmxNSFFYaFp2UF9oayJ9.OX2h7wktWEqzMsyXMHNkh_irBc50jAc0W-gyV291ZPZgHkgNF-irqk7YDu_Z3zbImUG8WC6KvW7Uv5QYJy-_fsoOfmntNGuEwxvarI7obk7yKuXOXp0HHvQ7PSwPdHnxxsfwcer9AyqJwSN7aiYRkBBnMdzzOc4G0e54fMAXS2BPouUwHktMBs4uiVfD15fb0-GFvaCs1VXmFwNQ_8dF3FHOI1SK62aPRSDNtGqFra7j_UeknWckFMFIGGsNRRXHDd2_uDZxM8aekLrXzkdGF-0omOBcXHGC8_YMLf4fEL-ejR42RmdxwGojtV16RkIGewgeAW0NnUJNZRard4vALg&session_id=5ed37db7-5009-4097-a059-b2ccf5027849&state=506b3a63-42de-42bf-a923-360c0f93bd14&session_state=a7d7180c-cda6-459f-915c-4e2d616bb85e
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxOUYxQS4zQjNELkI1OUQuQjZDNjphYjU5ZjIzZi00NDE1LTQxZTItYTIzYy02MTBiZTkzNjlmZGY=
grant_type=authorization_code&code=2891b228-6e0e-4561-89df-e6da1a7bc76d&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"6109d488-92a1-4a67-8a49-513abfc87147","token_type":"bearer","expires_in":299,"refresh_token":"a41754bf-919a-4b57-9b38-a6348e7d17db","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RjFBLjNCM0QuQjU5RC5CNkM2IiwiZXhwIjoxNTMwODEwOTcwLCJpYXQiOjE1MzA4MDczNzAsIm5vbmNlIjoiOTRmYjgzZjUtZGU5Mi00OTVjLTg5MDUtYzJkYzA1YjI1NDUxIiwiYXV0aF90aW1lIjoxNTMwODA3MzcwLCJhdF9oYXNoIjoiY0M5YWhtYnZVTzZta1NmbWtZTndxUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImlsR2pvbWxTSmhiT3VYN2wtVjFpY1JxQ3Z5bDY5WmZsTUhRWGhadlBfaGsifQ.JBEWOTPkuflVPGVJwbYs1D3oCucDeoQlm5QPRS-S599_JzMEVwCVXnnDW0Z0tiYB0tdBZyyfaeNI3PPCjd4g8rjG1aim1T4eixOpfoDEDhYKiH4FnBHq0TXeQ7vOBLfSQ6C7vIpDB62oiNkLnzz-bn-iBUQPf_ya4MSIJcxGn_HMXeRfvWQ_AF9Y7RLgWzjQsqjLGdqwTFjPHmJAMJTMBe04mSdckRrIF54MgWlWtOfKLz1v7XqLGF5ifCtA6oaGlbN0lishHbW-RGs3LBnfK209ECuGE5RAaxiK3n8zx6db2boe-v2_pCYBIfXh7zqQr1MQZXIYbT9iHpK6qyMeFg"}
#######################################################
TEST: requestAuthorizationCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AB43.F117.62B5.E164",
"client_secret": "0fc83d06-b684-41cb-9bf8-c33ed696c15f",
"registration_access_token": "a398ad75-e237-4df4-a6aa-5b7e5690e375",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AB43.F117.62B5.E164",
"client_id_issued_at": 1530807371,
"client_secret_expires_at": 1530893771,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a398ad75-e237-4df4-a6aa-5b7e5690e375
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AB43.F117.62B5.E164",
"client_secret": "0fc83d06-b684-41cb-9bf8-c33ed696c15f",
"registration_access_token": "a398ad75-e237-4df4-a6aa-5b7e5690e375",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AB43.F117.62B5.E164",
"client_id_issued_at": 1530807371,
"client_secret_expires_at": 1530893771,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AB43.F117.62B5.E164&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=15ee8787-c894-43f6-9ccc-0fa1bd7b927e
12:16:32.399 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e95bc214-60b4-492f-aba1-19fdbf961edf
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AB43.F117.62B5.E164&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=15ee8787-c894-43f6-9ccc-0fa1bd7b927e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=eefb2a7c-026f-4d33-b203-8f81c0b55232&scope=address+openid+profile+email&session_id=820122a1-e6c8-4862-b097-e4ac019df214&state=15ee8787-c894-43f6-9ccc-0fa1bd7b927e&session_state=e95bc214-60b4-492f-aba1-19fdbf961edf
#######################################################
TEST: requestAuthorizationCodeFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 175
Content-Type: text/plain
Date: Thu, 05 Jul 2018 16:16:12 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed."}
#######################################################
TEST: requestAuthorizationCodeFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0332.ED2C.04E6.774D",
"client_secret": "fdc98bf4-a83b-4ebb-84bb-84614419c6e1",
"registration_access_token": "7dccf4c1-696f-42e3-81d3-b4f7d73b3f4b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0332.ED2C.04E6.774D",
"client_id_issued_at": 1530807372,
"client_secret_expires_at": 1530893772,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7dccf4c1-696f-42e3-81d3-b4f7d73b3f4b
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0332.ED2C.04E6.774D",
"client_secret": "fdc98bf4-a83b-4ebb-84bb-84614419c6e1",
"registration_access_token": "7dccf4c1-696f-42e3-81d3-b4f7d73b3f4b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0332.ED2C.04E6.774D",
"client_id_issued_at": 1530807372,
"client_secret_expires_at": 1530893772,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210332.ED2C.04E6.774D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2FINVALID_REDIRECT_URI&state=6906c8af-7dda-4d07-82e3-37fa07209465&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Thu, 05 Jul 2018 16:16:12 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"6906c8af-7dda-4d07-82e3-37fa07209465"}
#######################################################
TEST: requestAuthorizationCodeFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code&client_id=%40%211111%210008%21INVALID_VALUE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8f90ed2f-7884-485d-a727-7ff7b916bc8a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 175
Content-Type: text/plain
Date: Thu, 05 Jul 2018 16:16:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"unauthorized_client","error_description":"The client is not authorized to request an access token using this method.","state":"8f90ed2f-7884-485d-a727-7ff7b916bc8a"}
#######################################################
TEST: requestAuthorizationCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A2C.9A9B.9D76.3BB1",
"client_secret": "cf6cf5aa-06db-4f80-902a-1583fe6fca5a",
"registration_access_token": "dc979209-11c7-4100-b7a7-67f29e3cc03d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A2C.9A9B.9D76.3BB1",
"client_id_issued_at": 1530807372,
"client_secret_expires_at": 1530893772,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer dc979209-11c7-4100-b7a7-67f29e3cc03d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A2C.9A9B.9D76.3BB1",
"client_secret": "cf6cf5aa-06db-4f80-902a-1583fe6fca5a",
"registration_access_token": "dc979209-11c7-4100-b7a7-67f29e3cc03d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A2C.9A9B.9D76.3BB1",
"client_id_issued_at": 1530807372,
"client_secret_expires_at": 1530893772,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213A2C.9A9B.9D76.3BB1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf3850db-217e-465e-9bad-6e8d1bcadea8&nonce=0c4f2248-727f-42c8-a2af-f371bd1c3662
12:16:34.253 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1b82f05d-1878-4ae0-acf8-f89eb181b256
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213A2C.9A9B.9D76.3BB1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf3850db-217e-465e-9bad-6e8d1bcadea8&nonce=0c4f2248-727f-42c8-a2af-f371bd1c3662
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=1f5ac455-c449-4386-87a9-cc9505ff2e8c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQTJDLjlBOUIuOUQ3Ni4zQkIxIiwiZXhwIjoxNTMwODEwOTc0LCJpYXQiOjE1MzA4MDczNzQsIm5vbmNlIjoiMGM0ZjIyNDgtNzI3Zi00MmM4LWEyYWYtZjM3MWJkMWMzNjYyIiwiYXV0aF90aW1lIjoxNTMwODA3Mzc0LCJjX2hhc2giOiJHRTg2VlpKMkFTOGhXeW15WWxyVGJ3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiTGQ0SE5NVW9tNGs2ZHd6MGZhYjR6c0dIdkE4WVVQV25tT2YtdFN6ckp5NCJ9.srp8IGlhcBUleGDc3wC7nCsyETlUbd9GV2lNv_v6xJiImdXv4Ww2--ed6y0-h2sw6l2Pmgqs1v89ugwexjIrGqDKRv50zwDX0mu_OYmwrvYzGjmyjjh29HBwkgUPriuuoWGG6OQc8Uh-P4yTV7MDdaogtwMijKS_1kctOGeRf5kjBVSczJS1p7fqKxudCVWEeA8zRFb-6uApaRjr2ddLLJZLQG2a79rLBTZtxYpwLmt--hpNY3NWSqJ1yo7e6gctm6GwxySa4nXGRMW8NCBKjt5z4GhHMNSAEmgCeNYx8_AUamunA7RWQvLq4pd2atWOOKN3ycQLQHqqpnMsQ47cAQ&session_id=d7f61e85-4698-40fe-9c28-145ab5363350&state=bf3850db-217e-465e-9bad-6e8d1bcadea8&session_state=1b82f05d-1878-4ae0-acf8-f89eb181b256
#######################################################
TEST: requestAuthorizationCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C515.EC20.CF85.50B1",
"client_secret": "78a807fe-6500-4202-a173-62e6753d6b3b",
"registration_access_token": "10ceee19-7b8a-4fe0-ade5-57d1f0488db9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C515.EC20.CF85.50B1",
"client_id_issued_at": 1530807374,
"client_secret_expires_at": 1530893774,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 10ceee19-7b8a-4fe0-ade5-57d1f0488db9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C515.EC20.CF85.50B1",
"client_secret": "78a807fe-6500-4202-a173-62e6753d6b3b",
"registration_access_token": "10ceee19-7b8a-4fe0-ade5-57d1f0488db9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C515.EC20.CF85.50B1",
"client_id_issued_at": 1530807374,
"client_secret_expires_at": 1530893774,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C515.EC20.CF85.50B1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3978d7bd-2592-41ee-839e-982b3035e268&nonce=9e91d524-ed5a-4971-a6e1-17026dbc15b9
12:16:35.884 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ea83ff18-b8f4-477b-95b5-70261d4341cd
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C515.EC20.CF85.50B1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3978d7bd-2592-41ee-839e-982b3035e268&nonce=9e91d524-ed5a-4971-a6e1-17026dbc15b9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=46de0d10-3636-453b-8a38-fa7ad9f19991&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDNTE1LkVDMjAuQ0Y4NS41MEIxIiwiZXhwIjoxNTMwODEwOTc1LCJpYXQiOjE1MzA4MDczNzUsIm5vbmNlIjoiOWU5MWQ1MjQtZWQ1YS00OTcxLWE2ZTEtMTcwMjZkYmMxNWI5IiwiYXV0aF90aW1lIjoxNTMwODA3Mzc1LCJjX2hhc2giOiJkbDVPMllyblo3ZGZvMmFtdjZPeVRRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQ04wWEhyZzM0eV9mX0lHSjJVMlJxVWNKN1ZYdmZpcHJhOUVpLWMyZHJHayJ9.HklZDQ-C-ySk8P-friJ82wnI6yRZMrzNRnkP-GKNUysBPZNnVX3au3irP--sWftjQ8BV3pDy1ad-ZzQR7twednBprJU-x_fFXNUKbyDc-hzCACOtdy5IfwrRNtULQYO90bbAZkG9i8oDDCfURefi-47sOpludbbpj5FSHpYrKjXtHDz7jr6WdPM1NLZsfjZ0CPgCX0DcsMI62hQ1t9d88UvIaAa5GJWPT0-_EXnbvrVQky3RmMXjN-rONNWfWn-Tca6rkplGOXA-TQ0cID7nM2274ddSho6WQUZPljc1wv0UdhSXPlYtOA0V6Oz0SsqKIKv8IzAjm8em9CFDn90bUQ&session_id=b7c037ba-c7f0-4962-89e7-88f30bbb1f37&state=3978d7bd-2592-41ee-839e-982b3035e268&session_state=ea83ff18-b8f4-477b-95b5-70261d4341cd
#######################################################
TEST: requestAuthorizationCodeNoRedirection
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7FE6.84B8.AB98.3B6E",
"client_secret": "1a796013-3a00-4668-844d-e4e970fd08b2",
"registration_access_token": "e03be33d-be04-4459-84c0-90076df2470c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7FE6.84B8.AB98.3B6E",
"client_id_issued_at": 1530807376,
"client_secret_expires_at": 1530893776,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e03be33d-be04-4459-84c0-90076df2470c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7FE6.84B8.AB98.3B6E",
"client_secret": "1a796013-3a00-4668-844d-e4e970fd08b2",
"registration_access_token": "e03be33d-be04-4459-84c0-90076df2470c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7FE6.84B8.AB98.3B6E",
"client_id_issued_at": 1530807376,
"client_secret_expires_at": 1530893776,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217FE6.84B8.AB98.3B6E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=24c09457-567c-4e8f-b6db-7b368987a493
12:16:37.467 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cf177df7-de20-430e-842b-9b06705366f7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217FE6.84B8.AB98.3B6E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=24c09457-567c-4e8f-b6db-7b368987a493
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=d2b4a50d-2122-455b-9f69-cf89232bc0f8&scope=address+openid+profile+email&session_id=3863c001-ae77-4433-b4d8-837b05a60727&state=24c09457-567c-4e8f-b6db-7b368987a493&session_state=cf177df7-de20-430e-842b-9b06705366f7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
X-Gluu-NoRedirect: true
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217FE6.84B8.AB98.3B6E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=24c09457-567c-4e8f-b6db-7b368987a493
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
#######################################################
TEST: requestAuthorizationCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C7D9.C8A2.0AE9.D5BC",
"client_secret": "e875156f-68fd-4df2-947c-3e34c2d7853f",
"registration_access_token": "70caf5bd-e21f-4a86-a4d5-18478435f6a6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C7D9.C8A2.0AE9.D5BC",
"client_id_issued_at": 1530807377,
"client_secret_expires_at": 1530893777,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 70caf5bd-e21f-4a86-a4d5-18478435f6a6
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C7D9.C8A2.0AE9.D5BC",
"client_secret": "e875156f-68fd-4df2-947c-3e34c2d7853f",
"registration_access_token": "70caf5bd-e21f-4a86-a4d5-18478435f6a6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C7D9.C8A2.0AE9.D5BC",
"client_id_issued_at": 1530807377,
"client_secret_expires_at": 1530893777,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C7D9.C8A2.0AE9.D5BC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9ba3c08a-e63b-4b04-9a10-67d0648c9b99
12:16:38.851 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:00dcf262-3ef6-4040-b1a1-a9079a1e4868
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C7D9.C8A2.0AE9.D5BC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9ba3c08a-e63b-4b04-9a10-67d0648c9b99
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=4ef34011-c6ea-415c-b835-01ed166cdf92&scope=address+openid+profile+email&session_id=d23e85c2-153f-4265-b63f-010170614390&state=9ba3c08a-e63b-4b04-9a10-67d0648c9b99&session_state=00dcf262-3ef6-4040-b1a1-a9079a1e4868
#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUri
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"application_type": "web",
"client_name": "oxAuth test app"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1082
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C04B.F319.523C.9F27",
"client_secret": "f2eaf006-b56a-4061-97b2-78ef335d322f",
"registration_access_token": "f89b46e4-5d57-4e7a-9960-798aa9b5d283",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C04B.F319.523C.9F27",
"client_id_issued_at": 1530807378,
"client_secret_expires_at": 1530893778,
"redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C04B.F319.523C.9F27&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5a3a58f7-7d0b-483a-b4c6-747c3773067a
12:16:40.127 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cd8c62b5-c2c0-4d79-8195-8879bbebb733
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C04B.F319.523C.9F27&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5a3a58f7-7d0b-483a-b4c6-747c3773067a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=dc74d7bb-ea59-4a96-bc34-dea5afa6dc1d&scope=address+openid+profile+email&session_id=b662e05b-4e67-4848-9bf2-beb587d0f786&state=5a3a58f7-7d0b-483a-b4c6-747c3773067a&session_state=cd8c62b5-c2c0-4d79-8195-8879bbebb733
#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6E51.C30F.1060.8A0C",
"client_secret": "a61f3fb3-69c2-4688-8576-1c2c116d4adf",
"registration_access_token": "aabe2049-58d5-4614-9025-2891fa170e0a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6E51.C30F.1060.8A0C",
"client_id_issued_at": 1530807380,
"client_secret_expires_at": 1530893780,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216E51.C30F.1060.8A0C&scope=openid+profile+address+email&state=b6f13b52-b838-426d-bf71-10303f1d0b7c&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Thu, 05 Jul 2018 16:16:20 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"b6f13b52-b838-426d-bf71-10303f1d0b7c"}
#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"application_type": "web",
"client_name": "oxAuth test app",
"subject_type": "public",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1080
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2659.90EE.5146.415C",
"client_secret": "613e65c1-af64-4b1f-be49-e9222010c038",
"registration_access_token": "6f425c61-b3de-4dba-bcbf-a6f506bc988a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2659.90EE.5146.415C",
"client_id_issued_at": 1530807380,
"client_secret_expires_at": 1530893780,
"redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"subject_type": "public",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212659.90EE.5146.415C&scope=openid+profile+address+email&state=3574b6ca-1a5c-49d1-9b32-27aab9e19dbc&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=467f8d3f-5482-4b03-8a47-6046f9f0e49a&scope=address+openid+profile+email&session_id=25f5cd17-d02a-4ee6-8ddd-079f7edf450f&state=3574b6ca-1a5c-49d1-9b32-27aab9e19dbc&session_state=5bc526a9-5e18-4461-b2b7-1c2b5ef542f2
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationDenyAccessThenGrantAccess
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B2C.45A3.8424.E5C2",
"client_secret": "1808be53-71d6-4acc-b576-6fa66bd8cf73",
"registration_access_token": "fcdea2be-4b53-4f6b-9502-76be64011943",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B2C.45A3.8424.E5C2",
"client_id_issued_at": 1530807380,
"client_secret_expires_at": 1530893780,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B2C.45A3.8424.E5C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5d75b66c-9ab2-43d3-9874-feca622fe34a
12:16:41.732 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndDenyAccess: sessionId:ae74ceb6-f850-4565-8c71-12286a0ba2a7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B2C.45A3.8424.E5C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5d75b66c-9ab2-43d3-9874-feca622fe34a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=5d75b66c-9ab2-43d3-9874-feca622fe34a
authorizationRequestAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B2C.45A3.8424.E5C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=00e3b1e7-37ae-4460-9d73-825b963549ae&session_id=ae74ceb6-f850-4565-8c71-12286a0ba2a7
authorizationRequestAndDenyAccess: sessionState:null
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B2C.45A3.8424.E5C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=00e3b1e7-37ae-4460-9d73-825b963549ae&session_id=ae74ceb6-f850-4565-8c71-12286a0ba2a7
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=00e3b1e7-37ae-4460-9d73-825b963549ae
authorizationRequestAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B2C.45A3.8424.E5C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fe1145f8-7c72-4faf-a28c-bebd9b2f3dd3&session_id=ae74ceb6-f850-4565-8c71-12286a0ba2a7
authorizationRequestAndGrantAccess: sessionState:a003ae47-cec8-4a2b-a0fa-143e2279c1b3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B2C.45A3.8424.E5C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fe1145f8-7c72-4faf-a28c-bebd9b2f3dd3&session_id=ae74ceb6-f850-4565-8c71-12286a0ba2a7
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7e9060b6-c859-4f66-b5b9-cddcd66c81c0&scope=address+openid+profile+email&session_id=ae74ceb6-f850-4565-8c71-12286a0ba2a7&state=fe1145f8-7c72-4faf-a28c-bebd9b2f3dd3&session_state=a003ae47-cec8-4a2b-a0fa-143e2279c1b3
#######################################################
TEST: requestAuthorizationForOpenIdScopeAndPairwiseId
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!55A2.F65C.E88A.F9A6",
"client_secret": "ad7e1ef6-0b37-44d0-80cb-ff14b02a2d17",
"registration_access_token": "637a0280-b066-4814-a9e6-58cd9a37280f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!55A2.F65C.E88A.F9A6",
"client_id_issued_at": 1530807382,
"client_secret_expires_at": 1530893782,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 637a0280-b066-4814-a9e6-58cd9a37280f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!55A2.F65C.E88A.F9A6",
"client_secret": "ad7e1ef6-0b37-44d0-80cb-ff14b02a2d17",
"registration_access_token": "637a0280-b066-4814-a9e6-58cd9a37280f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!55A2.F65C.E88A.F9A6",
"client_id_issued_at": 1530807382,
"client_secret_expires_at": 1530893782,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwner: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2155A2.F65C.E88A.F9A6&scope=openid&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=21c95076-48e9-4c7e-8a41-5d587a0c6be7
12:16:44.048 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwner: sessionState:29b8b7a3-f17c-4792-856e-a7386434de0c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2155A2.F65C.E88A.F9A6&scope=openid&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=21c95076-48e9-4c7e-8a41-5d587a0c6be7
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=21c95076-48e9-4c7e-8a41-5d587a0c6be7&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2155A2.F65C.E88A.F9A6
#######################################################
TEST: requestAuthorizationIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D2D6.B700.634B.83C2",
"client_secret": "9f20ab63-96ba-42a8-a0be-9a88946beb49",
"registration_access_token": "fe76e986-5e01-4437-b83f-082b0a6ec308",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D2D6.B700.634B.83C2",
"client_id_issued_at": 1530807384,
"client_secret_expires_at": 1530893784,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer fe76e986-5e01-4437-b83f-082b0a6ec308
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D2D6.B700.634B.83C2",
"client_secret": "9f20ab63-96ba-42a8-a0be-9a88946beb49",
"registration_access_token": "fe76e986-5e01-4437-b83f-082b0a6ec308",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D2D6.B700.634B.83C2",
"client_id_issued_at": 1530807384,
"client_secret_expires_at": 1530893784,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D2D6.B700.634B.83C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fad3bd67-f291-4303-b223-cfbf2b3c91b0&nonce=bb96f1a0-2ff9-479b-95bc-f775b958dfce
12:16:45.397 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8d42e5e5-eb77-49b7-86b0-24c1cbf5d7b1
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D2D6.B700.634B.83C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fad3bd67-f291-4303-b223-cfbf2b3c91b0&nonce=bb96f1a0-2ff9-479b-95bc-f775b958dfce
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMkQ2LkI3MDAuNjM0Qi44M0MyIiwiZXhwIjoxNTMwODEwOTg1LCJpYXQiOjE1MzA4MDczODUsIm5vbmNlIjoiYmI5NmYxYTAtMmZmOS00NzliLTk1YmMtZjc3NWI5NThkZmNlIiwiYXV0aF90aW1lIjoxNTMwODA3Mzg1LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJRc2pFWXVoNUZSQms4YkJZcnlXR3h5YXRnSWxPNi13NG9nM3RhMGJzWkRFIn0.SR9eEnczWfl0Fwwp4eJ06qWOqkIoMW38UMM0xC7qn09OYAKiyVqqMdB7VQFywvsgTOgm9lVlBVWEy_sEGTA2VasZAffb_xDm4TxwE9n3pYxB5So5A1EQVmRL8ij8s0_i5DXHnzAvTmfMiQThSRDCVGXdZg754m28mx1cm06CPlaujZin2LDQYc4ZDYjo2NpucHimm6tvJAt_ySHj2c3oqXuSSyTyirn-2J4FM3qGvLKFQmAnoU8hQLYE-zBtXGHIpnnlr-dCcyg07BLMrQt5DPBNR6KkaWc9fWWQZBSccSbEbyGbFqMKkt7C5XVx5QyTAEpoP1l0OGwIMGHTRm4TQQ&session_id=6c1aca10-3082-4950-a2cd-86d1bd9ceae2&state=fad3bd67-f291-4303-b223-cfbf2b3c91b0&session_state=8d42e5e5-eb77-49b7-86b0-24c1cbf5d7b1
#######################################################
TEST: requestAuthorizationIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C392.ED8B.08FF.E05F",
"client_secret": "9137fde0-18d1-4502-873e-19c185d97a84",
"registration_access_token": "c591f795-3d38-4959-abf0-a561ee3114c9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C392.ED8B.08FF.E05F",
"client_id_issued_at": 1530807385,
"client_secret_expires_at": 1530893785,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c591f795-3d38-4959-abf0-a561ee3114c9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C392.ED8B.08FF.E05F",
"client_secret": "9137fde0-18d1-4502-873e-19c185d97a84",
"registration_access_token": "c591f795-3d38-4959-abf0-a561ee3114c9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C392.ED8B.08FF.E05F",
"client_id_issued_at": 1530807385,
"client_secret_expires_at": 1530893785,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C392.ED8B.08FF.E05F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=319372a7-0100-4f9d-afae-d1d8d9fcf9c4&nonce=d7345366-d339-46a1-b0dd-46fb649ccffa
12:16:46.879 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d79b9009-c5df-4e56-a626-b0ca8acfd7ce
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C392.ED8B.08FF.E05F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=319372a7-0100-4f9d-afae-d1d8d9fcf9c4&nonce=d7345366-d339-46a1-b0dd-46fb649ccffa
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMzkyLkVEOEIuMDhGRi5FMDVGIiwiZXhwIjoxNTMwODEwOTg2LCJpYXQiOjE1MzA4MDczODYsIm5vbmNlIjoiZDczNDUzNjYtZDMzOS00NmExLWIwZGQtNDZmYjY0OWNjZmZhIiwiYXV0aF90aW1lIjoxNTMwODA3Mzg2LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ5blZLVWw4bk0wMHRiUnNyd09VOUJ2RTZqZHVLVjlld1ZWa0ExUzRzRHdNIn0.O0Wr8IwUh0t2S7j1dYstzRG62528264z6btrngQo74ASGz5SzfcZbQn7bgKjmfggQeskHLVIlPZO6GNCXApyfJr_0-IPCFOPtZMKiDXRxBROE23iNy2XaBTdzKSqpW689X_F7jTG_xabrMBq9H1rIlLdj3idL0KpgaXetaUiNmVSKnGKr3VrRla3CZtaUKT_3eP-shQOco6XKZ2FzY7DoNbH2ucOuwrXBQurTdSkjGMA79RpwPKpt_QdeC7yhVoknS0jwTFnqpxsRX_sjNjiXSOpN2Zuw4vZV9NouFDUXaCRHwNRRPUhbnwqQreKxtQD0E8iieF5lrywaUosAEV3-A&session_id=93628996-303b-4258-b4b6-6bb0ed20f68e&state=319372a7-0100-4f9d-afae-d1d8d9fcf9c4&session_state=d79b9009-c5df-4e56-a626-b0ca8acfd7ce
#######################################################
TEST: requestAuthorizationPromptConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3EC0.E697.BCA9.469D",
"client_secret": "bff981cf-a0d3-4ff8-8497-be099f1ca75c",
"registration_access_token": "b5d4c5a8-20dd-41df-a765-117a9555daf9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3EC0.E697.BCA9.469D",
"client_id_issued_at": 1530807386,
"client_secret_expires_at": 1530893786,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b5d4c5a8-20dd-41df-a765-117a9555daf9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3EC0.E697.BCA9.469D",
"client_secret": "bff981cf-a0d3-4ff8-8497-be099f1ca75c",
"registration_access_token": "b5d4c5a8-20dd-41df-a765-117a9555daf9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3EC0.E697.BCA9.469D",
"client_id_issued_at": 1530807386,
"client_secret_expires_at": 1530893786,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213EC0.E697.BCA9.469D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5db35698-51da-4307-ab81-f139e75bcf84&prompt=consent
12:16:48.236 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:bc44fe80-5d13-4f73-a55e-1f25e48eeeb0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213EC0.E697.BCA9.469D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5db35698-51da-4307-ab81-f139e75bcf84&prompt=consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=dab4bb68-d222-47b6-90e5-dc66e4f659c9&scope=address+openid+profile+email&session_id=c2368a85-63a8-440e-b030-c33b46fafb2e&state=5db35698-51da-4307-ab81-f139e75bcf84&session_state=bc44fe80-5d13-4f73-a55e-1f25e48eeeb0
#######################################################
TEST: requestAuthorizationPromptConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!633C.20AF.CB9F.E330",
"client_secret": "41a26f1b-53af-4bb2-932a-40eb23baaa17",
"registration_access_token": "b4a6df71-0b42-44d0-86f8-3260a3215e01",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!633C.20AF.CB9F.E330",
"client_id_issued_at": 1530807388,
"client_secret_expires_at": 1530893788,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b4a6df71-0b42-44d0-86f8-3260a3215e01
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!633C.20AF.CB9F.E330",
"client_secret": "41a26f1b-53af-4bb2-932a-40eb23baaa17",
"registration_access_token": "b4a6df71-0b42-44d0-86f8-3260a3215e01",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!633C.20AF.CB9F.E330",
"client_id_issued_at": 1530807388,
"client_secret_expires_at": 1530893788,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21633C.20AF.CB9F.E330&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ac57cd00-7587-4641-a345-0b4df50f5f48&prompt=consent
12:16:49.601 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d0888e6d-ba9a-4aa4-b861-ceb00e3f4542
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21633C.20AF.CB9F.E330&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ac57cd00-7587-4641-a345-0b4df50f5f48&prompt=consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=5da3c1ee-2884-4f70-acf7-afa20c590e65&scope=address+openid+profile+email&session_id=38c74d96-4888-40a9-b28e-23ef632449a4&state=ac57cd00-7587-4641-a345-0b4df50f5f48&session_state=d0888e6d-ba9a-4aa4-b861-ceb00e3f4542
#######################################################
TEST: requestAuthorizationPromptLogin
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4A83.31F1.F221.EB8D",
"client_secret": "fac53014-fd9f-47a2-83d7-fa5fe4e65637",
"registration_access_token": "9b6d6f98-d00d-43a8-9a53-d6cef17a23f9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4A83.31F1.F221.EB8D",
"client_id_issued_at": 1530807389,
"client_secret_expires_at": 1530893789,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9b6d6f98-d00d-43a8-9a53-d6cef17a23f9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4A83.31F1.F221.EB8D",
"client_secret": "fac53014-fd9f-47a2-83d7-fa5fe4e65637",
"registration_access_token": "9b6d6f98-d00d-43a8-9a53-d6cef17a23f9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4A83.31F1.F221.EB8D",
"client_id_issued_at": 1530807389,
"client_secret_expires_at": 1530893789,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214A83.31F1.F221.EB8D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=74ccc6d7-bc45-4d76-a57d-1f6cfdb53977&prompt=login
12:16:51.072 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:91d19035-19a2-43e1-a49f-fe4edd68289d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214A83.31F1.F221.EB8D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=74ccc6d7-bc45-4d76-a57d-1f6cfdb53977&prompt=login
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=3ae85350-e843-4881-88a1-301ec0b23feb&scope=address+openid+profile+email&session_id=1819936d-77b8-4dc9-80f4-20500f8af106&state=74ccc6d7-bc45-4d76-a57d-1f6cfdb53977&session_state=91d19035-19a2-43e1-a49f-fe4edd68289d
#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0F14.467C.581C.F337",
"client_secret": "029e30ca-9441-46a9-b998-5eed37f3ce97",
"registration_access_token": "498ac849-998a-4d4c-a4f3-df81bfbf958e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0F14.467C.581C.F337",
"client_id_issued_at": 1530807391,
"client_secret_expires_at": 1530893791,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 498ac849-998a-4d4c-a4f3-df81bfbf958e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0F14.467C.581C.F337",
"client_secret": "029e30ca-9441-46a9-b998-5eed37f3ce97",
"registration_access_token": "498ac849-998a-4d4c-a4f3-df81bfbf958e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0F14.467C.581C.F337",
"client_id_issued_at": 1530807391,
"client_secret_expires_at": 1530893791,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210F14.467C.581C.F337&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ef979ddc-e314-4116-8230-7e07946fd731&prompt=login+consent
12:16:52.519 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:21efa758-41be-4fea-88be-6ca245fb7b41
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210F14.467C.581C.F337&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ef979ddc-e314-4116-8230-7e07946fd731&prompt=login+consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=1102afe5-cdbc-49c5-9f48-c5069141a5a2&scope=address+openid+profile+email&session_id=347c883e-2ada-4a94-ac09-3619d4da757c&state=ef979ddc-e314-4116-8230-7e07946fd731&session_state=21efa758-41be-4fea-88be-6ca245fb7b41
#######################################################
TEST: requestAuthorizationPromptLoginConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D403.6D57.231A.F443",
"client_secret": "62ee9bdc-4990-42a2-a626-03d201a8001b",
"registration_access_token": "7dc6bedb-54b9-4c7a-a82b-c4e710e27659",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D403.6D57.231A.F443",
"client_id_issued_at": 1530807392,
"client_secret_expires_at": 1530893792,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7dc6bedb-54b9-4c7a-a82b-c4e710e27659
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D403.6D57.231A.F443",
"client_secret": "62ee9bdc-4990-42a2-a626-03d201a8001b",
"registration_access_token": "7dc6bedb-54b9-4c7a-a82b-c4e710e27659",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D403.6D57.231A.F443",
"client_id_issued_at": 1530807392,
"client_secret_expires_at": 1530893792,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D403.6D57.231A.F443&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=44b53214-854e-4ff8-9d51-0778c04244ca&prompt=login+consent
12:16:53.956 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:185aa9df-e6d4-4af5-86b3-839e9785f5d4
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D403.6D57.231A.F443&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=44b53214-854e-4ff8-9d51-0778c04244ca&prompt=login+consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=834d5acc-fa17-4017-b56d-e515a0d9bc8d&scope=address+openid+profile+email&session_id=55fc5389-6306-4ebd-9704-4ba6d3576e84&state=44b53214-854e-4ff8-9d51-0778c04244ca&session_state=185aa9df-e6d4-4af5-86b3-839e9785f5d4
#######################################################
TEST: requestAuthorizationPromptNoneFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2500.FE1D.2638.EB43",
"client_secret": "2e900138-ceb6-4416-806f-97796a5ae5dc",
"registration_access_token": "4da8d651-0bf1-426e-9d4b-672d7fa08f0f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2500.FE1D.2638.EB43",
"client_id_issued_at": 1530807393,
"client_secret_expires_at": 1530893793,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 4da8d651-0bf1-426e-9d4b-672d7fa08f0f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2500.FE1D.2638.EB43",
"client_secret": "2e900138-ceb6-4416-806f-97796a5ae5dc",
"registration_access_token": "4da8d651-0bf1-426e-9d4b-672d7fa08f0f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2500.FE1D.2638.EB43",
"client_id_issued_at": 1530807393,
"client_secret_expires_at": 1530893793,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212500.FE1D.2638.EB43&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6859e7a0-76af-467f-942c-50a4b2db7c91&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+Authorization+Server+requires+End-User+authentication.+This+error+MAY+be+returned+when+the+prompt+parameter+in+the+Authorization+Request+is+set+to+none+to+request+that+the+Authorization+Server+should+not+display+any+user+interfaces+to+the+End-User%2C+but+the+Authorization+Request+cannot+be+completed+without+displaying+a+user+interface+for+user+authentication.&state=6859e7a0-76af-467f-942c-50a4b2db7c91&error=login_required
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DF10.80A9.56A1.BFBF",
"client_secret": "f1260948-e74a-490f-87b3-7c3b880b41f7",
"registration_access_token": "d42de864-fedb-48c5-aab1-812531dfe099",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DF10.80A9.56A1.BFBF",
"client_id_issued_at": 1530807394,
"client_secret_expires_at": 1530893794,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d42de864-fedb-48c5-aab1-812531dfe099
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DF10.80A9.56A1.BFBF",
"client_secret": "f1260948-e74a-490f-87b3-7c3b880b41f7",
"registration_access_token": "d42de864-fedb-48c5-aab1-812531dfe099",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DF10.80A9.56A1.BFBF",
"client_id_issued_at": 1530807394,
"client_secret_expires_at": 1530893794,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DF10.80A9.56A1.BFBF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=06c78c97-b457-471e-8a62-3d03dd7f73e2&prompt=none+login+consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=06c78c97-b457-471e-8a62-3d03dd7f73e2&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationPromptNoneTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4D69.CB1C.F072.3930",
"client_secret": "63828ecc-60f4-49bd-b8b2-b5298bb6f467",
"registration_access_token": "15b2f82d-087a-4f6a-8aba-5c5f6915a883",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4D69.CB1C.F072.3930",
"client_id_issued_at": 1530807394,
"client_secret_expires_at": 1530893794,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 15b2f82d-087a-4f6a-8aba-5c5f6915a883
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4D69.CB1C.F072.3930",
"client_secret": "63828ecc-60f4-49bd-b8b2-b5298bb6f467",
"registration_access_token": "15b2f82d-087a-4f6a-8aba-5c5f6915a883",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4D69.CB1C.F072.3930",
"client_id_issued_at": 1530807394,
"client_secret_expires_at": 1530893794,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214D69.CB1C.F072.3930&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=11d089af-46b0-4c49-a16b-48de0687cf30&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=ff47c08e-1a98-466c-8185-0f9a9fb04e08&scope=address+openid+profile+email&session_id=5044ed15-5e0b-450d-9ea8-e40adc6af528&state=11d089af-46b0-4c49-a16b-48de0687cf30&session_state=218743d5-3812-4109-9b66-48be3a93ac65
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDCA.788A.ADD1.816E",
"client_secret": "1cfb19f0-3077-4e07-ab33-5836267c3ffc",
"registration_access_token": "3c7f3b23-de27-47cf-9b3b-ad95deb7892c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDCA.788A.ADD1.816E",
"client_id_issued_at": 1530807394,
"client_secret_expires_at": 1530893794,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 3c7f3b23-de27-47cf-9b3b-ad95deb7892c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDCA.788A.ADD1.816E",
"client_secret": "1cfb19f0-3077-4e07-ab33-5836267c3ffc",
"registration_access_token": "3c7f3b23-de27-47cf-9b3b-ad95deb7892c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDCA.788A.ADD1.816E",
"client_id_issued_at": 1530807394,
"client_secret_expires_at": 1530893794,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CDCA.788A.ADD1.816E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a9f681e8-785c-45a5-b8b4-bdcc95fbe448&nonce=f1b96037-39fd-4afc-a3c6-6b84ee95656c
12:16:56.147 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:86e3bb20-ee4e-4ef4-97bb-8d399bda6b48
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CDCA.788A.ADD1.816E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a9f681e8-785c-45a5-b8b4-bdcc95fbe448&nonce=f1b96037-39fd-4afc-a3c6-6b84ee95656c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=de7d35bf-c80f-4fa9-a6fe-29e4a62126e4&scope=address+openid+profile+email&session_id=eb80bccb-7190-4372-a0ae-59d3be3a5589&state=a9f681e8-785c-45a5-b8b4-bdcc95fbe448&token_type=bearer&session_state=86e3bb20-ee4e-4ef4-97bb-8d399bda6b48&expires_in=299
#######################################################
TEST: requestAuthorizationTokenCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1992.F31D.6F59.CC76",
"client_secret": "811aad64-6ce0-49be-b6f5-0586c27d29c9",
"registration_access_token": "96a93286-4dd1-4411-8e46-4d35c4dde9e2",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1992.F31D.6F59.CC76",
"client_id_issued_at": 1530807396,
"client_secret_expires_at": 1530893796,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 96a93286-4dd1-4411-8e46-4d35c4dde9e2
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1992.F31D.6F59.CC76",
"client_secret": "811aad64-6ce0-49be-b6f5-0586c27d29c9",
"registration_access_token": "96a93286-4dd1-4411-8e46-4d35c4dde9e2",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1992.F31D.6F59.CC76",
"client_id_issued_at": 1530807396,
"client_secret_expires_at": 1530893796,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211992.F31D.6F59.CC76&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2d4088e9-8889-4c50-a16d-40d0f21f3c9e&nonce=df7215b6-5d29-45b3-9f54-e3dfebd4be93
12:16:57.488 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:df4e5652-1100-4fc9-bdfa-99e4d7ecc21d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211992.F31D.6F59.CC76&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2d4088e9-8889-4c50-a16d-40d0f21f3c9e&nonce=df7215b6-5d29-45b3-9f54-e3dfebd4be93
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=865dd2a4-92af-4d6c-8deb-8e90bff9f4b5&code=6a77d29d-cb80-45b0-b106-5cadd1024eff&scope=address+openid+profile+email&session_id=28a986c8-9b33-4943-8950-204c69c05b63&state=2d4088e9-8889-4c50-a16d-40d0f21f3c9e&token_type=bearer&session_state=df4e5652-1100-4fc9-bdfa-99e4d7ecc21d&expires_in=299
#######################################################
TEST: requestAuthorizationTokenCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6AC1.D858.4F85.7AED",
"client_secret": "a1e9be1e-e9bb-41dd-9556-8434782d8dd6",
"registration_access_token": "5af7f8b4-5a69-4c3c-9948-794702d3ebbb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6AC1.D858.4F85.7AED",
"client_id_issued_at": 1530807397,
"client_secret_expires_at": 1530893797,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 5af7f8b4-5a69-4c3c-9948-794702d3ebbb
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6AC1.D858.4F85.7AED",
"client_secret": "a1e9be1e-e9bb-41dd-9556-8434782d8dd6",
"registration_access_token": "5af7f8b4-5a69-4c3c-9948-794702d3ebbb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6AC1.D858.4F85.7AED",
"client_id_issued_at": 1530807397,
"client_secret_expires_at": 1530893797,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216AC1.D858.4F85.7AED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=61b67cee-01bf-47ca-aa05-44dc04380814&nonce=316aa4ba-69da-4a91-8e6a-0ad83af2f09a
12:16:58.863 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a06f2afd-5601-4a74-b781-f2cd04c915c8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216AC1.D858.4F85.7AED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=61b67cee-01bf-47ca-aa05-44dc04380814&nonce=316aa4ba-69da-4a91-8e6a-0ad83af2f09a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=e083db8f-41d9-4784-aae3-d11869de6b66&code=560c9f40-7908-4a81-8557-d47467bbe974&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2QUMxLkQ4NTguNEY4NS43QUVEIiwiZXhwIjoxNTMwODEwOTk4LCJpYXQiOjE1MzA4MDczOTgsIm5vbmNlIjoiMzE2YWE0YmEtNjlkYS00YTkxLThlNmEtMGFkODNhZjJmMDlhIiwiYXV0aF90aW1lIjoxNTMwODA3Mzk4LCJjX2hhc2giOiI4RkVwQ1daWmNLa2R1NXN6SDVoTzBRIiwiYXRfaGFzaCI6IkRQV3hsOEhSR2JlOEZkWjluR2ZodXciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJhY2h2OUJqX21aLW1FVEcwSHNISGNGWkhVZC1od2dvY2k2YW0wUEdjOXp3In0.Fr1AsfkKT2XwhFWAHUwgQxpnO-qm7AOlBkrdUXdWjTpMr227afEsO0I3I9_z2E5KH-pdbKSyYAtqJk8Uf8Rr0OrgVqVp30aU-1EVSulpwUFxzjo6hOkvJr5ZrQZY_Hqf1lUk-4F0wUXwLpAEfD-0FASI0NRuqdsdTiyrIh_JsS7u8GAHjE-vvsfXwzEizSQ-hFA0j5JMY4xzapbmLvFsoV85_9tOVwBy6__hlao8WLiVqO0OLd8zCQGTECORazNAKEhEs-_E9PcJSzK2bIbmAi0uHmM_sIA06h6gftgHsSgoZYiCqFZtWXgf_ZCSnDghhIefklCMYMD4MlCU_96ncA&session_id=f94d1e29-6b35-4e37-b15b-33965f32af0f&state=61b67cee-01bf-47ca-aa05-44dc04380814&token_type=bearer&session_state=a06f2afd-5601-4a74-b781-f2cd04c915c8&expires_in=299
#######################################################
TEST: requestAuthorizationTokenCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4E3.7AE6.B6F4.81FD",
"client_secret": "2e8d55de-2462-4174-8ce1-e86307ddef0d",
"registration_access_token": "01de3f14-e156-4b18-b1c0-c0201c1ba98a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4E3.7AE6.B6F4.81FD",
"client_id_issued_at": 1530807398,
"client_secret_expires_at": 1530893798,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 01de3f14-e156-4b18-b1c0-c0201c1ba98a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4E3.7AE6.B6F4.81FD",
"client_secret": "2e8d55de-2462-4174-8ce1-e86307ddef0d",
"registration_access_token": "01de3f14-e156-4b18-b1c0-c0201c1ba98a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4E3.7AE6.B6F4.81FD",
"client_id_issued_at": 1530807398,
"client_secret_expires_at": 1530893798,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C4E3.7AE6.B6F4.81FD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f11f493e-f391-4c38-950e-8163791be10a&nonce=631f08da-fdd1-491e-8c36-51c5d28774d1
12:17:00.192 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2a7133c7-1e70-4461-8df5-7bead0c43025
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C4E3.7AE6.B6F4.81FD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f11f493e-f391-4c38-950e-8163791be10a&nonce=631f08da-fdd1-491e-8c36-51c5d28774d1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=3ac9ac94-b7a0-4c78-a209-2f0301c7f591&code=acf28809-7f87-4c4e-8786-788fd3cb7e95&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDNEUzLjdBRTYuQjZGNC44MUZEIiwiZXhwIjoxNTMwODExMDAwLCJpYXQiOjE1MzA4MDc0MDAsIm5vbmNlIjoiNjMxZjA4ZGEtZmRkMS00OTFlLThjMzYtNTFjNWQyODc3NGQxIiwiYXV0aF90aW1lIjoxNTMwODA3Mzk5LCJjX2hhc2giOiI1MUZISlhuS1BjSGNLTVl6VWZ3MFVnIiwiYXRfaGFzaCI6IkpTRHJlVzBMb3lhNHhUeTVZQmJYeXciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJuTG02QjVqSE5xanZMdmFYMk5BLWkyVW82bXFHUHlxTXd4X0hPN1dVRms0In0.GV-qrESfPScCVIJFg--AbWaOyxdkJmuRf5onOPtR6b92AZ5rU0JuvAHjGkreF2MA0Gzw5svMhMOSMmEx4FiC2PH2B4E7Sd7UhlVPosXXWUAdbYl4YGPysfEK5HYhiXt2p78ERqufDRumBFMQA8EON46aVZ1pKM60sO8bKkvZfHp9z8_ZNxw1WabRrJZ_TxwomHcRthzGLfw-h9UjktYHjqiymzQo8tvLo5JTA47z5BfIdwqChmksDcaUzdiPygHmWSuFllCnLbgjr7kLLm1-rVRFvHUnWZnxUrSulBeJjF1qg7zJIYQ7AW5TQuethOgqfFe6-pZ1ZWwWEoo7Mklv8g&session_id=613c04f4-0f4f-4177-bbb2-321a06284eec&state=f11f493e-f391-4c38-950e-8163791be10a&token_type=bearer&session_state=2a7133c7-1e70-4461-8df5-7bead0c43025&expires_in=299
#######################################################
TEST: requestAuthorizationTokenCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0F71.CA13.7D65.BFDF",
"client_secret": "ced70274-b3dd-473c-94fd-775c46435ab4",
"registration_access_token": "7cb2b219-8dd7-4981-a17e-1db7c338ac1a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0F71.CA13.7D65.BFDF",
"client_id_issued_at": 1530807400,
"client_secret_expires_at": 1530893800,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7cb2b219-8dd7-4981-a17e-1db7c338ac1a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0F71.CA13.7D65.BFDF",
"client_secret": "ced70274-b3dd-473c-94fd-775c46435ab4",
"registration_access_token": "7cb2b219-8dd7-4981-a17e-1db7c338ac1a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0F71.CA13.7D65.BFDF",
"client_id_issued_at": 1530807400,
"client_secret_expires_at": 1530893800,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210F71.CA13.7D65.BFDF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=348605f4-9cee-46cd-9c7d-0d0e084c5e42&nonce=4202cd74-688f-4da4-8f9d-9b3d118eb723
12:17:01.945 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:25b9c8ef-89e6-4a46-a42f-c499ad262e24
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210F71.CA13.7D65.BFDF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=348605f4-9cee-46cd-9c7d-0d0e084c5e42&nonce=4202cd74-688f-4da4-8f9d-9b3d118eb723
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=394fa88b-94db-4ac3-8eec-9531eac7f912&code=601d76e3-2800-4432-bbe1-5976d8956381&scope=address+openid+profile+email&session_id=664d469b-ab9d-4be8-a40b-669153dfb93f&state=348605f4-9cee-46cd-9c7d-0d0e084c5e42&token_type=bearer&session_state=25b9c8ef-89e6-4a46-a42f-c499ad262e24&expires_in=299
#######################################################
TEST: requestAuthorizationTokenFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=token&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b3b4b52b-077f-477c-833a-4ac80a112a4e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 222
Content-Type: text/plain
Date: Thu, 05 Jul 2018 16:16:42 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.","state":"b3b4b52b-077f-477c-833a-4ac80a112a4e"}
#######################################################
TEST: requestAuthorizationTokenFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1500.EB81.1B63.2AD8",
"client_secret": "96ffa56d-2943-499e-b519-7d0d82e10896",
"registration_access_token": "ad7d2495-fb80-4a0e-a08a-2e584f59ba91",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1500.EB81.1B63.2AD8",
"client_id_issued_at": 1530807402,
"client_secret_expires_at": 1530893802,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ad7d2495-fb80-4a0e-a08a-2e584f59ba91
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1500.EB81.1B63.2AD8",
"client_secret": "96ffa56d-2943-499e-b519-7d0d82e10896",
"registration_access_token": "ad7d2495-fb80-4a0e-a08a-2e584f59ba91",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1500.EB81.1B63.2AD8",
"client_id_issued_at": 1530807402,
"client_secret_expires_at": 1530893802,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211500.EB81.1B63.2AD8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c9ec58c2-cd92-451e-8ab0-5017848ec6ba&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:42 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=c9ec58c2-cd92-451e-8ab0-5017848ec6ba&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationTokenIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA15.F436.C7BB.0B63",
"client_secret": "7f19ed17-b4b1-4d05-be9b-c7faabacc9c7",
"registration_access_token": "01de1acf-7149-412b-9dba-408f1cdc45f6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA15.F436.C7BB.0B63",
"client_id_issued_at": 1530807402,
"client_secret_expires_at": 1530893802,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 01de1acf-7149-412b-9dba-408f1cdc45f6
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA15.F436.C7BB.0B63",
"client_secret": "7f19ed17-b4b1-4d05-be9b-c7faabacc9c7",
"registration_access_token": "01de1acf-7149-412b-9dba-408f1cdc45f6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA15.F436.C7BB.0B63",
"client_id_issued_at": 1530807402,
"client_secret_expires_at": 1530893802,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FA15.F436.C7BB.0B63&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=549e8554-1f0e-4868-8dc9-12d3260ab8f6&nonce=8c11613b-9068-432b-93d0-1c2f7afdb49b
12:17:04.290 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1edcc597-fef4-445d-8fd5-35cb8b132932
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FA15.F436.C7BB.0B63&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=549e8554-1f0e-4868-8dc9-12d3260ab8f6&nonce=8c11613b-9068-432b-93d0-1c2f7afdb49b
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=3db75e67-5d24-4397-b7d3-c98a6b348937&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQTE1LkY0MzYuQzdCQi4wQjYzIiwiZXhwIjoxNTMwODExMDA0LCJpYXQiOjE1MzA4MDc0MDQsIm5vbmNlIjoiOGMxMTYxM2ItOTA2OC00MzJiLTkzZDAtMWMyZjdhZmRiNDliIiwiYXV0aF90aW1lIjoxNTMwODA3NDA0LCJhdF9oYXNoIjoiTXpVMWR3UFBKYmlvRkNya0lSN1Y4QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Il8xajBDUXpDaldDZ3U5azBZbHhGSG9MTUFKTU5Ya1JiTTBmcTJpUXFSZlUifQ.NmYz4rqKzNjeS5topsNssrGdxyIPskh3Iq5lEM-NRvWYvTqyZJvpkoicn_MXZWm_YZuj8Aex9u4n1_GR2qqZ3XV9urY3s-0byguLoi5nyK3gvOcHBFKGGClp28fgtWNN521_Xr5jajC7EqhSj1Yv9Kun-K8AJBktoM9ERpb3SfP0ctz9fL-8tv2zM2b8eUFpBXYCIPl2C72-FerOsl2RW6zIar8wh_k_fGACMZQ1ez11wlpIQX6gGrVPXXqj75J_KQAQD3Z3YLn9n4yv_ye1Zz254k3gU0uDLGCNR6nlUCwxkFu93tAPHkEruDSmuy0eqDexkNBBvjYu2qzA3HP9-Q&session_id=d9b09960-eab9-48f0-9bf6-0c27de3b91bd&state=549e8554-1f0e-4868-8dc9-12d3260ab8f6&token_type=bearer&session_state=1edcc597-fef4-445d-8fd5-35cb8b132932&expires_in=299
#######################################################
TEST: requestAuthorizationTokenIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A1B.53A3.4BF9.C4CA",
"client_secret": "a6129dad-1778-49b2-8dc9-a1ddbee20f20",
"registration_access_token": "59286e6b-aacd-49c7-abe8-3543074990cc",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A1B.53A3.4BF9.C4CA",
"client_id_issued_at": 1530807404,
"client_secret_expires_at": 1530893804,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 59286e6b-aacd-49c7-abe8-3543074990cc
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A1B.53A3.4BF9.C4CA",
"client_secret": "a6129dad-1778-49b2-8dc9-a1ddbee20f20",
"registration_access_token": "59286e6b-aacd-49c7-abe8-3543074990cc",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A1B.53A3.4BF9.C4CA",
"client_id_issued_at": 1530807404,
"client_secret_expires_at": 1530893804,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212A1B.53A3.4BF9.C4CA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=535b59f7-ddea-4d93-861e-54cc16a3208c&nonce=ee49b49c-f776-4bda-ada5-2b56212abebc
12:17:05.926 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b2fd9aff-c22c-43fa-a495-7195841f84be
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212A1B.53A3.4BF9.C4CA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=535b59f7-ddea-4d93-861e-54cc16a3208c&nonce=ee49b49c-f776-4bda-ada5-2b56212abebc
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=f6aa96d4-dfdc-4af0-8bc7-7859ed4d37b8&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyQTFCLjUzQTMuNEJGOS5DNENBIiwiZXhwIjoxNTMwODExMDA1LCJpYXQiOjE1MzA4MDc0MDUsIm5vbmNlIjoiZWU0OWI0OWMtZjc3Ni00YmRhLWFkYTUtMmI1NjIxMmFiZWJjIiwiYXV0aF90aW1lIjoxNTMwODA3NDA1LCJhdF9oYXNoIjoibjVXNDlpdXRsM0ZJT2RrWVBjQzJ3dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImsyZ1RKMFp5VHJ1amJ3RDJtTXNMUDRRWFRTbWZBT1Etd214N2xWRWphNmsifQ.sLLC6hcI_ssJ4qKgw58HayJoIXA1KAiGNsPlbdJQKZLOylIV5tTWy1S1hpjjiKBZfQcaG8xtMslUMXJiG_u4t6AqoSqNO7x0q7p3dZT4Q_ldOZyCZnpT9Qsavn_IEM1NRH2Jmk9uC2CHEBL1QrNH0TtqhrYk4Dc9xfmLFGg34_Nzh1dt6uRUzdapKEUtW98m2xCLPfTNrd4SedBWNdhse6r2pxqFu74cIXmLtu9yeDgSNQ68ZS6syX8mXcGOPnqXBpDrDbRvtt2FZunXi7Ug451zJ4w_8FYkI5-xnPJ7Yzv4GtrSEw26ZY75VKGUCTby4_WtDS2WdIPo6xWmU-cmLg&session_id=c7bc0025-914c-4fe9-bd0c-7f3fb6f93ae4&state=535b59f7-ddea-4d93-861e-54cc16a3208c&token_type=bearer&session_state=b2fd9aff-c22c-43fa-a495-7195841f84be&expires_in=299
#######################################################
TEST: requestAuthorizationTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:46 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C5C1.F513.6BAB.A08C",
"client_secret": "259cb572-cb8b-4419-9309-536a5791fe80",
"registration_access_token": "7b6d1b1d-60bd-40da-8b05-419a9a6414e9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C5C1.F513.6BAB.A08C",
"client_id_issued_at": 1530807406,
"client_secret_expires_at": 1530893806,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7b6d1b1d-60bd-40da-8b05-419a9a6414e9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:46 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C5C1.F513.6BAB.A08C",
"client_secret": "259cb572-cb8b-4419-9309-536a5791fe80",
"registration_access_token": "7b6d1b1d-60bd-40da-8b05-419a9a6414e9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C5C1.F513.6BAB.A08C",
"client_id_issued_at": 1530807406,
"client_secret_expires_at": 1530893806,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C5C1.F513.6BAB.A08C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f4e3c5b2-0a4b-4e68-87a0-8790b25a99dd&nonce=b7318016-d9bc-4530-92ba-dd6161a4cd07
12:17:07.492 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f41b2d65-87a1-4160-a860-6656bbe07016
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C5C1.F513.6BAB.A08C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f4e3c5b2-0a4b-4e68-87a0-8790b25a99dd&nonce=b7318016-d9bc-4530-92ba-dd6161a4cd07
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=aec40984-a31b-4156-8488-44fff299e8fe&scope=address+openid+profile+email&session_id=fa5ffd8b-a728-44b0-9d6f-7c632ab2f39a&state=f4e3c5b2-0a4b-4e68-87a0-8790b25a99dd&token_type=bearer&session_state=f41b2d65-87a1-4160-a860-6656bbe07016&expires_in=299
#######################################################
TEST: requestAuthorizationWithoutScope
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B09.6C93.FC89.B217",
"client_secret": "ebd97caa-b880-4288-a2aa-dce980d0a7df",
"registration_access_token": "39db6b7c-69c3-4243-bcf3-7757eb0cc00f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B09.6C93.FC89.B217",
"client_id_issued_at": 1530807407,
"client_secret_expires_at": 1530893807,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 39db6b7c-69c3-4243-bcf3-7757eb0cc00f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B09.6C93.FC89.B217",
"client_secret": "ebd97caa-b880-4288-a2aa-dce980d0a7df",
"registration_access_token": "39db6b7c-69c3-4243-bcf3-7757eb0cc00f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B09.6C93.FC89.B217",
"client_id_issued_at": 1530807407,
"client_secret_expires_at": 1530893807,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217B09.6C93.FC89.B217&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a36b6dd-11b6-445b-b60b-bb63394a0248&nonce=3c596115-6a05-4f4d-8022-8c611bb747d6
12:17:08.818 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7b317c86-6b8a-44ad-b3bd-fc75fffbc86b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217B09.6C93.FC89.B217&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a36b6dd-11b6-445b-b60b-bb63394a0248&nonce=3c596115-6a05-4f4d-8022-8c611bb747d6
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=82b0398d-6f63-467a-a1de-413d1a68c871&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjA5LjZDOTMuRkM4OS5CMjE3IiwiZXhwIjoxNTMwODExMDA4LCJpYXQiOjE1MzA4MDc0MDgsIm5vbmNlIjoiM2M1OTYxMTUtNmEwNS00ZjRkLTgwMjItOGM2MTFiYjc0N2Q2IiwiYXV0aF90aW1lIjoxNTMwODA3NDA4LCJjX2hhc2giOiJObloxTzJqa2pqR3EyLXlZNHd6ZWxnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiaVdTMktOZVNwNUZzRGdGODVlWUdNX1JyVWNaVmMtNlFrOWtrVm42OFJPOCJ9.qTC2IR7MQNrT32Yz9_PLMrgQK5tC3NUZu-ZUguGxmGaPUcJHslYhow8ndNIs3XVmImoepGqsqWpPjGt7XEtsV7CZJMN44U3vU0PG8IK1e9BJbv1qicXsCa_gPXY4RfuGDd-VBjc08taMYgUgMsjuikY34C7TKpsuZUFVIl5UGhSqNE7Eo1v2ZanNMdInJiJWwz1xgssi0szlsXxJC2TvuiCNUBLMech8uGGUADFQaun0MWn6k5h_CT0E-Ve_7g52zMPetcqiUfKnjqgiodMJULflILqxcxIts18TYc3mJLEPISriO7DmliDdqHU5l-bRj-3sVlcOs-n3zHYwSML8ow&session_id=6b97e6a0-257f-461c-9ca0-6fb0e846b391&state=8a36b6dd-11b6-445b-b60b-bb63394a0248&session_state=7b317c86-6b8a-44ad-b3bd-fc75fffbc86b
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:48 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:48 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestSessionIdAuthorizationCode1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E881.39CA.8753.FE73",
"client_secret": "d1986692-b5b9-47ca-b185-df2be99a4741",
"registration_access_token": "b0d0ae4a-f585-4c58-82e3-5ca9c8ecba4a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E881.39CA.8753.FE73",
"client_id_issued_at": 1530807408,
"client_secret_expires_at": 1530893808,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b0d0ae4a-f585-4c58-82e3-5ca9c8ecba4a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E881.39CA.8753.FE73",
"client_secret": "d1986692-b5b9-47ca-b185-df2be99a4741",
"registration_access_token": "b0d0ae4a-f585-4c58-82e3-5ca9c8ecba4a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E881.39CA.8753.FE73",
"client_id_issued_at": 1530807408,
"client_secret_expires_at": 1530893808,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E881.39CA.8753.FE73&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=00d47f99-75b3-4277-bac4-3cfac1ebd7b0
12:17:10.237 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:2ab67e5a-1544-4152-aa5d-b87b8c281644
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E881.39CA.8753.FE73&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=00d47f99-75b3-4277-bac4-3cfac1ebd7b0
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E881.39CA.8753.FE73&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0eabe212-ed51-453b-b241-021a5757fe2e
12:17:10.418 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9aa32f9b-83db-49a5-a7ea-848d4f06fd6a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E881.39CA.8753.FE73&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0eabe212-ed51-453b-b241-021a5757fe2e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7d1fbd20-02e1-49b0-b776-983b17fa7471&scope=address+openid+profile+email&session_id=721a68cd-56fa-49fb-aa9a-7b7724e41126&state=0eabe212-ed51-453b-b241-021a5757fe2e&session_state=9aa32f9b-83db-49a5-a7ea-848d4f06fd6a
#######################################################
TEST: requestSessionIdAuthorizationCode2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8E81.7C93.C0B0.FCD5",
"client_secret": "bb4e0a79-5403-4e17-b337-1aa7b76fb317",
"registration_access_token": "6f17299f-702d-4271-837b-4640ea7a2aa5",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8E81.7C93.C0B0.FCD5",
"client_id_issued_at": 1530807410,
"client_secret_expires_at": 1530893810,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 6f17299f-702d-4271-837b-4640ea7a2aa5
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8E81.7C93.C0B0.FCD5",
"client_secret": "bb4e0a79-5403-4e17-b337-1aa7b76fb317",
"registration_access_token": "6f17299f-702d-4271-837b-4640ea7a2aa5",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8E81.7C93.C0B0.FCD5",
"client_id_issued_at": 1530807410,
"client_secret_expires_at": 1530893810,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218E81.7C93.C0B0.FCD5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8954a1c7-b9b9-4c08-b9ea-5eeb396ab5a9
12:17:11.636 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:36f864b6-e630-4d5f-b53a-dfcc792fa6ae
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218E81.7C93.C0B0.FCD5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8954a1c7-b9b9-4c08-b9ea-5eeb396ab5a9
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218E81.7C93.C0B0.FCD5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1cc73c17-1f04-4cbb-8cb6-2cb79f6a875c
12:17:11.846 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:abf65468-d293-44da-80e5-7a13f973c551
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218E81.7C93.C0B0.FCD5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1cc73c17-1f04-4cbb-8cb6-2cb79f6a875c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=1ab860cb-23c4-4834-9e90-f8a99ca908bb&scope=address+openid+profile+email&session_id=ed7d3e60-6636-4327-bd29-99a6f8f01796&state=1cc73c17-1f04-4cbb-8cb6-2cb79f6a875c&session_state=abf65468-d293-44da-80e5-7a13f973c551
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:51 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:51 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestClientRegistrationWithCustomAttributes
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token",
"id_token"
],
"grant_types": ["password"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true",
"myCustomAttr1": "47bef256-89be-4f17-8c4e-bf56f35c5aa4"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1445
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7EF3.6B30.7AD2.08EA",
"client_secret": "7cef3d27-2dba-40f9-b2e7-425b00c7b29b",
"registration_access_token": "43cc99a1-742c-4d22-a4f6-49f103aa7df4",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7EF3.6B30.7AD2.08EA",
"client_id_issued_at": 1530807411,
"client_secret_expires_at": 1530893811,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
#######################################################
TEST: requestAccessTokenCustomClientAuth1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217EF3.6B30.7AD2.08EA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ee3b2450-5ed5-4d6f-9685-7ce8dfceeb80&nonce=fabc6fa1-40d7-46d1-a981-86f0efc22dac&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=929b4ca0-0e82-4be2-8782-b344c088d8d9&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3RUYzLjZCMzAuN0FEMi4wOEVBIiwiZXhwIjoxNTMwODExMDEyLCJpYXQiOjE1MzA4MDc0MTIsIm5vbmNlIjoiZmFiYzZmYTEtNDBkNy00NmQxLWE5ODEtODZmMGVmYzIyZGFjIiwiYXV0aF90aW1lIjoxNTMwODA3NDEyLCJjX2hhc2giOiJkTVNiNmlxWGdfV0huNHBPNW9zZkF3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoid3c1TVlYdDZSNkZ1Qm9meFAzWmQ0cGtzTHJUZzdWTEV4YzBfWVp1R0JfNCJ9.AxA4d5yX_MeD3Q1TeDhaU57L0ZqupaUGDF5u8S0MbUx7ag5NX4zL24eR9ybF-5T6b0lBYvJp0LNzFYAM21JVgA0G9ildDavMjowPZ4LoO-IaJayIy-P4KoJy1qLC5Rg-il7gH6AC1bPg8opCKl_Tk2j7THyh9e3FvjJw6qrte4gIzwT_TZF-4HIr2YfCpVPY_vDVY7kKwsrvkiRq-e1FqYKLs1FNKtGWd3k7z_fdjxFKhXiLbQNw8VGuN2EPJFBN9eCkzDScDTgky2Pi7k0fcBdZylYrqybQz0ROuRPs_roDC1kgHqW0AD9yxdhGyG4XQ570eG50Dz0QJaM1hvjEaQ&session_id=edc3f6ab-15af-464b-973e-77a1f74f380c&state=ee3b2450-5ed5-4d6f-9685-7ce8dfceeb80&session_state=04b6b9ec-8358-4a00-ae98-8eb44e49d96b
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=authorization_code&code=929b4ca0-0e82-4be2-8782-b344c088d8d9&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&myCustomAttr1=47bef256-89be-4f17-8c4e-bf56f35c5aa4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"bc92e1dc-0777-4f5c-a855-7580c853b4c0","token_type":"bearer","expires_in":299,"refresh_token":"b53dff9c-0b8c-4ab7-8756-88e5abb965ed","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3RUYzLjZCMzAuN0FEMi4wOEVBIiwiZXhwIjoxNTMwODExMDEyLCJpYXQiOjE1MzA4MDc0MTIsIm5vbmNlIjoiZmFiYzZmYTEtNDBkNy00NmQxLWE5ODEtODZmMGVmYzIyZGFjIiwiYXV0aF90aW1lIjoxNTMwODA3NDEyLCJhdF9oYXNoIjoiRGZmeDZWWXNxQjNwRVl1QWJiTDJfQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ind3NU1ZWHQ2UjZGdUJvZnhQM1pkNHBrc0xyVGc3VkxFeGMwX1ladUdCXzQifQ.MXRDx96RLaByADevyJjv6_B8iFRl74Dt9WdUM8gfmZg0xmB2t2m37AwxlumnQ-vRy8oE41lyqnAwELhCy6oQ8VD3N04DrPwH_B-O1tal5efaOMwS2ebOC2fqM6jrrVRTZcDbqSrD1YPI2jK21UQsAmCfHJmWuRyVS-Zg-ntbnrRkTUL0n35S3_CQjgZtGikP1jnCllANCER_K8zRlMPhlJ-xcr-eAYaHUwrGDSVZzm56Y9xsJkEcKCNlQyAufra4aRMNWeYzItdF8BTFo4EQomDRqL-3rxG_OIsof35c5ffn1EbOP66mR9I21YG5QR-sYkWisagzUJgGpXriwpcidg"}
#######################################################
TEST: requestAccessTokenCustomClientAuth2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=password&scope=openid&username=test_user&password=test_user_password&myCustomAttr1=47bef256-89be-4f17-8c4e-bf56f35c5aa4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 934
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"ba49f79c-c0eb-4c5b-bed1-5691d6c99a30","token_type":"bearer","expires_in":299,"refresh_token":"5cdb5bc5-51a6-4a37-83df-6b9fc49f7d29","scope":"openid","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3RUYzLjZCMzAuN0FEMi4wOEVBIiwiZXhwIjoxNTMwODExMDEyLCJpYXQiOjE1MzA4MDc0MTIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ind3NU1ZWHQ2UjZGdUJvZnhQM1pkNHBrc0xyVGc3VkxFeGMwX1ladUdCXzQifQ.B-ujGJwbNn2imnjI0cO2HQiuZpNCL_-eYW95NK4X1az2ry3ttT-F0GSj79rGFQTm7BF5kLNbfxVMnPSEHdi4pGsWjcvhzcSLTxLZcixaTQ80yiKpZnUW5iR6bsmNFV7QoFzbsejuRdKQnOUr_dXg8u-3T0yCNFLpe7SKNyqXJpaMchb9SClDe1pxwbeawHQe3Kp7mHjMNaOnR4TwtLhnY-GuQwiLkWMgCIqNFSCElXw-LcrJ8c91a0vfdbK78LEV-6s0j7djDTq-W3yeSSIjm-xLIjfzgVHfEs5ovS9BKDLjvOdhQvVnHlj9Udlf_ACMlDzNEc721cc9aLK42Vaj1Q"}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: clientSecretBasicAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_basic",
"scope": "openid profile address email clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1226
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!76B7.839B.3F59.0020",
"client_secret": "1d5af3d7-1d15-4092-a561-fd45f101d11a",
"registration_access_token": "200914ab-5365-4d15-910d-3f8b3f9bb5c6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!76B7.839B.3F59.0020",
"client_id_issued_at": 1530807412,
"client_secret_expires_at": 1530893812,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNzZCNy44MzlCLjNGNTkuMDAyMDoxZDVhZjNkNy0xZDE1LTQwOTItYTU2MS1mZDQ1ZjEwMWQxMWE=
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"85f92d94-2a1e-4710-95bb-91e6626063bb","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 412
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!76B7.839B.3F59.0020","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["openid","profile","address","email","clientinfo"]}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 85f92d94-2a1e-4710-95bb-91e6626063bb
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 403
Connection: Keep-Alive
Content-Length: 126
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token."}
#######################################################
TEST: clientSecretBasicAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_basic",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3B63.4CBD.D167.D976",
"client_secret": "2d9fbf82-e320-467b-8dc7-d297a36d0f1f",
"registration_access_token": "1447021d-e479-4dcd-9433-a88eb592c7f5",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3B63.4CBD.D167.D976",
"client_id_issued_at": 1530807412,
"client_secret_expires_at": 1530893812,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxM0I2My40Q0JELkQxNjcuRDk3NjpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:52 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61E8.3F01.CF1E.5834",
"client_secret": "54bbea27-0d2c-4d21-a279-333f4b9d56de",
"registration_access_token": "e75c71c2-f18f-47a6-96ad-87040bfdc6ad",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61E8.3F01.CF1E.5834",
"client_id_issued_at": 1530807413,
"client_secret_expires_at": 1530893813,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MUU4LjNGMDEuQ0YxRS41ODM0Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjFFOC4zRjAxLkNGMUUuNTgzNCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZDkzMjZlZmItMzQ2MC00MTUxLTk2YzUtZjBhY2Y0NTRlZWU0IiwiZXhwIjoxNTMwODA3NzM0LCJpYXQiOjE1MzA4MDc0MzR9.mggAFNVMf_s_yvqPNweTV19PNN15W1w4A34KrIPFpzQ
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"622d697e-4f21-4778-9db0-1f4f4b4e9ed1","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61E8.3F01.CF1E.5834","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BE4.BC41.91BC.2846",
"client_secret": "af92c314-6f7f-49cd-8c42-63bf44004c17",
"registration_access_token": "78b171b3-2280-43a0-9e38-7deffb4a61f9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BE4.BC41.91BC.2846",
"client_id_issued_at": 1530807413,
"client_secret_expires_at": 1530893813,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQkU0LkJDNDEuOTFCQy4yODQ2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMUJFNC5CQzQxLjkxQkMuMjg0NiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYzEwY2IwZjctYmZjZi00OWNlLWI5MmUtNjFlNWIyOTU3NzBmIiwiZXhwIjoxNTMwODA3NzM0LCJpYXQiOjE1MzA4MDc0MzR9.5aBbnfoI87EuBWTbDsJQMqEdoYFTeH6mhnJLgJ80atY
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1AEA.3909.5458.43D6",
"client_secret": "93d24ee3-f2a9-4314-bb16-9c6be5185c45",
"registration_access_token": "86af2581-816b-4deb-abb9-b3d9830f9acd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1AEA.3909.5458.43D6",
"client_id_issued_at": 1530807413,
"client_secret_expires_at": 1530893813,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQUVBLjM5MDkuNTQ1OC40M0Q2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMUFFQS4zOTA5LjU0NTguNDNENiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZWFkZWJiMTEtN2IyMy00MjIzLTgxODItMzNjOWNjMTQ2ODM5IiwiZXhwIjoxNTMwODA3NzM0LCJpYXQiOjE1MzA4MDc0MzR9.1_nzYefL3F0lHGhGIY-g2hR68yvE8fbROQgJbNNVnBLcTsjE4fXzMnJKouvwm0mw
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"3c4560e7-1203-43b1-a1b8-a588830b6795","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1AEA.3909.5458.43D6","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0B9.E77F.F818.2D12",
"client_secret": "81e7af64-a14c-4058-b6bc-30cf8b001a69",
"registration_access_token": "5a380781-c3e3-4d3c-9627-892790eddd87",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0B9.E77F.F818.2D12",
"client_id_issued_at": 1530807413,
"client_secret_expires_at": 1530893813,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMEI5LkU3N0YuRjgxOC4yRDEyIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDBCOS5FNzdGLkY4MTguMkQxMiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMGY5ZWE5YjktYjU5MC00NzBkLTgwZGItZDA0YzU5Yzk4ODJhIiwiZXhwIjoxNTMwODA3NzM0LCJpYXQiOjE1MzA4MDc0MzR9.0x8DO-6FgSJ6rpLz_iytFLeuTxSy1zbvJi9kTfKjRHbDBC-gjAceyYWtK6sIjQbU
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA78.3F36.7A9D.3453",
"client_secret": "e9983a2f-cc81-42d5-8812-238cb6cfcab5",
"registration_access_token": "ffa2323c-626c-4c95-a116-dbe4c670e90a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA78.3F36.7A9D.3453",
"client_id_issued_at": 1530807413,
"client_secret_expires_at": 1530893813,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQTc4LjNGMzYuN0E5RC4zNDUzIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREE3OC4zRjM2LjdBOUQuMzQ1MyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYjFlOTQ4NzktZGZjNi00OWE4LWE5YzctMDhhZTNhMDFhYTM2IiwiZXhwIjoxNTMwODA3NzM1LCJpYXQiOjE1MzA4MDc0MzV9.TdKNCvPrI68XWSMg3AbC0haQAL84Jqc1Ah0SocEjTidWqckOnsFvuf3dXlFmsT6fGxBGFbp3ipobH7Oyh6hkgg
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"933e8615-2bba-4b29-8a2f-e45a1f2cd9f7","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA78.3F36.7A9D.3453","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!213C.C2B7.9F91.13D5",
"client_secret": "867300ce-9703-4f63-8ddd-561bd4aff23e",
"registration_access_token": "9bc496de-fa35-434b-8bee-720fd165c9c3",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!213C.C2B7.9F91.13D5",
"client_id_issued_at": 1530807414,
"client_secret_expires_at": 1530893814,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMTNDLkMyQjcuOUY5MS4xM0Q1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMjEzQy5DMkI3LjlGOTEuMTNENSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNThmMWRmZWMtMjc4OS00ODNiLWEzNDgtZWEwNmIxMjcyNTI5IiwiZXhwIjoxNTMwODA3NzM1LCJpYXQiOjE1MzA4MDc0MzV9.QeJoZ4NZCUTOY7-0MINllTJPJ_SSfUo2A4O0TOv0FKRtf9C8pmjOVewSno0J1tSt4VBQyMgCrMfwQBndqw9KBA
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretPostAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_post",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1196
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D85B.E832.9ED7.AF36",
"client_secret": "35d1ed48-b3d5-4291-a1f5-71e8b8e03f3f",
"registration_access_token": "cac2ee61-fdbd-4460-8172-b1baca3bb56d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D85B.E832.9ED7.AF36",
"client_id_issued_at": 1530807414,
"client_secret_expires_at": 1530893814,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_post",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D85B.E832.9ED7.AF36&client_secret=35d1ed48-b3d5-4291-a1f5-71e8b8e03f3f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"fb3263b8-f37e-466b-82ae-8409970afd22","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D85B.E832.9ED7.AF36","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: clientSecretPostAuthenticationMethodFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_post",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B888.200E.EAE5.2E3F",
"client_secret": "d8f0f042-cb8c-49d9-a831-bec4fe452162",
"registration_access_token": "dc26c540-8d9c-4ad4-86e6-b54f4d438aee",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B888.200E.EAE5.2E3F",
"client_id_issued_at": 1530807414,
"client_secret_expires_at": 1530893814,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_post",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B888.200E.EAE5.2E3F&client_secret=INVALID_CLIENT_SECRET
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretPostAuthenticationMethodFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_post",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5D40.C706.3D8E.7ECC",
"client_secret": "4045428c-a6c7-4a68-8fe8-7af57183b55f",
"registration_access_token": "5512c026-55b4-4f1e-b0ed-798f8a67c335",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5D40.C706.3D8E.7ECC",
"client_id_issued_at": 1530807414,
"client_secret_expires_at": 1530893814,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_post",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215D40.C706.3D8E.7ECC
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretPostAuthenticationMethodFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_post",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2EAC.C8C7.9803.A637",
"client_secret": "3c548633-f81f-46d2-a72a-91274082cd50",
"registration_access_token": "5e7b4a9c-21b6-468b-ac60-69c1265e5092",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2EAC.C8C7.9803.A637",
"client_id_issued_at": 1530807414,
"client_secret_expires_at": 1530893814,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_post",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:54 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: defaultAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1197
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!04B2.CABB.8B66.A887",
"client_secret": "842e9670-605f-41a4-97ca-d0383f05a47f",
"registration_access_token": "e20a2b06-adf3-4aa3-94b1-58b4957aa255",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!04B2.CABB.8B66.A887",
"client_id_issued_at": 1530807415,
"client_secret_expires_at": 1530893815,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMDRCMi5DQUJCLjhCNjYuQTg4Nzo4NDJlOTY3MC02MDVmLTQxYTQtOTdjYS1kMDM4M2YwNWE0N2Y=
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"c82956b9-0588-41de-bc08-650004035996","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!04B2.CABB.8B66.A887","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: defaultAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!756F.66A0.7C0C.464B",
"client_secret": "9ab20dbf-d424-4816-865a-335399b2f206",
"registration_access_token": "c3533281-825a-479b-8e28-f11c679ce2c0",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!756F.66A0.7C0C.464B",
"client_id_issued_at": 1530807415,
"client_secret_expires_at": 1530893815,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNzU2Ri42NkEwLjdDMEMuNDY0QjpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:55 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5289.A1BB.3186.DF04",
"client_secret": "11b45a4e-eba0-4147-9727-d0f60e41f534",
"registration_access_token": "39851bc2-e1ca-4f3b-89c5-ed3e10492035",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5289.A1BB.3186.DF04",
"client_id_issued_at": 1530807415,
"client_secret_expires_at": 1530893815,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1Mjg5LkExQkIuMzE4Ni5ERjA0Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNTI4OS5BMUJCLjMxODYuREYwNCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYzkwNGYzNGMtYjVjNC00MTkwLTgxYzctZDkyZGQ0YTkzOWJmIiwiZXhwIjoxNTMwODA3NzM3LCJpYXQiOjE1MzA4MDc0Mzd9.MEUCIFmfBd748_WRFjLCAcdCmzG3hZwY8_iGFPxxfiUlCUTJAiEAydh6yOdJpg4XlTZbfYaIoVy20EGThNJ-xQfcXHT4Ltg
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"d518e5f2-5b15-4678-99f3-793e21817157","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5289.A1BB.3186.DF04","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F8AB.0D09.A098.E02C",
"client_secret": "6f55a6aa-968f-48b4-8e18-3faa1da665a7",
"registration_access_token": "7018ef3b-d737-489c-ba6f-25f893f67a35",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F8AB.0D09.A098.E02C",
"client_id_issued_at": 1530807416,
"client_secret_expires_at": 1530893816,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
12:17:17.254 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1312) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
12:17:17.383 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1314) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGOEFCLjBEMDkuQTA5OC5FMDJDIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjhBQi4wRDA5LkEwOTguRTAyQyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZTNhODJjMjItNzU3Yy00NGQzLWIzZDctMTc5Mjc0MWIyYzRhIiwiZXhwIjoxNTMwODA3NzM3LCJpYXQiOjE1MzA4MDc0Mzd9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!135A.C958.1710.DA27",
"client_secret": "49c72dc9-86ea-4f92-9fb1-c5a2c92d5ef9",
"registration_access_token": "87c6e2eb-dbbb-4bed-a1eb-c4afbba7d944",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!135A.C958.1710.DA27",
"client_id_issued_at": 1530807416,
"client_secret_expires_at": 1530893816,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMzVBLkM5NTguMTcxMC5EQTI3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMTM1QS5DOTU4LjE3MTAuREEyNyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNDA5YTBkYzItNDU2YS00MDliLWE2M2YtOTk1Y2ZhZWZkMGRlIiwiZXhwIjoxNTMwODA3NzM3LCJpYXQiOjE1MzA4MDc0Mzd9.MGQCMD-LDlLZZmNawo_4G17Uyv2lyDeaNec7K6uGsKUc1uqox4QLzDcdggqoIyDSpmx-swIwVc-HWs1pj_DUscDGYn5onwL99cjENlwikSilmBu3Un24NdqOmWvbzMnMGU_1c5CF
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"81f82d3f-c7c5-456b-839f-832082dee6ff","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!135A.C958.1710.DA27","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E226.538A.E939.6A60",
"client_secret": "40237167-e0eb-4e97-b93a-79779ab102e5",
"registration_access_token": "e4904a9e-bdce-4d95-8e91-660a3b961817",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E226.538A.E939.6A60",
"client_id_issued_at": 1530807416,
"client_secret_expires_at": 1530893816,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
12:17:17.882 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1437) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
12:17:17.989 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1439) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMjI2LjUzOEEuRTkzOS42QTYwIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRTIyNi41MzhBLkU5MzkuNkE2MCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYmM1YTUxMzQtOTg0YS00NjAwLWFhYTQtMTQ1OWI4NjM5YWI3IiwiZXhwIjoxNTMwODA3NzM3LCJpYXQiOjE1MzA4MDc0Mzd9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!840A.ED06.7E41.2AFC",
"client_secret": "b53b9fd6-4241-4d27-b70e-efe8aeeb5f6d",
"registration_access_token": "164b4e8e-7e14-4917-b3d5-3d9b47c0af43",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!840A.ED06.7E41.2AFC",
"client_id_issued_at": 1530807416,
"client_secret_expires_at": 1530893816,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4NDBBLkVEMDYuN0U0MS4yQUZDIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghODQwQS5FRDA2LjdFNDEuMkFGQyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiM2UyNjY2NjktYmRmZC00MWU0LWJjOWEtMTk1Nzk2NDMyZTlmIiwiZXhwIjoxNTMwODA3NzM4LCJpYXQiOjE1MzA4MDc0Mzh9.MIGHAkEME-_q3izwuaadz_O99rvSvAbUXmv6QP2MpbIJQAs-h8XZcNgDsSHCbC3GwfW2VwWGtygOnCVR2pee1TNOTx8FwgJCAQHPzXm9_dSsCF8pEvhixIzom2eYgMdQomJtReeMtqCLNND0lCj3akodQrgo6pBmAcFctYXaz36XS2iIr1xTsjXQ
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"4310b380-cf6e-4ab7-bbf1-dc4250ba33f2","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!840A.ED06.7E41.2AFC","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!054D.4067.34F4.A4C1",
"client_secret": "3949a412-bfec-4d20-9aac-835b2706070a",
"registration_access_token": "6d682b0c-6d85-43aa-af5c-3a99e9d80796",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!054D.4067.34F4.A4C1",
"client_id_issued_at": 1530807417,
"client_secret_expires_at": 1530893817,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
12:17:18.481 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1562) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
12:17:18.589 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1564) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNTRELjQwNjcuMzRGNC5BNEMxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMDU0RC40MDY3LjM0RjQuQTRDMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOWY2YjU0YjQtMjVjMC00ODBlLWJmNDQtZmIzMDZhOGFkMmQ4IiwiZXhwIjoxNTMwODA3NzM4LCJpYXQiOjE1MzA4MDc0Mzh9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7685.8F4D.2A05.9F0E",
"client_secret": "79ccb5ad-2a7b-4baa-8591-1a5a0e958d22",
"registration_access_token": "d533d3e3-7863-402c-ad2a-432e269dfb1b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7685.8F4D.2A05.9F0E",
"client_id_issued_at": 1530807417,
"client_secret_expires_at": 1530893817,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3Njg1LjhGNEQuMkEwNS45RjBFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzY4NS44RjRELjJBMDUuOUYwRSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMGFjOTAwNTctOTM0Mi00NTkwLTgyYjEtNmQwZmQ5YjIwOGI2IiwiZXhwIjoxNTMwODA3NzM4LCJpYXQiOjE1MzA4MDc0Mzh9.Bzmz_YKTf_w-1clPbQ8CqurNdRUlyqfZO7WeEtST0H1mb-oJG-F2PbGTnU15aVjhWXRhZmKQeFVJTAVsBWZrrRxPzqc1fshIHgjx9wf4pZzSVsRyvihPjC1rRX8Pzje-HEcH9Q-tdiEp7rNi8VrfLC_acKeP3ZsHv5azd3apJnWVkLScSY1FRiPNdllAy1aU10Dts-_RlDJ8XQHj81lRt4-PIDVdwYim_C2dCSXwOTFaunVjSMrck-5Ox1susgftIlz6kPnMtdV1OCVORIpQWb_o4gxp__CrkOkm-Kn3HHw91W-255OSAZTP10msQPNvDUpK88Z0L8RXJlCuG2SB4A
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"49975e40-c9b7-453d-a2a9-506f69eee1c0","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7685.8F4D.2A05.9F0E","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B02.7FCE.EBF5.D505",
"client_secret": "84fddbb3-cab3-487d-ab35-b1b416cb93e9",
"registration_access_token": "6e6c325e-558a-42bd-9a70-b763f1e490d3",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B02.7FCE.EBF5.D505",
"client_id_issued_at": 1530807417,
"client_secret_expires_at": 1530893817,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
12:17:19.021 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:937) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
12:17:19.126 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:939) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0QjAyLjdGQ0UuRUJGNS5ENTA1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNEIwMi43RkNFLkVCRjUuRDUwNSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYTYwOGQxODItNTZhNy00NTUzLTgxNTQtZTVjYTZlYWZhNDk1IiwiZXhwIjoxNTMwODA3NzM5LCJpYXQiOjE1MzA4MDc0Mzl9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:57 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!221B.D236.109C.C1DA",
"client_secret": "a42544e2-2e44-486c-b095-1bc6cd3d507f",
"registration_access_token": "c65562e7-779c-4b18-93a8-52feb95653db",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!221B.D236.109C.C1DA",
"client_id_issued_at": 1530807418,
"client_secret_expires_at": 1530893818,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMjFCLkQyMzYuMTA5Qy5DMURBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMjIxQi5EMjM2LjEwOUMuQzFEQSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMTZlNzhhYWMtYjU2YS00NDIwLWEwYTAtYzAwZjAxZTI2OGFmIiwiZXhwIjoxNTMwODA3NzM5LCJpYXQiOjE1MzA4MDc0Mzl9.W_ruFI_-GMxSOArfIvs1Pu9YmSEssGo18rupU7Liev7NGQb8fwLEcDiKiyR_sKViV0ZrJE39JLMawIvxP1u7hTHwf88kaWCl_tPITqcx4_mqOu769TpTB_sADF1664RmXI7XGxdai-7g9sDDYt8vw8nMhNcEoBrp38q3E4YsAVmwx1rP4w4-7VieyRTV4S_BXqrRUp6aoEztXvRrUqcf471h0C8bDR-iqF4eNi2s1JLaEFjfXbMoLuDi2DC9juJ2U2a5F651kbewqJHrobuusu8W4q3sI1gq6jQ2v57wbGgcMQDKqw5WGQpa0ZJpvawMvOCUWBPDDXH96An6VUl6Fw
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"871578be-fa92-4a1f-bf7d-05372d5e53bd","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!221B.D236.109C.C1DA","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!658C.FEFA.6D0C.4E5F",
"client_secret": "c3b93d8e-8c83-4ae1-9dba-ba2a917d85fd",
"registration_access_token": "5dacf036-f0d0-4eaa-a64f-02c9cdcc0ba8",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!658C.FEFA.6D0C.4E5F",
"client_id_issued_at": 1530807418,
"client_secret_expires_at": 1530893818,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
12:17:19.549 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1062) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
12:17:19.662 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1064) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2NThDLkZFRkEuNkQwQy40RTVGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjU4Qy5GRUZBLjZEMEMuNEU1RiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOTE0NDNmMTktYjQzZi00ODY1LTlhZmQtMzAzNjkxZDcwMzViIiwiZXhwIjoxNTMwODA3NzM5LCJpYXQiOjE1MzA4MDc0Mzl9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!72E8.92A8.ACAF.8D2C",
"client_secret": "ec783ac9-697b-47a6-86d2-dd87e88398ab",
"registration_access_token": "01f28c1f-d5b5-4a56-aefc-823e49a80f53",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!72E8.92A8.ACAF.8D2C",
"client_id_issued_at": 1530807418,
"client_secret_expires_at": 1530893818,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MkU4LjkyQTguQUNBRi44RDJDIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzJFOC45MkE4LkFDQUYuOEQyQyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZWFiNzBjNjAtY2IwYi00YTU3LWI3ODItYTYwNjVlZDkxMWEwIiwiZXhwIjoxNTMwODA3NzM5LCJpYXQiOjE1MzA4MDc0Mzl9.GZquFlMh4SJnFHrhUJqq83bzgRrjZQrBiA6JrdZWRtwhCjMGUmV6c9eWKgNgeLEZKSjPPUM1NokVW8xyw5uEcFn7wkkEfv5N4Cl5irzru29feH8z9pz7WSN8Il4QOoZ9cbwP4Z_gV575YX83_LOOwYBfYCCGswnBhF2YDDgI8cnVP5buPfz0goH6HSpJavX-FLVsaOmrDQzeUctqY-yQVXMgT1c1F2fIEKC0sRseh7H33crsM05QEPGtlyIMvStig2gPQgDEvXP-6AVsWr7U_gzCE3bMCNxDBJV_2pHFU4tCk39T-36yMe2-cv9qBHB7jwZwZ5aJJZ6E5rhfcYGRaQ
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"d0ed3447-97ef-432d-9f9d-057db1ca645f","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!72E8.92A8.ACAF.8D2C","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5896.5B66.F133.121E",
"client_secret": "7e9e755c-0070-4bfd-878b-0a61c3fda360",
"registration_access_token": "cdfa93f1-825e-4da6-b1d4-17d55c9bc4f0",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5896.5B66.F133.121E",
"client_id_issued_at": 1530807418,
"client_secret_expires_at": 1530893818,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
12:17:20.077 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1187) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
12:17:20.190 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1189) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6IlJTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1ODk2LjVCNjYuRjEzMy4xMjFFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNTg5Ni41QjY2LkYxMzMuMTIxRSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYWFmMDA1MTQtMjA3Yi00OTk4LWFkY2QtZDcyNDRmNzgyYmMxIiwiZXhwIjoxNTMwODA3NzQwLCJpYXQiOjE1MzA4MDc0NDB9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:59 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:16:59 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:59 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestClientInfoImplicitFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:16:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!44A7.AE00.BD7D.855E",
"client_secret": "332b3b29-3405-42fe-b846-44e5ed46d687",
"registration_access_token": "f1445576-d0a3-425d-802a-91ab0414f821",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!44A7.AE00.BD7D.855E",
"client_id_issued_at": 1530807419,
"client_secret_expires_at": 1530893819,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2144A7.AE00.BD7D.855E&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=33c52215-d566-4b03-a44a-a4cf3ca84700&nonce=d4916354-50c2-4da9-b2ec-95323b4a61c6
12:17:20.574 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8f8d741f-04c3-46b8-98c5-76eae318bf2f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2144A7.AE00.BD7D.855E&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=33c52215-d566-4b03-a44a-a4cf3ca84700&nonce=d4916354-50c2-4da9-b2ec-95323b4a61c6
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=163226f2-a42f-413b-968c-f46414dd181e&scope=clientinfo&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0NEE3LkFFMDAuQkQ3RC44NTVFIiwiZXhwIjoxNTMwODExMDIwLCJpYXQiOjE1MzA4MDc0MjAsIm5vbmNlIjoiZDQ5MTYzNTQtNTBjMi00ZGE5LWIyZWMtOTUzMjNiNGE2MWM2IiwiYXV0aF90aW1lIjoxNTMwODA3NDIwLCJhdF9oYXNoIjoiSGV0LVhmX0NxeURZcWR2dngtZWpnUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik5XMXRmUjZ3Z2xrUGxIWWF3c3JKMWk2d2FxQ0tiQ0h4aVNaS190bXNacTgifQ.o1pkt-gXLD1H45IDE1MKFnGHkalhn7_mnOqCaRIkIwqnNJvAihrKRqDT6suer5JeFp4WU95AZWGAlafbZSmouviM9nqOHv_YPjaNxUiY5rehEPJiMtcsj9ZyaCtRRRRTiMrgtXiDt0L6Axkz6ViCkM5ae-3GYtbovNJko4pFvl6Q1teq4Kjao14k63sVXJZNVZkbQcQPWB4AaKtrx7Op71CjhEIkHyqi9Yw0vu-IgRIRxhJH5_RdSAURumrGczitzzMVX6CoqSdNSVoeCt3lnV03AligK9vNwQ2mdtot7YEtBfHMN-oomyZxs6aD7FFTBA2sZ_Fl9uLjlLPg27ZyLA&session_id=da9a1347-8b36-48d1-9d95-f228ac224369&state=33c52215-d566-4b03-a44a-a4cf3ca84700&token_type=bearer&session_state=8f8d741f-04c3-46b8-98c5-76eae318bf2f&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 513
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!44A7.AE00.BD7D.855E","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["permission","uma_protection","clientinfo","email","user_name","sub","org_name","address","openid","test_scope1","work_phone","phone","profile","test"]}
#######################################################
TEST: requestClientInfoInvalidRequest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 260
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:00 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed."}
#######################################################
TEST: requestClientInfoInvalidToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 203
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:00 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}
#######################################################
TEST: requestClientInfoPasswordFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["password"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1299
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E07F.47AE.5CD9.045D",
"client_secret": "bcaaa680-dff3-4838-8d34-4f2e0766b1ef",
"registration_access_token": "903579f8-b2cf-4ceb-b850-fd093d2ca52d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E07F.47AE.5CD9.045D",
"client_id_issued_at": 1530807420,
"client_secret_expires_at": 1530893820,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["password"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTA3Ri40N0FFLjVDRDkuMDQ1RDpiY2FhYTY4MC1kZmYzLTQ4MzgtOGQzNC00ZjJlMDc2NmIxZWY=
grant_type=password&scope=clientinfo&username=test_user&password=test_user_password
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 170
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"0b69a0b3-7744-4a35-aae4-6017013bcd29","token_type":"bearer","expires_in":299,"refresh_token":"58d31bf2-b113-45ec-99b8-250230ac8667","scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 513
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E07F.47AE.5CD9.045D","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["permission","uma_protection","clientinfo","email","user_name","sub","org_name","address","openid","test_scope1","work_phone","phone","profile","test"]}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:17:01 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:01 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: authorizationCodeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email phone user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1347
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5634.EBCE.50E6.B559",
"client_secret": "631aaf1f-5111-4409-b2dd-d32bd9c3187e",
"registration_access_token": "059c2c0d-389e-4216-aba8-d0c31934323c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5634.EBCE.50E6.B559",
"client_id_issued_at": 1530807421,
"client_secret_expires_at": 1530893821,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email phone user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215634.EBCE.50E6.B559&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9619f48d-836c-4284-adc2-fa1fa5851507&nonce=463991c5-76c0-4149-861d-92b9068cb65f
12:17:22.465 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b97305ce-224c-4e6c-90ed-21322c897d20
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215634.EBCE.50E6.B559&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9619f48d-836c-4284-adc2-fa1fa5851507&nonce=463991c5-76c0-4149-861d-92b9068cb65f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=a3239f33-f650-42d3-a923-0664bcef235a&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NjM0LkVCQ0UuNTBFNi5CNTU5IiwiZXhwIjoxNTMwODExMDIyLCJpYXQiOjE1MzA4MDc0MjIsIm5vbmNlIjoiNDYzOTkxYzUtNzZjMC00MTQ5LTg2MWQtOTJiOTA2OGNiNjVmIiwiYXV0aF90aW1lIjoxNTMwODA3NDIyLCJjX2hhc2giOiJ1eXUwdU1mZmNMVHRwNjhZd25QZWtnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiYldPbWJMZk52MzRabE1ScVFzdXBpLV94UGRpeUtFVU5iNG9VUExhMWQzayJ9.JpkdoWYkd_FjHwadriigWtEP3qYSCCX3_rNQP4F_GkJwOvNWb206SNNq67M6nh4IlFKTdrzvypxWl3Hi_D4CHYyBj8Crw_X_X0-vuF9A6G7WHfkuymWzlY_NLw4Q8B_jj06RxtJbZHC0vUdNelbFpm9N5kH9UkFobzvAzAosGoBV9XGdOFgWq5Gow3gcExmsDC4K0P9dN7xSRpnJKVZUDAmCkvVHqvStwLB4PixqPA15aYqlnvQ9lrmkmkEGeVZg2mCHtDASgHbSN_IlSTmPDx6FFsJe-3c2aeT8VeLxteH_m0PaW1ppAw_WzXQlC4UeQFohCq78pPPBP4ZcIZ-njw&session_id=0a394b18-c9dc-42d0-b069-9956620dc15d&state=9619f48d-836c-4284-adc2-fa1fa5851507&session_state=b97305ce-224c-4e6c-90ed-21322c897d20
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNTYzNC5FQkNFLjUwRTYuQjU1OTo2MzFhYWYxZi01MTExLTQ0MDktYjJkZC1kMzJiZDljMzE4N2U=
grant_type=authorization_code&code=a3239f33-f650-42d3-a923-0664bcef235a&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"8aff5c0a-3c9f-4f17-9d28-8549aa8feb2e","token_type":"bearer","expires_in":299,"refresh_token":"71c5814e-919e-45f0-a9fd-2e9632675179","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NjM0LkVCQ0UuNTBFNi5CNTU5IiwiZXhwIjoxNTMwODExMDIyLCJpYXQiOjE1MzA4MDc0MjIsIm5vbmNlIjoiNDYzOTkxYzUtNzZjMC00MTQ5LTg2MWQtOTJiOTA2OGNiNjVmIiwiYXV0aF90aW1lIjoxNTMwODA3NDIyLCJhdF9oYXNoIjoiODFIYjVyOTdvVzRmUXJiUmtyaWtTQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImJXT21iTGZOdjM0WmxNUnFRc3VwaS1feFBkaXlLRVVOYjRvVVBMYTFkM2sifQ.W4MwEPGY5ftlYHrRE_2Kxm_cP43asEJalUdDONU0TzKrx9HWbHJkVylgia88vHxYnL_DqUv3uzvRD4VXvvTfwSnxRzkFUmjO67WG3dzFdKpIrum6NC9cGOx9Soro28UP0Y_-VjFnZ4CzE88oAQ5vZ0Saf3N8BvdOw7LmAxWPErVI2L7LPtJvXgb9i2N_O1nWet2VKvlFbWt8_3jYd1rQq1cmWL3m-DXXi-7YuAsGB03fXK6zeHO3_hhVrvo5TTyr6OctfwmbRh1MueRpKrzr4b-OEFp7a2I9qWsWP9xqecr8eyhKoPCqI3UuTjLqFp4FkNJfLgfKBFvtTpGBD_C4IQ"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNTYzNC5FQkNFLjUwRTYuQjU1OTo2MzFhYWYxZi01MTExLTQ0MDktYjJkZC1kMzJiZDljMzE4N2U=
grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=71c5814e-919e-45f0-a9fd-2e9632675179
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 204
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"8c89dbc2-23a2-4132-9b99-b549568d6702","token_type":"bearer","expires_in":299,"refresh_token":"be4b5beb-3b95-422f-9067-1c8d47b35b72","scope":"address phone openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8c89dbc2-23a2-4132-9b99-b549568d6702
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 695
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:17:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"bWOmbLfNv34ZlMRqQsupi-_xPdiyKEUNb4oUPLa1d3k","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: testEncode1
#######################################################
#######################################################
TEST: testEncode2
#######################################################
#######################################################
TEST: testEncode3
#######################################################
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:17:02 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:02 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestClientAssociate
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2DE9.E941.5D8E.22AD",
"client_secret": "f6269bfb-95c4-4314-a0eb-3a19f3e1b29c",
"registration_access_token": "6bf8b85b-f11a-4b3d-836c-0882a9008bd7",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2DE9.E941.5D8E.22AD",
"client_id_issued_at": 1530807422,
"client_secret_expires_at": 1530893822,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
#######################################################
TEST: requestClientAssociateInBlackList
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": ["https://www.attacker.com"],
"application_type": "web",
"client_name": "oxAuth test app"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 101
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:03 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."}
#######################################################
TEST: testUrlPatterList
#######################################################
#######################################################
TEST: requestClientUpdate
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 282
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:03 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client_metadata","error_description":"The value of one of the Client Metadata fields is invalid and the server has rejected this request. Note that an Authorization Server MAY choose to substitute a valid value for any requested parameter of a Client's Metadata."}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:17:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:17:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
#######################################################
TEST: OpenID Connect Configuration
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:17:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: enableClientToRestrictJavascriptOrigin
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"authorized_origins": ["https://ce.gluu.info:8443"],
"scope": "openid profile address email phone user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1404
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F794.1ECC.3CA6.C868",
"client_secret": "1fada3b3-e208-4b8d-8a00-fd1870cdd496",
"registration_access_token": "b4bcba88-f548-4214-9a3a-a0c7f422094c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F794.1ECC.3CA6.C868",
"client_id_issued_at": 1530807423,
"client_secret_expires_at": 1530893823,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"authorized_origins": ["https://ce.gluu.info:8443"],
"frontchannel_logout_session_required": false,
"scope": "openid profile address email phone user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F794.1ECC.3CA6.C868&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6a76fc0-b9b4-43a5-8b9b-21ed44a23ab3&nonce=16ee9057-45ae-4714-bca5-24e0300a9b53
12:17:24.824 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c03800d7-0d4e-4248-ae45-44dc2c88298d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F794.1ECC.3CA6.C868&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6a76fc0-b9b4-43a5-8b9b-21ed44a23ab3&nonce=16ee9057-45ae-4714-bca5-24e0300a9b53
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=53aab46c-9e26-43be-891b-1419ed8bef11&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNzk0LjFFQ0MuM0NBNi5DODY4IiwiZXhwIjoxNTMwODExMDI0LCJpYXQiOjE1MzA4MDc0MjQsIm5vbmNlIjoiMTZlZTkwNTctNDVhZS00NzE0LWJjYTUtMjRlMDMwMGE5YjUzIiwiYXV0aF90aW1lIjoxNTMwODA3NDI0LCJjX2hhc2giOiJZTlh5V2cxTW5jQUNPOS1pcHpEXzNnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoieE5kNXNpRy03M1hibFA3VFNzUzFET0V4SE9ndk53eGFpLUthczVBZVlMWSJ9.nKuiDMgY9u9QjW6Avh5zhqafQ2UVW_MEcu3bVHQQNtxU6-lkeHzdamYK6mcs_fUmpUN5YyeYVvKHMArBl_AYctwOgj3agbGFSTrV3LN7J3XhpYwXp19uW4S9iiLNHvHjdHwNfSUGFjXAGXxPdIRJSVQj-sNOorutYTUf7h5RAmMEdEkSdWA9jbEbKAn_iw4QUsR5kSexgCF5tLJExVTwUZizvanBax2DZAkaiN_i8K-VZ0zmyCbdJtMr7ES2kMPUkuqZWXxKXVA4m3jMLbY9NYmyK3VYI3lkk5kVGtlAsWIODMqaRA_yaezkt4hjV0kBupb7W1vD1zZd_Z7eIY44qw&session_id=65ed3a97-0738-4ce2-93cb-02b0a2237b47&state=b6a76fc0-b9b4-43a5-8b9b-21ed44a23ab3&session_state=c03800d7-0d4e-4248-ae45-44dc2c88298d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRjc5NC4xRUNDLjNDQTYuQzg2ODoxZmFkYTNiMy1lMjA4LTRiOGQtOGEwMC1mZDE4NzBjZGQ0OTY=
grant_type=authorization_code&code=53aab46c-9e26-43be-891b-1419ed8bef11&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"c428f03c-2a82-4daa-a026-eac67b787d4a","token_type":"bearer","expires_in":299,"refresh_token":"72c9a95a-9ad7-47dc-bd95-9af1de57e821","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNzk0LjFFQ0MuM0NBNi5DODY4IiwiZXhwIjoxNTMwODExMDI0LCJpYXQiOjE1MzA4MDc0MjQsIm5vbmNlIjoiMTZlZTkwNTctNDVhZS00NzE0LWJjYTUtMjRlMDMwMGE5YjUzIiwiYXV0aF90aW1lIjoxNTMwODA3NDI0LCJhdF9oYXNoIjoibFlLSkhBUUwxUGpUaTNhWk92Nzh0dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InhOZDVzaUctNzNYYmxQN1RTc1MxRE9FeEhPZ3ZOd3hhaS1LYXM1QWVZTFkifQ.Fp9RLUtI9jpMfEtBWLj-R_nnpg4Fg9P4hs55tQhvhLDiY_cjevtvUzLctYtvaXOvqiywBZUijM9WOyAvKD9zwu-2oc-wstHOKoGzKcnsHnC-j0bTvlOEj2Xs4b27TgCrKbxCegwDK0oXsR-bjZn7c1Itq_fj8l1oVBDZjiZJbrPXJABBGW_A_rSNqRKnDVvA_DDctHtIvuKsqHOngNNvGldj2FHKy6wpn1pTnggA62PjXXNnDpR8HHMJWs_DRsWF-5pY2pgMKpb0IzzPdsOd51TFPrScLxtWIemFFIpz0BfJayk32OIVwGWNvZfiH_kUMqmm0v-e9lP6J8w4voaHeQ"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRjc5NC4xRUNDLjNDQTYuQzg2ODoxZmFkYTNiMy1lMjA4LTRiOGQtOGEwMC1mZDE4NzBjZGQ0OTY=
grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=72c9a95a-9ad7-47dc-bd95-9af1de57e821
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 204
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"f59e1a20-e2f4-4939-a393-2bcdf13b9686","token_type":"bearer","expires_in":299,"refresh_token":"fd29b845-b4c1-40e8-95cb-b59d9fa65685","scope":"address phone openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f59e1a20-e2f4-4939-a393-2bcdf13b9686
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 695
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 16:17:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"xNd5siG-73XblP7TSsS1DOExHOgvNwxai-Kas5AeYLY","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:17:05 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:05 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: encodeClaimsInStateParameterAlgA128KWEncA128GCM
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0BE1.A483.77D1.37A6",
"client_secret": "48dc5f4c-14f1-49fe-a627-99dee7abacad",
"registration_access_token": "9827c0bd-28f0-4761-929a-1d38aab90b90",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0BE1.A483.77D1.37A6",
"client_id_issued_at": 1530807425,
"client_secret_expires_at": 1530893825,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210BE1.A483.77D1.37A6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ADZhbEnk7e5oQpwKjkQpGa1bnFDVB-Hu.fyc98f-adXyUvZFT.NnvryT26iLXnhWGvu156Ab_PUmzZLDSS6_2HUduTUNOrFBnZLm3ElplTUoiy4fmfDcKA958XJhDRSUJTxosfkJAm7_lTEjxM74mQr0ZLuOVdREzeYT8XFapdsYnADHjh2Qp0yiBI52pGlwRCyJBihzZ8ZDKnXOcZNLANa_vOOeAaj8LIEJpiCW5ddS9gppEmM_ZkRUFTRlwPTfrK89j98zyhZzMB27e1bejB-4Rd1OZSI1sNcyaFomhelumEE1BollJP2GgwY9KMB9yaJ0UP26Oqvn21YDNtjk2A_P5NW3GgJWulTZQrNR3mGImz9SlIQN9g6hIi2Q.pNvaptBcGzCpZXd1X620cw&nonce=c8123d24-99fe-4a3d-bd5b-21b73d4d2e1a
12:17:26.523 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:726db8a3-d931-4b6d-9391-6e23cdcecd81
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210BE1.A483.77D1.37A6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ADZhbEnk7e5oQpwKjkQpGa1bnFDVB-Hu.fyc98f-adXyUvZFT.NnvryT26iLXnhWGvu156Ab_PUmzZLDSS6_2HUduTUNOrFBnZLm3ElplTUoiy4fmfDcKA958XJhDRSUJTxosfkJAm7_lTEjxM74mQr0ZLuOVdREzeYT8XFapdsYnADHjh2Qp0yiBI52pGlwRCyJBihzZ8ZDKnXOcZNLANa_vOOeAaj8LIEJpiCW5ddS9gppEmM_ZkRUFTRlwPTfrK89j98zyhZzMB27e1bejB-4Rd1OZSI1sNcyaFomhelumEE1BollJP2GgwY9KMB9yaJ0UP26Oqvn21YDNtjk2A_P5NW3GgJWulTZQrNR3mGImz9SlIQN9g6hIi2Q.pNvaptBcGzCpZXd1X620cw&nonce=c8123d24-99fe-4a3d-bd5b-21b73d4d2e1a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=adaae4a9-6877-4fff-8c12-2e0b1cd36b94&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwQkUxLkE0ODMuNzdEMS4zN0E2IiwiZXhwIjoxNTMwODExMDI2LCJpYXQiOjE1MzA4MDc0MjYsIm5vbmNlIjoiYzgxMjNkMjQtOTlmZS00YTNkLWJkNWItMjFiNzNkNGQyZTFhIiwiYXV0aF90aW1lIjoxNTMwODA3NDI2LCJhdF9oYXNoIjoiZnFKMHVKU1pwVUFnS0RyUnVpcjU2USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlVoUWxhYTE3dVo0bEtKTUMtNjZzRThnNjdNcXhIYmpWR0lWRTZVSWpUVU0ifQ.X4Ntl4jKbJQ6EvbhAmItVwzxU04fkVY9m7GPZE4hVa3LGjpIJnAFdS5F5YUtSA1qPLiZJMel1n_mxKzMqpLxgYSApAlNofC6ST53wIK3Dt2cdX9puNOpU2s7oHnDSufKFQbQcu_KgxwyJgnYaVWIuAWs7ftj3J5NBpS_PZrPwABIE-ypOKFskxErjsJ3rGi99szdxaHPXTseLcZBg0CJDpYpwEgH2D4vRuP3eUlkWdebIiDLHMaBJ4l9ZqaSYzVdgndsCEhVUYuhrsfNXdqh6KlBJi8fy2Fl2ItrccNLvadkM0_KQO6QaziyVK9V8TvEOA2JZQPdnZ8Z6Qy_6Tp8EQ&session_id=75e96eeb-8f4f-4e58-b8bd-e97252305032&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.ADZhbEnk7e5oQpwKjkQpGa1bnFDVB-Hu.fyc98f-adXyUvZFT.NnvryT26iLXnhWGvu156Ab_PUmzZLDSS6_2HUduTUNOrFBnZLm3ElplTUoiy4fmfDcKA958XJhDRSUJTxosfkJAm7_lTEjxM74mQr0ZLuOVdREzeYT8XFapdsYnADHjh2Qp0yiBI52pGlwRCyJBihzZ8ZDKnXOcZNLANa_vOOeAaj8LIEJpiCW5ddS9gppEmM_ZkRUFTRlwPTfrK89j98zyhZzMB27e1bejB-4Rd1OZSI1sNcyaFomhelumEE1BollJP2GgwY9KMB9yaJ0UP26Oqvn21YDNtjk2A_P5NW3GgJWulTZQrNR3mGImz9SlIQN9g6hIi2Q.pNvaptBcGzCpZXd1X620cw&token_type=bearer&session_state=726db8a3-d931-4b6d-9391-6e23cdcecd81&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterAlgA256KWEncA256GCM
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F54B.CD94.751B.8766",
"client_secret": "6db49e7f-c666-443a-b0fe-71a7171d3c16",
"registration_access_token": "050c9b72-0a7f-4680-b2b2-df31e15ce7ec",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F54B.CD94.751B.8766",
"client_id_issued_at": 1530807426,
"client_secret_expires_at": 1530893826,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F54B.CD94.751B.8766&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.Dn0Flt2VjBu-tRbfuBR5ABLHsHgkZSh7VlFiOEfYhDZDNcXZNCVRCw.ui6FxY7EJ5XwcKtK.yuu_M9phDSMFztMhzHnZPIxto4JVSVU-geZSWnAh5EJ6wqSPdRdh0LvQcL_LX0XugD6HUWQ9K3-Dck5G4PdeRBBmXtDwyJPpMY4oVHTSaxs_KWJXtx700L5yXuaoiR7hhoG1DhNe9jY4hy2ppYmgD56y3Jnpkix_pYUtsUZuW61yK3xOdex6g-7q_erGnADoECbEtsHrYkWKFGisu5UkmMcb_PwpqefS6pHOD9xElbocLOaT9tplJsPHIRNCNAaGY3i17g__O742AI45lgTtIg3hJxu3pL9rD_VYhGXzPc8omGHcBZxM6YXhOtKo53gUF1iNYzjJNw.XRgaUog_YL2xlDhasDy3AA&nonce=dd7bdcd6-3823-42fa-940f-c137a126656f
12:17:27.965 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:964fa9a9-28f5-4c90-81e9-f0c0b14561d6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F54B.CD94.751B.8766&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.Dn0Flt2VjBu-tRbfuBR5ABLHsHgkZSh7VlFiOEfYhDZDNcXZNCVRCw.ui6FxY7EJ5XwcKtK.yuu_M9phDSMFztMhzHnZPIxto4JVSVU-geZSWnAh5EJ6wqSPdRdh0LvQcL_LX0XugD6HUWQ9K3-Dck5G4PdeRBBmXtDwyJPpMY4oVHTSaxs_KWJXtx700L5yXuaoiR7hhoG1DhNe9jY4hy2ppYmgD56y3Jnpkix_pYUtsUZuW61yK3xOdex6g-7q_erGnADoECbEtsHrYkWKFGisu5UkmMcb_PwpqefS6pHOD9xElbocLOaT9tplJsPHIRNCNAaGY3i17g__O742AI45lgTtIg3hJxu3pL9rD_VYhGXzPc8omGHcBZxM6YXhOtKo53gUF1iNYzjJNw.XRgaUog_YL2xlDhasDy3AA&nonce=dd7bdcd6-3823-42fa-940f-c137a126656f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=137eb509-f914-4098-b893-76d0bf05a6db&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNTRCLkNEOTQuNzUxQi44NzY2IiwiZXhwIjoxNTMwODExMDI3LCJpYXQiOjE1MzA4MDc0MjcsIm5vbmNlIjoiZGQ3YmRjZDYtMzgyMy00MmZhLTk0MGYtYzEzN2ExMjY2NTZmIiwiYXV0aF90aW1lIjoxNTMwODA3NDI3LCJhdF9oYXNoIjoiUnJyZU1IeDVlSHlSN2lhNVc3R1kyZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkZyT3RFUkt2OUFnTkEza1ZTVk4zRGVMNVJkdTZsRTdTVXZjaElRZFhSdGsifQ.BAv_nZ4idgC0Q9zi91vUOjK734GG6ui1W3ISMep6Gyb2aQA66K3KNq5v6RTJYHNrQkLhW7n2UkrTEGyBdUh-djfd9z2JBo8Jz44kl3MXZmeiwJH415d76Wv4dP_SZkEY_3SLP92k7ek-uL0siLW1ZJspYHI6CsXgoVLl7ixmsrR3UZp5ZWQJ-mmNos6x1PMOJIIq9HutaMzqD5VRU-FBiUWZhSFcZhCpfkaBmDCrJ3PLqQc4ckldsCnaU9ATuhAx0jBzTiVV3BLiWmu5I_50HK0pzD9UQrYXy4dLeQrTkwdKINg270ZNAyR1FyrLqDRmPSsHHI61kA6RQ_capIm2Zg&session_id=dad1f363-3baf-4cdf-bf99-bb45f232032d&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.Dn0Flt2VjBu-tRbfuBR5ABLHsHgkZSh7VlFiOEfYhDZDNcXZNCVRCw.ui6FxY7EJ5XwcKtK.yuu_M9phDSMFztMhzHnZPIxto4JVSVU-geZSWnAh5EJ6wqSPdRdh0LvQcL_LX0XugD6HUWQ9K3-Dck5G4PdeRBBmXtDwyJPpMY4oVHTSaxs_KWJXtx700L5yXuaoiR7hhoG1DhNe9jY4hy2ppYmgD56y3Jnpkix_pYUtsUZuW61yK3xOdex6g-7q_erGnADoECbEtsHrYkWKFGisu5UkmMcb_PwpqefS6pHOD9xElbocLOaT9tplJsPHIRNCNAaGY3i17g__O742AI45lgTtIg3hJxu3pL9rD_VYhGXzPc8omGHcBZxM6YXhOtKo53gUF1iNYzjJNw.XRgaUog_YL2xlDhasDy3AA&token_type=bearer&session_state=964fa9a9-28f5-4c90-81e9-f0c0b14561d6&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterAlgRSA15EncA128CBCPLUSHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!536F.0622.357C.4AD2",
"client_secret": "b764a930-7753-446b-8d31-5c730687b816",
"registration_access_token": "0fac3b89-99ee-4b57-a33f-8b4fdada60c6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!536F.0622.357C.4AD2",
"client_id_issued_at": 1530807427,
"client_secret_expires_at": 1530893827,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21536F.0622.357C.4AD2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.JBeft8v0urfCFzrtCN8BSwBSi8QaxftS5VaVp-vboYU4VuVrLJEUlEs_RxUUox7OaZf2cjEkkRaVCH2RdG3ZVxVX8sFbi8GemV8sCIOAGise7OJGfE0yqssw5RcjhWuARIK-Sazx65sOas-2VYTKRkGOV7xegZyTMz8cfxlp7dDNf9CdpuHoJfY8bLjO5ILVN2R1OLYV2h9PgxL4_sCNfeTPH14MNCFJxKsl9KTKL0XoX-hQxhRkd4LEgyn9QZ_EjVWjRxH_q7pAqJ5JLMaWBmtA2UjjysErYwL879lVNfA8PSDbsUfzIb4dyAdl_pLc9GrfihzSD8S0woSEPm-WkQ.pVrzrs491WeoZG8o5nQwuA.3ZpaZusVCQaTuk4jXJaTLFHoYVG5JuPldx5Gj3FiUn3d63MI2lLF2m43K8XfLgm7V9rX3SOJswX0BFXBqObBdBx6DKNlnuFGKPNBLjR3kGN3QS2o_m8F4-y-QBs1ov47rdxdEH541jGRxJINjD3rfXEuTKH5t6XnhWVtEymxzmHsX6WACwAAWkMkJKGZlCvuYIIbc9wUKgA1BT6iRA7HVAIXZbwHFmFhPYqo6-pZy_K8BVreqWuCSOQlQp6hgxwJ2UhAAAY14qMPAyRFRkSSpYSWvFLZ6L5opnpKnz6CKqM65s_rcuBi6Tst4TysgCr0Bpw9cZlbyxYMQz-96Do-j0uQeatdaU9ENesUTn14UoOQONm3_3MudJ18V7POvxFUjZ_UgIA0T27trKaA_tydnAK4TBV1_N7815l_TLL9NyE.1rd8ZtBOEmiF23SDkf9dCFcFqkvv3EkYDrdUwGKyD_0&nonce=cc7c0845-cebc-460f-a081-3f3a5ed8601b
12:17:29.323 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c7fa9c69-9162-4e30-94b8-7c88614bf4f6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21536F.0622.357C.4AD2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.JBeft8v0urfCFzrtCN8BSwBSi8QaxftS5VaVp-vboYU4VuVrLJEUlEs_RxUUox7OaZf2cjEkkRaVCH2RdG3ZVxVX8sFbi8GemV8sCIOAGise7OJGfE0yqssw5RcjhWuARIK-Sazx65sOas-2VYTKRkGOV7xegZyTMz8cfxlp7dDNf9CdpuHoJfY8bLjO5ILVN2R1OLYV2h9PgxL4_sCNfeTPH14MNCFJxKsl9KTKL0XoX-hQxhRkd4LEgyn9QZ_EjVWjRxH_q7pAqJ5JLMaWBmtA2UjjysErYwL879lVNfA8PSDbsUfzIb4dyAdl_pLc9GrfihzSD8S0woSEPm-WkQ.pVrzrs491WeoZG8o5nQwuA.3ZpaZusVCQaTuk4jXJaTLFHoYVG5JuPldx5Gj3FiUn3d63MI2lLF2m43K8XfLgm7V9rX3SOJswX0BFXBqObBdBx6DKNlnuFGKPNBLjR3kGN3QS2o_m8F4-y-QBs1ov47rdxdEH541jGRxJINjD3rfXEuTKH5t6XnhWVtEymxzmHsX6WACwAAWkMkJKGZlCvuYIIbc9wUKgA1BT6iRA7HVAIXZbwHFmFhPYqo6-pZy_K8BVreqWuCSOQlQp6hgxwJ2UhAAAY14qMPAyRFRkSSpYSWvFLZ6L5opnpKnz6CKqM65s_rcuBi6Tst4TysgCr0Bpw9cZlbyxYMQz-96Do-j0uQeatdaU9ENesUTn14UoOQONm3_3MudJ18V7POvxFUjZ_UgIA0T27trKaA_tydnAK4TBV1_N7815l_TLL9NyE.1rd8ZtBOEmiF23SDkf9dCFcFqkvv3EkYDrdUwGKyD_0&nonce=cc7c0845-cebc-460f-a081-3f3a5ed8601b
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=e78791e4-fe4f-48e7-a203-c8d26d5863bb&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1MzZGLjA2MjIuMzU3Qy40QUQyIiwiZXhwIjoxNTMwODExMDI5LCJpYXQiOjE1MzA4MDc0MjksIm5vbmNlIjoiY2M3YzA4NDUtY2ViYy00NjBmLWEwODEtM2YzYTVlZDg2MDFiIiwiYXV0aF90aW1lIjoxNTMwODA3NDI5LCJhdF9oYXNoIjoiTG01RThqSVgtSDRkUkpVcXA2QVR1USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjJBemhNTlhINTZpUHpGXzB3S2NWVHZmWDZvRFY3OGVWOENabVdTa25ScTQifQ.IH48ZEWRXigV1eE3GUFFAkyWnLcQwV_iCEacStclhJoDhZiE0HP92-HBYO3P5UAHlOYnZEEyEJsU1JKgdloidfuLclpxEPv1dcAJuUjhIpgYCdhA7yyGt3zqHn0V4KO3Fjg241VJ39tnupaF7rkBgPnhxPgJmAIsyeHzBi31jcr_ZQFwV1g0T_wvXxdHyXabq1BoCMA_jWhGsgHgVX5LAOcon2v3m2g_iK6Fan7F4nhukgwwpfdcBVx726ZBoh_hBYWc0ec7mhYbQGta-Qk47PPbrMLgTBSz8-EzK_WlsyKXHVfua3zsv6pmi5LmJE6ae4l0VstSZ0RLusAt5XtqCg&session_id=fdfb353e-def0-43be-974b-ffaa373e7f5c&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.JBeft8v0urfCFzrtCN8BSwBSi8QaxftS5VaVp-vboYU4VuVrLJEUlEs_RxUUox7OaZf2cjEkkRaVCH2RdG3ZVxVX8sFbi8GemV8sCIOAGise7OJGfE0yqssw5RcjhWuARIK-Sazx65sOas-2VYTKRkGOV7xegZyTMz8cfxlp7dDNf9CdpuHoJfY8bLjO5ILVN2R1OLYV2h9PgxL4_sCNfeTPH14MNCFJxKsl9KTKL0XoX-hQxhRkd4LEgyn9QZ_EjVWjRxH_q7pAqJ5JLMaWBmtA2UjjysErYwL879lVNfA8PSDbsUfzIb4dyAdl_pLc9GrfihzSD8S0woSEPm-WkQ.pVrzrs491WeoZG8o5nQwuA.3ZpaZusVCQaTuk4jXJaTLFHoYVG5JuPldx5Gj3FiUn3d63MI2lLF2m43K8XfLgm7V9rX3SOJswX0BFXBqObBdBx6DKNlnuFGKPNBLjR3kGN3QS2o_m8F4-y-QBs1ov47rdxdEH541jGRxJINjD3rfXEuTKH5t6XnhWVtEymxzmHsX6WACwAAWkMkJKGZlCvuYIIbc9wUKgA1BT6iRA7HVAIXZbwHFmFhPYqo6-pZy_K8BVreqWuCSOQlQp6hgxwJ2UhAAAY14qMPAyRFRkSSpYSWvFLZ6L5opnpKnz6CKqM65s_rcuBi6Tst4TysgCr0Bpw9cZlbyxYMQz-96Do-j0uQeatdaU9ENesUTn14UoOQONm3_3MudJ18V7POvxFUjZ_UgIA0T27trKaA_tydnAK4TBV1_N7815l_TLL9NyE.1rd8ZtBOEmiF23SDkf9dCFcFqkvv3EkYDrdUwGKyD_0&token_type=bearer&session_state=c7fa9c69-9162-4e30-94b8-7c88614bf4f6&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterAlgRSA15EncA256CBCPLUSHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!352A.035A.AD68.825F",
"client_secret": "54770174-d833-4b76-89c9-16705a83e456",
"registration_access_token": "33bdd9c7-f500-4815-b27f-1241d340607e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!352A.035A.AD68.825F",
"client_id_issued_at": 1530807429,
"client_secret_expires_at": 1530893829,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21352A.035A.AD68.825F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.FjYnheCfp-r4DektM5GTCexDaqEsqhKtbN3QW2sd1WI43Oz4bI1Egh7YR9p_ZYXGXuY1QDM_yDCugbLpki0Ri43KlpQKRZHsWckyuedVOAcKablpV9httzXTjZPYWk5yewJfDT7yJH_sBik6hilZIZKn_vFAVOHelJ2dNxy6obDNlBwx4sDrQw64CT8AGALtljCt5vpMe1Au07fEJtLUEMkcUBEAz46cXLeIlJjbkLEDKsDcMWw8QrPD8YDpltmozhek9-ei8yym12SBMrz5bHDhvN55hyiH1HUTYWE6TiWxiqZL_9dXx3e30vCxzXcExzP1eEFeO4jy5uanB9oM_A.FtSrLUYClUHM2nI9mznwUg.k_xD4k17JKcDz2mGZvXE8S8zB08UMBUE8AXujal6ZDGe_lNr-b3fRKDZkXlOu_A1CHzjDr74qbTXv4GDkEQcwiUjSHGJloXRnxg5F2CRoalFFJVJ1XM3Jr5odzT5G_QVtla_GOCQP5JBVW6RKfxQ9OvjEG4VLxrifV0ecVuIxX5oFHQYGZNvh9s3mjW7qCJwYUyPzF5SbZ_ybOU6H8A8SRWCtEkN4dvJX8WQpvllB4wZBKXzqQuLi6xiJVY3smL47satFeBdwsZWOTxEEbW53uH_EJRnKckcmWm4QiOBclaN7dtbuvMSzlrvOM00rs6xLEreUjw3vgqnr1Upy-JaJUZ3d7C_peemiMf0oGX4kBy5-Nh-RGnRs0QAI5AT4Uc_HEY4PkhhZuDhAvpy708LbT88LsOmPlAhJ0xcmgCWmrA.zjeTMVg8UZq46F4ec9ALCHK8NODXZtWhYC2uG2tC9TK3UYGIOGlbam0cthbZJmSRAr4XuNNh-uFJ6A44qp6F7A&nonce=7633dfa1-254a-4c6a-825b-a5df5f570f56
12:17:30.781 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f7e76867-8465-416b-9be2-501087454d74
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21352A.035A.AD68.825F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.FjYnheCfp-r4DektM5GTCexDaqEsqhKtbN3QW2sd1WI43Oz4bI1Egh7YR9p_ZYXGXuY1QDM_yDCugbLpki0Ri43KlpQKRZHsWckyuedVOAcKablpV9httzXTjZPYWk5yewJfDT7yJH_sBik6hilZIZKn_vFAVOHelJ2dNxy6obDNlBwx4sDrQw64CT8AGALtljCt5vpMe1Au07fEJtLUEMkcUBEAz46cXLeIlJjbkLEDKsDcMWw8QrPD8YDpltmozhek9-ei8yym12SBMrz5bHDhvN55hyiH1HUTYWE6TiWxiqZL_9dXx3e30vCxzXcExzP1eEFeO4jy5uanB9oM_A.FtSrLUYClUHM2nI9mznwUg.k_xD4k17JKcDz2mGZvXE8S8zB08UMBUE8AXujal6ZDGe_lNr-b3fRKDZkXlOu_A1CHzjDr74qbTXv4GDkEQcwiUjSHGJloXRnxg5F2CRoalFFJVJ1XM3Jr5odzT5G_QVtla_GOCQP5JBVW6RKfxQ9OvjEG4VLxrifV0ecVuIxX5oFHQYGZNvh9s3mjW7qCJwYUyPzF5SbZ_ybOU6H8A8SRWCtEkN4dvJX8WQpvllB4wZBKXzqQuLi6xiJVY3smL47satFeBdwsZWOTxEEbW53uH_EJRnKckcmWm4QiOBclaN7dtbuvMSzlrvOM00rs6xLEreUjw3vgqnr1Upy-JaJUZ3d7C_peemiMf0oGX4kBy5-Nh-RGnRs0QAI5AT4Uc_HEY4PkhhZuDhAvpy708LbT88LsOmPlAhJ0xcmgCWmrA.zjeTMVg8UZq46F4ec9ALCHK8NODXZtWhYC2uG2tC9TK3UYGIOGlbam0cthbZJmSRAr4XuNNh-uFJ6A44qp6F7A&nonce=7633dfa1-254a-4c6a-825b-a5df5f570f56
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=d682e929-2c6a-4dd6-bc37-485e18c40d34&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNTJBLjAzNUEuQUQ2OC44MjVGIiwiZXhwIjoxNTMwODExMDMwLCJpYXQiOjE1MzA4MDc0MzAsIm5vbmNlIjoiNzYzM2RmYTEtMjU0YS00YzZhLTgyNWItYTVkZjVmNTcwZjU2IiwiYXV0aF90aW1lIjoxNTMwODA3NDMwLCJhdF9oYXNoIjoidlZ4aHZqX0xMM2liczlxMnduSmFUZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlQzOE5INGRISUJicjlPSmtxa1VTd0RvbFg5TVZfNmR5ZElXMFJ3emVQSEUifQ.aiRrWfgIL39Gzg0vitNdKh4PAyJRXGFWpCaRLgMuPd1SDuBKsC5vnFNGwm7i7XKi1Yhc2Pos1gkktWz5QFkJ6UBx9b4EcmR1ANXjuCuJE8nqKgMz6zZbwxPet722o8p12Y6hb-8h8Yehsg6ZKbOUvCMXkYTu-uC43r-squUT9XDsyg3O64N_wbbyJ4b4bE7HHW6YxkzohzolNCiBiNGcsBo6cADP6LonavraCz6lSuKe3xRr3aZ2X4DXluC_5AGGc85MYPLvlWARlhNd8zy4YXmj0Kjy20l1Jc4KjHBa12HUmpu5xjkTbNgbjVJy6suBZUGGY6SWAvfDdUaMfBjhIg&session_id=a83e8121-b744-454e-93d0-e54f09ebc3a6&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.FjYnheCfp-r4DektM5GTCexDaqEsqhKtbN3QW2sd1WI43Oz4bI1Egh7YR9p_ZYXGXuY1QDM_yDCugbLpki0Ri43KlpQKRZHsWckyuedVOAcKablpV9httzXTjZPYWk5yewJfDT7yJH_sBik6hilZIZKn_vFAVOHelJ2dNxy6obDNlBwx4sDrQw64CT8AGALtljCt5vpMe1Au07fEJtLUEMkcUBEAz46cXLeIlJjbkLEDKsDcMWw8QrPD8YDpltmozhek9-ei8yym12SBMrz5bHDhvN55hyiH1HUTYWE6TiWxiqZL_9dXx3e30vCxzXcExzP1eEFeO4jy5uanB9oM_A.FtSrLUYClUHM2nI9mznwUg.k_xD4k17JKcDz2mGZvXE8S8zB08UMBUE8AXujal6ZDGe_lNr-b3fRKDZkXlOu_A1CHzjDr74qbTXv4GDkEQcwiUjSHGJloXRnxg5F2CRoalFFJVJ1XM3Jr5odzT5G_QVtla_GOCQP5JBVW6RKfxQ9OvjEG4VLxrifV0ecVuIxX5oFHQYGZNvh9s3mjW7qCJwYUyPzF5SbZ_ybOU6H8A8SRWCtEkN4dvJX8WQpvllB4wZBKXzqQuLi6xiJVY3smL47satFeBdwsZWOTxEEbW53uH_EJRnKckcmWm4QiOBclaN7dtbuvMSzlrvOM00rs6xLEreUjw3vgqnr1Upy-JaJUZ3d7C_peemiMf0oGX4kBy5-Nh-RGnRs0QAI5AT4Uc_HEY4PkhhZuDhAvpy708LbT88LsOmPlAhJ0xcmgCWmrA.zjeTMVg8UZq46F4ec9ALCHK8NODXZtWhYC2uG2tC9TK3UYGIOGlbam0cthbZJmSRAr4XuNNh-uFJ6A44qp6F7A&token_type=bearer&session_state=f7e76867-8465-416b-9be2-501087454d74&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterAlgRSAOAEPEncA256GCM
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C96F.7EC2.7164.D326",
"client_secret": "edb5a1a1-7256-4e11-9e4b-ae9bdeb2c4a8",
"registration_access_token": "e5370bce-857c-42f2-be21-0ca58e438953",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C96F.7EC2.7164.D326",
"client_id_issued_at": 1530807430,
"client_secret_expires_at": 1530893830,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C96F.7EC2.7164.D326&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.BAIX5LtUzcRGSxO3GlPULeH5qLURVXSaRyWEuwmDBoCdFWvNDnhhcrbLD4Y-zUhIlAZgXUIpMtdbgaSXYZS2ztmZPhv6a9-00uZ-IpNg8-qy89wLhHY4DEaT5948XGbEPpGXP6lys98T6Yv8PltWLpp3SyGkhwqpeiPUzk3uwtxq4OmiWQrlxY_BGJyYSLrXxEgbW4QhYTPIZOYs8YsBSQfdi4OPHK5abTOHKaEOvXhJ6Sa9E9Alx3llmEQ0HXHOFIJ62AKwulzvmyw44tjRJ55MfoUo5rjMc9b7yX7zTji72PBHROQsKZd7X6aA3uLFNGQJNcg_22disWithGU3Lw.8sXUW4g9mCwlTomd.NYs9wW4R7mW44RKMUNH6RFeCyNFdjFl0eIY7AQdQXsJUXDnG_eZWfeO6jUYrwI_PKHRYStAJWP26h7HoWVPAz3lY1gUu4aDKn8Z36md8uemxxakaarzeRmJwi9p9OMwtjuWHUAleACs5omnFq0CTCDYk6hL91-eFB8cLuVUFD2xCAT22wX8a1qTsjDRlah_Mkj0ZPfLEQsCwMVALTP0dbd4TWWEpR74X-5zHZTZtKbZ5u6oBYBWpeI8yKfA6SbAMU49MrAG3orxOYJAEG1qWe7w4PR3JUyXpFE_B0ryT4OarpXB088ApNXxFEqC5FgoKFUFjJRqDhlb3lHgKtT9TaMb4rN71467sbYkF53fMoyJ-ZMa84JKiCiNhaW9tqmpXKxnNYWT3agWXoblQUqPxOY1nag.uXCISQjBS1dKtz9HQtRXCA&nonce=561c55a4-0cb8-4a7f-9835-bd1dc0878e5d
12:17:32.196 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:806e1400-02d6-4f5e-8d53-29c24cb28b06
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C96F.7EC2.7164.D326&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.BAIX5LtUzcRGSxO3GlPULeH5qLURVXSaRyWEuwmDBoCdFWvNDnhhcrbLD4Y-zUhIlAZgXUIpMtdbgaSXYZS2ztmZPhv6a9-00uZ-IpNg8-qy89wLhHY4DEaT5948XGbEPpGXP6lys98T6Yv8PltWLpp3SyGkhwqpeiPUzk3uwtxq4OmiWQrlxY_BGJyYSLrXxEgbW4QhYTPIZOYs8YsBSQfdi4OPHK5abTOHKaEOvXhJ6Sa9E9Alx3llmEQ0HXHOFIJ62AKwulzvmyw44tjRJ55MfoUo5rjMc9b7yX7zTji72PBHROQsKZd7X6aA3uLFNGQJNcg_22disWithGU3Lw.8sXUW4g9mCwlTomd.NYs9wW4R7mW44RKMUNH6RFeCyNFdjFl0eIY7AQdQXsJUXDnG_eZWfeO6jUYrwI_PKHRYStAJWP26h7HoWVPAz3lY1gUu4aDKn8Z36md8uemxxakaarzeRmJwi9p9OMwtjuWHUAleACs5omnFq0CTCDYk6hL91-eFB8cLuVUFD2xCAT22wX8a1qTsjDRlah_Mkj0ZPfLEQsCwMVALTP0dbd4TWWEpR74X-5zHZTZtKbZ5u6oBYBWpeI8yKfA6SbAMU49MrAG3orxOYJAEG1qWe7w4PR3JUyXpFE_B0ryT4OarpXB088ApNXxFEqC5FgoKFUFjJRqDhlb3lHgKtT9TaMb4rN71467sbYkF53fMoyJ-ZMa84JKiCiNhaW9tqmpXKxnNYWT3agWXoblQUqPxOY1nag.uXCISQjBS1dKtz9HQtRXCA&nonce=561c55a4-0cb8-4a7f-9835-bd1dc0878e5d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=779fa365-d4ab-4d15-8aa8-4a1e621335b0&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDOTZGLjdFQzIuNzE2NC5EMzI2IiwiZXhwIjoxNTMwODExMDMyLCJpYXQiOjE1MzA4MDc0MzIsIm5vbmNlIjoiNTYxYzU1YTQtMGNiOC00YTdmLTk4MzUtYmQxZGMwODc4ZTVkIiwiYXV0aF90aW1lIjoxNTMwODA3NDMyLCJhdF9oYXNoIjoiX3Ixb3pOUG85b1BYWmZYWnMtTVdMZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkhOOHpwMy1KYVpaazFqQ0M3akkxY0JfeDRMQmdOOUFUSHZhazRRZlhVcWMifQ.I4wyo1CQxF2YUjmAWUIxVK1WIXJBLTxh9nLJPGwgDp6BrBoY-jca8qyIbzqnJGkes3e5Ed025rmOjwfXqTlN9pJH5rtOML6cVjF5ru8YdQsRL7KF49I0tUcddoqLq__a90smNPiFdR_kRORMPN_cN7XxiSA2KotXP39UW0odR-MueDQNu9PPP89G1PzVWsUYPwk0T-a-c747c8M6OXCqebtEIdLpy51r02ZTBPnT5HypNm-0oufgnwdAO1syoYsagrtEmg3k0oWLwH45knwF4Dg9JJZabs-8OnggMRpjWujwUnEBl7u14zWBR1edDGEivI2t9Z70b0IZxpW1fZ1TDA&session_id=56270df4-da81-48ee-b2f4-66cb9eee8733&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.BAIX5LtUzcRGSxO3GlPULeH5qLURVXSaRyWEuwmDBoCdFWvNDnhhcrbLD4Y-zUhIlAZgXUIpMtdbgaSXYZS2ztmZPhv6a9-00uZ-IpNg8-qy89wLhHY4DEaT5948XGbEPpGXP6lys98T6Yv8PltWLpp3SyGkhwqpeiPUzk3uwtxq4OmiWQrlxY_BGJyYSLrXxEgbW4QhYTPIZOYs8YsBSQfdi4OPHK5abTOHKaEOvXhJ6Sa9E9Alx3llmEQ0HXHOFIJ62AKwulzvmyw44tjRJ55MfoUo5rjMc9b7yX7zTji72PBHROQsKZd7X6aA3uLFNGQJNcg_22disWithGU3Lw.8sXUW4g9mCwlTomd.NYs9wW4R7mW44RKMUNH6RFeCyNFdjFl0eIY7AQdQXsJUXDnG_eZWfeO6jUYrwI_PKHRYStAJWP26h7HoWVPAz3lY1gUu4aDKn8Z36md8uemxxakaarzeRmJwi9p9OMwtjuWHUAleACs5omnFq0CTCDYk6hL91-eFB8cLuVUFD2xCAT22wX8a1qTsjDRlah_Mkj0ZPfLEQsCwMVALTP0dbd4TWWEpR74X-5zHZTZtKbZ5u6oBYBWpeI8yKfA6SbAMU49MrAG3orxOYJAEG1qWe7w4PR3JUyXpFE_B0ryT4OarpXB088ApNXxFEqC5FgoKFUFjJRqDhlb3lHgKtT9TaMb4rN71467sbYkF53fMoyJ-ZMa84JKiCiNhaW9tqmpXKxnNYWT3agWXoblQUqPxOY1nag.uXCISQjBS1dKtz9HQtRXCA&token_type=bearer&session_state=806e1400-02d6-4f5e-8d53-29c24cb28b06&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3921.B16B.0D53.6B5D",
"client_secret": "4e0a4b73-6a3c-45ff-9067-edab6ffe60d2",
"registration_access_token": "afcc69ea-a1b3-4d76-926b-046a331ac335",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3921.B16B.0D53.6B5D",
"client_id_issued_at": 1530807432,
"client_secret_expires_at": 1530893832,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213921.B16B.0D53.6B5D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiJhYmRkY2RkNi0xZjVjLTQxZmItOWVkMS0zMmM5MzFiYmJmMmIiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiJmMjEyMDAxNi00NTU1LTRiNTUtYjBmMC0wZTQ3ZDQzNWI4YjgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEYCIQDpYJhdlhuHdLoR_S_mO52rqFyCMwQhIfknLMfcNeidFgIhAMLJdjZzpiI8fGNdV9b4kfz-JoYFs38i0BaFiI2HPkFf&nonce=afdcb8c2-81b2-4b61-8a7d-725143cf54a8
12:17:33.646 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:717ed15f-65a1-468b-907a-e1287085b518
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213921.B16B.0D53.6B5D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiJhYmRkY2RkNi0xZjVjLTQxZmItOWVkMS0zMmM5MzFiYmJmMmIiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiJmMjEyMDAxNi00NTU1LTRiNTUtYjBmMC0wZTQ3ZDQzNWI4YjgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEYCIQDpYJhdlhuHdLoR_S_mO52rqFyCMwQhIfknLMfcNeidFgIhAMLJdjZzpiI8fGNdV9b4kfz-JoYFs38i0BaFiI2HPkFf&nonce=afdcb8c2-81b2-4b61-8a7d-725143cf54a8
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=af48dba8-1f9d-4236-80db-2f7505824f5a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzOTIxLkIxNkIuMEQ1My42QjVEIiwiZXhwIjoxNTMwODExMDMzLCJpYXQiOjE1MzA4MDc0MzMsIm5vbmNlIjoiYWZkY2I4YzItODFiMi00YjYxLThhN2QtNzI1MTQzY2Y1NGE4IiwiYXV0aF90aW1lIjoxNTMwODA3NDMzLCJhdF9oYXNoIjoiT3UxVFFiM2xZbXNkakJ0bjc2LVZ5USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InpVTm0xNjJCdTdubzZHV09DUXVyUDBkNmFLM1ZqSC1Qdmd6OEhrZl9vM2MifQ.Za0XaVkK254MCAka2ntl8RMmpRwG_PN5BwGls2aEq8HreJSDOT0q0GkeCz_0RfnRLAEM1D03gmFF4z3uQSzRWYmsuLQexRSPPp3TqBcmebcCFZbY_a9BMKO8S0N_docnfoQoLOLIU6nj8O-Mm09A4n-KZ8xGIEhlcAFH_9WLV4xjkH5joqbH2huG-jzVBIac0XPfLsLK_ZWLezOQ-krHFOb1csO2MHhCDUetMz0SqevhE_R_rG_CXtmB5dFMQPHvpX_CzPk0aJf-NHWTj8SLVlwaLDWdCIsjebitH7oSNY1dVxxMrsgpe0tq_KTskFV9DyTlctZFYHV4mAWJMawJFA&session_id=b5d81406-580d-4c92-ad53-7ed8e7e817ec&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiJhYmRkY2RkNi0xZjVjLTQxZmItOWVkMS0zMmM5MzFiYmJmMmIiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiJmMjEyMDAxNi00NTU1LTRiNTUtYjBmMC0wZTQ3ZDQzNWI4YjgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEYCIQDpYJhdlhuHdLoR_S_mO52rqFyCMwQhIfknLMfcNeidFgIhAMLJdjZzpiI8fGNdV9b4kfz-JoYFs38i0BaFiI2HPkFf&token_type=bearer&session_state=717ed15f-65a1-468b-907a-e1287085b518&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BCCB.4375.0977.34D0",
"client_secret": "5993a640-e0a1-48ee-879e-2dd3634982dc",
"registration_access_token": "e0882997-a263-4b77-a1ad-334af0c4ed16",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BCCB.4375.0977.34D0",
"client_id_issued_at": 1530807433,
"client_secret_expires_at": 1530893833,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BCCB.4375.0977.34D0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiJiMzkyMjFhZS04NDI2LTRhNjUtYTE4Yi1jMjE2N2Y5YWUxYTciLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI1NzIyNTJmOC0yNTcyLTRiMjctYTU1Mi02MzY3M2ZmOWUzMDEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGQCMCzfoXwPLYWKcPgEr5cZx_Z0culp-vT6Xl_OoO6DgRlF3YdKWkm3wPHGgDQet4a8_gIwVNfErlaNXRFlE-Cr4e9GqNMJWdM6nVzvKuSHXzCRd_bKsFmDdjEjGE089UlDqq6r&nonce=6c8fdd5e-b3d3-4a49-a271-0027fe45869d
12:17:34.952 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b119726b-dfe5-43a8-a8f8-6178c3f7662b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BCCB.4375.0977.34D0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiJiMzkyMjFhZS04NDI2LTRhNjUtYTE4Yi1jMjE2N2Y5YWUxYTciLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI1NzIyNTJmOC0yNTcyLTRiMjctYTU1Mi02MzY3M2ZmOWUzMDEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGQCMCzfoXwPLYWKcPgEr5cZx_Z0culp-vT6Xl_OoO6DgRlF3YdKWkm3wPHGgDQet4a8_gIwVNfErlaNXRFlE-Cr4e9GqNMJWdM6nVzvKuSHXzCRd_bKsFmDdjEjGE089UlDqq6r&nonce=6c8fdd5e-b3d3-4a49-a271-0027fe45869d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5dd1d7dd-b1bf-4045-91f9-096f778b6854&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCQ0NCLjQzNzUuMDk3Ny4zNEQwIiwiZXhwIjoxNTMwODExMDM0LCJpYXQiOjE1MzA4MDc0MzQsIm5vbmNlIjoiNmM4ZmRkNWUtYjNkMy00YTQ5LWEyNzEtMDAyN2ZlNDU4NjlkIiwiYXV0aF90aW1lIjoxNTMwODA3NDM0LCJhdF9oYXNoIjoiQVBRTk0xQzl0LTdRX3FfdkpLQUxxZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlZEZEt0TmVVMHpNbjJNc3B3amd1VUlPNG8yYVpNYUk1OEFaNkxHb0FoQmcifQ.nyMOVtwgMxSunu8IYj_eZIw_aWD-57xdUHAuzh9WE9XhlaixcPcwkh-xN3kFxz53HvPE20rVl7ATvcHKc3TW0oVSvXNGiHw16AzCP0Meu2h0zpwn2ok_C7VF9W6xEMFQRkPbLlsIOa9V3Q1_TmSANaELjK2S311OH4XTL9EpWuKdzfNHdc8wrqSJVvKb4gizpVGaoMz1DUiHIkZQ0ejyxkYwWSzUkvi0QOOCczj3r1IExK-U_xTHWYWFhi1mELXdFRUzQv3CsXlGtpsHSYUM68uqsDCkb1Oua2n2JcCxf79iZAG0WB-MR5X2SG_lzpZoz16rU-U9GjiwQCkDd6WeWQ&session_id=fcbe1229-13f8-43ed-8787-d6d2570ce224&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiJiMzkyMjFhZS04NDI2LTRhNjUtYTE4Yi1jMjE2N2Y5YWUxYTciLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI1NzIyNTJmOC0yNTcyLTRiMjctYTU1Mi02MzY3M2ZmOWUzMDEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGQCMCzfoXwPLYWKcPgEr5cZx_Z0culp-vT6Xl_OoO6DgRlF3YdKWkm3wPHGgDQet4a8_gIwVNfErlaNXRFlE-Cr4e9GqNMJWdM6nVzvKuSHXzCRd_bKsFmDdjEjGE089UlDqq6r&token_type=bearer&session_state=b119726b-dfe5-43a8-a8f8-6178c3f7662b&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3EFA.0662.9A68.4061",
"client_secret": "dafcee8d-0315-41b4-8e6f-a1aca33b6fba",
"registration_access_token": "55424ab9-b16b-4514-8a8f-48e1503cf9ab",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3EFA.0662.9A68.4061",
"client_id_issued_at": 1530807435,
"client_secret_expires_at": 1530893835,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213EFA.0662.9A68.4061&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiI3MDIzYjk1Yi1jNTE1LTQwOTEtOGYwMy0zNDVkMWFkYTUzYzUiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiI2N2VmMjI5Mi1mMTQzLTQ4YTYtYTkwYy0xYjdmNzFjODNmMjUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGHAkFTStXfD3aobH7B7LdQZz8g656CyVt5S58_iHgqXGAgywRuZcK4i-ISMkh5d7s_OvQzj3hdoD0wcdmzIWMv-USxSAJCAflYhjcgqdz9MkWvexXs0lBk9QnoouKThxUBnVXzaJkA4tu8dxB02VwTk2FydTANSakAXhvSlLQ9JxxH58U5T4dP&nonce=f7d8c778-4b53-4d4e-a26e-108b949da238
12:17:36.389 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d36fa489-5767-4ea6-8571-30dc54d4c893
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213EFA.0662.9A68.4061&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiI3MDIzYjk1Yi1jNTE1LTQwOTEtOGYwMy0zNDVkMWFkYTUzYzUiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiI2N2VmMjI5Mi1mMTQzLTQ4YTYtYTkwYy0xYjdmNzFjODNmMjUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGHAkFTStXfD3aobH7B7LdQZz8g656CyVt5S58_iHgqXGAgywRuZcK4i-ISMkh5d7s_OvQzj3hdoD0wcdmzIWMv-USxSAJCAflYhjcgqdz9MkWvexXs0lBk9QnoouKThxUBnVXzaJkA4tu8dxB02VwTk2FydTANSakAXhvSlLQ9JxxH58U5T4dP&nonce=f7d8c778-4b53-4d4e-a26e-108b949da238
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=b135fcd8-24c7-471e-8a33-9058d592e4b3&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRUZBLjA2NjIuOUE2OC40MDYxIiwiZXhwIjoxNTMwODExMDM2LCJpYXQiOjE1MzA4MDc0MzYsIm5vbmNlIjoiZjdkOGM3NzgtNGI1My00ZDRlLWEyNmUtMTA4Yjk0OWRhMjM4IiwiYXV0aF90aW1lIjoxNTMwODA3NDM2LCJhdF9oYXNoIjoibERWX3ZBN19YS3BPR1VWWks4djFRZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkxQdGEzVnpvRHRoNzlIY0FKeUh4ZlFVa0loZGhqb3ZGM3J5TTNRSnVTMU0ifQ.oL6xKv8n2Vpk-28jd8TIHxXzXO5m9hY3kFinaw5wEaDu8B87GDv9fjSx-vmkr1UDYc4VYxDL7e3Icg1FY32lOPcsQ3tj0fydvopyDEFsorwS3tqRzY4S65jzGa7d736V8dVi9LCr1em2yGUceEq6r8TJ-50IlFCecHKt_YcwAbx8OWT5WugbrI2tZ7WCeJCN7c1Az0IdAIHwCib-gLj9TUBW3loGQsz2QIapB1UeoZXog2tUn8Yew5WdBqi5YEtC1ydc9XaD8yJvRUbjcH5RLUtn_qTI4Gczlr0xtt-UJmXiuwZPAfOqHc-Ft0iLiu4cZpl2pgxyhI9tu_hf8l4UBA&session_id=056404f5-eccb-4d10-8317-b7516cac6b7d&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiI3MDIzYjk1Yi1jNTE1LTQwOTEtOGYwMy0zNDVkMWFkYTUzYzUiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiI2N2VmMjI5Mi1mMTQzLTQ4YTYtYTkwYy0xYjdmNzFjODNmMjUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGHAkFTStXfD3aobH7B7LdQZz8g656CyVt5S58_iHgqXGAgywRuZcK4i-ISMkh5d7s_OvQzj3hdoD0wcdmzIWMv-USxSAJCAflYhjcgqdz9MkWvexXs0lBk9QnoouKThxUBnVXzaJkA4tu8dxB02VwTk2FydTANSakAXhvSlLQ9JxxH58U5T4dP&token_type=bearer&session_state=d36fa489-5767-4ea6-8571-30dc54d4c893&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9D64.F3EC.6DD0.AC36",
"client_secret": "bc109731-4506-4c85-9816-b1e2b07ea66a",
"registration_access_token": "2557425e-db92-4d03-8fb2-c9b9b6af47b3",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9D64.F3EC.6DD0.AC36",
"client_id_issued_at": 1530807436,
"client_secret_expires_at": 1530893836,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219D64.F3EC.6DD0.AC36&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiJlMDM3NjkyYy02MWZiLTQzZGYtYjlkMy1kNzRjY2UwNmUzZDMiLCJqdGkiOiIyODk5ZjFlYy1kYmY5LTQ3YzgtOWVjNi00YmY3ZGQyYTM1YmQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MOD6BXTK431RvxGBJ-zTrXlniQvbLmMJXw-nAU0diKc&nonce=b92af257-0db9-40b7-8325-a5710f94b481
12:17:37.721 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:44d41764-9a9b-4571-88b4-b323f772d705
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219D64.F3EC.6DD0.AC36&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiJlMDM3NjkyYy02MWZiLTQzZGYtYjlkMy1kNzRjY2UwNmUzZDMiLCJqdGkiOiIyODk5ZjFlYy1kYmY5LTQ3YzgtOWVjNi00YmY3ZGQyYTM1YmQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MOD6BXTK431RvxGBJ-zTrXlniQvbLmMJXw-nAU0diKc&nonce=b92af257-0db9-40b7-8325-a5710f94b481
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=c510d213-25e6-4022-a6c7-a586a367c064&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RDY0LkYzRUMuNkREMC5BQzM2IiwiZXhwIjoxNTMwODExMDM3LCJpYXQiOjE1MzA4MDc0MzcsIm5vbmNlIjoiYjkyYWYyNTctMGRiOS00MGI3LTgzMjUtYTU3MTBmOTRiNDgxIiwiYXV0aF90aW1lIjoxNTMwODA3NDM3LCJhdF9oYXNoIjoiMkZYLUVtTGhBdU82eld5b0JmVlV4dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlpOU1hMcTR0X3VHTmZIaUtyODBqWkV2eGZlcmY0SjlFMWxCSlNqcGtwelkifQ.lB1VgHWDBwqz_wDHNTWeMdt0t5Z4bWZErbeQz3Dsp8Yt2-TctFh84CHuy4bmdpfVOh7zCWB3vnMF92uAcaS814eOJItxydp9u4iK6hYjz6ZNlBIFbtwNIUNkuLFeN18gWNJp7KxkQTWKpmcjBfwkK9AhNrXF78GeYHeXrGgZ4Ja7uZxiQcKQv4aSDEANj94LPGSZOToQMxesQp2M8lmXalK0uP-xWJc2FM78-MHiwDptZDdnIc-mMS4gGH1vkDLs5RGuA42GaP6muP3Jmx8WQUtWpEloko4sLSqC4B5mVIxl95i2x2bRA-XFKUNhGP7Qor4MXtvfohkXP2UaBNGYYg&session_id=ee9dfe6a-b097-443b-96f2-a617b5e74215&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiJlMDM3NjkyYy02MWZiLTQzZGYtYjlkMy1kNzRjY2UwNmUzZDMiLCJqdGkiOiIyODk5ZjFlYy1kYmY5LTQ3YzgtOWVjNi00YmY3ZGQyYTM1YmQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MOD6BXTK431RvxGBJ-zTrXlniQvbLmMJXw-nAU0diKc&token_type=bearer&session_state=44d41764-9a9b-4571-88b4-b323f772d705&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterHS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3379.C250.EF4E.3EEC",
"client_secret": "4bcf3a5a-0a06-4c4f-9651-0a30cb1cb7d8",
"registration_access_token": "dc0845c0-a6c7-4577-96fe-83306767ebbf",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3379.C250.EF4E.3EEC",
"client_id_issued_at": 1530807437,
"client_secret_expires_at": 1530893837,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213379.C250.EF4E.3EEC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiIyN2RmMTYxOC03MmM4LTQzMTktOTNmZi01MzBiYTZjN2UxNjAiLCJqdGkiOiI3MWE0YTM3OS0xYTA3LTQ1ZGUtOTNjZS0zOTI1MWM2YjE3NjYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.M8JbbYyo9M8wy1mvm-FfDbqe0DkbDFbUb0CoXIzERDK_R5ZhkQJH4VS1JyoWaVLQ&nonce=57c1a65b-234a-46eb-a74e-84ea05657732
12:17:39.154 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3a1632bd-536d-424d-b0ae-8284335fed60
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213379.C250.EF4E.3EEC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiIyN2RmMTYxOC03MmM4LTQzMTktOTNmZi01MzBiYTZjN2UxNjAiLCJqdGkiOiI3MWE0YTM3OS0xYTA3LTQ1ZGUtOTNjZS0zOTI1MWM2YjE3NjYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.M8JbbYyo9M8wy1mvm-FfDbqe0DkbDFbUb0CoXIzERDK_R5ZhkQJH4VS1JyoWaVLQ&nonce=57c1a65b-234a-46eb-a74e-84ea05657732
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=4e5f8aaa-2179-41bf-a708-d2125346f0d1&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzMzc5LkMyNTAuRUY0RS4zRUVDIiwiZXhwIjoxNTMwODExMDM5LCJpYXQiOjE1MzA4MDc0MzksIm5vbmNlIjoiNTdjMWE2NWItMjM0YS00NmViLWE3NGUtODRlYTA1NjU3NzMyIiwiYXV0aF90aW1lIjoxNTMwODA3NDM4LCJhdF9oYXNoIjoiNE9BaFBPcE1KclRydWNoZGU4ZGUxZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlRfSnZfUUtHUkZuMXFnWG9rVHdEWkZXdzU5T1g5ZEpnTDFodW1mT1lKZVUifQ.JTKfxxrK09SkuDH8U9PQXWjDRHD9Xsexz9DPUXVRWZ9Kyx9EXSvLSnT2qqNah-m1ICIPj266GITsbvDtWCQNEVjQHkVJzOrQqwCkr3EWw1ZRC92_C9b4cFkxq39Fmgx4VStTkk0cUSOEVUWeixKNBCCPDAFvFPWijEeJs9Ht-crBMmbp0-qKqRi4S--Ay2efKrDwQWaHlh3ey_0dh5i3aC2b9nv9EUP92yBIXRyPpypB4fVnqnN6aGYd01FcJ_q9D1NJJ4AzxHLeZFBUpJ23RY0vQ3w3YuAoDJgV9ZkdhEFLQ8WWIUWBAJNfqtJjSJ_olTHWNDAzQgJo57WdBwvUGw&session_id=37a6bec4-17a3-4d2e-9977-b3a1f5992429&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiIyN2RmMTYxOC03MmM4LTQzMTktOTNmZi01MzBiYTZjN2UxNjAiLCJqdGkiOiI3MWE0YTM3OS0xYTA3LTQ1ZGUtOTNjZS0zOTI1MWM2YjE3NjYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.M8JbbYyo9M8wy1mvm-FfDbqe0DkbDFbUb0CoXIzERDK_R5ZhkQJH4VS1JyoWaVLQ&token_type=bearer&session_state=3a1632bd-536d-424d-b0ae-8284335fed60&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF7B.38B9.6854.8854",
"client_secret": "0dea7df7-aa63-4325-800e-842dea9fc519",
"registration_access_token": "12dff0a9-4ff6-4d5c-86a3-54651d4f4361",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF7B.38B9.6854.8854",
"client_id_issued_at": 1530807439,
"client_secret_expires_at": 1530893839,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CF7B.38B9.6854.8854&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiJiZmRmYWNjYi1jMzhmLTQ1ODktYjliZi02ODBmNzE2N2Q0OGYiLCJqdGkiOiJjNmY1NmZkMC04ZmZlLTQyNDItYmJmOC04MTE2Yjc2NzA2OWQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Pizr9uime27A3WaRBuAXHXEF7ZNaKyit0jvNzbLhIHVA2Vdf3ijB75XymYVbswJNCguJ1Gh0UpSh6DsfM9G7tQ&nonce=6b060083-7c97-4cb0-8bb3-a4747e26798e
12:17:40.575 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:abcf4796-9321-4fa3-9c9d-576ff34f05bc
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CF7B.38B9.6854.8854&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiJiZmRmYWNjYi1jMzhmLTQ1ODktYjliZi02ODBmNzE2N2Q0OGYiLCJqdGkiOiJjNmY1NmZkMC04ZmZlLTQyNDItYmJmOC04MTE2Yjc2NzA2OWQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Pizr9uime27A3WaRBuAXHXEF7ZNaKyit0jvNzbLhIHVA2Vdf3ijB75XymYVbswJNCguJ1Gh0UpSh6DsfM9G7tQ&nonce=6b060083-7c97-4cb0-8bb3-a4747e26798e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=17d89f74-498e-4ecf-a8e1-e56955e23ec4&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDRjdCLjM4QjkuNjg1NC44ODU0IiwiZXhwIjoxNTMwODExMDQwLCJpYXQiOjE1MzA4MDc0NDAsIm5vbmNlIjoiNmIwNjAwODMtN2M5Ny00Y2IwLThiYjMtYTQ3NDdlMjY3OThlIiwiYXV0aF90aW1lIjoxNTMwODA3NDQwLCJhdF9oYXNoIjoiUEgtR3pzdVZxb1lLQUNiazhBd0RiQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IllLYmlKSXhmVENMWnNSazQzVDRjblRRS0hNZS0xRWk4ODFBSk9WNUdkS00ifQ.KT7WSJJYyhe0WyWDFHO4ZVUio7TLp11u0FlP1WgqyqOMpjvpvH3tOvunWjLTqGfhfI5TkDT5t1aZKfcHY02XWZ50NLiPBux6CTaKHB27BYsAvIvBGTMRdOWH9y3XcCp8ukx8kthKgkPJ5WKA_sCVjNk-Pd0-qH0HJX3sqi3CMzLcfzIaX6PmEMfzN_4q0tuBeIISxeiJq_Cs88lYa-B6bq2Iv1u4Q1YLhIQBBBdnbtRvBNZKkmqgbpJ30JuQ6CGM6AtOAtIJm0F1LXfdQexE_VudGxb9qGlHj6prd6Sep5p2Qc7il5Z9nFdgw7KKkxamVnI2A3J3oQuF56FT0F5Yuw&session_id=4f1641a9-aff6-443b-992a-932ba0fea553&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiJiZmRmYWNjYi1jMzhmLTQ1ODktYjliZi02ODBmNzE2N2Q0OGYiLCJqdGkiOiJjNmY1NmZkMC04ZmZlLTQyNDItYmJmOC04MTE2Yjc2NzA2OWQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Pizr9uime27A3WaRBuAXHXEF7ZNaKyit0jvNzbLhIHVA2Vdf3ijB75XymYVbswJNCguJ1Gh0UpSh6DsfM9G7tQ&token_type=bearer&session_state=abcf4796-9321-4fa3-9c9d-576ff34f05bc&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterRS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!08F9.63D2.7210.8B46",
"client_secret": "c71c6d79-4618-4d74-b290-4f5f43953a45",
"registration_access_token": "083f1a5c-adb8-4707-b996-4504adfffa99",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!08F9.63D2.7210.8B46",
"client_id_issued_at": 1530807440,
"client_secret_expires_at": 1530893840,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2108F9.63D2.7210.8B46&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiIwMzZiMzIxOC1jOTUwLTQ2ODUtOTJhZi00MTg5MWEyMmI0NmQiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiI1YjIwMjUyNS0xZWVmLTQ2NDAtODRlOS03MzhkYzRmMGE0MWIiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.JPY1tNyDEMHqPFA1gCtr_82JsTvkT4A7_dKX3ax9oqGaEMN2shDgYGObSQdyc0oKiwuYbr-VMhI0eF-5Sc0Iij8jPXakD4mOYNnxaKTaUbsF3Hdn5mhRnHkgsCcxG9kND6ADIiLgMhRjufIRWIxyQ8J0X5hSWQZA423odZdxwueCU86cD0H6Bz3uz0xZlzqO0UBKHHaU8OfKkgb14rRB9XXN4BQVtuLVHWfxqtgrQEuj-Q6MlYZVGOZyp4_xGE_PqCTYyXurjJqV5ZbZnQnRXcHMkumFl7BxaZYgnhUZ3_WV41HWpPfdzKDgEFkdiAVV0zkqaH7F_53ypKB23GwFdA&nonce=24c17775-9fea-4c8c-ac30-55f453dac9c6
12:17:41.918 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7331908e-da9d-42be-ba46-8516c62e3049
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2108F9.63D2.7210.8B46&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiIwMzZiMzIxOC1jOTUwLTQ2ODUtOTJhZi00MTg5MWEyMmI0NmQiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiI1YjIwMjUyNS0xZWVmLTQ2NDAtODRlOS03MzhkYzRmMGE0MWIiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.JPY1tNyDEMHqPFA1gCtr_82JsTvkT4A7_dKX3ax9oqGaEMN2shDgYGObSQdyc0oKiwuYbr-VMhI0eF-5Sc0Iij8jPXakD4mOYNnxaKTaUbsF3Hdn5mhRnHkgsCcxG9kND6ADIiLgMhRjufIRWIxyQ8J0X5hSWQZA423odZdxwueCU86cD0H6Bz3uz0xZlzqO0UBKHHaU8OfKkgb14rRB9XXN4BQVtuLVHWfxqtgrQEuj-Q6MlYZVGOZyp4_xGE_PqCTYyXurjJqV5ZbZnQnRXcHMkumFl7BxaZYgnhUZ3_WV41HWpPfdzKDgEFkdiAVV0zkqaH7F_53ypKB23GwFdA&nonce=24c17775-9fea-4c8c-ac30-55f453dac9c6
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=a792918c-e7c1-4156-a8bc-edc589a3366a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwOEY5LjYzRDIuNzIxMC44QjQ2IiwiZXhwIjoxNTMwODExMDQxLCJpYXQiOjE1MzA4MDc0NDEsIm5vbmNlIjoiMjRjMTc3NzUtOWZlYS00YzhjLWFjMzAtNTVmNDUzZGFjOWM2IiwiYXV0aF90aW1lIjoxNTMwODA3NDQxLCJhdF9oYXNoIjoiZ1MzNDRUaHkzMXBLS19CN3ZvQzladyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ill4NTRNeEptZXVNVTJ6TWN6cEVzaGVUMjRkQkh3ME0xM3laMUZ2S3R5dk0ifQ.WcxSRzkZIh490RFMgxiOgzK0DyD0ZaNVdEJLPhBKOPmY95rV05ZkCqStb8vUPnDtPLSzx85jewzED2-OBFr-Pm2XABxPATQczAtmUhaROi_M-7043egq4Hs_i79XiWkN831agfEsAo3FN_hREcmEX10UzRBQov6Qibm4C7LCLDAOuuR-l8xJkjFLtsN2PTuChlIfvauWTSlVpV7u9h3BYt8-9vrQ223WvtHRKloqAexccuitXt5T1Xn5hx8-tiOlMEIVAP_FlpIESu_qyFdmorOkcPhQydE_nwOThIRg6orng9YmOapisqdvSsT9k5Rre3okb0frQzws3zUMnVrCOQ&session_id=0936581a-2412-4dcc-ba91-50b636587d97&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiIwMzZiMzIxOC1jOTUwLTQ2ODUtOTJhZi00MTg5MWEyMmI0NmQiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiI1YjIwMjUyNS0xZWVmLTQ2NDAtODRlOS03MzhkYzRmMGE0MWIiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.JPY1tNyDEMHqPFA1gCtr_82JsTvkT4A7_dKX3ax9oqGaEMN2shDgYGObSQdyc0oKiwuYbr-VMhI0eF-5Sc0Iij8jPXakD4mOYNnxaKTaUbsF3Hdn5mhRnHkgsCcxG9kND6ADIiLgMhRjufIRWIxyQ8J0X5hSWQZA423odZdxwueCU86cD0H6Bz3uz0xZlzqO0UBKHHaU8OfKkgb14rRB9XXN4BQVtuLVHWfxqtgrQEuj-Q6MlYZVGOZyp4_xGE_PqCTYyXurjJqV5ZbZnQnRXcHMkumFl7BxaZYgnhUZ3_WV41HWpPfdzKDgEFkdiAVV0zkqaH7F_53ypKB23GwFdA&token_type=bearer&session_state=7331908e-da9d-42be-ba46-8516c62e3049&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterRS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0274.94BE.C81B.FB03",
"client_secret": "2100272c-ceef-44af-90a0-331a4f271d2e",
"registration_access_token": "5717d4d7-f3b1-4138-b92b-ec1458d28a5a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0274.94BE.C81B.FB03",
"client_id_issued_at": 1530807441,
"client_secret_expires_at": 1530893841,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210274.94BE.C81B.FB03&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiI1ZjM0NWMyYS01NWMxLTQzNjItYmIyMC02OTAyZjcyZTM4NTMiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJkNDk4Mzk3YS1lNTYxLTQwZWQtYTJkMS1jNjlmNzAyZTE2ZjkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Omfe0ga5tZHXQKVkOJNZeRTaF7bha_oPZvuX8KQBA84LvJAGSE_hJe1XCMjerMk9czi99ClOYlDyBB_HKE7fMh0kTaFk5mFI0Ssej4eEYcW2gwNcsCDpPyzbZp9D8LCTjWrw4EExLMkm5_B3BJdQ3oEHcIn2EdqNGF_XabTC-fIYyoq9N-nkthlymu-jpkw4XVac4RCdehOpELLgeb1adLhPVoO91Zt_-q3cnxhjHZcXRng-eaZiQV3FnEAnZMR5Sw_V63IzVs_9iAQJ1hQASwFMAbtKO9Oq4fMiPFPZEIwt2iEztlIGRgJv_CxgrXJeB2GjbWIURfHLq3S8-01oMQ&nonce=f1e2aa5b-48b3-48f8-87ac-42d1ecb0bd29
12:17:43.312 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:baab5f20-7459-4e60-9eda-87a5b66083ae
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210274.94BE.C81B.FB03&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiI1ZjM0NWMyYS01NWMxLTQzNjItYmIyMC02OTAyZjcyZTM4NTMiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJkNDk4Mzk3YS1lNTYxLTQwZWQtYTJkMS1jNjlmNzAyZTE2ZjkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Omfe0ga5tZHXQKVkOJNZeRTaF7bha_oPZvuX8KQBA84LvJAGSE_hJe1XCMjerMk9czi99ClOYlDyBB_HKE7fMh0kTaFk5mFI0Ssej4eEYcW2gwNcsCDpPyzbZp9D8LCTjWrw4EExLMkm5_B3BJdQ3oEHcIn2EdqNGF_XabTC-fIYyoq9N-nkthlymu-jpkw4XVac4RCdehOpELLgeb1adLhPVoO91Zt_-q3cnxhjHZcXRng-eaZiQV3FnEAnZMR5Sw_V63IzVs_9iAQJ1hQASwFMAbtKO9Oq4fMiPFPZEIwt2iEztlIGRgJv_CxgrXJeB2GjbWIURfHLq3S8-01oMQ&nonce=f1e2aa5b-48b3-48f8-87ac-42d1ecb0bd29
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=e821f237-f5a4-483e-9ba1-056b9f406d7a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwMjc0Ljk0QkUuQzgxQi5GQjAzIiwiZXhwIjoxNTMwODExMDQzLCJpYXQiOjE1MzA4MDc0NDMsIm5vbmNlIjoiZjFlMmFhNWItNDhiMy00OGY4LTg3YWMtNDJkMWVjYjBiZDI5IiwiYXV0aF90aW1lIjoxNTMwODA3NDQzLCJhdF9oYXNoIjoiSW00SG51Wk1MNTVzX0stZkc2R1NyQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkVqMUJlUzJNRnFnMDIteDVKSnFaNEFZeTRxNTVUNC1EcjJSNHlLT2s3WjAifQ.h-TJYvNMLMLWwloEaWh3HBbtJs0_ao3giYIZ9v0QxdGf3IVb1ba_OuzKpYF9PcAtdwcBSo6KtT_5U3R62UOxGe2lX68diukjqgfnRA8ez0yTX3AbgaPp-hHHGgufuwg5yS5QIartdvbhqvAI8svxLQZsVPrssHl2RlcAngFyzJdXCjwzhN6wur7N_jrlwsnK8jGTbsNfhxxipOzK0YgrqvERKHKvslGDgb4cfhk45R8hSYsMix7eMWJWj-y9UFWxhoZsYvHs7smK4WZ1tEN-giBQ2Ha75Ag3g0Q26-dLmcTdiIWE5wo0xEoImCsoIghscxqmX01F4vLDzzbvgQHSMg&session_id=ec69d893-b2c7-446e-af14-4fa2847e3640&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiI1ZjM0NWMyYS01NWMxLTQzNjItYmIyMC02OTAyZjcyZTM4NTMiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJkNDk4Mzk3YS1lNTYxLTQwZWQtYTJkMS1jNjlmNzAyZTE2ZjkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Omfe0ga5tZHXQKVkOJNZeRTaF7bha_oPZvuX8KQBA84LvJAGSE_hJe1XCMjerMk9czi99ClOYlDyBB_HKE7fMh0kTaFk5mFI0Ssej4eEYcW2gwNcsCDpPyzbZp9D8LCTjWrw4EExLMkm5_B3BJdQ3oEHcIn2EdqNGF_XabTC-fIYyoq9N-nkthlymu-jpkw4XVac4RCdehOpELLgeb1adLhPVoO91Zt_-q3cnxhjHZcXRng-eaZiQV3FnEAnZMR5Sw_V63IzVs_9iAQJ1hQASwFMAbtKO9Oq4fMiPFPZEIwt2iEztlIGRgJv_CxgrXJeB2GjbWIURfHLq3S8-01oMQ&token_type=bearer&session_state=baab5f20-7459-4e60-9eda-87a5b66083ae&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterRS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6440.F95A.DBB4.62A2",
"client_secret": "a962b080-046c-45dc-aa8f-6ddda7ca13b1",
"registration_access_token": "39c1f9fa-1edb-4e77-b23a-6adfb3191ede",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6440.F95A.DBB4.62A2",
"client_id_issued_at": 1530807443,
"client_secret_expires_at": 1530893843,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216440.F95A.DBB4.62A2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiJiZTQ2ZTVmMC1iNTdjLTRhNzctYTRkZi1jODI5NWFjOTg4NjUiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiJhNjk4ZWI5NC0zODU5LTQyNDAtOWMxMy1iOTQ1NWY2YWZhMWYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MHb4WOaGzLrpF_7u8SgT6xWTI7neQrg8V6AV4hvwxe6JXcF6jLz1_tK6D7M6qMeP7BlI31PEuAKLYZ4XQGe2vNWbx5ki7BOM16l9JTQUzivyOi93L5t5G3ibD6xUi7vpYxKCLLIdsTIHMWmeu4o5KomRCuMzHRgQjmIKfi446nvymWWC27ZA1tonCLrjWXVSLZshGr_f95Fvu6pR_2XPMyo5eiHuyNJaWEJOt3Tu8PpF46w35FDB6p72gsViYTx32UDNyWRZNlNjw-8sGc1rKgsDRTmQtFUkioKRgzKyHDrdwihPMfCySNIJQ4g1bsReR3qlvOHOGsJXzGsjoB3XPQ&nonce=00fbbf69-fe89-4911-9e99-9cdd2292c8fe
12:17:44.824 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:119f5a75-c523-4d79-9b03-73b74ecc04ab
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216440.F95A.DBB4.62A2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiJiZTQ2ZTVmMC1iNTdjLTRhNzctYTRkZi1jODI5NWFjOTg4NjUiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiJhNjk4ZWI5NC0zODU5LTQyNDAtOWMxMy1iOTQ1NWY2YWZhMWYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MHb4WOaGzLrpF_7u8SgT6xWTI7neQrg8V6AV4hvwxe6JXcF6jLz1_tK6D7M6qMeP7BlI31PEuAKLYZ4XQGe2vNWbx5ki7BOM16l9JTQUzivyOi93L5t5G3ibD6xUi7vpYxKCLLIdsTIHMWmeu4o5KomRCuMzHRgQjmIKfi446nvymWWC27ZA1tonCLrjWXVSLZshGr_f95Fvu6pR_2XPMyo5eiHuyNJaWEJOt3Tu8PpF46w35FDB6p72gsViYTx32UDNyWRZNlNjw-8sGc1rKgsDRTmQtFUkioKRgzKyHDrdwihPMfCySNIJQ4g1bsReR3qlvOHOGsJXzGsjoB3XPQ&nonce=00fbbf69-fe89-4911-9e99-9cdd2292c8fe
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=c876ca7f-50fa-4b2f-8b50-10eda1eb4ce6&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2NDQwLkY5NUEuREJCNC42MkEyIiwiZXhwIjoxNTMwODExMDQ0LCJpYXQiOjE1MzA4MDc0NDQsIm5vbmNlIjoiMDBmYmJmNjktZmU4OS00OTExLTllOTktOWNkZDIyOTJjOGZlIiwiYXV0aF90aW1lIjoxNTMwODA3NDQ0LCJhdF9oYXNoIjoiR2V5ampJZFhWZ213ZHN0QWZJN1QtUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InJ2SnphWXRPaDhpZzluclZLSGt3NlNMNnpfX0JULUxmb1dYSllGRFVMalEifQ.gWLnhBz19wJ5IBAic4O48yJ9q9aIayozB_xXgP0xfpfvpSXh-34K2MOTD27zno-5QXVzXulZ38_ckoSEnTYZMyUxGF9oT6PwF4usVFh4KDXJhJ96w-gaQ1JgUZzW_bUaaVgxIWXYx6aoOt9CJe6G5PAJdSKJRQglsJn45L8Y-GjVYwu0pejvkC72tmKx5xUWPB0DwyzzG40XU00T4sntt5j1oKxVT0tgYguwJlUivf5b1HaocaioW-e_dC2LgWCg5yCbjaBI4IfN_EreoFrF6RB6bilJlVqBQZlCYFk7sH9lk3JOQAIit2sRPX96m1fdN3REhOW3l0yTVmzonjw2Qw&session_id=4e82801f-a34d-4475-b5bf-47735124a716&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiJiZTQ2ZTVmMC1iNTdjLTRhNzctYTRkZi1jODI5NWFjOTg4NjUiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiJhNjk4ZWI5NC0zODU5LTQyNDAtOWMxMy1iOTQ1NWY2YWZhMWYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MHb4WOaGzLrpF_7u8SgT6xWTI7neQrg8V6AV4hvwxe6JXcF6jLz1_tK6D7M6qMeP7BlI31PEuAKLYZ4XQGe2vNWbx5ki7BOM16l9JTQUzivyOi93L5t5G3ibD6xUi7vpYxKCLLIdsTIHMWmeu4o5KomRCuMzHRgQjmIKfi446nvymWWC27ZA1tonCLrjWXVSLZshGr_f95Fvu6pR_2XPMyo5eiHuyNJaWEJOt3Tu8PpF46w35FDB6p72gsViYTx32UDNyWRZNlNjw-8sGc1rKgsDRTmQtFUkioKRgzKyHDrdwihPMfCySNIJQ4g1bsReR3qlvOHOGsJXzGsjoB3XPQ&token_type=bearer&session_state=119f5a75-c523-4d79-9b03-73b74ecc04ab&expires_in=299
#######################################################
TEST: jwtStateAlgA128KWEncA128GCMTest
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.H1gkYJO-gHl8ZgYYA0gDWbHdOSZAk7u2.EUjrcro3HT9l7dal.zMQLlMLTVPO3XjDoMxMfo9vJ-sin60uJyn-6AEz6b5FjhvlMCoxbsuP36lHt4itH6yW8pAVw2M-3v-G4DQXkUsq5zgkm_CHAUAUPgJxAxPnMlbgWx-1h2c7wBe0sduvN1NMW16g_5kAkLj8BqA9tnEbhVDSawcGFyIMLJPnIobL5xGPIYjCXhQ2C2h3xCD327xVTlfhcJmx_zNql5GwwJhOrRliVEZqeXa3auFJ1wIiAN0uOcGyq-lA5UzoHqpXbfBYguWjnMjhLmSUJJ5ro--PCMviAfymy-d0Hbuyi9dXWAV3xWnTqUoUMI3Iy98VUuQIqs9U_VA.7EM2n6gOhAUoK4al6fXwvQ
#######################################################
TEST: jwtStateAlgA256KWEncA256GCMTest
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.LEKaVW7BDCqlAs6nUKDYJWIKaDSSZqwHrZ5S4cnMuR3Xl8kAPTHTOA.cVMNrcSkaHcYVyIL.WLEOMg-13oBWd8rx-WysmzH6rl1JcpM8mt2tZAUbKPWVxwMU8cWPTK1rVTuQzPVO4plgwoZNNzex2sRhsulNvWo3OlhktgsTztK52iPF7Rhwy5We3j9586xPjY4KZtn-srWsYBu2r_iOFvZsHWBb5cVKa066QTFMJ5EGfWP08QLJ8OqQKF8Emo457obZdcWEQSMB74OwbZ7xp_TRMXbjCc-WM3pOIhnsc49ZC-S2Pl8IduX5UU3Gs3iXhW7kAKaSC0MQ709sHh2uTGLyVHen1Gw7ddUyHhRGTIKOT9D_9aBbzHzEK31obHgjAXafQu26dXQsEt8gEA.qix850wEhDskWVDsx62GDw
#######################################################
TEST: jwtStateAlgRSA15EncA128CBCPLUSHS256Test
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.SGiyVRI451va9fQZnWeHqf8V_Z7iWn5oIQfZkVu0RigmIFTZ95OUgvjTAoGL-_YvKepwgOn66B3BE7IjzjHCOdnYJXcixC0dVvEGHUwgTjxME6rvs1mtnsW-D08WWUO0r2jMQLZmq36Nx9zZS2PsLi43NZrJ4pM2QGWVjMstUEIrj6Ynfyt_KtBcaZQRWkXnbzXMm1vx6sM7Jwf6GeI_VeIWH0Tm_fFBrK6CGhY7bpF2eI7uLcPhOcn9XFDIKzi98JHvZTO6Kcakq1nyRN_Qrg60UFyP6S4f_z2s_GIDetzHyil7B_zUsCUwTrn7YmXe9AtXk66rMiqFfFFqdGIwOQ.rRFj_xgdbJ_9SYRr4N5CTw.wFq6XZKyQuWkyrHdFg2Jcu_Ze0KJvsJYRd69rOtP-dOiZhm5WcPDR9aYjmfiMWIboak5ZUsQGMTww536MXmIwzUlb9FK7TWUcV25v044uKHPiKMR-WwUa1RP4jt2P4mMxD6TQ4k_8tS11wpGNflsBeytBUUvwEUcBgX8ORsN8oenZXkEKyh2O2jsPClznlU5Weotan8wTDr4YEEYJkvIbnXiDIJOvqHIKKOjAc2NM192KaLBK_H2HZ-gIE9FNqSIYfHZMbKc2PnbT-keeiG-IjbKLvvGJlfXUg2MkfiOQXtxkueZnSwL157tjay2fKUEAapwmUDaJPmU8Ag4jiO-QWUr-bEWnFvZZ6n-Aa5o2f_w5neaOiAa_e0k5d0xx7i1nqDt5OCzwbezoQJzkrFCQXp_5Yd2B-6nBZ31fwAzDx4.rzg4wdepCs5tFMlxLLJ5Xg3c2NNhPqky_aKPygE1QXM
#######################################################
TEST: jwtStateAlgRSA15EncA256CBCPLUSHS512Test
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.lj7DI5U2CS9-PfdFmNJdHrYEV980fXOOThOvbhmMx_CJNs7ztUEZYhxut0u6ROEiGF7OpIsmDt08iXgtHO6oh2b0LYdugnOuA3FLOgCvNcYXqfHplo4uzvVW3z6i4VLVo9gwu0SPU6QxxrdsHYS-7yWPi86gDYnCQMZk1MGDY8nv-7bTEUQiIL_ld7DVy0gBRBUxGBSjyL30RHmEvLbteo92jdR7RSaU2Sk11y8DsOmoFdZy5LOP7z_CSZpYYSg8AQNKjZ0CMzTW5BSUpHkq7nnDSCwbh9-zQKO1FqUvHXpYFQ_z-m1deSqJ0sRn2vDFjJsN5u4F61xSkPpnQeYKDQ.xAskDqzmm_ppXawhVyFiuQ.ge0NBV_-bz5dJGhcXKX_uW2ODEbRKmCH1X7-yfFluLJZ8IE4SPt8rU9BWHMTMeclloqeETFxaAmMzH7-zUkQr5kTN83rpHfDZLtIjZtqAw9cGGEWRflW7Ogmi8mCRMHy1sOTJGBAUpRSvKVm_Maaepb0L_ngVeLSkPuOQLM1XB1SOcpypiXJQHBgJtGwyV8g1vHAgesiOOqefB1KOvVeptTbO1kuKRI8oRaHbThDEQJNLWZhx-SYzKVNZboiv8HCP7OJvYJoiEH_qMXnK7jn3POEPTnuuApwxgdtiPfbDv3BWYZaZkwxbOoPrkoQbPqcYaD6aRjrZElxxjryLI-0m7SZgl87NUfugFypi4ngvjxQGBG-NGQTrm527Y_W07UYoKkWAzWPptKikYXtB7CodKb9HdQnWTKj8xOkJA9MYTI.LmTUXTCEtGdiCB16eJLhqppmAWfiYW75rN200pP60urP0DGYbVqR4Xq9FJ2QVAqDIl46QG41V4YnaGwLUGznBg
#######################################################
TEST: jwtStateAlgRSAOAEPEncA256GCMTest
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.M6y9gnD-k5tLKLZpYT2us2H8BcNaVfhinDUsFQiHVoU0KT_xmhCppgWkRYVoFHpRNxpSqHO4FP0vp6fD4SbeZoxEeIqRJwwH3Z8V6557HTSkK4lgXG3V4-qcQX1t41172cdhULOKOG0YOf_xhYxl7ZWPS21y6KCb5KkPXbSSFBeen3NqQaVw9l4RhHwK0VqsNmxRLHlRLg-LBFsp7DHjRN2Ah_9KL8rbnC40a1B7JFNdquhci0dIF6Skowi4NJmqy8qRVOe-8WVocs0gwhgKwl18E4pLOPcGa_iruoGswaYCLGrCUJ-UU2H58TFran5kDIAgk8JrbctdJwwP4DOBlQ.SYx-hDj6MV4u3IfF.aiLFTgCCtbItdev7fMKmUu8Z7tOXnsEg5cJfMxDhj6vJuTCMV9LH3lin-5tV1x5gna6B0EUO3ts26RbFkhYQNCMiT2vytSEBHrpYGEga1ztvNtJMNTDDTjsKbav5od-LDgrr3cbtWzsU_alw9Bb0_mCMNdNniHb2sTQLrZWivIERpFHO4uLXAZyrddls5zesvAZgWjfRJptYApDkk_BgAQ4lYmQuFqwybPW2CvSfucRmJUPAEnAeQRXff_XNhwG2l6Oqz5K__PeX9FOBQahvDDcjnYY0sMiojNSydWtDp490t2PaEv47lxOnYyFwFlzSgbzOdJkRu15E2T_JKP0umKTuCWrdOEaRtDQhXt1EwOuFm9eace9VQ-Jb93V_kaTTwMeWiH6jAVke-3Vd8KGCg8NfNA.jbPJjPxHdO_7AlUKH2b4Xw
#######################################################
TEST: jwtStateES256Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiIzNTYyOTAzMS1kMjU0LTQyMzctOWQzNS01M2RmZDMwNDkwOGIiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiJkZjUyMDZiZS1mYjExLTQ0YzgtOGE3OC00YTRkNzkyMGQyYzQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEUCIQCwLB9PtnoBYyy0DzEApVv2xJMEw9tTkSbJVLChROl9_gIgLL_1NGyokoM5iWiCzN7qMWgz3ygR-JfiBRVIwew26OI
#######################################################
TEST: jwtStateES384Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiI4OGM3MmJiMy05NTgyLTRkMmYtYjM5YS05YWU1YmE1NTY4ZjciLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiJmYTg4NmE1OC0zMWFlLTQ5Y2ItODUyNC1lMWQ2NzkxMTg0ZjYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGYCMQDx5tJjY6_GvxRiRsBcTMetmd0bU_CjW8_BEM-MZc4fAa7s9xVVWtLXaf7J9OXjLy0CMQD5Ach0BfAJhFFc3OhXbfktE8RI6Y8PEw19wxS2DG7TTvn-BXNJeVqaTz-wn18zftM
#######################################################
TEST: jwtStateES512Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiIzNjBhNTE4MC1iMmQ2LTQ1YzktYTU3NS01OGI2MTNiNDIwYzgiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiJiZjc0OTc2My1jNjQyLTRjNzQtOTBhMS02YTE1ZTgxODZhMjUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGIAkIA-lB7XgBN9jv1YPANd2td6O67xVZJsiw6yywgmm0pLxLZnrARi_UVzZ0I8iWJAZoV0Yz-rzKuAf05n10l1kUBn64CQgGzFdE7LxmmZXGBlBvLAeyQArU685qpWjlIFDe6sz26SbQZIdOMEolUpXyN_ohNoVADvpGWiPfP4ldp5UBiipAdWg
#######################################################
TEST: jwtStateHS256Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiI3ZGJjZjI3OS1hMGZhLTQyYjgtODY3OS1lZTg4ODRhNDYyY2MiLCJqdGkiOiI4Njc4NGY4OC04YWQ3LTQ5NjMtYjY2MC05MjZmODg4MjFhYWUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.pj5b_GDVWcFIPqo0ES-NEA7ayNmSMqdJKV3vbaMkX70
#######################################################
TEST: jwtStateHS384Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiIyMzliZTFlNy1iZGRhLTQwODQtODUxYS00YmMwY2JkNTgyODUiLCJqdGkiOiJmOTQzZTEyNy1hNDY0LTQ4ZGQtODBhZC1iNWJmNmNlZWE1ZDUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.tKpbL8_xjx4zLmITmuiBCLJuS1_SNMfRS8RC5dJysux_nPnt31wrBvThVTNB-5zX
#######################################################
TEST: jwtStateHS512Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiIyZWY3ZmU4ZC1hYTE3LTQ3YjQtYjMxNy0zZjY1MjM2ZWQzN2EiLCJqdGkiOiIwYjA5OTQwYS01YzdmLTQ5NGQtYjIzYy1hNjQ5MTY5ZjFiNDEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.OBPilIVadBwFCJf2OoR6ypvah_KxHVv-0oN2jjh-1DIjsrDLFHCYFBPGEp130glt93F4FfJiy4zB92U5NbePRQ
#######################################################
TEST: jwtStateNONETest
#######################################################
Encoded State: eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJyZnAiOiI2NWUyNzYyZC1jMDMxLTQ2MzAtOTk0Yy1iMzIwNWJjZmI4YWEiLCJqdGkiOiI0NzRjODk3Yy03ZGIzLTRiZDgtYjNhNi01ZjFkNjhhOTBlZTAiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.
#######################################################
TEST: jwtStateRS256Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiJiNTEyNDczOS05NmYwLTQxY2YtOTVkMi1jODNmNjg5NGQ1NGMiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiI2Njk2ZDMzOC05MDVmLTQ4OWUtYmRjYS05NmNlYzg1ZTJiMjkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.TyFY3VCWGZNyXlLnGUapTDWLvB2H4aN12G3F5689HwgRzjxNEiQLQXiF_pLbGA9gLwTVfvj-ZqSnXgwcnoLL7O0ueFGzJlHjLA_XYqd-SBYE-FAYYL1mxxjLWeQk1cbfd-U4K5mzpp6Kc3p9mgdULz-PNHjfp_4Pbp4VGtwspXSL_XZHBPfaShuUPh8uxj5dnKjt0ronjk2CckQ-S1JGgvRKpOjC6ygcwJig9rPSc9uJud4G_fNdZTypzmTTPIhQKpbcsYUAtQq8tgpI3Qljx_puv42w1ALOHRdltt-eWEocbPbIurZ6cxmbvEOrai7faey-MuNcadbsR89dcj-ObA
#######################################################
TEST: jwtStateRS384Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiI0ZDY5NjNlMS0yMjg0LTQ2NWUtOGYzYy05MDMzZmQyZGQ1YzEiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJjMzVkYmE1MC00NWY1LTRhOWItYjk3Yy1kNjFjYTFlZTE2YTEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.X7al-h47ICwSGWasElLdVKbfRPmMnKEZnWPySNp6_ESMHgpleMcZHdic0tpNCKA1uCkIJfG-ougOmATPGq1cW8sgtLHC0N8Bbp4EFq6ubhm0tCVXJ8_4C90-Tle0S19VCTdVM2zu7BywSdtW-SRIXctlNdltp-CH6mI7AGzf3hyIFA-Pp60XTSMCZ66rqk5_-LyPdxJLly7HHxx7OjwASHo3UtNfg8BmguZWwLOBJfE6Y-Cl4IRkiCs7Po2ACqXbhahDJLM4xVYzLplBgNwcacInkrTD_4EX0lYwLgBIYPD5c9xkQN0pIHcUKQAl_ezQAtWpa_zHckDXIGve0LM4nQ
#######################################################
TEST: jwtStateRS512Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiJiMGI0ZDkwOC0wNDM2LTRkYzEtODY4Yi02ZTBiYjk4YWJlNWEiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiI1MTgxYjMwYS02MTM1LTRlY2ItODAwYS0zZjVkNjViOTNiYWQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.FEVZ6QLzqd5-RYY6sZcjkFeh8adZ21eW6zmuek1SzeT0ix2yMeLAmDvPRMgtsJbIfwp9owx3CCHQHqYTJtx3hXnxZRwzgMi5qM1APGaUwJORPjQin5EYiFhW9RCPUcBNqIaY2pY38B3IPnuhVvFWh8sAzBc4WX1gPOANkXB_DR1txPRpL5EHtJaZFSltHoLlGEuJ_cotCyx1fTRcPxNm9oGhk9mViVEMMJkX2oW_sItQnktHYjzexx2DuDVBRky4xmmIhyjDn0lkZt2CQEXiEH8lWU8XpTOxmUp1X_Z_ZmRuQF3298HdnQR5D4-Z93kkhm7nsPU_DO2oNv1d4AZ3Fg
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 16:17:25 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:25 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestEndSession by id_token
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"]
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1488
Content-Type: application/json
Date: Thu, 05 Jul 2018 16:17:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2DD4.7AB7.A302.FE58",
"client_secret": "91a4eb9f-1793-4ea1-b996-d17ddfdeaa32",
"registration_access_token": "af9be61b-4317-49ea-82d8-be62f4bad869",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2DD4.7AB7.A302.FE58",
"client_id_issued_at": 1530807445,
"client_secret_expires_at": 1530893845,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212DD4.7AB7.A302.FE58&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=14487468-a23f-4751-b92c-c851069bf163&nonce=c65b0f75-7fdb-43ce-b98f-f6e800d68494
12:17:46.799 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4fee1a82-491c-4f16-b798-651f40507ecb
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212DD4.7AB7.A302.FE58&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=14487468-a23f-4751-b92c-c851069bf163&nonce=c65b0f75-7fdb-43ce-b98f-f6e800d68494
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5c7df3e8-1215-4f04-ac60-a7b2262093da&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyREQ0LjdBQjcuQTMwMi5GRTU4IiwiZXhwIjoxNTMwODExMDQ2LCJpYXQiOjE1MzA4MDc0NDYsIm5vbmNlIjoiYzY1YjBmNzUtN2ZkYi00M2NlLWI5OGYtZjZlODAwZDY4NDk0IiwiYXV0aF90aW1lIjoxNTMwODA3NDQ2LCJhdF9oYXNoIjoidHVmdXRjcmVYZk9fdXd1cTd3aXo4QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik9yeFUwTjZfeFZCWkcySXNTZTIydEVNSW9jYmpmYmZIQ1pmbktkUk0xeW8ifQ.cQWIbv_bXjbX22bQ3oQh7RLROJHKWPnqnsVuKVYcEYznEy7gyuhNBOJ4YUrDcqyqyScQY4ddt4QeuSXvPVF0xzpN98-fyuk7I56Hyak8ljeAmtxfS0TngC7SvCmQgAw3-sh9nfpxZKGJ3PQKqWD-tI7JdhCIXgSjNhyKncmIYW6_ZSYcZzxK1b-BuY7KAwrxzzr3f1wNOFNIR79bGrFrc9d94dzcd3r5BSkO8gR8pVLviFiafAkCAMzIEslIJcvdYZfSwSxZ8MTewDtbwS-DHPUeeAe7_T0w07MESoBPgkDB2GGQlH-Yd5SREu2ZazkA9fS6NzAngqyDg_RcYqU5AQ&session_id=7bc61ffd-f16a-452e-9c06-002fc01451a1&state=14487468-a23f-4751-b92c-c851069bf163&token_type=bearer&session_state=4fee1a82-491c-4f16-b798-651f40507ecb&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/end_session?id_token_hint=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyREQ0LjdBQjcuQTMwMi5GRTU4IiwiZXhwIjoxNTMwODExMDQ2LCJpYXQiOjE1MzA4MDc0NDYsIm5vbmNlIjoiYzY1YjBmNzUtN2ZkYi00M2NlLWI5OGYtZjZlODAwZDY4NDk0IiwiYXV0aF90aW1lIjoxNTMwODA3NDQ2LCJhdF9oYXNoIjoidHVmdXRjcmVYZk9fdXd1cTd3aXo4QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik9yeFUwTjZfeFZCWkcySXNTZTIydEVNSW9jYmpmYmZIQ1pmbktkUk0xeW8ifQ.cQWIbv_bXjbX22bQ3oQh7RLROJHKWPnqnsVuKVYcEYznEy7gyuhNBOJ4YUrDcqyqyScQY4ddt4QeuSXvPVF0xzpN98-fyuk7I56Hyak8ljeAmtxfS0TngC7SvCmQgAw3-sh9nfpxZKGJ3PQKqWD-tI7JdhCIXgSjNhyKncmIYW6_ZSYcZzxK1b-BuY7KAwrxzzr3f1wNOFNIR79bGrFrc9d94dzcd3r5BSkO8gR8pVLviFiafAkCAMzIEslIJcvdYZfSwSxZ8MTewDtbwS-DHPUeeAe7_T0w07MESoBPgkDB2GGQlH-Yd5SREu2ZazkA9fS6NzAngqyDg_RcYqU5AQ&post_logout_redirect_uri=https%3A%2F%2Fclient.example.com%2Fpl&state=99a07404-6619-4025-800a-a985de119260&session_id=7bc61ffd-f16a-452e-9c06-002fc01451a1 HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-transform, no-store
Connection: Keep-Alive
Content-Length: 343
Content-Type: text/html
Date: Thu, 05 Jul 2018 16:17:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Set-Cookie: session_id=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Gluu Generated logout pageLogout requests sent.
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/end_session?id_token_hint=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyREQ0LjdBQjcuQTMwMi5GRTU4IiwiZXhwIjoxNTMwODExMDQ2LCJpYXQiOjE1MzA4MDc0NDYsIm5vbmNlIjoiYzY1YjBmNzUtN2ZkYi00M2NlLWI5OGYtZjZlODAwZDY4NDk0IiwiYXV0aF90aW1lIjoxNTMwODA3NDQ2LCJhdF9oYXNoIjoidHVmdXRjcmVYZk9fdXd1cTd3aXo4QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik9yeFUwTjZfeFZCWkcySXNTZTIydEVNSW9jYmpmYmZIQ1pmbktkUk0xeW8ifQ.cQWIbv_bXjbX22bQ3oQh7RLROJHKWPnqnsVuKVYcEYznEy7gyuhNBOJ4YUrDcqyqyScQY4ddt4QeuSXvPVF0xzpN98-fyuk7I56Hyak8ljeAmtxfS0TngC7SvCmQgAw3-sh9nfpxZKGJ3PQKqWD-tI7JdhCIXgSjNhyKncmIYW6_ZSYcZzxK1b-BuY7KAwrxzzr3f1wNOFNIR79bGrFrc9d94dzcd3r5BSkO8gR8pVLviFiafAkCAMzIEslIJcvdYZfSwSxZ8MTewDtbwS-D